2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "smbd/globals.h"
30 extern enum protocol_types Protocol;
32 /****************************************************************************
33 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
34 path or anything including wildcards.
35 We're assuming here that '/' is not the second byte in any multibyte char
36 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
38 ****************************************************************************/
40 /* Custom version for processing POSIX paths. */
41 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
43 static NTSTATUS check_path_syntax_internal(char *path,
45 bool *p_last_component_contains_wcard)
49 NTSTATUS ret = NT_STATUS_OK;
50 bool start_of_name_component = True;
51 bool stream_started = false;
53 *p_last_component_contains_wcard = False;
60 return NT_STATUS_OBJECT_NAME_INVALID;
63 return NT_STATUS_OBJECT_NAME_INVALID;
65 if (strchr_m(&s[1], ':')) {
66 return NT_STATUS_OBJECT_NAME_INVALID;
68 if (StrCaseCmp(s, ":$DATA") != 0) {
69 return NT_STATUS_INVALID_PARAMETER;
75 if (!stream_started && *s == ':') {
76 if (*p_last_component_contains_wcard) {
77 return NT_STATUS_OBJECT_NAME_INVALID;
79 /* stream names allow more characters than file names */
80 stream_started = true;
81 start_of_name_component = false;
85 return NT_STATUS_OBJECT_NAME_INVALID;
89 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
91 * Safe to assume is not the second part of a mb char
92 * as this is handled below.
94 /* Eat multiple '/' or '\\' */
95 while (IS_PATH_SEP(*s,posix_path)) {
98 if ((d != path) && (*s != '\0')) {
99 /* We only care about non-leading or trailing '/' or '\\' */
103 start_of_name_component = True;
105 *p_last_component_contains_wcard = False;
109 if (start_of_name_component) {
110 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
111 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
114 * No mb char starts with '.' so we're safe checking the directory separator here.
117 /* If we just added a '/' - delete it */
118 if ((d > path) && (*(d-1) == '/')) {
123 /* Are we at the start ? Can't go back further if so. */
125 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
128 /* Go back one level... */
129 /* We know this is safe as '/' cannot be part of a mb sequence. */
130 /* NOTE - if this assumption is invalid we are not in good shape... */
131 /* Decrement d first as d points to the *next* char to write into. */
132 for (d--; d > path; d--) {
136 s += 2; /* Else go past the .. */
137 /* We're still at the start of a name component, just the previous one. */
140 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
152 if (*s <= 0x1f || *s == '|') {
153 return NT_STATUS_OBJECT_NAME_INVALID;
161 *p_last_component_contains_wcard = True;
170 /* Get the size of the next MB character. */
171 next_codepoint(s,&siz);
189 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
191 return NT_STATUS_INVALID_PARAMETER;
194 start_of_name_component = False;
202 /****************************************************************************
203 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
204 No wildcards allowed.
205 ****************************************************************************/
207 NTSTATUS check_path_syntax(char *path)
210 return check_path_syntax_internal(path, False, &ignore);
213 /****************************************************************************
214 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
215 Wildcards allowed - p_contains_wcard returns true if the last component contained
217 ****************************************************************************/
219 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
221 return check_path_syntax_internal(path, False, p_contains_wcard);
224 /****************************************************************************
225 Check the path for a POSIX client.
226 We're assuming here that '/' is not the second byte in any multibyte char
227 set (a safe assumption).
228 ****************************************************************************/
230 NTSTATUS check_path_syntax_posix(char *path)
233 return check_path_syntax_internal(path, True, &ignore);
236 /****************************************************************************
237 Pull a string and check the path allowing a wilcard - provide for error return.
238 ****************************************************************************/
240 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
241 const char *base_ptr,
248 bool *contains_wcard)
254 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
258 *err = NT_STATUS_INVALID_PARAMETER;
262 *contains_wcard = False;
264 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
266 * For a DFS path the function parse_dfs_path()
267 * will do the path processing, just make a copy.
273 if (lp_posix_pathnames()) {
274 *err = check_path_syntax_posix(*pp_dest);
276 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
282 /****************************************************************************
283 Pull a string and check the path - provide for error return.
284 ****************************************************************************/
286 size_t srvstr_get_path(TALLOC_CTX *ctx,
287 const char *base_ptr,
296 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
297 src_len, flags, err, &ignore);
300 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
301 char **pp_dest, const char *src, int flags,
302 NTSTATUS *err, bool *contains_wcard)
304 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
305 pp_dest, src, smbreq_bufrem(req, src),
306 flags, err, contains_wcard);
309 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
310 char **pp_dest, const char *src, int flags,
314 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
315 flags, err, &ignore);
318 /****************************************************************************
319 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
320 ****************************************************************************/
322 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
325 if (!(fsp) || !(conn)) {
326 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
329 if (((conn) != (fsp)->conn) || req->vuid != (fsp)->vuid) {
330 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
336 /****************************************************************************
337 Check if we have a correct fsp pointing to a file.
338 ****************************************************************************/
340 bool check_fsp(connection_struct *conn, struct smb_request *req,
343 if (!check_fsp_open(conn, req, fsp)) {
346 if ((fsp)->is_directory) {
347 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
350 if ((fsp)->fh->fd == -1) {
351 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
354 (fsp)->num_smb_operations++;
358 /****************************************************************************
359 Check if we have a correct fsp pointing to a quota fake file. Replacement for
360 the CHECK_NTQUOTA_HANDLE_OK macro.
361 ****************************************************************************/
363 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
366 if (!check_fsp_open(conn, req, fsp)) {
370 if (fsp->is_directory) {
374 if (fsp->fake_file_handle == NULL) {
378 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
382 if (fsp->fake_file_handle->private_data == NULL) {
389 /****************************************************************************
390 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
391 ****************************************************************************/
393 bool fsp_belongs_conn(connection_struct *conn, struct smb_request *req,
396 if ((fsp) && (conn) && ((conn)==(fsp)->conn)
397 && (req->vuid == (fsp)->vuid)) {
401 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
405 /****************************************************************************
406 Reply to a (netbios-level) special message.
407 ****************************************************************************/
409 void reply_special(char *inbuf)
411 int msg_type = CVAL(inbuf,0);
412 int msg_flags = CVAL(inbuf,1);
417 * We only really use 4 bytes of the outbuf, but for the smb_setlen
418 * calculation & friends (srv_send_smb uses that) we need the full smb
421 char outbuf[smb_size];
425 memset(outbuf, '\0', sizeof(outbuf));
427 smb_setlen(outbuf,0);
430 case 0x81: /* session request */
432 if (already_got_session) {
433 exit_server_cleanly("multiple session request not permitted");
436 SCVAL(outbuf,0,0x82);
438 if (name_len(inbuf+4) > 50 ||
439 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
440 DEBUG(0,("Invalid name length in session request\n"));
443 name_extract(inbuf,4,name1);
444 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
445 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
448 set_local_machine_name(name1, True);
449 set_remote_machine_name(name2, True);
451 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
452 get_local_machine_name(), get_remote_machine_name(),
455 if (name_type == 'R') {
456 /* We are being asked for a pathworks session ---
458 SCVAL(outbuf, 0,0x83);
462 /* only add the client's machine name to the list
463 of possibly valid usernames if we are operating
464 in share mode security */
465 if (lp_security() == SEC_SHARE) {
466 add_session_user(get_remote_machine_name());
469 reload_services(True);
472 already_got_session = True;
475 case 0x89: /* session keepalive request
476 (some old clients produce this?) */
477 SCVAL(outbuf,0,SMBkeepalive);
481 case 0x82: /* positive session response */
482 case 0x83: /* negative session response */
483 case 0x84: /* retarget session response */
484 DEBUG(0,("Unexpected session response\n"));
487 case SMBkeepalive: /* session keepalive */
492 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
493 msg_type, msg_flags));
495 srv_send_smb(smbd_server_fd(), outbuf, false);
499 /****************************************************************************
501 conn POINTER CAN BE NULL HERE !
502 ****************************************************************************/
504 void reply_tcon(struct smb_request *req)
506 connection_struct *conn = req->conn;
508 char *service_buf = NULL;
509 char *password = NULL;
514 DATA_BLOB password_blob;
515 TALLOC_CTX *ctx = talloc_tos();
517 START_PROFILE(SMBtcon);
519 if (req->buflen < 4) {
520 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
521 END_PROFILE(SMBtcon);
525 p = (const char *)req->buf + 1;
526 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
528 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
530 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
533 if (service_buf == NULL || password == NULL || dev == NULL) {
534 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
535 END_PROFILE(SMBtcon);
538 p = strrchr_m(service_buf,'\\');
542 service = service_buf;
545 password_blob = data_blob(password, pwlen+1);
547 conn = make_connection(service,password_blob,dev,req->vuid,&nt_status);
550 data_blob_clear_free(&password_blob);
553 reply_nterror(req, nt_status);
554 END_PROFILE(SMBtcon);
558 reply_outbuf(req, 2, 0);
559 SSVAL(req->outbuf,smb_vwv0,max_recv);
560 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
561 SSVAL(req->outbuf,smb_tid,conn->cnum);
563 DEBUG(3,("tcon service=%s cnum=%d\n",
564 service, conn->cnum));
566 END_PROFILE(SMBtcon);
570 /****************************************************************************
571 Reply to a tcon and X.
572 conn POINTER CAN BE NULL HERE !
573 ****************************************************************************/
575 void reply_tcon_and_X(struct smb_request *req)
577 connection_struct *conn = req->conn;
578 const char *service = NULL;
580 TALLOC_CTX *ctx = talloc_tos();
581 /* what the cleint thinks the device is */
582 char *client_devicetype = NULL;
583 /* what the server tells the client the share represents */
584 const char *server_devicetype;
591 START_PROFILE(SMBtconX);
594 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
595 END_PROFILE(SMBtconX);
599 passlen = SVAL(req->vwv+3, 0);
600 tcon_flags = SVAL(req->vwv+2, 0);
602 /* we might have to close an old one */
603 if ((tcon_flags & 0x1) && conn) {
604 close_cnum(conn,req->vuid);
609 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
610 reply_doserror(req, ERRDOS, ERRbuftoosmall);
611 END_PROFILE(SMBtconX);
615 if (global_encrypted_passwords_negotiated) {
616 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
617 if (lp_security() == SEC_SHARE) {
619 * Security = share always has a pad byte
620 * after the password.
622 p = (const char *)req->buf + passlen + 1;
624 p = (const char *)req->buf + passlen;
627 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
628 /* Ensure correct termination */
629 password.data[passlen]=0;
630 p = (const char *)req->buf + passlen + 1;
633 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
636 data_blob_clear_free(&password);
637 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
638 END_PROFILE(SMBtconX);
643 * the service name can be either: \\server\share
644 * or share directly like on the DELL PowerVault 705
647 q = strchr_m(path+2,'\\');
649 data_blob_clear_free(&password);
650 reply_doserror(req, ERRDOS, ERRnosuchshare);
651 END_PROFILE(SMBtconX);
659 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
660 &client_devicetype, p,
661 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
663 if (client_devicetype == NULL) {
664 data_blob_clear_free(&password);
665 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
666 END_PROFILE(SMBtconX);
670 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
672 conn = make_connection(service, password, client_devicetype,
673 req->vuid, &nt_status);
676 data_blob_clear_free(&password);
679 reply_nterror(req, nt_status);
680 END_PROFILE(SMBtconX);
685 server_devicetype = "IPC";
686 else if ( IS_PRINT(conn) )
687 server_devicetype = "LPT1:";
689 server_devicetype = "A:";
691 if (Protocol < PROTOCOL_NT1) {
692 reply_outbuf(req, 2, 0);
693 if (message_push_string(&req->outbuf, server_devicetype,
694 STR_TERMINATE|STR_ASCII) == -1) {
695 reply_nterror(req, NT_STATUS_NO_MEMORY);
696 END_PROFILE(SMBtconX);
700 /* NT sets the fstype of IPC$ to the null string */
701 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
703 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
704 /* Return permissions. */
708 reply_outbuf(req, 7, 0);
711 perm1 = FILE_ALL_ACCESS;
712 perm2 = FILE_ALL_ACCESS;
714 perm1 = CAN_WRITE(conn) ?
719 SIVAL(req->outbuf, smb_vwv3, perm1);
720 SIVAL(req->outbuf, smb_vwv5, perm2);
722 reply_outbuf(req, 3, 0);
725 if ((message_push_string(&req->outbuf, server_devicetype,
726 STR_TERMINATE|STR_ASCII) == -1)
727 || (message_push_string(&req->outbuf, fstype,
728 STR_TERMINATE) == -1)) {
729 reply_nterror(req, NT_STATUS_NO_MEMORY);
730 END_PROFILE(SMBtconX);
734 /* what does setting this bit do? It is set by NT4 and
735 may affect the ability to autorun mounted cdroms */
736 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
737 (lp_csc_policy(SNUM(conn)) << 2));
739 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
740 DEBUG(2,("Serving %s as a Dfs root\n",
741 lp_servicename(SNUM(conn)) ));
742 SSVAL(req->outbuf, smb_vwv2,
743 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
748 DEBUG(3,("tconX service=%s \n",
751 /* set the incoming and outgoing tid to the just created one */
752 SSVAL(req->inbuf,smb_tid,conn->cnum);
753 SSVAL(req->outbuf,smb_tid,conn->cnum);
755 END_PROFILE(SMBtconX);
761 /****************************************************************************
762 Reply to an unknown type.
763 ****************************************************************************/
765 void reply_unknown_new(struct smb_request *req, uint8 type)
767 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
768 smb_fn_name(type), type, type));
769 reply_doserror(req, ERRSRV, ERRunknownsmb);
773 /****************************************************************************
775 conn POINTER CAN BE NULL HERE !
776 ****************************************************************************/
778 void reply_ioctl(struct smb_request *req)
780 connection_struct *conn = req->conn;
787 START_PROFILE(SMBioctl);
790 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
791 END_PROFILE(SMBioctl);
795 device = SVAL(req->vwv+1, 0);
796 function = SVAL(req->vwv+2, 0);
797 ioctl_code = (device << 16) + function;
799 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
801 switch (ioctl_code) {
802 case IOCTL_QUERY_JOB_INFO:
806 reply_doserror(req, ERRSRV, ERRnosupport);
807 END_PROFILE(SMBioctl);
811 reply_outbuf(req, 8, replysize+1);
812 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
813 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
814 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
815 p = smb_buf(req->outbuf);
816 memset(p, '\0', replysize+1); /* valgrind-safe. */
817 p += 1; /* Allow for alignment */
819 switch (ioctl_code) {
820 case IOCTL_QUERY_JOB_INFO:
822 files_struct *fsp = file_fsp(
823 req, SVAL(req->vwv+0, 0));
825 reply_doserror(req, ERRDOS, ERRbadfid);
826 END_PROFILE(SMBioctl);
829 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
830 srvstr_push((char *)req->outbuf, req->flags2, p+2,
832 STR_TERMINATE|STR_ASCII);
834 srvstr_push((char *)req->outbuf, req->flags2,
835 p+18, lp_servicename(SNUM(conn)),
836 13, STR_TERMINATE|STR_ASCII);
844 END_PROFILE(SMBioctl);
848 /****************************************************************************
849 Strange checkpath NTSTATUS mapping.
850 ****************************************************************************/
852 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
854 /* Strange DOS error code semantics only for checkpath... */
855 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
856 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
857 /* We need to map to ERRbadpath */
858 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
864 /****************************************************************************
865 Reply to a checkpath.
866 ****************************************************************************/
868 void reply_checkpath(struct smb_request *req)
870 connection_struct *conn = req->conn;
872 SMB_STRUCT_STAT sbuf;
874 TALLOC_CTX *ctx = talloc_tos();
876 START_PROFILE(SMBcheckpath);
878 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
879 STR_TERMINATE, &status);
881 if (!NT_STATUS_IS_OK(status)) {
882 status = map_checkpath_error(req->flags2, status);
883 reply_nterror(req, status);
884 END_PROFILE(SMBcheckpath);
888 status = resolve_dfspath(ctx, conn,
889 req->flags2 & FLAGS2_DFS_PATHNAMES,
892 if (!NT_STATUS_IS_OK(status)) {
893 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
894 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
896 END_PROFILE(SMBcheckpath);
902 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
904 status = unix_convert(ctx, conn, name, False, &name, NULL, &sbuf);
905 if (!NT_STATUS_IS_OK(status)) {
909 status = check_name(conn, name);
910 if (!NT_STATUS_IS_OK(status)) {
911 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
915 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) {
916 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
917 status = map_nt_error_from_unix(errno);
921 if (!S_ISDIR(sbuf.st_mode)) {
922 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
924 END_PROFILE(SMBcheckpath);
928 reply_outbuf(req, 0, 0);
930 END_PROFILE(SMBcheckpath);
935 END_PROFILE(SMBcheckpath);
937 /* We special case this - as when a Windows machine
938 is parsing a path is steps through the components
939 one at a time - if a component fails it expects
940 ERRbadpath, not ERRbadfile.
942 status = map_checkpath_error(req->flags2, status);
943 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
945 * Windows returns different error codes if
946 * the parent directory is valid but not the
947 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
948 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
949 * if the path is invalid.
