2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol;
32 unsigned int smb_echo_count = 0;
33 extern uint32 global_client_caps;
35 extern struct current_user current_user;
36 extern BOOL global_encrypted_passwords_negotiated;
38 /****************************************************************************
39 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
40 path or anything including wildcards.
41 We're assuming here that '/' is not the second byte in any multibyte char
42 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
44 ****************************************************************************/
46 /* Custom version for processing POSIX paths. */
47 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
49 static NTSTATUS check_path_syntax_internal(char *path,
51 BOOL *p_last_component_contains_wcard)
55 NTSTATUS ret = NT_STATUS_OK;
56 BOOL start_of_name_component = True;
58 *p_last_component_contains_wcard = False;
61 if (IS_PATH_SEP(*s,posix_path)) {
63 * Safe to assume is not the second part of a mb char
64 * as this is handled below.
66 /* Eat multiple '/' or '\\' */
67 while (IS_PATH_SEP(*s,posix_path)) {
70 if ((d != path) && (*s != '\0')) {
71 /* We only care about non-leading or trailing '/' or '\\' */
75 start_of_name_component = True;
77 *p_last_component_contains_wcard = False;
81 if (start_of_name_component) {
82 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
83 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
86 * No mb char starts with '.' so we're safe checking the directory separator here.
89 /* If we just added a '/' - delete it */
90 if ((d > path) && (*(d-1) == '/')) {
95 /* Are we at the start ? Can't go back further if so. */
97 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
100 /* Go back one level... */
101 /* We know this is safe as '/' cannot be part of a mb sequence. */
102 /* NOTE - if this assumption is invalid we are not in good shape... */
103 /* Decrement d first as d points to the *next* char to write into. */
104 for (d--; d > path; d--) {
108 s += 2; /* Else go past the .. */
109 /* We're still at the start of a name component, just the previous one. */
112 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
125 return NT_STATUS_OBJECT_NAME_INVALID;
133 *p_last_component_contains_wcard = True;
142 /* Get the size of the next MB character. */
143 next_codepoint(s,&siz);
161 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
163 return NT_STATUS_INVALID_PARAMETER;
166 start_of_name_component = False;
173 /****************************************************************************
174 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
175 No wildcards allowed.
176 ****************************************************************************/
178 NTSTATUS check_path_syntax(char *path)
181 return check_path_syntax_internal(path, False, &ignore);
184 /****************************************************************************
185 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
186 Wildcards allowed - p_contains_wcard returns true if the last component contained
188 ****************************************************************************/
190 NTSTATUS check_path_syntax_wcard(char *path, BOOL *p_contains_wcard)
192 return check_path_syntax_internal(path, False, p_contains_wcard);
195 /****************************************************************************
196 Check the path for a POSIX client.
197 We're assuming here that '/' is not the second byte in any multibyte char
198 set (a safe assumption).
199 ****************************************************************************/
201 NTSTATUS check_path_syntax_posix(char *path)
204 return check_path_syntax_internal(path, True, &ignore);
207 /****************************************************************************
208 Pull a string and check the path allowing a wilcard - provide for error return.
209 ****************************************************************************/
211 size_t srvstr_get_path_wcard(const char *inbuf, uint16 smb_flags2, char *dest,
212 const char *src, size_t dest_len, size_t src_len,
213 int flags, NTSTATUS *err, BOOL *contains_wcard)
217 SMB_ASSERT(dest_len == sizeof(pstring));
221 ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src,
224 ret = srvstr_pull(inbuf, smb_flags2, dest, src,
225 dest_len, src_len, flags);
228 *contains_wcard = False;
230 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
232 * For a DFS path the function parse_dfs_path()
233 * will do the path processing, just make a copy.
239 if (lp_posix_pathnames()) {
240 *err = check_path_syntax_posix(dest);
242 *err = check_path_syntax_wcard(dest, contains_wcard);
248 /****************************************************************************
249 Pull a string and check the path - provide for error return.
250 ****************************************************************************/
252 size_t srvstr_get_path(const char *inbuf, uint16 smb_flags2, char *dest,
253 const char *src, size_t dest_len, size_t src_len,
254 int flags, NTSTATUS *err)
258 SMB_ASSERT(dest_len == sizeof(pstring));
262 ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src,
265 ret = srvstr_pull(inbuf, smb_flags2, dest, src,
266 dest_len, src_len, flags);
269 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err = check_path_syntax_posix(dest);
281 *err = check_path_syntax(dest);
287 /****************************************************************************
288 Check if we have a correct fsp pointing to a file. Replacement for the
290 ****************************************************************************/
291 BOOL check_fsp(connection_struct *conn, struct smb_request *req,
292 files_struct *fsp, struct current_user *user)
294 if (!(fsp) || !(conn)) {
295 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
298 if (((conn) != (fsp)->conn) || user->vuid != (fsp)->vuid) {
299 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
302 if ((fsp)->is_directory) {
303 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
306 if ((fsp)->fh->fd == -1) {
307 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
310 (fsp)->num_smb_operations++;
314 /****************************************************************************
315 Reply to a (netbios-level) special message.
316 ****************************************************************************/
318 void reply_special(char *inbuf)
320 int msg_type = CVAL(inbuf,0);
321 int msg_flags = CVAL(inbuf,1);
326 * We only really use 4 bytes of the outbuf, but for the smb_setlen
327 * calculation & friends (send_smb uses that) we need the full smb
330 char outbuf[smb_size];
332 static BOOL already_got_session = False;
336 memset(outbuf, '\0', sizeof(outbuf));
338 smb_setlen(inbuf,outbuf,0);
341 case 0x81: /* session request */
343 if (already_got_session) {
344 exit_server_cleanly("multiple session request not permitted");
347 SCVAL(outbuf,0,0x82);
349 if (name_len(inbuf+4) > 50 ||
350 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
351 DEBUG(0,("Invalid name length in session request\n"));
354 name_extract(inbuf,4,name1);
355 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
356 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
359 set_local_machine_name(name1, True);
360 set_remote_machine_name(name2, True);
362 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
363 get_local_machine_name(), get_remote_machine_name(),
366 if (name_type == 'R') {
367 /* We are being asked for a pathworks session ---
369 SCVAL(outbuf, 0,0x83);
373 /* only add the client's machine name to the list
374 of possibly valid usernames if we are operating
375 in share mode security */
376 if (lp_security() == SEC_SHARE) {
377 add_session_user(get_remote_machine_name());
380 reload_services(True);
383 already_got_session = True;
386 case 0x89: /* session keepalive request
387 (some old clients produce this?) */
388 SCVAL(outbuf,0,SMBkeepalive);
392 case 0x82: /* positive session response */
393 case 0x83: /* negative session response */
394 case 0x84: /* retarget session response */
395 DEBUG(0,("Unexpected session response\n"));
398 case SMBkeepalive: /* session keepalive */
403 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
404 msg_type, msg_flags));
406 send_smb(smbd_server_fd(), outbuf);
410 /****************************************************************************
412 conn POINTER CAN BE NULL HERE !
413 ****************************************************************************/
415 int reply_tcon(connection_struct *conn,
416 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
420 char *service_buf = NULL;
421 char *password = NULL;
424 uint16 vuid = SVAL(inbuf,smb_uid);
428 DATA_BLOB password_blob;
430 START_PROFILE(SMBtcon);
432 ctx = talloc_init("reply_tcon");
434 END_PROFILE(SMBtcon);
435 return ERROR_NT(NT_STATUS_NO_MEMORY);
438 p = smb_buf(inbuf)+1;
439 p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2),
440 &service_buf, p, STR_TERMINATE) + 1;
441 pwlen = srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2),
442 &password, p, STR_TERMINATE) + 1;
444 p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2),
445 &dev, p, STR_TERMINATE) + 1;
447 if (service_buf == NULL || password == NULL || dev == NULL) {
449 END_PROFILE(SMBtcon);
450 return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
452 p = strrchr_m(service_buf,'\\');
456 service = service_buf;
459 password_blob = data_blob(password, pwlen+1);
461 conn = make_connection(service,password_blob,dev,vuid,&nt_status);
463 data_blob_clear_free(&password_blob);
467 END_PROFILE(SMBtcon);
468 return ERROR_NT(nt_status);
471 outsize = set_message(inbuf,outbuf,2,0,True);
472 SSVAL(outbuf,smb_vwv0,max_recv);
473 SSVAL(outbuf,smb_vwv1,conn->cnum);
474 SSVAL(outbuf,smb_tid,conn->cnum);
476 DEBUG(3,("tcon service=%s cnum=%d\n",
477 service, conn->cnum));
479 END_PROFILE(SMBtcon);
484 /****************************************************************************
485 Reply to a tcon and X.
486 conn POINTER CAN BE NULL HERE !
487 ****************************************************************************/
489 void reply_tcon_and_X(connection_struct *conn, struct smb_request *req)
491 char *service = NULL;
494 TALLOC_CTX *ctx = NULL;
495 /* what the cleint thinks the device is */
496 char *client_devicetype = NULL;
497 /* what the server tells the client the share represents */
498 const char *server_devicetype;
505 START_PROFILE(SMBtconX);
508 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
509 END_PROFILE(SMBtconX);
513 passlen = SVAL(req->inbuf,smb_vwv3);
514 tcon_flags = SVAL(req->inbuf,smb_vwv2);
516 /* we might have to close an old one */
517 if ((tcon_flags & 0x1) && conn) {
518 close_cnum(conn,req->vuid);
521 if ((passlen > MAX_PASS_LEN) || (passlen >= smb_buflen(req->inbuf))) {
522 reply_doserror(req, ERRDOS, ERRbuftoosmall);
523 END_PROFILE(SMBtconX);
527 if (global_encrypted_passwords_negotiated) {
528 password = data_blob(smb_buf(req->inbuf),passlen);
529 if (lp_security() == SEC_SHARE) {
531 * Security = share always has a pad byte
532 * after the password.
534 p = smb_buf(req->inbuf) + passlen + 1;
536 p = smb_buf(req->inbuf) + passlen;
539 password = data_blob(smb_buf(req->inbuf),passlen+1);
540 /* Ensure correct termination */
541 password.data[passlen]=0;
542 p = smb_buf(req->inbuf) + passlen + 1;
545 ctx = talloc_init("reply_tcon_and_X");
547 data_blob_clear_free(&password);
548 reply_nterror(req, NT_STATUS_NO_MEMORY);
549 END_PROFILE(SMBtconX);
552 p += srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2, &path, p,
556 data_blob_clear_free(&password);
558 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
559 END_PROFILE(SMBtconX);
564 * the service name can be either: \\server\share
565 * or share directly like on the DELL PowerVault 705
568 q = strchr_m(path+2,'\\');
570 data_blob_clear_free(&password);
572 reply_doserror(req, ERRDOS, ERRnosuchshare);
573 END_PROFILE(SMBtconX);
581 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
582 &client_devicetype, p,
583 MIN(6,smb_bufrem(req->inbuf, p)), STR_ASCII);
585 if (client_devicetype == NULL) {
586 data_blob_clear_free(&password);
588 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
589 END_PROFILE(SMBtconX);
593 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
595 conn = make_connection(service, password, client_devicetype,
596 req->vuid, &nt_status);
598 data_blob_clear_free(&password);
602 reply_nterror(req, nt_status);
603 END_PROFILE(SMBtconX);
608 server_devicetype = "IPC";
609 else if ( IS_PRINT(conn) )
610 server_devicetype = "LPT1:";
612 server_devicetype = "A:";
614 if (Protocol < PROTOCOL_NT1) {
615 reply_outbuf(req, 2, 0);
616 if (message_push_string(&req->outbuf, server_devicetype,
617 STR_TERMINATE|STR_ASCII) == -1) {
619 reply_nterror(req, NT_STATUS_NO_MEMORY);
620 END_PROFILE(SMBtconX);
624 /* NT sets the fstype of IPC$ to the null string */
625 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
627 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
628 /* Return permissions. */
632 reply_outbuf(req, 7, 0);
635 perm1 = FILE_ALL_ACCESS;
636 perm2 = FILE_ALL_ACCESS;
638 perm1 = CAN_WRITE(conn) ?
643 SIVAL(req->outbuf, smb_vwv3, perm1);
644 SIVAL(req->outbuf, smb_vwv5, perm2);
646 reply_outbuf(req, 3, 0);
649 if ((message_push_string(&req->outbuf, server_devicetype,
650 STR_TERMINATE|STR_ASCII) == -1)
651 || (message_push_string(&req->outbuf, fstype,
652 STR_TERMINATE) == -1)) {
654 reply_nterror(req, NT_STATUS_NO_MEMORY);
655 END_PROFILE(SMBtconX);
659 /* what does setting this bit do? It is set by NT4 and
660 may affect the ability to autorun mounted cdroms */
661 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
662 (lp_csc_policy(SNUM(conn)) << 2));
664 init_dfsroot(conn, req->inbuf, req->outbuf);
668 DEBUG(3,("tconX service=%s \n",
671 /* set the incoming and outgoing tid to the just created one */
672 SSVAL(req->inbuf,smb_tid,conn->cnum);
673 SSVAL(req->outbuf,smb_tid,conn->cnum);
676 END_PROFILE(SMBtconX);
678 chain_reply_new(req);
682 /****************************************************************************
683 Reply to an unknown type.
684 ****************************************************************************/
686 int reply_unknown(char *inbuf,char *outbuf)
689 type = CVAL(inbuf,smb_com);
691 DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n",
692 smb_fn_name(type), type, type));
694 return(ERROR_DOS(ERRSRV,ERRunknownsmb));
697 void reply_unknown_new(struct smb_request *req, uint8 type)
699 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
700 smb_fn_name(type), type, type));
701 reply_doserror(req, ERRSRV, ERRunknownsmb);
705 /****************************************************************************
707 conn POINTER CAN BE NULL HERE !
708 ****************************************************************************/
710 int reply_ioctl(connection_struct *conn,
711 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
713 uint16 device = SVAL(inbuf,smb_vwv1);
714 uint16 function = SVAL(inbuf,smb_vwv2);
715 uint32 ioctl_code = (device << 16) + function;
716 int replysize, outsize;
718 START_PROFILE(SMBioctl);
720 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
722 switch (ioctl_code) {
723 case IOCTL_QUERY_JOB_INFO:
727 END_PROFILE(SMBioctl);
728 return(ERROR_DOS(ERRSRV,ERRnosupport));
731 outsize = set_message(inbuf,outbuf,8,replysize+1,True);
732 SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */
733 SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
734 SSVAL(outbuf,smb_vwv6,52); /* Offset to data */
735 p = smb_buf(outbuf) + 1; /* Allow for alignment */
737 switch (ioctl_code) {
738 case IOCTL_QUERY_JOB_INFO:
740 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
742 END_PROFILE(SMBioctl);
743 return(UNIXERROR(ERRDOS,ERRbadfid));
745 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
746 srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p+2,
748 STR_TERMINATE|STR_ASCII);
750 srvstr_push(outbuf, SVAL(outbuf, smb_flg2),
751 p+18, lp_servicename(SNUM(conn)),
752 13, STR_TERMINATE|STR_ASCII);
758 END_PROFILE(SMBioctl);
762 /****************************************************************************
763 Strange checkpath NTSTATUS mapping.
764 ****************************************************************************/
766 static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status)
768 /* Strange DOS error code semantics only for checkpath... */
769 if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) {
770 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
771 /* We need to map to ERRbadpath */
772 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
778 /****************************************************************************
779 Reply to a checkpath.
780 ****************************************************************************/
782 void reply_checkpath(connection_struct *conn, struct smb_request *req)
785 SMB_STRUCT_STAT sbuf;
788 START_PROFILE(SMBcheckpath);
790 srvstr_get_path((char *)req->inbuf, req->flags2, name,
791 smb_buf(req->inbuf) + 1, sizeof(name), 0,
792 STR_TERMINATE, &status);
793 if (!NT_STATUS_IS_OK(status)) {
794 status = map_checkpath_error((char *)req->inbuf, status);
795 reply_nterror(req, status);
796 END_PROFILE(SMBcheckpath);
800 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, name);
801 if (!NT_STATUS_IS_OK(status)) {
802 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
803 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
805 END_PROFILE(SMBcheckpath);
811 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->inbuf,smb_vwv0)));
813 status = unix_convert(conn, name, False, NULL, &sbuf);
814 if (!NT_STATUS_IS_OK(status)) {
818 status = check_name(conn, name);
819 if (!NT_STATUS_IS_OK(status)) {
820 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
824 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) {
825 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
826 status = map_nt_error_from_unix(errno);
830 if (!S_ISDIR(sbuf.st_mode)) {
831 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
833 END_PROFILE(SMBcheckpath);
837 reply_outbuf(req, 0, 0);
839 END_PROFILE(SMBcheckpath);
844 END_PROFILE(SMBcheckpath);
846 /* We special case this - as when a Windows machine
847 is parsing a path is steps through the components
848 one at a time - if a component fails it expects
849 ERRbadpath, not ERRbadfile.
851 status = map_checkpath_error((char *)req->inbuf, status);
852 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
854 * Windows returns different error codes if
855 * the parent directory is valid but not the
856 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
857 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
858 * if the path is invalid.
