2 Unix SMB/CIFS implementation.
5 Copyright (C) Stefan Metzmacher 2009
6 Copyright (C) Jeremy Allison 2010
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "smbd/smbd.h"
25 #include "smbd/globals.h"
26 #include "../libcli/smb/smb_common.h"
27 #include "../librpc/gen_ndr/ndr_security.h"
28 #include "../lib/util/tevent_ntstatus.h"
31 int map_smb2_oplock_levels_to_samba(uint8_t in_oplock_level)
33 switch(in_oplock_level) {
34 case SMB2_OPLOCK_LEVEL_NONE:
36 case SMB2_OPLOCK_LEVEL_II:
37 return LEVEL_II_OPLOCK;
38 case SMB2_OPLOCK_LEVEL_EXCLUSIVE:
39 return EXCLUSIVE_OPLOCK;
40 case SMB2_OPLOCK_LEVEL_BATCH:
42 case SMB2_OPLOCK_LEVEL_LEASE:
43 DEBUG(2,("map_smb2_oplock_levels_to_samba: "
44 "LEASE_OPLOCK_REQUESTED\n"));
47 DEBUG(2,("map_smb2_oplock_levels_to_samba: "
49 (unsigned int)in_oplock_level));
54 static uint8_t map_samba_oplock_levels_to_smb2(int oplock_type)
56 if (BATCH_OPLOCK_TYPE(oplock_type)) {
57 return SMB2_OPLOCK_LEVEL_BATCH;
58 } else if (EXCLUSIVE_OPLOCK_TYPE(oplock_type)) {
59 return SMB2_OPLOCK_LEVEL_EXCLUSIVE;
60 } else if (oplock_type == LEVEL_II_OPLOCK) {
62 * Don't use LEVEL_II_OPLOCK_TYPE here as
63 * this also includes FAKE_LEVEL_II_OPLOCKs
64 * which are internal only.
66 return SMB2_OPLOCK_LEVEL_II;
68 return SMB2_OPLOCK_LEVEL_NONE;
72 static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
73 struct tevent_context *ev,
74 struct smbd_smb2_request *smb2req,
75 uint8_t in_oplock_level,
76 uint32_t in_impersonation_level,
77 uint32_t in_desired_access,
78 uint32_t in_file_attributes,
79 uint32_t in_share_access,
80 uint32_t in_create_disposition,
81 uint32_t in_create_options,
83 struct smb2_create_blobs in_context_blobs);
84 static NTSTATUS smbd_smb2_create_recv(struct tevent_req *req,
86 uint8_t *out_oplock_level,
87 uint32_t *out_create_action,
88 NTTIME *out_creation_time,
89 NTTIME *out_last_access_time,
90 NTTIME *out_last_write_time,
91 NTTIME *out_change_time,
92 uint64_t *out_allocation_size,
93 uint64_t *out_end_of_file,
94 uint32_t *out_file_attributes,
95 uint64_t *out_file_id_persistent,
96 uint64_t *out_file_id_volatile,
97 struct smb2_create_blobs *out_context_blobs);
99 static void smbd_smb2_request_create_done(struct tevent_req *tsubreq);
100 NTSTATUS smbd_smb2_request_process_create(struct smbd_smb2_request *smb2req)
102 const uint8_t *inbody;
103 const struct iovec *indyniov;
104 uint8_t in_oplock_level;
105 uint32_t in_impersonation_level;
106 uint32_t in_desired_access;
107 uint32_t in_file_attributes;
108 uint32_t in_share_access;
109 uint32_t in_create_disposition;
110 uint32_t in_create_options;
111 uint16_t in_name_offset;
112 uint16_t in_name_length;
113 DATA_BLOB in_name_buffer;
114 char *in_name_string;
115 size_t in_name_string_size;
116 uint32_t name_offset = 0;
117 uint32_t name_available_length = 0;
118 uint32_t in_context_offset;
119 uint32_t in_context_length;
120 DATA_BLOB in_context_buffer;
121 struct smb2_create_blobs in_context_blobs;
122 uint32_t context_offset = 0;
123 uint32_t context_available_length = 0;
127 struct tevent_req *tsubreq;
129 status = smbd_smb2_request_verify_sizes(smb2req, 0x39);
130 if (!NT_STATUS_IS_OK(status)) {
131 return smbd_smb2_request_error(smb2req, status);
133 inbody = SMBD_SMB2_IN_BODY_PTR(smb2req);
135 in_oplock_level = CVAL(inbody, 0x03);
136 in_impersonation_level = IVAL(inbody, 0x04);
137 in_desired_access = IVAL(inbody, 0x18);
138 in_file_attributes = IVAL(inbody, 0x1C);
139 in_share_access = IVAL(inbody, 0x20);
140 in_create_disposition = IVAL(inbody, 0x24);
141 in_create_options = IVAL(inbody, 0x28);
142 in_name_offset = SVAL(inbody, 0x2C);
143 in_name_length = SVAL(inbody, 0x2E);
144 in_context_offset = IVAL(inbody, 0x30);
145 in_context_length = IVAL(inbody, 0x34);
148 * First check if the dynamic name and context buffers
149 * are correctly specified.
