2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol;
32 unsigned int smb_echo_count = 0;
33 extern uint32 global_client_caps;
35 extern struct current_user current_user;
36 extern BOOL global_encrypted_passwords_negotiated;
38 /****************************************************************************
39 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
40 path or anything including wildcards.
41 We're assuming here that '/' is not the second byte in any multibyte char
42 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
44 ****************************************************************************/
46 /* Custom version for processing POSIX paths. */
47 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
49 static NTSTATUS check_path_syntax_internal(char *path,
51 BOOL *p_last_component_contains_wcard)
55 NTSTATUS ret = NT_STATUS_OK;
56 BOOL start_of_name_component = True;
58 *p_last_component_contains_wcard = False;
61 if (IS_PATH_SEP(*s,posix_path)) {
63 * Safe to assume is not the second part of a mb char
64 * as this is handled below.
66 /* Eat multiple '/' or '\\' */
67 while (IS_PATH_SEP(*s,posix_path)) {
70 if ((d != path) && (*s != '\0')) {
71 /* We only care about non-leading or trailing '/' or '\\' */
75 start_of_name_component = True;
77 *p_last_component_contains_wcard = False;
81 if (start_of_name_component) {
82 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
83 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
86 * No mb char starts with '.' so we're safe checking the directory separator here.
89 /* If we just added a '/' - delete it */
90 if ((d > path) && (*(d-1) == '/')) {
95 /* Are we at the start ? Can't go back further if so. */
97 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
100 /* Go back one level... */
101 /* We know this is safe as '/' cannot be part of a mb sequence. */
102 /* NOTE - if this assumption is invalid we are not in good shape... */
103 /* Decrement d first as d points to the *next* char to write into. */
104 for (d--; d > path; d--) {
108 s += 2; /* Else go past the .. */
109 /* We're still at the start of a name component, just the previous one. */
112 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
125 return NT_STATUS_OBJECT_NAME_INVALID;
133 *p_last_component_contains_wcard = True;
142 /* Get the size of the next MB character. */
143 next_codepoint(s,&siz);
161 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
163 return NT_STATUS_INVALID_PARAMETER;
166 start_of_name_component = False;
173 /****************************************************************************
174 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
175 No wildcards allowed.
176 ****************************************************************************/
178 NTSTATUS check_path_syntax(char *path)
181 return check_path_syntax_internal(path, False, &ignore);
184 /****************************************************************************
185 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
186 Wildcards allowed - p_contains_wcard returns true if the last component contained
188 ****************************************************************************/
190 NTSTATUS check_path_syntax_wcard(char *path, BOOL *p_contains_wcard)
192 return check_path_syntax_internal(path, False, p_contains_wcard);
195 /****************************************************************************
196 Check the path for a POSIX client.
197 We're assuming here that '/' is not the second byte in any multibyte char
198 set (a safe assumption).
199 ****************************************************************************/
201 NTSTATUS check_path_syntax_posix(char *path)
204 return check_path_syntax_internal(path, True, &ignore);
207 /****************************************************************************
208 Pull a string and check the path allowing a wilcard - provide for error return.
209 ****************************************************************************/
211 size_t srvstr_get_path_wcard(const char *inbuf, uint16 smb_flags2, char *dest,
212 const char *src, size_t dest_len, size_t src_len,
213 int flags, NTSTATUS *err, BOOL *contains_wcard)
217 SMB_ASSERT(dest_len == sizeof(pstring));
221 ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src,
224 ret = srvstr_pull(inbuf, smb_flags2, dest, src,
225 dest_len, src_len, flags);
228 *contains_wcard = False;
230 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
232 * For a DFS path the function parse_dfs_path()
233 * will do the path processing, just make a copy.
239 if (lp_posix_pathnames()) {
240 *err = check_path_syntax_posix(dest);
242 *err = check_path_syntax_wcard(dest, contains_wcard);
248 /****************************************************************************
249 Pull a string and check the path - provide for error return.
250 ****************************************************************************/
252 size_t srvstr_get_path(const char *inbuf, uint16 smb_flags2, char *dest,
253 const char *src, size_t dest_len, size_t src_len,
254 int flags, NTSTATUS *err)
258 SMB_ASSERT(dest_len == sizeof(pstring));
262 ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src,
265 ret = srvstr_pull(inbuf, smb_flags2, dest, src,
266 dest_len, src_len, flags);
269 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err = check_path_syntax_posix(dest);
281 *err = check_path_syntax(dest);
287 /****************************************************************************
288 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
289 ****************************************************************************/
291 BOOL check_fsp_open(connection_struct *conn, struct smb_request *req,
292 files_struct *fsp, struct current_user *user)
294 if (!(fsp) || !(conn)) {
295 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
298 if (((conn) != (fsp)->conn) || user->vuid != (fsp)->vuid) {
299 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
305 /****************************************************************************
306 Check if we have a correct fsp pointing to a file. Replacement for the
308 ****************************************************************************/
310 BOOL check_fsp(connection_struct *conn, struct smb_request *req,
311 files_struct *fsp, struct current_user *user)
313 if (!check_fsp_open(conn, req, fsp, user)) {
316 if ((fsp)->is_directory) {
317 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
320 if ((fsp)->fh->fd == -1) {
321 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
324 (fsp)->num_smb_operations++;
328 /****************************************************************************
329 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
330 ****************************************************************************/
332 BOOL fsp_belongs_conn(connection_struct *conn, struct smb_request *req,
333 files_struct *fsp, struct current_user *user)
335 if ((fsp) && (conn) && ((conn)==(fsp)->conn)
336 && (current_user.vuid==(fsp)->vuid)) {
340 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
344 /****************************************************************************
345 Reply to a (netbios-level) special message.
346 ****************************************************************************/
348 void reply_special(char *inbuf)
350 int msg_type = CVAL(inbuf,0);
351 int msg_flags = CVAL(inbuf,1);
356 * We only really use 4 bytes of the outbuf, but for the smb_setlen
357 * calculation & friends (send_smb uses that) we need the full smb
360 char outbuf[smb_size];
362 static BOOL already_got_session = False;
366 memset(outbuf, '\0', sizeof(outbuf));
368 smb_setlen(inbuf,outbuf,0);
371 case 0x81: /* session request */
373 if (already_got_session) {
374 exit_server_cleanly("multiple session request not permitted");
377 SCVAL(outbuf,0,0x82);
379 if (name_len(inbuf+4) > 50 ||
380 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
381 DEBUG(0,("Invalid name length in session request\n"));
384 name_extract(inbuf,4,name1);
385 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
386 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
389 set_local_machine_name(name1, True);
390 set_remote_machine_name(name2, True);
392 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
393 get_local_machine_name(), get_remote_machine_name(),
396 if (name_type == 'R') {
397 /* We are being asked for a pathworks session ---
399 SCVAL(outbuf, 0,0x83);
403 /* only add the client's machine name to the list
404 of possibly valid usernames if we are operating
405 in share mode security */
406 if (lp_security() == SEC_SHARE) {
407 add_session_user(get_remote_machine_name());
410 reload_services(True);
413 already_got_session = True;
416 case 0x89: /* session keepalive request
417 (some old clients produce this?) */
418 SCVAL(outbuf,0,SMBkeepalive);
422 case 0x82: /* positive session response */
423 case 0x83: /* negative session response */
424 case 0x84: /* retarget session response */
425 DEBUG(0,("Unexpected session response\n"));
428 case SMBkeepalive: /* session keepalive */
433 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
434 msg_type, msg_flags));
436 send_smb(smbd_server_fd(), outbuf);
440 /****************************************************************************
442 conn POINTER CAN BE NULL HERE !
443 ****************************************************************************/
445 void reply_tcon(connection_struct *conn, struct smb_request *req)
448 char *service_buf = NULL;
449 char *password = NULL;
454 DATA_BLOB password_blob;
456 START_PROFILE(SMBtcon);
458 if (smb_buflen(req->inbuf) < 4) {
459 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
460 END_PROFILE(SMBtcon);
464 p = smb_buf(req->inbuf)+1;
465 p += srvstr_pull_buf_talloc(req, req->inbuf, req->flags2,
466 &service_buf, p, STR_TERMINATE) + 1;
467 pwlen = srvstr_pull_buf_talloc(req, req->inbuf, req->flags2,
468 &password, p, STR_TERMINATE) + 1;
470 p += srvstr_pull_buf_talloc(req, req->inbuf, req->flags2,
471 &dev, p, STR_TERMINATE) + 1;
473 if (service_buf == NULL || password == NULL || dev == NULL) {
474 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
475 END_PROFILE(SMBtcon);
478 p = strrchr_m(service_buf,'\\');
482 service = service_buf;
485 password_blob = data_blob(password, pwlen+1);
487 conn = make_connection(service,password_blob,dev,req->vuid,&nt_status);
489 data_blob_clear_free(&password_blob);
492 reply_nterror(req, nt_status);
493 END_PROFILE(SMBtcon);
497 reply_outbuf(req, 2, 0);
498 SSVAL(req->outbuf,smb_vwv0,max_recv);
499 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
500 SSVAL(req->outbuf,smb_tid,conn->cnum);
502 DEBUG(3,("tcon service=%s cnum=%d\n",
503 service, conn->cnum));
505 END_PROFILE(SMBtcon);
509 /****************************************************************************
510 Reply to a tcon and X.
511 conn POINTER CAN BE NULL HERE !