860 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
865 reply_nterror(req, status);
868 /****************************************************************************
870 ****************************************************************************/
872 int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
876 SMB_STRUCT_STAT sbuf;
883 START_PROFILE(SMBgetatr);
885 p = smb_buf(inbuf) + 1;
886 p += srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, p,
887 sizeof(fname), 0, STR_TERMINATE, &status);
888 if (!NT_STATUS_IS_OK(status)) {
889 END_PROFILE(SMBgetatr);
890 return ERROR_NT(status);
893 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
894 if (!NT_STATUS_IS_OK(status)) {
895 END_PROFILE(SMBgetatr);
896 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
897 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
899 return ERROR_NT(status);
902 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
903 under WfWg - weird! */
904 if (*fname == '\0') {
905 mode = aHIDDEN | aDIR;
906 if (!CAN_WRITE(conn)) {
912 status = unix_convert(conn, fname, False, NULL,&sbuf);
913 if (!NT_STATUS_IS_OK(status)) {
914 END_PROFILE(SMBgetatr);
915 return ERROR_NT(status);
917 status = check_name(conn, fname);
918 if (!NT_STATUS_IS_OK(status)) {
919 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
920 END_PROFILE(SMBgetatr);
921 return ERROR_NT(status);
923 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) {
924 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
925 return UNIXERROR(ERRDOS,ERRbadfile);
928 mode = dos_mode(conn,fname,&sbuf);
930 mtime = sbuf.st_mtime;
936 outsize = set_message(inbuf,outbuf,10,0,True);
938 SSVAL(outbuf,smb_vwv0,mode);
939 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
940 srv_put_dos_date3(outbuf,smb_vwv1,mtime & ~1);
942 srv_put_dos_date3(outbuf,smb_vwv1,mtime);
944 SIVAL(outbuf,smb_vwv3,(uint32)size);
946 if (Protocol >= PROTOCOL_NT1) {
947 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
950 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
952 END_PROFILE(SMBgetatr);
956 /****************************************************************************
958 ****************************************************************************/
960 int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
966 SMB_STRUCT_STAT sbuf;
970 START_PROFILE(SMBsetatr);
972 p = smb_buf(inbuf) + 1;
973 p += srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, p,
974 sizeof(fname), 0, STR_TERMINATE, &status);
975 if (!NT_STATUS_IS_OK(status)) {
976 END_PROFILE(SMBsetatr);
977 return ERROR_NT(status);
980 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
981 if (!NT_STATUS_IS_OK(status)) {
982 END_PROFILE(SMBsetatr);
983 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
984 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
986 return ERROR_NT(status);
989 status = unix_convert(conn, fname, False, NULL, &sbuf);
990 if (!NT_STATUS_IS_OK(status)) {
991 END_PROFILE(SMBsetatr);
992 return ERROR_NT(status);
995 status = check_name(conn, fname);
996 if (!NT_STATUS_IS_OK(status)) {
997 END_PROFILE(SMBsetatr);
998 return ERROR_NT(status);
1001 if (fname[0] == '.' && fname[1] == '\0') {
1003 * Not sure here is the right place to catch this
1004 * condition. Might be moved to somewhere else later -- vl
1006 END_PROFILE(SMBsetatr);
1007 return ERROR_NT(NT_STATUS_ACCESS_DENIED);
1010 mode = SVAL(inbuf,smb_vwv0);
1011 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
1013 if (mode != FILE_ATTRIBUTE_NORMAL) {
1014 if (VALID_STAT_OF_DIR(sbuf))
1019 if (file_set_dosmode(conn,fname,mode,&sbuf,False) != 0) {
1020 END_PROFILE(SMBsetatr);
1021 return UNIXERROR(ERRDOS, ERRnoaccess);
1025 if (!set_filetime(conn,fname,convert_time_t_to_timespec(mtime))) {
1026 END_PROFILE(SMBsetatr);
1027 return UNIXERROR(ERRDOS, ERRnoaccess);
1030 outsize = set_message(inbuf,outbuf,0,0,False);
1032 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1034 END_PROFILE(SMBsetatr);
1038 /****************************************************************************
1040 ****************************************************************************/
1042 void reply_dskattr(connection_struct *conn, struct smb_request *req)
1044 SMB_BIG_UINT dfree,dsize,bsize;
1045 START_PROFILE(SMBdskattr);
1047 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) {
1048 reply_unixerror(req, ERRHRD, ERRgeneral);
1049 END_PROFILE(SMBdskattr);
1053 reply_outbuf(req, 5, 0);
1055 if (Protocol <= PROTOCOL_LANMAN2) {
1056 double total_space, free_space;
1057 /* we need to scale this to a number that DOS6 can handle. We
1058 use floating point so we can handle large drives on systems
1059 that don't have 64 bit integers
1061 we end up displaying a maximum of 2G to DOS systems
1063 total_space = dsize * (double)bsize;
1064 free_space = dfree * (double)bsize;
1066 dsize = (total_space+63*512) / (64*512);
1067 dfree = (free_space+63*512) / (64*512);
1069 if (dsize > 0xFFFF) dsize = 0xFFFF;
1070 if (dfree > 0xFFFF) dfree = 0xFFFF;
1072 SSVAL(req->outbuf,smb_vwv0,dsize);
1073 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1074 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1075 SSVAL(req->outbuf,smb_vwv3,dfree);
1077 SSVAL(req->outbuf,smb_vwv0,dsize);
1078 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1079 SSVAL(req->outbuf,smb_vwv2,512);
1080 SSVAL(req->outbuf,smb_vwv3,dfree);
1083 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1085 END_PROFILE(SMBdskattr);
1089 /****************************************************************************
1091 Can be called from SMBsearch, SMBffirst or SMBfunique.
1092 ****************************************************************************/
1094 int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1104 unsigned int numentries = 0;
1105 unsigned int maxentries = 0;
1106 BOOL finished = False;
1112 BOOL check_descend = False;
1113 BOOL expect_close = False;
1115 BOOL mask_contains_wcard = False;
1116 BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1118 START_PROFILE(SMBsearch);
1120 if (lp_posix_pathnames()) {
1121 END_PROFILE(SMBsearch);
1122 return reply_unknown(inbuf, outbuf);
1125 *mask = *directory = *fname = 0;
1127 /* If we were called as SMBffirst then we must expect close. */
1128 if(CVAL(inbuf,smb_com) == SMBffirst) {
1129 expect_close = True;
1132 outsize = set_message(inbuf,outbuf,1,3,True);
1133 maxentries = SVAL(inbuf,smb_vwv0);
1134 dirtype = SVAL(inbuf,smb_vwv1);
1135 p = smb_buf(inbuf) + 1;
1136 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), path, p,
1137 sizeof(path), 0, STR_TERMINATE, &nt_status,
1138 &mask_contains_wcard);
1139 if (!NT_STATUS_IS_OK(nt_status)) {
1140 END_PROFILE(SMBsearch);
1141 return ERROR_NT(nt_status);
1144 nt_status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, path, &mask_contains_wcard);
1145 if (!NT_STATUS_IS_OK(nt_status)) {
1146 END_PROFILE(SMBsearch);
1147 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1148 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1150 return ERROR_NT(nt_status);
1154 status_len = SVAL(p, 0);
1157 /* dirtype &= ~aDIR; */
1159 if (status_len == 0) {
1160 SMB_STRUCT_STAT sbuf;
1162 pstrcpy(directory,path);
1163 nt_status = unix_convert(conn, directory, True, NULL, &sbuf);
1164 if (!NT_STATUS_IS_OK(nt_status)) {
1165 END_PROFILE(SMBsearch);
1166 return ERROR_NT(nt_status);
1169 nt_status = check_name(conn, directory);
1170 if (!NT_STATUS_IS_OK(nt_status)) {
1171 END_PROFILE(SMBsearch);
1172 return ERROR_NT(nt_status);
1175 p = strrchr_m(directory,'/');
1177 pstrcpy(mask,directory);
1178 pstrcpy(directory,".");
1184 if (*directory == '\0') {
1185 pstrcpy(directory,".");
1187 memset((char *)status,'\0',21);
1188 SCVAL(status,0,(dirtype & 0x1F));
1192 memcpy(status,p,21);
1193 status_dirtype = CVAL(status,0) & 0x1F;
1194 if (status_dirtype != (dirtype & 0x1F)) {
1195 dirtype = status_dirtype;
1198 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1199 if (!conn->dirptr) {
1202 string_set(&conn->dirpath,dptr_path(dptr_num));
1203 pstrcpy(mask, dptr_wcard(dptr_num));
1205 * For a 'continue' search we have no string. So
1206 * check from the initial saved string.
1208 mask_contains_wcard = ms_has_wild(mask);
1211 p = smb_buf(outbuf) + 3;
1213 if (status_len == 0) {
1214 nt_status = dptr_create(conn,
1218 SVAL(inbuf,smb_pid),
1220 mask_contains_wcard,
1223 if (!NT_STATUS_IS_OK(nt_status)) {
1224 return ERROR_NT(nt_status);
1226 dptr_num = dptr_dnum(conn->dirptr);
1228 dirtype = dptr_attr(dptr_num);
1231 DEBUG(4,("dptr_num is %d\n",dptr_num));
1233 if ((dirtype&0x1F) == aVOLID) {
1234 memcpy(p,status,21);
1235 make_dir_struct(p,"???????????",volume_label(SNUM(conn)),
1236 0,aVOLID,0,!allow_long_path_components);
1237 dptr_fill(p+12,dptr_num);
1238 if (dptr_zero(p+12) && (status_len==0)) {
1243 p += DIR_STRUCT_SIZE;
1246 maxentries = MIN(maxentries, ((BUFFER_SIZE - (p - outbuf))/DIR_STRUCT_SIZE));
1248 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1249 conn->dirpath,lp_dontdescend(SNUM(conn))));
1250 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1251 check_descend = True;
1254 for (i=numentries;(i<maxentries) && !finished;i++) {
1255 finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
1257 memcpy(p,status,21);
1258 make_dir_struct(p,mask,fname,size, mode,date,
1259 !allow_long_path_components);
1260 if (!dptr_fill(p+12,dptr_num)) {
1264 p += DIR_STRUCT_SIZE;
1271 /* If we were called as SMBffirst with smb_search_id == NULL
1272 and no entries were found then return error and close dirptr
1275 if (numentries == 0) {
1276 dptr_close(&dptr_num);
1277 } else if(expect_close && status_len == 0) {
1278 /* Close the dptr - we know it's gone */
1279 dptr_close(&dptr_num);
1282 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1283 if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) {
1284 dptr_close(&dptr_num);
1287 if ((numentries == 0) && !mask_contains_wcard) {
1288 return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles);
1291 SSVAL(outbuf,smb_vwv0,numentries);
1292 SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1293 SCVAL(smb_buf(outbuf),0,5);
1294 SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE);
1296 /* The replies here are never long name. */
1297 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1298 if (!allow_long_path_components) {
1299 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_LONG_PATH_COMPONENTS));
1302 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1303 SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1305 outsize += DIR_STRUCT_SIZE*numentries;
1306 smb_setlen(inbuf,outbuf,outsize - 4);
1308 if ((! *directory) && dptr_path(dptr_num))
1309 slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num));
1311 DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1312 smb_fn_name(CVAL(inbuf,smb_com)),
1313 mask, directory, dirtype, numentries, maxentries ) );
1315 END_PROFILE(SMBsearch);
1319 /****************************************************************************
1320 Reply to a fclose (stop directory search).
1321 ****************************************************************************/
1323 int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1332 BOOL path_contains_wcard = False;
1334 START_PROFILE(SMBfclose);
1336 if (lp_posix_pathnames()) {
1337 END_PROFILE(SMBfclose);
1338 return reply_unknown(inbuf, outbuf);
1341 outsize = set_message(inbuf,outbuf,1,0,True);
1342 p = smb_buf(inbuf) + 1;
1343 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), path, p,
1344 sizeof(path), 0, STR_TERMINATE, &err,
1345 &path_contains_wcard);
1346 if (!NT_STATUS_IS_OK(err)) {
1347 END_PROFILE(SMBfclose);
1348 return ERROR_NT(err);
1351 status_len = SVAL(p,0);
1354 if (status_len == 0) {
1355 END_PROFILE(SMBfclose);
1356 return ERROR_DOS(ERRSRV,ERRsrverror);
1359 memcpy(status,p,21);
1361 if(dptr_fetch(status+12,&dptr_num)) {
1362 /* Close the dptr - we know it's gone */
1363 dptr_close(&dptr_num);
1366 SSVAL(outbuf,smb_vwv0,0);
1368 DEBUG(3,("search close\n"));
1370 END_PROFILE(SMBfclose);
1374 /****************************************************************************
1376 ****************************************************************************/
1378 int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1386 SMB_STRUCT_STAT sbuf;
1388 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1390 uint32 dos_attr = SVAL(inbuf,smb_vwv1);
1393 uint32 create_disposition;
1394 uint32 create_options = 0;
1396 struct smb_request req;
1398 START_PROFILE(SMBopen);
1400 init_smb_request(&req, (uint8 *)inbuf);
1402 deny_mode = SVAL(inbuf,smb_vwv0);
1404 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1,
1405 sizeof(fname), 0, STR_TERMINATE, &status);
1406 if (!NT_STATUS_IS_OK(status)) {
1407 END_PROFILE(SMBopen);
1408 return ERROR_NT(status);
1411 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1412 if (!NT_STATUS_IS_OK(status)) {
1413 END_PROFILE(SMBopen);
1414 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1415 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1417 return ERROR_NT(status);
1420 status = unix_convert(conn, fname, False, NULL, &sbuf);
1421 if (!NT_STATUS_IS_OK(status)) {
1422 END_PROFILE(SMBopen);
1423 return ERROR_NT(status);
1426 status = check_name(conn, fname);
1427 if (!NT_STATUS_IS_OK(status)) {
1428 END_PROFILE(SMBopen);
1429 return ERROR_NT(status);
1432 if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN,
1433 &access_mask, &share_mode, &create_disposition, &create_options)) {
1434 END_PROFILE(SMBopen);
1435 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1438 status = open_file_ntcreate(conn, &req, fname, &sbuf,
1447 if (!NT_STATUS_IS_OK(status)) {
1448 END_PROFILE(SMBopen);
1449 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1450 /* We have re-scheduled this call. */
1453 return ERROR_NT(status);
1456 size = sbuf.st_size;
1457 fattr = dos_mode(conn,fname,&sbuf);
1458 mtime = sbuf.st_mtime;
1461 DEBUG(3,("attempt to open a directory %s\n",fname));
1462 close_file(fsp,ERROR_CLOSE);
1463 END_PROFILE(SMBopen);
1464 return ERROR_DOS(ERRDOS,ERRnoaccess);
1467 outsize = set_message(inbuf,outbuf,7,0,True);
1468 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1469 SSVAL(outbuf,smb_vwv1,fattr);
1470 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1471 srv_put_dos_date3(outbuf,smb_vwv2,mtime & ~1);
1473 srv_put_dos_date3(outbuf,smb_vwv2,mtime);
1475 SIVAL(outbuf,smb_vwv4,(uint32)size);
1476 SSVAL(outbuf,smb_vwv6,deny_mode);
1478 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1479 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1482 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1483 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1485 END_PROFILE(SMBopen);
1489 /****************************************************************************
1490 Reply to an open and X.
1491 ****************************************************************************/
1493 void reply_open_and_X(connection_struct *conn, struct smb_request *req)
1499 /* Breakout the oplock request bits so we can set the
1500 reply bits separately. */
1501 int ex_oplock_request;
1502 int core_oplock_request;
1505 int smb_sattr = SVAL(req->inbuf,smb_vwv4);
1506 uint32 smb_time = make_unix_date3(req->inbuf+smb_vwv6);
1511 SMB_STRUCT_STAT sbuf;
1515 SMB_BIG_UINT allocation_size;
1516 ssize_t retval = -1;
1519 uint32 create_disposition;
1520 uint32 create_options = 0;
1522 START_PROFILE(SMBopenX);
1524 if (req->wct < 15) {
1525 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1526 END_PROFILE(SMBopenX);
1530 open_flags = SVAL(req->inbuf,smb_vwv2);
1531 deny_mode = SVAL(req->inbuf,smb_vwv3);
1532 smb_attr = SVAL(req->inbuf,smb_vwv5);
1533 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1534 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1535 oplock_request = ex_oplock_request | core_oplock_request;
1536 smb_ofun = SVAL(req->inbuf,smb_vwv8);
1537 allocation_size = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv9);
1539 /* If it's an IPC, pass off the pipe handler. */
1541 if (lp_nt_pipe_support()) {
1542 reply_open_pipe_and_X(conn, req);
1544 reply_doserror(req, ERRSRV, ERRaccess);
1546 END_PROFILE(SMBopenX);
1550 /* XXXX we need to handle passed times, sattr and flags */
1551 srvstr_get_path((char *)req->inbuf, req->flags2, fname,
1552 smb_buf(req->inbuf), sizeof(fname), 0, STR_TERMINATE,
1554 if (!NT_STATUS_IS_OK(status)) {
1555 reply_nterror(req, status);
1556 END_PROFILE(SMBopenX);
1560 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
1562 if (!NT_STATUS_IS_OK(status)) {
1563 END_PROFILE(SMBopenX);
1564 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1565 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1566 ERRSRV, ERRbadpath);
1569 reply_nterror(req, status);
1573 status = unix_convert(conn, fname, False, NULL, &sbuf);
1574 if (!NT_STATUS_IS_OK(status)) {
1575 reply_nterror(req, status);
1576 END_PROFILE(SMBopenX);
1580 status = check_name(conn, fname);
1581 if (!NT_STATUS_IS_OK(status)) {
1582 reply_nterror(req, status);
1583 END_PROFILE(SMBopenX);
1587 if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun,
1590 &create_disposition,
1592 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1593 END_PROFILE(SMBopenX);
1597 status = open_file_ntcreate(conn, req, fname, &sbuf,
1606 if (!NT_STATUS_IS_OK(status)) {
1607 END_PROFILE(SMBopenX);
1608 if (open_was_deferred(req->mid)) {
1609 /* We have re-scheduled this call. */
1612 reply_nterror(req, status);
1616 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1617 if the file is truncated or created. */
1618 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1619 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1620 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1621 close_file(fsp,ERROR_CLOSE);
1622 reply_nterror(req, NT_STATUS_DISK_FULL);
1623 END_PROFILE(SMBopenX);
1626 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1628 close_file(fsp,ERROR_CLOSE);
1629 reply_nterror(req, NT_STATUS_DISK_FULL);
1630 END_PROFILE(SMBopenX);
1633 sbuf.st_size = get_allocation_size(conn,fsp,&sbuf);
1636 fattr = dos_mode(conn,fname,&sbuf);
1637 mtime = sbuf.st_mtime;
1639 close_file(fsp,ERROR_CLOSE);
1640 reply_doserror(req, ERRDOS, ERRnoaccess);
1641 END_PROFILE(SMBopenX);
1645 /* If the caller set the extended oplock request bit
1646 and we granted one (by whatever means) - set the
1647 correct bit for extended oplock reply.
1650 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1651 smb_action |= EXTENDED_OPLOCK_GRANTED;
1654 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1655 smb_action |= EXTENDED_OPLOCK_GRANTED;
1658 /* If the caller set the core oplock request bit
1659 and we granted one (by whatever means) - set the
1660 correct bit for core oplock reply.
1663 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1664 reply_outbuf(req, 19, 0);
1666 reply_outbuf(req, 15, 0);
1669 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1670 SCVAL(req->outbuf, smb_flg,
1671 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1674 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1675 SCVAL(req->outbuf, smb_flg,
1676 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1679 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
1680 SSVAL(req->outbuf,smb_vwv3,fattr);
1681 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1682 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
1684 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
1686 SIVAL(req->outbuf,smb_vwv6,(uint32)sbuf.st_size);
1687 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1688 SSVAL(req->outbuf,smb_vwv11,smb_action);
1690 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1691 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1694 END_PROFILE(SMBopenX);
1695 chain_reply_new(req);
1699 /****************************************************************************
1700 Reply to a SMBulogoffX.
1701 conn POINTER CAN BE NULL HERE !