151 * Note: That we don't check if the name and context buffers
155 dyn_offset = SMB2_HDR_BODY + SMBD_SMB2_IN_BODY_LEN(smb2req);
157 if (in_name_offset == 0 && in_name_length == 0) {
160 } else if (in_name_offset < dyn_offset) {
161 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
163 name_offset = in_name_offset - dyn_offset;
166 indyniov = SMBD_SMB2_IN_DYN_IOV(smb2req);
168 if (name_offset > indyniov->iov_len) {
169 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
172 name_available_length = indyniov->iov_len - name_offset;
174 if (in_name_length > name_available_length) {
175 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
178 in_name_buffer.data = (uint8_t *)indyniov->iov_base + name_offset;
179 in_name_buffer.length = in_name_length;
181 if (in_context_offset == 0 && in_context_length == 0) {
184 } else if (in_context_offset < dyn_offset) {
185 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
187 context_offset = in_context_offset - dyn_offset;
190 if (context_offset > indyniov->iov_len) {
191 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
194 context_available_length = indyniov->iov_len - context_offset;
196 if (in_context_length > context_available_length) {
197 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
200 in_context_buffer.data = (uint8_t *)indyniov->iov_base +
202 in_context_buffer.length = in_context_length;
205 * Now interpret the name and context buffers
208 ok = convert_string_talloc(smb2req, CH_UTF16, CH_UNIX,
210 in_name_buffer.length,
212 &in_name_string_size);
214 return smbd_smb2_request_error(smb2req, NT_STATUS_ILLEGAL_CHARACTER);
217 if (in_name_buffer.length == 0) {
218 in_name_string_size = 0;
221 if (strlen(in_name_string) != in_name_string_size) {
222 return smbd_smb2_request_error(smb2req, NT_STATUS_OBJECT_NAME_INVALID);
225 ZERO_STRUCT(in_context_blobs);
226 status = smb2_create_blob_parse(smb2req, in_context_buffer, &in_context_blobs);
227 if (!NT_STATUS_IS_OK(status)) {
228 return smbd_smb2_request_error(smb2req, status);
231 tsubreq = smbd_smb2_create_send(smb2req,
232 smb2req->sconn->ev_ctx,
235 in_impersonation_level,
239 in_create_disposition,
243 if (tsubreq == NULL) {
244 smb2req->subreq = NULL;
245 return smbd_smb2_request_error(smb2req, NT_STATUS_NO_MEMORY);
247 tevent_req_set_callback(tsubreq, smbd_smb2_request_create_done, smb2req);
250 * For now we keep the logic that we do not send STATUS_PENDING
251 * for sharing violations, so we just wait 2 seconds.
253 * TODO: we need more tests for this.
255 return smbd_smb2_request_pending_queue(smb2req, tsubreq, 2000000);
258 static uint64_t get_mid_from_smb2req(struct smbd_smb2_request *smb2req)
260 uint8_t *reqhdr = SMBD_SMB2_OUT_HDR_PTR(smb2req);
261 return BVAL(reqhdr, SMB2_HDR_MESSAGE_ID);
264 static void smbd_smb2_request_create_done(struct tevent_req *tsubreq)
266 struct smbd_smb2_request *smb2req = tevent_req_callback_data(tsubreq,
267 struct smbd_smb2_request);
270 uint8_t out_oplock_level = 0;
271 uint32_t out_create_action = 0;
272 NTTIME out_creation_time = 0;
273 NTTIME out_last_access_time = 0;
274 NTTIME out_last_write_time = 0;
275 NTTIME out_change_time = 0;
276 uint64_t out_allocation_size = 0;
277 uint64_t out_end_of_file = 0;
278 uint32_t out_file_attributes = 0;
279 uint64_t out_file_id_persistent = 0;
280 uint64_t out_file_id_volatile = 0;
281 struct smb2_create_blobs out_context_blobs;
282 DATA_BLOB out_context_buffer;
283 uint16_t out_context_buffer_offset = 0;
285 NTSTATUS error; /* transport error */
287 if (smb2req->cancelled) {
288 uint64_t mid = get_mid_from_smb2req(smb2req);
289 DEBUG(10,("smbd_smb2_request_create_done: cancelled mid %llu\n",
290 (unsigned long long)mid ));
291 error = smbd_smb2_request_error(smb2req, NT_STATUS_CANCELLED);
292 if (!NT_STATUS_IS_OK(error)) {
293 smbd_server_connection_terminate(smb2req->sconn,
300 status = smbd_smb2_create_recv(tsubreq,
305 &out_last_access_time,
306 &out_last_write_time,
308 &out_allocation_size,
310 &out_file_attributes,
311 &out_file_id_persistent,
312 &out_file_id_volatile,
314 if (!NT_STATUS_IS_OK(status)) {
315 error = smbd_smb2_request_error(smb2req, status);
316 if (!NT_STATUS_IS_OK(error)) {
317 smbd_server_connection_terminate(smb2req->sconn,
324 status = smb2_create_blob_push(smb2req, &out_context_buffer, out_context_blobs);
325 if (!NT_STATUS_IS_OK(status)) {
326 error = smbd_smb2_request_error(smb2req, status);
327 if (!NT_STATUS_IS_OK(error)) {
328 smbd_server_connection_terminate(smb2req->sconn,
335 if (out_context_buffer.length > 0) {
336 out_context_buffer_offset = SMB2_HDR_BODY + 0x58;