512 ****************************************************************************/
514 void reply_tcon_and_X(connection_struct *conn, struct smb_request *req)
516 char *service = NULL;
519 TALLOC_CTX *ctx = NULL;
520 /* what the cleint thinks the device is */
521 char *client_devicetype = NULL;
522 /* what the server tells the client the share represents */
523 const char *server_devicetype;
530 START_PROFILE(SMBtconX);
533 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
534 END_PROFILE(SMBtconX);
538 passlen = SVAL(req->inbuf,smb_vwv3);
539 tcon_flags = SVAL(req->inbuf,smb_vwv2);
541 /* we might have to close an old one */
542 if ((tcon_flags & 0x1) && conn) {
543 close_cnum(conn,req->vuid);
546 if ((passlen > MAX_PASS_LEN) || (passlen >= smb_buflen(req->inbuf))) {
547 reply_doserror(req, ERRDOS, ERRbuftoosmall);
548 END_PROFILE(SMBtconX);
552 if (global_encrypted_passwords_negotiated) {
553 password = data_blob(smb_buf(req->inbuf),passlen);
554 if (lp_security() == SEC_SHARE) {
556 * Security = share always has a pad byte
557 * after the password.
559 p = smb_buf(req->inbuf) + passlen + 1;
561 p = smb_buf(req->inbuf) + passlen;
564 password = data_blob(smb_buf(req->inbuf),passlen+1);
565 /* Ensure correct termination */
566 password.data[passlen]=0;
567 p = smb_buf(req->inbuf) + passlen + 1;
570 ctx = talloc_init("reply_tcon_and_X");
572 data_blob_clear_free(&password);
573 reply_nterror(req, NT_STATUS_NO_MEMORY);
574 END_PROFILE(SMBtconX);
577 p += srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2, &path, p,
581 data_blob_clear_free(&password);
583 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
584 END_PROFILE(SMBtconX);
589 * the service name can be either: \\server\share
590 * or share directly like on the DELL PowerVault 705
593 q = strchr_m(path+2,'\\');
595 data_blob_clear_free(&password);
597 reply_doserror(req, ERRDOS, ERRnosuchshare);
598 END_PROFILE(SMBtconX);
606 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
607 &client_devicetype, p,
608 MIN(6,smb_bufrem(req->inbuf, p)), STR_ASCII);
610 if (client_devicetype == NULL) {
611 data_blob_clear_free(&password);
613 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
614 END_PROFILE(SMBtconX);
618 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
620 conn = make_connection(service, password, client_devicetype,
621 req->vuid, &nt_status);
623 data_blob_clear_free(&password);
627 reply_nterror(req, nt_status);
628 END_PROFILE(SMBtconX);
633 server_devicetype = "IPC";
634 else if ( IS_PRINT(conn) )
635 server_devicetype = "LPT1:";
637 server_devicetype = "A:";
639 if (Protocol < PROTOCOL_NT1) {
640 reply_outbuf(req, 2, 0);
641 if (message_push_string(&req->outbuf, server_devicetype,
642 STR_TERMINATE|STR_ASCII) == -1) {
644 reply_nterror(req, NT_STATUS_NO_MEMORY);
645 END_PROFILE(SMBtconX);
649 /* NT sets the fstype of IPC$ to the null string */
650 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
652 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
653 /* Return permissions. */
657 reply_outbuf(req, 7, 0);
660 perm1 = FILE_ALL_ACCESS;
661 perm2 = FILE_ALL_ACCESS;
663 perm1 = CAN_WRITE(conn) ?
668 SIVAL(req->outbuf, smb_vwv3, perm1);
669 SIVAL(req->outbuf, smb_vwv5, perm2);
671 reply_outbuf(req, 3, 0);
674 if ((message_push_string(&req->outbuf, server_devicetype,
675 STR_TERMINATE|STR_ASCII) == -1)
676 || (message_push_string(&req->outbuf, fstype,
677 STR_TERMINATE) == -1)) {
679 reply_nterror(req, NT_STATUS_NO_MEMORY);
680 END_PROFILE(SMBtconX);
684 /* what does setting this bit do? It is set by NT4 and
685 may affect the ability to autorun mounted cdroms */
686 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
687 (lp_csc_policy(SNUM(conn)) << 2));
689 init_dfsroot(conn, req->inbuf, req->outbuf);
693 DEBUG(3,("tconX service=%s \n",
696 /* set the incoming and outgoing tid to the just created one */
697 SSVAL(req->inbuf,smb_tid,conn->cnum);
698 SSVAL(req->outbuf,smb_tid,conn->cnum);
701 END_PROFILE(SMBtconX);
707 /****************************************************************************
708 Reply to an unknown type.
709 ****************************************************************************/
711 int reply_unknown(char *inbuf,char *outbuf)
714 type = CVAL(inbuf,smb_com);
716 DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n",
717 smb_fn_name(type), type, type));
719 return(ERROR_DOS(ERRSRV,ERRunknownsmb));
722 void reply_unknown_new(struct smb_request *req, uint8 type)
724 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
725 smb_fn_name(type), type, type));
726 reply_doserror(req, ERRSRV, ERRunknownsmb);
730 /****************************************************************************
732 conn POINTER CAN BE NULL HERE !
733 ****************************************************************************/
735 void reply_ioctl(connection_struct *conn, struct smb_request *req)
743 START_PROFILE(SMBioctl);
746 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
747 END_PROFILE(SMBioctl);
751 device = SVAL(req->inbuf,smb_vwv1);
752 function = SVAL(req->inbuf,smb_vwv2);
753 ioctl_code = (device << 16) + function;
755 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
757 switch (ioctl_code) {
758 case IOCTL_QUERY_JOB_INFO:
762 reply_doserror(req, ERRSRV, ERRnosupport);
763 END_PROFILE(SMBioctl);
767 reply_outbuf(req, 8, replysize+1);
768 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
769 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
770 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
771 p = smb_buf(req->outbuf);
772 memset(p, '\0', replysize+1); /* valgrind-safe. */
773 p += 1; /* Allow for alignment */
775 switch (ioctl_code) {
776 case IOCTL_QUERY_JOB_INFO:
778 files_struct *fsp = file_fsp(SVAL(req->inbuf,
781 reply_doserror(req, ERRDOS, ERRbadfid);
782 END_PROFILE(SMBioctl);
785 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
786 srvstr_push((char *)req->outbuf, req->flags2, p+2,
788 STR_TERMINATE|STR_ASCII);
790 srvstr_push((char *)req->outbuf, req->flags2,
791 p+18, lp_servicename(SNUM(conn)),
792 13, STR_TERMINATE|STR_ASCII);
800 END_PROFILE(SMBioctl);
804 /****************************************************************************
805 Strange checkpath NTSTATUS mapping.
806 ****************************************************************************/
808 static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status)
810 /* Strange DOS error code semantics only for checkpath... */
811 if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) {
812 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
813 /* We need to map to ERRbadpath */
814 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
820 /****************************************************************************
821 Reply to a checkpath.
822 ****************************************************************************/
824 void reply_checkpath(connection_struct *conn, struct smb_request *req)
828 SMB_STRUCT_STAT sbuf;
831 START_PROFILE(SMBcheckpath);
833 srvstr_get_path((char *)req->inbuf, req->flags2, name_in,
834 smb_buf(req->inbuf) + 1, sizeof(name_in), 0,
835 STR_TERMINATE, &status);
836 if (!NT_STATUS_IS_OK(status)) {
837 status = map_checkpath_error((char *)req->inbuf, status);
838 reply_nterror(req, status);
839 END_PROFILE(SMBcheckpath);
843 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, name_in);
844 if (!NT_STATUS_IS_OK(status)) {
845 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
846 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
848 END_PROFILE(SMBcheckpath);
854 DEBUG(3,("reply_checkpath %s mode=%d\n", name_in, (int)SVAL(req->inbuf,smb_vwv0)));
856 status = unix_convert(conn, name_in, False, &name, NULL, &sbuf);
857 if (!NT_STATUS_IS_OK(status)) {
861 status = check_name(conn, name);
862 if (!NT_STATUS_IS_OK(status)) {
863 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
867 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) {
868 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
869 status = map_nt_error_from_unix(errno);
873 if (!S_ISDIR(sbuf.st_mode)) {
874 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
876 END_PROFILE(SMBcheckpath);
880 reply_outbuf(req, 0, 0);
882 END_PROFILE(SMBcheckpath);
887 END_PROFILE(SMBcheckpath);
889 /* We special case this - as when a Windows machine
890 is parsing a path is steps through the components
891 one at a time - if a component fails it expects
892 ERRbadpath, not ERRbadfile.
894 status = map_checkpath_error((char *)req->inbuf, status);
895 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
897 * Windows returns different error codes if
898 * the parent directory is valid but not the
899 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
900 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
901 * if the path is invalid.