1702 ****************************************************************************/
1704 void reply_ulogoffX(connection_struct *conn, struct smb_request *req)
1708 START_PROFILE(SMBulogoffX);
1710 vuser = get_valid_user_struct(req->vuid);
1713 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1717 /* in user level security we are supposed to close any files
1718 open by this user */
1719 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
1720 file_close_user(req->vuid);
1723 invalidate_vuid(req->vuid);
1725 reply_outbuf(req, 2, 0);
1727 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
1729 END_PROFILE(SMBulogoffX);
1730 chain_reply_new(req);
1733 /****************************************************************************
1734 Reply to a mknew or a create.
1735 ****************************************************************************/
1737 int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1742 uint32 fattr = SVAL(inbuf,smb_vwv0);
1743 struct timespec ts[2];
1745 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1746 SMB_STRUCT_STAT sbuf;
1748 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1749 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1750 uint32 create_disposition;
1751 uint32 create_options = 0;
1752 struct smb_request req;
1754 START_PROFILE(SMBcreate);
1756 init_smb_request(&req, (uint8 *)inbuf);
1758 com = SVAL(inbuf,smb_com);
1760 ts[1] = convert_time_t_to_timespec(srv_make_unix_date3(inbuf + smb_vwv1)); /* mtime. */
1762 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf) + 1,
1763 sizeof(fname), 0, STR_TERMINATE, &status);
1764 if (!NT_STATUS_IS_OK(status)) {
1765 END_PROFILE(SMBcreate);
1766 return ERROR_NT(status);
1769 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1770 if (!NT_STATUS_IS_OK(status)) {
1771 END_PROFILE(SMBcreate);
1772 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1773 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1775 return ERROR_NT(status);
1778 status = unix_convert(conn, fname, False, NULL, &sbuf);
1779 if (!NT_STATUS_IS_OK(status)) {
1780 END_PROFILE(SMBcreate);
1781 return ERROR_NT(status);
1784 status = check_name(conn, fname);
1785 if (!NT_STATUS_IS_OK(status)) {
1786 END_PROFILE(SMBcreate);
1787 return ERROR_NT(status);
1790 if (fattr & aVOLID) {
1791 DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname));
1794 if(com == SMBmknew) {
1795 /* We should fail if file exists. */
1796 create_disposition = FILE_CREATE;
1798 /* Create if file doesn't exist, truncate if it does. */
1799 create_disposition = FILE_OVERWRITE_IF;
1802 /* Open file using ntcreate. */
1803 status = open_file_ntcreate(conn, &req, fname, &sbuf,
1812 if (!NT_STATUS_IS_OK(status)) {
1813 END_PROFILE(SMBcreate);
1814 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1815 /* We have re-scheduled this call. */
1818 return ERROR_NT(status);
1821 ts[0] = get_atimespec(&sbuf); /* atime. */
1822 file_ntimes(conn, fname, ts);
1824 outsize = set_message(inbuf,outbuf,1,0,True);
1825 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1827 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1828 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1831 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1832 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1835 DEBUG( 2, ( "reply_mknew: file %s\n", fname ) );
1836 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n", fname, fsp->fh->fd, (unsigned int)fattr ) );
1838 END_PROFILE(SMBcreate);
1842 /****************************************************************************
1843 Reply to a create temporary file.
1844 ****************************************************************************/
1846 int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1850 uint32 fattr = SVAL(inbuf,smb_vwv0);
1852 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1854 SMB_STRUCT_STAT sbuf;
1857 unsigned int namelen;
1858 struct smb_request req;
1860 START_PROFILE(SMBctemp);
1862 init_smb_request(&req, (uint8 *)inbuf);
1864 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1,
1865 sizeof(fname), 0, STR_TERMINATE, &status);
1866 if (!NT_STATUS_IS_OK(status)) {
1867 END_PROFILE(SMBctemp);
1868 return ERROR_NT(status);
1871 pstrcat(fname,"/TMXXXXXX");
1873 pstrcat(fname,"TMXXXXXX");
1876 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1877 if (!NT_STATUS_IS_OK(status)) {
1878 END_PROFILE(SMBctemp);
1879 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1880 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1882 return ERROR_NT(status);
1885 status = unix_convert(conn, fname, False, NULL, &sbuf);
1886 if (!NT_STATUS_IS_OK(status)) {
1887 END_PROFILE(SMBctemp);
1888 return ERROR_NT(status);
1891 status = check_name(conn, fname);
1892 if (!NT_STATUS_IS_OK(status)) {
1893 END_PROFILE(SMBctemp);
1894 return ERROR_NT(status);
1897 tmpfd = smb_mkstemp(fname);
1899 END_PROFILE(SMBctemp);
1900 return(UNIXERROR(ERRDOS,ERRnoaccess));
1903 SMB_VFS_STAT(conn,fname,&sbuf);
1905 /* We should fail if file does not exist. */
1906 status = open_file_ntcreate(conn, &req, fname, &sbuf,
1907 FILE_GENERIC_READ | FILE_GENERIC_WRITE,
1908 FILE_SHARE_READ|FILE_SHARE_WRITE,
1915 /* close fd from smb_mkstemp() */
1918 if (!NT_STATUS_IS_OK(status)) {
1919 END_PROFILE(SMBctemp);
1920 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1921 /* We have re-scheduled this call. */
1924 return ERROR_NT(status);
1927 outsize = set_message(inbuf,outbuf,1,0,True);
1928 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1930 /* the returned filename is relative to the directory */
1931 s = strrchr_m(fname, '/');
1938 p = smb_buf(outbuf);
1940 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
1941 thing in the byte section. JRA */
1942 SSVALS(p, 0, -1); /* what is this? not in spec */
1944 namelen = srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p, s, -1,
1945 STR_ASCII|STR_TERMINATE);
1947 outsize = set_message_end(inbuf,outbuf, p);
1949 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1950 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1953 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1954 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1957 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) );
1958 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fname, fsp->fh->fd,
1959 (unsigned int)sbuf.st_mode ) );
1961 END_PROFILE(SMBctemp);
1965 /*******************************************************************
1966 Check if a user is allowed to rename a file.
1967 ********************************************************************/
1969 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
1970 uint16 dirtype, SMB_STRUCT_STAT *pst)
1974 if (!CAN_WRITE(conn)) {
1975 return NT_STATUS_MEDIA_WRITE_PROTECTED;
1978 fmode = dos_mode(conn, fsp->fsp_name, pst);
1979 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
1980 return NT_STATUS_NO_SUCH_FILE;
1983 if (S_ISDIR(pst->st_mode)) {
1984 return NT_STATUS_OK;
1987 if (fsp->access_mask & DELETE_ACCESS) {
1988 return NT_STATUS_OK;
1991 return NT_STATUS_ACCESS_DENIED;
1994 /*******************************************************************
1995 * unlink a file with all relevant access checks
1996 *******************************************************************/
1998 static NTSTATUS do_unlink(connection_struct *conn, struct smb_request *req,
1999 char *fname, uint32 dirtype)
2001 SMB_STRUCT_STAT sbuf;
2004 uint32 dirtype_orig = dirtype;
2007 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2009 if (!CAN_WRITE(conn)) {
2010 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2013 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
2014 return map_nt_error_from_unix(errno);
2017 fattr = dos_mode(conn,fname,&sbuf);
2019 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2020 dirtype = aDIR|aARCH|aRONLY;
2023 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2025 return NT_STATUS_NO_SUCH_FILE;
2028 if (!dir_check_ftype(conn, fattr, dirtype)) {
2030 return NT_STATUS_FILE_IS_A_DIRECTORY;
2032 return NT_STATUS_NO_SUCH_FILE;
2035 if (dirtype_orig & 0x8000) {
2036 /* These will never be set for POSIX. */
2037 return NT_STATUS_NO_SUCH_FILE;
2041 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2042 return NT_STATUS_FILE_IS_A_DIRECTORY;
2045 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2046 return NT_STATUS_NO_SUCH_FILE;
2049 if (dirtype & 0xFF00) {
2050 /* These will never be set for POSIX. */
2051 return NT_STATUS_NO_SUCH_FILE;
2056 return NT_STATUS_NO_SUCH_FILE;
2059 /* Can't delete a directory. */
2061 return NT_STATUS_FILE_IS_A_DIRECTORY;
2066 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2067 return NT_STATUS_OBJECT_NAME_INVALID;
2068 #endif /* JRATEST */
2070 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2072 On a Windows share, a file with read-only dosmode can be opened with
2073 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2074 fails with NT_STATUS_CANNOT_DELETE error.
2076 This semantic causes a problem that a user can not
2077 rename a file with read-only dosmode on a Samba share
2078 from a Windows command prompt (i.e. cmd.exe, but can rename
2079 from Windows Explorer).
2082 if (!lp_delete_readonly(SNUM(conn))) {
2083 if (fattr & aRONLY) {
2084 return NT_STATUS_CANNOT_DELETE;
2088 /* On open checks the open itself will check the share mode, so
2089 don't do it here as we'll get it wrong. */
2091 status = open_file_ntcreate(conn, req, fname, &sbuf,
2096 FILE_ATTRIBUTE_NORMAL,
2097 req != NULL ? 0 : INTERNAL_OPEN_ONLY,
2100 if (!NT_STATUS_IS_OK(status)) {
2101 DEBUG(10, ("open_file_ntcreate failed: %s\n",
2102 nt_errstr(status)));
2106 /* The set is across all open files on this dev/inode pair. */
2107 if (!set_delete_on_close(fsp, True, ¤t_user.ut)) {
2108 close_file(fsp, NORMAL_CLOSE);
2109 return NT_STATUS_ACCESS_DENIED;
2112 return close_file(fsp,NORMAL_CLOSE);
2115 /****************************************************************************
2116 The guts of the unlink command, split out so it may be called by the NT SMB
2118 ****************************************************************************/
2120 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2121 uint32 dirtype, char *name, BOOL has_wild)
2127 NTSTATUS status = NT_STATUS_OK;
2128 SMB_STRUCT_STAT sbuf;
2130 *directory = *mask = 0;
2132 status = unix_convert(conn, name, has_wild, NULL, &sbuf);
2133 if (!NT_STATUS_IS_OK(status)) {
2137 p = strrchr_m(name,'/');
2139 pstrcpy(directory,".");
2143 pstrcpy(directory,name);
2148 * We should only check the mangled cache
2149 * here if unix_convert failed. This means
2150 * that the path in 'mask' doesn't exist
2151 * on the file system and so we need to look
2152 * for a possible mangle. This patch from
2153 * Tine Smukavec <valentin.smukavec@hermes.si>.
2156 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params))
2157 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
2160 pstrcat(directory,"/");
2161 pstrcat(directory,mask);
2163 dirtype = FILE_ATTRIBUTE_NORMAL;
2166 status = check_name(conn, directory);
2167 if (!NT_STATUS_IS_OK(status)) {
2171 status = do_unlink(conn, req, directory, dirtype);
2172 if (!NT_STATUS_IS_OK(status)) {
2178 struct smb_Dir *dir_hnd = NULL;
2182 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2183 return NT_STATUS_OBJECT_NAME_INVALID;
2186 if (strequal(mask,"????????.???")) {
2190 status = check_name(conn, directory);
2191 if (!NT_STATUS_IS_OK(status)) {
2195 dir_hnd = OpenDir(conn, directory, mask, dirtype);
2196 if (dir_hnd == NULL) {
2197 return map_nt_error_from_unix(errno);
2200 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2201 the pattern matches against the long name, otherwise the short name
2202 We don't implement this yet XXXX
2205 status = NT_STATUS_NO_SUCH_FILE;
2207 while ((dname = ReadDirName(dir_hnd, &offset))) {
2210 pstrcpy(fname,dname);
2212 if (!is_visible_file(conn, directory, dname, &st, True)) {
2216 /* Quick check for "." and ".." */
2217 if (fname[0] == '.') {
2218 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
2223 if(!mask_match(fname, mask, conn->case_sensitive)) {
2227 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
2229 status = check_name(conn, fname);
2230 if (!NT_STATUS_IS_OK(status)) {
2235 status = do_unlink(conn, req, fname, dirtype);
2236 if (!NT_STATUS_IS_OK(status)) {
2241 DEBUG(3,("unlink_internals: succesful unlink [%s]\n",
2247 if (count == 0 && NT_STATUS_IS_OK(status)) {
2248 status = map_nt_error_from_unix(errno);
2254 /****************************************************************************
2256 ****************************************************************************/
2258 void reply_unlink(connection_struct *conn, struct smb_request *req)
2263 BOOL path_contains_wcard = False;
2265 START_PROFILE(SMBunlink);
2268 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2269 END_PROFILE(SMBunlink);
2273 dirtype = SVAL(req->inbuf,smb_vwv0);
2275 srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name,
2276 smb_buf(req->inbuf) + 1, sizeof(name), 0,
2277 STR_TERMINATE, &status, &path_contains_wcard);
2278 if (!NT_STATUS_IS_OK(status)) {
2279 reply_nterror(req, status);
2280 END_PROFILE(SMBunlink);
2284 status = resolve_dfspath_wcard(conn,
2285 req->flags2 & FLAGS2_DFS_PATHNAMES,
2286 name, &path_contains_wcard);
2287 if (!NT_STATUS_IS_OK(status)) {
2288 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2289 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2290 ERRSRV, ERRbadpath);
2291 END_PROFILE(SMBunlink);
2294 reply_nterror(req, status);
2295 END_PROFILE(SMBunlink);
2299 DEBUG(3,("reply_unlink : %s\n",name));
2301 status = unlink_internals(conn, req, dirtype, name,
2302 path_contains_wcard);
2303 if (!NT_STATUS_IS_OK(status)) {
2304 if (open_was_deferred(req->mid)) {
2305 /* We have re-scheduled this call. */
2306 END_PROFILE(SMBunlink);
2309 reply_nterror(req, status);
2310 END_PROFILE(SMBunlink);
2314 reply_outbuf(req, 0, 0);
2315 END_PROFILE(SMBunlink);
2320 /****************************************************************************
2322 ****************************************************************************/
2324 static void fail_readraw(void)
2327 slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)",
2329 exit_server_cleanly(errstr);
2332 /****************************************************************************
2333 Fake (read/write) sendfile. Returns -1 on read or write fail.
2334 ****************************************************************************/
2336 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2340 size_t tosend = nread;
2347 bufsize = MIN(nread, 65536);
2349 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2353 while (tosend > 0) {
2357 if (tosend > bufsize) {
2362 ret = read_file(fsp,buf,startpos,cur_read);
2368 /* If we had a short read, fill with zeros. */
2369 if (ret < cur_read) {
2370 memset(buf, '\0', cur_read - ret);
2373 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2378 startpos += cur_read;
2382 return (ssize_t)nread;
2385 /****************************************************************************
2386 Use sendfile in readbraw.
2387 ****************************************************************************/
2389 void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T startpos, size_t nread,
2390 ssize_t mincount, char *outbuf, int out_buffsize)
2394 #if defined(WITH_SENDFILE)
2396 * We can only use sendfile on a non-chained packet
2397 * but we can use on a non-oplocked file. tridge proved this
2398 * on a train in Germany :-). JRA.
2399 * reply_readbraw has already checked the length.
2402 if ( (chain_size == 0) && (nread > 0) &&
2403 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2406 _smb_setlen(outbuf,nread);
2407 header.data = (uint8 *)outbuf;
2411 if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, nread) == -1) {
2412 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2413 if (errno == ENOSYS) {
2414 goto normal_readbraw;
2418 * Special hack for broken Linux with no working sendfile. If we
2419 * return EINTR we sent the header but not the rest of the data.
2420 * Fake this up by doing read/write calls.
2422 if (errno == EINTR) {
2423 /* Ensure we don't do this again. */
2424 set_use_sendfile(SNUM(conn), False);
2425 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2427 if (fake_sendfile(fsp, startpos, nread) == -1) {
2428 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2429 fsp->fsp_name, strerror(errno) ));
2430 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2435 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2436 fsp->fsp_name, strerror(errno) ));
2437 exit_server_cleanly("send_file_readbraw sendfile failed");
2447 ret = read_file(fsp,outbuf+4,startpos,nread);
2448 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2457 _smb_setlen(outbuf,ret);
2458 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2462 /****************************************************************************
2463 Reply to a readbraw (core+ protocol).
2464 ****************************************************************************/
2466 int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int out_buffsize)
2468 ssize_t maxcount,mincount;
2471 char *header = outbuf;
2473 START_PROFILE(SMBreadbraw);
2475 if (srv_is_signing_active()) {
2476 exit_server_cleanly("reply_readbraw: SMB signing is active - raw reads/writes are disallowed.");
2480 * Special check if an oplock break has been issued
2481 * and the readraw request croses on the wire, we must
2482 * return a zero length response here.
2485 fsp = file_fsp(SVAL(inbuf,smb_vwv0));
2487 if (!FNUM_OK(fsp,conn) || !fsp->can_read) {
2489 * fsp could be NULL here so use the value from the packet. JRA.
2491 DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0)));
2492 _smb_setlen(header,0);
2493 if (write_data(smbd_server_fd(),header,4) != 4)
2495 END_PROFILE(SMBreadbraw);
2499 CHECK_FSP(fsp,conn);
2501 flush_write_cache(fsp, READRAW_FLUSH);
2503 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
2504 if(CVAL(inbuf,smb_wct) == 10) {
2506 * This is a large offset (64 bit) read.
2508 #ifdef LARGE_SMB_OFF_T
2510 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv8)) << 32);
2512 #else /* !LARGE_SMB_OFF_T */
2515 * Ensure we haven't been sent a >32 bit offset.