339 outbody = data_blob_talloc(smb2req->out.vector, NULL, 0x58);
340 if (outbody.data == NULL) {
341 error = smbd_smb2_request_error(smb2req, NT_STATUS_NO_MEMORY);
342 if (!NT_STATUS_IS_OK(error)) {
343 smbd_server_connection_terminate(smb2req->sconn,
350 SSVAL(outbody.data, 0x00, 0x58 + 1); /* struct size */
351 SCVAL(outbody.data, 0x02,
352 out_oplock_level); /* oplock level */
353 SCVAL(outbody.data, 0x03, 0); /* reserved */
354 SIVAL(outbody.data, 0x04,
355 out_create_action); /* create action */
356 SBVAL(outbody.data, 0x08,
357 out_creation_time); /* creation time */
358 SBVAL(outbody.data, 0x10,
359 out_last_access_time); /* last access time */
360 SBVAL(outbody.data, 0x18,
361 out_last_write_time); /* last write time */
362 SBVAL(outbody.data, 0x20,
363 out_change_time); /* change time */
364 SBVAL(outbody.data, 0x28,
365 out_allocation_size); /* allocation size */
366 SBVAL(outbody.data, 0x30,
367 out_end_of_file); /* end of file */
368 SIVAL(outbody.data, 0x38,
369 out_file_attributes); /* file attributes */
370 SIVAL(outbody.data, 0x3C, 0); /* reserved */
371 SBVAL(outbody.data, 0x40,
372 out_file_id_persistent); /* file id (persistent) */
373 SBVAL(outbody.data, 0x48,
374 out_file_id_volatile); /* file id (volatile) */
375 SIVAL(outbody.data, 0x50,
376 out_context_buffer_offset); /* create contexts offset */
377 SIVAL(outbody.data, 0x54,
378 out_context_buffer.length); /* create contexts length */
380 outdyn = out_context_buffer;
382 error = smbd_smb2_request_done(smb2req, outbody, &outdyn);
383 if (!NT_STATUS_IS_OK(error)) {
384 smbd_server_connection_terminate(smb2req->sconn,
390 struct smbd_smb2_create_state {
391 struct smbd_smb2_request *smb2req;
392 struct smb_request *smb1req;
393 struct timed_event *te;
394 struct tevent_immediate *im;
395 struct timeval request_time;
397 DATA_BLOB private_data;
398 uint8_t out_oplock_level;
399 uint32_t out_create_action;
400 NTTIME out_creation_time;
401 NTTIME out_last_access_time;
402 NTTIME out_last_write_time;
403 NTTIME out_change_time;
404 uint64_t out_allocation_size;
405 uint64_t out_end_of_file;
406 uint32_t out_file_attributes;
407 uint64_t out_file_id_persistent;
408 uint64_t out_file_id_volatile;
409 struct smb2_create_blobs out_context_blobs;
412 static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
413 struct tevent_context *ev,
414 struct smbd_smb2_request *smb2req,
415 uint8_t in_oplock_level,
416 uint32_t in_impersonation_level,
417 uint32_t in_desired_access,
418 uint32_t in_file_attributes,
419 uint32_t in_share_access,
420 uint32_t in_create_disposition,
421 uint32_t in_create_options,
423 struct smb2_create_blobs in_context_blobs)
425 struct tevent_req *req = NULL;
426 struct smbd_smb2_create_state *state = NULL;
428 struct smb_request *smb1req = NULL;
429 files_struct *result = NULL;
431 struct timespec write_time_ts;
432 struct smb2_create_blobs out_context_blobs;
433 int requested_oplock_level;
434 struct smb2_create_blob *dhnc = NULL;
435 struct smb2_create_blob *dh2c = NULL;
436 struct smbXsrv_open *op = NULL;
438 ZERO_STRUCT(out_context_blobs);
440 if(lp_fake_oplocks(SNUM(smb2req->tcon->compat))) {
441 requested_oplock_level = SMB2_OPLOCK_LEVEL_NONE;
443 requested_oplock_level = in_oplock_level;
447 if (smb2req->subreq == NULL) {
448 /* New create call. */
449 req = tevent_req_create(mem_ctx, &state,
450 struct smbd_smb2_create_state);
454 state->smb2req = smb2req;
456 smb1req = smbd_smb2_fake_smb_request(smb2req);
457 if (tevent_req_nomem(smb1req, req)) {
458 return tevent_req_post(req, ev);
460 state->smb1req = smb1req;
461 smb2req->subreq = req;
462 DEBUG(10,("smbd_smb2_create: name[%s]\n",
465 /* Re-entrant create call. */
466 req = smb2req->subreq;
467 state = tevent_req_data(req,
468 struct smbd_smb2_create_state);
469 smb1req = state->smb1req;
470 DEBUG(10,("smbd_smb2_create_send: reentrant for file %s\n",
474 dhnc = smb2_create_blob_find(&in_context_blobs,
475 SMB2_CREATE_TAG_DHNC);
478 if (dhnc->data.length != 16) {
479 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
480 return tevent_req_post(req, ev);
482 if (in_context_blobs.num_blobs != 1) {
484 * DHNC should be the only one.
486 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
487 return tevent_req_post(req, ev);
491 dh2c = smb2_create_blob_find(&in_context_blobs,
492 SMB2_CREATE_TAG_DH2C);
494 if (dh2c->data.length != 36) {
495 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
496 return tevent_req_post(req, ev);
498 if (in_context_blobs.num_blobs != 1) {
500 * DH2C should be the only one.