951 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
956 reply_nterror(req, status);
959 /****************************************************************************
961 ****************************************************************************/
963 void reply_getatr(struct smb_request *req)
965 connection_struct *conn = req->conn;
967 SMB_STRUCT_STAT sbuf;
973 TALLOC_CTX *ctx = talloc_tos();
975 START_PROFILE(SMBgetatr);
977 p = (const char *)req->buf + 1;
978 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
979 if (!NT_STATUS_IS_OK(status)) {
980 reply_nterror(req, status);
981 END_PROFILE(SMBgetatr);
985 status = resolve_dfspath(ctx, conn,
986 req->flags2 & FLAGS2_DFS_PATHNAMES,
989 if (!NT_STATUS_IS_OK(status)) {
990 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
991 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
993 END_PROFILE(SMBgetatr);
996 reply_nterror(req, status);
997 END_PROFILE(SMBgetatr);
1001 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1002 under WfWg - weird! */
1003 if (*fname == '\0') {
1004 mode = aHIDDEN | aDIR;
1005 if (!CAN_WRITE(conn)) {
1011 status = unix_convert(ctx, conn, fname, False, &fname, NULL,&sbuf);
1012 if (!NT_STATUS_IS_OK(status)) {
1013 reply_nterror(req, status);
1014 END_PROFILE(SMBgetatr);
1017 status = check_name(conn, fname);
1018 if (!NT_STATUS_IS_OK(status)) {
1019 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
1020 reply_nterror(req, status);
1021 END_PROFILE(SMBgetatr);
1024 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) {
1025 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
1026 reply_unixerror(req, ERRDOS,ERRbadfile);
1027 END_PROFILE(SMBgetatr);
1031 mode = dos_mode(conn,fname,&sbuf);
1032 size = sbuf.st_size;
1033 mtime = sbuf.st_mtime;
1039 reply_outbuf(req, 10, 0);
1041 SSVAL(req->outbuf,smb_vwv0,mode);
1042 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1043 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1045 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1047 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1049 if (Protocol >= PROTOCOL_NT1) {
1050 SSVAL(req->outbuf, smb_flg2,
1051 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1054 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
1056 END_PROFILE(SMBgetatr);
1060 /****************************************************************************
1062 ****************************************************************************/
1064 void reply_setatr(struct smb_request *req)
1066 struct timespec ts[2];
1067 connection_struct *conn = req->conn;
1071 SMB_STRUCT_STAT sbuf;
1074 TALLOC_CTX *ctx = talloc_tos();
1076 START_PROFILE(SMBsetatr);
1081 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1085 p = (const char *)req->buf + 1;
1086 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1087 if (!NT_STATUS_IS_OK(status)) {
1088 reply_nterror(req, status);
1089 END_PROFILE(SMBsetatr);
1093 status = resolve_dfspath(ctx, conn,
1094 req->flags2 & FLAGS2_DFS_PATHNAMES,
1097 if (!NT_STATUS_IS_OK(status)) {
1098 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1099 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1100 ERRSRV, ERRbadpath);
1101 END_PROFILE(SMBsetatr);
1104 reply_nterror(req, status);
1105 END_PROFILE(SMBsetatr);
1109 status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
1110 if (!NT_STATUS_IS_OK(status)) {
1111 reply_nterror(req, status);
1112 END_PROFILE(SMBsetatr);
1116 status = check_name(conn, fname);
1117 if (!NT_STATUS_IS_OK(status)) {
1118 reply_nterror(req, status);
1119 END_PROFILE(SMBsetatr);
1123 if (fname[0] == '.' && fname[1] == '\0') {
1125 * Not sure here is the right place to catch this
1126 * condition. Might be moved to somewhere else later -- vl
1128 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1129 END_PROFILE(SMBsetatr);
1133 mode = SVAL(req->vwv+0, 0);
1134 mtime = srv_make_unix_date3(req->vwv+1);
1136 ts[1] = convert_time_t_to_timespec(mtime);
1137 status = smb_set_file_time(conn, NULL, fname,
1139 if (!NT_STATUS_IS_OK(status)) {
1140 reply_unixerror(req, ERRDOS, ERRnoaccess);
1141 END_PROFILE(SMBsetatr);
1145 if (mode != FILE_ATTRIBUTE_NORMAL) {
1146 if (VALID_STAT_OF_DIR(sbuf))
1151 if (file_set_dosmode(conn,fname,mode,&sbuf,NULL,false) != 0) {
1152 reply_unixerror(req, ERRDOS, ERRnoaccess);
1153 END_PROFILE(SMBsetatr);
1158 reply_outbuf(req, 0, 0);
1160 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1162 END_PROFILE(SMBsetatr);
1166 /****************************************************************************
1168 ****************************************************************************/
1170 void reply_dskattr(struct smb_request *req)
1172 connection_struct *conn = req->conn;
1173 uint64_t dfree,dsize,bsize;
1174 START_PROFILE(SMBdskattr);
1176 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1177 reply_unixerror(req, ERRHRD, ERRgeneral);
1178 END_PROFILE(SMBdskattr);
1182 reply_outbuf(req, 5, 0);
1184 if (Protocol <= PROTOCOL_LANMAN2) {
1185 double total_space, free_space;
1186 /* we need to scale this to a number that DOS6 can handle. We
1187 use floating point so we can handle large drives on systems
1188 that don't have 64 bit integers
1190 we end up displaying a maximum of 2G to DOS systems
1192 total_space = dsize * (double)bsize;
1193 free_space = dfree * (double)bsize;
1195 dsize = (uint64_t)((total_space+63*512) / (64*512));
1196 dfree = (uint64_t)((free_space+63*512) / (64*512));
1198 if (dsize > 0xFFFF) dsize = 0xFFFF;
1199 if (dfree > 0xFFFF) dfree = 0xFFFF;
1201 SSVAL(req->outbuf,smb_vwv0,dsize);
1202 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1203 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1204 SSVAL(req->outbuf,smb_vwv3,dfree);
1206 SSVAL(req->outbuf,smb_vwv0,dsize);
1207 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1208 SSVAL(req->outbuf,smb_vwv2,512);
1209 SSVAL(req->outbuf,smb_vwv3,dfree);
1212 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1214 END_PROFILE(SMBdskattr);
1218 /****************************************************************************
1220 Can be called from SMBsearch, SMBffirst or SMBfunique.
1221 ****************************************************************************/
1223 void reply_search(struct smb_request *req)
1225 connection_struct *conn = req->conn;
1226 const char *mask = NULL;
1227 char *directory = NULL;
1233 unsigned int numentries = 0;
1234 unsigned int maxentries = 0;
1235 bool finished = False;
1241 bool check_descend = False;
1242 bool expect_close = False;
1244 bool mask_contains_wcard = False;
1245 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1246 TALLOC_CTX *ctx = talloc_tos();
1247 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1249 START_PROFILE(SMBsearch);
1252 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1253 END_PROFILE(SMBsearch);
1257 if (lp_posix_pathnames()) {
1258 reply_unknown_new(req, req->cmd);
1259 END_PROFILE(SMBsearch);
1263 /* If we were called as SMBffirst then we must expect close. */
1264 if(req->cmd == SMBffirst) {
1265 expect_close = True;
1268 reply_outbuf(req, 1, 3);
1269 maxentries = SVAL(req->vwv+0, 0);
1270 dirtype = SVAL(req->vwv+1, 0);
1271 p = (const char *)req->buf + 1;
1272 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1273 &nt_status, &mask_contains_wcard);
1274 if (!NT_STATUS_IS_OK(nt_status)) {
1275 reply_nterror(req, nt_status);
1276 END_PROFILE(SMBsearch);
1280 nt_status = resolve_dfspath_wcard(ctx, conn,
1281 req->flags2 & FLAGS2_DFS_PATHNAMES,
1284 &mask_contains_wcard);
1285 if (!NT_STATUS_IS_OK(nt_status)) {
1286 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1287 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1288 ERRSRV, ERRbadpath);
1289 END_PROFILE(SMBsearch);
1292 reply_nterror(req, nt_status);
1293 END_PROFILE(SMBsearch);
1298 status_len = SVAL(p, 0);
1301 /* dirtype &= ~aDIR; */
1303 if (status_len == 0) {
1304 SMB_STRUCT_STAT sbuf;
1306 nt_status = unix_convert(ctx, conn, path, True,
1307 &directory, NULL, &sbuf);
1308 if (!NT_STATUS_IS_OK(nt_status)) {
1309 reply_nterror(req, nt_status);
1310 END_PROFILE(SMBsearch);
1314 nt_status = check_name(conn, directory);
1315 if (!NT_STATUS_IS_OK(nt_status)) {
1316 reply_nterror(req, nt_status);
1317 END_PROFILE(SMBsearch);
1321 p = strrchr_m(directory,'/');
1322 if ((p != NULL) && (*directory != '/')) {
1324 directory = talloc_strndup(ctx, directory,
1325 PTR_DIFF(p, directory));
1328 directory = talloc_strdup(ctx,".");
1332 reply_nterror(req, NT_STATUS_NO_MEMORY);
1333 END_PROFILE(SMBsearch);
1337 memset((char *)status,'\0',21);
1338 SCVAL(status,0,(dirtype & 0x1F));
1340 nt_status = dptr_create(conn,
1346 mask_contains_wcard,
1349 if (!NT_STATUS_IS_OK(nt_status)) {
1350 reply_nterror(req, nt_status);
1351 END_PROFILE(SMBsearch);
1354 dptr_num = dptr_dnum(conn->dirptr);
1358 memcpy(status,p,21);
1359 status_dirtype = CVAL(status,0) & 0x1F;
1360 if (status_dirtype != (dirtype & 0x1F)) {
1361 dirtype = status_dirtype;
1364 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1365 if (!conn->dirptr) {
1368 string_set(&conn->dirpath,dptr_path(dptr_num));
1369 mask = dptr_wcard(dptr_num);
1374 * For a 'continue' search we have no string. So
1375 * check from the initial saved string.
1377 mask_contains_wcard = ms_has_wild(mask);
1378 dirtype = dptr_attr(dptr_num);
1381 DEBUG(4,("dptr_num is %d\n",dptr_num));
1383 if ((dirtype&0x1F) == aVOLID) {
1384 char buf[DIR_STRUCT_SIZE];
1385 memcpy(buf,status,21);
1386 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1387 0,aVOLID,0,!allow_long_path_components)) {
1388 reply_nterror(req, NT_STATUS_NO_MEMORY);
1389 END_PROFILE(SMBsearch);
1392 dptr_fill(buf+12,dptr_num);
1393 if (dptr_zero(buf+12) && (status_len==0)) {
1398 if (message_push_blob(&req->outbuf,
1399 data_blob_const(buf, sizeof(buf)))
1401 reply_nterror(req, NT_STATUS_NO_MEMORY);
1402 END_PROFILE(SMBsearch);
1410 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1413 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1414 conn->dirpath,lp_dontdescend(SNUM(conn))));
1415 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1416 check_descend = True;
1419 for (i=numentries;(i<maxentries) && !finished;i++) {
1420 finished = !get_dir_entry(ctx,
1431 char buf[DIR_STRUCT_SIZE];
1432 memcpy(buf,status,21);
1433 if (!make_dir_struct(ctx,
1440 !allow_long_path_components)) {
1441 reply_nterror(req, NT_STATUS_NO_MEMORY);
1442 END_PROFILE(SMBsearch);
1445 if (!dptr_fill(buf+12,dptr_num)) {
1448 if (message_push_blob(&req->outbuf,
1449 data_blob_const(buf, sizeof(buf)))
1451 reply_nterror(req, NT_STATUS_NO_MEMORY);
1452 END_PROFILE(SMBsearch);
1462 /* If we were called as SMBffirst with smb_search_id == NULL
1463 and no entries were found then return error and close dirptr
1466 if (numentries == 0) {
1467 dptr_close(&dptr_num);
1468 } else if(expect_close && status_len == 0) {
1469 /* Close the dptr - we know it's gone */
1470 dptr_close(&dptr_num);
1473 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1474 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1475 dptr_close(&dptr_num);
1478 if ((numentries == 0) && !mask_contains_wcard) {
1479 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1480 END_PROFILE(SMBsearch);
1484 SSVAL(req->outbuf,smb_vwv0,numentries);
1485 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1486 SCVAL(smb_buf(req->outbuf),0,5);
1487 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1489 /* The replies here are never long name. */
1490 SSVAL(req->outbuf, smb_flg2,
1491 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1492 if (!allow_long_path_components) {
1493 SSVAL(req->outbuf, smb_flg2,
1494 SVAL(req->outbuf, smb_flg2)
1495 & (~FLAGS2_LONG_PATH_COMPONENTS));
1498 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1499 SSVAL(req->outbuf, smb_flg2,
1500 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1503 directory = dptr_path(dptr_num);
1506 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1507 smb_fn_name(req->cmd),
1509 directory ? directory : "./",
1514 END_PROFILE(SMBsearch);
1518 /****************************************************************************
1519 Reply to a fclose (stop directory search).
1520 ****************************************************************************/
1522 void reply_fclose(struct smb_request *req)
1530 bool path_contains_wcard = False;
1531 TALLOC_CTX *ctx = talloc_tos();
1533 START_PROFILE(SMBfclose);
1535 if (lp_posix_pathnames()) {
1536 reply_unknown_new(req, req->cmd);
1537 END_PROFILE(SMBfclose);
1541 p = (const char *)req->buf + 1;
1542 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1543 &err, &path_contains_wcard);
1544 if (!NT_STATUS_IS_OK(err)) {
1545 reply_nterror(req, err);
1546 END_PROFILE(SMBfclose);
1550 status_len = SVAL(p,0);
1553 if (status_len == 0) {
1554 reply_doserror(req, ERRSRV, ERRsrverror);
1555 END_PROFILE(SMBfclose);
1559 memcpy(status,p,21);
1561 if(dptr_fetch(status+12,&dptr_num)) {
1562 /* Close the dptr - we know it's gone */
1563 dptr_close(&dptr_num);
1566 reply_outbuf(req, 1, 0);
1567 SSVAL(req->outbuf,smb_vwv0,0);
1569 DEBUG(3,("search close\n"));
1571 END_PROFILE(SMBfclose);
1575 /****************************************************************************
1577 ****************************************************************************/
1579 void reply_open(struct smb_request *req)
1581 connection_struct *conn = req->conn;
1587 SMB_STRUCT_STAT sbuf;
1594 uint32 create_disposition;
1595 uint32 create_options = 0;
1597 TALLOC_CTX *ctx = talloc_tos();
1599 START_PROFILE(SMBopen);
1602 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1603 END_PROFILE(SMBopen);
1607 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1608 deny_mode = SVAL(req->vwv+0, 0);
1609 dos_attr = SVAL(req->vwv+1, 0);
1611 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1612 STR_TERMINATE, &status);
1613 if (!NT_STATUS_IS_OK(status)) {
1614 reply_nterror(req, status);
1615 END_PROFILE(SMBopen);
1619 if (!map_open_params_to_ntcreate(
1620 fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask,
1621 &share_mode, &create_disposition, &create_options)) {
1622 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1623 END_PROFILE(SMBopen);
1627 status = SMB_VFS_CREATE_FILE(
1630 0, /* root_dir_fid */
1632 CFF_DOS_PATH, /* create_file_flags */
1633 access_mask, /* access_mask */
1634 share_mode, /* share_access */
1635 create_disposition, /* create_disposition*/
1636 create_options, /* create_options */
1637 dos_attr, /* file_attributes */
1638 oplock_request, /* oplock_request */
1639 0, /* allocation_size */
1646 if (!NT_STATUS_IS_OK(status)) {
1647 if (open_was_deferred(req->mid)) {
1648 /* We have re-scheduled this call. */
1649 END_PROFILE(SMBopen);
1652 reply_openerror(req, status);
1653 END_PROFILE(SMBopen);
1657 size = sbuf.st_size;
1658 fattr = dos_mode(conn,fsp->fsp_name,&sbuf);
1659 mtime = sbuf.st_mtime;
1662 DEBUG(3,("attempt to open a directory %s\n",fsp->fsp_name));
1663 close_file(req, fsp, ERROR_CLOSE);
1664 reply_doserror(req, ERRDOS,ERRnoaccess);
1665 END_PROFILE(SMBopen);
1669 reply_outbuf(req, 7, 0);
1670 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1671 SSVAL(req->outbuf,smb_vwv1,fattr);
1672 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1673 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1675 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1677 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1678 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1680 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1681 SCVAL(req->outbuf,smb_flg,
1682 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1685 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1686 SCVAL(req->outbuf,smb_flg,
1687 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1689 END_PROFILE(SMBopen);
1693 /****************************************************************************
1694 Reply to an open and X.
1695 ****************************************************************************/
1697 void reply_open_and_X(struct smb_request *req)
1699 connection_struct *conn = req->conn;
1704 /* Breakout the oplock request bits so we can set the
1705 reply bits separately. */
1706 int ex_oplock_request;
1707 int core_oplock_request;
1710 int smb_sattr = SVAL(req->vwv+4, 0);
1711 uint32 smb_time = make_unix_date3(req->vwv+6);
1716 SMB_STRUCT_STAT sbuf;
1720 uint64_t allocation_size;
1721 ssize_t retval = -1;
1724 uint32 create_disposition;
1725 uint32 create_options = 0;
1726 TALLOC_CTX *ctx = talloc_tos();
1728 START_PROFILE(SMBopenX);
1730 if (req->wct < 15) {
1731 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1732 END_PROFILE(SMBopenX);
1736 open_flags = SVAL(req->vwv+2, 0);
1737 deny_mode = SVAL(req->vwv+3, 0);
1738 smb_attr = SVAL(req->vwv+5, 0);
1739 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1740 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1741 oplock_request = ex_oplock_request | core_oplock_request;
1742 smb_ofun = SVAL(req->vwv+8, 0);
1743 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1745 /* If it's an IPC, pass off the pipe handler. */
1747 if (lp_nt_pipe_support()) {
1748 reply_open_pipe_and_X(conn, req);
1750 reply_doserror(req, ERRSRV, ERRaccess);
1752 END_PROFILE(SMBopenX);
1756 /* XXXX we need to handle passed times, sattr and flags */
1757 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1758 STR_TERMINATE, &status);
1759 if (!NT_STATUS_IS_OK(status)) {
1760 reply_nterror(req, status);
1761 END_PROFILE(SMBopenX);
1765 if (!map_open_params_to_ntcreate(
1766 fname, deny_mode, smb_ofun, &access_mask,
1767 &share_mode, &create_disposition, &create_options)) {
1768 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1769 END_PROFILE(SMBopenX);
1773 status = SMB_VFS_CREATE_FILE(
1776 0, /* root_dir_fid */
1778 CFF_DOS_PATH, /* create_file_flags */
1779 access_mask, /* access_mask */
1780 share_mode, /* share_access */
1781 create_disposition, /* create_disposition*/
1782 create_options, /* create_options */
1783 smb_attr, /* file_attributes */
1784 oplock_request, /* oplock_request */
1785 0, /* allocation_size */
1789 &smb_action, /* pinfo */
1792 if (!NT_STATUS_IS_OK(status)) {
1793 END_PROFILE(SMBopenX);
1794 if (open_was_deferred(req->mid)) {
1795 /* We have re-scheduled this call. */
1798 reply_openerror(req, status);
1802 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1803 if the file is truncated or created. */
1804 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1805 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1806 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1807 close_file(req, fsp, ERROR_CLOSE);
1808 reply_nterror(req, NT_STATUS_DISK_FULL);
1809 END_PROFILE(SMBopenX);
1812 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1814 close_file(req, fsp, ERROR_CLOSE);
1815 reply_nterror(req, NT_STATUS_DISK_FULL);
1816 END_PROFILE(SMBopenX);
1819 sbuf.st_size = get_allocation_size(conn,fsp,&sbuf);
1822 fattr = dos_mode(conn,fsp->fsp_name,&sbuf);
1823 mtime = sbuf.st_mtime;
1825 close_file(req, fsp, ERROR_CLOSE);
1826 reply_doserror(req, ERRDOS, ERRnoaccess);
1827 END_PROFILE(SMBopenX);
1831 /* If the caller set the extended oplock request bit
1832 and we granted one (by whatever means) - set the
1833 correct bit for extended oplock reply.
1836 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1837 smb_action |= EXTENDED_OPLOCK_GRANTED;
1840 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1841 smb_action |= EXTENDED_OPLOCK_GRANTED;
1844 /* If the caller set the core oplock request bit
1845 and we granted one (by whatever means) - set the
1846 correct bit for core oplock reply.