2518 if(IVAL(inbuf,smb_vwv8) != 0) {
2519 DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \
2520 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) ));
2521 _smb_setlen(header,0);
2522 if (write_data(smbd_server_fd(),header,4) != 4)
2524 END_PROFILE(SMBreadbraw);
2528 #endif /* LARGE_SMB_OFF_T */
2531 DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", (double)startpos ));
2532 _smb_setlen(header,0);
2533 if (write_data(smbd_server_fd(),header,4) != 4)
2535 END_PROFILE(SMBreadbraw);
2539 maxcount = (SVAL(inbuf,smb_vwv3) & 0xFFFF);
2540 mincount = (SVAL(inbuf,smb_vwv4) & 0xFFFF);
2542 /* ensure we don't overrun the packet size */
2543 maxcount = MIN(65535,maxcount);
2545 if (!is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2549 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) {
2553 if (startpos >= size) {
2556 nread = MIN(maxcount,(size - startpos));
2560 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2561 if (nread < mincount)
2565 DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%lu min=%lu nread=%lu\n", fsp->fnum, (double)startpos,
2566 (unsigned long)maxcount, (unsigned long)mincount, (unsigned long)nread ) );
2568 send_file_readbraw(conn, fsp, startpos, nread, mincount, outbuf, out_buffsize);
2570 DEBUG(5,("readbraw finished\n"));
2571 END_PROFILE(SMBreadbraw);
2576 #define DBGC_CLASS DBGC_LOCKING
2578 /****************************************************************************
2579 Reply to a lockread (core+ protocol).
2580 ****************************************************************************/
2582 int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz)
2590 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
2591 struct byte_range_lock *br_lck = NULL;
2592 START_PROFILE(SMBlockread);
2594 CHECK_FSP(fsp,conn);
2595 if (!CHECK_READ(fsp,inbuf)) {
2596 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2599 release_level_2_oplocks_on_change(fsp);
2601 numtoread = SVAL(inbuf,smb_vwv1);
2602 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2604 outsize = set_message(inbuf,outbuf,5,3,True);
2605 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2606 data = smb_buf(outbuf) + 3;
2609 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2610 * protocol request that predates the read/write lock concept.
2611 * Thus instead of asking for a read lock here we need to ask
2612 * for a write lock. JRA.
2613 * Note that the requested lock size is unaffected by max_recv.
2616 br_lck = do_lock(smbd_messaging_context(),
2618 (uint32)SVAL(inbuf,smb_pid),
2619 (SMB_BIG_UINT)numtoread,
2620 (SMB_BIG_UINT)startpos,
2623 False, /* Non-blocking lock. */
2626 TALLOC_FREE(br_lck);
2628 if (NT_STATUS_V(status)) {
2629 END_PROFILE(SMBlockread);
2630 return ERROR_NT(status);
2634 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
2637 if (numtoread > max_recv) {
2638 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
2639 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2640 (unsigned int)numtoread, (unsigned int)max_recv ));
2641 numtoread = MIN(numtoread,max_recv);
2643 nread = read_file(fsp,data,startpos,numtoread);
2646 END_PROFILE(SMBlockread);
2647 return(UNIXERROR(ERRDOS,ERRnoaccess));
2651 SSVAL(outbuf,smb_vwv0,nread);
2652 SSVAL(outbuf,smb_vwv5,nread+3);
2653 SSVAL(smb_buf(outbuf),1,nread);
2655 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
2656 fsp->fnum, (int)numtoread, (int)nread));
2658 END_PROFILE(SMBlockread);
2663 #define DBGC_CLASS DBGC_ALL
2665 /****************************************************************************
2667 ****************************************************************************/
2669 int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2676 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
2677 START_PROFILE(SMBread);
2679 CHECK_FSP(fsp,conn);
2680 if (!CHECK_READ(fsp,inbuf)) {
2681 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2684 numtoread = SVAL(inbuf,smb_vwv1);
2685 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2687 outsize = set_message(inbuf,outbuf,5,3,True);
2688 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2690 * The requested read size cannot be greater than max_recv. JRA.
2692 if (numtoread > max_recv) {
2693 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
2694 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2695 (unsigned int)numtoread, (unsigned int)max_recv ));
2696 numtoread = MIN(numtoread,max_recv);
2699 data = smb_buf(outbuf) + 3;
2701 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2702 END_PROFILE(SMBread);
2703 return ERROR_DOS(ERRDOS,ERRlock);
2707 nread = read_file(fsp,data,startpos,numtoread);
2710 END_PROFILE(SMBread);
2711 return(UNIXERROR(ERRDOS,ERRnoaccess));
2715 SSVAL(outbuf,smb_vwv0,nread);
2716 SSVAL(outbuf,smb_vwv5,nread+3);
2717 SCVAL(smb_buf(outbuf),0,1);
2718 SSVAL(smb_buf(outbuf),1,nread);
2720 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
2721 fsp->fnum, (int)numtoread, (int)nread ) );
2723 END_PROFILE(SMBread);
2727 /****************************************************************************
2729 ****************************************************************************/
2731 static int setup_readX_header(char *inbuf, char *outbuf, size_t smb_maxcnt)
2736 outsize = set_message(inbuf, outbuf,12,smb_maxcnt,False);
2737 data = smb_buf(outbuf);
2739 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2740 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
2741 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2742 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
2743 SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
2744 SCVAL(outbuf,smb_vwv0,0xFF);
2745 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
2746 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
2750 /****************************************************************************
2751 Reply to a read and X - possibly using sendfile.
2752 ****************************************************************************/
2754 static void send_file_readX(connection_struct *conn, struct smb_request *req,
2755 files_struct *fsp, SMB_OFF_T startpos,
2758 SMB_STRUCT_STAT sbuf;
2761 char *inbuf, *outbuf;
2762 int length, len_outbuf;
2764 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
2765 reply_unixerror(req, ERRDOS, ERRnoaccess);
2769 if (startpos > sbuf.st_size) {
2771 } else if (smb_maxcnt > (sbuf.st_size - startpos)) {
2772 smb_maxcnt = (sbuf.st_size - startpos);
2775 if (smb_maxcnt == 0) {
2779 #if defined(WITH_SENDFILE)
2781 * We can only use sendfile on a non-chained packet
2782 * but we can use on a non-oplocked file. tridge proved this
2783 * on a train in Germany :-). JRA.
2786 if ((chain_size == 0) && (CVAL(req->inbuf,smb_vwv0) == 0xFF) &&
2787 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
2788 char headerbuf[smb_size + 12 * 2];
2792 * Set up the packet header before send. We
2793 * assume here the sendfile will work (get the
2794 * correct amount of data).
2797 header = data_blob_const(headerbuf, sizeof(headerbuf));
2799 construct_reply_common((char *)req->inbuf, headerbuf);
2800 setup_readX_header((char *)req->inbuf, headerbuf, smb_maxcnt);
2802 if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) {
2803 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2804 if (errno == ENOSYS) {
2809 * Special hack for broken Linux with no working sendfile. If we
2810 * return EINTR we sent the header but not the rest of the data.
2811 * Fake this up by doing read/write calls.
2814 if (errno == EINTR) {
2815 /* Ensure we don't do this again. */
2816 set_use_sendfile(SNUM(conn), False);
2817 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
2818 nread = fake_sendfile(fsp, startpos,
2821 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2822 fsp->fsp_name, strerror(errno) ));
2823 exit_server_cleanly("send_file_readX: fake_sendfile failed");
2825 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
2826 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2827 /* No outbuf here means successful sendfile. */
2828 TALLOC_FREE(req->outbuf);
2832 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
2833 fsp->fsp_name, strerror(errno) ));
2834 exit_server_cleanly("send_file_readX sendfile failed");
2837 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
2838 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2839 /* No outbuf here means successful sendfile. */
2840 TALLOC_FREE(req->outbuf);
2848 if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &len_outbuf)) {
2849 reply_nterror(req, NT_STATUS_NO_MEMORY);
2853 set_message(inbuf, outbuf, 12, 0, True);
2855 data = smb_buf(outbuf);
2857 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
2858 int sendlen = setup_readX_header(inbuf,outbuf,smb_maxcnt) - smb_maxcnt;
2859 /* Send out the header. */
2860 if (write_data(smbd_server_fd(),outbuf,sendlen) != sendlen) {
2861 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
2862 fsp->fsp_name, strerror(errno) ));
2863 exit_server_cleanly("send_file_readX sendfile failed");
2865 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
2867 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2868 fsp->fsp_name, strerror(errno) ));
2869 exit_server_cleanly("send_file_readX: fake_sendfile failed");
2871 TALLOC_FREE(req->outbuf);
2874 nread = read_file(fsp,data,startpos,smb_maxcnt);
2877 reply_unixerror(req, ERRDOS, ERRnoaccess);
2881 setup_readX_header(inbuf, outbuf,nread);
2883 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
2884 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2886 chain_reply_new(req);
2892 /****************************************************************************
2893 Reply to a read and X.
2894 ****************************************************************************/
2896 void reply_read_and_X(connection_struct *conn, struct smb_request *req)
2901 BOOL big_readX = False;
2903 size_t smb_mincnt = SVAL(req->inbuf,smb_vwv6);
2906 START_PROFILE(SMBreadX);
2908 if ((req->wct != 10) && (req->wct != 12)) {
2909 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2913 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
2914 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
2915 smb_maxcnt = SVAL(req->inbuf,smb_vwv5);
2917 /* If it's an IPC, pass off the pipe handler. */
2919 reply_pipe_read_and_X(req);
2920 END_PROFILE(SMBreadX);
2924 if (!check_fsp(conn, req, fsp, ¤t_user)) {
2925 END_PROFILE(SMBreadX);
2929 if (!CHECK_READ(fsp,req->inbuf)) {
2930 reply_doserror(req, ERRDOS,ERRbadaccess);
2931 END_PROFILE(SMBreadX);
2935 if (global_client_caps & CAP_LARGE_READX) {
2936 size_t upper_size = SVAL(req->inbuf,smb_vwv7);
2937 smb_maxcnt |= (upper_size<<16);
2938 if (upper_size > 1) {
2939 /* Can't do this on a chained packet. */
2940 if ((CVAL(req->inbuf,smb_vwv0) != 0xFF)) {
2941 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
2942 END_PROFILE(SMBreadX);
2945 /* We currently don't do this on signed or sealed data. */
2946 if (srv_is_signing_active() || srv_encryption_on()) {
2947 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
2948 END_PROFILE(SMBreadX);
2951 /* Is there room in the reply for this data ? */
2952 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
2954 NT_STATUS_INVALID_PARAMETER);
2955 END_PROFILE(SMBreadX);
2962 if (req->wct == 12) {
2963 #ifdef LARGE_SMB_OFF_T
2965 * This is a large offset (64 bit) read.
2967 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv10)) << 32);
2969 #else /* !LARGE_SMB_OFF_T */
2972 * Ensure we haven't been sent a >32 bit offset.
2975 if(IVAL(req->inbuf,smb_vwv10) != 0) {
2976 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
2977 "used and we don't support 64 bit offsets.\n",
2978 (unsigned int)IVAL(req->inbuf,smb_vwv10) ));
2979 END_PROFILE(SMBreadX);
2980 reply_doserror(req, ERRDOS, ERRbadaccess);
2984 #endif /* LARGE_SMB_OFF_T */
2988 if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)smb_maxcnt,
2989 (SMB_BIG_UINT)startpos, READ_LOCK)) {
2990 END_PROFILE(SMBreadX);
2991 reply_doserror(req, ERRDOS, ERRlock);
2996 && schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
2997 END_PROFILE(SMBreadX);
2998 reply_post_legacy(req, -1);
3002 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3004 END_PROFILE(SMBreadX);
3008 /****************************************************************************
3009 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3010 ****************************************************************************/
3012 int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3015 ssize_t total_written=0;
3016 size_t numtowrite=0;
3021 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3024 START_PROFILE(SMBwritebraw);
3026 if (srv_is_signing_active()) {
3027 exit_server_cleanly("reply_writebraw: SMB signing is active - raw reads/writes are disallowed.");
3030 CHECK_FSP(fsp,conn);
3031 if (!CHECK_WRITE(fsp)) {
3032 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3035 tcount = IVAL(inbuf,smb_vwv1);
3036 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
3037 write_through = BITSETW(inbuf+smb_vwv7,0);
3039 /* We have to deal with slightly different formats depending
3040 on whether we are using the core+ or lanman1.0 protocol */
3042 if(Protocol <= PROTOCOL_COREPLUS) {
3043 numtowrite = SVAL(smb_buf(inbuf),-2);
3044 data = smb_buf(inbuf);
3046 numtowrite = SVAL(inbuf,smb_vwv10);
3047 data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11);
3050 /* force the error type */
3051 SCVAL(inbuf,smb_com,SMBwritec);
3052 SCVAL(outbuf,smb_com,SMBwritec);
3054 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3055 END_PROFILE(SMBwritebraw);
3056 return(ERROR_DOS(ERRDOS,ERRlock));
3060 nwritten = write_file(fsp,data,startpos,numtowrite);
3062 DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n",
3063 fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through));
3065 if (nwritten < (ssize_t)numtowrite) {
3066 END_PROFILE(SMBwritebraw);
3067 return(UNIXERROR(ERRHRD,ERRdiskfull));
3070 total_written = nwritten;
3072 /* Return a message to the redirector to tell it to send more bytes */
3073 SCVAL(outbuf,smb_com,SMBwritebraw);
3074 SSVALS(outbuf,smb_vwv0,-1);
3075 outsize = set_message(inbuf,outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3077 if (!send_smb(smbd_server_fd(),outbuf))
3078 exit_server_cleanly("reply_writebraw: send_smb failed.");
3080 /* Now read the raw data into the buffer and write it */
3081 if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) {
3082 exit_server_cleanly("secondary writebraw failed");
3085 /* Even though this is not an smb message, smb_len returns the generic length of an smb message */
3086 numtowrite = smb_len(inbuf);
3088 /* Set up outbuf to return the correct return */
3089 outsize = set_message(inbuf,outbuf,1,0,True);
3090 SCVAL(outbuf,smb_com,SMBwritec);
3092 if (numtowrite != 0) {
3094 if (numtowrite > BUFFER_SIZE) {
3095 DEBUG(0,("reply_writebraw: Oversize secondary write raw requested (%u). Terminating\n",
3096 (unsigned int)numtowrite ));
3097 exit_server_cleanly("secondary writebraw failed");
3100 if (tcount > nwritten+numtowrite) {
3101 DEBUG(3,("Client overestimated the write %d %d %d\n",
3102 (int)tcount,(int)nwritten,(int)numtowrite));
3105 if (read_data( smbd_server_fd(), inbuf+4, numtowrite) != numtowrite ) {
3106 DEBUG(0,("reply_writebraw: Oversize secondary write raw read failed (%s). Terminating\n",
3108 exit_server_cleanly("secondary writebraw failed");
3111 nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite);
3112 if (nwritten == -1) {
3113 END_PROFILE(SMBwritebraw);
3114 return(UNIXERROR(ERRHRD,ERRdiskfull));
3117 if (nwritten < (ssize_t)numtowrite) {
3118 SCVAL(outbuf,smb_rcls,ERRHRD);
3119 SSVAL(outbuf,smb_err,ERRdiskfull);
3123 total_written += nwritten;
3126 SSVAL(outbuf,smb_vwv0,total_written);
3128 status = sync_file(conn, fsp, write_through);
3129 if (!NT_STATUS_IS_OK(status)) {
3130 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3131 fsp->fsp_name, nt_errstr(status) ));
3132 END_PROFILE(SMBwritebraw);
3133 return ERROR_NT(status);
3136 DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n",
3137 fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written));
3139 /* we won't return a status if write through is not selected - this follows what WfWg does */
3140 END_PROFILE(SMBwritebraw);
3141 if (!write_through && total_written==tcount) {
3143 #if RABBIT_PELLET_FIX
3145 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3146 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA.
3148 if (!send_keepalive(smbd_server_fd()))
3149 exit_server_cleanly("reply_writebraw: send of keepalive failed");
3158 #define DBGC_CLASS DBGC_LOCKING
3160 /****************************************************************************
3161 Reply to a writeunlock (core+).
3162 ****************************************************************************/
3164 int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf,
3165 int size, int dum_buffsize)
3167 ssize_t nwritten = -1;
3171 NTSTATUS status = NT_STATUS_OK;
3172 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3174 START_PROFILE(SMBwriteunlock);
3176 CHECK_FSP(fsp,conn);
3177 if (!CHECK_WRITE(fsp)) {
3178 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3181 numtowrite = SVAL(inbuf,smb_vwv1);
3182 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3183 data = smb_buf(inbuf) + 3;
3185 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3186 END_PROFILE(SMBwriteunlock);
3187 return ERROR_DOS(ERRDOS,ERRlock);
3190 /* The special X/Open SMB protocol handling of
3191 zero length writes is *NOT* done for
3193 if(numtowrite == 0) {
3196 nwritten = write_file(fsp,data,startpos,numtowrite);
3199 status = sync_file(conn, fsp, False /* write through */);
3200 if (!NT_STATUS_IS_OK(status)) {
3201 END_PROFILE(SMBwriteunlock);
3202 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3203 fsp->fsp_name, nt_errstr(status) ));
3204 return ERROR_NT(status);
3207 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3208 END_PROFILE(SMBwriteunlock);
3209 return(UNIXERROR(ERRHRD,ERRdiskfull));
3213 status = do_unlock(smbd_messaging_context(),
3215 (uint32)SVAL(inbuf,smb_pid),
3216 (SMB_BIG_UINT)numtowrite,
3217 (SMB_BIG_UINT)startpos,
3220 if (NT_STATUS_V(status)) {
3221 END_PROFILE(SMBwriteunlock);
3222 return ERROR_NT(status);
3226 outsize = set_message(inbuf,outbuf,1,0,True);
3228 SSVAL(outbuf,smb_vwv0,nwritten);
3230 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3231 fsp->fnum, (int)numtowrite, (int)nwritten));
3233 END_PROFILE(SMBwriteunlock);
3238 #define DBGC_CLASS DBGC_ALL
3240 /****************************************************************************
3242 ****************************************************************************/
3244 int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize)
3247 ssize_t nwritten = -1;
3250 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3253 START_PROFILE(SMBwrite);
3255 /* If it's an IPC, pass off the pipe handler. */
3257 END_PROFILE(SMBwrite);
3258 return reply_pipe_write(inbuf,outbuf,size,dum_buffsize);
3261 CHECK_FSP(fsp,conn);
3262 if (!CHECK_WRITE(fsp)) {
3263 END_PROFILE(SMBwrite);
3264 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3267 numtowrite = SVAL(inbuf,smb_vwv1);
3268 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3269 data = smb_buf(inbuf) + 3;
3271 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3272 END_PROFILE(SMBwrite);
3273 return ERROR_DOS(ERRDOS,ERRlock);
3277 * X/Open SMB protocol says that if smb_vwv1 is
3278 * zero then the file size should be extended or
3279 * truncated to the size given in smb_vwv[2-3].
3282 if(numtowrite == 0) {
3284 * This is actually an allocate call, and set EOF. JRA.