502 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
503 return tevent_req_post(req, ev);
507 if (IS_IPC(smb1req->conn)) {
508 const char *pipe_name = in_name;
511 /* durable handles are not supported on IPC$ */
512 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
513 return tevent_req_post(req, ev);
516 if (!lp_nt_pipe_support()) {
517 tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
518 return tevent_req_post(req, ev);
521 status = open_np_file(smb1req, pipe_name, &result);
522 if (!NT_STATUS_IS_OK(status)) {
523 tevent_req_nterror(req, status);
524 return tevent_req_post(req, ev);
526 info = FILE_WAS_OPENED;
527 } else if (CAN_PRINT(smb1req->conn)) {
529 /* durable handles are not supported on printers */
530 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
531 return tevent_req_post(req, ev);
534 status = file_new(smb1req, smb1req->conn, &result);
535 if(!NT_STATUS_IS_OK(status)) {
536 tevent_req_nterror(req, status);
537 return tevent_req_post(req, ev);
540 status = print_spool_open(result, in_name,
542 if (!NT_STATUS_IS_OK(status)) {
543 file_free(smb1req, result);
544 tevent_req_nterror(req, status);
545 return tevent_req_post(req, ev);
547 info = FILE_WAS_CREATED;
550 struct smb2_create_blob *exta = NULL;
551 struct ea_list *ea_list = NULL;
552 struct smb2_create_blob *mxac = NULL;
553 NTTIME max_access_time = 0;
554 struct smb2_create_blob *secd = NULL;
555 struct security_descriptor *sec_desc = NULL;
556 struct smb2_create_blob *dhnq = NULL;
557 struct smb2_create_blob *alsi = NULL;
558 uint64_t allocation_size = 0;
559 struct smb2_create_blob *twrp = NULL;
560 struct smb2_create_blob *qfid = NULL;
561 struct GUID create_guid = GUID_zero();
562 bool update_open = false;
563 bool durable_requested = false;
564 uint32_t durable_timeout_msec = 0;
565 bool do_durable_reconnect = false;
566 struct smb2_create_blob *dh2q = NULL;
568 exta = smb2_create_blob_find(&in_context_blobs,
569 SMB2_CREATE_TAG_EXTA);
570 mxac = smb2_create_blob_find(&in_context_blobs,
571 SMB2_CREATE_TAG_MXAC);
572 secd = smb2_create_blob_find(&in_context_blobs,
573 SMB2_CREATE_TAG_SECD);
574 dhnq = smb2_create_blob_find(&in_context_blobs,
575 SMB2_CREATE_TAG_DHNQ);
576 alsi = smb2_create_blob_find(&in_context_blobs,
577 SMB2_CREATE_TAG_ALSI);
578 twrp = smb2_create_blob_find(&in_context_blobs,
579 SMB2_CREATE_TAG_TWRP);
580 qfid = smb2_create_blob_find(&in_context_blobs,
581 SMB2_CREATE_TAG_QFID);
582 dh2q = smb2_create_blob_find(&in_context_blobs,
583 SMB2_CREATE_TAG_DH2Q);
585 fname = talloc_strdup(state, in_name);
586 if (tevent_req_nomem(fname, req)) {
587 return tevent_req_post(req, ev);
591 ea_list = read_nttrans_ea_list(mem_ctx,
592 (const char *)exta->data.data, exta->data.length);
594 DEBUG(10,("smbd_smb2_create_send: read_ea_name_list failed.\n"));
595 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
596 return tevent_req_post(req, ev);
601 if (mxac->data.length == 0) {
603 } else if (mxac->data.length == 8) {
604 max_access_time = BVAL(mxac->data.data, 0);
606 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
607 return tevent_req_post(req, ev);
612 enum ndr_err_code ndr_err;
614 sec_desc = talloc_zero(state, struct security_descriptor);
615 if (tevent_req_nomem(sec_desc, req)) {
616 return tevent_req_post(req, ev);
619 ndr_err = ndr_pull_struct_blob(&secd->data,
621 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
622 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
623 DEBUG(2,("ndr_pull_security_descriptor failed: %s\n",
624 ndr_errstr(ndr_err)));
625 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
626 return tevent_req_post(req, ev);
631 if (dhnq->data.length != 16) {
632 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
633 return tevent_req_post(req, ev);
637 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
638 return tevent_req_post(req, ev);
642 * durable handle request is processed below.
644 durable_requested = true;
646 * Set the timeout to 16 mins.
648 * TODO: test this against Windows 2012
649 * as the default for durable v2 is 1 min.
651 durable_timeout_msec = (16*60*1000);
655 const uint8_t *p = dh2q->data.data;
656 uint32_t durable_v2_timeout = 0;
657 DATA_BLOB create_guid_blob;
659 if (dh2q->data.length != 32) {
660 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
661 return tevent_req_post(req, ev);
665 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
666 return tevent_req_post(req, ev);
669 durable_v2_timeout = IVAL(p, 0);
670 create_guid_blob = data_blob_const(p + 16, 16);
672 status = GUID_from_ndr_blob(&create_guid_blob,
674 if (tevent_req_nterror(req, status)) {
675 return tevent_req_post(req, ev);
678 * we need to store the create_guid later
683 * durable handle v2 request processed below
685 durable_requested = true;
686 durable_timeout_msec = durable_v2_timeout;
687 if (durable_timeout_msec == 0) {
689 * Set the timeout to 1 min as default.
691 * This matches Windows 2012.