1849 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1850 reply_outbuf(req, 19, 0);
1852 reply_outbuf(req, 15, 0);
1855 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1856 SCVAL(req->outbuf, smb_flg,
1857 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1860 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1861 SCVAL(req->outbuf, smb_flg,
1862 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1865 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
1866 SSVAL(req->outbuf,smb_vwv3,fattr);
1867 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1868 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
1870 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
1872 SIVAL(req->outbuf,smb_vwv6,(uint32)sbuf.st_size);
1873 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1874 SSVAL(req->outbuf,smb_vwv11,smb_action);
1876 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1877 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1880 END_PROFILE(SMBopenX);
1885 /****************************************************************************
1886 Reply to a SMBulogoffX.
1887 ****************************************************************************/
1889 void reply_ulogoffX(struct smb_request *req)
1893 START_PROFILE(SMBulogoffX);
1895 vuser = get_valid_user_struct(req->vuid);
1898 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1902 /* in user level security we are supposed to close any files
1903 open by this user */
1904 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
1905 file_close_user(req->vuid);
1908 invalidate_vuid(req->vuid);
1910 reply_outbuf(req, 2, 0);
1912 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
1914 END_PROFILE(SMBulogoffX);
1918 /****************************************************************************
1919 Reply to a mknew or a create.
1920 ****************************************************************************/
1922 void reply_mknew(struct smb_request *req)
1924 connection_struct *conn = req->conn;
1927 struct timespec ts[2];
1929 int oplock_request = 0;
1930 SMB_STRUCT_STAT sbuf;
1932 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1933 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1934 uint32 create_disposition;
1935 uint32 create_options = 0;
1936 TALLOC_CTX *ctx = talloc_tos();
1938 START_PROFILE(SMBcreate);
1941 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1942 END_PROFILE(SMBcreate);
1946 fattr = SVAL(req->vwv+0, 0);
1947 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1949 ts[1] = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
1952 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
1953 STR_TERMINATE, &status);
1954 if (!NT_STATUS_IS_OK(status)) {
1955 reply_nterror(req, status);
1956 END_PROFILE(SMBcreate);
1960 if (fattr & aVOLID) {
1961 DEBUG(0,("Attempt to create file (%s) with volid set - "
1962 "please report this\n", fname));
1965 if(req->cmd == SMBmknew) {
1966 /* We should fail if file exists. */
1967 create_disposition = FILE_CREATE;
1969 /* Create if file doesn't exist, truncate if it does. */
1970 create_disposition = FILE_OVERWRITE_IF;
1973 status = SMB_VFS_CREATE_FILE(
1976 0, /* root_dir_fid */
1978 CFF_DOS_PATH, /* create_file_flags */
1979 access_mask, /* access_mask */
1980 share_mode, /* share_access */
1981 create_disposition, /* create_disposition*/
1982 create_options, /* create_options */
1983 fattr, /* file_attributes */
1984 oplock_request, /* oplock_request */
1985 0, /* allocation_size */
1992 if (!NT_STATUS_IS_OK(status)) {
1993 END_PROFILE(SMBcreate);
1994 if (open_was_deferred(req->mid)) {
1995 /* We have re-scheduled this call. */
1998 reply_openerror(req, status);
2002 ts[0] = get_atimespec(&sbuf); /* atime. */
2003 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &sbuf, ts, true);
2004 if (!NT_STATUS_IS_OK(status)) {
2005 END_PROFILE(SMBcreate);
2006 reply_openerror(req, status);
2010 reply_outbuf(req, 1, 0);
2011 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2013 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2014 SCVAL(req->outbuf,smb_flg,
2015 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2018 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2019 SCVAL(req->outbuf,smb_flg,
2020 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2023 DEBUG( 2, ( "reply_mknew: file %s\n", fsp->fsp_name ) );
2024 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
2025 fsp->fsp_name, fsp->fh->fd, (unsigned int)fattr ) );
2027 END_PROFILE(SMBcreate);
2031 /****************************************************************************
2032 Reply to a create temporary file.
2033 ****************************************************************************/
2035 void reply_ctemp(struct smb_request *req)
2037 connection_struct *conn = req->conn;
2043 SMB_STRUCT_STAT sbuf;
2046 TALLOC_CTX *ctx = talloc_tos();
2048 START_PROFILE(SMBctemp);
2051 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2052 END_PROFILE(SMBctemp);
2056 fattr = SVAL(req->vwv+0, 0);
2057 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2059 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2060 STR_TERMINATE, &status);
2061 if (!NT_STATUS_IS_OK(status)) {
2062 reply_nterror(req, status);
2063 END_PROFILE(SMBctemp);
2067 fname = talloc_asprintf(ctx,
2071 fname = talloc_strdup(ctx, "TMXXXXXX");
2075 reply_nterror(req, NT_STATUS_NO_MEMORY);
2076 END_PROFILE(SMBctemp);
2080 status = resolve_dfspath(ctx, conn,
2081 req->flags2 & FLAGS2_DFS_PATHNAMES,
2084 if (!NT_STATUS_IS_OK(status)) {
2085 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2086 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2087 ERRSRV, ERRbadpath);
2088 END_PROFILE(SMBctemp);
2091 reply_nterror(req, status);
2092 END_PROFILE(SMBctemp);
2096 status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
2097 if (!NT_STATUS_IS_OK(status)) {
2098 reply_nterror(req, status);
2099 END_PROFILE(SMBctemp);
2103 status = check_name(conn, fname);
2104 if (!NT_STATUS_IS_OK(status)) {
2105 reply_nterror(req, status);
2106 END_PROFILE(SMBctemp);
2110 tmpfd = smb_mkstemp(fname);
2112 reply_unixerror(req, ERRDOS, ERRnoaccess);
2113 END_PROFILE(SMBctemp);
2117 SMB_VFS_STAT(conn,fname,&sbuf);
2119 /* We should fail if file does not exist. */
2120 status = SMB_VFS_CREATE_FILE(
2123 0, /* root_dir_fid */
2125 0, /* create_file_flags */
2126 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2127 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2128 FILE_OPEN, /* create_disposition*/
2129 0, /* create_options */
2130 fattr, /* file_attributes */
2131 oplock_request, /* oplock_request */
2132 0, /* allocation_size */
2139 /* close fd from smb_mkstemp() */
2142 if (!NT_STATUS_IS_OK(status)) {
2143 if (open_was_deferred(req->mid)) {
2144 /* We have re-scheduled this call. */
2145 END_PROFILE(SMBctemp);
2148 reply_openerror(req, status);
2149 END_PROFILE(SMBctemp);
2153 reply_outbuf(req, 1, 0);
2154 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2156 /* the returned filename is relative to the directory */
2157 s = strrchr_m(fsp->fsp_name, '/');
2165 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2166 thing in the byte section. JRA */
2167 SSVALS(p, 0, -1); /* what is this? not in spec */
2169 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2171 reply_nterror(req, NT_STATUS_NO_MEMORY);
2172 END_PROFILE(SMBctemp);
2176 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2177 SCVAL(req->outbuf, smb_flg,
2178 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2181 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2182 SCVAL(req->outbuf, smb_flg,
2183 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2186 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp->fsp_name ) );
2187 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp->fsp_name,
2188 fsp->fh->fd, (unsigned int)sbuf.st_mode ) );
2190 END_PROFILE(SMBctemp);
2194 /*******************************************************************
2195 Check if a user is allowed to rename a file.
2196 ********************************************************************/
2198 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2199 uint16 dirtype, SMB_STRUCT_STAT *pst)
2203 if (!CAN_WRITE(conn)) {
2204 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2207 fmode = dos_mode(conn, fsp->fsp_name, pst);
2208 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2209 return NT_STATUS_NO_SUCH_FILE;
2212 if (S_ISDIR(pst->st_mode)) {
2213 return NT_STATUS_OK;
2216 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2217 return NT_STATUS_OK;
2220 return NT_STATUS_ACCESS_DENIED;
2223 /*******************************************************************
2224 * unlink a file with all relevant access checks
2225 *******************************************************************/
2227 static NTSTATUS do_unlink(connection_struct *conn,
2228 struct smb_request *req,
2232 SMB_STRUCT_STAT sbuf;
2235 uint32 dirtype_orig = dirtype;
2238 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2240 if (!CAN_WRITE(conn)) {
2241 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2244 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
2245 return map_nt_error_from_unix(errno);
2248 fattr = dos_mode(conn,fname,&sbuf);
2250 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2251 dirtype = aDIR|aARCH|aRONLY;
2254 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2256 return NT_STATUS_NO_SUCH_FILE;
2259 if (!dir_check_ftype(conn, fattr, dirtype)) {
2261 return NT_STATUS_FILE_IS_A_DIRECTORY;
2263 return NT_STATUS_NO_SUCH_FILE;
2266 if (dirtype_orig & 0x8000) {
2267 /* These will never be set for POSIX. */
2268 return NT_STATUS_NO_SUCH_FILE;
2272 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2273 return NT_STATUS_FILE_IS_A_DIRECTORY;
2276 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2277 return NT_STATUS_NO_SUCH_FILE;
2280 if (dirtype & 0xFF00) {
2281 /* These will never be set for POSIX. */
2282 return NT_STATUS_NO_SUCH_FILE;
2287 return NT_STATUS_NO_SUCH_FILE;
2290 /* Can't delete a directory. */
2292 return NT_STATUS_FILE_IS_A_DIRECTORY;
2297 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2298 return NT_STATUS_OBJECT_NAME_INVALID;
2299 #endif /* JRATEST */
2301 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2303 On a Windows share, a file with read-only dosmode can be opened with
2304 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2305 fails with NT_STATUS_CANNOT_DELETE error.
2307 This semantic causes a problem that a user can not
2308 rename a file with read-only dosmode on a Samba share
2309 from a Windows command prompt (i.e. cmd.exe, but can rename
2310 from Windows Explorer).
2313 if (!lp_delete_readonly(SNUM(conn))) {
2314 if (fattr & aRONLY) {
2315 return NT_STATUS_CANNOT_DELETE;
2319 /* On open checks the open itself will check the share mode, so
2320 don't do it here as we'll get it wrong. */
2322 status = SMB_VFS_CREATE_FILE
2325 0, /* root_dir_fid */
2327 0, /* create_file_flags */
2328 DELETE_ACCESS, /* access_mask */
2329 FILE_SHARE_NONE, /* share_access */
2330 FILE_OPEN, /* create_disposition*/
2331 FILE_NON_DIRECTORY_FILE, /* create_options */
2332 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2333 0, /* oplock_request */
2334 0, /* allocation_size */
2341 if (!NT_STATUS_IS_OK(status)) {
2342 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2343 nt_errstr(status)));
2347 /* The set is across all open files on this dev/inode pair. */
2348 if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) {
2349 close_file(req, fsp, NORMAL_CLOSE);
2350 return NT_STATUS_ACCESS_DENIED;
2353 return close_file(req, fsp, NORMAL_CLOSE);
2356 /****************************************************************************
2357 The guts of the unlink command, split out so it may be called by the NT SMB
2359 ****************************************************************************/
2361 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2362 uint32 dirtype, const char *name_in, bool has_wild)
2364 const char *directory = NULL;
2369 NTSTATUS status = NT_STATUS_OK;
2370 SMB_STRUCT_STAT sbuf;
2371 TALLOC_CTX *ctx = talloc_tos();
2373 status = unix_convert(ctx, conn, name_in, has_wild, &name, NULL, &sbuf);
2374 if (!NT_STATUS_IS_OK(status)) {
2378 p = strrchr_m(name,'/');
2380 directory = talloc_strdup(ctx, ".");
2382 return NT_STATUS_NO_MEMORY;
2392 * We should only check the mangled cache
2393 * here if unix_convert failed. This means
2394 * that the path in 'mask' doesn't exist
2395 * on the file system and so we need to look
2396 * for a possible mangle. This patch from
2397 * Tine Smukavec <valentin.smukavec@hermes.si>.
2400 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params)) {
2401 char *new_mask = NULL;
2402 mangle_lookup_name_from_8_3(ctx,
2412 directory = talloc_asprintf(ctx,
2417 return NT_STATUS_NO_MEMORY;
2420 dirtype = FILE_ATTRIBUTE_NORMAL;
2423 status = check_name(conn, directory);
2424 if (!NT_STATUS_IS_OK(status)) {
2428 status = do_unlink(conn, req, directory, dirtype);
2429 if (!NT_STATUS_IS_OK(status)) {
2435 struct smb_Dir *dir_hnd = NULL;
2439 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2440 return NT_STATUS_OBJECT_NAME_INVALID;
2443 if (strequal(mask,"????????.???")) {
2448 status = check_name(conn, directory);
2449 if (!NT_STATUS_IS_OK(status)) {
2453 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask,
2455 if (dir_hnd == NULL) {
2456 return map_nt_error_from_unix(errno);
2459 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2460 the pattern matches against the long name, otherwise the short name
2461 We don't implement this yet XXXX
2464 status = NT_STATUS_NO_SUCH_FILE;
2466 while ((dname = ReadDirName(dir_hnd, &offset))) {
2470 if (!is_visible_file(conn, directory, dname, &st, True)) {
2474 /* Quick check for "." and ".." */
2475 if (ISDOT(dname) || ISDOTDOT(dname)) {
2479 if(!mask_match(dname, mask, conn->case_sensitive)) {
2483 fname = talloc_asprintf(ctx, "%s/%s",
2487 return NT_STATUS_NO_MEMORY;
2490 status = check_name(conn, fname);
2491 if (!NT_STATUS_IS_OK(status)) {
2492 TALLOC_FREE(dir_hnd);
2496 status = do_unlink(conn, req, fname, dirtype);
2497 if (!NT_STATUS_IS_OK(status)) {
2503 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2508 TALLOC_FREE(dir_hnd);
2511 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2512 status = map_nt_error_from_unix(errno);
2518 /****************************************************************************
2520 ****************************************************************************/
2522 void reply_unlink(struct smb_request *req)
2524 connection_struct *conn = req->conn;
2528 bool path_contains_wcard = False;
2529 TALLOC_CTX *ctx = talloc_tos();
2531 START_PROFILE(SMBunlink);
2534 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2535 END_PROFILE(SMBunlink);
2539 dirtype = SVAL(req->vwv+0, 0);
2541 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2542 STR_TERMINATE, &status,
2543 &path_contains_wcard);
2544 if (!NT_STATUS_IS_OK(status)) {
2545 reply_nterror(req, status);
2546 END_PROFILE(SMBunlink);
2550 status = resolve_dfspath_wcard(ctx, conn,
2551 req->flags2 & FLAGS2_DFS_PATHNAMES,
2554 &path_contains_wcard);
2555 if (!NT_STATUS_IS_OK(status)) {
2556 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2557 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2558 ERRSRV, ERRbadpath);
2559 END_PROFILE(SMBunlink);
2562 reply_nterror(req, status);
2563 END_PROFILE(SMBunlink);
2567 DEBUG(3,("reply_unlink : %s\n",name));
2569 status = unlink_internals(conn, req, dirtype, name,
2570 path_contains_wcard);
2571 if (!NT_STATUS_IS_OK(status)) {
2572 if (open_was_deferred(req->mid)) {
2573 /* We have re-scheduled this call. */
2574 END_PROFILE(SMBunlink);
2577 reply_nterror(req, status);
2578 END_PROFILE(SMBunlink);
2582 reply_outbuf(req, 0, 0);
2583 END_PROFILE(SMBunlink);
2588 /****************************************************************************
2590 ****************************************************************************/
2592 static void fail_readraw(void)
2594 const char *errstr = talloc_asprintf(talloc_tos(),
2595 "FAIL ! reply_readbraw: socket write fail (%s)",
2600 exit_server_cleanly(errstr);
2603 /****************************************************************************
2604 Fake (read/write) sendfile. Returns -1 on read or write fail.
2605 ****************************************************************************/
2607 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2611 size_t tosend = nread;
2618 bufsize = MIN(nread, 65536);
2620 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2624 while (tosend > 0) {
2628 if (tosend > bufsize) {
2633 ret = read_file(fsp,buf,startpos,cur_read);
2639 /* If we had a short read, fill with zeros. */
2640 if (ret < cur_read) {
2641 memset(buf, '\0', cur_read - ret);
2644 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2649 startpos += cur_read;
2653 return (ssize_t)nread;
2656 /****************************************************************************
2657 Deal with the case of sendfile reading less bytes from the file than
2658 requested. Fill with zeros (all we can do).
2659 ****************************************************************************/
2661 static void sendfile_short_send(files_struct *fsp,
2666 if (nread < headersize) {
2667 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2668 "header for file %s (%s). Terminating\n",
2669 fsp->fsp_name, strerror(errno) ));
2670 exit_server_cleanly("sendfile_short_send failed");
2673 nread -= headersize;
2675 if (nread < smb_maxcnt) {
2676 char *buf = SMB_CALLOC_ARRAY(char, 1024);
2678 exit_server_cleanly("sendfile_short_send: "
2682 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2683 "with zeros !\n", fsp->fsp_name));
2685 while (nread < smb_maxcnt) {
2687 * We asked for the real file size and told sendfile
2688 * to not go beyond the end of the file. But it can
2689 * happen that in between our fstat call and the
2690 * sendfile call the file was truncated. This is very
2691 * bad because we have already announced the larger
2692 * number of bytes to the client.
2694 * The best we can do now is to send 0-bytes, just as
2695 * a read from a hole in a sparse file would do.
2697 * This should happen rarely enough that I don't care
2698 * about efficiency here :-)
2702 to_write = MIN(sizeof(buf), smb_maxcnt - nread);
2703 if (write_data(smbd_server_fd(), buf, to_write) != to_write) {
2704 exit_server_cleanly("sendfile_short_send: "
2705 "write_data failed");
2713 /****************************************************************************
2714 Return a readbraw error (4 bytes of zero).
2715 ****************************************************************************/
2717 static void reply_readbraw_error(void)
2721 if (write_data(smbd_server_fd(),header,4) != 4) {
2726 /****************************************************************************
2727 Use sendfile in readbraw.
2728 ****************************************************************************/
2730 void send_file_readbraw(connection_struct *conn,
2736 char *outbuf = NULL;
2739 #if defined(WITH_SENDFILE)
2741 * We can only use sendfile on a non-chained packet
2742 * but we can use on a non-oplocked file. tridge proved this
2743 * on a train in Germany :-). JRA.
2744 * reply_readbraw has already checked the length.
2747 if ( (chain_size == 0) && (nread > 0) && (fsp->base_fsp == NULL) &&
2748 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2749 ssize_t sendfile_read = -1;
2751 DATA_BLOB header_blob;
2753 _smb_setlen(header,nread);
2754 header_blob = data_blob_const(header, 4);
2756 if ((sendfile_read = SMB_VFS_SENDFILE(smbd_server_fd(), fsp,
2757 &header_blob, startpos, nread)) == -1) {
2758 /* Returning ENOSYS means no data at all was sent.
2759 * Do this as a normal read. */
2760 if (errno == ENOSYS) {
2761 goto normal_readbraw;
2765 * Special hack for broken Linux with no working sendfile. If we
2766 * return EINTR we sent the header but not the rest of the data.
2767 * Fake this up by doing read/write calls.
2769 if (errno == EINTR) {
2770 /* Ensure we don't do this again. */
2771 set_use_sendfile(SNUM(conn), False);
2772 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2774 if (fake_sendfile(fsp, startpos, nread) == -1) {
2775 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2776 fsp->fsp_name, strerror(errno) ));
2777 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2782 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2783 fsp->fsp_name, strerror(errno) ));
2784 exit_server_cleanly("send_file_readbraw sendfile failed");
2787 /* Deal with possible short send. */
2788 if (sendfile_read != 4+nread) {
2789 sendfile_short_send(fsp, sendfile_read, 4, nread);
2797 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
2799 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2800 (unsigned)(nread+4)));
2801 reply_readbraw_error();
2806 ret = read_file(fsp,outbuf+4,startpos,nread);
2807 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2816 _smb_setlen(outbuf,ret);
2817 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2820 TALLOC_FREE(outbuf);
2823 /****************************************************************************
2824 Reply to a readbraw (core+ protocol).
2825 ****************************************************************************/
2827 void reply_readbraw(struct smb_request *req)
2829 connection_struct *conn = req->conn;
2830 ssize_t maxcount,mincount;
2837 START_PROFILE(SMBreadbraw);
2839 if (srv_is_signing_active() || is_encrypted_packet(req->inbuf)) {
2840 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
2841 "raw reads/writes are disallowed.");
2845 reply_readbraw_error();
2846 END_PROFILE(SMBreadbraw);
2851 * Special check if an oplock break has been issued
2852 * and the readraw request croses on the wire, we must
2853 * return a zero length response here.