3286 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
3288 END_PROFILE(SMBwrite);
3289 return ERROR_NT(NT_STATUS_DISK_FULL);
3291 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
3293 END_PROFILE(SMBwrite);
3294 return ERROR_NT(NT_STATUS_DISK_FULL);
3297 nwritten = write_file(fsp,data,startpos,numtowrite);
3299 status = sync_file(conn, fsp, False);
3300 if (!NT_STATUS_IS_OK(status)) {
3301 END_PROFILE(SMBwrite);
3302 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3303 fsp->fsp_name, nt_errstr(status) ));
3304 return ERROR_NT(status);
3307 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3308 END_PROFILE(SMBwrite);
3309 return(UNIXERROR(ERRHRD,ERRdiskfull));
3312 outsize = set_message(inbuf,outbuf,1,0,True);
3314 SSVAL(outbuf,smb_vwv0,nwritten);
3316 if (nwritten < (ssize_t)numtowrite) {
3317 SCVAL(outbuf,smb_rcls,ERRHRD);
3318 SSVAL(outbuf,smb_err,ERRdiskfull);
3321 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3323 END_PROFILE(SMBwrite);
3327 /****************************************************************************
3328 Reply to a write and X.
3329 ****************************************************************************/
3331 void reply_write_and_X(connection_struct *conn, struct smb_request *req)
3338 unsigned int smb_doff;
3339 unsigned int smblen;
3344 START_PROFILE(SMBwriteX);
3346 if ((req->wct != 12) && (req->wct != 14)) {
3347 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3348 END_PROFILE(SMBwriteX);
3352 numtowrite = SVAL(req->inbuf,smb_vwv10);
3353 smb_doff = SVAL(req->inbuf,smb_vwv11);
3354 smblen = smb_len(req->inbuf);
3355 large_writeX = ((req->wct == 14) && (smblen > 0xFFFF));
3357 /* Deal with possible LARGE_WRITEX */
3359 numtowrite |= ((((size_t)SVAL(req->inbuf,smb_vwv9)) & 1 )<<16);
3362 if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) {
3363 reply_doserror(req, ERRDOS, ERRbadmem);
3364 END_PROFILE(SMBwriteX);
3368 /* If it's an IPC, pass off the pipe handler. */
3370 reply_pipe_write_and_X(req);
3371 END_PROFILE(SMBwriteX);
3375 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
3376 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
3377 write_through = BITSETW(req->inbuf+smb_vwv7,0);
3379 if (!check_fsp(conn, req, fsp, ¤t_user)) {
3380 END_PROFILE(SMBwriteX);
3384 if (!CHECK_WRITE(fsp)) {
3385 reply_doserror(req, ERRDOS, ERRbadaccess);
3386 END_PROFILE(SMBwriteX);
3390 data = smb_base(req->inbuf) + smb_doff;
3392 if(req->wct == 14) {
3393 #ifdef LARGE_SMB_OFF_T
3395 * This is a large offset (64 bit) write.
3397 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv12)) << 32);
3399 #else /* !LARGE_SMB_OFF_T */
3402 * Ensure we haven't been sent a >32 bit offset.
3405 if(IVAL(req->inbuf,smb_vwv12) != 0) {
3406 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
3407 "used and we don't support 64 bit offsets.\n",
3408 (unsigned int)IVAL(inbuf,smb_vwv12) ));
3409 reply_doserror(req, ERRDOS, ERRbadaccess);
3410 END_PROFILE(SMBwriteX);
3414 #endif /* LARGE_SMB_OFF_T */
3417 if (is_locked(fsp,(uint32)req->smbpid,
3418 (SMB_BIG_UINT)numtowrite,
3419 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3420 reply_doserror(req, ERRDOS, ERRlock);
3421 END_PROFILE(SMBwriteX);
3425 /* X/Open SMB protocol says that, unlike SMBwrite
3426 if the length is zero then NO truncation is
3427 done, just a write of zero. To truncate a file,
3430 if(numtowrite == 0) {
3434 if (schedule_aio_write_and_X(conn, req, fsp, data, startpos,
3436 END_PROFILE(SMBwriteX);
3440 nwritten = write_file(fsp,data,startpos,numtowrite);
3441 reply_outbuf(req, 6, 0);
3444 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3445 reply_unixerror(req, ERRHRD, ERRdiskfull);
3446 END_PROFILE(SMBwriteX);
3450 SSVAL(req->outbuf,smb_vwv2,nwritten);
3452 SSVAL(req->outbuf,smb_vwv4,(nwritten>>16)&1);
3454 if (nwritten < (ssize_t)numtowrite) {
3455 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3456 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3459 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
3460 fsp->fnum, (int)numtowrite, (int)nwritten));
3462 status = sync_file(conn, fsp, write_through);
3463 if (!NT_STATUS_IS_OK(status)) {
3464 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
3465 fsp->fsp_name, nt_errstr(status) ));
3466 reply_nterror(req, status);
3467 END_PROFILE(SMBwriteX);
3471 END_PROFILE(SMBwriteX);
3472 chain_reply_new(req);
3476 /****************************************************************************
3478 ****************************************************************************/
3480 int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3486 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3487 START_PROFILE(SMBlseek);
3489 CHECK_FSP(fsp,conn);
3491 flush_write_cache(fsp, SEEK_FLUSH);
3493 mode = SVAL(inbuf,smb_vwv1) & 3;
3494 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
3495 startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2);
3504 res = fsp->fh->pos + startpos;
3515 if (umode == SEEK_END) {
3516 if((res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,startpos,umode)) == -1) {
3517 if(errno == EINVAL) {
3518 SMB_OFF_T current_pos = startpos;
3519 SMB_STRUCT_STAT sbuf;
3521 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
3522 END_PROFILE(SMBlseek);
3523 return(UNIXERROR(ERRDOS,ERRnoaccess));
3526 current_pos += sbuf.st_size;
3528 res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,0,SEEK_SET);
3533 END_PROFILE(SMBlseek);
3534 return(UNIXERROR(ERRDOS,ERRnoaccess));
3540 outsize = set_message(inbuf,outbuf,2,0,True);
3541 SIVAL(outbuf,smb_vwv0,res);
3543 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
3544 fsp->fnum, (double)startpos, (double)res, mode));
3546 END_PROFILE(SMBlseek);
3550 /****************************************************************************
3552 ****************************************************************************/
3554 void reply_flush(connection_struct *conn, struct smb_request *req)
3559 START_PROFILE(SMBflush);
3562 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3566 fnum = SVAL(req->inbuf,smb_vwv0);
3567 fsp = file_fsp(fnum);
3569 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp, ¤t_user)) {
3574 file_sync_all(conn);
3576 NTSTATUS status = sync_file(conn, fsp, True);
3577 if (!NT_STATUS_IS_OK(status)) {
3578 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
3579 fsp->fsp_name, nt_errstr(status) ));
3580 reply_nterror(req, status);
3581 END_PROFILE(SMBflush);
3586 reply_outbuf(req, 0, 0);
3588 DEBUG(3,("flush\n"));
3589 END_PROFILE(SMBflush);
3593 /****************************************************************************
3595 conn POINTER CAN BE NULL HERE !
3596 ****************************************************************************/
3598 void reply_exit(connection_struct *conn, struct smb_request *req)
3600 START_PROFILE(SMBexit);
3602 file_close_pid(req->smbpid, req->vuid);
3604 reply_outbuf(req, 0, 0);
3606 DEBUG(3,("exit\n"));
3608 END_PROFILE(SMBexit);
3612 /****************************************************************************
3613 Reply to a close - has to deal with closing a directory opened by NT SMB's.
3614 ****************************************************************************/
3616 void reply_close(connection_struct *conn, struct smb_request *req)
3618 NTSTATUS status = NT_STATUS_OK;
3619 files_struct *fsp = NULL;
3620 START_PROFILE(SMBclose);
3623 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3624 END_PROFILE(SMBclose);
3628 /* If it's an IPC, pass off to the pipe handler. */
3630 reply_pipe_close(conn, req);
3631 END_PROFILE(SMBclose);
3635 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
3638 * We can only use CHECK_FSP if we know it's not a directory.
3641 if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) {
3642 reply_doserror(req, ERRDOS, ERRbadfid);
3643 END_PROFILE(SMBclose);
3647 if(fsp->is_directory) {
3649 * Special case - close NT SMB directory handle.
3651 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
3652 status = close_file(fsp,NORMAL_CLOSE);
3655 * Close ordinary file.
3658 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
3659 fsp->fh->fd, fsp->fnum,
3660 conn->num_files_open));
3663 * Take care of any time sent in the close.
3666 fsp_set_pending_modtime(fsp, convert_time_t_to_timespec(
3667 srv_make_unix_date3(
3668 req->inbuf+smb_vwv1)));
3671 * close_file() returns the unix errno if an error
3672 * was detected on close - normally this is due to
3673 * a disk full error. If not then it was probably an I/O error.
3676 status = close_file(fsp,NORMAL_CLOSE);
3679 if (!NT_STATUS_IS_OK(status)) {
3680 reply_nterror(req, status);
3681 END_PROFILE(SMBclose);
3685 reply_outbuf(req, 0, 0);
3686 END_PROFILE(SMBclose);
3690 /****************************************************************************
3691 Reply to a writeclose (Core+ protocol).
3692 ****************************************************************************/
3694 int reply_writeclose(connection_struct *conn,
3695 char *inbuf,char *outbuf, int size, int dum_buffsize)
3698 ssize_t nwritten = -1;
3700 NTSTATUS close_status = NT_STATUS_OK;
3703 struct timespec mtime;
3704 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3705 START_PROFILE(SMBwriteclose);
3707 CHECK_FSP(fsp,conn);
3708 if (!CHECK_WRITE(fsp)) {
3709 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3712 numtowrite = SVAL(inbuf,smb_vwv1);
3713 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3714 mtime = convert_time_t_to_timespec(srv_make_unix_date3(inbuf+smb_vwv4));
3715 data = smb_buf(inbuf) + 1;
3717 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3718 END_PROFILE(SMBwriteclose);
3719 return ERROR_DOS(ERRDOS,ERRlock);
3722 nwritten = write_file(fsp,data,startpos,numtowrite);
3724 set_filetime(conn, fsp->fsp_name, mtime);
3727 * More insanity. W2K only closes the file if writelen > 0.
3732 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
3734 close_status = close_file(fsp,NORMAL_CLOSE);
3737 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
3738 fsp->fnum, (int)numtowrite, (int)nwritten,
3739 conn->num_files_open));
3741 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3742 END_PROFILE(SMBwriteclose);
3743 return(UNIXERROR(ERRHRD,ERRdiskfull));
3746 if(!NT_STATUS_IS_OK(close_status)) {
3747 END_PROFILE(SMBwriteclose);
3748 return ERROR_NT(close_status);
3751 outsize = set_message(inbuf,outbuf,1,0,True);
3753 SSVAL(outbuf,smb_vwv0,nwritten);
3754 END_PROFILE(SMBwriteclose);
3759 #define DBGC_CLASS DBGC_LOCKING
3761 /****************************************************************************
3763 ****************************************************************************/
3765 int reply_lock(connection_struct *conn,
3766 char *inbuf,char *outbuf, int length, int dum_buffsize)
3768 int outsize = set_message(inbuf,outbuf,0,0,False);
3769 SMB_BIG_UINT count,offset;
3771 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3772 struct byte_range_lock *br_lck = NULL;
3774 START_PROFILE(SMBlock);
3776 CHECK_FSP(fsp,conn);
3778 release_level_2_oplocks_on_change(fsp);
3780 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3781 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3783 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3784 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
3786 br_lck = do_lock(smbd_messaging_context(),
3788 (uint32)SVAL(inbuf,smb_pid),
3793 False, /* Non-blocking lock. */
3797 TALLOC_FREE(br_lck);
3799 if (NT_STATUS_V(status)) {
3800 END_PROFILE(SMBlock);
3801 return ERROR_NT(status);
3804 END_PROFILE(SMBlock);
3808 /****************************************************************************
3810 ****************************************************************************/
3812 int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size,
3815 int outsize = set_message(inbuf,outbuf,0,0,False);
3816 SMB_BIG_UINT count,offset;
3818 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3819 START_PROFILE(SMBunlock);
3821 CHECK_FSP(fsp,conn);
3823 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3824 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3826 status = do_unlock(smbd_messaging_context(),
3828 (uint32)SVAL(inbuf,smb_pid),
3833 if (NT_STATUS_V(status)) {
3834 END_PROFILE(SMBunlock);
3835 return ERROR_NT(status);
3838 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3839 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
3841 END_PROFILE(SMBunlock);
3846 #define DBGC_CLASS DBGC_ALL
3848 /****************************************************************************
3850 conn POINTER CAN BE NULL HERE !
3851 ****************************************************************************/
3853 void reply_tdis(connection_struct *conn, struct smb_request *req)
3855 START_PROFILE(SMBtdis);
3858 DEBUG(4,("Invalid connection in tdis\n"));
3859 reply_doserror(req, ERRSRV, ERRinvnid);
3860 END_PROFILE(SMBtdis);
3866 close_cnum(conn,req->vuid);
3868 reply_outbuf(req, 0, 0);
3869 END_PROFILE(SMBtdis);
3873 /****************************************************************************
3875 conn POINTER CAN BE NULL HERE !
3876 ****************************************************************************/
3878 void reply_echo(connection_struct *conn, struct smb_request *req)
3882 unsigned int data_len = smb_buflen(req->inbuf);
3884 START_PROFILE(SMBecho);
3887 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3888 END_PROFILE(SMBecho);
3892 if (data_len > BUFFER_SIZE) {
3893 DEBUG(0,("reply_echo: data_len too large.\n"));
3894 reply_nterror(req, NT_STATUS_INSUFFICIENT_RESOURCES);
3895 END_PROFILE(SMBecho);
3899 smb_reverb = SVAL(req->inbuf,smb_vwv0);
3901 reply_outbuf(req, 1, data_len);
3903 /* copy any incoming data back out */
3905 memcpy(smb_buf(req->outbuf),smb_buf(req->inbuf),data_len);
3908 if (smb_reverb > 100) {
3909 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
3913 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
3914 SSVAL(req->outbuf,smb_vwv0,seq_num);
3916 show_msg((char *)req->outbuf);
3917 if (!send_smb(smbd_server_fd(),(char *)req->outbuf))
3918 exit_server_cleanly("reply_echo: send_smb failed.");
3921 DEBUG(3,("echo %d times\n", smb_reverb));
3923 TALLOC_FREE(req->outbuf);
3927 END_PROFILE(SMBecho);
3931 /****************************************************************************
3932 Reply to a printopen.
3933 ****************************************************************************/
3935 int reply_printopen(connection_struct *conn,
3936 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3942 START_PROFILE(SMBsplopen);
3944 if (!CAN_PRINT(conn)) {
3945 END_PROFILE(SMBsplopen);
3946 return ERROR_DOS(ERRDOS,ERRnoaccess);
3949 /* Open for exclusive use, write only. */
3950 status = print_fsp_open(conn, NULL, &fsp);
3952 if (!NT_STATUS_IS_OK(status)) {
3953 END_PROFILE(SMBsplopen);
3954 return(ERROR_NT(status));
3957 outsize = set_message(inbuf,outbuf,1,0,True);
3958 SSVAL(outbuf,smb_vwv0,fsp->fnum);
3960 DEBUG(3,("openprint fd=%d fnum=%d\n",
3961 fsp->fh->fd, fsp->fnum));
3963 END_PROFILE(SMBsplopen);
3967 /****************************************************************************
3968 Reply to a printclose.
3969 ****************************************************************************/
3971 int reply_printclose(connection_struct *conn,
3972 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3974 int outsize = set_message(inbuf,outbuf,0,0,False);
3975 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3977 START_PROFILE(SMBsplclose);
3979 CHECK_FSP(fsp,conn);
3981 if (!CAN_PRINT(conn)) {
3982 END_PROFILE(SMBsplclose);
3983 return ERROR_NT(NT_STATUS_DOS(ERRSRV, ERRerror));
3986 DEBUG(3,("printclose fd=%d fnum=%d\n",
3987 fsp->fh->fd,fsp->fnum));
3989 status = close_file(fsp,NORMAL_CLOSE);
3991 if(!NT_STATUS_IS_OK(status)) {
3992 END_PROFILE(SMBsplclose);
3993 return ERROR_NT(status);
3996 END_PROFILE(SMBsplclose);
4000 /****************************************************************************
4001 Reply to a printqueue.
4002 ****************************************************************************/
4004 int reply_printqueue(connection_struct *conn,
4005 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4007 int outsize = set_message(inbuf,outbuf,2,3,True);
4008 int max_count = SVAL(inbuf,smb_vwv0);
4009 int start_index = SVAL(inbuf,smb_vwv1);
4010 START_PROFILE(SMBsplretq);
4012 /* we used to allow the client to get the cnum wrong, but that
4013 is really quite gross and only worked when there was only
4014 one printer - I think we should now only accept it if they
4015 get it right (tridge) */
4016 if (!CAN_PRINT(conn)) {
4017 END_PROFILE(SMBsplretq);
4018 return ERROR_DOS(ERRDOS,ERRnoaccess);
4021 SSVAL(outbuf,smb_vwv0,0);
4022 SSVAL(outbuf,smb_vwv1,0);
4023 SCVAL(smb_buf(outbuf),0,1);
4024 SSVAL(smb_buf(outbuf),1,0);
4026 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4027 start_index, max_count));
4030 print_queue_struct *queue = NULL;
4031 print_status_struct status;
4032 char *p = smb_buf(outbuf) + 3;
4033 int count = print_queue_status(SNUM(conn), &queue, &status);
4034 int num_to_get = ABS(max_count);
4035 int first = (max_count>0?start_index:start_index+max_count+1);
4041 num_to_get = MIN(num_to_get,count-first);
4044 for (i=first;i<first+num_to_get;i++) {
4045 srv_put_dos_date2(p,0,queue[i].time);
4046 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
4047 SSVAL(p,5, queue[i].job);
4048 SIVAL(p,7,queue[i].size);
4050 srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p+12,
4051 queue[i].fs_user, 16, STR_ASCII);
4056 outsize = set_message(inbuf,outbuf,2,28*count+3,False);
4057 SSVAL(outbuf,smb_vwv0,count);
4058 SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1));
4059 SCVAL(smb_buf(outbuf),0,1);
4060 SSVAL(smb_buf(outbuf),1,28*count);
4065 DEBUG(3,("%d entries returned in queue\n",count));
4068 END_PROFILE(SMBsplretq);
4072 /****************************************************************************
4073 Reply to a printwrite.
4074 ****************************************************************************/
4076 int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4079 int outsize = set_message(inbuf,outbuf,0,0,False);
4081 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
4083 START_PROFILE(SMBsplwr);
4085 if (!CAN_PRINT(conn)) {
4086 END_PROFILE(SMBsplwr);
4087 return ERROR_DOS(ERRDOS,ERRnoaccess);
4090 CHECK_FSP(fsp,conn);
4091 if (!CHECK_WRITE(fsp)) {
4092 return(ERROR_DOS(ERRDOS,ERRbadaccess));
4095 numtowrite = SVAL(smb_buf(inbuf),1);
4096 data = smb_buf(inbuf) + 3;
4098 if (write_file(fsp,data,-1,numtowrite) != numtowrite) {
4099 END_PROFILE(SMBsplwr);
4100 return(UNIXERROR(ERRHRD,ERRdiskfull));
4103 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
4105 END_PROFILE(SMBsplwr);
4109 /****************************************************************************
4111 ****************************************************************************/
4113 void reply_mkdir(connection_struct *conn, struct smb_request *req)
4117 SMB_STRUCT_STAT sbuf;
4119 START_PROFILE(SMBmkdir);
4121 srvstr_get_path((char *)req->inbuf, req->flags2, directory,
4122 smb_buf(req->inbuf) + 1, sizeof(directory), 0,
4123 STR_TERMINATE, &status);
4124 if (!NT_STATUS_IS_OK(status)) {
4125 reply_nterror(req, status);
4126 END_PROFILE(SMBmkdir);
4130 status = resolve_dfspath(conn,
4131 req->flags2 & FLAGS2_DFS_PATHNAMES,
4133 if (!NT_STATUS_IS_OK(status)) {
4134 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4135 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4136 ERRSRV, ERRbadpath);
4137 END_PROFILE(SMBmkdir);
4140 reply_nterror(req, status);
4141 END_PROFILE(SMBmkdir);
4145 status = unix_convert(conn, directory, False, NULL, &sbuf);
4146 if (!NT_STATUS_IS_OK(status)) {
4147 reply_nterror(req, status);
4148 END_PROFILE(SMBmkdir);
4152 status = check_name(conn, directory);
4153 if (!NT_STATUS_IS_OK(status)) {
4154 reply_nterror(req, status);
4155 END_PROFILE(SMBmkdir);
4159 status = create_directory(conn, directory);
4161 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
4163 if (!NT_STATUS_IS_OK(status)) {
4165 if (!use_nt_status()
4166 && NT_STATUS_EQUAL(status,
4167 NT_STATUS_OBJECT_NAME_COLLISION)) {
4169 * Yes, in the DOS error code case we get a
4170 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
4171 * samba4 torture test.
