2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol;
32 unsigned int smb_echo_count = 0;
33 extern uint32 global_client_caps;
35 extern struct current_user current_user;
36 extern BOOL global_encrypted_passwords_negotiated;
38 /****************************************************************************
39 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
40 path or anything including wildcards.
41 We're assuming here that '/' is not the second byte in any multibyte char
42 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
44 ****************************************************************************/
46 /* Custom version for processing POSIX paths. */
47 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
49 static NTSTATUS check_path_syntax_internal(char *path,
51 BOOL *p_last_component_contains_wcard)
55 NTSTATUS ret = NT_STATUS_OK;
56 BOOL start_of_name_component = True;
58 *p_last_component_contains_wcard = False;
61 if (IS_PATH_SEP(*s,posix_path)) {
63 * Safe to assume is not the second part of a mb char
64 * as this is handled below.
66 /* Eat multiple '/' or '\\' */
67 while (IS_PATH_SEP(*s,posix_path)) {
70 if ((d != path) && (*s != '\0')) {
71 /* We only care about non-leading or trailing '/' or '\\' */
75 start_of_name_component = True;
77 *p_last_component_contains_wcard = False;
81 if (start_of_name_component) {
82 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
83 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
86 * No mb char starts with '.' so we're safe checking the directory separator here.
89 /* If we just added a '/' - delete it */
90 if ((d > path) && (*(d-1) == '/')) {
95 /* Are we at the start ? Can't go back further if so. */
97 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
100 /* Go back one level... */
101 /* We know this is safe as '/' cannot be part of a mb sequence. */
102 /* NOTE - if this assumption is invalid we are not in good shape... */
103 /* Decrement d first as d points to the *next* char to write into. */
104 for (d--; d > path; d--) {
108 s += 2; /* Else go past the .. */
109 /* We're still at the start of a name component, just the previous one. */
112 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
125 return NT_STATUS_OBJECT_NAME_INVALID;
133 *p_last_component_contains_wcard = True;
142 /* Get the size of the next MB character. */
143 next_codepoint(s,&siz);
161 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
163 return NT_STATUS_INVALID_PARAMETER;
166 start_of_name_component = False;
173 /****************************************************************************
174 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
175 No wildcards allowed.
176 ****************************************************************************/
178 NTSTATUS check_path_syntax(char *path)
181 return check_path_syntax_internal(path, False, &ignore);
184 /****************************************************************************
185 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
186 Wildcards allowed - p_contains_wcard returns true if the last component contained
188 ****************************************************************************/
190 NTSTATUS check_path_syntax_wcard(char *path, BOOL *p_contains_wcard)
192 return check_path_syntax_internal(path, False, p_contains_wcard);
195 /****************************************************************************
196 Check the path for a POSIX client.
197 We're assuming here that '/' is not the second byte in any multibyte char
198 set (a safe assumption).
199 ****************************************************************************/
201 NTSTATUS check_path_syntax_posix(char *path)
204 return check_path_syntax_internal(path, True, &ignore);
207 /****************************************************************************
208 Pull a string and check the path allowing a wilcard - provide for error return.
209 ****************************************************************************/
211 size_t srvstr_get_path_wcard(const char *inbuf, uint16 smb_flags2, char *dest,
212 const char *src, size_t dest_len, size_t src_len,
213 int flags, NTSTATUS *err, BOOL *contains_wcard)
217 SMB_ASSERT(dest_len == sizeof(pstring));
221 ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src,
224 ret = srvstr_pull(inbuf, smb_flags2, dest, src,
225 dest_len, src_len, flags);
228 *contains_wcard = False;
230 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
232 * For a DFS path the function parse_dfs_path()
233 * will do the path processing, just make a copy.
239 if (lp_posix_pathnames()) {
240 *err = check_path_syntax_posix(dest);
242 *err = check_path_syntax_wcard(dest, contains_wcard);
248 /****************************************************************************
249 Pull a string and check the path - provide for error return.
250 ****************************************************************************/
252 size_t srvstr_get_path(const char *inbuf, uint16 smb_flags2, char *dest,
253 const char *src, size_t dest_len, size_t src_len,
254 int flags, NTSTATUS *err)
258 SMB_ASSERT(dest_len == sizeof(pstring));
262 ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src,
265 ret = srvstr_pull(inbuf, smb_flags2, dest, src,
266 dest_len, src_len, flags);
269 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err = check_path_syntax_posix(dest);
281 *err = check_path_syntax(dest);
287 /****************************************************************************
288 Check if we have a correct fsp pointing to a file. Replacement for the
290 ****************************************************************************/
291 BOOL check_fsp(connection_struct *conn, struct smb_request *req,
292 files_struct *fsp, struct current_user *user)
294 if (!(fsp) || !(conn)) {
295 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
298 if (((conn) != (fsp)->conn) || user->vuid != (fsp)->vuid) {
299 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
302 if ((fsp)->is_directory) {
303 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
306 if ((fsp)->fh->fd == -1) {
307 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
310 (fsp)->num_smb_operations++;
314 /****************************************************************************
315 Reply to a (netbios-level) special message.
316 ****************************************************************************/
318 void reply_special(char *inbuf)
320 int msg_type = CVAL(inbuf,0);
321 int msg_flags = CVAL(inbuf,1);
326 * We only really use 4 bytes of the outbuf, but for the smb_setlen
327 * calculation & friends (send_smb uses that) we need the full smb
330 char outbuf[smb_size];
332 static BOOL already_got_session = False;
336 memset(outbuf, '\0', sizeof(outbuf));
338 smb_setlen(inbuf,outbuf,0);
341 case 0x81: /* session request */
343 if (already_got_session) {
344 exit_server_cleanly("multiple session request not permitted");
347 SCVAL(outbuf,0,0x82);
349 if (name_len(inbuf+4) > 50 ||
350 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
351 DEBUG(0,("Invalid name length in session request\n"));
354 name_extract(inbuf,4,name1);
355 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
356 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
359 set_local_machine_name(name1, True);
360 set_remote_machine_name(name2, True);
362 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
363 get_local_machine_name(), get_remote_machine_name(),
366 if (name_type == 'R') {
367 /* We are being asked for a pathworks session ---
369 SCVAL(outbuf, 0,0x83);
373 /* only add the client's machine name to the list
374 of possibly valid usernames if we are operating
375 in share mode security */
376 if (lp_security() == SEC_SHARE) {
377 add_session_user(get_remote_machine_name());
380 reload_services(True);
383 already_got_session = True;
386 case 0x89: /* session keepalive request
387 (some old clients produce this?) */
388 SCVAL(outbuf,0,SMBkeepalive);
392 case 0x82: /* positive session response */
393 case 0x83: /* negative session response */
394 case 0x84: /* retarget session response */
395 DEBUG(0,("Unexpected session response\n"));
398 case SMBkeepalive: /* session keepalive */
403 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
404 msg_type, msg_flags));
406 send_smb(smbd_server_fd(), outbuf);
410 /****************************************************************************
412 conn POINTER CAN BE NULL HERE !
413 ****************************************************************************/
415 int reply_tcon(connection_struct *conn,
416 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
420 char *service_buf = NULL;
421 char *password = NULL;
424 uint16 vuid = SVAL(inbuf,smb_uid);
428 DATA_BLOB password_blob;
430 START_PROFILE(SMBtcon);
432 ctx = talloc_init("reply_tcon");
434 END_PROFILE(SMBtcon);
435 return ERROR_NT(NT_STATUS_NO_MEMORY);
438 p = smb_buf(inbuf)+1;
439 p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2),
440 &service_buf, p, STR_TERMINATE) + 1;
441 pwlen = srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2),
442 &password, p, STR_TERMINATE) + 1;
444 p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2),
445 &dev, p, STR_TERMINATE) + 1;
447 if (service_buf == NULL || password == NULL || dev == NULL) {
449 END_PROFILE(SMBtcon);
450 return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
452 p = strrchr_m(service_buf,'\\');
456 service = service_buf;
459 password_blob = data_blob(password, pwlen+1);
461 conn = make_connection(service,password_blob,dev,vuid,&nt_status);
463 data_blob_clear_free(&password_blob);
467 END_PROFILE(SMBtcon);
468 return ERROR_NT(nt_status);
471 outsize = set_message(inbuf,outbuf,2,0,True);
472 SSVAL(outbuf,smb_vwv0,max_recv);
473 SSVAL(outbuf,smb_vwv1,conn->cnum);
474 SSVAL(outbuf,smb_tid,conn->cnum);
476 DEBUG(3,("tcon service=%s cnum=%d\n",
477 service, conn->cnum));
479 END_PROFILE(SMBtcon);
484 /****************************************************************************
485 Reply to a tcon and X.
486 conn POINTER CAN BE NULL HERE !
487 ****************************************************************************/
489 void reply_tcon_and_X(connection_struct *conn, struct smb_request *req)
491 char *service = NULL;
494 TALLOC_CTX *ctx = NULL;
495 /* what the cleint thinks the device is */
496 char *client_devicetype = NULL;
497 /* what the server tells the client the share represents */
498 const char *server_devicetype;
505 START_PROFILE(SMBtconX);
508 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
509 END_PROFILE(SMBtconX);
513 passlen = SVAL(req->inbuf,smb_vwv3);
514 tcon_flags = SVAL(req->inbuf,smb_vwv2);
516 /* we might have to close an old one */
517 if ((tcon_flags & 0x1) && conn) {
518 close_cnum(conn,req->vuid);
521 if ((passlen > MAX_PASS_LEN) || (passlen >= smb_buflen(req->inbuf))) {
522 reply_doserror(req, ERRDOS, ERRbuftoosmall);
523 END_PROFILE(SMBtconX);
527 if (global_encrypted_passwords_negotiated) {
528 password = data_blob(smb_buf(req->inbuf),passlen);
529 if (lp_security() == SEC_SHARE) {
531 * Security = share always has a pad byte
532 * after the password.
534 p = smb_buf(req->inbuf) + passlen + 1;
536 p = smb_buf(req->inbuf) + passlen;
539 password = data_blob(smb_buf(req->inbuf),passlen+1);
540 /* Ensure correct termination */
541 password.data[passlen]=0;
542 p = smb_buf(req->inbuf) + passlen + 1;
545 ctx = talloc_init("reply_tcon_and_X");
547 data_blob_clear_free(&password);
548 reply_nterror(req, NT_STATUS_NO_MEMORY);
549 END_PROFILE(SMBtconX);
552 p += srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2, &path, p,
556 data_blob_clear_free(&password);
558 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
559 END_PROFILE(SMBtconX);
564 * the service name can be either: \\server\share
565 * or share directly like on the DELL PowerVault 705
568 q = strchr_m(path+2,'\\');
570 data_blob_clear_free(&password);
572 reply_doserror(req, ERRDOS, ERRnosuchshare);
573 END_PROFILE(SMBtconX);
581 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
582 &client_devicetype, p,
583 MIN(6,smb_bufrem(req->inbuf, p)), STR_ASCII);
585 if (client_devicetype == NULL) {
586 data_blob_clear_free(&password);
588 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
589 END_PROFILE(SMBtconX);
593 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
595 conn = make_connection(service, password, client_devicetype,
596 req->vuid, &nt_status);
598 data_blob_clear_free(&password);
602 reply_nterror(req, nt_status);
603 END_PROFILE(SMBtconX);
608 server_devicetype = "IPC";
609 else if ( IS_PRINT(conn) )
610 server_devicetype = "LPT1:";
612 server_devicetype = "A:";
614 if (Protocol < PROTOCOL_NT1) {
615 reply_outbuf(req, 2, 0);
616 if (message_push_string(&req->outbuf, server_devicetype,
617 STR_TERMINATE|STR_ASCII) == -1) {
619 reply_nterror(req, NT_STATUS_NO_MEMORY);
620 END_PROFILE(SMBtconX);
624 /* NT sets the fstype of IPC$ to the null string */
625 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
627 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
628 /* Return permissions. */
632 reply_outbuf(req, 7, 0);
635 perm1 = FILE_ALL_ACCESS;
636 perm2 = FILE_ALL_ACCESS;
638 perm1 = CAN_WRITE(conn) ?
643 SIVAL(req->outbuf, smb_vwv3, perm1);
644 SIVAL(req->outbuf, smb_vwv5, perm2);
646 reply_outbuf(req, 3, 0);
649 if ((message_push_string(&req->outbuf, server_devicetype,
650 STR_TERMINATE|STR_ASCII) == -1)
651 || (message_push_string(&req->outbuf, fstype,
652 STR_TERMINATE) == -1)) {
654 reply_nterror(req, NT_STATUS_NO_MEMORY);
655 END_PROFILE(SMBtconX);
659 /* what does setting this bit do? It is set by NT4 and
660 may affect the ability to autorun mounted cdroms */
661 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
662 (lp_csc_policy(SNUM(conn)) << 2));
664 init_dfsroot(conn, req->inbuf, req->outbuf);
668 DEBUG(3,("tconX service=%s \n",
671 /* set the incoming and outgoing tid to the just created one */
672 SSVAL(req->inbuf,smb_tid,conn->cnum);
673 SSVAL(req->outbuf,smb_tid,conn->cnum);
676 END_PROFILE(SMBtconX);
678 chain_reply_new(req);
682 /****************************************************************************
683 Reply to an unknown type.
684 ****************************************************************************/
686 int reply_unknown(char *inbuf,char *outbuf)
689 type = CVAL(inbuf,smb_com);
691 DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n",
692 smb_fn_name(type), type, type));
694 return(ERROR_DOS(ERRSRV,ERRunknownsmb));
697 void reply_unknown_new(struct smb_request *req, uint8 type)
699 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
700 smb_fn_name(type), type, type));
701 reply_doserror(req, ERRSRV, ERRunknownsmb);
705 /****************************************************************************
707 conn POINTER CAN BE NULL HERE !
708 ****************************************************************************/
710 int reply_ioctl(connection_struct *conn,
711 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
713 uint16 device = SVAL(inbuf,smb_vwv1);
714 uint16 function = SVAL(inbuf,smb_vwv2);
715 uint32 ioctl_code = (device << 16) + function;
716 int replysize, outsize;
718 START_PROFILE(SMBioctl);
720 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
722 switch (ioctl_code) {
723 case IOCTL_QUERY_JOB_INFO:
727 END_PROFILE(SMBioctl);
728 return(ERROR_DOS(ERRSRV,ERRnosupport));
731 outsize = set_message(inbuf,outbuf,8,replysize+1,True);
732 SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */
733 SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
734 SSVAL(outbuf,smb_vwv6,52); /* Offset to data */
735 p = smb_buf(outbuf) + 1; /* Allow for alignment */
737 switch (ioctl_code) {
738 case IOCTL_QUERY_JOB_INFO:
740 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
742 END_PROFILE(SMBioctl);
743 return(UNIXERROR(ERRDOS,ERRbadfid));
745 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
746 srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p+2,
748 STR_TERMINATE|STR_ASCII);
750 srvstr_push(outbuf, SVAL(outbuf, smb_flg2),
751 p+18, lp_servicename(SNUM(conn)),
752 13, STR_TERMINATE|STR_ASCII);
758 END_PROFILE(SMBioctl);
762 /****************************************************************************
763 Strange checkpath NTSTATUS mapping.
764 ****************************************************************************/
766 static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status)
768 /* Strange DOS error code semantics only for checkpath... */
769 if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) {
770 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
771 /* We need to map to ERRbadpath */
772 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
778 /****************************************************************************
779 Reply to a checkpath.
780 ****************************************************************************/
782 void reply_checkpath(connection_struct *conn, struct smb_request *req)
785 SMB_STRUCT_STAT sbuf;
788 START_PROFILE(SMBcheckpath);
790 srvstr_get_path((char *)req->inbuf, req->flags2, name,
791 smb_buf(req->inbuf) + 1, sizeof(name), 0,
792 STR_TERMINATE, &status);
793 if (!NT_STATUS_IS_OK(status)) {
794 status = map_checkpath_error((char *)req->inbuf, status);
795 reply_nterror(req, status);
796 END_PROFILE(SMBcheckpath);
800 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, name);
801 if (!NT_STATUS_IS_OK(status)) {
802 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
803 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
805 END_PROFILE(SMBcheckpath);
811 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->inbuf,smb_vwv0)));
813 status = unix_convert(conn, name, False, NULL, &sbuf);
814 if (!NT_STATUS_IS_OK(status)) {
818 status = check_name(conn, name);
819 if (!NT_STATUS_IS_OK(status)) {
820 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
824 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) {
825 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
826 status = map_nt_error_from_unix(errno);
830 if (!S_ISDIR(sbuf.st_mode)) {
831 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
833 END_PROFILE(SMBcheckpath);
837 reply_outbuf(req, 0, 0);
839 END_PROFILE(SMBcheckpath);
844 END_PROFILE(SMBcheckpath);
846 /* We special case this - as when a Windows machine
847 is parsing a path is steps through the components
848 one at a time - if a component fails it expects
849 ERRbadpath, not ERRbadfile.
851 status = map_checkpath_error((char *)req->inbuf, status);
852 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
854 * Windows returns different error codes if
855 * the parent directory is valid but not the
856 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
857 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
858 * if the path is invalid.