693 durable_timeout_msec = (60*1000);
698 NTTIME now = timeval_to_nttime(&smb2req->request_time);
699 uint64_t persistent_id;
701 persistent_id = BVAL(dhnc->data.data, 0);
703 status = smb2srv_open_recreate(smb2req->sconn->conn,
704 smb1req->conn->session_info,
705 persistent_id, create_guid,
707 if (!NT_STATUS_IS_OK(status)) {
708 DEBUG(3, ("smbd_smb2_create_send: "
709 "smb2srv_open_recreate v1 failed: %s\n",
711 tevent_req_nterror(req, status);
712 return tevent_req_post(req, ev);
715 DEBUG(10, ("smb2_create_send: DHNC: %s recreate the "
716 "smb2srv_open struct for a durable handle.\n",
717 op->global->durable ? "did" : "could not"));
719 if (!op->global->durable) {
721 tevent_req_nterror(req,
722 NT_STATUS_OBJECT_NAME_NOT_FOUND);
723 return tevent_req_post(req, ev);
726 do_durable_reconnect = true;
730 const uint8_t *p = dh2c->data.data;
731 NTTIME now = timeval_to_nttime(&smb2req->request_time);
732 uint64_t persistent_id;
733 DATA_BLOB create_guid_blob;
735 persistent_id = BVAL(p, 0);
736 create_guid_blob = data_blob_const(p + 16, 16);
738 status = GUID_from_ndr_blob(&create_guid_blob,
740 if (tevent_req_nterror(req, status)) {
741 return tevent_req_post(req, ev);
744 status = smb2srv_open_recreate(smb2req->sconn->conn,
745 smb1req->conn->session_info,
746 persistent_id, create_guid,
748 if (!NT_STATUS_IS_OK(status)) {
749 DEBUG(3, ("smbd_smb2_create_send: "
750 "smb2srv_open_recreate v2 failed: %s\n",
752 tevent_req_nterror(req, status);
753 return tevent_req_post(req, ev);
756 DEBUG(10, ("smb2_create_send: DH2C: %s recreate the "
757 "smb2srv_open struct for a durable handle.\n",
758 op->global->durable ? "did" : "could not"));
760 if (!op->global->durable) {
762 tevent_req_nterror(req,
763 NT_STATUS_OBJECT_NAME_NOT_FOUND);
764 return tevent_req_post(req, ev);
767 do_durable_reconnect = true;
771 if (alsi->data.length != 8) {
772 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
773 return tevent_req_post(req, ev);
775 allocation_size = BVAL(alsi->data.data, 0);
783 if (twrp->data.length != 8) {
784 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
785 return tevent_req_post(req, ev);
788 nttime = BVAL(twrp->data.data, 0);
789 t = nt_time_to_unix(nttime);
793 fname = talloc_asprintf(state,
794 "@GMT-%04u.%02u.%02u-%02u.%02u.%02u\\%s",
802 if (tevent_req_nomem(fname, req)) {
803 return tevent_req_post(req, ev);
808 if (qfid->data.length != 0) {
809 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
810 return tevent_req_post(req, ev);
814 /* these are ignored for SMB2 */
815 in_create_options &= ~(0x10);/* NTCREATEX_OPTIONS_SYNC_ALERT */
816 in_create_options &= ~(0x20);/* NTCREATEX_OPTIONS_ASYNC_ALERT */
818 in_file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS;
820 DEBUG(10, ("smbd_smb2_create_send: open execution phase\n"));
823 * For the backend file open procedure, there are
824 * two possible modes: durable_reconnect or not.
826 if (do_durable_reconnect) {
827 DATA_BLOB new_cookie = data_blob_null;
829 status = SMB_VFS_DURABLE_RECONNECT(smb1req->conn,
832 op->global->backend_cookie,
833 op, &result, &new_cookie);
834 if (!NT_STATUS_IS_OK(status)) {
835 NTSTATUS return_status;
837 return_status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
839 DEBUG(3, ("smbd_smb2_create_send: "
840 "durable_reconnect failed: %s => %s\n",
842 nt_errstr(return_status)));
844 tevent_req_nterror(req, return_status);
845 return tevent_req_post(req, ev);
848 data_blob_free(&op->global->backend_cookie);
849 op->global->backend_cookie = new_cookie;
851 op->status = NT_STATUS_OK;
852 op->global->disconnect_time = 0;
854 status = smbXsrv_open_update(op);
855 if (!NT_STATUS_IS_OK(status)) {
856 tevent_req_nterror(req, status);
857 return tevent_req_post(req, ev);
860 info = FILE_WAS_OPENED;
862 struct smb_filename *smb_fname = NULL;
865 * For a DFS path the function parse_dfs_path()
866 * will do the path processing.