4173 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
4176 reply_nterror(req, status);
4177 END_PROFILE(SMBmkdir);
4181 reply_outbuf(req, 0, 0);
4183 DEBUG( 3, ( "mkdir %s\n", directory ) );
4185 END_PROFILE(SMBmkdir);
4189 /****************************************************************************
4190 Static function used by reply_rmdir to delete an entire directory
4191 tree recursively. Return True on ok, False on fail.
4192 ****************************************************************************/
4194 static BOOL recursive_rmdir(connection_struct *conn, char *directory)
4196 const char *dname = NULL;
4199 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
4204 while((dname = ReadDirName(dir_hnd, &offset))) {
4208 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4211 if (!is_visible_file(conn, directory, dname, &st, False))
4214 /* Construct the full name. */
4215 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
4221 pstrcpy(fullname, directory);
4222 pstrcat(fullname, "/");
4223 pstrcat(fullname, dname);
4225 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
4230 if(st.st_mode & S_IFDIR) {
4231 if(!recursive_rmdir(conn, fullname)) {
4235 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
4239 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
4248 /****************************************************************************
4249 The internals of the rmdir code - called elsewhere.
4250 ****************************************************************************/
4252 NTSTATUS rmdir_internals(connection_struct *conn, const char *directory)
4257 /* Might be a symlink. */
4258 if(SMB_VFS_LSTAT(conn, directory, &st) != 0) {
4259 return map_nt_error_from_unix(errno);
4262 if (S_ISLNK(st.st_mode)) {
4263 /* Is what it points to a directory ? */
4264 if(SMB_VFS_STAT(conn, directory, &st) != 0) {
4265 return map_nt_error_from_unix(errno);
4267 if (!(S_ISDIR(st.st_mode))) {
4268 return NT_STATUS_NOT_A_DIRECTORY;
4270 ret = SMB_VFS_UNLINK(conn,directory);
4272 ret = SMB_VFS_RMDIR(conn,directory);
4275 notify_fname(conn, NOTIFY_ACTION_REMOVED,
4276 FILE_NOTIFY_CHANGE_DIR_NAME,
4278 return NT_STATUS_OK;
4281 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
4283 * Check to see if the only thing in this directory are
4284 * vetoed files/directories. If so then delete them and
4285 * retry. If we fail to delete any of them (and we *don't*
4286 * do a recursive delete) then fail the rmdir.
4290 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
4292 if(dir_hnd == NULL) {
4297 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
4298 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4300 if (!is_visible_file(conn, directory, dname, &st, False))
4302 if(!IS_VETO_PATH(conn, dname)) {
4309 /* We only have veto files/directories. Recursive delete. */
4311 RewindDir(dir_hnd,&dirpos);
4312 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
4315 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4317 if (!is_visible_file(conn, directory, dname, &st, False))
4320 /* Construct the full name. */
4321 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
4326 pstrcpy(fullname, directory);
4327 pstrcat(fullname, "/");
4328 pstrcat(fullname, dname);
4330 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0)
4332 if(st.st_mode & S_IFDIR) {
4333 if(lp_recursive_veto_delete(SNUM(conn))) {
4334 if(!recursive_rmdir(conn, fullname))
4337 if(SMB_VFS_RMDIR(conn,fullname) != 0)
4339 } else if(SMB_VFS_UNLINK(conn,fullname) != 0)
4343 /* Retry the rmdir */
4344 ret = SMB_VFS_RMDIR(conn,directory);
4350 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
4351 "%s\n", directory,strerror(errno)));
4352 return map_nt_error_from_unix(errno);
4355 notify_fname(conn, NOTIFY_ACTION_REMOVED,
4356 FILE_NOTIFY_CHANGE_DIR_NAME,
4359 return NT_STATUS_OK;
4362 /****************************************************************************
4364 ****************************************************************************/
4366 void reply_rmdir(connection_struct *conn, struct smb_request *req)
4369 SMB_STRUCT_STAT sbuf;
4371 START_PROFILE(SMBrmdir);
4373 srvstr_get_path((char *)req->inbuf, req->flags2, directory,
4374 smb_buf(req->inbuf) + 1, sizeof(directory), 0,
4375 STR_TERMINATE, &status);
4376 if (!NT_STATUS_IS_OK(status)) {
4377 reply_nterror(req, status);
4378 END_PROFILE(SMBrmdir);
4382 status = resolve_dfspath(conn,
4383 req->flags2 & FLAGS2_DFS_PATHNAMES,
4385 if (!NT_STATUS_IS_OK(status)) {
4386 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4387 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4388 ERRSRV, ERRbadpath);
4389 END_PROFILE(SMBrmdir);
4392 reply_nterror(req, status);
4393 END_PROFILE(SMBrmdir);
4397 status = unix_convert(conn, directory, False, NULL, &sbuf);
4398 if (!NT_STATUS_IS_OK(status)) {
4399 reply_nterror(req, status);
4400 END_PROFILE(SMBrmdir);
4404 status = check_name(conn, directory);
4405 if (!NT_STATUS_IS_OK(status)) {
4406 reply_nterror(req, status);
4407 END_PROFILE(SMBrmdir);
4411 dptr_closepath(directory, req->smbpid);
4412 status = rmdir_internals(conn, directory);
4413 if (!NT_STATUS_IS_OK(status)) {
4414 reply_nterror(req, status);
4415 END_PROFILE(SMBrmdir);
4419 reply_outbuf(req, 0, 0);
4421 DEBUG( 3, ( "rmdir %s\n", directory ) );
4423 END_PROFILE(SMBrmdir);
4427 /*******************************************************************
4428 Resolve wildcards in a filename rename.
4429 Note that name is in UNIX charset and thus potentially can be more
4430 than fstring buffer (255 bytes) especially in default UTF-8 case.
4431 Therefore, we use pstring inside and all calls should ensure that
4432 name2 is at least pstring-long (they do already)
4433 ********************************************************************/
4435 static BOOL resolve_wildcards(const char *name1, char *name2)
4437 pstring root1,root2;
4439 char *p,*p2, *pname1, *pname2;
4440 int available_space, actual_space;
4442 pname1 = strrchr_m(name1,'/');
4443 pname2 = strrchr_m(name2,'/');
4445 if (!pname1 || !pname2)
4448 pstrcpy(root1,pname1);
4449 pstrcpy(root2,pname2);
4450 p = strrchr_m(root1,'.');
4457 p = strrchr_m(root2,'.');
4471 } else if (*p2 == '*') {
4487 } else if (*p2 == '*') {
4497 available_space = sizeof(pstring) - PTR_DIFF(pname2, name2);
4500 actual_space = snprintf(pname2, available_space - 1, "%s.%s", root2, ext2);
4501 if (actual_space >= available_space - 1) {
4502 DEBUG(1,("resolve_wildcards: can't fit resolved name into specified buffer (overrun by %d bytes)\n",
4503 actual_space - available_space));
4506 pstrcpy_base(pname2, root2, name2);
4512 /****************************************************************************
4513 Ensure open files have their names updated. Updated to notify other smbd's
4515 ****************************************************************************/
4517 static void rename_open_files(connection_struct *conn,
4518 struct share_mode_lock *lck,
4519 const char *newname)
4522 BOOL did_rename = False;
4524 for(fsp = file_find_di_first(lck->id); fsp;
4525 fsp = file_find_di_next(fsp)) {
4526 /* fsp_name is a relative path under the fsp. To change this for other
4527 sharepaths we need to manipulate relative paths. */
4528 /* TODO - create the absolute path and manipulate the newname
4529 relative to the sharepath. */
4530 if (fsp->conn != conn) {
4533 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
4534 fsp->fnum, file_id_static_string(&fsp->file_id),
4535 fsp->fsp_name, newname ));
4536 string_set(&fsp->fsp_name, newname);
4541 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
4542 file_id_static_string(&lck->id), newname ));
4545 /* Send messages to all smbd's (not ourself) that the name has changed. */
4546 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
4550 /****************************************************************************
4551 We need to check if the source path is a parent directory of the destination
4552 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
4553 refuse the rename with a sharing violation. Under UNIX the above call can
4554 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
4555 probably need to check that the client is a Windows one before disallowing
4556 this as a UNIX client (one with UNIX extensions) can know the source is a
4557 symlink and make this decision intelligently. Found by an excellent bug
4558 report from <AndyLiebman@aol.com>.
4559 ****************************************************************************/
4561 static BOOL rename_path_prefix_equal(const char *src, const char *dest)
4563 const char *psrc = src;
4564 const char *pdst = dest;
4567 if (psrc[0] == '.' && psrc[1] == '/') {
4570 if (pdst[0] == '.' && pdst[1] == '/') {
4573 if ((slen = strlen(psrc)) > strlen(pdst)) {
4576 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
4580 * Do the notify calls from a rename
4583 static void notify_rename(connection_struct *conn, BOOL is_dir,
4584 const char *oldpath, const char *newpath)
4586 char *olddir, *newdir;
4587 const char *oldname, *newname;
4590 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
4591 : FILE_NOTIFY_CHANGE_FILE_NAME;
4593 if (!parent_dirname_talloc(NULL, oldpath, &olddir, &oldname)
4594 || !parent_dirname_talloc(NULL, newpath, &newdir, &newname)) {
4595 TALLOC_FREE(olddir);
4599 if (strcmp(olddir, newdir) == 0) {
4600 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
4601 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
4604 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
4605 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
4607 TALLOC_FREE(olddir);
4608 TALLOC_FREE(newdir);
4610 /* this is a strange one. w2k3 gives an additional event for
4611 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
4612 files, but not directories */
4614 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
4615 FILE_NOTIFY_CHANGE_ATTRIBUTES
4616 |FILE_NOTIFY_CHANGE_CREATION,
4621 /****************************************************************************
4622 Rename an open file - given an fsp.
4623 ****************************************************************************/
4625 NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstring newname, uint32 attrs, BOOL replace_if_exists)
4627 SMB_STRUCT_STAT sbuf, sbuf1;
4628 pstring newname_last_component;
4629 NTSTATUS status = NT_STATUS_OK;
4630 struct share_mode_lock *lck = NULL;
4635 status = unix_convert(conn, newname, False, newname_last_component, &sbuf);
4637 /* If an error we expect this to be NT_STATUS_OBJECT_PATH_NOT_FOUND */
4639 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(NT_STATUS_OBJECT_PATH_NOT_FOUND, status)) {
4643 status = check_name(conn, newname);
4644 if (!NT_STATUS_IS_OK(status)) {
4648 /* Ensure newname contains a '/' */
4649 if(strrchr_m(newname,'/') == 0) {
4652 pstrcpy(tmpstr, "./");
4653 pstrcat(tmpstr, newname);
4654 pstrcpy(newname, tmpstr);
4658 * Check for special case with case preserving and not
4659 * case sensitive. If the old last component differs from the original
4660 * last component only by case, then we should allow
4661 * the rename (user is trying to change the case of the
4665 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
4666 strequal(newname, fsp->fsp_name)) {
4668 pstring newname_modified_last_component;
4671 * Get the last component of the modified name.
4672 * Note that we guarantee that newname contains a '/'
4675 p = strrchr_m(newname,'/');
4676 pstrcpy(newname_modified_last_component,p+1);
4678 if(strcsequal(newname_modified_last_component,
4679 newname_last_component) == False) {
4681 * Replace the modified last component with
4684 pstrcpy(p+1, newname_last_component);
4689 * If the src and dest names are identical - including case,
4690 * don't do the rename, just return success.
4693 if (strcsequal(fsp->fsp_name, newname)) {
4694 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
4696 return NT_STATUS_OK;
4700 * Have vfs_object_exist also fill sbuf1
4702 dst_exists = vfs_object_exist(conn, newname, &sbuf1);
4704 if(!replace_if_exists && dst_exists) {
4705 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
4706 fsp->fsp_name,newname));
4707 return NT_STATUS_OBJECT_NAME_COLLISION;
4711 struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1);
4712 files_struct *dst_fsp = file_find_di_first(fileid);
4714 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
4715 return NT_STATUS_ACCESS_DENIED;
4719 /* Ensure we have a valid stat struct for the source. */
4720 if (fsp->fh->fd != -1) {
4721 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) == -1) {
4722 return map_nt_error_from_unix(errno);
4725 if (SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf) == -1) {
4726 return map_nt_error_from_unix(errno);
4730 status = can_rename(conn, fsp, attrs, &sbuf);
4732 if (!NT_STATUS_IS_OK(status)) {
4733 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4734 nt_errstr(status), fsp->fsp_name,newname));
4735 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
4736 status = NT_STATUS_ACCESS_DENIED;
4740 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
4741 return NT_STATUS_ACCESS_DENIED;
4744 lck = get_share_mode_lock(NULL, fsp->file_id, NULL, NULL);
4747 * We have the file open ourselves, so not being able to get the
4748 * corresponding share mode lock is a fatal error.
4751 SMB_ASSERT(lck != NULL);
4753 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
4754 uint32 create_options = fsp->fh->private_options;
4756 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
4757 fsp->fsp_name,newname));
4759 rename_open_files(conn, lck, newname);
4761 notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
4764 * A rename acts as a new file create w.r.t. allowing an initial delete
4765 * on close, probably because in Windows there is a new handle to the
4766 * new file. If initial delete on close was requested but not
4767 * originally set, we need to set it here. This is probably not 100% correct,
4768 * but will work for the CIFSFS client which in non-posix mode
4769 * depends on these semantics. JRA.
4772 set_allow_initial_delete_on_close(lck, fsp, True);
4774 if (create_options & FILE_DELETE_ON_CLOSE) {
4775 status = can_set_delete_on_close(fsp, True, 0);
4777 if (NT_STATUS_IS_OK(status)) {
4778 /* Note that here we set the *inital* delete on close flag,
4779 * not the regular one. The magic gets handled in close. */
4780 fsp->initial_delete_on_close = True;
4784 return NT_STATUS_OK;
4789 if (errno == ENOTDIR || errno == EISDIR) {
4790 status = NT_STATUS_OBJECT_NAME_COLLISION;
4792 status = map_nt_error_from_unix(errno);
4795 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4796 nt_errstr(status), fsp->fsp_name,newname));
4801 /****************************************************************************
4802 The guts of the rename command, split out so it may be called by the NT SMB
4804 ****************************************************************************/
4806 NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req,
4810 BOOL replace_if_exists,
4816 pstring last_component_src;
4817 pstring last_component_dest;
4820 NTSTATUS status = NT_STATUS_OK;
4821 SMB_STRUCT_STAT sbuf1, sbuf2;
4822 struct smb_Dir *dir_hnd = NULL;
4827 *directory = *mask = 0;
4832 status = unix_convert(conn, name, src_has_wild, last_component_src, &sbuf1);
4833 if (!NT_STATUS_IS_OK(status)) {
4837 status = unix_convert(conn, newname, dest_has_wild, last_component_dest, &sbuf2);
4838 if (!NT_STATUS_IS_OK(status)) {
4843 * Split the old name into directory and last component
4844 * strings. Note that unix_convert may have stripped off a
4845 * leading ./ from both name and newname if the rename is
4846 * at the root of the share. We need to make sure either both
4847 * name and newname contain a / character or neither of them do
4848 * as this is checked in resolve_wildcards().
4851 p = strrchr_m(name,'/');
4853 pstrcpy(directory,".");
4857 pstrcpy(directory,name);
4859 *p = '/'; /* Replace needed for exceptional test below. */
4863 * We should only check the mangled cache
4864 * here if unix_convert failed. This means
4865 * that the path in 'mask' doesn't exist
4866 * on the file system and so we need to look
4867 * for a possible mangle. This patch from
4868 * Tine Smukavec <valentin.smukavec@hermes.si>.
4871 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
4872 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
4875 if (!src_has_wild) {
4879 * No wildcards - just process the one file.