860 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
865 reply_nterror(req, status);
868 /****************************************************************************
870 ****************************************************************************/
872 int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
876 SMB_STRUCT_STAT sbuf;
883 START_PROFILE(SMBgetatr);
885 p = smb_buf(inbuf) + 1;
886 p += srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, p,
887 sizeof(fname), 0, STR_TERMINATE, &status);
888 if (!NT_STATUS_IS_OK(status)) {
889 END_PROFILE(SMBgetatr);
890 return ERROR_NT(status);
893 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
894 if (!NT_STATUS_IS_OK(status)) {
895 END_PROFILE(SMBgetatr);
896 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
897 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
899 return ERROR_NT(status);
902 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
903 under WfWg - weird! */
904 if (*fname == '\0') {
905 mode = aHIDDEN | aDIR;
906 if (!CAN_WRITE(conn)) {
912 status = unix_convert(conn, fname, False, NULL,&sbuf);
913 if (!NT_STATUS_IS_OK(status)) {
914 END_PROFILE(SMBgetatr);
915 return ERROR_NT(status);
917 status = check_name(conn, fname);
918 if (!NT_STATUS_IS_OK(status)) {
919 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
920 END_PROFILE(SMBgetatr);
921 return ERROR_NT(status);
923 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) {
924 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
925 return UNIXERROR(ERRDOS,ERRbadfile);
928 mode = dos_mode(conn,fname,&sbuf);
930 mtime = sbuf.st_mtime;
936 outsize = set_message(inbuf,outbuf,10,0,True);
938 SSVAL(outbuf,smb_vwv0,mode);
939 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
940 srv_put_dos_date3(outbuf,smb_vwv1,mtime & ~1);
942 srv_put_dos_date3(outbuf,smb_vwv1,mtime);
944 SIVAL(outbuf,smb_vwv3,(uint32)size);
946 if (Protocol >= PROTOCOL_NT1) {
947 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
950 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
952 END_PROFILE(SMBgetatr);
956 /****************************************************************************
958 ****************************************************************************/
960 int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
966 SMB_STRUCT_STAT sbuf;
970 START_PROFILE(SMBsetatr);
972 p = smb_buf(inbuf) + 1;
973 p += srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, p,
974 sizeof(fname), 0, STR_TERMINATE, &status);
975 if (!NT_STATUS_IS_OK(status)) {
976 END_PROFILE(SMBsetatr);
977 return ERROR_NT(status);
980 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
981 if (!NT_STATUS_IS_OK(status)) {
982 END_PROFILE(SMBsetatr);
983 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
984 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
986 return ERROR_NT(status);
989 status = unix_convert(conn, fname, False, NULL, &sbuf);
990 if (!NT_STATUS_IS_OK(status)) {
991 END_PROFILE(SMBsetatr);
992 return ERROR_NT(status);
995 status = check_name(conn, fname);
996 if (!NT_STATUS_IS_OK(status)) {
997 END_PROFILE(SMBsetatr);
998 return ERROR_NT(status);
1001 if (fname[0] == '.' && fname[1] == '\0') {
1003 * Not sure here is the right place to catch this
1004 * condition. Might be moved to somewhere else later -- vl
1006 END_PROFILE(SMBsetatr);
1007 return ERROR_NT(NT_STATUS_ACCESS_DENIED);
1010 mode = SVAL(inbuf,smb_vwv0);
1011 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
1013 if (mode != FILE_ATTRIBUTE_NORMAL) {
1014 if (VALID_STAT_OF_DIR(sbuf))
1019 if (file_set_dosmode(conn,fname,mode,&sbuf,False) != 0) {
1020 END_PROFILE(SMBsetatr);
1021 return UNIXERROR(ERRDOS, ERRnoaccess);
1025 if (!set_filetime(conn,fname,convert_time_t_to_timespec(mtime))) {
1026 END_PROFILE(SMBsetatr);
1027 return UNIXERROR(ERRDOS, ERRnoaccess);
1030 outsize = set_message(inbuf,outbuf,0,0,False);
1032 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1034 END_PROFILE(SMBsetatr);
1038 /****************************************************************************
1040 ****************************************************************************/
1042 void reply_dskattr(connection_struct *conn, struct smb_request *req)
1044 SMB_BIG_UINT dfree,dsize,bsize;
1045 START_PROFILE(SMBdskattr);
1047 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) {
1048 reply_unixerror(req, ERRHRD, ERRgeneral);
1049 END_PROFILE(SMBdskattr);
1053 reply_outbuf(req, 5, 0);
1055 if (Protocol <= PROTOCOL_LANMAN2) {
1056 double total_space, free_space;
1057 /* we need to scale this to a number that DOS6 can handle. We
1058 use floating point so we can handle large drives on systems
1059 that don't have 64 bit integers
1061 we end up displaying a maximum of 2G to DOS systems
1063 total_space = dsize * (double)bsize;
1064 free_space = dfree * (double)bsize;
1066 dsize = (total_space+63*512) / (64*512);
1067 dfree = (free_space+63*512) / (64*512);
1069 if (dsize > 0xFFFF) dsize = 0xFFFF;
1070 if (dfree > 0xFFFF) dfree = 0xFFFF;
1072 SSVAL(req->outbuf,smb_vwv0,dsize);
1073 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1074 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1075 SSVAL(req->outbuf,smb_vwv3,dfree);
1077 SSVAL(req->outbuf,smb_vwv0,dsize);
1078 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1079 SSVAL(req->outbuf,smb_vwv2,512);
1080 SSVAL(req->outbuf,smb_vwv3,dfree);
1083 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1085 END_PROFILE(SMBdskattr);
1089 /****************************************************************************
1091 Can be called from SMBsearch, SMBffirst or SMBfunique.
1092 ****************************************************************************/
1094 int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1104 unsigned int numentries = 0;
1105 unsigned int maxentries = 0;
1106 BOOL finished = False;
1112 BOOL check_descend = False;
1113 BOOL expect_close = False;
1115 BOOL mask_contains_wcard = False;
1116 BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1118 START_PROFILE(SMBsearch);
1120 if (lp_posix_pathnames()) {
1121 END_PROFILE(SMBsearch);
1122 return reply_unknown(inbuf, outbuf);
1125 *mask = *directory = *fname = 0;
1127 /* If we were called as SMBffirst then we must expect close. */
1128 if(CVAL(inbuf,smb_com) == SMBffirst) {
1129 expect_close = True;
1132 outsize = set_message(inbuf,outbuf,1,3,True);
1133 maxentries = SVAL(inbuf,smb_vwv0);
1134 dirtype = SVAL(inbuf,smb_vwv1);
1135 p = smb_buf(inbuf) + 1;
1136 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), path, p,
1137 sizeof(path), 0, STR_TERMINATE, &nt_status,
1138 &mask_contains_wcard);
1139 if (!NT_STATUS_IS_OK(nt_status)) {
1140 END_PROFILE(SMBsearch);
1141 return ERROR_NT(nt_status);
1144 nt_status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, path, &mask_contains_wcard);
1145 if (!NT_STATUS_IS_OK(nt_status)) {
1146 END_PROFILE(SMBsearch);
1147 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1148 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1150 return ERROR_NT(nt_status);
1154 status_len = SVAL(p, 0);
1157 /* dirtype &= ~aDIR; */
1159 if (status_len == 0) {
1160 SMB_STRUCT_STAT sbuf;
1162 pstrcpy(directory,path);
1163 nt_status = unix_convert(conn, directory, True, NULL, &sbuf);
1164 if (!NT_STATUS_IS_OK(nt_status)) {
1165 END_PROFILE(SMBsearch);
1166 return ERROR_NT(nt_status);
1169 nt_status = check_name(conn, directory);
1170 if (!NT_STATUS_IS_OK(nt_status)) {
1171 END_PROFILE(SMBsearch);
1172 return ERROR_NT(nt_status);
1175 p = strrchr_m(directory,'/');
1177 pstrcpy(mask,directory);
1178 pstrcpy(directory,".");
1184 if (*directory == '\0') {
1185 pstrcpy(directory,".");
1187 memset((char *)status,'\0',21);
1188 SCVAL(status,0,(dirtype & 0x1F));
1192 memcpy(status,p,21);
1193 status_dirtype = CVAL(status,0) & 0x1F;
1194 if (status_dirtype != (dirtype & 0x1F)) {
1195 dirtype = status_dirtype;
1198 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1199 if (!conn->dirptr) {
1202 string_set(&conn->dirpath,dptr_path(dptr_num));
1203 pstrcpy(mask, dptr_wcard(dptr_num));
1205 * For a 'continue' search we have no string. So
1206 * check from the initial saved string.
1208 mask_contains_wcard = ms_has_wild(mask);
1211 p = smb_buf(outbuf) + 3;
1213 if (status_len == 0) {
1214 nt_status = dptr_create(conn,
1218 SVAL(inbuf,smb_pid),
1220 mask_contains_wcard,
1223 if (!NT_STATUS_IS_OK(nt_status)) {
1224 return ERROR_NT(nt_status);
1226 dptr_num = dptr_dnum(conn->dirptr);
1228 dirtype = dptr_attr(dptr_num);
1231 DEBUG(4,("dptr_num is %d\n",dptr_num));
1233 if ((dirtype&0x1F) == aVOLID) {
1234 memcpy(p,status,21);
1235 make_dir_struct(p,"???????????",volume_label(SNUM(conn)),
1236 0,aVOLID,0,!allow_long_path_components);
1237 dptr_fill(p+12,dptr_num);
1238 if (dptr_zero(p+12) && (status_len==0)) {
1243 p += DIR_STRUCT_SIZE;
1246 maxentries = MIN(maxentries, ((BUFFER_SIZE - (p - outbuf))/DIR_STRUCT_SIZE));
1248 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1249 conn->dirpath,lp_dontdescend(SNUM(conn))));
1250 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1251 check_descend = True;
1254 for (i=numentries;(i<maxentries) && !finished;i++) {
1255 finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
1257 memcpy(p,status,21);
1258 make_dir_struct(p,mask,fname,size, mode,date,
1259 !allow_long_path_components);
1260 if (!dptr_fill(p+12,dptr_num)) {
1264 p += DIR_STRUCT_SIZE;
1271 /* If we were called as SMBffirst with smb_search_id == NULL
1272 and no entries were found then return error and close dirptr
1275 if (numentries == 0) {
1276 dptr_close(&dptr_num);
1277 } else if(expect_close && status_len == 0) {
1278 /* Close the dptr - we know it's gone */
1279 dptr_close(&dptr_num);
1282 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1283 if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) {
1284 dptr_close(&dptr_num);
1287 if ((numentries == 0) && !mask_contains_wcard) {
1288 return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles);
1291 SSVAL(outbuf,smb_vwv0,numentries);
1292 SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1293 SCVAL(smb_buf(outbuf),0,5);
1294 SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE);
1296 /* The replies here are never long name. */
1297 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1298 if (!allow_long_path_components) {
1299 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_LONG_PATH_COMPONENTS));
1302 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1303 SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1305 outsize += DIR_STRUCT_SIZE*numentries;
1306 smb_setlen(inbuf,outbuf,outsize - 4);
1308 if ((! *directory) && dptr_path(dptr_num))
1309 slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num));
1311 DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1312 smb_fn_name(CVAL(inbuf,smb_com)),
1313 mask, directory, dirtype, numentries, maxentries ) );
1315 END_PROFILE(SMBsearch);
1319 /****************************************************************************
1320 Reply to a fclose (stop directory search).
1321 ****************************************************************************/
1323 int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1332 BOOL path_contains_wcard = False;
1334 START_PROFILE(SMBfclose);
1336 if (lp_posix_pathnames()) {
1337 END_PROFILE(SMBfclose);
1338 return reply_unknown(inbuf, outbuf);
1341 outsize = set_message(inbuf,outbuf,1,0,True);
1342 p = smb_buf(inbuf) + 1;
1343 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), path, p,
1344 sizeof(path), 0, STR_TERMINATE, &err,
1345 &path_contains_wcard);
1346 if (!NT_STATUS_IS_OK(err)) {
1347 END_PROFILE(SMBfclose);
1348 return ERROR_NT(err);
1351 status_len = SVAL(p,0);
1354 if (status_len == 0) {
1355 END_PROFILE(SMBfclose);
1356 return ERROR_DOS(ERRSRV,ERRsrverror);
1359 memcpy(status,p,21);
1361 if(dptr_fetch(status+12,&dptr_num)) {
1362 /* Close the dptr - we know it's gone */
1363 dptr_close(&dptr_num);
1366 SSVAL(outbuf,smb_vwv0,0);
1368 DEBUG(3,("search close\n"));
1370 END_PROFILE(SMBfclose);
1374 /****************************************************************************
1376 ****************************************************************************/
1378 int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1386 SMB_STRUCT_STAT sbuf;
1388 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1390 uint32 dos_attr = SVAL(inbuf,smb_vwv1);
1393 uint32 create_disposition;
1394 uint32 create_options = 0;
1396 struct smb_request req;
1398 START_PROFILE(SMBopen);
1400 init_smb_request(&req, (uint8 *)inbuf);
1402 deny_mode = SVAL(inbuf,smb_vwv0);
1404 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1,
1405 sizeof(fname), 0, STR_TERMINATE, &status);
1406 if (!NT_STATUS_IS_OK(status)) {
1407 END_PROFILE(SMBopen);
1408 return ERROR_NT(status);
1411 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1412 if (!NT_STATUS_IS_OK(status)) {
1413 END_PROFILE(SMBopen);
1414 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1415 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1417 return ERROR_NT(status);
1420 status = unix_convert(conn, fname, False, NULL, &sbuf);
1421 if (!NT_STATUS_IS_OK(status)) {
1422 END_PROFILE(SMBopen);
1423 return ERROR_NT(status);
1426 status = check_name(conn, fname);
1427 if (!NT_STATUS_IS_OK(status)) {
1428 END_PROFILE(SMBopen);
1429 return ERROR_NT(status);
1432 if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN,
1433 &access_mask, &share_mode, &create_disposition, &create_options)) {
1434 END_PROFILE(SMBopen);
1435 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1438 status = open_file_ntcreate(conn, &req, fname, &sbuf,
1447 if (!NT_STATUS_IS_OK(status)) {
1448 END_PROFILE(SMBopen);
1449 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1450 /* We have re-scheduled this call. */
1453 return ERROR_NT(status);
1456 size = sbuf.st_size;
1457 fattr = dos_mode(conn,fname,&sbuf);
1458 mtime = sbuf.st_mtime;
1461 DEBUG(3,("attempt to open a directory %s\n",fname));
1462 close_file(fsp,ERROR_CLOSE);
1463 END_PROFILE(SMBopen);
1464 return ERROR_DOS(ERRDOS,ERRnoaccess);
1467 outsize = set_message(inbuf,outbuf,7,0,True);
1468 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1469 SSVAL(outbuf,smb_vwv1,fattr);
1470 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1471 srv_put_dos_date3(outbuf,smb_vwv2,mtime & ~1);
1473 srv_put_dos_date3(outbuf,smb_vwv2,mtime);
1475 SIVAL(outbuf,smb_vwv4,(uint32)size);
1476 SSVAL(outbuf,smb_vwv6,deny_mode);
1478 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1479 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1482 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1483 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1485 END_PROFILE(SMBopen);
1489 /****************************************************************************
1490 Reply to an open and X.
1491 ****************************************************************************/
1493 void reply_open_and_X(connection_struct *conn, struct smb_request *req)
1499 /* Breakout the oplock request bits so we can set the
1500 reply bits separately. */
1501 int ex_oplock_request;
1502 int core_oplock_request;
1505 int smb_sattr = SVAL(req->inbuf,smb_vwv4);
1506 uint32 smb_time = make_unix_date3(req->inbuf+smb_vwv6);
1511 SMB_STRUCT_STAT sbuf;
1515 SMB_BIG_UINT allocation_size;
1516 ssize_t retval = -1;
1519 uint32 create_disposition;
1520 uint32 create_options = 0;
1522 START_PROFILE(SMBopenX);
1524 if (req->wct < 15) {
1525 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1526 END_PROFILE(SMBopenX);
1530 open_flags = SVAL(req->inbuf,smb_vwv2);
1531 deny_mode = SVAL(req->inbuf,smb_vwv3);
1532 smb_attr = SVAL(req->inbuf,smb_vwv5);
1533 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1534 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1535 oplock_request = ex_oplock_request | core_oplock_request;
1536 smb_ofun = SVAL(req->inbuf,smb_vwv8);
1537 allocation_size = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv9);
1539 /* If it's an IPC, pass off the pipe handler. */
1541 if (lp_nt_pipe_support()) {
1542 reply_open_pipe_and_X(conn, req);
1544 reply_doserror(req, ERRSRV, ERRaccess);
1546 END_PROFILE(SMBopenX);
1550 /* XXXX we need to handle passed times, sattr and flags */
1551 srvstr_get_path((char *)req->inbuf, req->flags2, fname,
1552 smb_buf(req->inbuf), sizeof(fname), 0, STR_TERMINATE,
1554 if (!NT_STATUS_IS_OK(status)) {
1555 reply_nterror(req, status);
1556 END_PROFILE(SMBopenX);
1560 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
1562 if (!NT_STATUS_IS_OK(status)) {
1563 END_PROFILE(SMBopenX);
1564 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1565 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1566 ERRSRV, ERRbadpath);
1569 reply_nterror(req, status);
1573 status = unix_convert(conn, fname, False, NULL, &sbuf);
1574 if (!NT_STATUS_IS_OK(status)) {
1575 reply_nterror(req, status);
1576 END_PROFILE(SMBopenX);
1580 status = check_name(conn, fname);
1581 if (!NT_STATUS_IS_OK(status)) {
1582 reply_nterror(req, status);
1583 END_PROFILE(SMBopenX);
1587 if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun,
1590 &create_disposition,
1592 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1593 END_PROFILE(SMBopenX);
1597 status = open_file_ntcreate(conn, req, fname, &sbuf,
1606 if (!NT_STATUS_IS_OK(status)) {
1607 END_PROFILE(SMBopenX);
1608 if (open_was_deferred(req->mid)) {
1609 /* We have re-scheduled this call. */
1612 reply_nterror(req, status);
1616 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1617 if the file is truncated or created. */
1618 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1619 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1620 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1621 close_file(fsp,ERROR_CLOSE);
1622 reply_nterror(req, NT_STATUS_DISK_FULL);
1623 END_PROFILE(SMBopenX);
1626 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1628 close_file(fsp,ERROR_CLOSE);
1629 reply_nterror(req, NT_STATUS_DISK_FULL);
1630 END_PROFILE(SMBopenX);
1633 sbuf.st_size = get_allocation_size(conn,fsp,&sbuf);
1636 fattr = dos_mode(conn,fname,&sbuf);
1637 mtime = sbuf.st_mtime;
1639 close_file(fsp,ERROR_CLOSE);
1640 reply_doserror(req, ERRDOS, ERRnoaccess);
1641 END_PROFILE(SMBopenX);
1645 /* If the caller set the extended oplock request bit
1646 and we granted one (by whatever means) - set the
1647 correct bit for extended oplock reply.
1650 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1651 smb_action |= EXTENDED_OPLOCK_GRANTED;
1654 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1655 smb_action |= EXTENDED_OPLOCK_GRANTED;
1658 /* If the caller set the core oplock request bit
1659 and we granted one (by whatever means) - set the
1660 correct bit for core oplock reply.
1663 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1664 reply_outbuf(req, 19, 0);
1666 reply_outbuf(req, 15, 0);
1669 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1670 SCVAL(req->outbuf, smb_flg,
1671 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1674 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1675 SCVAL(req->outbuf, smb_flg,
1676 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1679 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
1680 SSVAL(req->outbuf,smb_vwv3,fattr);
1681 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1682 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
1684 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
1686 SIVAL(req->outbuf,smb_vwv6,(uint32)sbuf.st_size);
1687 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1688 SSVAL(req->outbuf,smb_vwv11,smb_action);
1690 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1691 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1694 END_PROFILE(SMBopenX);
1695 chain_reply_new(req);
1699 /****************************************************************************
1700 Reply to a SMBulogoffX.
1701 conn POINTER CAN BE NULL HERE !