869 if (!(smb1req->flags2 & FLAGS2_DFS_PATHNAMES)) {
870 /* convert '\\' into '/' */
871 status = check_path_syntax(fname);
872 if (!NT_STATUS_IS_OK(status)) {
873 tevent_req_nterror(req, status);
874 return tevent_req_post(req, ev);
878 status = filename_convert(req,
880 smb1req->flags2 & FLAGS2_DFS_PATHNAMES,
882 0, /* unix_convert flags */
883 NULL, /* ppath_contains_wcards */
885 if (!NT_STATUS_IS_OK(status)) {
886 tevent_req_nterror(req, status);
887 return tevent_req_post(req, ev);
890 status = SMB_VFS_CREATE_FILE(smb1req->conn,
892 0, /* root_dir_fid */
896 in_create_disposition,
899 map_smb2_oplock_levels_to_samba(requested_oplock_level),
901 0, /* private_flags */
906 if (!NT_STATUS_IS_OK(status)) {
907 if (open_was_deferred(smb1req->sconn, smb1req->mid)) {
910 tevent_req_nterror(req, status);
911 return tevent_req_post(req, ev);
917 * here we have op == result->op
920 DEBUG(10, ("smbd_smb2_create_send: "
921 "response construction phase\n"));
924 NTTIME last_write_time;
926 unix_timespec_to_nt_time(&last_write_time,
927 result->fsp_name->st.st_ex_mtime);
928 if (last_write_time != max_access_time) {
930 uint32_t max_access_granted;
931 DATA_BLOB blob = data_blob_const(p, sizeof(p));
933 status = smbd_calculate_access_mask(smb1req->conn,
935 SEC_FLAG_MAXIMUM_ALLOWED,
936 &max_access_granted);
938 SIVAL(p, 0, NT_STATUS_V(status));
939 SIVAL(p, 4, max_access_granted);
941 status = smb2_create_blob_add(state,
943 SMB2_CREATE_TAG_MXAC,
945 if (!NT_STATUS_IS_OK(status)) {
946 tevent_req_nterror(req, status);
947 return tevent_req_post(req, ev);
952 if (durable_requested &&
953 BATCH_OPLOCK_TYPE(result->oplock_type))
955 status = SMB_VFS_DURABLE_COOKIE(result,
957 &op->global->backend_cookie);
958 if (!NT_STATUS_IS_OK(status)) {
959 op->global->backend_cookie = data_blob_null;
962 if (op->global->backend_cookie.length > 0) {
965 op->global->durable = true;
966 op->global->durable_timeout_msec = durable_timeout_msec;
970 op->global->create_guid = create_guid;
972 status = smbXsrv_open_update(op);
973 DEBUG(10, ("smb2_create_send: smbXsrv_open_update "
976 if (!NT_STATUS_IS_OK(status)) {
977 tevent_req_nterror(req, status);
978 return tevent_req_post(req, ev);
982 if (dhnq && op->global->durable) {
983 uint8_t p[8] = { 0, };
984 DATA_BLOB blob = data_blob_const(p, sizeof(p));
986 status = smb2_create_blob_add(state,
988 SMB2_CREATE_TAG_DHNQ,
990 if (!NT_STATUS_IS_OK(status)) {
991 tevent_req_nterror(req, status);
992 return tevent_req_post(req, ev);
996 if (dh2q && op->global->durable) {
997 uint8_t p[8] = { 0, };
998 DATA_BLOB blob = data_blob_const(p, sizeof(p));
999 uint32_t durable_v2_response_flags = 0;
1001 SIVAL(p, 0, op->global->durable_timeout_msec);
1002 SIVAL(p, 4, durable_v2_response_flags);
1004 status = smb2_create_blob_add(state, &out_context_blobs,
1005 SMB2_CREATE_TAG_DH2Q,
1007 if (!NT_STATUS_IS_OK(status)) {
1008 tevent_req_nterror(req, status);
1009 return tevent_req_post(req, ev);
1015 uint64_t file_index = get_FileIndex(result->conn,
1016 &result->fsp_name->st);
1017 DATA_BLOB blob = data_blob_const(p, sizeof(p));
1021 /* From conversations with Microsoft engineers at
1022 the MS plugfest. The first 8 bytes are the "volume index"
1023 == inode, the second 8 bytes are the "volume id",
1024 == dev. This will be updated in the SMB2 doc. */
1025 SBVAL(p, 0, file_index);
1026 SIVAL(p, 8, result->fsp_name->st.st_ex_dev);/* FileIndexHigh */
1028 status = smb2_create_blob_add(state, &out_context_blobs,
1029 SMB2_CREATE_TAG_QFID,
1031 if (!NT_STATUS_IS_OK(status)) {
1032 tevent_req_nterror(req, status);
1033 return tevent_req_post(req, ev);
1038 smb2req->compat_chain_fsp = smb1req->chain_fsp;
1040 if(lp_fake_oplocks(SNUM(smb2req->tcon->compat))) {
1041 state->out_oplock_level = in_oplock_level;
1043 state->out_oplock_level = map_samba_oplock_levels_to_smb2(result->oplock_type);
1046 if ((in_create_disposition == FILE_SUPERSEDE)
1047 && (info == FILE_WAS_OVERWRITTEN)) {
1048 state->out_create_action = FILE_WAS_SUPERSEDED;
1050 state->out_create_action = info;
1052 state->out_file_attributes = dos_mode(result->conn,
1054 /* Deal with other possible opens having a modified
1056 ZERO_STRUCT(write_time_ts);
1057 get_file_infos(result->file_id, 0, NULL, &write_time_ts);
1058 if (!null_timespec(write_time_ts)) {
1059 update_stat_ex_mtime(&result->fsp_name->st, write_time_ts);
1062 unix_timespec_to_nt_time(&state->out_creation_time,
1063 get_create_timespec(smb1req->conn, result,
1065 unix_timespec_to_nt_time(&state->out_last_access_time,
1066 result->fsp_name->st.st_ex_atime);
1067 unix_timespec_to_nt_time(&state->out_last_write_time,
1068 result->fsp_name->st.st_ex_mtime);
1069 unix_timespec_to_nt_time(&state->out_change_time,
1070 get_change_timespec(smb1req->conn, result,
1072 state->out_allocation_size =
1073 SMB_VFS_GET_ALLOC_SIZE(smb1req->conn, result,
1074 &(result->fsp_name->st));