4881 BOOL is_short_name = mangle_is_8_3(name, True, conn->params);
4883 /* Add a terminating '/' to the directory name. */
4884 pstrcat(directory,"/");
4885 pstrcat(directory,mask);
4887 /* Ensure newname contains a '/' also */
4888 if(strrchr_m(newname,'/') == 0) {
4891 pstrcpy(tmpstr, "./");
4892 pstrcat(tmpstr, newname);
4893 pstrcpy(newname, tmpstr);
4896 DEBUG(3, ("rename_internals: case_sensitive = %d, "
4897 "case_preserve = %d, short case preserve = %d, "
4898 "directory = %s, newname = %s, "
4899 "last_component_dest = %s, is_8_3 = %d\n",
4900 conn->case_sensitive, conn->case_preserve,
4901 conn->short_case_preserve, directory,
4902 newname, last_component_dest, is_short_name));
4904 /* The dest name still may have wildcards. */
4905 if (dest_has_wild) {
4906 if (!resolve_wildcards(directory,newname)) {
4907 DEBUG(6, ("rename_internals: resolve_wildcards %s %s failed\n",
4908 directory,newname));
4909 return NT_STATUS_NO_MEMORY;
4914 SMB_VFS_STAT(conn, directory, &sbuf1);
4916 status = S_ISDIR(sbuf1.st_mode) ?
4917 open_directory(conn, req, directory, &sbuf1,
4919 FILE_SHARE_READ|FILE_SHARE_WRITE,
4920 FILE_OPEN, 0, 0, NULL,
4922 : open_file_ntcreate(conn, req, directory, &sbuf1,
4924 FILE_SHARE_READ|FILE_SHARE_WRITE,
4925 FILE_OPEN, 0, 0, 0, NULL,
4928 if (!NT_STATUS_IS_OK(status)) {
4929 DEBUG(3, ("Could not open rename source %s: %s\n",
4930 directory, nt_errstr(status)));
4934 status = rename_internals_fsp(conn, fsp, newname, attrs,
4937 close_file(fsp, NORMAL_CLOSE);
4939 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
4940 nt_errstr(status), directory,newname));
4946 * Wildcards - process each file that matches.
4948 if (strequal(mask,"????????.???")) {
4952 status = check_name(conn, directory);
4953 if (!NT_STATUS_IS_OK(status)) {
4957 dir_hnd = OpenDir(conn, directory, mask, attrs);
4958 if (dir_hnd == NULL) {
4959 return map_nt_error_from_unix(errno);
4962 status = NT_STATUS_NO_SUCH_FILE;
4964 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
4965 * - gentest fix. JRA
4968 while ((dname = ReadDirName(dir_hnd, &offset))) {
4971 BOOL sysdir_entry = False;
4973 pstrcpy(fname,dname);
4975 /* Quick check for "." and ".." */
4976 if (fname[0] == '.') {
4977 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
4979 sysdir_entry = True;
4986 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
4990 if(!mask_match(fname, mask, conn->case_sensitive)) {
4995 status = NT_STATUS_OBJECT_NAME_INVALID;
4999 slprintf(fname, sizeof(fname)-1, "%s/%s", directory, dname);
5001 pstrcpy(destname,newname);
5003 if (!resolve_wildcards(fname,destname)) {
5004 DEBUG(6, ("resolve_wildcards %s %s failed\n",
5010 SMB_VFS_STAT(conn, fname, &sbuf1);
5012 status = S_ISDIR(sbuf1.st_mode) ?
5013 open_directory(conn, req, fname, &sbuf1,
5015 FILE_SHARE_READ|FILE_SHARE_WRITE,
5016 FILE_OPEN, 0, 0, NULL,
5018 : open_file_ntcreate(conn, req, fname, &sbuf1,
5020 FILE_SHARE_READ|FILE_SHARE_WRITE,
5021 FILE_OPEN, 0, 0, 0, NULL,
5024 if (!NT_STATUS_IS_OK(status)) {
5025 DEBUG(3,("rename_internals: open_file_ntcreate "
5026 "returned %s rename %s -> %s\n",
5027 nt_errstr(status), directory, newname));
5031 status = rename_internals_fsp(conn, fsp, destname, attrs,
5034 close_file(fsp, NORMAL_CLOSE);
5036 if (!NT_STATUS_IS_OK(status)) {
5037 DEBUG(3, ("rename_internals_fsp returned %s for "
5038 "rename %s -> %s\n", nt_errstr(status),
5039 directory, newname));
5045 DEBUG(3,("rename_internals: doing rename on %s -> "
5046 "%s\n",fname,destname));
5050 if (count == 0 && NT_STATUS_IS_OK(status)) {
5051 status = map_nt_error_from_unix(errno);
5057 /****************************************************************************
5059 ****************************************************************************/
5061 int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
5068 uint32 attrs = SVAL(inbuf,smb_vwv0);
5070 BOOL src_has_wcard = False;
5071 BOOL dest_has_wcard = False;
5072 struct smb_request req;
5074 START_PROFILE(SMBmv);
5076 init_smb_request(&req, (uint8 *)inbuf);
5078 p = smb_buf(inbuf) + 1;
5079 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, p,
5080 sizeof(name), 0, STR_TERMINATE, &status,
5082 if (!NT_STATUS_IS_OK(status)) {
5084 return ERROR_NT(status);
5087 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), newname, p,
5088 sizeof(newname), 0, STR_TERMINATE, &status,
5090 if (!NT_STATUS_IS_OK(status)) {
5092 return ERROR_NT(status);
5095 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &src_has_wcard);
5096 if (!NT_STATUS_IS_OK(status)) {
5098 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5099 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5101 return ERROR_NT(status);
5104 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wcard);
5105 if (!NT_STATUS_IS_OK(status)) {
5107 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5108 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5110 return ERROR_NT(status);
5113 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
5115 status = rename_internals(conn, &req, name, newname, attrs, False,
5116 src_has_wcard, dest_has_wcard);
5117 if (!NT_STATUS_IS_OK(status)) {
5119 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
5120 /* We have re-scheduled this call. */
5123 return ERROR_NT(status);
5126 outsize = set_message(inbuf,outbuf,0,0,False);
5132 /*******************************************************************
5133 Copy a file as part of a reply_copy.
5134 ******************************************************************/
5137 * TODO: check error codes on all callers
5140 NTSTATUS copy_file(connection_struct *conn,
5145 BOOL target_is_directory)
5147 SMB_STRUCT_STAT src_sbuf, sbuf2;
5149 files_struct *fsp1,*fsp2;
5152 uint32 new_create_disposition;
5155 pstrcpy(dest,dest1);
5156 if (target_is_directory) {
5157 char *p = strrchr_m(src,'/');
5167 if (!vfs_file_exist(conn,src,&src_sbuf)) {
5168 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
5171 if (!target_is_directory && count) {
5172 new_create_disposition = FILE_OPEN;
5174 if (!map_open_params_to_ntcreate(dest1,0,ofun,
5175 NULL, NULL, &new_create_disposition, NULL)) {
5176 return NT_STATUS_INVALID_PARAMETER;
5180 status = open_file_ntcreate(conn, NULL, src, &src_sbuf,
5182 FILE_SHARE_READ|FILE_SHARE_WRITE,
5185 FILE_ATTRIBUTE_NORMAL,
5189 if (!NT_STATUS_IS_OK(status)) {
5193 dosattrs = dos_mode(conn, src, &src_sbuf);
5194 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
5195 ZERO_STRUCTP(&sbuf2);
5198 status = open_file_ntcreate(conn, NULL, dest, &sbuf2,
5200 FILE_SHARE_READ|FILE_SHARE_WRITE,
5201 new_create_disposition,
5207 if (!NT_STATUS_IS_OK(status)) {
5208 close_file(fsp1,ERROR_CLOSE);
5212 if ((ofun&3) == 1) {
5213 if(SMB_VFS_LSEEK(fsp2,fsp2->fh->fd,0,SEEK_END) == -1) {
5214 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
5216 * Stop the copy from occurring.
5219 src_sbuf.st_size = 0;
5223 if (src_sbuf.st_size) {
5224 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
5227 close_file(fsp1,NORMAL_CLOSE);
5229 /* Ensure the modtime is set correctly on the destination file. */
5230 fsp_set_pending_modtime( fsp2, get_mtimespec(&src_sbuf));
5233 * As we are opening fsp1 read-only we only expect
5234 * an error on close on fsp2 if we are out of space.
5235 * Thus we don't look at the error return from the
5238 status = close_file(fsp2,NORMAL_CLOSE);
5240 if (!NT_STATUS_IS_OK(status)) {
5244 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
5245 return NT_STATUS_DISK_FULL;
5248 return NT_STATUS_OK;
5251 /****************************************************************************
5252 Reply to a file copy.
5253 ****************************************************************************/
5255 int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5260 pstring mask,newname;
5263 int error = ERRnoaccess;
5265 int tid2 = SVAL(inbuf,smb_vwv0);
5266 int ofun = SVAL(inbuf,smb_vwv1);
5267 int flags = SVAL(inbuf,smb_vwv2);
5268 BOOL target_is_directory=False;
5269 BOOL source_has_wild = False;
5270 BOOL dest_has_wild = False;
5271 SMB_STRUCT_STAT sbuf1, sbuf2;
5273 START_PROFILE(SMBcopy);
5275 *directory = *mask = 0;
5278 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, p,
5279 sizeof(name), 0, STR_TERMINATE, &status,
5281 if (!NT_STATUS_IS_OK(status)) {
5282 END_PROFILE(SMBcopy);
5283 return ERROR_NT(status);
5285 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), newname, p,
5286 sizeof(newname), 0, STR_TERMINATE, &status,
5288 if (!NT_STATUS_IS_OK(status)) {
5289 END_PROFILE(SMBcopy);
5290 return ERROR_NT(status);
5293 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
5295 if (tid2 != conn->cnum) {
5296 /* can't currently handle inter share copies XXXX */
5297 DEBUG(3,("Rejecting inter-share copy\n"));
5298 END_PROFILE(SMBcopy);
5299 return ERROR_DOS(ERRSRV,ERRinvdevice);
5302 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &source_has_wild);
5303 if (!NT_STATUS_IS_OK(status)) {
5304 END_PROFILE(SMBcopy);
5305 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5306 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5308 return ERROR_NT(status);
5311 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wild);
5312 if (!NT_STATUS_IS_OK(status)) {
5313 END_PROFILE(SMBcopy);
5314 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5315 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5317 return ERROR_NT(status);
5320 status = unix_convert(conn, name, source_has_wild, NULL, &sbuf1);
5321 if (!NT_STATUS_IS_OK(status)) {
5322 END_PROFILE(SMBcopy);
5323 return ERROR_NT(status);
5326 status = unix_convert(conn, newname, dest_has_wild, NULL, &sbuf2);
5327 if (!NT_STATUS_IS_OK(status)) {
5328 END_PROFILE(SMBcopy);
5329 return ERROR_NT(status);
5332 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
5334 if ((flags&1) && target_is_directory) {
5335 END_PROFILE(SMBcopy);
5336 return ERROR_DOS(ERRDOS,ERRbadfile);
5339 if ((flags&2) && !target_is_directory) {
5340 END_PROFILE(SMBcopy);
5341 return ERROR_DOS(ERRDOS,ERRbadpath);
5344 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
5345 /* wants a tree copy! XXXX */
5346 DEBUG(3,("Rejecting tree copy\n"));
5347 END_PROFILE(SMBcopy);
5348 return ERROR_DOS(ERRSRV,ERRerror);
5351 p = strrchr_m(name,'/');
5353 pstrcpy(directory,"./");
5357 pstrcpy(directory,name);
5362 * We should only check the mangled cache
5363 * here if unix_convert failed. This means
5364 * that the path in 'mask' doesn't exist
5365 * on the file system and so we need to look
5366 * for a possible mangle. This patch from
5367 * Tine Smukavec <valentin.smukavec@hermes.si>.
5370 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
5371 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
5374 if (!source_has_wild) {
5375 pstrcat(directory,"/");
5376 pstrcat(directory,mask);
5377 if (dest_has_wild) {
5378 if (!resolve_wildcards(directory,newname)) {
5379 END_PROFILE(SMBcopy);
5380 return ERROR_NT(NT_STATUS_NO_MEMORY);
5384 status = check_name(conn, directory);
5385 if (!NT_STATUS_IS_OK(status)) {
5386 return ERROR_NT(status);
5389 status = check_name(conn, newname);
5390 if (!NT_STATUS_IS_OK(status)) {
5391 return ERROR_NT(status);
5394 status = copy_file(conn,directory,newname,ofun,
5395 count,target_is_directory);
5397 if(!NT_STATUS_IS_OK(status)) {
5398 END_PROFILE(SMBcopy);
5399 return ERROR_NT(status);
5404 struct smb_Dir *dir_hnd = NULL;
5409 if (strequal(mask,"????????.???"))
5412 status = check_name(conn, directory);
5413 if (!NT_STATUS_IS_OK(status)) {
5414 return ERROR_NT(status);
5417 dir_hnd = OpenDir(conn, directory, mask, 0);
5418 if (dir_hnd == NULL) {
5419 status = map_nt_error_from_unix(errno);
5420 return ERROR_NT(status);
5425 while ((dname = ReadDirName(dir_hnd, &offset))) {
5427 pstrcpy(fname,dname);
5429 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
5433 if(!mask_match(fname, mask, conn->case_sensitive)) {
5437 error = ERRnoaccess;
5438 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
5439 pstrcpy(destname,newname);
5440 if (!resolve_wildcards(fname,destname)) {
5444 status = check_name(conn, fname);
5445 if (!NT_STATUS_IS_OK(status)) {
5446 return ERROR_NT(status);
5449 status = check_name(conn, destname);
5450 if (!NT_STATUS_IS_OK(status)) {
5451 return ERROR_NT(status);
5454 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname));
5456 status = copy_file(conn,fname,destname,ofun,
5457 count,target_is_directory);
5458 if (NT_STATUS_IS_OK(status)) {
5467 /* Error on close... */
5469 END_PROFILE(SMBcopy);
5470 return(UNIXERROR(ERRHRD,ERRgeneral));
5473 END_PROFILE(SMBcopy);
5474 return ERROR_DOS(ERRDOS,error);
5477 outsize = set_message(inbuf,outbuf,1,0,True);
5478 SSVAL(outbuf,smb_vwv0,count);
5480 END_PROFILE(SMBcopy);
5484 /****************************************************************************
5486 ****************************************************************************/
5488 int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5495 START_PROFILE(pathworks_setdir);
5498 if (!CAN_SETDIR(snum)) {
5499 END_PROFILE(pathworks_setdir);
5500 return ERROR_DOS(ERRDOS,ERRnoaccess);
5503 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), newdir,
5504 smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE,
5506 if (!NT_STATUS_IS_OK(status)) {
5507 END_PROFILE(pathworks_setdir);
5508 return ERROR_NT(status);
5511 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newdir);
5512 if (!NT_STATUS_IS_OK(status)) {
5513 END_PROFILE(pathworks_setdir);
5514 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5515 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5517 return ERROR_NT(status);
5520 if (strlen(newdir) != 0) {
5521 if (!vfs_directory_exist(conn,newdir,NULL)) {
5522 END_PROFILE(pathworks_setdir);
5523 return ERROR_DOS(ERRDOS,ERRbadpath);
5525 set_conn_connectpath(conn,newdir);
5528 outsize = set_message(inbuf,outbuf,0,0,False);
5529 SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh));
5531 DEBUG(3,("setdir %s\n", newdir));
5533 END_PROFILE(pathworks_setdir);
5538 #define DBGC_CLASS DBGC_LOCKING
5540 /****************************************************************************
5541 Get a lock pid, dealing with large count requests.
5542 ****************************************************************************/
5544 uint32 get_lock_pid( char *data, int data_offset, BOOL large_file_format)
5546 if(!large_file_format)
5547 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
5549 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
5552 /****************************************************************************
5553 Get a lock count, dealing with large count requests.
5554 ****************************************************************************/
5556 SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format)
5558 SMB_BIG_UINT count = 0;
5560 if(!large_file_format) {
5561 count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
5564 #if defined(HAVE_LONGLONG)
5565 count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
5566 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
5567 #else /* HAVE_LONGLONG */
5570 * NT4.x seems to be broken in that it sends large file (64 bit)
5571 * lockingX calls even if the CAP_LARGE_FILES was *not*
5572 * negotiated. For boxes without large unsigned ints truncate the
5573 * lock count by dropping the top 32 bits.
5576 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
5577 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
5578 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
5579 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
5580 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
5583 count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
5584 #endif /* HAVE_LONGLONG */
5590 #if !defined(HAVE_LONGLONG)
5591 /****************************************************************************
5592 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
5593 ****************************************************************************/
5595 static uint32 map_lock_offset(uint32 high, uint32 low)
5599 uint32 highcopy = high;
5602 * Try and find out how many significant bits there are in high.
5605 for(i = 0; highcopy; i++)
5609 * We use 31 bits not 32 here as POSIX
5610 * lock offsets may not be negative.
5613 mask = (~0) << (31 - i);
5616 return 0; /* Fail. */
5622 #endif /* !defined(HAVE_LONGLONG) */
5624 /****************************************************************************
5625 Get a lock offset, dealing with large offset requests.
5626 ****************************************************************************/
5628 SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err)
5630 SMB_BIG_UINT offset = 0;
5634 if(!large_file_format) {
5635 offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
5638 #if defined(HAVE_LONGLONG)
5639 offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
5640 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
5641 #else /* HAVE_LONGLONG */
5644 * NT4.x seems to be broken in that it sends large file (64 bit)
5645 * lockingX calls even if the CAP_LARGE_FILES was *not*
5646 * negotiated. For boxes without large unsigned ints mangle the
5647 * lock offset by mapping the top 32 bits onto the lower 32.
5650 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
5651 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5652 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
5655 if((new_low = map_lock_offset(high, low)) == 0) {
5657 return (SMB_BIG_UINT)-1;
5660 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
5661 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
5662 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
5663 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
5666 offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5667 #endif /* HAVE_LONGLONG */
5673 /****************************************************************************
5674 Reply to a lockingX request.
5675 ****************************************************************************/
5677 int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf,
5678 int length, int bufsize)
5680 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv2));
5681 unsigned char locktype = CVAL(inbuf,smb_vwv3);
5682 unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1);
5683 uint16 num_ulocks = SVAL(inbuf,smb_vwv6);
5684 uint16 num_locks = SVAL(inbuf,smb_vwv7);
5685 SMB_BIG_UINT count = 0, offset = 0;
5687 int32 lock_timeout = IVAL(inbuf,smb_vwv4);
5690 BOOL large_file_format =
5691 (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
5693 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
5695 START_PROFILE(SMBlockingX);
5697 CHECK_FSP(fsp,conn);
5699 data = smb_buf(inbuf);
5701 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
5702 /* we don't support these - and CANCEL_LOCK makes w2k
5703 and XP reboot so I don't really want to be
5704 compatible! (tridge) */
5705 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
5708 /* Check if this is an oplock break on a file
5709 we have granted an oplock on.