1702 ****************************************************************************/
1704 void reply_ulogoffX(connection_struct *conn, struct smb_request *req)
1708 START_PROFILE(SMBulogoffX);
1710 vuser = get_valid_user_struct(req->vuid);
1713 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1717 /* in user level security we are supposed to close any files
1718 open by this user */
1719 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
1720 file_close_user(req->vuid);
1723 invalidate_vuid(req->vuid);
1725 reply_outbuf(req, 2, 0);
1727 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
1729 END_PROFILE(SMBulogoffX);
1730 chain_reply_new(req);
1733 /****************************************************************************
1734 Reply to a mknew or a create.
1735 ****************************************************************************/
1737 int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1742 uint32 fattr = SVAL(inbuf,smb_vwv0);
1743 struct timespec ts[2];
1745 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1746 SMB_STRUCT_STAT sbuf;
1748 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1749 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1750 uint32 create_disposition;
1751 uint32 create_options = 0;
1752 struct smb_request req;
1754 START_PROFILE(SMBcreate);
1756 init_smb_request(&req, (uint8 *)inbuf);
1758 com = SVAL(inbuf,smb_com);
1760 ts[1] = convert_time_t_to_timespec(srv_make_unix_date3(inbuf + smb_vwv1)); /* mtime. */
1762 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf) + 1,
1763 sizeof(fname), 0, STR_TERMINATE, &status);
1764 if (!NT_STATUS_IS_OK(status)) {
1765 END_PROFILE(SMBcreate);
1766 return ERROR_NT(status);
1769 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1770 if (!NT_STATUS_IS_OK(status)) {
1771 END_PROFILE(SMBcreate);
1772 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1773 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1775 return ERROR_NT(status);
1778 status = unix_convert(conn, fname, False, NULL, &sbuf);
1779 if (!NT_STATUS_IS_OK(status)) {
1780 END_PROFILE(SMBcreate);
1781 return ERROR_NT(status);
1784 status = check_name(conn, fname);
1785 if (!NT_STATUS_IS_OK(status)) {
1786 END_PROFILE(SMBcreate);
1787 return ERROR_NT(status);
1790 if (fattr & aVOLID) {
1791 DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname));
1794 if(com == SMBmknew) {
1795 /* We should fail if file exists. */
1796 create_disposition = FILE_CREATE;
1798 /* Create if file doesn't exist, truncate if it does. */
1799 create_disposition = FILE_OVERWRITE_IF;
1802 /* Open file using ntcreate. */
1803 status = open_file_ntcreate(conn, &req, fname, &sbuf,
1812 if (!NT_STATUS_IS_OK(status)) {
1813 END_PROFILE(SMBcreate);
1814 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1815 /* We have re-scheduled this call. */
1818 return ERROR_NT(status);
1821 ts[0] = get_atimespec(&sbuf); /* atime. */
1822 file_ntimes(conn, fname, ts);
1824 outsize = set_message(inbuf,outbuf,1,0,True);
1825 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1827 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1828 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1831 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1832 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1835 DEBUG( 2, ( "reply_mknew: file %s\n", fname ) );
1836 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n", fname, fsp->fh->fd, (unsigned int)fattr ) );
1838 END_PROFILE(SMBcreate);
1842 /****************************************************************************
1843 Reply to a create temporary file.
1844 ****************************************************************************/
1846 int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1850 uint32 fattr = SVAL(inbuf,smb_vwv0);
1852 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1854 SMB_STRUCT_STAT sbuf;
1857 unsigned int namelen;
1858 struct smb_request req;
1860 START_PROFILE(SMBctemp);
1862 init_smb_request(&req, (uint8 *)inbuf);
1864 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1,
1865 sizeof(fname), 0, STR_TERMINATE, &status);
1866 if (!NT_STATUS_IS_OK(status)) {
1867 END_PROFILE(SMBctemp);
1868 return ERROR_NT(status);
1871 pstrcat(fname,"/TMXXXXXX");
1873 pstrcat(fname,"TMXXXXXX");
1876 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1877 if (!NT_STATUS_IS_OK(status)) {
1878 END_PROFILE(SMBctemp);
1879 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1880 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1882 return ERROR_NT(status);
1885 status = unix_convert(conn, fname, False, NULL, &sbuf);
1886 if (!NT_STATUS_IS_OK(status)) {
1887 END_PROFILE(SMBctemp);
1888 return ERROR_NT(status);
1891 status = check_name(conn, fname);
1892 if (!NT_STATUS_IS_OK(status)) {
1893 END_PROFILE(SMBctemp);
1894 return ERROR_NT(status);
1897 tmpfd = smb_mkstemp(fname);
1899 END_PROFILE(SMBctemp);
1900 return(UNIXERROR(ERRDOS,ERRnoaccess));
1903 SMB_VFS_STAT(conn,fname,&sbuf);
1905 /* We should fail if file does not exist. */
1906 status = open_file_ntcreate(conn, &req, fname, &sbuf,
1907 FILE_GENERIC_READ | FILE_GENERIC_WRITE,
1908 FILE_SHARE_READ|FILE_SHARE_WRITE,
1915 /* close fd from smb_mkstemp() */
1918 if (!NT_STATUS_IS_OK(status)) {
1919 END_PROFILE(SMBctemp);
1920 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1921 /* We have re-scheduled this call. */
1924 return ERROR_NT(status);
1927 outsize = set_message(inbuf,outbuf,1,0,True);
1928 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1930 /* the returned filename is relative to the directory */
1931 s = strrchr_m(fname, '/');
1938 p = smb_buf(outbuf);
1940 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
1941 thing in the byte section. JRA */
1942 SSVALS(p, 0, -1); /* what is this? not in spec */
1944 namelen = srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p, s, -1,
1945 STR_ASCII|STR_TERMINATE);
1947 outsize = set_message_end(inbuf,outbuf, p);
1949 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1950 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1953 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1954 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1957 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) );
1958 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fname, fsp->fh->fd,
1959 (unsigned int)sbuf.st_mode ) );
1961 END_PROFILE(SMBctemp);
1965 /*******************************************************************
1966 Check if a user is allowed to rename a file.
1967 ********************************************************************/
1969 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
1970 uint16 dirtype, SMB_STRUCT_STAT *pst)
1974 if (!CAN_WRITE(conn)) {
1975 return NT_STATUS_MEDIA_WRITE_PROTECTED;
1978 fmode = dos_mode(conn, fsp->fsp_name, pst);
1979 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
1980 return NT_STATUS_NO_SUCH_FILE;
1983 if (S_ISDIR(pst->st_mode)) {
1984 return NT_STATUS_OK;
1987 if (fsp->access_mask & DELETE_ACCESS) {
1988 return NT_STATUS_OK;
1991 return NT_STATUS_ACCESS_DENIED;
1994 /*******************************************************************
1995 * unlink a file with all relevant access checks
1996 *******************************************************************/
1998 static NTSTATUS do_unlink(connection_struct *conn, struct smb_request *req,
1999 char *fname, uint32 dirtype)
2001 SMB_STRUCT_STAT sbuf;
2004 uint32 dirtype_orig = dirtype;
2007 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2009 if (!CAN_WRITE(conn)) {
2010 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2013 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
2014 return map_nt_error_from_unix(errno);
2017 fattr = dos_mode(conn,fname,&sbuf);
2019 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2020 dirtype = aDIR|aARCH|aRONLY;
2023 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2025 return NT_STATUS_NO_SUCH_FILE;
2028 if (!dir_check_ftype(conn, fattr, dirtype)) {
2030 return NT_STATUS_FILE_IS_A_DIRECTORY;
2032 return NT_STATUS_NO_SUCH_FILE;
2035 if (dirtype_orig & 0x8000) {
2036 /* These will never be set for POSIX. */
2037 return NT_STATUS_NO_SUCH_FILE;
2041 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2042 return NT_STATUS_FILE_IS_A_DIRECTORY;
2045 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2046 return NT_STATUS_NO_SUCH_FILE;
2049 if (dirtype & 0xFF00) {
2050 /* These will never be set for POSIX. */
2051 return NT_STATUS_NO_SUCH_FILE;
2056 return NT_STATUS_NO_SUCH_FILE;
2059 /* Can't delete a directory. */
2061 return NT_STATUS_FILE_IS_A_DIRECTORY;
2066 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2067 return NT_STATUS_OBJECT_NAME_INVALID;
2068 #endif /* JRATEST */
2070 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2072 On a Windows share, a file with read-only dosmode can be opened with
2073 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2074 fails with NT_STATUS_CANNOT_DELETE error.
2076 This semantic causes a problem that a user can not
2077 rename a file with read-only dosmode on a Samba share
2078 from a Windows command prompt (i.e. cmd.exe, but can rename
2079 from Windows Explorer).
2082 if (!lp_delete_readonly(SNUM(conn))) {
2083 if (fattr & aRONLY) {
2084 return NT_STATUS_CANNOT_DELETE;
2088 /* On open checks the open itself will check the share mode, so
2089 don't do it here as we'll get it wrong. */
2091 status = open_file_ntcreate(conn, req, fname, &sbuf,
2096 FILE_ATTRIBUTE_NORMAL,
2097 req != NULL ? 0 : INTERNAL_OPEN_ONLY,
2100 if (!NT_STATUS_IS_OK(status)) {
2101 DEBUG(10, ("open_file_ntcreate failed: %s\n",
2102 nt_errstr(status)));
2106 /* The set is across all open files on this dev/inode pair. */
2107 if (!set_delete_on_close(fsp, True, ¤t_user.ut)) {
2108 close_file(fsp, NORMAL_CLOSE);
2109 return NT_STATUS_ACCESS_DENIED;
2112 return close_file(fsp,NORMAL_CLOSE);
2115 /****************************************************************************
2116 The guts of the unlink command, split out so it may be called by the NT SMB
2118 ****************************************************************************/
2120 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2121 uint32 dirtype, char *name, BOOL has_wild)
2127 NTSTATUS status = NT_STATUS_OK;
2128 SMB_STRUCT_STAT sbuf;
2130 *directory = *mask = 0;
2132 status = unix_convert(conn, name, has_wild, NULL, &sbuf);
2133 if (!NT_STATUS_IS_OK(status)) {
2137 p = strrchr_m(name,'/');
2139 pstrcpy(directory,".");
2143 pstrcpy(directory,name);
2148 * We should only check the mangled cache
2149 * here if unix_convert failed. This means
2150 * that the path in 'mask' doesn't exist
2151 * on the file system and so we need to look
2152 * for a possible mangle. This patch from
2153 * Tine Smukavec <valentin.smukavec@hermes.si>.
2156 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params))
2157 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
2160 pstrcat(directory,"/");
2161 pstrcat(directory,mask);
2163 dirtype = FILE_ATTRIBUTE_NORMAL;
2166 status = check_name(conn, directory);
2167 if (!NT_STATUS_IS_OK(status)) {
2171 status = do_unlink(conn, req, directory, dirtype);
2172 if (!NT_STATUS_IS_OK(status)) {
2178 struct smb_Dir *dir_hnd = NULL;
2182 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2183 return NT_STATUS_OBJECT_NAME_INVALID;
2186 if (strequal(mask,"????????.???")) {
2190 status = check_name(conn, directory);
2191 if (!NT_STATUS_IS_OK(status)) {
2195 dir_hnd = OpenDir(conn, directory, mask, dirtype);
2196 if (dir_hnd == NULL) {
2197 return map_nt_error_from_unix(errno);
2200 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2201 the pattern matches against the long name, otherwise the short name
2202 We don't implement this yet XXXX
2205 status = NT_STATUS_NO_SUCH_FILE;
2207 while ((dname = ReadDirName(dir_hnd, &offset))) {
2210 pstrcpy(fname,dname);
2212 if (!is_visible_file(conn, directory, dname, &st, True)) {
2216 /* Quick check for "." and ".." */
2217 if (fname[0] == '.') {
2218 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
2223 if(!mask_match(fname, mask, conn->case_sensitive)) {
2227 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
2229 status = check_name(conn, fname);
2230 if (!NT_STATUS_IS_OK(status)) {
2235 status = do_unlink(conn, req, fname, dirtype);
2236 if (!NT_STATUS_IS_OK(status)) {
2241 DEBUG(3,("unlink_internals: succesful unlink [%s]\n",
2247 if (count == 0 && NT_STATUS_IS_OK(status)) {
2248 status = map_nt_error_from_unix(errno);
2254 /****************************************************************************
2256 ****************************************************************************/
2258 void reply_unlink(connection_struct *conn, struct smb_request *req)
2263 BOOL path_contains_wcard = False;
2265 START_PROFILE(SMBunlink);
2268 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2269 END_PROFILE(SMBunlink);
2273 dirtype = SVAL(req->inbuf,smb_vwv0);
2275 srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name,
2276 smb_buf(req->inbuf) + 1, sizeof(name), 0,
2277 STR_TERMINATE, &status, &path_contains_wcard);
2278 if (!NT_STATUS_IS_OK(status)) {
2279 reply_nterror(req, status);
2280 END_PROFILE(SMBunlink);
2284 status = resolve_dfspath_wcard(conn,
2285 req->flags2 & FLAGS2_DFS_PATHNAMES,
2286 name, &path_contains_wcard);
2287 if (!NT_STATUS_IS_OK(status)) {
2288 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2289 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2290 ERRSRV, ERRbadpath);
2291 END_PROFILE(SMBunlink);
2294 reply_nterror(req, status);
2295 END_PROFILE(SMBunlink);
2299 DEBUG(3,("reply_unlink : %s\n",name));
2301 status = unlink_internals(conn, req, dirtype, name,
2302 path_contains_wcard);
2303 if (!NT_STATUS_IS_OK(status)) {
2304 if (open_was_deferred(req->mid)) {
2305 /* We have re-scheduled this call. */
2306 END_PROFILE(SMBunlink);
2309 reply_nterror(req, status);
2310 END_PROFILE(SMBunlink);
2314 reply_outbuf(req, 0, 0);
2315 END_PROFILE(SMBunlink);
2320 /****************************************************************************
2322 ****************************************************************************/
2324 static void fail_readraw(void)
2327 slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)",
2329 exit_server_cleanly(errstr);
2332 /****************************************************************************
2333 Fake (read/write) sendfile. Returns -1 on read or write fail.
2334 ****************************************************************************/
2336 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread, char *buf, size_t bufsize)
2338 size_t tosend = nread;
2340 while (tosend > 0) {
2344 if (tosend > bufsize) {
2349 ret = read_file(fsp,buf,startpos,cur_read);
2354 /* If we had a short read, fill with zeros. */
2355 if (ret < cur_read) {
2356 memset(buf, '\0', cur_read - ret);
2359 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2363 startpos += cur_read;
2366 return (ssize_t)nread;
2369 /****************************************************************************
2370 Use sendfile in readbraw.
2371 ****************************************************************************/
2373 void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T startpos, size_t nread,
2374 ssize_t mincount, char *outbuf, int out_buffsize)
2378 #if defined(WITH_SENDFILE)
2380 * We can only use sendfile on a non-chained packet
2381 * but we can use on a non-oplocked file. tridge proved this
2382 * on a train in Germany :-). JRA.
2383 * reply_readbraw has already checked the length.
2386 if ( (chain_size == 0) && (nread > 0) &&
2387 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2390 _smb_setlen(outbuf,nread);
2391 header.data = (uint8 *)outbuf;
2395 if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, nread) == -1) {
2396 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2397 if (errno == ENOSYS) {
2398 goto normal_readbraw;
2402 * Special hack for broken Linux with no working sendfile. If we
2403 * return EINTR we sent the header but not the rest of the data.
2404 * Fake this up by doing read/write calls.
2406 if (errno == EINTR) {
2407 /* Ensure we don't do this again. */
2408 set_use_sendfile(SNUM(conn), False);
2409 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2411 if (fake_sendfile(fsp, startpos, nread, outbuf + 4, out_buffsize - 4) == -1) {
2412 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2413 fsp->fsp_name, strerror(errno) ));
2414 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2419 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2420 fsp->fsp_name, strerror(errno) ));
2421 exit_server_cleanly("send_file_readbraw sendfile failed");
2431 ret = read_file(fsp,outbuf+4,startpos,nread);
2432 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2441 _smb_setlen(outbuf,ret);
2442 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2446 /****************************************************************************
2447 Reply to a readbraw (core+ protocol).
2448 ****************************************************************************/
2450 int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int out_buffsize)
2452 ssize_t maxcount,mincount;
2455 char *header = outbuf;
2457 START_PROFILE(SMBreadbraw);
2459 if (srv_is_signing_active()) {
2460 exit_server_cleanly("reply_readbraw: SMB signing is active - raw reads/writes are disallowed.");
2464 * Special check if an oplock break has been issued
2465 * and the readraw request croses on the wire, we must
2466 * return a zero length response here.
2469 fsp = file_fsp(SVAL(inbuf,smb_vwv0));
2471 if (!FNUM_OK(fsp,conn) || !fsp->can_read) {
2473 * fsp could be NULL here so use the value from the packet. JRA.
2475 DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0)));
2476 _smb_setlen(header,0);
2477 if (write_data(smbd_server_fd(),header,4) != 4)
2479 END_PROFILE(SMBreadbraw);
2483 CHECK_FSP(fsp,conn);
2485 flush_write_cache(fsp, READRAW_FLUSH);
2487 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
2488 if(CVAL(inbuf,smb_wct) == 10) {
2490 * This is a large offset (64 bit) read.
2492 #ifdef LARGE_SMB_OFF_T
2494 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv8)) << 32);
2496 #else /* !LARGE_SMB_OFF_T */
2499 * Ensure we haven't been sent a >32 bit offset.