2856 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
2859 * We have to do a check_fsp by hand here, as
2860 * we must always return 4 zero bytes on error,
2864 if (!fsp || !conn || conn != fsp->conn ||
2865 req->vuid != fsp->vuid ||
2866 fsp->is_directory || fsp->fh->fd == -1) {
2868 * fsp could be NULL here so use the value from the packet. JRA.
2870 DEBUG(3,("reply_readbraw: fnum %d not valid "
2872 (int)SVAL(req->vwv+0, 0)));
2873 reply_readbraw_error();
2874 END_PROFILE(SMBreadbraw);
2878 /* Do a "by hand" version of CHECK_READ. */
2879 if (!(fsp->can_read ||
2880 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
2881 (fsp->access_mask & FILE_EXECUTE)))) {
2882 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2883 (int)SVAL(req->vwv+0, 0)));
2884 reply_readbraw_error();
2885 END_PROFILE(SMBreadbraw);
2889 flush_write_cache(fsp, READRAW_FLUSH);
2891 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
2892 if(req->wct == 10) {
2894 * This is a large offset (64 bit) read.
2896 #ifdef LARGE_SMB_OFF_T
2898 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
2900 #else /* !LARGE_SMB_OFF_T */
2903 * Ensure we haven't been sent a >32 bit offset.
2906 if(IVAL(req->vwv+8, 0) != 0) {
2907 DEBUG(0,("reply_readbraw: large offset "
2908 "(%x << 32) used and we don't support "
2909 "64 bit offsets.\n",
2910 (unsigned int)IVAL(req->vwv+8, 0) ));
2911 reply_readbraw_error();
2912 END_PROFILE(SMBreadbraw);
2916 #endif /* LARGE_SMB_OFF_T */
2919 DEBUG(0,("reply_readbraw: negative 64 bit "
2920 "readraw offset (%.0f) !\n",
2921 (double)startpos ));
2922 reply_readbraw_error();
2923 END_PROFILE(SMBreadbraw);
2928 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
2929 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
2931 /* ensure we don't overrun the packet size */
2932 maxcount = MIN(65535,maxcount);
2934 if (is_locked(fsp,(uint32)req->smbpid,
2938 reply_readbraw_error();
2939 END_PROFILE(SMBreadbraw);
2943 if (SMB_VFS_FSTAT(fsp, &st) == 0) {
2947 if (startpos >= size) {
2950 nread = MIN(maxcount,(size - startpos));
2953 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2954 if (nread < mincount)
2958 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
2959 "min=%lu nread=%lu\n",
2960 fsp->fnum, (double)startpos,
2961 (unsigned long)maxcount,
2962 (unsigned long)mincount,
2963 (unsigned long)nread ) );
2965 send_file_readbraw(conn, fsp, startpos, nread, mincount);
2967 DEBUG(5,("reply_readbraw finished\n"));
2968 END_PROFILE(SMBreadbraw);
2972 #define DBGC_CLASS DBGC_LOCKING
2974 /****************************************************************************
2975 Reply to a lockread (core+ protocol).
2976 ****************************************************************************/
2978 void reply_lockread(struct smb_request *req)
2980 connection_struct *conn = req->conn;
2987 struct byte_range_lock *br_lck = NULL;
2990 START_PROFILE(SMBlockread);
2993 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2994 END_PROFILE(SMBlockread);
2998 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3000 if (!check_fsp(conn, req, fsp)) {
3001 END_PROFILE(SMBlockread);
3005 if (!CHECK_READ(fsp,req)) {
3006 reply_doserror(req, ERRDOS, ERRbadaccess);
3007 END_PROFILE(SMBlockread);
3011 release_level_2_oplocks_on_change(fsp);
3013 numtoread = SVAL(req->vwv+1, 0);
3014 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3016 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3018 reply_outbuf(req, 5, numtoread + 3);
3020 data = smb_buf(req->outbuf) + 3;
3023 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3024 * protocol request that predates the read/write lock concept.
3025 * Thus instead of asking for a read lock here we need to ask
3026 * for a write lock. JRA.
3027 * Note that the requested lock size is unaffected by max_recv.
3030 br_lck = do_lock(smbd_messaging_context(),
3033 (uint64_t)numtoread,
3037 False, /* Non-blocking lock. */
3040 TALLOC_FREE(br_lck);
3042 if (NT_STATUS_V(status)) {
3043 reply_nterror(req, status);
3044 END_PROFILE(SMBlockread);
3049 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3052 if (numtoread > max_recv) {
3053 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3054 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3055 (unsigned int)numtoread, (unsigned int)max_recv ));
3056 numtoread = MIN(numtoread,max_recv);
3058 nread = read_file(fsp,data,startpos,numtoread);
3061 reply_unixerror(req, ERRDOS, ERRnoaccess);
3062 END_PROFILE(SMBlockread);
3066 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3068 SSVAL(req->outbuf,smb_vwv0,nread);
3069 SSVAL(req->outbuf,smb_vwv5,nread+3);
3070 p = smb_buf(req->outbuf);
3071 SCVAL(p,0,0); /* pad byte. */
3074 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3075 fsp->fnum, (int)numtoread, (int)nread));
3077 END_PROFILE(SMBlockread);
3082 #define DBGC_CLASS DBGC_ALL
3084 /****************************************************************************
3086 ****************************************************************************/
3088 void reply_read(struct smb_request *req)
3090 connection_struct *conn = req->conn;
3098 START_PROFILE(SMBread);
3101 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3102 END_PROFILE(SMBread);
3106 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3108 if (!check_fsp(conn, req, fsp)) {
3109 END_PROFILE(SMBread);
3113 if (!CHECK_READ(fsp,req)) {
3114 reply_doserror(req, ERRDOS, ERRbadaccess);
3115 END_PROFILE(SMBread);
3119 numtoread = SVAL(req->vwv+1, 0);
3120 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3122 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3125 * The requested read size cannot be greater than max_recv. JRA.
3127 if (numtoread > max_recv) {
3128 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3129 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3130 (unsigned int)numtoread, (unsigned int)max_recv ));
3131 numtoread = MIN(numtoread,max_recv);
3134 reply_outbuf(req, 5, numtoread+3);
3136 data = smb_buf(req->outbuf) + 3;
3138 if (is_locked(fsp, (uint32)req->smbpid, (uint64_t)numtoread,
3139 (uint64_t)startpos, READ_LOCK)) {
3140 reply_doserror(req, ERRDOS,ERRlock);
3141 END_PROFILE(SMBread);
3146 nread = read_file(fsp,data,startpos,numtoread);
3149 reply_unixerror(req, ERRDOS,ERRnoaccess);
3150 END_PROFILE(SMBread);
3154 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3156 SSVAL(req->outbuf,smb_vwv0,nread);
3157 SSVAL(req->outbuf,smb_vwv5,nread+3);
3158 SCVAL(smb_buf(req->outbuf),0,1);
3159 SSVAL(smb_buf(req->outbuf),1,nread);
3161 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3162 fsp->fnum, (int)numtoread, (int)nread ) );
3164 END_PROFILE(SMBread);
3168 /****************************************************************************
3170 ****************************************************************************/
3172 static int setup_readX_header(struct smb_request *req, char *outbuf,
3178 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3179 data = smb_buf(outbuf);
3181 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3183 SCVAL(outbuf,smb_vwv0,0xFF);
3184 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3185 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3186 SSVAL(outbuf,smb_vwv6,
3188 + 1 /* the wct field */
3189 + 12 * sizeof(uint16_t) /* vwv */
3190 + 2); /* the buflen field */
3191 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3192 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3193 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3194 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3198 /****************************************************************************
3199 Reply to a read and X - possibly using sendfile.
3200 ****************************************************************************/
3202 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3203 files_struct *fsp, SMB_OFF_T startpos,
3206 SMB_STRUCT_STAT sbuf;
3209 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
3210 reply_unixerror(req, ERRDOS, ERRnoaccess);
3214 if (startpos > sbuf.st_size) {
3216 } else if (smb_maxcnt > (sbuf.st_size - startpos)) {
3217 smb_maxcnt = (sbuf.st_size - startpos);
3220 if (smb_maxcnt == 0) {
3224 #if defined(WITH_SENDFILE)
3226 * We can only use sendfile on a non-chained packet
3227 * but we can use on a non-oplocked file. tridge proved this
3228 * on a train in Germany :-). JRA.
3231 if ((chain_size == 0) && (CVAL(req->vwv+0, 0) == 0xFF) &&
3232 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3233 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
3234 uint8 headerbuf[smb_size + 12 * 2];
3238 * Set up the packet header before send. We
3239 * assume here the sendfile will work (get the
3240 * correct amount of data).
3243 header = data_blob_const(headerbuf, sizeof(headerbuf));
3245 construct_reply_common_req(req, (char *)headerbuf);
3246 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3248 if ((nread = SMB_VFS_SENDFILE(smbd_server_fd(), fsp, &header, startpos, smb_maxcnt)) == -1) {
3249 /* Returning ENOSYS means no data at all was sent.
3250 Do this as a normal read. */
3251 if (errno == ENOSYS) {
3256 * Special hack for broken Linux with no working sendfile. If we
3257 * return EINTR we sent the header but not the rest of the data.
3258 * Fake this up by doing read/write calls.
3261 if (errno == EINTR) {
3262 /* Ensure we don't do this again. */
3263 set_use_sendfile(SNUM(conn), False);
3264 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3265 nread = fake_sendfile(fsp, startpos,
3268 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3269 fsp->fsp_name, strerror(errno) ));
3270 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3272 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3273 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3274 /* No outbuf here means successful sendfile. */
3275 TALLOC_FREE(req->outbuf);
3279 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3280 fsp->fsp_name, strerror(errno) ));
3281 exit_server_cleanly("send_file_readX sendfile failed");
3284 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3285 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3287 /* Deal with possible short send. */
3288 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3289 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3292 /* No outbuf here means successful sendfile. */
3293 TALLOC_FREE(req->outbuf);
3300 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3301 uint8 headerbuf[smb_size + 2*12];
3303 construct_reply_common_req(req, (char *)headerbuf);
3304 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3306 /* Send out the header. */
3307 if (write_data(smbd_server_fd(), (char *)headerbuf,
3308 sizeof(headerbuf)) != sizeof(headerbuf)) {
3309 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3310 fsp->fsp_name, strerror(errno) ));
3311 exit_server_cleanly("send_file_readX sendfile failed");
3313 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3315 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3316 fsp->fsp_name, strerror(errno) ));
3317 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3319 TALLOC_FREE(req->outbuf);
3323 reply_outbuf(req, 12, smb_maxcnt);
3325 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3327 reply_unixerror(req, ERRDOS, ERRnoaccess);
3331 setup_readX_header(req, (char *)req->outbuf, nread);
3333 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3334 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3339 /****************************************************************************
3340 Reply to a read and X.
3341 ****************************************************************************/
3343 void reply_read_and_X(struct smb_request *req)
3345 connection_struct *conn = req->conn;
3349 bool big_readX = False;
3351 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3354 START_PROFILE(SMBreadX);
3356 if ((req->wct != 10) && (req->wct != 12)) {
3357 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3361 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3362 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3363 smb_maxcnt = SVAL(req->vwv+5, 0);
3365 /* If it's an IPC, pass off the pipe handler. */
3367 reply_pipe_read_and_X(req);
3368 END_PROFILE(SMBreadX);
3372 if (!check_fsp(conn, req, fsp)) {
3373 END_PROFILE(SMBreadX);
3377 if (!CHECK_READ(fsp,req)) {
3378 reply_doserror(req, ERRDOS,ERRbadaccess);
3379 END_PROFILE(SMBreadX);
3383 if (global_client_caps & CAP_LARGE_READX) {
3384 size_t upper_size = SVAL(req->vwv+7, 0);
3385 smb_maxcnt |= (upper_size<<16);
3386 if (upper_size > 1) {
3387 /* Can't do this on a chained packet. */
3388 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3389 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3390 END_PROFILE(SMBreadX);
3393 /* We currently don't do this on signed or sealed data. */
3394 if (srv_is_signing_active() || is_encrypted_packet(req->inbuf)) {
3395 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3396 END_PROFILE(SMBreadX);
3399 /* Is there room in the reply for this data ? */
3400 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3402 NT_STATUS_INVALID_PARAMETER);
3403 END_PROFILE(SMBreadX);
3410 if (req->wct == 12) {
3411 #ifdef LARGE_SMB_OFF_T
3413 * This is a large offset (64 bit) read.
3415 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3417 #else /* !LARGE_SMB_OFF_T */
3420 * Ensure we haven't been sent a >32 bit offset.
3423 if(IVAL(req->vwv+10, 0) != 0) {
3424 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3425 "used and we don't support 64 bit offsets.\n",
3426 (unsigned int)IVAL(req->vwv+10, 0) ));
3427 END_PROFILE(SMBreadX);
3428 reply_doserror(req, ERRDOS, ERRbadaccess);
3432 #endif /* LARGE_SMB_OFF_T */
3436 if (is_locked(fsp, (uint32)req->smbpid, (uint64_t)smb_maxcnt,
3437 (uint64_t)startpos, READ_LOCK)) {
3438 END_PROFILE(SMBreadX);
3439 reply_doserror(req, ERRDOS, ERRlock);
3444 schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
3445 END_PROFILE(SMBreadX);
3449 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3451 END_PROFILE(SMBreadX);
3455 /****************************************************************************
3456 Error replies to writebraw must have smb_wct == 1. Fix this up.
3457 ****************************************************************************/
3459 void error_to_writebrawerr(struct smb_request *req)
3461 uint8 *old_outbuf = req->outbuf;
3463 reply_outbuf(req, 1, 0);
3465 memcpy(req->outbuf, old_outbuf, smb_size);
3466 TALLOC_FREE(old_outbuf);
3469 /****************************************************************************
3470 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3471 ****************************************************************************/
3473 void reply_writebraw(struct smb_request *req)
3475 connection_struct *conn = req->conn;
3478 ssize_t total_written=0;
3479 size_t numtowrite=0;
3487 START_PROFILE(SMBwritebraw);
3490 * If we ever reply with an error, it must have the SMB command
3491 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3494 SCVAL(req->inbuf,smb_com,SMBwritec);
3496 if (srv_is_signing_active()) {
3497 END_PROFILE(SMBwritebraw);
3498 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3499 "raw reads/writes are disallowed.");
3502 if (req->wct < 12) {
3503 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3504 error_to_writebrawerr(req);
3505 END_PROFILE(SMBwritebraw);
3509 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3510 if (!check_fsp(conn, req, fsp)) {
3511 error_to_writebrawerr(req);
3512 END_PROFILE(SMBwritebraw);
3516 if (!CHECK_WRITE(fsp)) {
3517 reply_doserror(req, ERRDOS, ERRbadaccess);
3518 error_to_writebrawerr(req);
3519 END_PROFILE(SMBwritebraw);
3523 tcount = IVAL(req->vwv+1, 0);
3524 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3525 write_through = BITSETW(req->vwv+7,0);
3527 /* We have to deal with slightly different formats depending
3528 on whether we are using the core+ or lanman1.0 protocol */
3530 if(Protocol <= PROTOCOL_COREPLUS) {
3531 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3532 data = smb_buf(req->inbuf);
3534 numtowrite = SVAL(req->vwv+10, 0);
3535 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3538 /* Ensure we don't write bytes past the end of this packet. */
3539 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3540 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3541 error_to_writebrawerr(req);
3542 END_PROFILE(SMBwritebraw);
3546 if (is_locked(fsp,(uint32)req->smbpid,(uint64_t)tcount,
3547 (uint64_t)startpos, WRITE_LOCK)) {
3548 reply_doserror(req, ERRDOS, ERRlock);
3549 error_to_writebrawerr(req);
3550 END_PROFILE(SMBwritebraw);
3555 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3558 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3559 "wrote=%d sync=%d\n",
3560 fsp->fnum, (double)startpos, (int)numtowrite,
3561 (int)nwritten, (int)write_through));
3563 if (nwritten < (ssize_t)numtowrite) {
3564 reply_unixerror(req, ERRHRD, ERRdiskfull);
3565 error_to_writebrawerr(req);
3566 END_PROFILE(SMBwritebraw);
3570 total_written = nwritten;
3572 /* Allocate a buffer of 64k + length. */
3573 buf = TALLOC_ARRAY(NULL, char, 65540);
3575 reply_doserror(req, ERRDOS, ERRnomem);
3576 error_to_writebrawerr(req);
3577 END_PROFILE(SMBwritebraw);
3581 /* Return a SMBwritebraw message to the redirector to tell
3582 * it to send more bytes */
3584 memcpy(buf, req->inbuf, smb_size);
3585 srv_set_message(buf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3586 SCVAL(buf,smb_com,SMBwritebraw);
3587 SSVALS(buf,smb_vwv0,0xFFFF);
3589 if (!srv_send_smb(smbd_server_fd(),
3591 IS_CONN_ENCRYPTED(conn))) {
3592 exit_server_cleanly("reply_writebraw: srv_send_smb "
3596 /* Now read the raw data into the buffer and write it */
3597 status = read_smb_length(smbd_server_fd(), buf, SMB_SECONDARY_WAIT,
3599 if (!NT_STATUS_IS_OK(status)) {
3600 exit_server_cleanly("secondary writebraw failed");
3603 /* Set up outbuf to return the correct size */
3604 reply_outbuf(req, 1, 0);
3606 if (numtowrite != 0) {
3608 if (numtowrite > 0xFFFF) {
3609 DEBUG(0,("reply_writebraw: Oversize secondary write "
3610 "raw requested (%u). Terminating\n",
3611 (unsigned int)numtowrite ));
3612 exit_server_cleanly("secondary writebraw failed");
3615 if (tcount > nwritten+numtowrite) {
3616 DEBUG(3,("reply_writebraw: Client overestimated the "
3618 (int)tcount,(int)nwritten,(int)numtowrite));
3621 status = read_data(smbd_server_fd(), buf+4, numtowrite);
3623 if (!NT_STATUS_IS_OK(status)) {
3624 DEBUG(0,("reply_writebraw: Oversize secondary write "
3625 "raw read failed (%s). Terminating\n",
3626 nt_errstr(status)));
3627 exit_server_cleanly("secondary writebraw failed");
3630 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
3631 if (nwritten == -1) {
3633 reply_unixerror(req, ERRHRD, ERRdiskfull);
3634 error_to_writebrawerr(req);
3635 END_PROFILE(SMBwritebraw);
3639 if (nwritten < (ssize_t)numtowrite) {
3640 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3641 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3645 total_written += nwritten;
3650 SSVAL(req->outbuf,smb_vwv0,total_written);
3652 status = sync_file(conn, fsp, write_through);
3653 if (!NT_STATUS_IS_OK(status)) {
3654 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3655 fsp->fsp_name, nt_errstr(status) ));
3656 reply_nterror(req, status);
3657 error_to_writebrawerr(req);
3658 END_PROFILE(SMBwritebraw);
3662 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3664 fsp->fnum, (double)startpos, (int)numtowrite,
3665 (int)total_written));
3667 /* We won't return a status if write through is not selected - this
3668 * follows what WfWg does */
3669 END_PROFILE(SMBwritebraw);
3671 if (!write_through && total_written==tcount) {
3673 #if RABBIT_PELLET_FIX
3675 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3676 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3679 if (!send_keepalive(smbd_server_fd())) {
3680 exit_server_cleanly("reply_writebraw: send of "
3681 "keepalive failed");
3684 TALLOC_FREE(req->outbuf);
3690 #define DBGC_CLASS DBGC_LOCKING
3692 /****************************************************************************