5711 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
5712 /* Client can insist on breaking to none. */
5713 BOOL break_to_none = (oplocklevel == 0);
5716 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
5717 "for fnum = %d\n", (unsigned int)oplocklevel,
5721 * Make sure we have granted an exclusive or batch oplock on
5725 if (fsp->oplock_type == 0) {
5727 /* The Samba4 nbench simulator doesn't understand
5728 the difference between break to level2 and break
5729 to none from level2 - it sends oplock break
5730 replies in both cases. Don't keep logging an error
5731 message here - just ignore it. JRA. */
5733 DEBUG(5,("reply_lockingX: Error : oplock break from "
5734 "client for fnum = %d (oplock=%d) and no "
5735 "oplock granted on this file (%s).\n",
5736 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
5738 /* if this is a pure oplock break request then don't
5740 if (num_locks == 0 && num_ulocks == 0) {
5741 END_PROFILE(SMBlockingX);
5744 END_PROFILE(SMBlockingX);
5745 return ERROR_DOS(ERRDOS,ERRlock);
5749 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
5751 result = remove_oplock(fsp);
5753 result = downgrade_oplock(fsp);
5757 DEBUG(0, ("reply_lockingX: error in removing "
5758 "oplock on file %s\n", fsp->fsp_name));
5759 /* Hmmm. Is this panic justified? */
5760 smb_panic("internal tdb error");
5763 reply_to_oplock_break_requests(fsp);
5765 /* if this is a pure oplock break request then don't send a
5767 if (num_locks == 0 && num_ulocks == 0) {
5768 /* Sanity check - ensure a pure oplock break is not a
5770 if(CVAL(inbuf,smb_vwv0) != 0xff)
5771 DEBUG(0,("reply_lockingX: Error : pure oplock "
5772 "break is a chained %d request !\n",
5773 (unsigned int)CVAL(inbuf,smb_vwv0) ));
5774 END_PROFILE(SMBlockingX);
5780 * We do this check *after* we have checked this is not a oplock break
5781 * response message. JRA.
5784 release_level_2_oplocks_on_change(fsp);
5786 /* Data now points at the beginning of the list
5787 of smb_unlkrng structs */
5788 for(i = 0; i < (int)num_ulocks; i++) {
5789 lock_pid = get_lock_pid( data, i, large_file_format);
5790 count = get_lock_count( data, i, large_file_format);
5791 offset = get_lock_offset( data, i, large_file_format, &err);
5794 * There is no error code marked "stupid client bug".... :-).
5797 END_PROFILE(SMBlockingX);
5798 return ERROR_DOS(ERRDOS,ERRnoaccess);
5801 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
5802 "pid %u, file %s\n", (double)offset, (double)count,
5803 (unsigned int)lock_pid, fsp->fsp_name ));
5805 status = do_unlock(smbd_messaging_context(),
5812 if (NT_STATUS_V(status)) {
5813 END_PROFILE(SMBlockingX);
5814 return ERROR_NT(status);
5818 /* Setup the timeout in seconds. */
5820 if (!lp_blocking_locks(SNUM(conn))) {
5824 /* Now do any requested locks */
5825 data += ((large_file_format ? 20 : 10)*num_ulocks);
5827 /* Data now points at the beginning of the list
5828 of smb_lkrng structs */
5830 for(i = 0; i < (int)num_locks; i++) {
5831 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
5832 READ_LOCK:WRITE_LOCK);
5833 lock_pid = get_lock_pid( data, i, large_file_format);
5834 count = get_lock_count( data, i, large_file_format);
5835 offset = get_lock_offset( data, i, large_file_format, &err);
5838 * There is no error code marked "stupid client bug".... :-).
5841 END_PROFILE(SMBlockingX);
5842 return ERROR_DOS(ERRDOS,ERRnoaccess);
5845 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
5846 "%u, file %s timeout = %d\n", (double)offset,
5847 (double)count, (unsigned int)lock_pid,
5848 fsp->fsp_name, (int)lock_timeout ));
5850 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
5851 if (lp_blocking_locks(SNUM(conn))) {
5853 /* Schedule a message to ourselves to
5854 remove the blocking lock record and
5855 return the right error. */
5857 if (!blocking_lock_cancel(fsp,
5863 NT_STATUS_FILE_LOCK_CONFLICT)) {
5864 END_PROFILE(SMBlockingX);
5865 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRcancelviolation));
5868 /* Remove a matching pending lock. */
5869 status = do_lock_cancel(fsp,
5875 BOOL blocking_lock = lock_timeout ? True : False;
5876 BOOL defer_lock = False;
5877 struct byte_range_lock *br_lck;
5878 uint32 block_smbpid;
5880 br_lck = do_lock(smbd_messaging_context(),
5891 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
5892 /* Windows internal resolution for blocking locks seems
5893 to be about 200ms... Don't wait for less than that. JRA. */
5894 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
5895 lock_timeout = lp_lock_spin_time();
5900 /* This heuristic seems to match W2K3 very well. If a
5901 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
5902 it pretends we asked for a timeout of between 150 - 300 milliseconds as
5903 far as I can tell. Replacement for do_lock_spin(). JRA. */
5905 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
5906 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
5908 lock_timeout = lp_lock_spin_time();
5911 if (br_lck && defer_lock) {
5913 * A blocking lock was requested. Package up
5914 * this smb into a queued request and push it
5915 * onto the blocking lock queue.
5917 if(push_blocking_lock_request(br_lck,
5928 TALLOC_FREE(br_lck);
5929 END_PROFILE(SMBlockingX);
5934 TALLOC_FREE(br_lck);
5937 if (NT_STATUS_V(status)) {
5938 END_PROFILE(SMBlockingX);
5939 return ERROR_NT(status);
5943 /* If any of the above locks failed, then we must unlock
5944 all of the previous locks (X/Open spec). */
5946 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
5950 * Ensure we don't do a remove on the lock that just failed,
5951 * as under POSIX rules, if we have a lock already there, we
5952 * will delete it (and we shouldn't) .....
5954 for(i--; i >= 0; i--) {
5955 lock_pid = get_lock_pid( data, i, large_file_format);
5956 count = get_lock_count( data, i, large_file_format);
5957 offset = get_lock_offset( data, i, large_file_format,
5961 * There is no error code marked "stupid client
5965 END_PROFILE(SMBlockingX);
5966 return ERROR_DOS(ERRDOS,ERRnoaccess);
5969 do_unlock(smbd_messaging_context(),
5976 END_PROFILE(SMBlockingX);
5977 return ERROR_NT(status);
5980 set_message(inbuf,outbuf,2,0,True);
5982 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
5983 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
5985 END_PROFILE(SMBlockingX);
5986 return chain_reply(inbuf,&outbuf,length,bufsize);
5990 #define DBGC_CLASS DBGC_ALL
5992 /****************************************************************************
5993 Reply to a SMBreadbmpx (read block multiplex) request.
5994 ****************************************************************************/
5996 int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
6007 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6008 START_PROFILE(SMBreadBmpx);
6010 /* this function doesn't seem to work - disable by default */
6011 if (!lp_readbmpx()) {
6012 END_PROFILE(SMBreadBmpx);
6013 return ERROR_DOS(ERRSRV,ERRuseSTD);
6016 outsize = set_message(inbuf,outbuf,8,0,True);
6018 CHECK_FSP(fsp,conn);
6019 if (!CHECK_READ(fsp,inbuf)) {
6020 return(ERROR_DOS(ERRDOS,ERRbadaccess));
6023 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
6024 maxcount = SVAL(inbuf,smb_vwv3);
6026 data = smb_buf(outbuf);
6027 pad = ((long)data)%4;
6032 max_per_packet = bufsize-(outsize+pad);
6036 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
6037 END_PROFILE(SMBreadBmpx);
6038 return ERROR_DOS(ERRDOS,ERRlock);
6042 size_t N = MIN(max_per_packet,tcount-total_read);
6044 nread = read_file(fsp,data,startpos,N);
6049 if (nread < (ssize_t)N)
6050 tcount = total_read + nread;
6052 set_message(inbuf,outbuf,8,nread+pad,False);
6053 SIVAL(outbuf,smb_vwv0,startpos);
6054 SSVAL(outbuf,smb_vwv2,tcount);
6055 SSVAL(outbuf,smb_vwv6,nread);
6056 SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf));
6059 if (!send_smb(smbd_server_fd(),outbuf))
6060 exit_server_cleanly("reply_readbmpx: send_smb failed.");
6062 total_read += nread;
6064 } while (total_read < (ssize_t)tcount);
6066 END_PROFILE(SMBreadBmpx);
6070 /****************************************************************************
6071 Reply to a SMBsetattrE.
6072 ****************************************************************************/
6074 int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
6076 struct timespec ts[2];
6078 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6079 START_PROFILE(SMBsetattrE);
6081 outsize = set_message(inbuf,outbuf,0,0,False);
6083 if(!fsp || (fsp->conn != conn)) {
6084 END_PROFILE(SMBsetattrE);
6085 return ERROR_DOS(ERRDOS,ERRbadfid);
6089 * Convert the DOS times into unix times. Ignore create
6090 * time as UNIX can't set this.
6093 ts[0] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv3)); /* atime. */
6094 ts[1] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv5)); /* mtime. */
6097 * Patch from Ray Frush <frush@engr.colostate.edu>
6098 * Sometimes times are sent as zero - ignore them.
6101 if (null_timespec(ts[0]) && null_timespec(ts[1])) {
6102 /* Ignore request */
6103 if( DEBUGLVL( 3 ) ) {
6104 dbgtext( "reply_setattrE fnum=%d ", fsp->fnum);
6105 dbgtext( "ignoring zero request - not setting timestamps of 0\n" );
6107 END_PROFILE(SMBsetattrE);
6109 } else if (!null_timespec(ts[0]) && null_timespec(ts[1])) {
6110 /* set modify time = to access time if modify time was unset */
6114 /* Set the date on this file */
6115 /* Should we set pending modtime here ? JRA */
6116 if(file_ntimes(conn, fsp->fsp_name, ts)) {
6117 END_PROFILE(SMBsetattrE);
6118 return ERROR_DOS(ERRDOS,ERRnoaccess);
6121 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n",
6123 (unsigned int)ts[0].tv_sec,
6124 (unsigned int)ts[1].tv_sec));
6126 END_PROFILE(SMBsetattrE);
6131 /* Back from the dead for OS/2..... JRA. */
6133 /****************************************************************************
6134 Reply to a SMBwritebmpx (write block multiplex primary) request.
6135 ****************************************************************************/
6137 int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
6140 ssize_t nwritten = -1;
6147 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6149 START_PROFILE(SMBwriteBmpx);
6151 CHECK_FSP(fsp,conn);
6152 if (!CHECK_WRITE(fsp)) {
6153 return(ERROR_DOS(ERRDOS,ERRbadaccess));
6155 if (HAS_CACHED_ERROR(fsp)) {
6156 return(CACHED_ERROR(fsp));
6159 tcount = SVAL(inbuf,smb_vwv1);
6160 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
6161 write_through = BITSETW(inbuf+smb_vwv7,0);
6162 numtowrite = SVAL(inbuf,smb_vwv10);
6163 smb_doff = SVAL(inbuf,smb_vwv11);
6165 data = smb_base(inbuf) + smb_doff;
6167 /* If this fails we need to send an SMBwriteC response,
6168 not an SMBwritebmpx - set this up now so we don't forget */
6169 SCVAL(outbuf,smb_com,SMBwritec);
6171 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) {
6172 END_PROFILE(SMBwriteBmpx);
6173 return(ERROR_DOS(ERRDOS,ERRlock));
6176 nwritten = write_file(fsp,data,startpos,numtowrite);
6178 status = sync_file(conn, fsp, write_through);
6179 if (!NT_STATUS_IS_OK(status)) {
6180 END_PROFILE(SMBwriteBmpx);
6181 DEBUG(5,("reply_writebmpx: sync_file for %s returned %s\n",
6182 fsp->fsp_name, nt_errstr(status) ));
6183 return ERROR_NT(status);
6186 if(nwritten < (ssize_t)numtowrite) {
6187 END_PROFILE(SMBwriteBmpx);
6188 return(UNIXERROR(ERRHRD,ERRdiskfull));
6191 /* If the maximum to be written to this file
6192 is greater than what we just wrote then set
6193 up a secondary struct to be attached to this
6194 fd, we will use this to cache error messages etc. */
6196 if((ssize_t)tcount > nwritten) {
6197 write_bmpx_struct *wbms;
6198 if(fsp->wbmpx_ptr != NULL)
6199 wbms = fsp->wbmpx_ptr; /* Use an existing struct */
6201 wbms = SMB_MALLOC_P(write_bmpx_struct);
6203 DEBUG(0,("Out of memory in reply_readmpx\n"));
6204 END_PROFILE(SMBwriteBmpx);
6205 return(ERROR_DOS(ERRSRV,ERRnoresource));
6207 wbms->wr_mode = write_through;
6208 wbms->wr_discard = False; /* No errors yet */
6209 wbms->wr_total_written = nwritten;
6210 wbms->wr_errclass = 0;
6212 fsp->wbmpx_ptr = wbms;
6215 /* We are returning successfully, set the message type back to
6217 SCVAL(outbuf,smb_com,SMBwriteBmpx);
6219 outsize = set_message(inbuf,outbuf,1,0,True);
6221 SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */
6223 DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n",
6224 fsp->fnum, (int)numtowrite, (int)nwritten ) );
6226 if (write_through && tcount==nwritten) {
6227 /* We need to send both a primary and a secondary response */
6228 smb_setlen(inbuf,outbuf,outsize - 4);
6230 if (!send_smb(smbd_server_fd(),outbuf))
6231 exit_server_cleanly("reply_writebmpx: send_smb failed.");
6233 /* Now the secondary */
6234 outsize = set_message(inbuf,outbuf,1,0,True);
6235 SCVAL(outbuf,smb_com,SMBwritec);
6236 SSVAL(outbuf,smb_vwv0,nwritten);
6239 END_PROFILE(SMBwriteBmpx);
6243 /****************************************************************************
6244 Reply to a SMBwritebs (write block multiplex secondary) request.
6245 ****************************************************************************/
6247 int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
6250 ssize_t nwritten = -1;
6257 write_bmpx_struct *wbms;
6258 BOOL send_response = False;
6259 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6261 START_PROFILE(SMBwriteBs);
6263 CHECK_FSP(fsp,conn);
6264 if (!CHECK_WRITE(fsp)) {
6265 return(ERROR_DOS(ERRDOS,ERRbadaccess));
6268 tcount = SVAL(inbuf,smb_vwv1);
6269 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
6270 numtowrite = SVAL(inbuf,smb_vwv6);
6271 smb_doff = SVAL(inbuf,smb_vwv7);
6273 data = smb_base(inbuf) + smb_doff;
6275 /* We need to send an SMBwriteC response, not an SMBwritebs */
6276 SCVAL(outbuf,smb_com,SMBwritec);
6278 /* This fd should have an auxiliary struct attached,
6279 check that it does */
6280 wbms = fsp->wbmpx_ptr;
6282 END_PROFILE(SMBwriteBs);
6286 /* If write through is set we can return errors, else we must cache them */
6287 write_through = wbms->wr_mode;
6289 /* Check for an earlier error */
6290 if(wbms->wr_discard) {
6291 END_PROFILE(SMBwriteBs);
6292 return -1; /* Just discard the packet */
6295 nwritten = write_file(fsp,data,startpos,numtowrite);
6297 status = sync_file(conn, fsp, write_through);
6299 if (nwritten < (ssize_t)numtowrite || !NT_STATUS_IS_OK(status)) {
6301 /* We are returning an error - we can delete the aux struct */
6304 fsp->wbmpx_ptr = NULL;
6305 END_PROFILE(SMBwriteBs);
6306 return(ERROR_DOS(ERRHRD,ERRdiskfull));
6308 wbms->wr_errclass = ERRHRD;
6309 wbms->wr_error = ERRdiskfull;
6310 wbms->wr_status = NT_STATUS_DISK_FULL;
6311 wbms->wr_discard = True;
6312 END_PROFILE(SMBwriteBs);
6316 /* Increment the total written, if this matches tcount
6317 we can discard the auxiliary struct (hurrah !) and return a writeC */
6318 wbms->wr_total_written += nwritten;
6319 if(wbms->wr_total_written >= tcount) {
6320 if (write_through) {
6321 outsize = set_message(inbuf,outbuf,1,0,True);
6322 SSVAL(outbuf,smb_vwv0,wbms->wr_total_written);
6323 send_response = True;
6327 fsp->wbmpx_ptr = NULL;
6331 END_PROFILE(SMBwriteBs);
6335 END_PROFILE(SMBwriteBs);
6339 /****************************************************************************
6340 Reply to a SMBgetattrE.
6341 ****************************************************************************/
6343 int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
6345 SMB_STRUCT_STAT sbuf;
6348 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6349 START_PROFILE(SMBgetattrE);
6351 outsize = set_message(inbuf,outbuf,11,0,True);
6353 if(!fsp || (fsp->conn != conn)) {
6354 END_PROFILE(SMBgetattrE);
6355 return ERROR_DOS(ERRDOS,ERRbadfid);
6358 /* Do an fstat on this file */
6359 if(fsp_stat(fsp, &sbuf)) {
6360 END_PROFILE(SMBgetattrE);
6361 return(UNIXERROR(ERRDOS,ERRnoaccess));
6364 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
6367 * Convert the times into dos times. Set create
6368 * date to be last modify date as UNIX doesn't save
6372 srv_put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn))));
6373 srv_put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime);
6374 /* Should we check pending modtime here ? JRA */
6375 srv_put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime);
6378 SIVAL(outbuf,smb_vwv6,0);
6379 SIVAL(outbuf,smb_vwv8,0);
6381 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
6382 SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size);
6383 SIVAL(outbuf,smb_vwv8,allocation_size);
6385 SSVAL(outbuf,smb_vwv10, mode);
6387 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
6389 END_PROFILE(SMBgetattrE);