2502 if(IVAL(inbuf,smb_vwv8) != 0) {
2503 DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \
2504 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) ));
2505 _smb_setlen(header,0);
2506 if (write_data(smbd_server_fd(),header,4) != 4)
2508 END_PROFILE(SMBreadbraw);
2512 #endif /* LARGE_SMB_OFF_T */
2515 DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", (double)startpos ));
2516 _smb_setlen(header,0);
2517 if (write_data(smbd_server_fd(),header,4) != 4)
2519 END_PROFILE(SMBreadbraw);
2523 maxcount = (SVAL(inbuf,smb_vwv3) & 0xFFFF);
2524 mincount = (SVAL(inbuf,smb_vwv4) & 0xFFFF);
2526 /* ensure we don't overrun the packet size */
2527 maxcount = MIN(65535,maxcount);
2529 if (!is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2533 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) {
2537 if (startpos >= size) {
2540 nread = MIN(maxcount,(size - startpos));
2544 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2545 if (nread < mincount)
2549 DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%lu min=%lu nread=%lu\n", fsp->fnum, (double)startpos,
2550 (unsigned long)maxcount, (unsigned long)mincount, (unsigned long)nread ) );
2552 send_file_readbraw(conn, fsp, startpos, nread, mincount, outbuf, out_buffsize);
2554 DEBUG(5,("readbraw finished\n"));
2555 END_PROFILE(SMBreadbraw);
2560 #define DBGC_CLASS DBGC_LOCKING
2562 /****************************************************************************
2563 Reply to a lockread (core+ protocol).
2564 ****************************************************************************/
2566 int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz)
2574 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
2575 struct byte_range_lock *br_lck = NULL;
2576 START_PROFILE(SMBlockread);
2578 CHECK_FSP(fsp,conn);
2579 if (!CHECK_READ(fsp,inbuf)) {
2580 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2583 release_level_2_oplocks_on_change(fsp);
2585 numtoread = SVAL(inbuf,smb_vwv1);
2586 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2588 outsize = set_message(inbuf,outbuf,5,3,True);
2589 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2590 data = smb_buf(outbuf) + 3;
2593 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2594 * protocol request that predates the read/write lock concept.
2595 * Thus instead of asking for a read lock here we need to ask
2596 * for a write lock. JRA.
2597 * Note that the requested lock size is unaffected by max_recv.
2600 br_lck = do_lock(smbd_messaging_context(),
2602 (uint32)SVAL(inbuf,smb_pid),
2603 (SMB_BIG_UINT)numtoread,
2604 (SMB_BIG_UINT)startpos,
2607 False, /* Non-blocking lock. */
2610 TALLOC_FREE(br_lck);
2612 if (NT_STATUS_V(status)) {
2613 END_PROFILE(SMBlockread);
2614 return ERROR_NT(status);
2618 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
2621 if (numtoread > max_recv) {
2622 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
2623 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2624 (unsigned int)numtoread, (unsigned int)max_recv ));
2625 numtoread = MIN(numtoread,max_recv);
2627 nread = read_file(fsp,data,startpos,numtoread);
2630 END_PROFILE(SMBlockread);
2631 return(UNIXERROR(ERRDOS,ERRnoaccess));
2635 SSVAL(outbuf,smb_vwv0,nread);
2636 SSVAL(outbuf,smb_vwv5,nread+3);
2637 SSVAL(smb_buf(outbuf),1,nread);
2639 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
2640 fsp->fnum, (int)numtoread, (int)nread));
2642 END_PROFILE(SMBlockread);
2647 #define DBGC_CLASS DBGC_ALL
2649 /****************************************************************************
2651 ****************************************************************************/
2653 int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2660 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
2661 START_PROFILE(SMBread);
2663 CHECK_FSP(fsp,conn);
2664 if (!CHECK_READ(fsp,inbuf)) {
2665 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2668 numtoread = SVAL(inbuf,smb_vwv1);
2669 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2671 outsize = set_message(inbuf,outbuf,5,3,True);
2672 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2674 * The requested read size cannot be greater than max_recv. JRA.
2676 if (numtoread > max_recv) {
2677 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
2678 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2679 (unsigned int)numtoread, (unsigned int)max_recv ));
2680 numtoread = MIN(numtoread,max_recv);
2683 data = smb_buf(outbuf) + 3;
2685 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2686 END_PROFILE(SMBread);
2687 return ERROR_DOS(ERRDOS,ERRlock);
2691 nread = read_file(fsp,data,startpos,numtoread);
2694 END_PROFILE(SMBread);
2695 return(UNIXERROR(ERRDOS,ERRnoaccess));
2699 SSVAL(outbuf,smb_vwv0,nread);
2700 SSVAL(outbuf,smb_vwv5,nread+3);
2701 SCVAL(smb_buf(outbuf),0,1);
2702 SSVAL(smb_buf(outbuf),1,nread);
2704 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
2705 fsp->fnum, (int)numtoread, (int)nread ) );
2707 END_PROFILE(SMBread);
2711 /****************************************************************************
2713 ****************************************************************************/
2715 static int setup_readX_header(char *inbuf, char *outbuf, size_t smb_maxcnt)
2718 char *data = smb_buf(outbuf);
2720 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2721 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
2722 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2723 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
2724 SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
2725 SCVAL(outbuf,smb_vwv0,0xFF);
2726 outsize = set_message(inbuf, outbuf,12,smb_maxcnt,False);
2727 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
2728 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
2732 /****************************************************************************
2733 Reply to a read and X - possibly using sendfile.
2734 ****************************************************************************/
2736 int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length, int len_outbuf,
2737 files_struct *fsp, SMB_OFF_T startpos, size_t smb_maxcnt)
2739 SMB_STRUCT_STAT sbuf;
2742 char *data = smb_buf(outbuf);
2744 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
2745 return(UNIXERROR(ERRDOS,ERRnoaccess));
2748 if (startpos > sbuf.st_size) {
2750 } else if (smb_maxcnt > (sbuf.st_size - startpos)) {
2751 smb_maxcnt = (sbuf.st_size - startpos);
2754 if (smb_maxcnt == 0) {
2758 #if defined(WITH_SENDFILE)
2760 * We can only use sendfile on a non-chained packet
2761 * but we can use on a non-oplocked file. tridge proved this
2762 * on a train in Germany :-). JRA.
2765 if ((chain_size == 0) && (CVAL(inbuf,smb_vwv0) == 0xFF) &&
2766 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
2770 * Set up the packet header before send. We
2771 * assume here the sendfile will work (get the
2772 * correct amount of data).
2775 setup_readX_header(inbuf,outbuf,smb_maxcnt);
2776 set_message(inbuf,outbuf,12,smb_maxcnt,False);
2777 header.data = (uint8 *)outbuf;
2778 header.length = data - outbuf;
2781 if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) {
2782 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2783 if (errno == ENOSYS) {
2788 * Special hack for broken Linux with no working sendfile. If we
2789 * return EINTR we sent the header but not the rest of the data.
2790 * Fake this up by doing read/write calls.
2793 if (errno == EINTR) {
2794 /* Ensure we don't do this again. */
2795 set_use_sendfile(SNUM(conn), False);
2796 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
2798 if ((nread = fake_sendfile(fsp, startpos, smb_maxcnt, data,
2799 len_outbuf - (data-outbuf))) == -1) {
2800 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2801 fsp->fsp_name, strerror(errno) ));
2802 exit_server_cleanly("send_file_readX: fake_sendfile failed");
2804 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
2805 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2806 /* Returning -1 here means successful sendfile. */
2810 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
2811 fsp->fsp_name, strerror(errno) ));
2812 exit_server_cleanly("send_file_readX sendfile failed");
2815 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
2816 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2817 /* Returning -1 here means successful sendfile. */
2825 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
2826 int sendlen = setup_readX_header(inbuf,outbuf,smb_maxcnt) - smb_maxcnt;
2827 /* Send out the header. */
2828 if (write_data(smbd_server_fd(),outbuf,sendlen) != sendlen) {
2829 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
2830 fsp->fsp_name, strerror(errno) ));
2831 exit_server_cleanly("send_file_readX sendfile failed");
2833 if ((nread = fake_sendfile(fsp, startpos, smb_maxcnt, data,
2834 len_outbuf - (data-outbuf))) == -1) {
2835 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2836 fsp->fsp_name, strerror(errno) ));
2837 exit_server_cleanly("send_file_readX: fake_sendfile failed");
2841 nread = read_file(fsp,data,startpos,smb_maxcnt);
2844 return(UNIXERROR(ERRDOS,ERRnoaccess));
2847 outsize = setup_readX_header(inbuf, outbuf,nread);
2849 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
2850 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2852 /* Returning the number of bytes we want to send back - including header. */
2857 /****************************************************************************
2858 Reply to a read and X.
2859 ****************************************************************************/
2861 void reply_read_and_X(connection_struct *conn, struct smb_request *req)
2867 BOOL big_readX = False;
2869 size_t smb_mincnt = SVAL(req->inbuf,smb_vwv6);
2871 char *inbuf, *outbuf;
2872 int length, bufsize;
2874 START_PROFILE(SMBreadX);
2876 if ((req->wct != 10) && (req->wct != 12)) {
2877 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2881 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
2882 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
2883 smb_maxcnt = SVAL(req->inbuf,smb_vwv5);
2885 /* If it's an IPC, pass off the pipe handler. */
2887 reply_pipe_read_and_X(req);
2888 END_PROFILE(SMBreadX);
2892 if (!check_fsp(conn, req, fsp, ¤t_user)) {
2893 END_PROFILE(SMBreadX);
2897 if (!CHECK_READ(fsp,req->inbuf)) {
2898 reply_doserror(req, ERRDOS,ERRbadaccess);
2899 END_PROFILE(SMBreadX);
2903 if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) {
2904 reply_nterror(req, NT_STATUS_NO_MEMORY);
2905 END_PROFILE(SMBreadX);
2909 set_message(inbuf,outbuf,12,0,True);
2911 if (global_client_caps & CAP_LARGE_READX) {
2912 size_t upper_size = SVAL(inbuf,smb_vwv7);
2913 smb_maxcnt |= (upper_size<<16);
2914 if (upper_size > 1) {
2915 /* Can't do this on a chained packet. */
2916 if ((CVAL(inbuf,smb_vwv0) != 0xFF)) {
2917 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
2918 END_PROFILE(SMBreadX);
2921 /* We currently don't do this on signed or sealed data. */
2922 if (srv_is_signing_active() || srv_encryption_on()) {
2923 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
2924 END_PROFILE(SMBreadX);
2927 /* Is there room in the reply for this data ? */
2928 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
2930 NT_STATUS_INVALID_PARAMETER);
2931 END_PROFILE(SMBreadX);
2938 if(CVAL(inbuf,smb_wct) == 12) {
2939 #ifdef LARGE_SMB_OFF_T
2941 * This is a large offset (64 bit) read.
2943 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv10)) << 32);
2945 #else /* !LARGE_SMB_OFF_T */
2948 * Ensure we haven't been sent a >32 bit offset.
2951 if(IVAL(inbuf,smb_vwv10) != 0) {
2952 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
2953 "used and we don't support 64 bit offsets.\n",
2954 (unsigned int)IVAL(inbuf,smb_vwv10) ));
2955 END_PROFILE(SMBreadX);
2956 reply_doserror(req, ERRDOS, ERRbadaccess);
2960 #endif /* LARGE_SMB_OFF_T */
2964 if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)smb_maxcnt,
2965 (SMB_BIG_UINT)startpos, READ_LOCK)) {
2966 END_PROFILE(SMBreadX);
2967 reply_doserror(req, ERRDOS, ERRlock);
2972 && schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize,
2973 fsp, startpos, smb_maxcnt)) {
2974 END_PROFILE(SMBreadX);
2975 reply_post_legacy(req, -1);
2979 nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp,
2980 startpos, smb_maxcnt);
2981 /* Only call chain_reply if not an error. */
2982 if (nread != -1 && SVAL(outbuf,smb_rcls) == 0) {
2983 nread = chain_reply(inbuf,&outbuf,length,bufsize);
2988 * Can't use reply_post_legacy here, setup_readX_header has
2989 * set up its (potentially LARGE) size itself already.
2991 TALLOC_FREE(req->outbuf);
2994 END_PROFILE(SMBreadX);
2998 /****************************************************************************
2999 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3000 ****************************************************************************/
3002 int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3005 ssize_t total_written=0;
3006 size_t numtowrite=0;
3011 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3014 START_PROFILE(SMBwritebraw);
3016 if (srv_is_signing_active()) {
3017 exit_server_cleanly("reply_writebraw: SMB signing is active - raw reads/writes are disallowed.");
3020 CHECK_FSP(fsp,conn);
3021 if (!CHECK_WRITE(fsp)) {
3022 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3025 tcount = IVAL(inbuf,smb_vwv1);
3026 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
3027 write_through = BITSETW(inbuf+smb_vwv7,0);
3029 /* We have to deal with slightly different formats depending
3030 on whether we are using the core+ or lanman1.0 protocol */
3032 if(Protocol <= PROTOCOL_COREPLUS) {
3033 numtowrite = SVAL(smb_buf(inbuf),-2);
3034 data = smb_buf(inbuf);
3036 numtowrite = SVAL(inbuf,smb_vwv10);
3037 data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11);
3040 /* force the error type */
3041 SCVAL(inbuf,smb_com,SMBwritec);
3042 SCVAL(outbuf,smb_com,SMBwritec);
3044 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3045 END_PROFILE(SMBwritebraw);
3046 return(ERROR_DOS(ERRDOS,ERRlock));
3050 nwritten = write_file(fsp,data,startpos,numtowrite);
3052 DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n",
3053 fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through));
3055 if (nwritten < (ssize_t)numtowrite) {
3056 END_PROFILE(SMBwritebraw);
3057 return(UNIXERROR(ERRHRD,ERRdiskfull));
3060 total_written = nwritten;
3062 /* Return a message to the redirector to tell it to send more bytes */
3063 SCVAL(outbuf,smb_com,SMBwritebraw);
3064 SSVALS(outbuf,smb_vwv0,-1);
3065 outsize = set_message(inbuf,outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3067 if (!send_smb(smbd_server_fd(),outbuf))
3068 exit_server_cleanly("reply_writebraw: send_smb failed.");
3070 /* Now read the raw data into the buffer and write it */
3071 if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) {
3072 exit_server_cleanly("secondary writebraw failed");
3075 /* Even though this is not an smb message, smb_len returns the generic length of an smb message */
3076 numtowrite = smb_len(inbuf);
3078 /* Set up outbuf to return the correct return */
3079 outsize = set_message(inbuf,outbuf,1,0,True);
3080 SCVAL(outbuf,smb_com,SMBwritec);
3082 if (numtowrite != 0) {
3084 if (numtowrite > BUFFER_SIZE) {
3085 DEBUG(0,("reply_writebraw: Oversize secondary write raw requested (%u). Terminating\n",
3086 (unsigned int)numtowrite ));
3087 exit_server_cleanly("secondary writebraw failed");
3090 if (tcount > nwritten+numtowrite) {
3091 DEBUG(3,("Client overestimated the write %d %d %d\n",
3092 (int)tcount,(int)nwritten,(int)numtowrite));
3095 if (read_data( smbd_server_fd(), inbuf+4, numtowrite) != numtowrite ) {
3096 DEBUG(0,("reply_writebraw: Oversize secondary write raw read failed (%s). Terminating\n",
3098 exit_server_cleanly("secondary writebraw failed");
3101 nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite);
3102 if (nwritten == -1) {
3103 END_PROFILE(SMBwritebraw);
3104 return(UNIXERROR(ERRHRD,ERRdiskfull));
3107 if (nwritten < (ssize_t)numtowrite) {
3108 SCVAL(outbuf,smb_rcls,ERRHRD);
3109 SSVAL(outbuf,smb_err,ERRdiskfull);
3113 total_written += nwritten;
3116 SSVAL(outbuf,smb_vwv0,total_written);
3118 status = sync_file(conn, fsp, write_through);
3119 if (!NT_STATUS_IS_OK(status)) {
3120 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3121 fsp->fsp_name, nt_errstr(status) ));
3122 END_PROFILE(SMBwritebraw);
3123 return ERROR_NT(status);
3126 DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n",
3127 fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written));
3129 /* we won't return a status if write through is not selected - this follows what WfWg does */
3130 END_PROFILE(SMBwritebraw);
3131 if (!write_through && total_written==tcount) {
3133 #if RABBIT_PELLET_FIX
3135 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3136 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA.
3138 if (!send_keepalive(smbd_server_fd()))
3139 exit_server_cleanly("reply_writebraw: send of keepalive failed");
3148 #define DBGC_CLASS DBGC_LOCKING
3150 /****************************************************************************
3151 Reply to a writeunlock (core+).
3152 ****************************************************************************/
3154 int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf,
3155 int size, int dum_buffsize)
3157 ssize_t nwritten = -1;
3161 NTSTATUS status = NT_STATUS_OK;
3162 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3164 START_PROFILE(SMBwriteunlock);
3166 CHECK_FSP(fsp,conn);
3167 if (!CHECK_WRITE(fsp)) {
3168 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3171 numtowrite = SVAL(inbuf,smb_vwv1);
3172 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3173 data = smb_buf(inbuf) + 3;
3175 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3176 END_PROFILE(SMBwriteunlock);
3177 return ERROR_DOS(ERRDOS,ERRlock);
3180 /* The special X/Open SMB protocol handling of
3181 zero length writes is *NOT* done for
3183 if(numtowrite == 0) {
3186 nwritten = write_file(fsp,data,startpos,numtowrite);
3189 status = sync_file(conn, fsp, False /* write through */);
3190 if (!NT_STATUS_IS_OK(status)) {
3191 END_PROFILE(SMBwriteunlock);
3192 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3193 fsp->fsp_name, nt_errstr(status) ));
3194 return ERROR_NT(status);
3197 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3198 END_PROFILE(SMBwriteunlock);
3199 return(UNIXERROR(ERRHRD,ERRdiskfull));
3203 status = do_unlock(smbd_messaging_context(),
3205 (uint32)SVAL(inbuf,smb_pid),
3206 (SMB_BIG_UINT)numtowrite,
3207 (SMB_BIG_UINT)startpos,
3210 if (NT_STATUS_V(status)) {
3211 END_PROFILE(SMBwriteunlock);
3212 return ERROR_NT(status);
3216 outsize = set_message(inbuf,outbuf,1,0,True);
3218 SSVAL(outbuf,smb_vwv0,nwritten);
3220 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3221 fsp->fnum, (int)numtowrite, (int)nwritten));
3223 END_PROFILE(SMBwriteunlock);
3228 #define DBGC_CLASS DBGC_ALL
3230 /****************************************************************************
3232 ****************************************************************************/
3234 int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize)
3237 ssize_t nwritten = -1;
3240 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3243 START_PROFILE(SMBwrite);
3245 /* If it's an IPC, pass off the pipe handler. */
3247 END_PROFILE(SMBwrite);
3248 return reply_pipe_write(inbuf,outbuf,size,dum_buffsize);
3251 CHECK_FSP(fsp,conn);
3252 if (!CHECK_WRITE(fsp)) {
3253 END_PROFILE(SMBwrite);
3254 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3257 numtowrite = SVAL(inbuf,smb_vwv1);
3258 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3259 data = smb_buf(inbuf) + 3;
3261 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3262 END_PROFILE(SMBwrite);
3263 return ERROR_DOS(ERRDOS,ERRlock);
3267 * X/Open SMB protocol says that if smb_vwv1 is
3268 * zero then the file size should be extended or
3269 * truncated to the size given in smb_vwv[2-3].
