2 Unix SMB/CIFS implementation.
5 Copyright (C) Stefan Metzmacher 2009
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "smbd/globals.h"
23 #include "../libcli/smb/smb_common.h"
25 struct smbd_smb2_lock_element {
31 static struct tevent_req *smbd_smb2_lock_send(TALLOC_CTX *mem_ctx,
32 struct tevent_context *ev,
33 struct smbd_smb2_request *smb2req,
35 uint64_t in_file_id_volatile,
36 uint16_t in_lock_count,
37 struct smbd_smb2_lock_element *in_locks);
38 static NTSTATUS smbd_smb2_lock_recv(struct tevent_req *req);
40 static void smbd_smb2_request_lock_done(struct tevent_req *subreq);
41 NTSTATUS smbd_smb2_request_process_lock(struct smbd_smb2_request *req)
44 const uint8_t *inbody;
45 const int i = req->current_idx;
46 size_t expected_body_size = 0x30;
49 uint16_t in_lock_count;
50 uint64_t in_file_id_persistent;
51 uint64_t in_file_id_volatile;
52 struct smbd_smb2_lock_element *in_locks;
53 struct tevent_req *subreq;
54 const uint8_t *lock_buffer;
57 inhdr = (const uint8_t *)req->in.vector[i+0].iov_base;
58 if (req->in.vector[i+1].iov_len != (expected_body_size & 0xFFFFFFFE)) {
59 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
62 inbody = (const uint8_t *)req->in.vector[i+1].iov_base;
64 body_size = SVAL(inbody, 0x00);
65 if (body_size != expected_body_size) {
66 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
69 in_smbpid = IVAL(inhdr, SMB2_HDR_PID);
71 in_lock_count = CVAL(inbody, 0x02);
72 /* 0x04 - 4 bytes reserved */
73 in_file_id_persistent = BVAL(inbody, 0x08);
74 in_file_id_volatile = BVAL(inbody, 0x10);
76 if (in_lock_count < 1) {
77 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
80 if (((in_lock_count - 1) * 0x18) > req->in.vector[i+2].iov_len) {
81 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
84 if (req->compat_chain_fsp) {
86 } else if (in_file_id_persistent != 0) {
87 return smbd_smb2_request_error(req, NT_STATUS_FILE_CLOSED);
90 in_locks = talloc_array(req, struct smbd_smb2_lock_element,
92 if (in_locks == NULL) {
93 return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
97 lock_buffer = inbody + 0x18;
99 in_locks[l].offset = BVAL(lock_buffer, 0x00);
100 in_locks[l].length = BVAL(lock_buffer, 0x08);
101 in_locks[l].flags = IVAL(lock_buffer, 0x10);
102 /* 0x14 - 4 reserved bytes */
104 lock_buffer = (const uint8_t *)req->in.vector[i+2].iov_base;
106 for (l=1; l < in_lock_count; l++) {
107 in_locks[l].offset = BVAL(lock_buffer, 0x00);
108 in_locks[l].length = BVAL(lock_buffer, 0x08);
109 in_locks[l].flags = IVAL(lock_buffer, 0x10);
110 /* 0x14 - 4 reserved bytes */
115 subreq = smbd_smb2_lock_send(req,
116 req->sconn->smb2.event_ctx,
122 if (subreq == NULL) {
123 return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
125 tevent_req_set_callback(subreq, smbd_smb2_request_lock_done, req);
127 if (tevent_req_is_in_progress(subreq)) {
128 return smbd_smb2_request_pending_queue(req);
134 static void smbd_smb2_request_lock_done(struct tevent_req *subreq)
136 struct smbd_smb2_request *req = tevent_req_callback_data(subreq,
137 struct smbd_smb2_request);
140 NTSTATUS error; /* transport error */
142 status = smbd_smb2_lock_recv(subreq);
144 if (!NT_STATUS_IS_OK(status)) {
145 error = smbd_smb2_request_error(req, status);
146 if (!NT_STATUS_IS_OK(error)) {
147 smbd_server_connection_terminate(req->sconn,
154 outbody = data_blob_talloc(req->out.vector, NULL, 0x04);
155 if (outbody.data == NULL) {
156 error = smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
157 if (!NT_STATUS_IS_OK(error)) {
158 smbd_server_connection_terminate(req->sconn,
165 SSVAL(outbody.data, 0x00, 0x04); /* struct size */
166 SSVAL(outbody.data, 0x02, 0); /* reserved */
168 error = smbd_smb2_request_done(req, outbody, NULL);
169 if (!NT_STATUS_IS_OK(error)) {
170 smbd_server_connection_terminate(req->sconn,
176 struct smbd_smb2_lock_state {
177 struct smbd_smb2_request *smb2req;
180 static struct tevent_req *smbd_smb2_lock_send(TALLOC_CTX *mem_ctx,
181 struct tevent_context *ev,
182 struct smbd_smb2_request *smb2req,
184 uint64_t in_file_id_volatile,
185 uint16_t in_lock_count,