3693 Reply to a writeunlock (core+).
3694 ****************************************************************************/
3696 void reply_writeunlock(struct smb_request *req)
3698 connection_struct *conn = req->conn;
3699 ssize_t nwritten = -1;
3703 NTSTATUS status = NT_STATUS_OK;
3706 START_PROFILE(SMBwriteunlock);
3709 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3710 END_PROFILE(SMBwriteunlock);
3714 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3716 if (!check_fsp(conn, req, fsp)) {
3717 END_PROFILE(SMBwriteunlock);
3721 if (!CHECK_WRITE(fsp)) {
3722 reply_doserror(req, ERRDOS,ERRbadaccess);
3723 END_PROFILE(SMBwriteunlock);
3727 numtowrite = SVAL(req->vwv+1, 0);
3728 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3729 data = (const char *)req->buf + 3;
3732 && is_locked(fsp, (uint32)req->smbpid, (uint64_t)numtowrite,
3733 (uint64_t)startpos, WRITE_LOCK)) {
3734 reply_doserror(req, ERRDOS, ERRlock);
3735 END_PROFILE(SMBwriteunlock);
3739 /* The special X/Open SMB protocol handling of
3740 zero length writes is *NOT* done for
3742 if(numtowrite == 0) {
3745 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3748 status = sync_file(conn, fsp, False /* write through */);
3749 if (!NT_STATUS_IS_OK(status)) {
3750 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3751 fsp->fsp_name, nt_errstr(status) ));
3752 reply_nterror(req, status);
3753 END_PROFILE(SMBwriteunlock);
3757 if(((nwritten < numtowrite) && (numtowrite != 0))||(nwritten < 0)) {
3758 reply_unixerror(req, ERRHRD, ERRdiskfull);
3759 END_PROFILE(SMBwriteunlock);
3764 status = do_unlock(smbd_messaging_context(),
3767 (uint64_t)numtowrite,
3771 if (NT_STATUS_V(status)) {
3772 reply_nterror(req, status);
3773 END_PROFILE(SMBwriteunlock);
3778 reply_outbuf(req, 1, 0);
3780 SSVAL(req->outbuf,smb_vwv0,nwritten);
3782 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3783 fsp->fnum, (int)numtowrite, (int)nwritten));
3785 END_PROFILE(SMBwriteunlock);
3790 #define DBGC_CLASS DBGC_ALL
3792 /****************************************************************************
3794 ****************************************************************************/
3796 void reply_write(struct smb_request *req)
3798 connection_struct *conn = req->conn;
3800 ssize_t nwritten = -1;
3806 START_PROFILE(SMBwrite);
3809 END_PROFILE(SMBwrite);
3810 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3814 /* If it's an IPC, pass off the pipe handler. */
3816 reply_pipe_write(req);
3817 END_PROFILE(SMBwrite);
3821 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3823 if (!check_fsp(conn, req, fsp)) {
3824 END_PROFILE(SMBwrite);
3828 if (!CHECK_WRITE(fsp)) {
3829 reply_doserror(req, ERRDOS, ERRbadaccess);
3830 END_PROFILE(SMBwrite);
3834 numtowrite = SVAL(req->vwv+1, 0);
3835 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3836 data = (const char *)req->buf + 3;
3838 if (is_locked(fsp, (uint32)req->smbpid, (uint64_t)numtowrite,
3839 (uint64_t)startpos, WRITE_LOCK)) {
3840 reply_doserror(req, ERRDOS, ERRlock);
3841 END_PROFILE(SMBwrite);
3846 * X/Open SMB protocol says that if smb_vwv1 is
3847 * zero then the file size should be extended or
3848 * truncated to the size given in smb_vwv[2-3].
3851 if(numtowrite == 0) {
3853 * This is actually an allocate call, and set EOF. JRA.
3855 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
3857 reply_nterror(req, NT_STATUS_DISK_FULL);
3858 END_PROFILE(SMBwrite);
3861 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
3863 reply_nterror(req, NT_STATUS_DISK_FULL);
3864 END_PROFILE(SMBwrite);
3867 trigger_write_time_update_immediate(fsp);
3869 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3872 status = sync_file(conn, fsp, False);
3873 if (!NT_STATUS_IS_OK(status)) {
3874 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3875 fsp->fsp_name, nt_errstr(status) ));
3876 reply_nterror(req, status);
3877 END_PROFILE(SMBwrite);
3881 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3882 reply_unixerror(req, ERRHRD, ERRdiskfull);
3883 END_PROFILE(SMBwrite);
3887 reply_outbuf(req, 1, 0);
3889 SSVAL(req->outbuf,smb_vwv0,nwritten);
3891 if (nwritten < (ssize_t)numtowrite) {
3892 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3893 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3896 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3898 END_PROFILE(SMBwrite);
3902 /****************************************************************************
3903 Ensure a buffer is a valid writeX for recvfile purposes.
3904 ****************************************************************************/
3906 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
3907 (2*14) + /* word count (including bcc) */ \
3910 bool is_valid_writeX_buffer(const uint8_t *inbuf)
3913 connection_struct *conn = NULL;
3914 unsigned int doff = 0;
3915 size_t len = smb_len_large(inbuf);
3917 if (is_encrypted_packet(inbuf)) {
3918 /* Can't do this on encrypted
3923 if (CVAL(inbuf,smb_com) != SMBwriteX) {
3927 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
3928 CVAL(inbuf,smb_wct) != 14) {
3929 DEBUG(10,("is_valid_writeX_buffer: chained or "
3930 "invalid word length.\n"));
3934 conn = conn_find(SVAL(inbuf, smb_tid));
3936 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
3940 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
3943 if (IS_PRINT(conn)) {
3944 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
3947 doff = SVAL(inbuf,smb_vwv11);
3949 numtowrite = SVAL(inbuf,smb_vwv10);
3951 if (len > doff && len - doff > 0xFFFF) {
3952 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
3955 if (numtowrite == 0) {
3956 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
3960 /* Ensure the sizes match up. */
3961 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
3962 /* no pad byte...old smbclient :-( */
3963 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
3965 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
3969 if (len - doff != numtowrite) {
3970 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
3971 "len = %u, doff = %u, numtowrite = %u\n",
3974 (unsigned int)numtowrite ));
3978 DEBUG(10,("is_valid_writeX_buffer: true "
3979 "len = %u, doff = %u, numtowrite = %u\n",
3982 (unsigned int)numtowrite ));
3987 /****************************************************************************
3988 Reply to a write and X.
3989 ****************************************************************************/
3991 void reply_write_and_X(struct smb_request *req)
3993 connection_struct *conn = req->conn;
3999 unsigned int smb_doff;
4000 unsigned int smblen;
4004 START_PROFILE(SMBwriteX);
4006 if ((req->wct != 12) && (req->wct != 14)) {
4007 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4008 END_PROFILE(SMBwriteX);
4012 numtowrite = SVAL(req->vwv+10, 0);
4013 smb_doff = SVAL(req->vwv+11, 0);
4014 smblen = smb_len(req->inbuf);
4016 if (req->unread_bytes > 0xFFFF ||
4017 (smblen > smb_doff &&
4018 smblen - smb_doff > 0xFFFF)) {
4019 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4022 if (req->unread_bytes) {
4023 /* Can't do a recvfile write on IPC$ */
4025 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4026 END_PROFILE(SMBwriteX);
4029 if (numtowrite != req->unread_bytes) {
4030 reply_doserror(req, ERRDOS, ERRbadmem);
4031 END_PROFILE(SMBwriteX);
4035 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4036 smb_doff + numtowrite > smblen) {
4037 reply_doserror(req, ERRDOS, ERRbadmem);
4038 END_PROFILE(SMBwriteX);
4043 /* If it's an IPC, pass off the pipe handler. */
4045 if (req->unread_bytes) {
4046 reply_doserror(req, ERRDOS, ERRbadmem);
4047 END_PROFILE(SMBwriteX);
4050 reply_pipe_write_and_X(req);
4051 END_PROFILE(SMBwriteX);
4055 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4056 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4057 write_through = BITSETW(req->vwv+7,0);
4059 if (!check_fsp(conn, req, fsp)) {
4060 END_PROFILE(SMBwriteX);
4064 if (!CHECK_WRITE(fsp)) {
4065 reply_doserror(req, ERRDOS, ERRbadaccess);
4066 END_PROFILE(SMBwriteX);
4070 data = smb_base(req->inbuf) + smb_doff;
4072 if(req->wct == 14) {
4073 #ifdef LARGE_SMB_OFF_T
4075 * This is a large offset (64 bit) write.
4077 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4079 #else /* !LARGE_SMB_OFF_T */
4082 * Ensure we haven't been sent a >32 bit offset.
4085 if(IVAL(req->vwv+12, 0) != 0) {
4086 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4087 "used and we don't support 64 bit offsets.\n",
4088 (unsigned int)IVAL(req->vwv+12, 0) ));
4089 reply_doserror(req, ERRDOS, ERRbadaccess);
4090 END_PROFILE(SMBwriteX);
4094 #endif /* LARGE_SMB_OFF_T */
4097 if (is_locked(fsp,(uint32)req->smbpid,
4098 (uint64_t)numtowrite,
4099 (uint64_t)startpos, WRITE_LOCK)) {
4100 reply_doserror(req, ERRDOS, ERRlock);
4101 END_PROFILE(SMBwriteX);
4105 /* X/Open SMB protocol says that, unlike SMBwrite
4106 if the length is zero then NO truncation is
4107 done, just a write of zero. To truncate a file,
4110 if(numtowrite == 0) {
4114 if ((req->unread_bytes == 0) &&
4115 schedule_aio_write_and_X(conn, req, fsp, data, startpos,
4117 END_PROFILE(SMBwriteX);
4121 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4124 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4125 reply_unixerror(req, ERRHRD, ERRdiskfull);
4126 END_PROFILE(SMBwriteX);
4130 reply_outbuf(req, 6, 0);
4131 SSVAL(req->outbuf,smb_vwv2,nwritten);
4132 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4134 if (nwritten < (ssize_t)numtowrite) {
4135 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4136 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4139 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4140 fsp->fnum, (int)numtowrite, (int)nwritten));
4142 status = sync_file(conn, fsp, write_through);
4143 if (!NT_STATUS_IS_OK(status)) {
4144 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4145 fsp->fsp_name, nt_errstr(status) ));
4146 reply_nterror(req, status);
4147 END_PROFILE(SMBwriteX);
4151 END_PROFILE(SMBwriteX);
4156 /****************************************************************************
4158 ****************************************************************************/
4160 void reply_lseek(struct smb_request *req)
4162 connection_struct *conn = req->conn;
4168 START_PROFILE(SMBlseek);
4171 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4172 END_PROFILE(SMBlseek);
4176 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4178 if (!check_fsp(conn, req, fsp)) {
4182 flush_write_cache(fsp, SEEK_FLUSH);
4184 mode = SVAL(req->vwv+1, 0) & 3;
4185 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4186 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4195 res = fsp->fh->pos + startpos;
4206 if (umode == SEEK_END) {
4207 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4208 if(errno == EINVAL) {
4209 SMB_OFF_T current_pos = startpos;
4210 SMB_STRUCT_STAT sbuf;
4212 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
4213 reply_unixerror(req, ERRDOS,
4215 END_PROFILE(SMBlseek);
4219 current_pos += sbuf.st_size;
4221 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4226 reply_unixerror(req, ERRDOS, ERRnoaccess);
4227 END_PROFILE(SMBlseek);
4234 reply_outbuf(req, 2, 0);
4235 SIVAL(req->outbuf,smb_vwv0,res);
4237 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4238 fsp->fnum, (double)startpos, (double)res, mode));
4240 END_PROFILE(SMBlseek);
4244 /****************************************************************************
4246 ****************************************************************************/
4248 void reply_flush(struct smb_request *req)
4250 connection_struct *conn = req->conn;
4254 START_PROFILE(SMBflush);
4257 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4261 fnum = SVAL(req->vwv+0, 0);
4262 fsp = file_fsp(req, fnum);
4264 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4269 file_sync_all(conn);
4271 NTSTATUS status = sync_file(conn, fsp, True);
4272 if (!NT_STATUS_IS_OK(status)) {
4273 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4274 fsp->fsp_name, nt_errstr(status) ));
4275 reply_nterror(req, status);
4276 END_PROFILE(SMBflush);
4281 reply_outbuf(req, 0, 0);
4283 DEBUG(3,("flush\n"));
4284 END_PROFILE(SMBflush);
4288 /****************************************************************************
4290 conn POINTER CAN BE NULL HERE !
4291 ****************************************************************************/
4293 void reply_exit(struct smb_request *req)
4295 START_PROFILE(SMBexit);
4297 file_close_pid(req->smbpid, req->vuid);
4299 reply_outbuf(req, 0, 0);
4301 DEBUG(3,("exit\n"));
4303 END_PROFILE(SMBexit);
4307 /****************************************************************************
4308 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4309 ****************************************************************************/
4311 void reply_close(struct smb_request *req)
4313 connection_struct *conn = req->conn;
4314 NTSTATUS status = NT_STATUS_OK;
4315 files_struct *fsp = NULL;
4316 START_PROFILE(SMBclose);
4319 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4320 END_PROFILE(SMBclose);
4324 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4327 * We can only use check_fsp if we know it's not a directory.
4330 if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) {
4331 reply_doserror(req, ERRDOS, ERRbadfid);
4332 END_PROFILE(SMBclose);
4336 if(fsp->is_directory) {
4338 * Special case - close NT SMB directory handle.
4340 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4341 status = close_file(req, fsp, NORMAL_CLOSE);
4345 * Close ordinary file.
4348 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4349 fsp->fh->fd, fsp->fnum,
4350 conn->num_files_open));
4353 * Take care of any time sent in the close.
4356 t = srv_make_unix_date3(req->vwv+1);
4357 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4360 * close_file() returns the unix errno if an error
4361 * was detected on close - normally this is due to
4362 * a disk full error. If not then it was probably an I/O error.
4365 status = close_file(req, fsp, NORMAL_CLOSE);
4368 if (!NT_STATUS_IS_OK(status)) {
4369 reply_nterror(req, status);
4370 END_PROFILE(SMBclose);
4374 reply_outbuf(req, 0, 0);
4375 END_PROFILE(SMBclose);
4379 /****************************************************************************
4380 Reply to a writeclose (Core+ protocol).
4381 ****************************************************************************/
4383 void reply_writeclose(struct smb_request *req)
4385 connection_struct *conn = req->conn;
4387 ssize_t nwritten = -1;
4388 NTSTATUS close_status = NT_STATUS_OK;
4391 struct timespec mtime;
4394 START_PROFILE(SMBwriteclose);
4397 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4398 END_PROFILE(SMBwriteclose);
4402 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4404 if (!check_fsp(conn, req, fsp)) {
4405 END_PROFILE(SMBwriteclose);
4408 if (!CHECK_WRITE(fsp)) {
4409 reply_doserror(req, ERRDOS,ERRbadaccess);
4410 END_PROFILE(SMBwriteclose);
4414 numtowrite = SVAL(req->vwv+1, 0);
4415 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4416 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4417 data = (const char *)req->buf + 1;
4420 && is_locked(fsp, (uint32)req->smbpid, (uint64_t)numtowrite,
4421 (uint64_t)startpos, WRITE_LOCK)) {
4422 reply_doserror(req, ERRDOS,ERRlock);
4423 END_PROFILE(SMBwriteclose);
4427 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4429 set_close_write_time(fsp, mtime);
4432 * More insanity. W2K only closes the file if writelen > 0.
4437 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4439 close_status = close_file(req, fsp, NORMAL_CLOSE);
4442 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4443 fsp->fnum, (int)numtowrite, (int)nwritten,
4444 conn->num_files_open));
4446 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4447 reply_doserror(req, ERRHRD, ERRdiskfull);
4448 END_PROFILE(SMBwriteclose);
4452 if(!NT_STATUS_IS_OK(close_status)) {
4453 reply_nterror(req, close_status);
4454 END_PROFILE(SMBwriteclose);
4458 reply_outbuf(req, 1, 0);
4460 SSVAL(req->outbuf,smb_vwv0,nwritten);
4461 END_PROFILE(SMBwriteclose);
4466 #define DBGC_CLASS DBGC_LOCKING
4468 /****************************************************************************
4470 ****************************************************************************/
4472 void reply_lock(struct smb_request *req)
4474 connection_struct *conn = req->conn;
4475 uint64_t count,offset;
4478 struct byte_range_lock *br_lck = NULL;
4480 START_PROFILE(SMBlock);
4483 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4484 END_PROFILE(SMBlock);
4488 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4490 if (!check_fsp(conn, req, fsp)) {
4491 END_PROFILE(SMBlock);
4495 release_level_2_oplocks_on_change(fsp);
4497 count = (uint64_t)IVAL(req->vwv+1, 0);
4498 offset = (uint64_t)IVAL(req->vwv+3, 0);
4500 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4501 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
4503 br_lck = do_lock(smbd_messaging_context(),
4510 False, /* Non-blocking lock. */
4514 TALLOC_FREE(br_lck);
4516 if (NT_STATUS_V(status)) {
4517 reply_nterror(req, status);
4518 END_PROFILE(SMBlock);
4522 reply_outbuf(req, 0, 0);
4524 END_PROFILE(SMBlock);
4528 /****************************************************************************
4530 ****************************************************************************/
4532 void reply_unlock(struct smb_request *req)
4534 connection_struct *conn = req->conn;
4535 uint64_t count,offset;
4539 START_PROFILE(SMBunlock);
4542 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4543 END_PROFILE(SMBunlock);
4547 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4549 if (!check_fsp(conn, req, fsp)) {
4550 END_PROFILE(SMBunlock);
4554 count = (uint64_t)IVAL(req->vwv+1, 0);
4555 offset = (uint64_t)IVAL(req->vwv+3, 0);
4557 status = do_unlock(smbd_messaging_context(),
4564 if (NT_STATUS_V(status)) {
4565 reply_nterror(req, status);
4566 END_PROFILE(SMBunlock);
4570 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4571 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
4573 reply_outbuf(req, 0, 0);
4575 END_PROFILE(SMBunlock);
4580 #define DBGC_CLASS DBGC_ALL
4582 /****************************************************************************
4584 conn POINTER CAN BE NULL HERE !
4585 ****************************************************************************/
4587 void reply_tdis(struct smb_request *req)
4589 connection_struct *conn = req->conn;
4590 START_PROFILE(SMBtdis);
4593 DEBUG(4,("Invalid connection in tdis\n"));
4594 reply_doserror(req, ERRSRV, ERRinvnid);
4595 END_PROFILE(SMBtdis);
4601 close_cnum(conn,req->vuid);
4604 reply_outbuf(req, 0, 0);
4605 END_PROFILE(SMBtdis);
4609 /****************************************************************************
4611 conn POINTER CAN BE NULL HERE !