903 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
908 reply_nterror(req, status);
911 /****************************************************************************
913 ****************************************************************************/
915 void reply_getatr(connection_struct *conn, struct smb_request *req)
919 SMB_STRUCT_STAT sbuf;
926 START_PROFILE(SMBgetatr);
928 p = smb_buf(req->inbuf) + 1;
929 p += srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, p,
930 sizeof(fname_in), 0, STR_TERMINATE, &status);
931 if (!NT_STATUS_IS_OK(status)) {
932 reply_nterror(req, status);
933 END_PROFILE(SMBgetatr);
937 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
939 if (!NT_STATUS_IS_OK(status)) {
940 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
941 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
943 END_PROFILE(SMBgetatr);
946 reply_nterror(req, status);
947 END_PROFILE(SMBgetatr);
951 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
952 under WfWg - weird! */
953 if (*fname_in == '\0') {
954 mode = aHIDDEN | aDIR;
955 if (!CAN_WRITE(conn)) {
961 status = unix_convert(conn, fname_in, False, &fname, NULL,&sbuf);
962 if (!NT_STATUS_IS_OK(status)) {
963 reply_nterror(req, status);
964 END_PROFILE(SMBgetatr);
967 status = check_name(conn, fname);
968 if (!NT_STATUS_IS_OK(status)) {
969 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
970 reply_nterror(req, status);
971 END_PROFILE(SMBgetatr);
974 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) {
975 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
976 reply_unixerror(req, ERRDOS,ERRbadfile);
977 END_PROFILE(SMBgetatr);
981 mode = dos_mode(conn,fname,&sbuf);
983 mtime = sbuf.st_mtime;
989 reply_outbuf(req, 10, 0);
991 SSVAL(req->outbuf,smb_vwv0,mode);
992 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
993 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
995 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
997 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
999 if (Protocol >= PROTOCOL_NT1) {
1000 SSVAL(req->outbuf, smb_flg2,
1001 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1004 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
1006 END_PROFILE(SMBgetatr);
1010 /****************************************************************************
1012 ****************************************************************************/
1014 void reply_setatr(connection_struct *conn, struct smb_request *req)
1020 SMB_STRUCT_STAT sbuf;
1024 START_PROFILE(SMBsetatr);
1027 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1031 p = smb_buf(req->inbuf) + 1;
1032 p += srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, p,
1033 sizeof(fname_in), 0, STR_TERMINATE, &status);
1034 if (!NT_STATUS_IS_OK(status)) {
1035 reply_nterror(req, status);
1036 END_PROFILE(SMBsetatr);
1040 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
1042 if (!NT_STATUS_IS_OK(status)) {
1043 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1044 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1045 ERRSRV, ERRbadpath);
1046 END_PROFILE(SMBsetatr);
1049 reply_nterror(req, status);
1050 END_PROFILE(SMBsetatr);
1054 status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf);
1055 if (!NT_STATUS_IS_OK(status)) {
1056 reply_nterror(req, status);
1057 END_PROFILE(SMBsetatr);
1061 status = check_name(conn, fname);
1062 if (!NT_STATUS_IS_OK(status)) {
1063 reply_nterror(req, status);
1064 END_PROFILE(SMBsetatr);
1068 if (fname[0] == '.' && fname[1] == '\0') {
1070 * Not sure here is the right place to catch this
1071 * condition. Might be moved to somewhere else later -- vl
1073 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1074 END_PROFILE(SMBsetatr);
1078 mode = SVAL(req->inbuf,smb_vwv0);
1079 mtime = srv_make_unix_date3(req->inbuf+smb_vwv1);
1081 if (mode != FILE_ATTRIBUTE_NORMAL) {
1082 if (VALID_STAT_OF_DIR(sbuf))
1087 if (file_set_dosmode(conn,fname,mode,&sbuf,False) != 0) {
1088 reply_unixerror(req, ERRDOS, ERRnoaccess);
1089 END_PROFILE(SMBsetatr);
1094 if (!set_filetime(conn,fname,convert_time_t_to_timespec(mtime))) {
1095 reply_unixerror(req, ERRDOS, ERRnoaccess);
1096 END_PROFILE(SMBsetatr);
1100 reply_outbuf(req, 0, 0);
1102 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1104 END_PROFILE(SMBsetatr);
1108 /****************************************************************************
1110 ****************************************************************************/
1112 void reply_dskattr(connection_struct *conn, struct smb_request *req)
1114 SMB_BIG_UINT dfree,dsize,bsize;
1115 START_PROFILE(SMBdskattr);
1117 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) {
1118 reply_unixerror(req, ERRHRD, ERRgeneral);
1119 END_PROFILE(SMBdskattr);
1123 reply_outbuf(req, 5, 0);
1125 if (Protocol <= PROTOCOL_LANMAN2) {
1126 double total_space, free_space;
1127 /* we need to scale this to a number that DOS6 can handle. We
1128 use floating point so we can handle large drives on systems
1129 that don't have 64 bit integers
1131 we end up displaying a maximum of 2G to DOS systems
1133 total_space = dsize * (double)bsize;
1134 free_space = dfree * (double)bsize;
1136 dsize = (total_space+63*512) / (64*512);
1137 dfree = (free_space+63*512) / (64*512);
1139 if (dsize > 0xFFFF) dsize = 0xFFFF;
1140 if (dfree > 0xFFFF) dfree = 0xFFFF;
1142 SSVAL(req->outbuf,smb_vwv0,dsize);
1143 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1144 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1145 SSVAL(req->outbuf,smb_vwv3,dfree);
1147 SSVAL(req->outbuf,smb_vwv0,dsize);
1148 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1149 SSVAL(req->outbuf,smb_vwv2,512);
1150 SSVAL(req->outbuf,smb_vwv3,dfree);
1153 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1155 END_PROFILE(SMBdskattr);
1159 /****************************************************************************
1161 Can be called from SMBsearch, SMBffirst or SMBfunique.
1162 ****************************************************************************/
1164 void reply_search(connection_struct *conn, struct smb_request *req)
1167 char *directory = NULL;
1173 unsigned int numentries = 0;
1174 unsigned int maxentries = 0;
1175 BOOL finished = False;
1181 BOOL check_descend = False;
1182 BOOL expect_close = False;
1184 BOOL mask_contains_wcard = False;
1185 BOOL allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1187 START_PROFILE(SMBsearch);
1190 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1191 END_PROFILE(SMBsearch);
1195 if (lp_posix_pathnames()) {
1196 reply_unknown_new(req, CVAL(req->inbuf, smb_com));
1197 END_PROFILE(SMBsearch);
1203 /* If we were called as SMBffirst then we must expect close. */
1204 if(CVAL(req->inbuf,smb_com) == SMBffirst) {
1205 expect_close = True;
1208 reply_outbuf(req, 1, 3);
1209 maxentries = SVAL(req->inbuf,smb_vwv0);
1210 dirtype = SVAL(req->inbuf,smb_vwv1);
1211 p = smb_buf(req->inbuf) + 1;
1212 p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, path, p,
1213 sizeof(path), 0, STR_TERMINATE, &nt_status,
1214 &mask_contains_wcard);
1215 if (!NT_STATUS_IS_OK(nt_status)) {
1216 reply_nterror(req, nt_status);
1217 END_PROFILE(SMBsearch);
1221 nt_status = resolve_dfspath_wcard(conn,
1222 req->flags2 & FLAGS2_DFS_PATHNAMES,
1223 path, &mask_contains_wcard);
1224 if (!NT_STATUS_IS_OK(nt_status)) {
1225 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1226 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1227 ERRSRV, ERRbadpath);
1228 END_PROFILE(SMBsearch);
1231 reply_nterror(req, nt_status);
1232 END_PROFILE(SMBsearch);
1237 status_len = SVAL(p, 0);
1240 /* dirtype &= ~aDIR; */
1242 if (status_len == 0) {
1243 SMB_STRUCT_STAT sbuf;
1245 nt_status = unix_convert(conn, path, True, &directory, NULL, &sbuf);
1246 if (!NT_STATUS_IS_OK(nt_status)) {
1247 reply_nterror(req, nt_status);
1248 END_PROFILE(SMBsearch);
1252 nt_status = check_name(conn, directory);
1253 if (!NT_STATUS_IS_OK(nt_status)) {
1254 reply_nterror(req, nt_status);
1255 END_PROFILE(SMBsearch);
1259 p = strrchr_m(directory,'/');
1261 pstrcpy(mask,directory);
1262 directory = talloc_strdup(talloc_tos(),".");
1264 reply_nterror(req, NT_STATUS_NO_MEMORY);
1265 END_PROFILE(SMBsearch);
1273 if (*directory == '\0') {
1274 directory = talloc_strdup(talloc_tos(),".");
1276 reply_nterror(req, NT_STATUS_NO_MEMORY);
1277 END_PROFILE(SMBsearch);
1281 memset((char *)status,'\0',21);
1282 SCVAL(status,0,(dirtype & 0x1F));
1284 nt_status = dptr_create(conn,
1290 mask_contains_wcard,
1293 if (!NT_STATUS_IS_OK(nt_status)) {
1294 reply_nterror(req, nt_status);
1295 END_PROFILE(SMBsearch);
1298 dptr_num = dptr_dnum(conn->dirptr);
1302 memcpy(status,p,21);
1303 status_dirtype = CVAL(status,0) & 0x1F;
1304 if (status_dirtype != (dirtype & 0x1F)) {
1305 dirtype = status_dirtype;
1308 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1309 if (!conn->dirptr) {
1312 string_set(&conn->dirpath,dptr_path(dptr_num));
1313 pstrcpy(mask, dptr_wcard(dptr_num));
1315 * For a 'continue' search we have no string. So
1316 * check from the initial saved string.