3272 if(numtowrite == 0) {
3274 * This is actually an allocate call, and set EOF. JRA.
3276 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
3278 END_PROFILE(SMBwrite);
3279 return ERROR_NT(NT_STATUS_DISK_FULL);
3281 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
3283 END_PROFILE(SMBwrite);
3284 return ERROR_NT(NT_STATUS_DISK_FULL);
3287 nwritten = write_file(fsp,data,startpos,numtowrite);
3289 status = sync_file(conn, fsp, False);
3290 if (!NT_STATUS_IS_OK(status)) {
3291 END_PROFILE(SMBwrite);
3292 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3293 fsp->fsp_name, nt_errstr(status) ));
3294 return ERROR_NT(status);
3297 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3298 END_PROFILE(SMBwrite);
3299 return(UNIXERROR(ERRHRD,ERRdiskfull));
3302 outsize = set_message(inbuf,outbuf,1,0,True);
3304 SSVAL(outbuf,smb_vwv0,nwritten);
3306 if (nwritten < (ssize_t)numtowrite) {
3307 SCVAL(outbuf,smb_rcls,ERRHRD);
3308 SSVAL(outbuf,smb_err,ERRdiskfull);
3311 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3313 END_PROFILE(SMBwrite);
3317 /****************************************************************************
3318 Reply to a write and X.
3319 ****************************************************************************/
3321 void reply_write_and_X(connection_struct *conn, struct smb_request *req)
3328 unsigned int smb_doff;
3329 unsigned int smblen;
3334 START_PROFILE(SMBwriteX);
3336 if ((req->wct != 12) && (req->wct != 14)) {
3337 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3338 END_PROFILE(SMBwriteX);
3342 numtowrite = SVAL(req->inbuf,smb_vwv10);
3343 smb_doff = SVAL(req->inbuf,smb_vwv11);
3344 smblen = smb_len(req->inbuf);
3345 large_writeX = ((req->wct == 14) && (smblen > 0xFFFF));
3347 /* Deal with possible LARGE_WRITEX */
3349 numtowrite |= ((((size_t)SVAL(req->inbuf,smb_vwv9)) & 1 )<<16);
3352 if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) {
3353 reply_doserror(req, ERRDOS, ERRbadmem);
3354 END_PROFILE(SMBwriteX);
3358 /* If it's an IPC, pass off the pipe handler. */
3360 reply_pipe_write_and_X(req);
3361 END_PROFILE(SMBwriteX);
3365 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
3366 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
3367 write_through = BITSETW(req->inbuf+smb_vwv7,0);
3369 if (!check_fsp(conn, req, fsp, ¤t_user)) {
3370 END_PROFILE(SMBwriteX);
3374 if (!CHECK_WRITE(fsp)) {
3375 reply_doserror(req, ERRDOS, ERRbadaccess);
3376 END_PROFILE(SMBwriteX);
3380 data = smb_base(req->inbuf) + smb_doff;
3382 if(req->wct == 14) {
3383 #ifdef LARGE_SMB_OFF_T
3385 * This is a large offset (64 bit) write.
3387 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv12)) << 32);
3389 #else /* !LARGE_SMB_OFF_T */
3392 * Ensure we haven't been sent a >32 bit offset.
3395 if(IVAL(req->inbuf,smb_vwv12) != 0) {
3396 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
3397 "used and we don't support 64 bit offsets.\n",
3398 (unsigned int)IVAL(inbuf,smb_vwv12) ));
3399 reply_doserror(req, ERRDOS, ERRbadaccess);
3400 END_PROFILE(SMBwriteX);
3404 #endif /* LARGE_SMB_OFF_T */
3407 if (is_locked(fsp,(uint32)req->smbpid,
3408 (SMB_BIG_UINT)numtowrite,
3409 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3410 reply_doserror(req, ERRDOS, ERRlock);
3411 END_PROFILE(SMBwriteX);
3415 /* X/Open SMB protocol says that, unlike SMBwrite
3416 if the length is zero then NO truncation is
3417 done, just a write of zero. To truncate a file,
3420 if(numtowrite == 0) {
3424 if (schedule_aio_write_and_X(conn, req, fsp, data, startpos,
3426 END_PROFILE(SMBwriteX);
3430 nwritten = write_file(fsp,data,startpos,numtowrite);
3431 reply_outbuf(req, 6, 0);
3434 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3435 reply_unixerror(req, ERRHRD, ERRdiskfull);
3436 END_PROFILE(SMBwriteX);
3440 SSVAL(req->outbuf,smb_vwv2,nwritten);
3442 SSVAL(req->outbuf,smb_vwv4,(nwritten>>16)&1);
3444 if (nwritten < (ssize_t)numtowrite) {
3445 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3446 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3449 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
3450 fsp->fnum, (int)numtowrite, (int)nwritten));
3452 status = sync_file(conn, fsp, write_through);
3453 if (!NT_STATUS_IS_OK(status)) {
3454 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
3455 fsp->fsp_name, nt_errstr(status) ));
3456 reply_nterror(req, status);
3457 END_PROFILE(SMBwriteX);
3461 END_PROFILE(SMBwriteX);
3462 chain_reply_new(req);
3466 /****************************************************************************
3468 ****************************************************************************/
3470 int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3476 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3477 START_PROFILE(SMBlseek);
3479 CHECK_FSP(fsp,conn);
3481 flush_write_cache(fsp, SEEK_FLUSH);
3483 mode = SVAL(inbuf,smb_vwv1) & 3;
3484 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
3485 startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2);
3494 res = fsp->fh->pos + startpos;
3505 if (umode == SEEK_END) {
3506 if((res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,startpos,umode)) == -1) {
3507 if(errno == EINVAL) {
3508 SMB_OFF_T current_pos = startpos;
3509 SMB_STRUCT_STAT sbuf;
3511 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
3512 END_PROFILE(SMBlseek);
3513 return(UNIXERROR(ERRDOS,ERRnoaccess));
3516 current_pos += sbuf.st_size;
3518 res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,0,SEEK_SET);
3523 END_PROFILE(SMBlseek);
3524 return(UNIXERROR(ERRDOS,ERRnoaccess));
3530 outsize = set_message(inbuf,outbuf,2,0,True);
3531 SIVAL(outbuf,smb_vwv0,res);
3533 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
3534 fsp->fnum, (double)startpos, (double)res, mode));
3536 END_PROFILE(SMBlseek);
3540 /****************************************************************************
3542 ****************************************************************************/
3544 void reply_flush(connection_struct *conn, struct smb_request *req)
3549 START_PROFILE(SMBflush);
3552 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3556 fnum = SVAL(req->inbuf,smb_vwv0);
3557 fsp = file_fsp(fnum);
3559 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp, ¤t_user)) {
3564 file_sync_all(conn);
3566 NTSTATUS status = sync_file(conn, fsp, True);
3567 if (!NT_STATUS_IS_OK(status)) {
3568 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
3569 fsp->fsp_name, nt_errstr(status) ));
3570 reply_nterror(req, status);
3571 END_PROFILE(SMBflush);
3576 reply_outbuf(req, 0, 0);
3578 DEBUG(3,("flush\n"));
3579 END_PROFILE(SMBflush);
3583 /****************************************************************************
3585 conn POINTER CAN BE NULL HERE !
3586 ****************************************************************************/
3588 void reply_exit(connection_struct *conn, struct smb_request *req)
3590 START_PROFILE(SMBexit);
3592 file_close_pid(req->smbpid, req->vuid);
3594 reply_outbuf(req, 0, 0);
3596 DEBUG(3,("exit\n"));
3598 END_PROFILE(SMBexit);
3602 /****************************************************************************
3603 Reply to a close - has to deal with closing a directory opened by NT SMB's.
3604 ****************************************************************************/
3606 void reply_close(connection_struct *conn, struct smb_request *req)
3608 NTSTATUS status = NT_STATUS_OK;
3609 files_struct *fsp = NULL;
3610 START_PROFILE(SMBclose);
3613 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3614 END_PROFILE(SMBclose);
3618 /* If it's an IPC, pass off to the pipe handler. */
3620 reply_pipe_close(conn, req);
3621 END_PROFILE(SMBclose);
3625 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
3628 * We can only use CHECK_FSP if we know it's not a directory.
3631 if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) {
3632 reply_doserror(req, ERRDOS, ERRbadfid);
3633 END_PROFILE(SMBclose);
3637 if(fsp->is_directory) {
3639 * Special case - close NT SMB directory handle.
3641 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
3642 status = close_file(fsp,NORMAL_CLOSE);
3645 * Close ordinary file.
3648 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
3649 fsp->fh->fd, fsp->fnum,
3650 conn->num_files_open));
3653 * Take care of any time sent in the close.
3656 fsp_set_pending_modtime(fsp, convert_time_t_to_timespec(
3657 srv_make_unix_date3(
3658 req->inbuf+smb_vwv1)));
3661 * close_file() returns the unix errno if an error
3662 * was detected on close - normally this is due to
3663 * a disk full error. If not then it was probably an I/O error.
3666 status = close_file(fsp,NORMAL_CLOSE);
3669 if (!NT_STATUS_IS_OK(status)) {
3670 reply_nterror(req, status);
3671 END_PROFILE(SMBclose);
3675 reply_outbuf(req, 0, 0);
3676 END_PROFILE(SMBclose);
3680 /****************************************************************************
3681 Reply to a writeclose (Core+ protocol).
3682 ****************************************************************************/
3684 int reply_writeclose(connection_struct *conn,
3685 char *inbuf,char *outbuf, int size, int dum_buffsize)
3688 ssize_t nwritten = -1;
3690 NTSTATUS close_status = NT_STATUS_OK;
3693 struct timespec mtime;
3694 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3695 START_PROFILE(SMBwriteclose);
3697 CHECK_FSP(fsp,conn);
3698 if (!CHECK_WRITE(fsp)) {
3699 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3702 numtowrite = SVAL(inbuf,smb_vwv1);
3703 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3704 mtime = convert_time_t_to_timespec(srv_make_unix_date3(inbuf+smb_vwv4));
3705 data = smb_buf(inbuf) + 1;
3707 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3708 END_PROFILE(SMBwriteclose);
3709 return ERROR_DOS(ERRDOS,ERRlock);
3712 nwritten = write_file(fsp,data,startpos,numtowrite);
3714 set_filetime(conn, fsp->fsp_name, mtime);
3717 * More insanity. W2K only closes the file if writelen > 0.
3722 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
3724 close_status = close_file(fsp,NORMAL_CLOSE);
3727 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
3728 fsp->fnum, (int)numtowrite, (int)nwritten,
3729 conn->num_files_open));
3731 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3732 END_PROFILE(SMBwriteclose);
3733 return(UNIXERROR(ERRHRD,ERRdiskfull));
3736 if(!NT_STATUS_IS_OK(close_status)) {
3737 END_PROFILE(SMBwriteclose);
3738 return ERROR_NT(close_status);
3741 outsize = set_message(inbuf,outbuf,1,0,True);
3743 SSVAL(outbuf,smb_vwv0,nwritten);
3744 END_PROFILE(SMBwriteclose);
3749 #define DBGC_CLASS DBGC_LOCKING
3751 /****************************************************************************
3753 ****************************************************************************/
3755 int reply_lock(connection_struct *conn,
3756 char *inbuf,char *outbuf, int length, int dum_buffsize)
3758 int outsize = set_message(inbuf,outbuf,0,0,False);
3759 SMB_BIG_UINT count,offset;
3761 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3762 struct byte_range_lock *br_lck = NULL;
3764 START_PROFILE(SMBlock);
3766 CHECK_FSP(fsp,conn);
3768 release_level_2_oplocks_on_change(fsp);
3770 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3771 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3773 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3774 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
3776 br_lck = do_lock(smbd_messaging_context(),
3778 (uint32)SVAL(inbuf,smb_pid),
3783 False, /* Non-blocking lock. */
3787 TALLOC_FREE(br_lck);
3789 if (NT_STATUS_V(status)) {
3790 END_PROFILE(SMBlock);
3791 return ERROR_NT(status);
3794 END_PROFILE(SMBlock);
3798 /****************************************************************************
3800 ****************************************************************************/
3802 int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size,
3805 int outsize = set_message(inbuf,outbuf,0,0,False);
3806 SMB_BIG_UINT count,offset;
3808 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3809 START_PROFILE(SMBunlock);
3811 CHECK_FSP(fsp,conn);
3813 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3814 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3816 status = do_unlock(smbd_messaging_context(),
3818 (uint32)SVAL(inbuf,smb_pid),
3823 if (NT_STATUS_V(status)) {
3824 END_PROFILE(SMBunlock);
3825 return ERROR_NT(status);
3828 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3829 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
3831 END_PROFILE(SMBunlock);
3836 #define DBGC_CLASS DBGC_ALL
3838 /****************************************************************************
3840 conn POINTER CAN BE NULL HERE !
3841 ****************************************************************************/
3843 void reply_tdis(connection_struct *conn, struct smb_request *req)
3845 START_PROFILE(SMBtdis);
3848 DEBUG(4,("Invalid connection in tdis\n"));
3849 reply_doserror(req, ERRSRV, ERRinvnid);
3850 END_PROFILE(SMBtdis);
3856 close_cnum(conn,req->vuid);
3858 reply_outbuf(req, 0, 0);
3859 END_PROFILE(SMBtdis);
3863 /****************************************************************************
3865 conn POINTER CAN BE NULL HERE !
3866 ****************************************************************************/
3868 void reply_echo(connection_struct *conn, struct smb_request *req)
3872 unsigned int data_len = smb_buflen(req->inbuf);
3874 START_PROFILE(SMBecho);
3877 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3878 END_PROFILE(SMBecho);
3882 if (data_len > BUFFER_SIZE) {
3883 DEBUG(0,("reply_echo: data_len too large.\n"));
3884 reply_nterror(req, NT_STATUS_INSUFFICIENT_RESOURCES);
3885 END_PROFILE(SMBecho);
3889 smb_reverb = SVAL(req->inbuf,smb_vwv0);
3891 reply_outbuf(req, 1, data_len);
3893 /* copy any incoming data back out */
3895 memcpy(smb_buf(req->outbuf),smb_buf(req->inbuf),data_len);
3898 if (smb_reverb > 100) {
3899 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
3903 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
3904 SSVAL(req->outbuf,smb_vwv0,seq_num);
3906 show_msg((char *)req->outbuf);
3907 if (!send_smb(smbd_server_fd(),(char *)req->outbuf))
3908 exit_server_cleanly("reply_echo: send_smb failed.");
3911 DEBUG(3,("echo %d times\n", smb_reverb));
3913 TALLOC_FREE(req->outbuf);
3917 END_PROFILE(SMBecho);
3921 /****************************************************************************
3922 Reply to a printopen.
3923 ****************************************************************************/
3925 int reply_printopen(connection_struct *conn,
3926 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3932 START_PROFILE(SMBsplopen);
3934 if (!CAN_PRINT(conn)) {
3935 END_PROFILE(SMBsplopen);
3936 return ERROR_DOS(ERRDOS,ERRnoaccess);
3939 /* Open for exclusive use, write only. */
3940 status = print_fsp_open(conn, NULL, &fsp);
3942 if (!NT_STATUS_IS_OK(status)) {
3943 END_PROFILE(SMBsplopen);
3944 return(ERROR_NT(status));
3947 outsize = set_message(inbuf,outbuf,1,0,True);
3948 SSVAL(outbuf,smb_vwv0,fsp->fnum);
3950 DEBUG(3,("openprint fd=%d fnum=%d\n",
3951 fsp->fh->fd, fsp->fnum));
3953 END_PROFILE(SMBsplopen);
3957 /****************************************************************************
3958 Reply to a printclose.
3959 ****************************************************************************/
3961 int reply_printclose(connection_struct *conn,
3962 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3964 int outsize = set_message(inbuf,outbuf,0,0,False);
3965 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3967 START_PROFILE(SMBsplclose);
3969 CHECK_FSP(fsp,conn);
3971 if (!CAN_PRINT(conn)) {
3972 END_PROFILE(SMBsplclose);
3973 return ERROR_NT(NT_STATUS_DOS(ERRSRV, ERRerror));
3976 DEBUG(3,("printclose fd=%d fnum=%d\n",
3977 fsp->fh->fd,fsp->fnum));
3979 status = close_file(fsp,NORMAL_CLOSE);
3981 if(!NT_STATUS_IS_OK(status)) {
3982 END_PROFILE(SMBsplclose);
3983 return ERROR_NT(status);
3986 END_PROFILE(SMBsplclose);
3990 /****************************************************************************
3991 Reply to a printqueue.
3992 ****************************************************************************/
3994 int reply_printqueue(connection_struct *conn,
3995 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3997 int outsize = set_message(inbuf,outbuf,2,3,True);
3998 int max_count = SVAL(inbuf,smb_vwv0);
3999 int start_index = SVAL(inbuf,smb_vwv1);
4000 START_PROFILE(SMBsplretq);
4002 /* we used to allow the client to get the cnum wrong, but that
4003 is really quite gross and only worked when there was only
4004 one printer - I think we should now only accept it if they
4005 get it right (tridge) */
4006 if (!CAN_PRINT(conn)) {
4007 END_PROFILE(SMBsplretq);
4008 return ERROR_DOS(ERRDOS,ERRnoaccess);
4011 SSVAL(outbuf,smb_vwv0,0);
4012 SSVAL(outbuf,smb_vwv1,0);
4013 SCVAL(smb_buf(outbuf),0,1);
4014 SSVAL(smb_buf(outbuf),1,0);
4016 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4017 start_index, max_count));
4020 print_queue_struct *queue = NULL;
4021 print_status_struct status;
4022 char *p = smb_buf(outbuf) + 3;
4023 int count = print_queue_status(SNUM(conn), &queue, &status);
4024 int num_to_get = ABS(max_count);
4025 int first = (max_count>0?start_index:start_index+max_count+1);
4031 num_to_get = MIN(num_to_get,count-first);
4034 for (i=first;i<first+num_to_get;i++) {
4035 srv_put_dos_date2(p,0,queue[i].time);
4036 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
4037 SSVAL(p,5, queue[i].job);
4038 SIVAL(p,7,queue[i].size);
4040 srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p+12,
4041 queue[i].fs_user, 16, STR_ASCII);
4046 outsize = set_message(inbuf,outbuf,2,28*count+3,False);
4047 SSVAL(outbuf,smb_vwv0,count);
4048 SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1));
4049 SCVAL(smb_buf(outbuf),0,1);
4050 SSVAL(smb_buf(outbuf),1,28*count);
4055 DEBUG(3,("%d entries returned in queue\n",count));
4058 END_PROFILE(SMBsplretq);
4062 /****************************************************************************