4612 ****************************************************************************/
4614 void reply_echo(struct smb_request *req)
4616 connection_struct *conn = req->conn;
4620 START_PROFILE(SMBecho);
4623 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4624 END_PROFILE(SMBecho);
4628 smb_reverb = SVAL(req->vwv+0, 0);
4630 reply_outbuf(req, 1, req->buflen);
4632 /* copy any incoming data back out */
4633 if (req->buflen > 0) {
4634 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
4637 if (smb_reverb > 100) {
4638 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
4642 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
4643 SSVAL(req->outbuf,smb_vwv0,seq_num);
4645 show_msg((char *)req->outbuf);
4646 if (!srv_send_smb(smbd_server_fd(),
4647 (char *)req->outbuf,
4648 IS_CONN_ENCRYPTED(conn)||req->encrypted))
4649 exit_server_cleanly("reply_echo: srv_send_smb failed.");
4652 DEBUG(3,("echo %d times\n", smb_reverb));
4654 TALLOC_FREE(req->outbuf);
4656 END_PROFILE(SMBecho);
4660 /****************************************************************************
4661 Reply to a printopen.
4662 ****************************************************************************/
4664 void reply_printopen(struct smb_request *req)
4666 connection_struct *conn = req->conn;
4668 SMB_STRUCT_STAT sbuf;
4671 START_PROFILE(SMBsplopen);
4674 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4675 END_PROFILE(SMBsplopen);
4679 if (!CAN_PRINT(conn)) {
4680 reply_doserror(req, ERRDOS, ERRnoaccess);
4681 END_PROFILE(SMBsplopen);
4685 status = file_new(req, conn, &fsp);
4686 if(!NT_STATUS_IS_OK(status)) {
4687 reply_nterror(req, status);
4688 END_PROFILE(SMBsplopen);
4692 /* Open for exclusive use, write only. */
4693 status = print_fsp_open(req, conn, NULL, req->vuid, fsp, &sbuf);
4695 if (!NT_STATUS_IS_OK(status)) {
4696 reply_nterror(req, status);
4697 END_PROFILE(SMBsplopen);
4701 reply_outbuf(req, 1, 0);
4702 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
4704 DEBUG(3,("openprint fd=%d fnum=%d\n",
4705 fsp->fh->fd, fsp->fnum));
4707 END_PROFILE(SMBsplopen);
4711 /****************************************************************************
4712 Reply to a printclose.
4713 ****************************************************************************/
4715 void reply_printclose(struct smb_request *req)
4717 connection_struct *conn = req->conn;
4721 START_PROFILE(SMBsplclose);
4724 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4725 END_PROFILE(SMBsplclose);
4729 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4731 if (!check_fsp(conn, req, fsp)) {
4732 END_PROFILE(SMBsplclose);
4736 if (!CAN_PRINT(conn)) {
4737 reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRerror));
4738 END_PROFILE(SMBsplclose);
4742 DEBUG(3,("printclose fd=%d fnum=%d\n",
4743 fsp->fh->fd,fsp->fnum));
4745 status = close_file(req, fsp, NORMAL_CLOSE);
4747 if(!NT_STATUS_IS_OK(status)) {
4748 reply_nterror(req, status);
4749 END_PROFILE(SMBsplclose);
4753 reply_outbuf(req, 0, 0);
4755 END_PROFILE(SMBsplclose);
4759 /****************************************************************************
4760 Reply to a printqueue.
4761 ****************************************************************************/
4763 void reply_printqueue(struct smb_request *req)
4765 connection_struct *conn = req->conn;
4769 START_PROFILE(SMBsplretq);
4772 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4773 END_PROFILE(SMBsplretq);
4777 max_count = SVAL(req->vwv+0, 0);
4778 start_index = SVAL(req->vwv+1, 0);
4780 /* we used to allow the client to get the cnum wrong, but that
4781 is really quite gross and only worked when there was only
4782 one printer - I think we should now only accept it if they
4783 get it right (tridge) */
4784 if (!CAN_PRINT(conn)) {
4785 reply_doserror(req, ERRDOS, ERRnoaccess);
4786 END_PROFILE(SMBsplretq);
4790 reply_outbuf(req, 2, 3);
4791 SSVAL(req->outbuf,smb_vwv0,0);
4792 SSVAL(req->outbuf,smb_vwv1,0);
4793 SCVAL(smb_buf(req->outbuf),0,1);
4794 SSVAL(smb_buf(req->outbuf),1,0);
4796 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4797 start_index, max_count));
4800 print_queue_struct *queue = NULL;
4801 print_status_struct status;
4802 int count = print_queue_status(SNUM(conn), &queue, &status);
4803 int num_to_get = ABS(max_count);
4804 int first = (max_count>0?start_index:start_index+max_count+1);
4810 num_to_get = MIN(num_to_get,count-first);
4813 for (i=first;i<first+num_to_get;i++) {
4817 srv_put_dos_date2(p,0,queue[i].time);
4818 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
4819 SSVAL(p,5, queue[i].job);
4820 SIVAL(p,7,queue[i].size);
4822 srvstr_push(blob, req->flags2, p+12,
4823 queue[i].fs_user, 16, STR_ASCII);
4825 if (message_push_blob(
4828 blob, sizeof(blob))) == -1) {
4829 reply_nterror(req, NT_STATUS_NO_MEMORY);
4830 END_PROFILE(SMBsplretq);
4836 SSVAL(req->outbuf,smb_vwv0,count);
4837 SSVAL(req->outbuf,smb_vwv1,
4838 (max_count>0?first+count:first-1));
4839 SCVAL(smb_buf(req->outbuf),0,1);
4840 SSVAL(smb_buf(req->outbuf),1,28*count);
4845 DEBUG(3,("%d entries returned in queue\n",count));
4848 END_PROFILE(SMBsplretq);
4852 /****************************************************************************
4853 Reply to a printwrite.
4854 ****************************************************************************/
4856 void reply_printwrite(struct smb_request *req)
4858 connection_struct *conn = req->conn;
4863 START_PROFILE(SMBsplwr);
4866 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4867 END_PROFILE(SMBsplwr);
4871 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4873 if (!check_fsp(conn, req, fsp)) {
4874 END_PROFILE(SMBsplwr);
4878 if (!CAN_PRINT(conn)) {
4879 reply_doserror(req, ERRDOS, ERRnoaccess);
4880 END_PROFILE(SMBsplwr);
4884 if (!CHECK_WRITE(fsp)) {
4885 reply_doserror(req, ERRDOS, ERRbadaccess);
4886 END_PROFILE(SMBsplwr);
4890 numtowrite = SVAL(req->buf, 1);
4892 if (req->buflen < numtowrite + 3) {
4893 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4894 END_PROFILE(SMBsplwr);
4898 data = (const char *)req->buf + 3;
4900 if (write_file(req,fsp,data,-1,numtowrite) != numtowrite) {
4901 reply_unixerror(req, ERRHRD, ERRdiskfull);
4902 END_PROFILE(SMBsplwr);
4906 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
4908 END_PROFILE(SMBsplwr);
4912 /****************************************************************************
4914 ****************************************************************************/
4916 void reply_mkdir(struct smb_request *req)
4918 connection_struct *conn = req->conn;
4919 char *directory = NULL;
4921 SMB_STRUCT_STAT sbuf;
4922 TALLOC_CTX *ctx = talloc_tos();
4924 START_PROFILE(SMBmkdir);
4926 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
4927 STR_TERMINATE, &status);
4928 if (!NT_STATUS_IS_OK(status)) {
4929 reply_nterror(req, status);
4930 END_PROFILE(SMBmkdir);
4934 status = resolve_dfspath(ctx, conn,
4935 req->flags2 & FLAGS2_DFS_PATHNAMES,
4938 if (!NT_STATUS_IS_OK(status)) {
4939 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4940 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4941 ERRSRV, ERRbadpath);
4942 END_PROFILE(SMBmkdir);
4945 reply_nterror(req, status);
4946 END_PROFILE(SMBmkdir);
4950 status = unix_convert(ctx, conn, directory, False, &directory, NULL, &sbuf);
4951 if (!NT_STATUS_IS_OK(status)) {
4952 reply_nterror(req, status);
4953 END_PROFILE(SMBmkdir);
4957 status = check_name(conn, directory);
4958 if (!NT_STATUS_IS_OK(status)) {
4959 reply_nterror(req, status);
4960 END_PROFILE(SMBmkdir);
4964 status = create_directory(conn, req, directory);
4966 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
4968 if (!NT_STATUS_IS_OK(status)) {
4970 if (!use_nt_status()
4971 && NT_STATUS_EQUAL(status,
4972 NT_STATUS_OBJECT_NAME_COLLISION)) {
4974 * Yes, in the DOS error code case we get a
4975 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
4976 * samba4 torture test.
4978 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
4981 reply_nterror(req, status);
4982 END_PROFILE(SMBmkdir);
4986 reply_outbuf(req, 0, 0);
4988 DEBUG( 3, ( "mkdir %s\n", directory ) );
4990 END_PROFILE(SMBmkdir);
4994 /****************************************************************************
4995 Static function used by reply_rmdir to delete an entire directory
4996 tree recursively. Return True on ok, False on fail.
4997 ****************************************************************************/
4999 static bool recursive_rmdir(TALLOC_CTX *ctx,
5000 connection_struct *conn,
5003 const char *dname = NULL;
5006 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn, directory,
5012 while((dname = ReadDirName(dir_hnd, &offset))) {
5013 char *fullname = NULL;
5016 if (ISDOT(dname) || ISDOTDOT(dname)) {
5020 if (!is_visible_file(conn, directory, dname, &st, False)) {
5024 /* Construct the full name. */
5025 fullname = talloc_asprintf(ctx,
5035 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
5040 if(st.st_mode & S_IFDIR) {
5041 if(!recursive_rmdir(ctx, conn, fullname)) {
5045 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5049 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5053 TALLOC_FREE(fullname);
5055 TALLOC_FREE(dir_hnd);
5059 /****************************************************************************
5060 The internals of the rmdir code - called elsewhere.
5061 ****************************************************************************/
5063 NTSTATUS rmdir_internals(TALLOC_CTX *ctx,
5064 connection_struct *conn,
5065 const char *directory)
5070 /* Might be a symlink. */
5071 if(SMB_VFS_LSTAT(conn, directory, &st) != 0) {
5072 return map_nt_error_from_unix(errno);
5075 if (S_ISLNK(st.st_mode)) {
5076 /* Is what it points to a directory ? */
5077 if(SMB_VFS_STAT(conn, directory, &st) != 0) {
5078 return map_nt_error_from_unix(errno);
5080 if (!(S_ISDIR(st.st_mode))) {
5081 return NT_STATUS_NOT_A_DIRECTORY;
5083 ret = SMB_VFS_UNLINK(conn,directory);
5085 ret = SMB_VFS_RMDIR(conn,directory);
5088 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5089 FILE_NOTIFY_CHANGE_DIR_NAME,
5091 return NT_STATUS_OK;
5094 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
5096 * Check to see if the only thing in this directory are
5097 * vetoed files/directories. If so then delete them and
5098 * retry. If we fail to delete any of them (and we *don't*
5099 * do a recursive delete) then fail the rmdir.
5103 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn,
5104 directory, NULL, 0);
5106 if(dir_hnd == NULL) {
5111 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
5112 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
5114 if (!is_visible_file(conn, directory, dname, &st, False))
5116 if(!IS_VETO_PATH(conn, dname)) {
5117 TALLOC_FREE(dir_hnd);
5123 /* We only have veto files/directories.
5124 * Are we allowed to delete them ? */
5126 if(!lp_recursive_veto_delete(SNUM(conn))) {
5127 TALLOC_FREE(dir_hnd);
5132 /* Do a recursive delete. */
5133 RewindDir(dir_hnd,&dirpos);
5134 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
5135 char *fullname = NULL;
5137 if (ISDOT(dname) || ISDOTDOT(dname)) {
5140 if (!is_visible_file(conn, directory, dname, &st, False)) {
5144 fullname = talloc_asprintf(ctx,
5154 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
5157 if(st.st_mode & S_IFDIR) {
5158 if(!recursive_rmdir(ctx, conn, fullname)) {
5161 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5164 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5167 TALLOC_FREE(fullname);
5169 TALLOC_FREE(dir_hnd);
5170 /* Retry the rmdir */
5171 ret = SMB_VFS_RMDIR(conn,directory);
5177 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
5178 "%s\n", directory,strerror(errno)));
5179 return map_nt_error_from_unix(errno);
5182 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5183 FILE_NOTIFY_CHANGE_DIR_NAME,
5186 return NT_STATUS_OK;
5189 /****************************************************************************
5191 ****************************************************************************/
5193 void reply_rmdir(struct smb_request *req)
5195 connection_struct *conn = req->conn;
5196 char *directory = NULL;
5197 SMB_STRUCT_STAT sbuf;
5199 TALLOC_CTX *ctx = talloc_tos();
5201 START_PROFILE(SMBrmdir);
5203 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5204 STR_TERMINATE, &status);
5205 if (!NT_STATUS_IS_OK(status)) {
5206 reply_nterror(req, status);
5207 END_PROFILE(SMBrmdir);
5211 status = resolve_dfspath(ctx, conn,
5212 req->flags2 & FLAGS2_DFS_PATHNAMES,
5215 if (!NT_STATUS_IS_OK(status)) {
5216 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5217 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5218 ERRSRV, ERRbadpath);
5219 END_PROFILE(SMBrmdir);
5222 reply_nterror(req, status);
5223 END_PROFILE(SMBrmdir);
5227 status = unix_convert(ctx, conn, directory, False, &directory,
5229 if (!NT_STATUS_IS_OK(status)) {
5230 reply_nterror(req, status);
5231 END_PROFILE(SMBrmdir);
5235 status = check_name(conn, directory);
5236 if (!NT_STATUS_IS_OK(status)) {
5237 reply_nterror(req, status);
5238 END_PROFILE(SMBrmdir);
5242 dptr_closepath(directory, req->smbpid);
5243 status = rmdir_internals(ctx, conn, directory);
5244 if (!NT_STATUS_IS_OK(status)) {
5245 reply_nterror(req, status);
5246 END_PROFILE(SMBrmdir);
5250 reply_outbuf(req, 0, 0);
5252 DEBUG( 3, ( "rmdir %s\n", directory ) );
5254 END_PROFILE(SMBrmdir);
5258 /*******************************************************************
5259 Resolve wildcards in a filename rename.
5260 ********************************************************************/
5262 static bool resolve_wildcards(TALLOC_CTX *ctx,
5267 char *name2_copy = NULL;
5272 char *p,*p2, *pname1, *pname2;
5274 name2_copy = talloc_strdup(ctx, name2);
5279 pname1 = strrchr_m(name1,'/');
5280 pname2 = strrchr_m(name2_copy,'/');
5282 if (!pname1 || !pname2) {
5286 /* Truncate the copy of name2 at the last '/' */
5289 /* Now go past the '/' */
5293 root1 = talloc_strdup(ctx, pname1);
5294 root2 = talloc_strdup(ctx, pname2);
5296 if (!root1 || !root2) {
5300 p = strrchr_m(root1,'.');
5303 ext1 = talloc_strdup(ctx, p+1);
5305 ext1 = talloc_strdup(ctx, "");
5307 p = strrchr_m(root2,'.');
5310 ext2 = talloc_strdup(ctx, p+1);
5312 ext2 = talloc_strdup(ctx, "");
5315 if (!ext1 || !ext2) {
5323 /* Hmmm. Should this be mb-aware ? */
5326 } else if (*p2 == '*') {
5328 root2 = talloc_asprintf(ctx, "%s%s",
5347 /* Hmmm. Should this be mb-aware ? */
5350 } else if (*p2 == '*') {
5352 ext2 = talloc_asprintf(ctx, "%s%s",
5368 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5373 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5385 /****************************************************************************
5386 Ensure open files have their names updated. Updated to notify other smbd's
5388 ****************************************************************************/
5390 static void rename_open_files(connection_struct *conn,
5391 struct share_mode_lock *lck,
5392 const char *newname)
5395 bool did_rename = False;
5397 for(fsp = file_find_di_first(lck->id); fsp;
5398 fsp = file_find_di_next(fsp)) {
5399 /* fsp_name is a relative path under the fsp. To change this for other
5400 sharepaths we need to manipulate relative paths. */
5401 /* TODO - create the absolute path and manipulate the newname
5402 relative to the sharepath. */
5403 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5406 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
5407 fsp->fnum, file_id_string_tos(&fsp->file_id),
5408 fsp->fsp_name, newname ));
5409 string_set(&fsp->fsp_name, newname);
5414 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
5415 file_id_string_tos(&lck->id), newname ));
5418 /* Send messages to all smbd's (not ourself) that the name has changed. */
5419 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
5423 /****************************************************************************
5424 We need to check if the source path is a parent directory of the destination
5425 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5426 refuse the rename with a sharing violation. Under UNIX the above call can
5427 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5428 probably need to check that the client is a Windows one before disallowing
5429 this as a UNIX client (one with UNIX extensions) can know the source is a
5430 symlink and make this decision intelligently. Found by an excellent bug
5431 report from <AndyLiebman@aol.com>.
5432 ****************************************************************************/
5434 static bool rename_path_prefix_equal(const char *src, const char *dest)
5436 const char *psrc = src;
5437 const char *pdst = dest;
5440 if (psrc[0] == '.' && psrc[1] == '/') {
5443 if (pdst[0] == '.' && pdst[1] == '/') {
5446 if ((slen = strlen(psrc)) > strlen(pdst)) {
5449 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5453 * Do the notify calls from a rename
5456 static void notify_rename(connection_struct *conn, bool is_dir,
5457 const char *oldpath, const char *newpath)
5459 char *olddir, *newdir;
5460 const char *oldname, *newname;
5463 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5464 : FILE_NOTIFY_CHANGE_FILE_NAME;
5466 if (!parent_dirname(talloc_tos(), oldpath, &olddir, &oldname)
5467 || !parent_dirname(talloc_tos(), newpath, &newdir, &newname)) {
5468 TALLOC_FREE(olddir);
5472 if (strcmp(olddir, newdir) == 0) {
5473 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
5474 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
5477 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
5478 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
5480 TALLOC_FREE(olddir);
5481 TALLOC_FREE(newdir);
5483 /* this is a strange one. w2k3 gives an additional event for
5484 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5485 files, but not directories */
5487 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5488 FILE_NOTIFY_CHANGE_ATTRIBUTES
5489 |FILE_NOTIFY_CHANGE_CREATION,
5494 /****************************************************************************
5495 Rename an open file - given an fsp.
5496 ****************************************************************************/
5498 NTSTATUS rename_internals_fsp(connection_struct *conn,
5501 const char *newname_last_component,
5503 bool replace_if_exists)
5505 TALLOC_CTX *ctx = talloc_tos();
5506 SMB_STRUCT_STAT sbuf, sbuf1;
5507 NTSTATUS status = NT_STATUS_OK;
5508 struct share_mode_lock *lck = NULL;
5509 bool dst_exists, old_is_stream, new_is_stream;
5513 status = check_name(conn, newname);
5514 if (!NT_STATUS_IS_OK(status)) {
5518 /* Ensure newname contains a '/' */
5519 if(strrchr_m(newname,'/') == 0) {
5520 newname = talloc_asprintf(ctx,
5524 return NT_STATUS_NO_MEMORY;
5529 * Check for special case with case preserving and not
5530 * case sensitive. If the old last component differs from the original
5531 * last component only by case, then we should allow
5532 * the rename (user is trying to change the case of the
5536 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5537 strequal(newname, fsp->fsp_name)) {
5539 char *newname_modified_last_component = NULL;
5542 * Get the last component of the modified name.
5543 * Note that we guarantee that newname contains a '/'
5546 p = strrchr_m(newname,'/');
5547 newname_modified_last_component = talloc_strdup(ctx,
5549 if (!newname_modified_last_component) {
5550 return NT_STATUS_NO_MEMORY;
5553 if(strcsequal(newname_modified_last_component,
5554 newname_last_component) == False) {
5556 * Replace the modified last component with
5559 *p = '\0'; /* Truncate at the '/' */
5560 newname = talloc_asprintf(ctx,
5563 newname_last_component);
5568 * If the src and dest names are identical - including case,
5569 * don't do the rename, just return success.