1318 mask_contains_wcard = ms_has_wild(mask);
1319 dirtype = dptr_attr(dptr_num);
1322 DEBUG(4,("dptr_num is %d\n",dptr_num));
1324 if ((dirtype&0x1F) == aVOLID) {
1325 char buf[DIR_STRUCT_SIZE];
1326 memcpy(buf,status,21);
1327 make_dir_struct(buf,"???????????",volume_label(SNUM(conn)),
1328 0,aVOLID,0,!allow_long_path_components);
1329 dptr_fill(buf+12,dptr_num);
1330 if (dptr_zero(buf+12) && (status_len==0)) {
1335 if (message_push_blob(&req->outbuf,
1336 data_blob_const(buf, sizeof(buf)))
1338 reply_nterror(req, NT_STATUS_NO_MEMORY);
1339 END_PROFILE(SMBsearch);
1347 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1350 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1351 conn->dirpath,lp_dontdescend(SNUM(conn))));
1352 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1353 check_descend = True;
1356 for (i=numentries;(i<maxentries) && !finished;i++) {
1357 finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
1359 char buf[DIR_STRUCT_SIZE];
1360 memcpy(buf,status,21);
1361 make_dir_struct(buf,mask,fname,size, mode,date,
1362 !allow_long_path_components);
1363 if (!dptr_fill(buf+12,dptr_num)) {
1366 if (message_push_blob(&req->outbuf,
1367 data_blob_const(buf, sizeof(buf)))
1369 reply_nterror(req, NT_STATUS_NO_MEMORY);
1370 END_PROFILE(SMBsearch);
1380 /* If we were called as SMBffirst with smb_search_id == NULL
1381 and no entries were found then return error and close dirptr
1384 if (numentries == 0) {
1385 dptr_close(&dptr_num);
1386 } else if(expect_close && status_len == 0) {
1387 /* Close the dptr - we know it's gone */
1388 dptr_close(&dptr_num);
1391 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1392 if(dptr_num >= 0 && CVAL(req->inbuf,smb_com) == SMBfunique) {
1393 dptr_close(&dptr_num);
1396 if ((numentries == 0) && !mask_contains_wcard) {
1397 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1398 END_PROFILE(SMBsearch);
1402 SSVAL(req->outbuf,smb_vwv0,numentries);
1403 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1404 SCVAL(smb_buf(req->outbuf),0,5);
1405 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1407 /* The replies here are never long name. */
1408 SSVAL(req->outbuf, smb_flg2,
1409 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1410 if (!allow_long_path_components) {
1411 SSVAL(req->outbuf, smb_flg2,
1412 SVAL(req->outbuf, smb_flg2)
1413 & (~FLAGS2_LONG_PATH_COMPONENTS));
1416 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1417 SSVAL(req->outbuf, smb_flg2,
1418 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1421 directory = dptr_path(dptr_num);
1424 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1425 smb_fn_name(CVAL(req->inbuf,smb_com)),
1427 directory ? directory : "./",
1432 END_PROFILE(SMBsearch);
1436 /****************************************************************************
1437 Reply to a fclose (stop directory search).
1438 ****************************************************************************/
1440 void reply_fclose(connection_struct *conn, struct smb_request *req)
1448 BOOL path_contains_wcard = False;
1450 START_PROFILE(SMBfclose);
1452 if (lp_posix_pathnames()) {
1453 reply_unknown_new(req, CVAL(req->inbuf, smb_com));
1454 END_PROFILE(SMBfclose);
1458 p = smb_buf(req->inbuf) + 1;
1459 p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, path, p,
1460 sizeof(path), 0, STR_TERMINATE, &err,
1461 &path_contains_wcard);
1462 if (!NT_STATUS_IS_OK(err)) {
1463 reply_nterror(req, err);
1464 END_PROFILE(SMBfclose);
1468 status_len = SVAL(p,0);
1471 if (status_len == 0) {
1472 reply_doserror(req, ERRSRV, ERRsrverror);
1473 END_PROFILE(SMBfclose);
1477 memcpy(status,p,21);
1479 if(dptr_fetch(status+12,&dptr_num)) {
1480 /* Close the dptr - we know it's gone */
1481 dptr_close(&dptr_num);
1484 reply_outbuf(req, 1, 0);
1485 SSVAL(req->outbuf,smb_vwv0,0);
1487 DEBUG(3,("search close\n"));
1489 END_PROFILE(SMBfclose);
1493 /****************************************************************************
1495 ****************************************************************************/
1497 void reply_open(connection_struct *conn, struct smb_request *req)
1505 SMB_STRUCT_STAT sbuf;
1512 uint32 create_disposition;
1513 uint32 create_options = 0;
1516 START_PROFILE(SMBopen);
1519 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1520 END_PROFILE(SMBopen);
1524 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1525 deny_mode = SVAL(req->inbuf,smb_vwv0);
1526 dos_attr = SVAL(req->inbuf,smb_vwv1);
1528 srvstr_get_path((char *)req->inbuf, req->flags2, fname_in,
1529 smb_buf(req->inbuf)+1, sizeof(fname_in), 0,
1530 STR_TERMINATE, &status);
1531 if (!NT_STATUS_IS_OK(status)) {
1532 reply_nterror(req, status);
1533 END_PROFILE(SMBopen);
1537 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
1539 if (!NT_STATUS_IS_OK(status)) {
1540 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1541 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1542 ERRSRV, ERRbadpath);
1543 END_PROFILE(SMBopen);
1546 reply_nterror(req, status);
1547 END_PROFILE(SMBopen);
1551 status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf);
1552 if (!NT_STATUS_IS_OK(status)) {
1553 reply_nterror(req, status);
1554 END_PROFILE(SMBopen);
1558 status = check_name(conn, fname);
1559 if (!NT_STATUS_IS_OK(status)) {
1560 reply_nterror(req, status);
1561 END_PROFILE(SMBopen);
1565 if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN,
1566 &access_mask, &share_mode, &create_disposition, &create_options)) {
1567 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1568 END_PROFILE(SMBopen);
1572 status = open_file_ntcreate(conn, req, fname, &sbuf,
1581 if (!NT_STATUS_IS_OK(status)) {
1582 if (open_was_deferred(req->mid)) {
1583 END_PROFILE(SMBopen);
1584 /* We have re-scheduled this call. */
1587 reply_openerror(req, status);
1588 END_PROFILE(SMBopen);
1592 size = sbuf.st_size;
1593 fattr = dos_mode(conn,fname,&sbuf);
1594 mtime = sbuf.st_mtime;
1597 DEBUG(3,("attempt to open a directory %s\n",fname));
1598 close_file(fsp,ERROR_CLOSE);
1599 reply_doserror(req, ERRDOS,ERRnoaccess);
1600 END_PROFILE(SMBopen);
1604 reply_outbuf(req, 7, 0);
1605 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1606 SSVAL(req->outbuf,smb_vwv1,fattr);
1607 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1608 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1610 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1612 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1613 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1615 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1616 SCVAL(req->outbuf,smb_flg,
1617 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1620 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1621 SCVAL(req->outbuf,smb_flg,
1622 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1624 END_PROFILE(SMBopen);
1628 /****************************************************************************
1629 Reply to an open and X.
1630 ****************************************************************************/
1632 void reply_open_and_X(connection_struct *conn, struct smb_request *req)
1639 /* Breakout the oplock request bits so we can set the
1640 reply bits separately. */
1641 int ex_oplock_request;
1642 int core_oplock_request;
1645 int smb_sattr = SVAL(req->inbuf,smb_vwv4);
1646 uint32 smb_time = make_unix_date3(req->inbuf+smb_vwv6);
1651 SMB_STRUCT_STAT sbuf;
1655 SMB_BIG_UINT allocation_size;
1656 ssize_t retval = -1;
1659 uint32 create_disposition;
1660 uint32 create_options = 0;
1662 START_PROFILE(SMBopenX);
1664 if (req->wct < 15) {
1665 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1666 END_PROFILE(SMBopenX);
1670 open_flags = SVAL(req->inbuf,smb_vwv2);
1671 deny_mode = SVAL(req->inbuf,smb_vwv3);
1672 smb_attr = SVAL(req->inbuf,smb_vwv5);
1673 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1674 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1675 oplock_request = ex_oplock_request | core_oplock_request;
1676 smb_ofun = SVAL(req->inbuf,smb_vwv8);
1677 allocation_size = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv9);
1679 /* If it's an IPC, pass off the pipe handler. */
1681 if (lp_nt_pipe_support()) {
1682 reply_open_pipe_and_X(conn, req);
1684 reply_doserror(req, ERRSRV, ERRaccess);
1686 END_PROFILE(SMBopenX);
1690 /* XXXX we need to handle passed times, sattr and flags */
1691 srvstr_get_path((char *)req->inbuf, req->flags2, fname_in,
1692 smb_buf(req->inbuf), sizeof(fname_in), 0, STR_TERMINATE,
1694 if (!NT_STATUS_IS_OK(status)) {
1695 reply_nterror(req, status);
1696 END_PROFILE(SMBopenX);
1700 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
1702 if (!NT_STATUS_IS_OK(status)) {
1703 END_PROFILE(SMBopenX);
1704 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1705 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1706 ERRSRV, ERRbadpath);
1709 reply_nterror(req, status);
1713 status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf);
1714 if (!NT_STATUS_IS_OK(status)) {
1715 reply_nterror(req, status);
1716 END_PROFILE(SMBopenX);
1720 status = check_name(conn, fname);
1721 if (!NT_STATUS_IS_OK(status)) {
1722 reply_nterror(req, status);
1723 END_PROFILE(SMBopenX);
1727 if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun,
1730 &create_disposition,
1732 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1733 END_PROFILE(SMBopenX);
1737 status = open_file_ntcreate(conn, req, fname, &sbuf,
1746 if (!NT_STATUS_IS_OK(status)) {
1747 END_PROFILE(SMBopenX);
1748 if (open_was_deferred(req->mid)) {
1749 /* We have re-scheduled this call. */
1752 reply_openerror(req, status);
1756 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1757 if the file is truncated or created. */
1758 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1759 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1760 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1761 close_file(fsp,ERROR_CLOSE);
1762 reply_nterror(req, NT_STATUS_DISK_FULL);
1763 END_PROFILE(SMBopenX);
1766 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1768 close_file(fsp,ERROR_CLOSE);
1769 reply_nterror(req, NT_STATUS_DISK_FULL);
1770 END_PROFILE(SMBopenX);
1773 sbuf.st_size = get_allocation_size(conn,fsp,&sbuf);
1776 fattr = dos_mode(conn,fname,&sbuf);
1777 mtime = sbuf.st_mtime;
1779 close_file(fsp,ERROR_CLOSE);
1780 reply_doserror(req, ERRDOS, ERRnoaccess);
1781 END_PROFILE(SMBopenX);
1785 /* If the caller set the extended oplock request bit
1786 and we granted one (by whatever means) - set the
1787 correct bit for extended oplock reply.