4063 Reply to a printwrite.
4064 ****************************************************************************/
4066 int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4069 int outsize = set_message(inbuf,outbuf,0,0,False);
4071 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
4073 START_PROFILE(SMBsplwr);
4075 if (!CAN_PRINT(conn)) {
4076 END_PROFILE(SMBsplwr);
4077 return ERROR_DOS(ERRDOS,ERRnoaccess);
4080 CHECK_FSP(fsp,conn);
4081 if (!CHECK_WRITE(fsp)) {
4082 return(ERROR_DOS(ERRDOS,ERRbadaccess));
4085 numtowrite = SVAL(smb_buf(inbuf),1);
4086 data = smb_buf(inbuf) + 3;
4088 if (write_file(fsp,data,-1,numtowrite) != numtowrite) {
4089 END_PROFILE(SMBsplwr);
4090 return(UNIXERROR(ERRHRD,ERRdiskfull));
4093 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
4095 END_PROFILE(SMBsplwr);
4099 /****************************************************************************
4101 ****************************************************************************/
4103 void reply_mkdir(connection_struct *conn, struct smb_request *req)
4107 SMB_STRUCT_STAT sbuf;
4109 START_PROFILE(SMBmkdir);
4111 srvstr_get_path((char *)req->inbuf, req->flags2, directory,
4112 smb_buf(req->inbuf) + 1, sizeof(directory), 0,
4113 STR_TERMINATE, &status);
4114 if (!NT_STATUS_IS_OK(status)) {
4115 reply_nterror(req, status);
4116 END_PROFILE(SMBmkdir);
4120 status = resolve_dfspath(conn,
4121 req->flags2 & FLAGS2_DFS_PATHNAMES,
4123 if (!NT_STATUS_IS_OK(status)) {
4124 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4125 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4126 ERRSRV, ERRbadpath);
4127 END_PROFILE(SMBmkdir);
4130 reply_nterror(req, status);
4131 END_PROFILE(SMBmkdir);
4135 status = unix_convert(conn, directory, False, NULL, &sbuf);
4136 if (!NT_STATUS_IS_OK(status)) {
4137 reply_nterror(req, status);
4138 END_PROFILE(SMBmkdir);
4142 status = check_name(conn, directory);
4143 if (!NT_STATUS_IS_OK(status)) {
4144 reply_nterror(req, status);
4145 END_PROFILE(SMBmkdir);
4149 status = create_directory(conn, directory);
4151 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
4153 if (!NT_STATUS_IS_OK(status)) {
4155 if (!use_nt_status()
4156 && NT_STATUS_EQUAL(status,
4157 NT_STATUS_OBJECT_NAME_COLLISION)) {
4159 * Yes, in the DOS error code case we get a
4160 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
4161 * samba4 torture test.
4163 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
4166 reply_nterror(req, status);
4167 END_PROFILE(SMBmkdir);
4171 reply_outbuf(req, 0, 0);
4173 DEBUG( 3, ( "mkdir %s\n", directory ) );
4175 END_PROFILE(SMBmkdir);
4179 /****************************************************************************
4180 Static function used by reply_rmdir to delete an entire directory
4181 tree recursively. Return True on ok, False on fail.
4182 ****************************************************************************/
4184 static BOOL recursive_rmdir(connection_struct *conn, char *directory)
4186 const char *dname = NULL;
4189 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
4194 while((dname = ReadDirName(dir_hnd, &offset))) {
4198 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4201 if (!is_visible_file(conn, directory, dname, &st, False))
4204 /* Construct the full name. */
4205 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
4211 pstrcpy(fullname, directory);
4212 pstrcat(fullname, "/");
4213 pstrcat(fullname, dname);
4215 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
4220 if(st.st_mode & S_IFDIR) {
4221 if(!recursive_rmdir(conn, fullname)) {
4225 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
4229 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
4238 /****************************************************************************
4239 The internals of the rmdir code - called elsewhere.
4240 ****************************************************************************/
4242 NTSTATUS rmdir_internals(connection_struct *conn, const char *directory)
4247 /* Might be a symlink. */
4248 if(SMB_VFS_LSTAT(conn, directory, &st) != 0) {
4249 return map_nt_error_from_unix(errno);
4252 if (S_ISLNK(st.st_mode)) {
4253 /* Is what it points to a directory ? */
4254 if(SMB_VFS_STAT(conn, directory, &st) != 0) {
4255 return map_nt_error_from_unix(errno);
4257 if (!(S_ISDIR(st.st_mode))) {
4258 return NT_STATUS_NOT_A_DIRECTORY;
4260 ret = SMB_VFS_UNLINK(conn,directory);
4262 ret = SMB_VFS_RMDIR(conn,directory);
4265 notify_fname(conn, NOTIFY_ACTION_REMOVED,
4266 FILE_NOTIFY_CHANGE_DIR_NAME,
4268 return NT_STATUS_OK;
4271 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
4273 * Check to see if the only thing in this directory are
4274 * vetoed files/directories. If so then delete them and
4275 * retry. If we fail to delete any of them (and we *don't*
4276 * do a recursive delete) then fail the rmdir.
4280 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
4282 if(dir_hnd == NULL) {
4287 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
4288 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4290 if (!is_visible_file(conn, directory, dname, &st, False))
4292 if(!IS_VETO_PATH(conn, dname)) {
4299 /* We only have veto files/directories. Recursive delete. */
4301 RewindDir(dir_hnd,&dirpos);
4302 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
4305 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4307 if (!is_visible_file(conn, directory, dname, &st, False))
4310 /* Construct the full name. */
4311 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
4316 pstrcpy(fullname, directory);
4317 pstrcat(fullname, "/");
4318 pstrcat(fullname, dname);
4320 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0)
4322 if(st.st_mode & S_IFDIR) {
4323 if(lp_recursive_veto_delete(SNUM(conn))) {
4324 if(!recursive_rmdir(conn, fullname))
4327 if(SMB_VFS_RMDIR(conn,fullname) != 0)
4329 } else if(SMB_VFS_UNLINK(conn,fullname) != 0)
4333 /* Retry the rmdir */
4334 ret = SMB_VFS_RMDIR(conn,directory);
4340 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
4341 "%s\n", directory,strerror(errno)));
4342 return map_nt_error_from_unix(errno);
4345 notify_fname(conn, NOTIFY_ACTION_REMOVED,
4346 FILE_NOTIFY_CHANGE_DIR_NAME,
4349 return NT_STATUS_OK;
4352 /****************************************************************************
4354 ****************************************************************************/
4356 void reply_rmdir(connection_struct *conn, struct smb_request *req)
4359 SMB_STRUCT_STAT sbuf;
4361 START_PROFILE(SMBrmdir);
4363 srvstr_get_path((char *)req->inbuf, req->flags2, directory,
4364 smb_buf(req->inbuf) + 1, sizeof(directory), 0,
4365 STR_TERMINATE, &status);
4366 if (!NT_STATUS_IS_OK(status)) {
4367 reply_nterror(req, status);
4368 END_PROFILE(SMBrmdir);
4372 status = resolve_dfspath(conn,
4373 req->flags2 & FLAGS2_DFS_PATHNAMES,
4375 if (!NT_STATUS_IS_OK(status)) {
4376 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4377 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4378 ERRSRV, ERRbadpath);
4379 END_PROFILE(SMBrmdir);
4382 reply_nterror(req, status);
4383 END_PROFILE(SMBrmdir);
4387 status = unix_convert(conn, directory, False, NULL, &sbuf);
4388 if (!NT_STATUS_IS_OK(status)) {
4389 reply_nterror(req, status);
4390 END_PROFILE(SMBrmdir);
4394 status = check_name(conn, directory);
4395 if (!NT_STATUS_IS_OK(status)) {
4396 reply_nterror(req, status);
4397 END_PROFILE(SMBrmdir);
4401 dptr_closepath(directory, req->smbpid);
4402 status = rmdir_internals(conn, directory);
4403 if (!NT_STATUS_IS_OK(status)) {
4404 reply_nterror(req, status);
4405 END_PROFILE(SMBrmdir);
4409 reply_outbuf(req, 0, 0);
4411 DEBUG( 3, ( "rmdir %s\n", directory ) );
4413 END_PROFILE(SMBrmdir);
4417 /*******************************************************************
4418 Resolve wildcards in a filename rename.
4419 Note that name is in UNIX charset and thus potentially can be more
4420 than fstring buffer (255 bytes) especially in default UTF-8 case.
4421 Therefore, we use pstring inside and all calls should ensure that
4422 name2 is at least pstring-long (they do already)
4423 ********************************************************************/
4425 static BOOL resolve_wildcards(const char *name1, char *name2)
4427 pstring root1,root2;
4429 char *p,*p2, *pname1, *pname2;
4430 int available_space, actual_space;
4432 pname1 = strrchr_m(name1,'/');
4433 pname2 = strrchr_m(name2,'/');
4435 if (!pname1 || !pname2)
4438 pstrcpy(root1,pname1);
4439 pstrcpy(root2,pname2);
4440 p = strrchr_m(root1,'.');
4447 p = strrchr_m(root2,'.');
4461 } else if (*p2 == '*') {
4477 } else if (*p2 == '*') {
4487 available_space = sizeof(pstring) - PTR_DIFF(pname2, name2);
4490 actual_space = snprintf(pname2, available_space - 1, "%s.%s", root2, ext2);
4491 if (actual_space >= available_space - 1) {
4492 DEBUG(1,("resolve_wildcards: can't fit resolved name into specified buffer (overrun by %d bytes)\n",
4493 actual_space - available_space));
4496 pstrcpy_base(pname2, root2, name2);
4502 /****************************************************************************
4503 Ensure open files have their names updated. Updated to notify other smbd's
4505 ****************************************************************************/
4507 static void rename_open_files(connection_struct *conn,
4508 struct share_mode_lock *lck,
4509 const char *newname)
4512 BOOL did_rename = False;
4514 for(fsp = file_find_di_first(lck->id); fsp;
4515 fsp = file_find_di_next(fsp)) {
4516 /* fsp_name is a relative path under the fsp. To change this for other
4517 sharepaths we need to manipulate relative paths. */
4518 /* TODO - create the absolute path and manipulate the newname
4519 relative to the sharepath. */
4520 if (fsp->conn != conn) {
4523 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
4524 fsp->fnum, file_id_static_string(&fsp->file_id),
4525 fsp->fsp_name, newname ));
4526 string_set(&fsp->fsp_name, newname);
4531 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
4532 file_id_static_string(&lck->id), newname ));
4535 /* Send messages to all smbd's (not ourself) that the name has changed. */
4536 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
4540 /****************************************************************************
4541 We need to check if the source path is a parent directory of the destination
4542 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
4543 refuse the rename with a sharing violation. Under UNIX the above call can
4544 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
4545 probably need to check that the client is a Windows one before disallowing
4546 this as a UNIX client (one with UNIX extensions) can know the source is a
4547 symlink and make this decision intelligently. Found by an excellent bug
4548 report from <AndyLiebman@aol.com>.
4549 ****************************************************************************/
4551 static BOOL rename_path_prefix_equal(const char *src, const char *dest)
4553 const char *psrc = src;
4554 const char *pdst = dest;
4557 if (psrc[0] == '.' && psrc[1] == '/') {
4560 if (pdst[0] == '.' && pdst[1] == '/') {
4563 if ((slen = strlen(psrc)) > strlen(pdst)) {
4566 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
4570 * Do the notify calls from a rename
4573 static void notify_rename(connection_struct *conn, BOOL is_dir,
4574 const char *oldpath, const char *newpath)
4576 char *olddir, *newdir;
4577 const char *oldname, *newname;
4580 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
4581 : FILE_NOTIFY_CHANGE_FILE_NAME;
4583 if (!parent_dirname_talloc(NULL, oldpath, &olddir, &oldname)
4584 || !parent_dirname_talloc(NULL, newpath, &newdir, &newname)) {
4585 TALLOC_FREE(olddir);
4589 if (strcmp(olddir, newdir) == 0) {
4590 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
4591 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
4594 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
4595 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
4597 TALLOC_FREE(olddir);
4598 TALLOC_FREE(newdir);
4600 /* this is a strange one. w2k3 gives an additional event for
4601 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
4602 files, but not directories */
4604 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
4605 FILE_NOTIFY_CHANGE_ATTRIBUTES
4606 |FILE_NOTIFY_CHANGE_CREATION,
4611 /****************************************************************************
4612 Rename an open file - given an fsp.
4613 ****************************************************************************/
4615 NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstring newname, uint32 attrs, BOOL replace_if_exists)
4617 SMB_STRUCT_STAT sbuf, sbuf1;
4618 pstring newname_last_component;
4619 NTSTATUS status = NT_STATUS_OK;
4620 struct share_mode_lock *lck = NULL;
4625 status = unix_convert(conn, newname, False, newname_last_component, &sbuf);
4627 /* If an error we expect this to be NT_STATUS_OBJECT_PATH_NOT_FOUND */
4629 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(NT_STATUS_OBJECT_PATH_NOT_FOUND, status)) {
4633 status = check_name(conn, newname);
4634 if (!NT_STATUS_IS_OK(status)) {
4638 /* Ensure newname contains a '/' */
4639 if(strrchr_m(newname,'/') == 0) {
4642 pstrcpy(tmpstr, "./");
4643 pstrcat(tmpstr, newname);
4644 pstrcpy(newname, tmpstr);
4648 * Check for special case with case preserving and not
4649 * case sensitive. If the old last component differs from the original
4650 * last component only by case, then we should allow
4651 * the rename (user is trying to change the case of the
4655 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
4656 strequal(newname, fsp->fsp_name)) {
4658 pstring newname_modified_last_component;
4661 * Get the last component of the modified name.
4662 * Note that we guarantee that newname contains a '/'
4665 p = strrchr_m(newname,'/');
4666 pstrcpy(newname_modified_last_component,p+1);
4668 if(strcsequal(newname_modified_last_component,
4669 newname_last_component) == False) {
4671 * Replace the modified last component with
4674 pstrcpy(p+1, newname_last_component);
4679 * If the src and dest names are identical - including case,
4680 * don't do the rename, just return success.
4683 if (strcsequal(fsp->fsp_name, newname)) {
4684 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
4686 return NT_STATUS_OK;
4690 * Have vfs_object_exist also fill sbuf1
4692 dst_exists = vfs_object_exist(conn, newname, &sbuf1);
4694 if(!replace_if_exists && dst_exists) {
4695 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
4696 fsp->fsp_name,newname));
4697 return NT_STATUS_OBJECT_NAME_COLLISION;
4701 struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1);
4702 files_struct *dst_fsp = file_find_di_first(fileid);
4704 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
4705 return NT_STATUS_ACCESS_DENIED;
4709 /* Ensure we have a valid stat struct for the source. */
4710 if (fsp->fh->fd != -1) {
4711 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) == -1) {
4712 return map_nt_error_from_unix(errno);
4715 if (SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf) == -1) {
4716 return map_nt_error_from_unix(errno);
4720 status = can_rename(conn, fsp, attrs, &sbuf);
4722 if (!NT_STATUS_IS_OK(status)) {
4723 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4724 nt_errstr(status), fsp->fsp_name,newname));
4725 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
4726 status = NT_STATUS_ACCESS_DENIED;
4730 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
4731 return NT_STATUS_ACCESS_DENIED;
4734 lck = get_share_mode_lock(NULL, fsp->file_id, NULL, NULL);
4737 * We have the file open ourselves, so not being able to get the
4738 * corresponding share mode lock is a fatal error.
4741 SMB_ASSERT(lck != NULL);
4743 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
4744 uint32 create_options = fsp->fh->private_options;
4746 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
4747 fsp->fsp_name,newname));
4749 rename_open_files(conn, lck, newname);
4751 notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
4754 * A rename acts as a new file create w.r.t. allowing an initial delete
4755 * on close, probably because in Windows there is a new handle to the
4756 * new file. If initial delete on close was requested but not
4757 * originally set, we need to set it here. This is probably not 100% correct,
4758 * but will work for the CIFSFS client which in non-posix mode
4759 * depends on these semantics. JRA.
4762 set_allow_initial_delete_on_close(lck, fsp, True);
4764 if (create_options & FILE_DELETE_ON_CLOSE) {
4765 status = can_set_delete_on_close(fsp, True, 0);
4767 if (NT_STATUS_IS_OK(status)) {
4768 /* Note that here we set the *inital* delete on close flag,
4769 * not the regular one. The magic gets handled in close. */
4770 fsp->initial_delete_on_close = True;
4774 return NT_STATUS_OK;
4779 if (errno == ENOTDIR || errno == EISDIR) {
4780 status = NT_STATUS_OBJECT_NAME_COLLISION;
4782 status = map_nt_error_from_unix(errno);
4785 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4786 nt_errstr(status), fsp->fsp_name,newname));
4791 /****************************************************************************
4792 The guts of the rename command, split out so it may be called by the NT SMB
4794 ****************************************************************************/
4796 NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req,
4800 BOOL replace_if_exists,
4806 pstring last_component_src;
4807 pstring last_component_dest;
4810 NTSTATUS status = NT_STATUS_OK;
4811 SMB_STRUCT_STAT sbuf1, sbuf2;
4812 struct smb_Dir *dir_hnd = NULL;
4817 *directory = *mask = 0;
4822 status = unix_convert(conn, name, src_has_wild, last_component_src, &sbuf1);
4823 if (!NT_STATUS_IS_OK(status)) {
4827 status = unix_convert(conn, newname, dest_has_wild, last_component_dest, &sbuf2);
4828 if (!NT_STATUS_IS_OK(status)) {
4833 * Split the old name into directory and last component
4834 * strings. Note that unix_convert may have stripped off a
4835 * leading ./ from both name and newname if the rename is
4836 * at the root of the share. We need to make sure either both
4837 * name and newname contain a / character or neither of them do
4838 * as this is checked in resolve_wildcards().
4841 p = strrchr_m(name,'/');
4843 pstrcpy(directory,".");
4847 pstrcpy(directory,name);
4849 *p = '/'; /* Replace needed for exceptional test below. */
4853 * We should only check the mangled cache
4854 * here if unix_convert failed. This means
4855 * that the path in 'mask' doesn't exist
4856 * on the file system and so we need to look
4857 * for a possible mangle. This patch from
4858 * Tine Smukavec <valentin.smukavec@hermes.si>.