5572 if (strcsequal(fsp->fsp_name, newname)) {
5573 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
5575 return NT_STATUS_OK;
5578 old_is_stream = is_ntfs_stream_name(fsp->fsp_name);
5579 new_is_stream = is_ntfs_stream_name(newname);
5581 /* Return the correct error code if both names aren't streams. */
5582 if (!old_is_stream && new_is_stream) {
5583 return NT_STATUS_OBJECT_NAME_INVALID;
5586 if (old_is_stream && !new_is_stream) {
5587 return NT_STATUS_INVALID_PARAMETER;
5591 * Have vfs_object_exist also fill sbuf1
5593 dst_exists = vfs_object_exist(conn, newname, &sbuf1);
5595 if(!replace_if_exists && dst_exists) {
5596 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
5597 fsp->fsp_name,newname));
5598 return NT_STATUS_OBJECT_NAME_COLLISION;
5602 struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1);
5603 files_struct *dst_fsp = file_find_di_first(fileid);
5604 /* The file can be open when renaming a stream */
5605 if (dst_fsp && !new_is_stream) {
5606 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
5607 return NT_STATUS_ACCESS_DENIED;
5611 /* Ensure we have a valid stat struct for the source. */
5612 if (fsp->fh->fd != -1) {
5613 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
5614 return map_nt_error_from_unix(errno);
5617 if (SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf) == -1) {
5618 return map_nt_error_from_unix(errno);
5622 status = can_rename(conn, fsp, attrs, &sbuf);
5624 if (!NT_STATUS_IS_OK(status)) {
5625 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5626 nt_errstr(status), fsp->fsp_name,newname));
5627 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
5628 status = NT_STATUS_ACCESS_DENIED;
5632 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
5633 return NT_STATUS_ACCESS_DENIED;
5636 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
5640 * We have the file open ourselves, so not being able to get the
5641 * corresponding share mode lock is a fatal error.
5644 SMB_ASSERT(lck != NULL);
5646 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
5647 uint32 create_options = fsp->fh->private_options;
5649 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
5650 fsp->fsp_name,newname));
5652 notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
5654 rename_open_files(conn, lck, newname);
5657 * A rename acts as a new file create w.r.t. allowing an initial delete
5658 * on close, probably because in Windows there is a new handle to the
5659 * new file. If initial delete on close was requested but not
5660 * originally set, we need to set it here. This is probably not 100% correct,
5661 * but will work for the CIFSFS client which in non-posix mode
5662 * depends on these semantics. JRA.
5665 if (create_options & FILE_DELETE_ON_CLOSE) {
5666 status = can_set_delete_on_close(fsp, True, 0);
5668 if (NT_STATUS_IS_OK(status)) {
5669 /* Note that here we set the *inital* delete on close flag,
5670 * not the regular one. The magic gets handled in close. */
5671 fsp->initial_delete_on_close = True;
5675 return NT_STATUS_OK;
5680 if (errno == ENOTDIR || errno == EISDIR) {
5681 status = NT_STATUS_OBJECT_NAME_COLLISION;
5683 status = map_nt_error_from_unix(errno);
5686 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5687 nt_errstr(status), fsp->fsp_name,newname));
5692 /****************************************************************************
5693 The guts of the rename command, split out so it may be called by the NT SMB
5695 ****************************************************************************/
5697 NTSTATUS rename_internals(TALLOC_CTX *ctx,
5698 connection_struct *conn,
5699 struct smb_request *req,
5700 const char *name_in,
5701 const char *newname_in,
5703 bool replace_if_exists,
5706 uint32_t access_mask)
5708 char *directory = NULL;
5710 char *last_component_src = NULL;
5711 char *last_component_dest = NULL;
5713 char *newname = NULL;
5716 NTSTATUS status = NT_STATUS_OK;
5717 SMB_STRUCT_STAT sbuf1, sbuf2;
5718 struct smb_Dir *dir_hnd = NULL;
5721 int create_options = 0;
5726 status = unix_convert(ctx, conn, name_in, src_has_wild, &name,
5727 &last_component_src, &sbuf1);
5728 if (!NT_STATUS_IS_OK(status)) {
5732 status = unix_convert(ctx, conn, newname_in, dest_has_wild, &newname,
5733 &last_component_dest, &sbuf2);
5734 if (!NT_STATUS_IS_OK(status)) {
5739 * Split the old name into directory and last component
5740 * strings. Note that unix_convert may have stripped off a
5741 * leading ./ from both name and newname if the rename is
5742 * at the root of the share. We need to make sure either both
5743 * name and newname contain a / character or neither of them do
5744 * as this is checked in resolve_wildcards().
5747 p = strrchr_m(name,'/');
5749 directory = talloc_strdup(ctx, ".");
5751 return NT_STATUS_NO_MEMORY;
5756 directory = talloc_strdup(ctx, name);
5758 return NT_STATUS_NO_MEMORY;
5761 *p = '/'; /* Replace needed for exceptional test below. */
5765 * We should only check the mangled cache
5766 * here if unix_convert failed. This means
5767 * that the path in 'mask' doesn't exist
5768 * on the file system and so we need to look
5769 * for a possible mangle. This patch from
5770 * Tine Smukavec <valentin.smukavec@hermes.si>.
5773 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
5774 char *new_mask = NULL;
5775 mangle_lookup_name_from_8_3(ctx,
5784 if (!src_has_wild) {
5788 * No wildcards - just process the one file.
5790 bool is_short_name = mangle_is_8_3(name, True, conn->params);
5792 /* Add a terminating '/' to the directory name. */
5793 directory = talloc_asprintf_append(directory,
5797 return NT_STATUS_NO_MEMORY;
5800 /* Ensure newname contains a '/' also */
5801 if(strrchr_m(newname,'/') == 0) {
5802 newname = talloc_asprintf(ctx,
5806 return NT_STATUS_NO_MEMORY;
5810 DEBUG(3, ("rename_internals: case_sensitive = %d, "
5811 "case_preserve = %d, short case preserve = %d, "
5812 "directory = %s, newname = %s, "
5813 "last_component_dest = %s, is_8_3 = %d\n",
5814 conn->case_sensitive, conn->case_preserve,
5815 conn->short_case_preserve, directory,
5816 newname, last_component_dest, is_short_name));
5818 /* The dest name still may have wildcards. */
5819 if (dest_has_wild) {
5820 char *mod_newname = NULL;
5821 if (!resolve_wildcards(ctx,
5822 directory,newname,&mod_newname)) {
5823 DEBUG(6, ("rename_internals: resolve_wildcards "
5827 return NT_STATUS_NO_MEMORY;
5829 newname = mod_newname;
5833 SMB_VFS_STAT(conn, directory, &sbuf1);
5835 if (S_ISDIR(sbuf1.st_mode)) {
5836 create_options |= FILE_DIRECTORY_FILE;
5839 status = SMB_VFS_CREATE_FILE(
5842 0, /* root_dir_fid */
5843 directory, /* fname */
5844 0, /* create_file_flags */
5845 access_mask, /* access_mask */
5846 (FILE_SHARE_READ | /* share_access */
5848 FILE_OPEN, /* create_disposition*/
5849 create_options, /* create_options */
5850 0, /* file_attributes */
5851 0, /* oplock_request */
5852 0, /* allocation_size */
5857 &sbuf1); /* psbuf */
5859 if (!NT_STATUS_IS_OK(status)) {
5860 DEBUG(3, ("Could not open rename source %s: %s\n",
5861 directory, nt_errstr(status)));
5865 status = rename_internals_fsp(conn, fsp, newname,
5866 last_component_dest,
5867 attrs, replace_if_exists);
5869 close_file(req, fsp, NORMAL_CLOSE);
5871 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
5872 nt_errstr(status), directory,newname));
5878 * Wildcards - process each file that matches.
5880 if (strequal(mask,"????????.???")) {
5885 status = check_name(conn, directory);
5886 if (!NT_STATUS_IS_OK(status)) {
5890 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, attrs);
5891 if (dir_hnd == NULL) {
5892 return map_nt_error_from_unix(errno);
5895 status = NT_STATUS_NO_SUCH_FILE;
5897 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
5898 * - gentest fix. JRA
5901 while ((dname = ReadDirName(dir_hnd, &offset))) {
5902 files_struct *fsp = NULL;
5904 char *destname = NULL;
5905 bool sysdir_entry = False;
5907 /* Quick check for "." and ".." */
5908 if (ISDOT(dname) || ISDOTDOT(dname)) {
5910 sysdir_entry = True;
5916 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
5920 if(!mask_match(dname, mask, conn->case_sensitive)) {
5925 status = NT_STATUS_OBJECT_NAME_INVALID;
5929 fname = talloc_asprintf(ctx,
5934 return NT_STATUS_NO_MEMORY;
5937 if (!resolve_wildcards(ctx,
5938 fname,newname,&destname)) {
5939 DEBUG(6, ("resolve_wildcards %s %s failed\n",
5945 return NT_STATUS_NO_MEMORY;
5949 SMB_VFS_STAT(conn, fname, &sbuf1);
5953 if (S_ISDIR(sbuf1.st_mode)) {
5954 create_options |= FILE_DIRECTORY_FILE;
5957 status = SMB_VFS_CREATE_FILE(
5960 0, /* root_dir_fid */
5962 0, /* create_file_flags */
5963 access_mask, /* access_mask */
5964 (FILE_SHARE_READ | /* share_access */
5966 FILE_OPEN, /* create_disposition*/
5967 create_options, /* create_options */
5968 0, /* file_attributes */
5969 0, /* oplock_request */
5970 0, /* allocation_size */
5975 &sbuf1); /* psbuf */
5977 if (!NT_STATUS_IS_OK(status)) {
5978 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
5979 "returned %s rename %s -> %s\n",
5980 nt_errstr(status), directory, newname));
5984 status = rename_internals_fsp(conn, fsp, destname, dname,
5985 attrs, replace_if_exists);
5987 close_file(req, fsp, NORMAL_CLOSE);
5989 if (!NT_STATUS_IS_OK(status)) {
5990 DEBUG(3, ("rename_internals_fsp returned %s for "
5991 "rename %s -> %s\n", nt_errstr(status),
5992 directory, newname));
5998 DEBUG(3,("rename_internals: doing rename on %s -> "
5999 "%s\n",fname,destname));
6002 TALLOC_FREE(destname);
6004 TALLOC_FREE(dir_hnd);
6006 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6007 status = map_nt_error_from_unix(errno);
6013 /****************************************************************************
6015 ****************************************************************************/
6017 void reply_mv(struct smb_request *req)
6019 connection_struct *conn = req->conn;
6021 char *newname = NULL;
6025 bool src_has_wcard = False;
6026 bool dest_has_wcard = False;
6027 TALLOC_CTX *ctx = talloc_tos();
6029 START_PROFILE(SMBmv);
6032 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6037 attrs = SVAL(req->vwv+0, 0);
6039 p = (const char *)req->buf + 1;
6040 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6041 &status, &src_has_wcard);
6042 if (!NT_STATUS_IS_OK(status)) {
6043 reply_nterror(req, status);
6048 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6049 &status, &dest_has_wcard);
6050 if (!NT_STATUS_IS_OK(status)) {
6051 reply_nterror(req, status);
6056 status = resolve_dfspath_wcard(ctx, conn,
6057 req->flags2 & FLAGS2_DFS_PATHNAMES,
6061 if (!NT_STATUS_IS_OK(status)) {
6062 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6063 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6064 ERRSRV, ERRbadpath);
6068 reply_nterror(req, status);
6073 status = resolve_dfspath_wcard(ctx, conn,
6074 req->flags2 & FLAGS2_DFS_PATHNAMES,
6078 if (!NT_STATUS_IS_OK(status)) {
6079 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6080 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6081 ERRSRV, ERRbadpath);
6085 reply_nterror(req, status);
6090 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
6092 status = rename_internals(ctx, conn, req, name, newname, attrs, False,
6093 src_has_wcard, dest_has_wcard, DELETE_ACCESS);
6094 if (!NT_STATUS_IS_OK(status)) {
6095 if (open_was_deferred(req->mid)) {
6096 /* We have re-scheduled this call. */
6100 reply_nterror(req, status);
6105 reply_outbuf(req, 0, 0);
6111 /*******************************************************************
6112 Copy a file as part of a reply_copy.
6113 ******************************************************************/
6116 * TODO: check error codes on all callers
6119 NTSTATUS copy_file(TALLOC_CTX *ctx,
6120 connection_struct *conn,
6125 bool target_is_directory)
6127 SMB_STRUCT_STAT src_sbuf, sbuf2;
6129 files_struct *fsp1,*fsp2;
6132 uint32 new_create_disposition;
6135 dest = talloc_strdup(ctx, dest1);
6137 return NT_STATUS_NO_MEMORY;
6139 if (target_is_directory) {
6140 const char *p = strrchr_m(src,'/');
6146 dest = talloc_asprintf_append(dest,
6150 return NT_STATUS_NO_MEMORY;
6154 if (!vfs_file_exist(conn,src,&src_sbuf)) {
6156 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
6159 if (!target_is_directory && count) {
6160 new_create_disposition = FILE_OPEN;
6162 if (!map_open_params_to_ntcreate(dest1,0,ofun,
6163 NULL, NULL, &new_create_disposition, NULL)) {
6165 return NT_STATUS_INVALID_PARAMETER;
6169 status = SMB_VFS_CREATE_FILE(
6172 0, /* root_dir_fid */
6174 0, /* create_file_flags */
6175 FILE_GENERIC_READ, /* access_mask */
6176 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6177 FILE_OPEN, /* create_disposition*/
6178 0, /* create_options */
6179 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6180 INTERNAL_OPEN_ONLY, /* oplock_request */
6181 0, /* allocation_size */
6186 &src_sbuf); /* psbuf */
6188 if (!NT_STATUS_IS_OK(status)) {
6193 dosattrs = dos_mode(conn, src, &src_sbuf);
6194 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
6195 ZERO_STRUCTP(&sbuf2);
6198 status = SMB_VFS_CREATE_FILE(
6201 0, /* root_dir_fid */
6203 0, /* create_file_flags */
6204 FILE_GENERIC_WRITE, /* access_mask */
6205 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6206 new_create_disposition, /* create_disposition*/
6207 0, /* create_options */
6208 dosattrs, /* file_attributes */
6209 INTERNAL_OPEN_ONLY, /* oplock_request */
6210 0, /* allocation_size */
6215 &sbuf2); /* psbuf */
6219 if (!NT_STATUS_IS_OK(status)) {
6220 close_file(NULL, fsp1, ERROR_CLOSE);
6224 if ((ofun&3) == 1) {
6225 if(SMB_VFS_LSEEK(fsp2,0,SEEK_END) == -1) {
6226 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
6228 * Stop the copy from occurring.
6231 src_sbuf.st_size = 0;
6235 if (src_sbuf.st_size) {
6236 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
6239 close_file(NULL, fsp1, NORMAL_CLOSE);
6241 /* Ensure the modtime is set correctly on the destination file. */
6242 set_close_write_time(fsp2, get_mtimespec(&src_sbuf));
6245 * As we are opening fsp1 read-only we only expect
6246 * an error on close on fsp2 if we are out of space.
6247 * Thus we don't look at the error return from the
6250 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6252 if (!NT_STATUS_IS_OK(status)) {
6256 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
6257 return NT_STATUS_DISK_FULL;
6260 return NT_STATUS_OK;
6263 /****************************************************************************
6264 Reply to a file copy.
6265 ****************************************************************************/
6267 void reply_copy(struct smb_request *req)
6269 connection_struct *conn = req->conn;
6271 char *newname = NULL;
6272 char *directory = NULL;
6273 const char *mask = NULL;
6274 const char mask_star[] = "*";
6277 int error = ERRnoaccess;
6282 bool target_is_directory=False;
6283 bool source_has_wild = False;
6284 bool dest_has_wild = False;
6285 SMB_STRUCT_STAT sbuf1, sbuf2;
6287 TALLOC_CTX *ctx = talloc_tos();
6289 START_PROFILE(SMBcopy);
6292 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6293 END_PROFILE(SMBcopy);
6297 tid2 = SVAL(req->vwv+0, 0);
6298 ofun = SVAL(req->vwv+1, 0);
6299 flags = SVAL(req->vwv+2, 0);
6301 p = (const char *)req->buf;
6302 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6303 &status, &source_has_wild);
6304 if (!NT_STATUS_IS_OK(status)) {
6305 reply_nterror(req, status);
6306 END_PROFILE(SMBcopy);
6309 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6310 &status, &dest_has_wild);
6311 if (!NT_STATUS_IS_OK(status)) {
6312 reply_nterror(req, status);
6313 END_PROFILE(SMBcopy);
6317 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
6319 if (tid2 != conn->cnum) {
6320 /* can't currently handle inter share copies XXXX */
6321 DEBUG(3,("Rejecting inter-share copy\n"));
6322 reply_doserror(req, ERRSRV, ERRinvdevice);
6323 END_PROFILE(SMBcopy);
6327 status = resolve_dfspath_wcard(ctx, conn,
6328 req->flags2 & FLAGS2_DFS_PATHNAMES,
6332 if (!NT_STATUS_IS_OK(status)) {
6333 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6334 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6335 ERRSRV, ERRbadpath);
6336 END_PROFILE(SMBcopy);
6339 reply_nterror(req, status);
6340 END_PROFILE(SMBcopy);
6344 status = resolve_dfspath_wcard(ctx, conn,
6345 req->flags2 & FLAGS2_DFS_PATHNAMES,
6349 if (!NT_STATUS_IS_OK(status)) {
6350 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6351 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6352 ERRSRV, ERRbadpath);
6353 END_PROFILE(SMBcopy);
6356 reply_nterror(req, status);
6357 END_PROFILE(SMBcopy);
6361 status = unix_convert(ctx, conn, name, source_has_wild,
6362 &name, NULL, &sbuf1);
6363 if (!NT_STATUS_IS_OK(status)) {
6364 reply_nterror(req, status);
6365 END_PROFILE(SMBcopy);
6369 status = unix_convert(ctx, conn, newname, dest_has_wild,
6370 &newname, NULL, &sbuf2);
6371 if (!NT_STATUS_IS_OK(status)) {
6372 reply_nterror(req, status);
6373 END_PROFILE(SMBcopy);
6377 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
6379 if ((flags&1) && target_is_directory) {
6380 reply_doserror(req, ERRDOS, ERRbadfile);
6381 END_PROFILE(SMBcopy);
6385 if ((flags&2) && !target_is_directory) {
6386 reply_doserror(req, ERRDOS, ERRbadpath);
6387 END_PROFILE(SMBcopy);
6391 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
6392 /* wants a tree copy! XXXX */
6393 DEBUG(3,("Rejecting tree copy\n"));
6394 reply_doserror(req, ERRSRV, ERRerror);
6395 END_PROFILE(SMBcopy);
6399 p = strrchr_m(name,'/');
6401 directory = talloc_strndup(ctx, name, PTR_DIFF(p, name));
6404 directory = talloc_strdup(ctx, "./");
6409 reply_nterror(req, NT_STATUS_NO_MEMORY);
6410 END_PROFILE(SMBcopy);
6415 * We should only check the mangled cache
6416 * here if unix_convert failed. This means
6417 * that the path in 'mask' doesn't exist
6418 * on the file system and so we need to look
6419 * for a possible mangle. This patch from
6420 * Tine Smukavec <valentin.smukavec@hermes.si>.