186 struct smbd_smb2_lock_element *in_locks)
188 struct tevent_req *req;
189 struct smbd_smb2_lock_state *state;
190 struct smb_request *smbreq;
191 connection_struct *conn = smb2req->tcon->compat_conn;
193 int32_t timeout = -1;
194 bool isunlock = false;
196 struct smbd_lock_element *locks;
200 req = tevent_req_create(mem_ctx, &state,
201 struct smbd_smb2_lock_state);
205 state->smb2req = smb2req;
207 DEBUG(10,("smbd_smb2_lock_send: file_id[0x%016llX]\n",
208 (unsigned long long)in_file_id_volatile));
210 smbreq = smbd_smb2_fake_smb_request(smb2req);
211 if (tevent_req_nomem(smbreq, req)) {
212 return tevent_req_post(req, ev);
215 fsp = file_fsp(smbreq, (uint16_t)in_file_id_volatile);
217 tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
218 return tevent_req_post(req, ev);
220 if (conn != fsp->conn) {
221 tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
222 return tevent_req_post(req, ev);
224 if (smb2req->session->vuid != fsp->vuid) {
225 tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
226 return tevent_req_post(req, ev);
229 locks = talloc_array(state, struct smbd_lock_element, in_lock_count);
231 tevent_req_nterror(req, NT_STATUS_NO_MEMORY);
232 return tevent_req_post(req, ev);
235 switch (in_locks[0].flags) {
236 case SMB2_LOCK_FLAG_SHARED:
237 case SMB2_LOCK_FLAG_EXCLUSIVE:
238 if (in_lock_count > 1) {
239 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
240 return tevent_req_post(req, ev);
245 case SMB2_LOCK_FLAG_SHARED|SMB2_LOCK_FLAG_FAIL_IMMEDIATELY:
246 case SMB2_LOCK_FLAG_EXCLUSIVE|SMB2_LOCK_FLAG_FAIL_IMMEDIATELY:
250 case SMB2_LOCK_FLAG_UNLOCK:
251 /* only the first lock gives the UNLOCK bit - see
258 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
259 return tevent_req_post(req, ev);
262 for (i=0; i<in_lock_count; i++) {
264 bool invalid = false;
266 switch (in_locks[i].flags) {
267 case SMB2_LOCK_FLAG_SHARED:
268 case SMB2_LOCK_FLAG_EXCLUSIVE:
270 tevent_req_nterror(req,
271 NT_STATUS_INVALID_PARAMETER);
272 return tevent_req_post(req, ev);
275 tevent_req_nterror(req,
276 NT_STATUS_INVALID_PARAMETER);
277 return tevent_req_post(req, ev);
281 case SMB2_LOCK_FLAG_SHARED|SMB2_LOCK_FLAG_FAIL_IMMEDIATELY:
282 case SMB2_LOCK_FLAG_EXCLUSIVE|SMB2_LOCK_FLAG_FAIL_IMMEDIATELY:
284 tevent_req_nterror(req,
285 NT_STATUS_INVALID_PARAMETER);
286 return tevent_req_post(req, ev);
290 case SMB2_LOCK_FLAG_UNLOCK:
292 tevent_req_nterror(req,
293 NT_STATUS_INVALID_PARAMETER);
294 return tevent_req_post(req, ev);
301 * is the first element was a UNLOCK
302 * we need to deferr the error response
303 * to the backend, because we need to process
304 * all unlock elements before
309 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
310 return tevent_req_post(req, ev);
313 locks[i].smbpid = in_smbpid;
314 locks[i].offset = in_locks[i].offset;
315 locks[i].count = in_locks[i].length;
317 if (in_locks[i].flags & SMB2_LOCK_FLAG_EXCLUSIVE) {
318 locks[i].brltype = WRITE_LOCK;
319 } else if (in_locks[i].flags & SMB2_LOCK_FLAG_SHARED) {
320 locks[i].brltype = READ_LOCK;
321 } else if (invalid) {
323 * this is an invalid UNLOCK element
324 * and the backend needs to test for
325 * brltype != UNLOCK_LOCK and return
326 * NT_STATUS_INVALID_PARAMER
328 locks[i].brltype = READ_LOCK;
330 locks[i].brltype = UNLOCK_LOCK;
333 max_count = UINT64_MAX - locks[i].offset;
334 if (locks[i].count > max_count) {
335 tevent_req_nterror(req, NT_STATUS_INVALID_LOCK_RANGE);
336 return tevent_req_post(req, ev);
341 status = smbd_do_locking(smbreq, fsp,
350 status = smbd_do_locking(smbreq, fsp,
359 if (!NT_STATUS_IS_OK(status)) {
360 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_LOCK_CONFLICT)) {
361 status = NT_STATUS_LOCK_NOT_GRANTED;
363 tevent_req_nterror(req, status);
364 return tevent_req_post(req, ev);
368 tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
369 return tevent_req_post(req, ev);
372 tevent_req_done(req);
373 return tevent_req_post(req, ev);
376 static NTSTATUS smbd_smb2_lock_recv(struct tevent_req *req)
380 if (tevent_req_is_nterror(req, &status)) {
381 tevent_req_received(req);
385 tevent_req_received(req);