4861 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
4862 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
4865 if (!src_has_wild) {
4869 * No wildcards - just process the one file.
4871 BOOL is_short_name = mangle_is_8_3(name, True, conn->params);
4873 /* Add a terminating '/' to the directory name. */
4874 pstrcat(directory,"/");
4875 pstrcat(directory,mask);
4877 /* Ensure newname contains a '/' also */
4878 if(strrchr_m(newname,'/') == 0) {
4881 pstrcpy(tmpstr, "./");
4882 pstrcat(tmpstr, newname);
4883 pstrcpy(newname, tmpstr);
4886 DEBUG(3, ("rename_internals: case_sensitive = %d, "
4887 "case_preserve = %d, short case preserve = %d, "
4888 "directory = %s, newname = %s, "
4889 "last_component_dest = %s, is_8_3 = %d\n",
4890 conn->case_sensitive, conn->case_preserve,
4891 conn->short_case_preserve, directory,
4892 newname, last_component_dest, is_short_name));
4894 /* The dest name still may have wildcards. */
4895 if (dest_has_wild) {
4896 if (!resolve_wildcards(directory,newname)) {
4897 DEBUG(6, ("rename_internals: resolve_wildcards %s %s failed\n",
4898 directory,newname));
4899 return NT_STATUS_NO_MEMORY;
4904 SMB_VFS_STAT(conn, directory, &sbuf1);
4906 status = S_ISDIR(sbuf1.st_mode) ?
4907 open_directory(conn, req, directory, &sbuf1,
4909 FILE_SHARE_READ|FILE_SHARE_WRITE,
4910 FILE_OPEN, 0, 0, NULL,
4912 : open_file_ntcreate(conn, req, directory, &sbuf1,
4914 FILE_SHARE_READ|FILE_SHARE_WRITE,
4915 FILE_OPEN, 0, 0, 0, NULL,
4918 if (!NT_STATUS_IS_OK(status)) {
4919 DEBUG(3, ("Could not open rename source %s: %s\n",
4920 directory, nt_errstr(status)));
4924 status = rename_internals_fsp(conn, fsp, newname, attrs,
4927 close_file(fsp, NORMAL_CLOSE);
4929 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
4930 nt_errstr(status), directory,newname));
4936 * Wildcards - process each file that matches.
4938 if (strequal(mask,"????????.???")) {
4942 status = check_name(conn, directory);
4943 if (!NT_STATUS_IS_OK(status)) {
4947 dir_hnd = OpenDir(conn, directory, mask, attrs);
4948 if (dir_hnd == NULL) {
4949 return map_nt_error_from_unix(errno);
4952 status = NT_STATUS_NO_SUCH_FILE;
4954 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
4955 * - gentest fix. JRA
4958 while ((dname = ReadDirName(dir_hnd, &offset))) {
4961 BOOL sysdir_entry = False;
4963 pstrcpy(fname,dname);
4965 /* Quick check for "." and ".." */
4966 if (fname[0] == '.') {
4967 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
4969 sysdir_entry = True;
4976 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
4980 if(!mask_match(fname, mask, conn->case_sensitive)) {
4985 status = NT_STATUS_OBJECT_NAME_INVALID;
4989 slprintf(fname, sizeof(fname)-1, "%s/%s", directory, dname);
4991 pstrcpy(destname,newname);
4993 if (!resolve_wildcards(fname,destname)) {
4994 DEBUG(6, ("resolve_wildcards %s %s failed\n",
5000 SMB_VFS_STAT(conn, fname, &sbuf1);
5002 status = S_ISDIR(sbuf1.st_mode) ?
5003 open_directory(conn, req, fname, &sbuf1,
5005 FILE_SHARE_READ|FILE_SHARE_WRITE,
5006 FILE_OPEN, 0, 0, NULL,
5008 : open_file_ntcreate(conn, req, fname, &sbuf1,
5010 FILE_SHARE_READ|FILE_SHARE_WRITE,
5011 FILE_OPEN, 0, 0, 0, NULL,
5014 if (!NT_STATUS_IS_OK(status)) {
5015 DEBUG(3,("rename_internals: open_file_ntcreate "
5016 "returned %s rename %s -> %s\n",
5017 nt_errstr(status), directory, newname));
5021 status = rename_internals_fsp(conn, fsp, destname, attrs,
5024 close_file(fsp, NORMAL_CLOSE);
5026 if (!NT_STATUS_IS_OK(status)) {
5027 DEBUG(3, ("rename_internals_fsp returned %s for "
5028 "rename %s -> %s\n", nt_errstr(status),
5029 directory, newname));
5035 DEBUG(3,("rename_internals: doing rename on %s -> "
5036 "%s\n",fname,destname));
5040 if (count == 0 && NT_STATUS_IS_OK(status)) {
5041 status = map_nt_error_from_unix(errno);
5047 /****************************************************************************
5049 ****************************************************************************/
5051 int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
5058 uint32 attrs = SVAL(inbuf,smb_vwv0);
5060 BOOL src_has_wcard = False;
5061 BOOL dest_has_wcard = False;
5062 struct smb_request req;
5064 START_PROFILE(SMBmv);
5066 init_smb_request(&req, (uint8 *)inbuf);
5068 p = smb_buf(inbuf) + 1;
5069 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, p,
5070 sizeof(name), 0, STR_TERMINATE, &status,
5072 if (!NT_STATUS_IS_OK(status)) {
5074 return ERROR_NT(status);
5077 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), newname, p,
5078 sizeof(newname), 0, STR_TERMINATE, &status,
5080 if (!NT_STATUS_IS_OK(status)) {
5082 return ERROR_NT(status);
5085 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &src_has_wcard);
5086 if (!NT_STATUS_IS_OK(status)) {
5088 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5089 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5091 return ERROR_NT(status);
5094 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wcard);
5095 if (!NT_STATUS_IS_OK(status)) {
5097 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5098 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5100 return ERROR_NT(status);
5103 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
5105 status = rename_internals(conn, &req, name, newname, attrs, False,
5106 src_has_wcard, dest_has_wcard);
5107 if (!NT_STATUS_IS_OK(status)) {
5109 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
5110 /* We have re-scheduled this call. */
5113 return ERROR_NT(status);
5116 outsize = set_message(inbuf,outbuf,0,0,False);
5122 /*******************************************************************
5123 Copy a file as part of a reply_copy.
5124 ******************************************************************/
5127 * TODO: check error codes on all callers
5130 NTSTATUS copy_file(connection_struct *conn,
5135 BOOL target_is_directory)
5137 SMB_STRUCT_STAT src_sbuf, sbuf2;
5139 files_struct *fsp1,*fsp2;
5142 uint32 new_create_disposition;
5145 pstrcpy(dest,dest1);
5146 if (target_is_directory) {
5147 char *p = strrchr_m(src,'/');
5157 if (!vfs_file_exist(conn,src,&src_sbuf)) {
5158 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
5161 if (!target_is_directory && count) {
5162 new_create_disposition = FILE_OPEN;
5164 if (!map_open_params_to_ntcreate(dest1,0,ofun,
5165 NULL, NULL, &new_create_disposition, NULL)) {
5166 return NT_STATUS_INVALID_PARAMETER;
5170 status = open_file_ntcreate(conn, NULL, src, &src_sbuf,
5172 FILE_SHARE_READ|FILE_SHARE_WRITE,
5175 FILE_ATTRIBUTE_NORMAL,
5179 if (!NT_STATUS_IS_OK(status)) {
5183 dosattrs = dos_mode(conn, src, &src_sbuf);
5184 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
5185 ZERO_STRUCTP(&sbuf2);
5188 status = open_file_ntcreate(conn, NULL, dest, &sbuf2,
5190 FILE_SHARE_READ|FILE_SHARE_WRITE,
5191 new_create_disposition,
5197 if (!NT_STATUS_IS_OK(status)) {
5198 close_file(fsp1,ERROR_CLOSE);
5202 if ((ofun&3) == 1) {
5203 if(SMB_VFS_LSEEK(fsp2,fsp2->fh->fd,0,SEEK_END) == -1) {
5204 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
5206 * Stop the copy from occurring.
5209 src_sbuf.st_size = 0;
5213 if (src_sbuf.st_size) {
5214 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
5217 close_file(fsp1,NORMAL_CLOSE);
5219 /* Ensure the modtime is set correctly on the destination file. */
5220 fsp_set_pending_modtime( fsp2, get_mtimespec(&src_sbuf));
5223 * As we are opening fsp1 read-only we only expect
5224 * an error on close on fsp2 if we are out of space.
5225 * Thus we don't look at the error return from the
5228 status = close_file(fsp2,NORMAL_CLOSE);
5230 if (!NT_STATUS_IS_OK(status)) {
5234 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
5235 return NT_STATUS_DISK_FULL;
5238 return NT_STATUS_OK;
5241 /****************************************************************************
5242 Reply to a file copy.
5243 ****************************************************************************/
5245 int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5250 pstring mask,newname;
5253 int error = ERRnoaccess;
5255 int tid2 = SVAL(inbuf,smb_vwv0);
5256 int ofun = SVAL(inbuf,smb_vwv1);
5257 int flags = SVAL(inbuf,smb_vwv2);
5258 BOOL target_is_directory=False;
5259 BOOL source_has_wild = False;
5260 BOOL dest_has_wild = False;
5261 SMB_STRUCT_STAT sbuf1, sbuf2;
5263 START_PROFILE(SMBcopy);
5265 *directory = *mask = 0;
5268 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, p,
5269 sizeof(name), 0, STR_TERMINATE, &status,
5271 if (!NT_STATUS_IS_OK(status)) {
5272 END_PROFILE(SMBcopy);
5273 return ERROR_NT(status);
5275 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), newname, p,
5276 sizeof(newname), 0, STR_TERMINATE, &status,
5278 if (!NT_STATUS_IS_OK(status)) {
5279 END_PROFILE(SMBcopy);
5280 return ERROR_NT(status);
5283 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
5285 if (tid2 != conn->cnum) {
5286 /* can't currently handle inter share copies XXXX */
5287 DEBUG(3,("Rejecting inter-share copy\n"));
5288 END_PROFILE(SMBcopy);
5289 return ERROR_DOS(ERRSRV,ERRinvdevice);
5292 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &source_has_wild);
5293 if (!NT_STATUS_IS_OK(status)) {
5294 END_PROFILE(SMBcopy);
5295 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5296 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5298 return ERROR_NT(status);
5301 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wild);
5302 if (!NT_STATUS_IS_OK(status)) {
5303 END_PROFILE(SMBcopy);
5304 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5305 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5307 return ERROR_NT(status);
5310 status = unix_convert(conn, name, source_has_wild, NULL, &sbuf1);
5311 if (!NT_STATUS_IS_OK(status)) {
5312 END_PROFILE(SMBcopy);
5313 return ERROR_NT(status);
5316 status = unix_convert(conn, newname, dest_has_wild, NULL, &sbuf2);
5317 if (!NT_STATUS_IS_OK(status)) {
5318 END_PROFILE(SMBcopy);
5319 return ERROR_NT(status);
5322 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
5324 if ((flags&1) && target_is_directory) {
5325 END_PROFILE(SMBcopy);
5326 return ERROR_DOS(ERRDOS,ERRbadfile);
5329 if ((flags&2) && !target_is_directory) {
5330 END_PROFILE(SMBcopy);
5331 return ERROR_DOS(ERRDOS,ERRbadpath);
5334 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
5335 /* wants a tree copy! XXXX */
5336 DEBUG(3,("Rejecting tree copy\n"));
5337 END_PROFILE(SMBcopy);
5338 return ERROR_DOS(ERRSRV,ERRerror);
5341 p = strrchr_m(name,'/');
5343 pstrcpy(directory,"./");
5347 pstrcpy(directory,name);
5352 * We should only check the mangled cache
5353 * here if unix_convert failed. This means
5354 * that the path in 'mask' doesn't exist
5355 * on the file system and so we need to look
5356 * for a possible mangle. This patch from
5357 * Tine Smukavec <valentin.smukavec@hermes.si>.
5360 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
5361 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
5364 if (!source_has_wild) {
5365 pstrcat(directory,"/");
5366 pstrcat(directory,mask);
5367 if (dest_has_wild) {
5368 if (!resolve_wildcards(directory,newname)) {
5369 END_PROFILE(SMBcopy);
5370 return ERROR_NT(NT_STATUS_NO_MEMORY);
5374 status = check_name(conn, directory);
5375 if (!NT_STATUS_IS_OK(status)) {
5376 return ERROR_NT(status);
5379 status = check_name(conn, newname);
5380 if (!NT_STATUS_IS_OK(status)) {
5381 return ERROR_NT(status);
5384 status = copy_file(conn,directory,newname,ofun,
5385 count,target_is_directory);
5387 if(!NT_STATUS_IS_OK(status)) {
5388 END_PROFILE(SMBcopy);
5389 return ERROR_NT(status);
5394 struct smb_Dir *dir_hnd = NULL;
5399 if (strequal(mask,"????????.???"))
5402 status = check_name(conn, directory);
5403 if (!NT_STATUS_IS_OK(status)) {
5404 return ERROR_NT(status);
5407 dir_hnd = OpenDir(conn, directory, mask, 0);
5408 if (dir_hnd == NULL) {
5409 status = map_nt_error_from_unix(errno);
5410 return ERROR_NT(status);
5415 while ((dname = ReadDirName(dir_hnd, &offset))) {
5417 pstrcpy(fname,dname);
5419 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
5423 if(!mask_match(fname, mask, conn->case_sensitive)) {
5427 error = ERRnoaccess;
5428 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
5429 pstrcpy(destname,newname);
5430 if (!resolve_wildcards(fname,destname)) {
5434 status = check_name(conn, fname);
5435 if (!NT_STATUS_IS_OK(status)) {
5436 return ERROR_NT(status);
5439 status = check_name(conn, destname);
5440 if (!NT_STATUS_IS_OK(status)) {
5441 return ERROR_NT(status);
5444 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname));
5446 status = copy_file(conn,fname,destname,ofun,
5447 count,target_is_directory);
5448 if (NT_STATUS_IS_OK(status)) {
5457 /* Error on close... */
5459 END_PROFILE(SMBcopy);
5460 return(UNIXERROR(ERRHRD,ERRgeneral));
5463 END_PROFILE(SMBcopy);
5464 return ERROR_DOS(ERRDOS,error);
5467 outsize = set_message(inbuf,outbuf,1,0,True);
5468 SSVAL(outbuf,smb_vwv0,count);
5470 END_PROFILE(SMBcopy);
5474 /****************************************************************************
5476 ****************************************************************************/
5478 int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5485 START_PROFILE(pathworks_setdir);
5488 if (!CAN_SETDIR(snum)) {
5489 END_PROFILE(pathworks_setdir);
5490 return ERROR_DOS(ERRDOS,ERRnoaccess);
5493 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), newdir,
5494 smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE,
5496 if (!NT_STATUS_IS_OK(status)) {
5497 END_PROFILE(pathworks_setdir);
5498 return ERROR_NT(status);
5501 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newdir);
5502 if (!NT_STATUS_IS_OK(status)) {
5503 END_PROFILE(pathworks_setdir);
5504 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5505 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5507 return ERROR_NT(status);
5510 if (strlen(newdir) != 0) {
5511 if (!vfs_directory_exist(conn,newdir,NULL)) {
5512 END_PROFILE(pathworks_setdir);
5513 return ERROR_DOS(ERRDOS,ERRbadpath);
5515 set_conn_connectpath(conn,newdir);
5518 outsize = set_message(inbuf,outbuf,0,0,False);
5519 SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh));
5521 DEBUG(3,("setdir %s\n", newdir));
5523 END_PROFILE(pathworks_setdir);
5528 #define DBGC_CLASS DBGC_LOCKING
5530 /****************************************************************************
5531 Get a lock pid, dealing with large count requests.
5532 ****************************************************************************/
5534 uint32 get_lock_pid( char *data, int data_offset, BOOL large_file_format)
5536 if(!large_file_format)
5537 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
5539 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
5542 /****************************************************************************
5543 Get a lock count, dealing with large count requests.
5544 ****************************************************************************/
5546 SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format)
5548 SMB_BIG_UINT count = 0;
5550 if(!large_file_format) {
5551 count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
5554 #if defined(HAVE_LONGLONG)
5555 count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
5556 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
5557 #else /* HAVE_LONGLONG */
5560 * NT4.x seems to be broken in that it sends large file (64 bit)
5561 * lockingX calls even if the CAP_LARGE_FILES was *not*
5562 * negotiated. For boxes without large unsigned ints truncate the
5563 * lock count by dropping the top 32 bits.
5566 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
5567 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
5568 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
5569 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
5570 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
5573 count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
5574 #endif /* HAVE_LONGLONG */
5580 #if !defined(HAVE_LONGLONG)
5581 /****************************************************************************
5582 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
5583 ****************************************************************************/
5585 static uint32 map_lock_offset(uint32 high, uint32 low)
5589 uint32 highcopy = high;
5592 * Try and find out how many significant bits there are in high.
5595 for(i = 0; highcopy; i++)
5599 * We use 31 bits not 32 here as POSIX
5600 * lock offsets may not be negative.
5603 mask = (~0) << (31 - i);
5606 return 0; /* Fail. */
5612 #endif /* !defined(HAVE_LONGLONG) */
5614 /****************************************************************************
5615 Get a lock offset, dealing with large offset requests.
5616 ****************************************************************************/
5618 SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err)
5620 SMB_BIG_UINT offset = 0;
5624 if(!large_file_format) {
5625 offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
5628 #if defined(HAVE_LONGLONG)
5629 offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
5630 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
5631 #else /* HAVE_LONGLONG */
5634 * NT4.x seems to be broken in that it sends large file (64 bit)
5635 * lockingX calls even if the CAP_LARGE_FILES was *not*
5636 * negotiated. For boxes without large unsigned ints mangle the
5637 * lock offset by mapping the top 32 bits onto the lower 32.
5640 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
5641 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5642 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
5645 if((new_low = map_lock_offset(high, low)) == 0) {
5647 return (SMB_BIG_UINT)-1;
5650 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
5651 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
5652 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
5653 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
5656 offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5657 #endif /* HAVE_LONGLONG */
5663 /****************************************************************************
5664 Reply to a lockingX request.
5665 ****************************************************************************/
5667 int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf,
5668 int length, int bufsize)
5670 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv2));
5671 unsigned char locktype = CVAL(inbuf,smb_vwv3);
5672 unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1);
5673 uint16 num_ulocks = SVAL(inbuf,smb_vwv6);
5674 uint16 num_locks = SVAL(inbuf,smb_vwv7);
5675 SMB_BIG_UINT count = 0, offset = 0;
5677 int32 lock_timeout = IVAL(inbuf,smb_vwv4);
5680 BOOL large_file_format =
5681 (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
5683 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
5685 START_PROFILE(SMBlockingX);
5687 CHECK_FSP(fsp,conn);
5689 data = smb_buf(inbuf);
5691 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
5692 /* we don't support these - and CANCEL_LOCK makes w2k
5693 and XP reboot so I don't really want to be
5694 compatible! (tridge) */
5695 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
5698 /* Check if this is an oplock break on a file
5699 we have granted an oplock on.