1790 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1791 smb_action |= EXTENDED_OPLOCK_GRANTED;
1794 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1795 smb_action |= EXTENDED_OPLOCK_GRANTED;
1798 /* If the caller set the core oplock request bit
1799 and we granted one (by whatever means) - set the
1800 correct bit for core oplock reply.
1803 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1804 reply_outbuf(req, 19, 0);
1806 reply_outbuf(req, 15, 0);
1809 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1810 SCVAL(req->outbuf, smb_flg,
1811 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1814 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1815 SCVAL(req->outbuf, smb_flg,
1816 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1819 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
1820 SSVAL(req->outbuf,smb_vwv3,fattr);
1821 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1822 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
1824 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
1826 SIVAL(req->outbuf,smb_vwv6,(uint32)sbuf.st_size);
1827 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1828 SSVAL(req->outbuf,smb_vwv11,smb_action);
1830 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1831 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1834 END_PROFILE(SMBopenX);
1839 /****************************************************************************
1840 Reply to a SMBulogoffX.
1841 conn POINTER CAN BE NULL HERE !
1842 ****************************************************************************/
1844 void reply_ulogoffX(connection_struct *conn, struct smb_request *req)
1848 START_PROFILE(SMBulogoffX);
1850 vuser = get_valid_user_struct(req->vuid);
1853 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1857 /* in user level security we are supposed to close any files
1858 open by this user */
1859 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
1860 file_close_user(req->vuid);
1863 invalidate_vuid(req->vuid);
1865 reply_outbuf(req, 2, 0);
1867 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
1869 END_PROFILE(SMBulogoffX);
1873 /****************************************************************************
1874 Reply to a mknew or a create.
1875 ****************************************************************************/
1877 void reply_mknew(connection_struct *conn, struct smb_request *req)
1883 struct timespec ts[2];
1885 int oplock_request = 0;
1886 SMB_STRUCT_STAT sbuf;
1888 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1889 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1890 uint32 create_disposition;
1891 uint32 create_options = 0;
1893 START_PROFILE(SMBcreate);
1896 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1897 END_PROFILE(SMBcreate);
1901 fattr = SVAL(req->inbuf,smb_vwv0);
1902 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1903 com = SVAL(req->inbuf,smb_com);
1905 ts[1] =convert_time_t_to_timespec(
1906 srv_make_unix_date3(req->inbuf + smb_vwv1));
1909 srvstr_get_path((char *)req->inbuf, req->flags2, fname_in,
1910 smb_buf(req->inbuf) + 1, sizeof(fname_in), 0,
1911 STR_TERMINATE, &status);
1912 if (!NT_STATUS_IS_OK(status)) {
1913 reply_nterror(req, status);
1914 END_PROFILE(SMBcreate);
1918 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
1920 if (!NT_STATUS_IS_OK(status)) {
1921 END_PROFILE(SMBcreate);
1922 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1923 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1924 ERRSRV, ERRbadpath);
1927 reply_nterror(req, status);
1931 status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf);
1932 if (!NT_STATUS_IS_OK(status)) {
1933 reply_nterror(req, status);
1934 END_PROFILE(SMBcreate);
1938 status = check_name(conn, fname);
1939 if (!NT_STATUS_IS_OK(status)) {
1940 reply_nterror(req, status);
1941 END_PROFILE(SMBcreate);
1945 if (fattr & aVOLID) {
1946 DEBUG(0,("Attempt to create file (%s) with volid set - "
1947 "please report this\n", fname));
1950 if(com == SMBmknew) {
1951 /* We should fail if file exists. */
1952 create_disposition = FILE_CREATE;
1954 /* Create if file doesn't exist, truncate if it does. */
1955 create_disposition = FILE_OVERWRITE_IF;
1958 /* Open file using ntcreate. */
1959 status = open_file_ntcreate(conn, req, fname, &sbuf,
1968 if (!NT_STATUS_IS_OK(status)) {
1969 END_PROFILE(SMBcreate);
1970 if (open_was_deferred(req->mid)) {
1971 /* We have re-scheduled this call. */
1974 reply_nterror(req, status);
1978 ts[0] = get_atimespec(&sbuf); /* atime. */
1979 file_ntimes(conn, fname, ts);
1981 reply_outbuf(req, 1, 0);
1982 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1984 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1985 SCVAL(req->outbuf,smb_flg,
1986 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1989 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1990 SCVAL(req->outbuf,smb_flg,
1991 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1994 DEBUG( 2, ( "reply_mknew: file %s\n", fname ) );
1995 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
1996 fname, fsp->fh->fd, (unsigned int)fattr ) );
1998 END_PROFILE(SMBcreate);
2002 /****************************************************************************
2003 Reply to a create temporary file.
2004 ****************************************************************************/
2006 void reply_ctemp(connection_struct *conn, struct smb_request *req)
2014 SMB_STRUCT_STAT sbuf;
2018 START_PROFILE(SMBctemp);
2021 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2022 END_PROFILE(SMBctemp);
2026 fattr = SVAL(req->inbuf,smb_vwv0);
2027 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2029 srvstr_get_path((char *)req->inbuf, req->flags2, fname_in,
2030 smb_buf(req->inbuf)+1, sizeof(fname_in), 0, STR_TERMINATE,
2032 if (!NT_STATUS_IS_OK(status)) {
2033 reply_nterror(req, status);
2034 END_PROFILE(SMBctemp);
2038 pstrcat(fname_in,"/TMXXXXXX");
2040 pstrcat(fname_in,"TMXXXXXX");
2043 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
2045 if (!NT_STATUS_IS_OK(status)) {
2046 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2047 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2048 ERRSRV, ERRbadpath);
2049 END_PROFILE(SMBctemp);
2052 reply_nterror(req, status);
2053 END_PROFILE(SMBctemp);
2057 status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf);
2058 if (!NT_STATUS_IS_OK(status)) {
2059 reply_nterror(req, status);
2060 END_PROFILE(SMBctemp);
2064 status = check_name(conn, fname);
2065 if (!NT_STATUS_IS_OK(status)) {
2066 reply_nterror(req, status);
2067 END_PROFILE(SMBctemp);
2071 tmpfd = smb_mkstemp(fname);
2073 reply_unixerror(req, ERRDOS, ERRnoaccess);
2074 END_PROFILE(SMBctemp);
2078 SMB_VFS_STAT(conn,fname,&sbuf);
2080 /* We should fail if file does not exist. */
2081 status = open_file_ntcreate(conn, req, fname, &sbuf,
2082 FILE_GENERIC_READ | FILE_GENERIC_WRITE,
2083 FILE_SHARE_READ|FILE_SHARE_WRITE,
2090 /* close fd from smb_mkstemp() */
2093 if (!NT_STATUS_IS_OK(status)) {
2094 if (open_was_deferred(req->mid)) {
2095 /* We have re-scheduled this call. */
2096 END_PROFILE(SMBctemp);
2099 reply_openerror(req, status);
2100 END_PROFILE(SMBctemp);
2104 reply_outbuf(req, 1, 0);
2105 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2107 /* the returned filename is relative to the directory */
2108 s = strrchr_m(fname, '/');
2116 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2117 thing in the byte section. JRA */
2118 SSVALS(p, 0, -1); /* what is this? not in spec */
2120 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2122 reply_nterror(req, NT_STATUS_NO_MEMORY);
2123 END_PROFILE(SMBctemp);
2127 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2128 SCVAL(req->outbuf, smb_flg,
2129 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2132 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2133 SCVAL(req->outbuf, smb_flg,
2134 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2137 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) );
2138 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fname, fsp->fh->fd,
2139 (unsigned int)sbuf.st_mode ) );