6423 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
6424 char *new_mask = NULL;
6425 mangle_lookup_name_from_8_3(ctx,
6434 if (!source_has_wild) {
6435 directory = talloc_asprintf_append(directory,
6438 if (dest_has_wild) {
6439 char *mod_newname = NULL;
6440 if (!resolve_wildcards(ctx,
6441 directory,newname,&mod_newname)) {
6442 reply_nterror(req, NT_STATUS_NO_MEMORY);
6443 END_PROFILE(SMBcopy);
6446 newname = mod_newname;
6449 status = check_name(conn, directory);
6450 if (!NT_STATUS_IS_OK(status)) {
6451 reply_nterror(req, status);
6452 END_PROFILE(SMBcopy);
6456 status = check_name(conn, newname);
6457 if (!NT_STATUS_IS_OK(status)) {
6458 reply_nterror(req, status);
6459 END_PROFILE(SMBcopy);
6463 status = copy_file(ctx,conn,directory,newname,ofun,
6464 count,target_is_directory);
6466 if(!NT_STATUS_IS_OK(status)) {
6467 reply_nterror(req, status);
6468 END_PROFILE(SMBcopy);
6474 struct smb_Dir *dir_hnd = NULL;
6475 const char *dname = NULL;
6478 if (strequal(mask,"????????.???")) {
6482 status = check_name(conn, directory);
6483 if (!NT_STATUS_IS_OK(status)) {
6484 reply_nterror(req, status);
6485 END_PROFILE(SMBcopy);
6489 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, 0);
6490 if (dir_hnd == NULL) {
6491 status = map_nt_error_from_unix(errno);
6492 reply_nterror(req, status);
6493 END_PROFILE(SMBcopy);
6499 while ((dname = ReadDirName(dir_hnd, &offset))) {
6500 char *destname = NULL;
6503 if (ISDOT(dname) || ISDOTDOT(dname)) {
6507 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
6511 if(!mask_match(dname, mask, conn->case_sensitive)) {
6515 error = ERRnoaccess;
6516 fname = talloc_asprintf(ctx,
6521 TALLOC_FREE(dir_hnd);
6522 reply_nterror(req, NT_STATUS_NO_MEMORY);
6523 END_PROFILE(SMBcopy);
6527 if (!resolve_wildcards(ctx,
6528 fname,newname,&destname)) {
6532 TALLOC_FREE(dir_hnd);
6533 reply_nterror(req, NT_STATUS_NO_MEMORY);
6534 END_PROFILE(SMBcopy);
6538 status = check_name(conn, fname);
6539 if (!NT_STATUS_IS_OK(status)) {
6540 TALLOC_FREE(dir_hnd);
6541 reply_nterror(req, status);
6542 END_PROFILE(SMBcopy);
6546 status = check_name(conn, destname);
6547 if (!NT_STATUS_IS_OK(status)) {
6548 TALLOC_FREE(dir_hnd);
6549 reply_nterror(req, status);
6550 END_PROFILE(SMBcopy);
6554 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname));
6556 status = copy_file(ctx,conn,fname,destname,ofun,
6557 count,target_is_directory);
6558 if (NT_STATUS_IS_OK(status)) {
6562 TALLOC_FREE(destname);
6564 TALLOC_FREE(dir_hnd);
6569 /* Error on close... */
6571 reply_unixerror(req, ERRHRD, ERRgeneral);
6572 END_PROFILE(SMBcopy);
6576 reply_doserror(req, ERRDOS, error);
6577 END_PROFILE(SMBcopy);
6581 reply_outbuf(req, 1, 0);
6582 SSVAL(req->outbuf,smb_vwv0,count);
6584 END_PROFILE(SMBcopy);
6589 #define DBGC_CLASS DBGC_LOCKING
6591 /****************************************************************************
6592 Get a lock pid, dealing with large count requests.
6593 ****************************************************************************/
6595 uint32 get_lock_pid(const uint8_t *data, int data_offset,
6596 bool large_file_format)
6598 if(!large_file_format)
6599 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
6601 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
6604 /****************************************************************************
6605 Get a lock count, dealing with large count requests.
6606 ****************************************************************************/
6608 uint64_t get_lock_count(const uint8_t *data, int data_offset,
6609 bool large_file_format)
6613 if(!large_file_format) {
6614 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
6617 #if defined(HAVE_LONGLONG)
6618 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
6619 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
6620 #else /* HAVE_LONGLONG */
6623 * NT4.x seems to be broken in that it sends large file (64 bit)
6624 * lockingX calls even if the CAP_LARGE_FILES was *not*
6625 * negotiated. For boxes without large unsigned ints truncate the
6626 * lock count by dropping the top 32 bits.
6629 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
6630 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
6631 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
6632 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
6633 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
6636 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
6637 #endif /* HAVE_LONGLONG */
6643 #if !defined(HAVE_LONGLONG)
6644 /****************************************************************************
6645 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
6646 ****************************************************************************/
6648 static uint32 map_lock_offset(uint32 high, uint32 low)
6652 uint32 highcopy = high;
6655 * Try and find out how many significant bits there are in high.
6658 for(i = 0; highcopy; i++)
6662 * We use 31 bits not 32 here as POSIX
6663 * lock offsets may not be negative.
6666 mask = (~0) << (31 - i);
6669 return 0; /* Fail. */
6675 #endif /* !defined(HAVE_LONGLONG) */
6677 /****************************************************************************
6678 Get a lock offset, dealing with large offset requests.
6679 ****************************************************************************/
6681 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
6682 bool large_file_format, bool *err)
6684 uint64_t offset = 0;
6688 if(!large_file_format) {
6689 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
6692 #if defined(HAVE_LONGLONG)
6693 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
6694 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
6695 #else /* HAVE_LONGLONG */
6698 * NT4.x seems to be broken in that it sends large file (64 bit)
6699 * lockingX calls even if the CAP_LARGE_FILES was *not*
6700 * negotiated. For boxes without large unsigned ints mangle the
6701 * lock offset by mapping the top 32 bits onto the lower 32.
6704 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
6705 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
6706 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
6709 if((new_low = map_lock_offset(high, low)) == 0) {
6711 return (uint64_t)-1;
6714 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
6715 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
6716 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
6717 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
6720 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
6721 #endif /* HAVE_LONGLONG */
6727 /****************************************************************************
6728 Reply to a lockingX request.
6729 ****************************************************************************/
6731 void reply_lockingX(struct smb_request *req)
6733 connection_struct *conn = req->conn;
6735 unsigned char locktype;
6736 unsigned char oplocklevel;
6739 uint64_t count = 0, offset = 0;
6743 const uint8_t *data;
6744 bool large_file_format;
6746 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
6748 START_PROFILE(SMBlockingX);
6751 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6752 END_PROFILE(SMBlockingX);
6756 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
6757 locktype = CVAL(req->vwv+3, 0);
6758 oplocklevel = CVAL(req->vwv+3, 1);
6759 num_ulocks = SVAL(req->vwv+6, 0);
6760 num_locks = SVAL(req->vwv+7, 0);
6761 lock_timeout = IVAL(req->vwv+4, 0);
6762 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
6764 if (!check_fsp(conn, req, fsp)) {
6765 END_PROFILE(SMBlockingX);
6771 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
6772 /* we don't support these - and CANCEL_LOCK makes w2k
6773 and XP reboot so I don't really want to be
6774 compatible! (tridge) */
6775 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
6776 END_PROFILE(SMBlockingX);
6780 /* Check if this is an oplock break on a file
6781 we have granted an oplock on.
6783 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
6784 /* Client can insist on breaking to none. */
6785 bool break_to_none = (oplocklevel == 0);
6788 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
6789 "for fnum = %d\n", (unsigned int)oplocklevel,
6793 * Make sure we have granted an exclusive or batch oplock on
6797 if (fsp->oplock_type == 0) {
6799 /* The Samba4 nbench simulator doesn't understand
6800 the difference between break to level2 and break
6801 to none from level2 - it sends oplock break
6802 replies in both cases. Don't keep logging an error
6803 message here - just ignore it. JRA. */
6805 DEBUG(5,("reply_lockingX: Error : oplock break from "
6806 "client for fnum = %d (oplock=%d) and no "
6807 "oplock granted on this file (%s).\n",
6808 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
6810 /* if this is a pure oplock break request then don't
6812 if (num_locks == 0 && num_ulocks == 0) {
6813 END_PROFILE(SMBlockingX);
6816 END_PROFILE(SMBlockingX);
6817 reply_doserror(req, ERRDOS, ERRlock);
6822 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
6824 result = remove_oplock(fsp);
6826 result = downgrade_oplock(fsp);
6830 DEBUG(0, ("reply_lockingX: error in removing "
6831 "oplock on file %s\n", fsp->fsp_name));
6832 /* Hmmm. Is this panic justified? */
6833 smb_panic("internal tdb error");
6836 reply_to_oplock_break_requests(fsp);
6838 /* if this is a pure oplock break request then don't send a
6840 if (num_locks == 0 && num_ulocks == 0) {
6841 /* Sanity check - ensure a pure oplock break is not a
6843 if(CVAL(req->vwv+0, 0) != 0xff)
6844 DEBUG(0,("reply_lockingX: Error : pure oplock "
6845 "break is a chained %d request !\n",
6846 (unsigned int)CVAL(req->vwv+0, 0)));
6847 END_PROFILE(SMBlockingX);
6853 * We do this check *after* we have checked this is not a oplock break
6854 * response message. JRA.
6857 release_level_2_oplocks_on_change(fsp);
6860 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
6861 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6862 END_PROFILE(SMBlockingX);
6866 /* Data now points at the beginning of the list
6867 of smb_unlkrng structs */
6868 for(i = 0; i < (int)num_ulocks; i++) {
6869 lock_pid = get_lock_pid( data, i, large_file_format);
6870 count = get_lock_count( data, i, large_file_format);
6871 offset = get_lock_offset( data, i, large_file_format, &err);
6874 * There is no error code marked "stupid client bug".... :-).
6877 END_PROFILE(SMBlockingX);
6878 reply_doserror(req, ERRDOS, ERRnoaccess);
6882 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
6883 "pid %u, file %s\n", (double)offset, (double)count,
6884 (unsigned int)lock_pid, fsp->fsp_name ));
6886 status = do_unlock(smbd_messaging_context(),
6893 if (NT_STATUS_V(status)) {
6894 END_PROFILE(SMBlockingX);
6895 reply_nterror(req, status);
6900 /* Setup the timeout in seconds. */
6902 if (!lp_blocking_locks(SNUM(conn))) {
6906 /* Now do any requested locks */
6907 data += ((large_file_format ? 20 : 10)*num_ulocks);
6909 /* Data now points at the beginning of the list
6910 of smb_lkrng structs */
6912 for(i = 0; i < (int)num_locks; i++) {
6913 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
6914 READ_LOCK:WRITE_LOCK);
6915 lock_pid = get_lock_pid( data, i, large_file_format);
6916 count = get_lock_count( data, i, large_file_format);
6917 offset = get_lock_offset( data, i, large_file_format, &err);
6920 * There is no error code marked "stupid client bug".... :-).
6923 END_PROFILE(SMBlockingX);
6924 reply_doserror(req, ERRDOS, ERRnoaccess);
6928 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
6929 "%u, file %s timeout = %d\n", (double)offset,
6930 (double)count, (unsigned int)lock_pid,
6931 fsp->fsp_name, (int)lock_timeout ));
6933 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
6934 if (lp_blocking_locks(SNUM(conn))) {
6936 /* Schedule a message to ourselves to
6937 remove the blocking lock record and
6938 return the right error. */
6940 if (!blocking_lock_cancel(fsp,
6946 NT_STATUS_FILE_LOCK_CONFLICT)) {
6947 END_PROFILE(SMBlockingX);
6952 ERRcancelviolation));
6956 /* Remove a matching pending lock. */
6957 status = do_lock_cancel(fsp,
6963 bool blocking_lock = lock_timeout ? True : False;
6964 bool defer_lock = False;
6965 struct byte_range_lock *br_lck;
6966 uint32 block_smbpid;
6968 br_lck = do_lock(smbd_messaging_context(),
6979 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
6980 /* Windows internal resolution for blocking locks seems
6981 to be about 200ms... Don't wait for less than that. JRA. */
6982 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
6983 lock_timeout = lp_lock_spin_time();
6988 /* This heuristic seems to match W2K3 very well. If a
6989 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
6990 it pretends we asked for a timeout of between 150 - 300 milliseconds as
6991 far as I can tell. Replacement for do_lock_spin(). JRA. */
6993 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
6994 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
6996 lock_timeout = lp_lock_spin_time();
6999 if (br_lck && defer_lock) {
7001 * A blocking lock was requested. Package up
7002 * this smb into a queued request and push it
7003 * onto the blocking lock queue.
7005 if(push_blocking_lock_request(br_lck,
7016 TALLOC_FREE(br_lck);
7017 END_PROFILE(SMBlockingX);
7022 TALLOC_FREE(br_lck);
7025 if (NT_STATUS_V(status)) {
7026 END_PROFILE(SMBlockingX);
7027 reply_nterror(req, status);
7032 /* If any of the above locks failed, then we must unlock
7033 all of the previous locks (X/Open spec). */
7035 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
7039 * Ensure we don't do a remove on the lock that just failed,
7040 * as under POSIX rules, if we have a lock already there, we
7041 * will delete it (and we shouldn't) .....
7043 for(i--; i >= 0; i--) {
7044 lock_pid = get_lock_pid( data, i, large_file_format);
7045 count = get_lock_count( data, i, large_file_format);
7046 offset = get_lock_offset( data, i, large_file_format,
7050 * There is no error code marked "stupid client
7054 END_PROFILE(SMBlockingX);
7055 reply_doserror(req, ERRDOS, ERRnoaccess);
7059 do_unlock(smbd_messaging_context(),
7066 END_PROFILE(SMBlockingX);
7067 reply_nterror(req, status);
7071 reply_outbuf(req, 2, 0);
7073 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7074 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7076 END_PROFILE(SMBlockingX);
7081 #define DBGC_CLASS DBGC_ALL
7083 /****************************************************************************
7084 Reply to a SMBreadbmpx (read block multiplex) request.
7085 Always reply with an error, if someone has a platform really needs this,
7086 please contact vl@samba.org
7087 ****************************************************************************/
7089 void reply_readbmpx(struct smb_request *req)
7091 START_PROFILE(SMBreadBmpx);
7092 reply_doserror(req, ERRSRV, ERRuseSTD);
7093 END_PROFILE(SMBreadBmpx);
7097 /****************************************************************************
7098 Reply to a SMBreadbs (read block multiplex secondary) request.
7099 Always reply with an error, if someone has a platform really needs this,
7100 please contact vl@samba.org
7101 ****************************************************************************/
7103 void reply_readbs(struct smb_request *req)
7105 START_PROFILE(SMBreadBs);
7106 reply_doserror(req, ERRSRV, ERRuseSTD);
7107 END_PROFILE(SMBreadBs);
7111 /****************************************************************************
7112 Reply to a SMBsetattrE.
7113 ****************************************************************************/
7115 void reply_setattrE(struct smb_request *req)
7117 connection_struct *conn = req->conn;
7118 struct timespec ts[2];
7120 SMB_STRUCT_STAT sbuf;
7123 START_PROFILE(SMBsetattrE);
7126 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7127 END_PROFILE(SMBsetattrE);
7131 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7133 if(!fsp || (fsp->conn != conn)) {
7134 reply_doserror(req, ERRDOS, ERRbadfid);
7135 END_PROFILE(SMBsetattrE);
7141 * Convert the DOS times into unix times. Ignore create
7142 * time as UNIX can't set this.
7145 ts[0] = convert_time_t_to_timespec(
7146 srv_make_unix_date2(req->vwv+3)); /* atime. */
7147 ts[1] = convert_time_t_to_timespec(
7148 srv_make_unix_date2(req->vwv+5)); /* mtime. */
7150 reply_outbuf(req, 0, 0);
7153 * Patch from Ray Frush <frush@engr.colostate.edu>
7154 * Sometimes times are sent as zero - ignore them.
7157 /* Ensure we have a valid stat struct for the source. */
7158 if (fsp->fh->fd != -1) {
7159 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
7160 status = map_nt_error_from_unix(errno);
7161 reply_nterror(req, status);
7162 END_PROFILE(SMBsetattrE);
7166 if (SMB_VFS_STAT(conn, fsp->fsp_name, &sbuf) == -1) {
7167 status = map_nt_error_from_unix(errno);
7168 reply_nterror(req, status);
7169 END_PROFILE(SMBsetattrE);
7174 status = smb_set_file_time(conn, fsp, fsp->fsp_name,
7176 if (!NT_STATUS_IS_OK(status)) {
7177 reply_doserror(req, ERRDOS, ERRnoaccess);
7178 END_PROFILE(SMBsetattrE);
7182 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n",
7184 (unsigned int)ts[0].tv_sec,
7185 (unsigned int)ts[1].tv_sec));
7187 END_PROFILE(SMBsetattrE);
7192 /* Back from the dead for OS/2..... JRA. */
7194 /****************************************************************************
7195 Reply to a SMBwritebmpx (write block multiplex primary) request.
7196 Always reply with an error, if someone has a platform really needs this,
7197 please contact vl@samba.org
7198 ****************************************************************************/
7200 void reply_writebmpx(struct smb_request *req)
7202 START_PROFILE(SMBwriteBmpx);
7203 reply_doserror(req, ERRSRV, ERRuseSTD);
7204 END_PROFILE(SMBwriteBmpx);
7208 /****************************************************************************
7209 Reply to a SMBwritebs (write block multiplex secondary) request.
7210 Always reply with an error, if someone has a platform really needs this,
7211 please contact vl@samba.org
7212 ****************************************************************************/
7214 void reply_writebs(struct smb_request *req)
7216 START_PROFILE(SMBwriteBs);
7217 reply_doserror(req, ERRSRV, ERRuseSTD);
7218 END_PROFILE(SMBwriteBs);
7222 /****************************************************************************
7223 Reply to a SMBgetattrE.
7224 ****************************************************************************/
7226 void reply_getattrE(struct smb_request *req)
7228 connection_struct *conn = req->conn;
7229 SMB_STRUCT_STAT sbuf;
7232 struct timespec create_ts;
7234 START_PROFILE(SMBgetattrE);
7237 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7238 END_PROFILE(SMBgetattrE);
7242 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7244 if(!fsp || (fsp->conn != conn)) {
7245 reply_doserror(req, ERRDOS, ERRbadfid);
7246 END_PROFILE(SMBgetattrE);
7250 /* Do an fstat on this file */
7251 if(fsp_stat(fsp, &sbuf)) {
7252 reply_unixerror(req, ERRDOS, ERRnoaccess);
7253 END_PROFILE(SMBgetattrE);
7257 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
7260 * Convert the times into dos times. Set create
7261 * date to be last modify date as UNIX doesn't save
7265 reply_outbuf(req, 11, 0);
7267 create_ts = get_create_timespec(&sbuf,
7268 lp_fake_dir_create_times(SNUM(conn)));
7269 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7270 srv_put_dos_date2((char *)req->outbuf, smb_vwv2, sbuf.st_atime);
7271 /* Should we check pending modtime here ? JRA */
7272 srv_put_dos_date2((char *)req->outbuf, smb_vwv4, sbuf.st_mtime);
7275 SIVAL(req->outbuf, smb_vwv6, 0);
7276 SIVAL(req->outbuf, smb_vwv8, 0);
7278 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
7279 SIVAL(req->outbuf, smb_vwv6, (uint32)sbuf.st_size);
7280 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7282 SSVAL(req->outbuf,smb_vwv10, mode);
7284 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7286 END_PROFILE(SMBgetattrE);