5701 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
5702 /* Client can insist on breaking to none. */
5703 BOOL break_to_none = (oplocklevel == 0);
5706 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
5707 "for fnum = %d\n", (unsigned int)oplocklevel,
5711 * Make sure we have granted an exclusive or batch oplock on
5715 if (fsp->oplock_type == 0) {
5717 /* The Samba4 nbench simulator doesn't understand
5718 the difference between break to level2 and break
5719 to none from level2 - it sends oplock break
5720 replies in both cases. Don't keep logging an error
5721 message here - just ignore it. JRA. */
5723 DEBUG(5,("reply_lockingX: Error : oplock break from "
5724 "client for fnum = %d (oplock=%d) and no "
5725 "oplock granted on this file (%s).\n",
5726 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
5728 /* if this is a pure oplock break request then don't
5730 if (num_locks == 0 && num_ulocks == 0) {
5731 END_PROFILE(SMBlockingX);
5734 END_PROFILE(SMBlockingX);
5735 return ERROR_DOS(ERRDOS,ERRlock);
5739 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
5741 result = remove_oplock(fsp);
5743 result = downgrade_oplock(fsp);
5747 DEBUG(0, ("reply_lockingX: error in removing "
5748 "oplock on file %s\n", fsp->fsp_name));
5749 /* Hmmm. Is this panic justified? */
5750 smb_panic("internal tdb error");
5753 reply_to_oplock_break_requests(fsp);
5755 /* if this is a pure oplock break request then don't send a
5757 if (num_locks == 0 && num_ulocks == 0) {
5758 /* Sanity check - ensure a pure oplock break is not a
5760 if(CVAL(inbuf,smb_vwv0) != 0xff)
5761 DEBUG(0,("reply_lockingX: Error : pure oplock "
5762 "break is a chained %d request !\n",
5763 (unsigned int)CVAL(inbuf,smb_vwv0) ));
5764 END_PROFILE(SMBlockingX);
5770 * We do this check *after* we have checked this is not a oplock break
5771 * response message. JRA.
5774 release_level_2_oplocks_on_change(fsp);
5776 /* Data now points at the beginning of the list
5777 of smb_unlkrng structs */
5778 for(i = 0; i < (int)num_ulocks; i++) {
5779 lock_pid = get_lock_pid( data, i, large_file_format);
5780 count = get_lock_count( data, i, large_file_format);
5781 offset = get_lock_offset( data, i, large_file_format, &err);
5784 * There is no error code marked "stupid client bug".... :-).
5787 END_PROFILE(SMBlockingX);
5788 return ERROR_DOS(ERRDOS,ERRnoaccess);
5791 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
5792 "pid %u, file %s\n", (double)offset, (double)count,
5793 (unsigned int)lock_pid, fsp->fsp_name ));
5795 status = do_unlock(smbd_messaging_context(),
5802 if (NT_STATUS_V(status)) {
5803 END_PROFILE(SMBlockingX);
5804 return ERROR_NT(status);
5808 /* Setup the timeout in seconds. */
5810 if (!lp_blocking_locks(SNUM(conn))) {
5814 /* Now do any requested locks */
5815 data += ((large_file_format ? 20 : 10)*num_ulocks);
5817 /* Data now points at the beginning of the list
5818 of smb_lkrng structs */
5820 for(i = 0; i < (int)num_locks; i++) {
5821 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
5822 READ_LOCK:WRITE_LOCK);
5823 lock_pid = get_lock_pid( data, i, large_file_format);
5824 count = get_lock_count( data, i, large_file_format);
5825 offset = get_lock_offset( data, i, large_file_format, &err);
5828 * There is no error code marked "stupid client bug".... :-).
5831 END_PROFILE(SMBlockingX);
5832 return ERROR_DOS(ERRDOS,ERRnoaccess);
5835 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
5836 "%u, file %s timeout = %d\n", (double)offset,
5837 (double)count, (unsigned int)lock_pid,
5838 fsp->fsp_name, (int)lock_timeout ));
5840 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
5841 if (lp_blocking_locks(SNUM(conn))) {
5843 /* Schedule a message to ourselves to
5844 remove the blocking lock record and
5845 return the right error. */
5847 if (!blocking_lock_cancel(fsp,
5853 NT_STATUS_FILE_LOCK_CONFLICT)) {
5854 END_PROFILE(SMBlockingX);
5855 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRcancelviolation));
5858 /* Remove a matching pending lock. */
5859 status = do_lock_cancel(fsp,
5865 BOOL blocking_lock = lock_timeout ? True : False;
5866 BOOL defer_lock = False;
5867 struct byte_range_lock *br_lck;
5868 uint32 block_smbpid;
5870 br_lck = do_lock(smbd_messaging_context(),
5881 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
5882 /* Windows internal resolution for blocking locks seems
5883 to be about 200ms... Don't wait for less than that. JRA. */
5884 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
5885 lock_timeout = lp_lock_spin_time();
5890 /* This heuristic seems to match W2K3 very well. If a
5891 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
5892 it pretends we asked for a timeout of between 150 - 300 milliseconds as
5893 far as I can tell. Replacement for do_lock_spin(). JRA. */
5895 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
5896 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
5898 lock_timeout = lp_lock_spin_time();
5901 if (br_lck && defer_lock) {
5903 * A blocking lock was requested. Package up
5904 * this smb into a queued request and push it
5905 * onto the blocking lock queue.
5907 if(push_blocking_lock_request(br_lck,
5918 TALLOC_FREE(br_lck);
5919 END_PROFILE(SMBlockingX);
5924 TALLOC_FREE(br_lck);
5927 if (NT_STATUS_V(status)) {
5928 END_PROFILE(SMBlockingX);
5929 return ERROR_NT(status);
5933 /* If any of the above locks failed, then we must unlock
5934 all of the previous locks (X/Open spec). */
5936 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
5940 * Ensure we don't do a remove on the lock that just failed,
5941 * as under POSIX rules, if we have a lock already there, we
5942 * will delete it (and we shouldn't) .....
5944 for(i--; i >= 0; i--) {
5945 lock_pid = get_lock_pid( data, i, large_file_format);
5946 count = get_lock_count( data, i, large_file_format);
5947 offset = get_lock_offset( data, i, large_file_format,
5951 * There is no error code marked "stupid client
5955 END_PROFILE(SMBlockingX);
5956 return ERROR_DOS(ERRDOS,ERRnoaccess);
5959 do_unlock(smbd_messaging_context(),
5966 END_PROFILE(SMBlockingX);
5967 return ERROR_NT(status);
5970 set_message(inbuf,outbuf,2,0,True);
5972 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
5973 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
5975 END_PROFILE(SMBlockingX);
5976 return chain_reply(inbuf,&outbuf,length,bufsize);
5980 #define DBGC_CLASS DBGC_ALL
5982 /****************************************************************************
5983 Reply to a SMBreadbmpx (read block multiplex) request.
5984 ****************************************************************************/
5986 int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
5997 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
5998 START_PROFILE(SMBreadBmpx);
6000 /* this function doesn't seem to work - disable by default */
6001 if (!lp_readbmpx()) {
6002 END_PROFILE(SMBreadBmpx);
6003 return ERROR_DOS(ERRSRV,ERRuseSTD);
6006 outsize = set_message(inbuf,outbuf,8,0,True);
6008 CHECK_FSP(fsp,conn);
6009 if (!CHECK_READ(fsp,inbuf)) {
6010 return(ERROR_DOS(ERRDOS,ERRbadaccess));
6013 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
6014 maxcount = SVAL(inbuf,smb_vwv3);
6016 data = smb_buf(outbuf);
6017 pad = ((long)data)%4;
6022 max_per_packet = bufsize-(outsize+pad);
6026 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
6027 END_PROFILE(SMBreadBmpx);
6028 return ERROR_DOS(ERRDOS,ERRlock);
6032 size_t N = MIN(max_per_packet,tcount-total_read);
6034 nread = read_file(fsp,data,startpos,N);
6039 if (nread < (ssize_t)N)
6040 tcount = total_read + nread;
6042 set_message(inbuf,outbuf,8,nread+pad,False);
6043 SIVAL(outbuf,smb_vwv0,startpos);
6044 SSVAL(outbuf,smb_vwv2,tcount);
6045 SSVAL(outbuf,smb_vwv6,nread);
6046 SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf));
6049 if (!send_smb(smbd_server_fd(),outbuf))
6050 exit_server_cleanly("reply_readbmpx: send_smb failed.");
6052 total_read += nread;
6054 } while (total_read < (ssize_t)tcount);
6056 END_PROFILE(SMBreadBmpx);
6060 /****************************************************************************
6061 Reply to a SMBsetattrE.
6062 ****************************************************************************/
6064 int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
6066 struct timespec ts[2];
6068 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6069 START_PROFILE(SMBsetattrE);
6071 outsize = set_message(inbuf,outbuf,0,0,False);
6073 if(!fsp || (fsp->conn != conn)) {
6074 END_PROFILE(SMBsetattrE);
6075 return ERROR_DOS(ERRDOS,ERRbadfid);
6079 * Convert the DOS times into unix times. Ignore create
6080 * time as UNIX can't set this.
6083 ts[0] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv3)); /* atime. */
6084 ts[1] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv5)); /* mtime. */
6087 * Patch from Ray Frush <frush@engr.colostate.edu>
6088 * Sometimes times are sent as zero - ignore them.
6091 if (null_timespec(ts[0]) && null_timespec(ts[1])) {
6092 /* Ignore request */
6093 if( DEBUGLVL( 3 ) ) {
6094 dbgtext( "reply_setattrE fnum=%d ", fsp->fnum);
6095 dbgtext( "ignoring zero request - not setting timestamps of 0\n" );
6097 END_PROFILE(SMBsetattrE);
6099 } else if (!null_timespec(ts[0]) && null_timespec(ts[1])) {
6100 /* set modify time = to access time if modify time was unset */
6104 /* Set the date on this file */
6105 /* Should we set pending modtime here ? JRA */
6106 if(file_ntimes(conn, fsp->fsp_name, ts)) {
6107 END_PROFILE(SMBsetattrE);
6108 return ERROR_DOS(ERRDOS,ERRnoaccess);
6111 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n",
6113 (unsigned int)ts[0].tv_sec,
6114 (unsigned int)ts[1].tv_sec));
6116 END_PROFILE(SMBsetattrE);
6121 /* Back from the dead for OS/2..... JRA. */
6123 /****************************************************************************
6124 Reply to a SMBwritebmpx (write block multiplex primary) request.
6125 ****************************************************************************/
6127 int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
6130 ssize_t nwritten = -1;
6137 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6139 START_PROFILE(SMBwriteBmpx);
6141 CHECK_FSP(fsp,conn);
6142 if (!CHECK_WRITE(fsp)) {
6143 return(ERROR_DOS(ERRDOS,ERRbadaccess));
6145 if (HAS_CACHED_ERROR(fsp)) {
6146 return(CACHED_ERROR(fsp));
6149 tcount = SVAL(inbuf,smb_vwv1);
6150 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
6151 write_through = BITSETW(inbuf+smb_vwv7,0);
6152 numtowrite = SVAL(inbuf,smb_vwv10);
6153 smb_doff = SVAL(inbuf,smb_vwv11);
6155 data = smb_base(inbuf) + smb_doff;
6157 /* If this fails we need to send an SMBwriteC response,
6158 not an SMBwritebmpx - set this up now so we don't forget */
6159 SCVAL(outbuf,smb_com,SMBwritec);
6161 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) {
6162 END_PROFILE(SMBwriteBmpx);
6163 return(ERROR_DOS(ERRDOS,ERRlock));
6166 nwritten = write_file(fsp,data,startpos,numtowrite);
6168 status = sync_file(conn, fsp, write_through);
6169 if (!NT_STATUS_IS_OK(status)) {
6170 END_PROFILE(SMBwriteBmpx);
6171 DEBUG(5,("reply_writebmpx: sync_file for %s returned %s\n",
6172 fsp->fsp_name, nt_errstr(status) ));
6173 return ERROR_NT(status);
6176 if(nwritten < (ssize_t)numtowrite) {
6177 END_PROFILE(SMBwriteBmpx);
6178 return(UNIXERROR(ERRHRD,ERRdiskfull));
6181 /* If the maximum to be written to this file
6182 is greater than what we just wrote then set
6183 up a secondary struct to be attached to this
6184 fd, we will use this to cache error messages etc. */
6186 if((ssize_t)tcount > nwritten) {
6187 write_bmpx_struct *wbms;
6188 if(fsp->wbmpx_ptr != NULL)
6189 wbms = fsp->wbmpx_ptr; /* Use an existing struct */
6191 wbms = SMB_MALLOC_P(write_bmpx_struct);
6193 DEBUG(0,("Out of memory in reply_readmpx\n"));
6194 END_PROFILE(SMBwriteBmpx);
6195 return(ERROR_DOS(ERRSRV,ERRnoresource));
6197 wbms->wr_mode = write_through;
6198 wbms->wr_discard = False; /* No errors yet */
6199 wbms->wr_total_written = nwritten;
6200 wbms->wr_errclass = 0;
6202 fsp->wbmpx_ptr = wbms;
6205 /* We are returning successfully, set the message type back to
6207 SCVAL(outbuf,smb_com,SMBwriteBmpx);
6209 outsize = set_message(inbuf,outbuf,1,0,True);
6211 SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */
6213 DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n",
6214 fsp->fnum, (int)numtowrite, (int)nwritten ) );
6216 if (write_through && tcount==nwritten) {
6217 /* We need to send both a primary and a secondary response */
6218 smb_setlen(inbuf,outbuf,outsize - 4);
6220 if (!send_smb(smbd_server_fd(),outbuf))
6221 exit_server_cleanly("reply_writebmpx: send_smb failed.");
6223 /* Now the secondary */
6224 outsize = set_message(inbuf,outbuf,1,0,True);
6225 SCVAL(outbuf,smb_com,SMBwritec);
6226 SSVAL(outbuf,smb_vwv0,nwritten);
6229 END_PROFILE(SMBwriteBmpx);
6233 /****************************************************************************
6234 Reply to a SMBwritebs (write block multiplex secondary) request.
6235 ****************************************************************************/
6237 int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
6240 ssize_t nwritten = -1;
6247 write_bmpx_struct *wbms;
6248 BOOL send_response = False;
6249 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6251 START_PROFILE(SMBwriteBs);
6253 CHECK_FSP(fsp,conn);
6254 if (!CHECK_WRITE(fsp)) {
6255 return(ERROR_DOS(ERRDOS,ERRbadaccess));
6258 tcount = SVAL(inbuf,smb_vwv1);
6259 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
6260 numtowrite = SVAL(inbuf,smb_vwv6);
6261 smb_doff = SVAL(inbuf,smb_vwv7);
6263 data = smb_base(inbuf) + smb_doff;
6265 /* We need to send an SMBwriteC response, not an SMBwritebs */
6266 SCVAL(outbuf,smb_com,SMBwritec);
6268 /* This fd should have an auxiliary struct attached,
6269 check that it does */
6270 wbms = fsp->wbmpx_ptr;
6272 END_PROFILE(SMBwriteBs);
6276 /* If write through is set we can return errors, else we must cache them */
6277 write_through = wbms->wr_mode;
6279 /* Check for an earlier error */
6280 if(wbms->wr_discard) {
6281 END_PROFILE(SMBwriteBs);
6282 return -1; /* Just discard the packet */
6285 nwritten = write_file(fsp,data,startpos,numtowrite);
6287 status = sync_file(conn, fsp, write_through);
6289 if (nwritten < (ssize_t)numtowrite || !NT_STATUS_IS_OK(status)) {
6291 /* We are returning an error - we can delete the aux struct */
6294 fsp->wbmpx_ptr = NULL;
6295 END_PROFILE(SMBwriteBs);
6296 return(ERROR_DOS(ERRHRD,ERRdiskfull));
6298 wbms->wr_errclass = ERRHRD;
6299 wbms->wr_error = ERRdiskfull;
6300 wbms->wr_status = NT_STATUS_DISK_FULL;
6301 wbms->wr_discard = True;
6302 END_PROFILE(SMBwriteBs);
6306 /* Increment the total written, if this matches tcount
6307 we can discard the auxiliary struct (hurrah !) and return a writeC */
6308 wbms->wr_total_written += nwritten;
6309 if(wbms->wr_total_written >= tcount) {
6310 if (write_through) {
6311 outsize = set_message(inbuf,outbuf,1,0,True);
6312 SSVAL(outbuf,smb_vwv0,wbms->wr_total_written);
6313 send_response = True;
6317 fsp->wbmpx_ptr = NULL;
6321 END_PROFILE(SMBwriteBs);
6325 END_PROFILE(SMBwriteBs);
6329 /****************************************************************************
6330 Reply to a SMBgetattrE.
6331 ****************************************************************************/
6333 int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
6335 SMB_STRUCT_STAT sbuf;
6338 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6339 START_PROFILE(SMBgetattrE);
6341 outsize = set_message(inbuf,outbuf,11,0,True);
6343 if(!fsp || (fsp->conn != conn)) {
6344 END_PROFILE(SMBgetattrE);
6345 return ERROR_DOS(ERRDOS,ERRbadfid);
6348 /* Do an fstat on this file */
6349 if(fsp_stat(fsp, &sbuf)) {
6350 END_PROFILE(SMBgetattrE);
6351 return(UNIXERROR(ERRDOS,ERRnoaccess));
6354 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
6357 * Convert the times into dos times. Set create
6358 * date to be last modify date as UNIX doesn't save
6362 srv_put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn))));
6363 srv_put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime);
6364 /* Should we check pending modtime here ? JRA */
6365 srv_put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime);
6368 SIVAL(outbuf,smb_vwv6,0);
6369 SIVAL(outbuf,smb_vwv8,0);
6371 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
6372 SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size);
6373 SIVAL(outbuf,smb_vwv8,allocation_size);
6375 SSVAL(outbuf,smb_vwv10, mode);
6377 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
6379 END_PROFILE(SMBgetattrE);
git.samba.org / samba.git / blob