1075 state->out_end_of_file = result->fsp_name->st.st_ex_size;
1076 if (state->out_file_attributes == 0) {
1077 state->out_file_attributes = FILE_ATTRIBUTE_NORMAL;
1079 state->out_file_id_persistent = result->op->global->open_persistent_id;
1080 state->out_file_id_volatile = result->op->global->open_volatile_id;
1081 state->out_context_blobs = out_context_blobs;
1083 DEBUG(10,("smbd_smb2_create_send: %s - %s\n",
1084 fsp_str_dbg(result), fsp_fnum_dbg(result)));
1086 tevent_req_done(req);
1087 return tevent_req_post(req, ev);
1090 static NTSTATUS smbd_smb2_create_recv(struct tevent_req *req,
1091 TALLOC_CTX *mem_ctx,
1092 uint8_t *out_oplock_level,
1093 uint32_t *out_create_action,
1094 NTTIME *out_creation_time,
1095 NTTIME *out_last_access_time,
1096 NTTIME *out_last_write_time,
1097 NTTIME *out_change_time,
1098 uint64_t *out_allocation_size,
1099 uint64_t *out_end_of_file,
1100 uint32_t *out_file_attributes,
1101 uint64_t *out_file_id_persistent,
1102 uint64_t *out_file_id_volatile,
1103 struct smb2_create_blobs *out_context_blobs)
1106 struct smbd_smb2_create_state *state = tevent_req_data(req,
1107 struct smbd_smb2_create_state);
1109 if (tevent_req_is_nterror(req, &status)) {
1110 tevent_req_received(req);
1114 *out_oplock_level = state->out_oplock_level;
1115 *out_create_action = state->out_create_action;
1116 *out_creation_time = state->out_creation_time;
1117 *out_last_access_time = state->out_last_access_time;
1118 *out_last_write_time = state->out_last_write_time;
1119 *out_change_time = state->out_change_time;
1120 *out_allocation_size = state->out_allocation_size;
1121 *out_end_of_file = state->out_end_of_file;
1122 *out_file_attributes = state->out_file_attributes;
1123 *out_file_id_persistent = state->out_file_id_persistent;
1124 *out_file_id_volatile = state->out_file_id_volatile;
1125 *out_context_blobs = state->out_context_blobs;
1127 talloc_steal(mem_ctx, state->out_context_blobs.blobs);
1129 tevent_req_received(req);
1130 return NT_STATUS_OK;
1133 /*********************************************************
1134 Code for dealing with deferred opens.
1135 *********************************************************/
1137 bool get_deferred_open_message_state_smb2(struct smbd_smb2_request *smb2req,
1138 struct timeval *p_request_time,
1141 struct smbd_smb2_create_state *state = NULL;
1142 struct tevent_req *req = NULL;
1147 if (smb2req->async_te == NULL) {
1150 req = smb2req->subreq;
1154 state = tevent_req_data(req, struct smbd_smb2_create_state);
1158 if (p_request_time) {
1159 *p_request_time = state->request_time;
1162 *pp_state = (void *)state->private_data.data;
1167 /*********************************************************
1168 Re-process this call early - requested by message or
1170 *********************************************************/
1172 static struct smbd_smb2_request *find_open_smb2req(
1173 struct smbd_server_connection *sconn, uint64_t mid)
1175 struct smbd_smb2_request *smb2req;
1177 for (smb2req = sconn->smb2.requests; smb2req; smb2req = smb2req->next) {
1178 uint64_t message_id;
1179 if (smb2req->subreq == NULL) {
1180 /* This message has been processed. */
1183 if (!tevent_req_is_in_progress(smb2req->subreq)) {
1184 /* This message has been processed. */
1187 message_id = get_mid_from_smb2req(smb2req);
1188 if (message_id == mid) {
1195 bool open_was_deferred_smb2(struct smbd_server_connection *sconn, uint64_t mid)
1197 struct smbd_smb2_create_state *state = NULL;
1198 struct smbd_smb2_request *smb2req;
1200 smb2req = find_open_smb2req(sconn, mid);
1203 DEBUG(10,("open_was_deferred_smb2: mid %llu smb2req == NULL\n",
1204 (unsigned long long)mid));
1207 if (!smb2req->subreq) {
1210 if (!tevent_req_is_in_progress(smb2req->subreq)) {
1213 state = tevent_req_data(smb2req->subreq,
1214 struct smbd_smb2_create_state);
1218 /* It's not in progress if there's no timeout event. */
1223 DEBUG(10,("open_was_deferred_smb2: mid = %llu\n",
1224 (unsigned long long)mid));
1229 static void remove_deferred_open_message_smb2_internal(struct smbd_smb2_request *smb2req,
1232 struct smbd_smb2_create_state *state = NULL;
1234 if (!smb2req->subreq) {
1237 if (!tevent_req_is_in_progress(smb2req->subreq)) {
1240 state = tevent_req_data(smb2req->subreq,
1241 struct smbd_smb2_create_state);
1246 DEBUG(10,("remove_deferred_open_message_smb2_internal: "
1248 (unsigned long long)mid ));
1250 /* Ensure we don't have any outstanding timer event. */
1251 TALLOC_FREE(state->te);
1252 /* Ensure we don't have any outstanding immediate event. */
1253 TALLOC_FREE(state->im);
1256 void remove_deferred_open_message_smb2(
1257 struct smbd_server_connection *sconn, uint64_t mid)
1259 struct smbd_smb2_request *smb2req;
1261 smb2req = find_open_smb2req(sconn, mid);
1264 DEBUG(10,("remove_deferred_open_message_smb2: "
1265 "can't find mid %llu\n",
1266 (unsigned long long)mid ));