2141 END_PROFILE(SMBctemp);
2145 /*******************************************************************
2146 Check if a user is allowed to rename a file.
2147 ********************************************************************/
2149 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2150 uint16 dirtype, SMB_STRUCT_STAT *pst)
2154 if (!CAN_WRITE(conn)) {
2155 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2158 fmode = dos_mode(conn, fsp->fsp_name, pst);
2159 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2160 return NT_STATUS_NO_SUCH_FILE;
2163 if (S_ISDIR(pst->st_mode)) {
2164 return NT_STATUS_OK;
2167 if (fsp->access_mask & DELETE_ACCESS) {
2168 return NT_STATUS_OK;
2171 return NT_STATUS_ACCESS_DENIED;
2174 /*******************************************************************
2175 * unlink a file with all relevant access checks
2176 *******************************************************************/
2178 static NTSTATUS do_unlink(connection_struct *conn, struct smb_request *req,
2179 char *fname, uint32 dirtype)
2181 SMB_STRUCT_STAT sbuf;
2184 uint32 dirtype_orig = dirtype;
2187 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2189 if (!CAN_WRITE(conn)) {
2190 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2193 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
2194 return map_nt_error_from_unix(errno);
2197 fattr = dos_mode(conn,fname,&sbuf);
2199 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2200 dirtype = aDIR|aARCH|aRONLY;
2203 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2205 return NT_STATUS_NO_SUCH_FILE;
2208 if (!dir_check_ftype(conn, fattr, dirtype)) {
2210 return NT_STATUS_FILE_IS_A_DIRECTORY;
2212 return NT_STATUS_NO_SUCH_FILE;
2215 if (dirtype_orig & 0x8000) {
2216 /* These will never be set for POSIX. */
2217 return NT_STATUS_NO_SUCH_FILE;
2221 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2222 return NT_STATUS_FILE_IS_A_DIRECTORY;
2225 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2226 return NT_STATUS_NO_SUCH_FILE;
2229 if (dirtype & 0xFF00) {
2230 /* These will never be set for POSIX. */
2231 return NT_STATUS_NO_SUCH_FILE;
2236 return NT_STATUS_NO_SUCH_FILE;
2239 /* Can't delete a directory. */
2241 return NT_STATUS_FILE_IS_A_DIRECTORY;
2246 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2247 return NT_STATUS_OBJECT_NAME_INVALID;
2248 #endif /* JRATEST */
2250 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2252 On a Windows share, a file with read-only dosmode can be opened with
2253 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2254 fails with NT_STATUS_CANNOT_DELETE error.
2256 This semantic causes a problem that a user can not
2257 rename a file with read-only dosmode on a Samba share
2258 from a Windows command prompt (i.e. cmd.exe, but can rename
2259 from Windows Explorer).
2262 if (!lp_delete_readonly(SNUM(conn))) {
2263 if (fattr & aRONLY) {
2264 return NT_STATUS_CANNOT_DELETE;
2268 /* On open checks the open itself will check the share mode, so
2269 don't do it here as we'll get it wrong. */
2271 status = open_file_ntcreate(conn, req, fname, &sbuf,
2276 FILE_ATTRIBUTE_NORMAL,
2277 req != NULL ? 0 : INTERNAL_OPEN_ONLY,
2280 if (!NT_STATUS_IS_OK(status)) {
2281 DEBUG(10, ("open_file_ntcreate failed: %s\n",
2282 nt_errstr(status)));
2286 /* The set is across all open files on this dev/inode pair. */
2287 if (!set_delete_on_close(fsp, True, ¤t_user.ut)) {
2288 close_file(fsp, NORMAL_CLOSE);
2289 return NT_STATUS_ACCESS_DENIED;
2292 return close_file(fsp,NORMAL_CLOSE);
2295 /****************************************************************************
2296 The guts of the unlink command, split out so it may be called by the NT SMB
2298 ****************************************************************************/
2300 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2301 uint32 dirtype, const char *name_in, BOOL has_wild)
2308 NTSTATUS status = NT_STATUS_OK;
2309 SMB_STRUCT_STAT sbuf;
2311 *directory = *mask = 0;
2313 status = unix_convert(conn, name_in, has_wild, &name, NULL, &sbuf);
2314 if (!NT_STATUS_IS_OK(status)) {
2318 p = strrchr_m(name,'/');
2320 pstrcpy(directory,".");
2324 pstrcpy(directory,name);
2329 * We should only check the mangled cache
2330 * here if unix_convert failed. This means
2331 * that the path in 'mask' doesn't exist
2332 * on the file system and so we need to look
2333 * for a possible mangle. This patch from
2334 * Tine Smukavec <valentin.smukavec@hermes.si>.
2337 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params)) {
2338 char *new_mask = NULL;
2339 mangle_lookup_name_from_8_3(talloc_tos(),
2344 pstrcpy(mask, new_mask);
2349 pstrcat(directory,"/");
2350 pstrcat(directory,mask);
2352 dirtype = FILE_ATTRIBUTE_NORMAL;
2355 status = check_name(conn, directory);
2356 if (!NT_STATUS_IS_OK(status)) {
2360 status = do_unlink(conn, req, directory, dirtype);
2361 if (!NT_STATUS_IS_OK(status)) {
2367 struct smb_Dir *dir_hnd = NULL;
2371 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2372 return NT_STATUS_OBJECT_NAME_INVALID;
2375 if (strequal(mask,"????????.???")) {
2379 status = check_name(conn, directory);
2380 if (!NT_STATUS_IS_OK(status)) {
2384 dir_hnd = OpenDir(conn, directory, mask, dirtype);
2385 if (dir_hnd == NULL) {
2386 return map_nt_error_from_unix(errno);
2389 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2390 the pattern matches against the long name, otherwise the short name
2391 We don't implement this yet XXXX
2394 status = NT_STATUS_NO_SUCH_FILE;
2396 while ((dname = ReadDirName(dir_hnd, &offset))) {
2399 pstrcpy(fname,dname);
2401 if (!is_visible_file(conn, directory, dname, &st, True)) {
2405 /* Quick check for "." and ".." */
2406 if (fname[0] == '.') {
2407 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
2412 if(!mask_match(fname, mask, conn->case_sensitive)) {
2416 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
2418 status = check_name(conn, fname);
2419 if (!NT_STATUS_IS_OK(status)) {
2424 status = do_unlink(conn, req, fname, dirtype);
2425 if (!NT_STATUS_IS_OK(status)) {
2430 DEBUG(3,("unlink_internals: succesful unlink [%s]\n",
2436 if (count == 0 && NT_STATUS_IS_OK(status)) {
2437 status = map_nt_error_from_unix(errno);
2443 /****************************************************************************
2445 ****************************************************************************/
2447 void reply_unlink(connection_struct *conn, struct smb_request *req)
2452 BOOL path_contains_wcard = False;
2454 START_PROFILE(SMBunlink);
2457 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2458 END_PROFILE(SMBunlink);
2462 dirtype = SVAL(req->inbuf,smb_vwv0);
2464 srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name,
2465 smb_buf(req->inbuf) + 1, sizeof(name), 0,
2466 STR_TERMINATE, &status, &path_contains_wcard);
2467 if (!NT_STATUS_IS_OK(status)) {
2468 reply_nterror(req, status);
2469 END_PROFILE(SMBunlink);
2473 status = resolve_dfspath_wcard(conn,
2474 req->flags2 & FLAGS2_DFS_PATHNAMES,
2475 name, &path_contains_wcard);
2476 if (!NT_STATUS_IS_OK(status)) {
2477 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2478 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2479 ERRSRV, ERRbadpath);
2480 END_PROFILE(SMBunlink);
2483 reply_nterror(req, status);
2484 END_PROFILE(SMBunlink);
2488 DEBUG(3,("reply_unlink : %s\n",name));
2490 status = unlink_internals(conn, req, dirtype, name,
2491 path_contains_wcard);
2492 if (!NT_STATUS_IS_OK(status)) {
2493 if (open_was_deferred(req->mid)) {
2494 /* We have re-scheduled this call. */
2495 END_PROFILE(SMBunlink);
2498 reply_nterror(req, status);
2499 END_PROFILE(SMBunlink);
2503 reply_outbuf(req, 0, 0);
2504 END_PROFILE(SMBunlink);
2509 /****************************************************************************
2511 ****************************************************************************/
2513 static void fail_readraw(void)
2516 slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)",
2518 exit_server_cleanly(errstr);
2521 /****************************************************************************
2522 Fake (read/write) sendfile. Returns -1 on read or write fail.
2523 ****************************************************************************/
2525 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2529 size_t tosend = nread;
2536 bufsize = MIN(nread, 65536);
2538 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2542 while (tosend > 0) {
2546 if (tosend > bufsize) {
2551 ret = read_file(fsp,buf,startpos,cur_read);
2557 /* If we had a short read, fill with zeros. */
2558 if (ret < cur_read) {
2559 memset(buf, '\0', cur_read - ret);
2562 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2567 startpos += cur_read;
2571 return (ssize_t)nread;
2574 /****************************************************************************
2575 Return a readbraw error (4 bytes of zero).
2576 ****************************************************************************/
2578 static void reply_readbraw_error(void)
2582 if (write_data(smbd_server_fd(),header,4) != 4) {
2587 /****************************************************************************
2588 Use sendfile in readbraw.
2589 ****************************************************************************/
2591 void send_file_readbraw(connection_struct *conn,
2597 char *outbuf = NULL;
2600 #if defined(WITH_SENDFILE)
2602 * We can only use sendfile on a non-chained packet
2603 * but we can use on a non-oplocked file. tridge proved this
2604 * on a train in Germany :-). JRA.
2605 * reply_readbraw has already checked the length.
2608 if ( (chain_size == 0) && (nread > 0) &&
2609 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2611 DATA_BLOB header_blob;
2613 _smb_setlen(header,nread);
2614 header_blob = data_blob_const(header, 4);
2616 if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd,
2617 &header_blob, startpos, nread) == -1) {
2618 /* Returning ENOSYS means no data at all was sent.
2619 * Do this as a normal read. */
2620 if (errno == ENOSYS) {
2621 goto normal_readbraw;
2625 * Special hack for broken Linux with no working sendfile. If we
2626 * return EINTR we sent the header but not the rest of the data.
2627 * Fake this up by doing read/write calls.
2629 if (errno == EINTR) {
2630 /* Ensure we don't do this again. */
2631 set_use_sendfile(SNUM(conn), False);
2632 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2634 if (fake_sendfile(fsp, startpos, nread) == -1) {
2635 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2636 fsp->fsp_name, strerror(errno) ));
2637 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2642 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2643 fsp->fsp_name, strerror(errno) ));
2644 exit_server_cleanly("send_file_readbraw sendfile failed");
2653 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
2655 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2656 (unsigned)(nread+4)));
2657 reply_readbraw_error();
2662 ret = read_file(fsp,outbuf+4,startpos,nread);
2663 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2672 _smb_setlen(outbuf,ret);
2673 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2676 TALLOC_FREE(outbuf);
2679 /****************************************************************************
2680 Reply to a readbraw (core+ protocol).
2681 ****************************************************************************/
2683 void reply_readbraw(connection_struct *conn, struct smb_request *req)
2685 ssize_t maxcount,mincount;
2692 START_PROFILE(SMBreadbraw);
2694 if (srv_is_signing_active()) {
2695 exit_server_cleanly("reply_readbraw: SMB signing is active - "
2696 "raw reads/writes are disallowed.");
2700 reply_readbraw_error();
2701 END_PROFILE(SMBreadbraw);
2706 * Special check if an oplock break has been issued
2707 * and the readraw request croses on the wire, we must
2708 * return a zero length response here.
2711 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
2714 * We have to do a check_fsp by hand here, as
2715 * we must always return 4 zero bytes on error,
2719 if (!fsp || !conn || conn != fsp->conn ||
2720 current_user.vuid != fsp->vuid ||
2721 fsp->is_directory || fsp->fh->fd == -1) {
2723 * fsp could be NULL here so use the value from the packet. JRA.
2725 DEBUG(3,("reply_readbraw: fnum %d not valid "
2727 (int)SVAL(req->inbuf,smb_vwv0)));
2728 reply_readbraw_error();
2729 END_PROFILE(SMBreadbraw);
2733 /* Do a "by hand" version of CHECK_READ. */
2734 if (!(fsp->can_read ||
2735 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
2736 (fsp->access_mask & FILE_EXECUTE)))) {
2737 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2738 (int)SVAL(req->inbuf,smb_vwv0)));
2739 reply_readbraw_error();
2740 END_PROFILE(SMBreadbraw);
2744 flush_write_cache(fsp, READRAW_FLUSH);
2746 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv1);
2747 if(req->wct == 10) {
2749 * This is a large offset (64 bit) read.
2751 #ifdef LARGE_SMB_OFF_T
2753 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv8)) << 32);
2755 #else /* !LARGE_SMB_OFF_T */
2758 * Ensure we haven't been sent a >32 bit offset.
2761 if(IVAL(req->inbuf,smb_vwv8) != 0) {
2762 DEBUG(0,("reply_readbraw: large offset "
2763 "(%x << 32) used and we don't support "
2764 "64 bit offsets.\n",
2765 (unsigned int)IVAL(req->inbuf,smb_vwv8) ));
2766 reply_readbraw_error();
2767 END_PROFILE(SMBreadbraw);
2771 #endif /* LARGE_SMB_OFF_T */
2774 DEBUG(0,("reply_readbraw: negative 64 bit "
2775 "readraw offset (%.0f) !\n",
2776 (double)startpos ));
2777 reply_readbraw_error();
2778 END_PROFILE(SMBreadbraw);
2783 maxcount = (SVAL(req->inbuf,smb_vwv3) & 0xFFFF);
2784 mincount = (SVAL(req->inbuf,smb_vwv4) & 0xFFFF);
2786 /* ensure we don't overrun the packet size */
2787 maxcount = MIN(65535,maxcount);
2789 if (is_locked(fsp,(uint32)req->smbpid,
2790 (SMB_BIG_UINT)maxcount,
2791 (SMB_BIG_UINT)startpos,
2793 reply_readbraw_error();
2794 END_PROFILE(SMBreadbraw);
2798 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) {
2802 if (startpos >= size) {
2805 nread = MIN(maxcount,(size - startpos));
2808 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2809 if (nread < mincount)
2813 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
2814 "min=%lu nread=%lu\n",
2815 fsp->fnum, (double)startpos,
2816 (unsigned long)maxcount,
2817 (unsigned long)mincount,
2818 (unsigned long)nread ) );
2820 send_file_readbraw(conn, fsp, startpos, nread, mincount);
2822 DEBUG(5,("reply_readbraw finished\n"));
2823 END_PROFILE(SMBreadbraw);
2827 #define DBGC_CLASS DBGC_LOCKING
2829 /****************************************************************************
2830 Reply to a lockread (core+ protocol).
2831 ****************************************************************************/
2833 void reply_lockread(connection_struct *conn, struct smb_request *req)
2841 struct byte_range_lock *br_lck = NULL;
2844 START_PROFILE(SMBlockread);
2847 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2848 END_PROFILE(SMBlockread);
2852 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
2854 if (!check_fsp(conn, req, fsp, ¤t_user)) {
2855 END_PROFILE(SMBlockread);
2859 if (!CHECK_READ(fsp,req->inbuf)) {
2860 reply_doserror(req, ERRDOS, ERRbadaccess);
2861 END_PROFILE(SMBlockread);
2865 release_level_2_oplocks_on_change(fsp);
2867 numtoread = SVAL(req->inbuf,smb_vwv1);
2868 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
2870 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
2872 reply_outbuf(req, 5, numtoread + 3);
2874 data = smb_buf(req->outbuf) + 3;
2877 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2878 * protocol request that predates the read/write lock concept.
2879 * Thus instead of asking for a read lock here we need to ask
2880 * for a write lock. JRA.
2881 * Note that the requested lock size is unaffected by max_recv.
2884 br_lck = do_lock(smbd_messaging_context(),
2887 (SMB_BIG_UINT)numtoread,
2888 (SMB_BIG_UINT)startpos,
2891 False, /* Non-blocking lock. */
2894 TALLOC_FREE(br_lck);
2896 if (NT_STATUS_V(status)) {
2897 reply_nterror(req, status);
2898 END_PROFILE(SMBlockread);
2903 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
2906 if (numtoread > max_recv) {
2907 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
2908 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2909 (unsigned int)numtoread, (unsigned int)max_recv ));
2910 numtoread = MIN(numtoread,max_recv);
2912 nread = read_file(fsp,data,startpos,numtoread);
2915 reply_unixerror(req, ERRDOS, ERRnoaccess);
2916 END_PROFILE(SMBlockread);
2920 set_message(NULL, (char *)req->outbuf, 5, nread+3, False);
2922 SSVAL(req->outbuf,smb_vwv0,nread);
2923 SSVAL(req->outbuf,smb_vwv5,nread+3);
2924 p = smb_buf(req->outbuf);
2925 SCVAL(p,0,0); /* pad byte. */
2928 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
2929 fsp->fnum, (int)numtoread, (int)nread));
2931 END_PROFILE(SMBlockread);
2936 #define DBGC_CLASS DBGC_ALL
2938 /****************************************************************************
2940 ****************************************************************************/
2942 void reply_read(connection_struct *conn, struct smb_request *req)
2951 START_PROFILE(SMBread);
2954 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2955 END_PROFILE(SMBread);
2959 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
2961 if (!check_fsp(conn, req, fsp, ¤t_user)) {
2962 END_PROFILE(SMBread);
2966 if (!CHECK_READ(fsp,req->inbuf)) {
2967 reply_doserror(req, ERRDOS, ERRbadaccess);
2968 END_PROFILE(SMBread);
2972 numtoread = SVAL(req->inbuf,smb_vwv1);
2973 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
2975 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2978 * The requested read size cannot be greater than max_recv. JRA.