1269 remove_deferred_open_message_smb2_internal(smb2req, mid);
1272 static void smbd_smb2_create_request_dispatch_immediate(struct tevent_context *ctx,
1273 struct tevent_immediate *im,
1276 struct smbd_smb2_request *smb2req = talloc_get_type_abort(private_data,
1277 struct smbd_smb2_request);
1278 struct smbd_server_connection *sconn = smb2req->sconn;
1279 uint64_t mid = get_mid_from_smb2req(smb2req);
1282 DEBUG(10,("smbd_smb2_create_request_dispatch_immediate: "
1283 "re-dispatching mid %llu\n",
1284 (unsigned long long)mid ));
1286 status = smbd_smb2_request_dispatch(smb2req);
1287 if (!NT_STATUS_IS_OK(status)) {
1288 smbd_server_connection_terminate(sconn, nt_errstr(status));
1293 bool schedule_deferred_open_message_smb2(
1294 struct smbd_server_connection *sconn, uint64_t mid)
1296 struct smbd_smb2_create_state *state = NULL;
1297 struct smbd_smb2_request *smb2req;
1299 smb2req = find_open_smb2req(sconn, mid);
1302 DEBUG(10,("schedule_deferred_open_message_smb2: "
1303 "can't find mid %llu\n",
1304 (unsigned long long)mid ));
1307 if (!smb2req->subreq) {
1310 if (!tevent_req_is_in_progress(smb2req->subreq)) {
1313 state = tevent_req_data(smb2req->subreq,
1314 struct smbd_smb2_create_state);
1319 /* Ensure we don't have any outstanding timer event. */
1320 TALLOC_FREE(state->te);
1321 /* Ensure we don't have any outstanding immediate event. */
1322 TALLOC_FREE(state->im);
1325 * This is subtle. We must null out the callback
1326 * before rescheduling, else the first call to
1327 * tevent_req_nterror() causes the _receive()
1328 * function to be called, this causing tevent_req_post()
1331 tevent_req_set_callback(smb2req->subreq, NULL, NULL);
1333 state->im = tevent_create_immediate(smb2req);
1335 smbd_server_connection_terminate(smb2req->sconn,
1336 nt_errstr(NT_STATUS_NO_MEMORY));
1340 DEBUG(10,("schedule_deferred_open_message_smb2: "
1341 "re-processing mid %llu\n",
1342 (unsigned long long)mid ));
1344 tevent_schedule_immediate(state->im,
1345 smb2req->sconn->ev_ctx,
1346 smbd_smb2_create_request_dispatch_immediate,
1352 /*********************************************************
1353 Re-process this call.
1354 *********************************************************/
1356 static void smb2_deferred_open_timer(struct event_context *ev,
1357 struct timed_event *te,
1358 struct timeval _tval,
1362 struct smbd_smb2_create_state *state = NULL;
1363 struct smbd_smb2_request *smb2req = talloc_get_type(private_data,
1364 struct smbd_smb2_request);
1366 DEBUG(10,("smb2_deferred_open_timer: [idx=%d], %s\n",
1367 smb2req->current_idx,
1368 tevent_req_default_print(smb2req->subreq, talloc_tos()) ));
1370 state = tevent_req_data(smb2req->subreq,
1371 struct smbd_smb2_create_state);
1376 * Null this out, don't talloc_free. It will
1377 * be talloc_free'd by the tevent library when
1381 /* Ensure we don't have any outstanding immediate event. */
1382 TALLOC_FREE(state->im);
1385 * This is subtle. We must null out the callback
1386 * before rescheduling, else the first call to
1387 * tevent_req_nterror() causes the _receive()
1388 * function to be called, this causing tevent_req_post()
1391 tevent_req_set_callback(smb2req->subreq, NULL, NULL);
1393 status = smbd_smb2_request_dispatch(smb2req);
1395 if (!NT_STATUS_IS_OK(status)) {
1396 smbd_server_connection_terminate(smb2req->sconn,
1401 static bool smbd_smb2_create_cancel(struct tevent_req *req)
1403 struct smbd_smb2_request *smb2req = NULL;
1404 struct smbd_smb2_create_state *state = tevent_req_data(req,
1405 struct smbd_smb2_create_state);
1412 if (!state->smb2req) {
1416 smb2req = state->smb2req;
1417 mid = get_mid_from_smb2req(smb2req);
1419 if (is_deferred_open_async(state->private_data.data)) {
1420 /* Can't cancel an async create. */
1424 remove_deferred_open_entry(state->id, mid,
1425 messaging_server_id(smb2req->sconn->msg_ctx));
1426 remove_deferred_open_message_smb2_internal(smb2req, mid);
1427 smb2req->cancelled = true;
1429 tevent_req_done(req);
1433 bool push_deferred_open_message_smb2(struct smbd_smb2_request *smb2req,
1434 struct timeval request_time,
1435 struct timeval timeout,
1440 struct tevent_req *req = NULL;
1441 struct smbd_smb2_create_state *state = NULL;
1442 struct timeval end_time;
1447 req = smb2req->subreq;
1451 state = tevent_req_data(req, struct smbd_smb2_create_state);
1456 state->request_time = request_time;
1457 state->private_data = data_blob_talloc(state, private_data,
1459 if (!state->private_data.data) {
1463 /* Re-schedule us to retry on timer expiry. */
1464 end_time = timeval_sum(&request_time, &timeout);
1466 DEBUG(10,("push_deferred_open_message_smb2: "
1468 timeval_string(talloc_tos(),
1472 state->te = tevent_add_timer(smb2req->sconn->ev_ctx,
1475 smb2_deferred_open_timer,
1481 /* allow this request to be canceled */
1482 tevent_req_set_cancel_fn(req, smbd_smb2_create_cancel);
git.samba.org / metze / samba / wip.git / blob