2980 if (numtoread > max_recv) {
2981 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
2982 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2983 (unsigned int)numtoread, (unsigned int)max_recv ));
2984 numtoread = MIN(numtoread,max_recv);
2987 reply_outbuf(req, 5, numtoread+3);
2989 data = smb_buf(req->outbuf) + 3;
2991 if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)numtoread,
2992 (SMB_BIG_UINT)startpos, READ_LOCK)) {
2993 reply_doserror(req, ERRDOS,ERRlock);
2994 END_PROFILE(SMBread);
2999 nread = read_file(fsp,data,startpos,numtoread);
3002 reply_unixerror(req, ERRDOS,ERRnoaccess);
3003 END_PROFILE(SMBread);
3007 set_message(NULL, (char *)req->outbuf, 5, nread+3, False);
3009 SSVAL(req->outbuf,smb_vwv0,nread);
3010 SSVAL(req->outbuf,smb_vwv5,nread+3);
3011 SCVAL(smb_buf(req->outbuf),0,1);
3012 SSVAL(smb_buf(req->outbuf),1,nread);
3014 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3015 fsp->fnum, (int)numtoread, (int)nread ) );
3017 END_PROFILE(SMBread);
3021 /****************************************************************************
3023 ****************************************************************************/
3025 static int setup_readX_header(const uint8 *inbuf, uint8 *outbuf,
3031 outsize = set_message((char *)inbuf, (char *)outbuf,12,smb_maxcnt,
3033 data = smb_buf(outbuf);
3035 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3036 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3037 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
3038 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3039 SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
3040 SCVAL(outbuf,smb_vwv0,0xFF);
3041 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3042 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3046 /****************************************************************************
3047 Reply to a read and X - possibly using sendfile.
3048 ****************************************************************************/
3050 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3051 files_struct *fsp, SMB_OFF_T startpos,
3054 SMB_STRUCT_STAT sbuf;
3057 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
3058 reply_unixerror(req, ERRDOS, ERRnoaccess);
3062 if (startpos > sbuf.st_size) {
3064 } else if (smb_maxcnt > (sbuf.st_size - startpos)) {
3065 smb_maxcnt = (sbuf.st_size - startpos);
3068 if (smb_maxcnt == 0) {
3072 #if defined(WITH_SENDFILE)
3074 * We can only use sendfile on a non-chained packet
3075 * but we can use on a non-oplocked file. tridge proved this
3076 * on a train in Germany :-). JRA.
3079 if ((chain_size == 0) && (CVAL(req->inbuf,smb_vwv0) == 0xFF) &&
3080 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
3081 uint8 headerbuf[smb_size + 12 * 2];
3085 * Set up the packet header before send. We
3086 * assume here the sendfile will work (get the
3087 * correct amount of data).
3090 header = data_blob_const(headerbuf, sizeof(headerbuf));
3092 construct_reply_common((char *)req->inbuf, (char *)headerbuf);
3093 setup_readX_header(req->inbuf, headerbuf, smb_maxcnt);
3095 if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) {
3096 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
3097 if (errno == ENOSYS) {
3102 * Special hack for broken Linux with no working sendfile. If we
3103 * return EINTR we sent the header but not the rest of the data.
3104 * Fake this up by doing read/write calls.
3107 if (errno == EINTR) {
3108 /* Ensure we don't do this again. */
3109 set_use_sendfile(SNUM(conn), False);
3110 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3111 nread = fake_sendfile(fsp, startpos,
3114 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3115 fsp->fsp_name, strerror(errno) ));
3116 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3118 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3119 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3120 /* No outbuf here means successful sendfile. */
3121 TALLOC_FREE(req->outbuf);
3125 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3126 fsp->fsp_name, strerror(errno) ));
3127 exit_server_cleanly("send_file_readX sendfile failed");
3130 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3131 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3132 /* No outbuf here means successful sendfile. */
3133 TALLOC_FREE(req->outbuf);
3140 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3141 uint8 headerbuf[smb_size + 2*12];
3143 construct_reply_common((char *)req->inbuf, (char *)headerbuf);
3144 setup_readX_header(req->inbuf, headerbuf, smb_maxcnt);
3146 /* Send out the header. */
3147 if (write_data(smbd_server_fd(), (char *)headerbuf,
3148 sizeof(headerbuf)) != sizeof(headerbuf)) {
3149 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3150 fsp->fsp_name, strerror(errno) ));
3151 exit_server_cleanly("send_file_readX sendfile failed");
3153 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3155 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3156 fsp->fsp_name, strerror(errno) ));
3157 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3159 TALLOC_FREE(req->outbuf);
3162 reply_outbuf(req, 12, smb_maxcnt);
3164 nread = read_file(fsp, smb_buf(req->outbuf), startpos,
3167 reply_unixerror(req, ERRDOS, ERRnoaccess);
3171 setup_readX_header(req->inbuf, req->outbuf, nread);
3173 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3174 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3182 /****************************************************************************
3183 Reply to a read and X.
3184 ****************************************************************************/
3186 void reply_read_and_X(connection_struct *conn, struct smb_request *req)
3191 BOOL big_readX = False;
3193 size_t smb_mincnt = SVAL(req->inbuf,smb_vwv6);
3196 START_PROFILE(SMBreadX);
3198 if ((req->wct != 10) && (req->wct != 12)) {
3199 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3203 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
3204 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
3205 smb_maxcnt = SVAL(req->inbuf,smb_vwv5);
3207 /* If it's an IPC, pass off the pipe handler. */
3209 reply_pipe_read_and_X(req);
3210 END_PROFILE(SMBreadX);
3214 if (!check_fsp(conn, req, fsp, ¤t_user)) {
3215 END_PROFILE(SMBreadX);
3219 if (!CHECK_READ(fsp,req->inbuf)) {
3220 reply_doserror(req, ERRDOS,ERRbadaccess);
3221 END_PROFILE(SMBreadX);
3225 if (global_client_caps & CAP_LARGE_READX) {
3226 size_t upper_size = SVAL(req->inbuf,smb_vwv7);
3227 smb_maxcnt |= (upper_size<<16);
3228 if (upper_size > 1) {
3229 /* Can't do this on a chained packet. */
3230 if ((CVAL(req->inbuf,smb_vwv0) != 0xFF)) {
3231 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3232 END_PROFILE(SMBreadX);
3235 /* We currently don't do this on signed or sealed data. */
3236 if (srv_is_signing_active() || srv_encryption_on()) {
3237 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3238 END_PROFILE(SMBreadX);
3241 /* Is there room in the reply for this data ? */
3242 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3244 NT_STATUS_INVALID_PARAMETER);
3245 END_PROFILE(SMBreadX);
3252 if (req->wct == 12) {
3253 #ifdef LARGE_SMB_OFF_T
3255 * This is a large offset (64 bit) read.
3257 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv10)) << 32);
3259 #else /* !LARGE_SMB_OFF_T */
3262 * Ensure we haven't been sent a >32 bit offset.
3265 if(IVAL(req->inbuf,smb_vwv10) != 0) {
3266 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3267 "used and we don't support 64 bit offsets.\n",
3268 (unsigned int)IVAL(req->inbuf,smb_vwv10) ));
3269 END_PROFILE(SMBreadX);
3270 reply_doserror(req, ERRDOS, ERRbadaccess);
3274 #endif /* LARGE_SMB_OFF_T */
3278 if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)smb_maxcnt,
3279 (SMB_BIG_UINT)startpos, READ_LOCK)) {
3280 END_PROFILE(SMBreadX);
3281 reply_doserror(req, ERRDOS, ERRlock);
3286 && schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
3287 END_PROFILE(SMBreadX);
3291 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3293 END_PROFILE(SMBreadX);
3297 /****************************************************************************
3298 Error replies to writebraw must have smb_wct == 1. Fix this up.
3299 ****************************************************************************/
3301 void error_to_writebrawerr(struct smb_request *req)
3303 uint8 *old_outbuf = req->outbuf;
3305 reply_outbuf(req, 1, 0);
3307 memcpy(req->outbuf, old_outbuf, smb_size);
3308 TALLOC_FREE(old_outbuf);
3311 /****************************************************************************
3312 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3313 ****************************************************************************/
3315 void reply_writebraw(connection_struct *conn, struct smb_request *req)
3320 ssize_t total_written=0;
3321 size_t numtowrite=0;
3329 START_PROFILE(SMBwritebraw);
3332 * If we ever reply with an error, it must have the SMB command
3333 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3336 SCVAL(req->inbuf,smb_com,SMBwritec);
3338 if (srv_is_signing_active()) {
3339 END_PROFILE(SMBwritebraw);
3340 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3341 "raw reads/writes are disallowed.");
3344 if (req->wct < 12) {
3345 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3346 error_to_writebrawerr(req);
3347 END_PROFILE(SMBwritebraw);
3351 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
3352 if (!check_fsp(conn, req, fsp, ¤t_user)) {
3353 error_to_writebrawerr(req);
3354 END_PROFILE(SMBwritebraw);
3358 if (!CHECK_WRITE(fsp)) {
3359 reply_doserror(req, ERRDOS, ERRbadaccess);
3360 error_to_writebrawerr(req);
3361 END_PROFILE(SMBwritebraw);
3365 tcount = IVAL(req->inbuf,smb_vwv1);
3366 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
3367 write_through = BITSETW(req->inbuf+smb_vwv7,0);
3369 /* We have to deal with slightly different formats depending
3370 on whether we are using the core+ or lanman1.0 protocol */
3372 if(Protocol <= PROTOCOL_COREPLUS) {
3373 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3374 data = smb_buf(req->inbuf);
3376 numtowrite = SVAL(req->inbuf,smb_vwv10);
3377 data = smb_base(req->inbuf) + SVAL(req->inbuf, smb_vwv11);
3380 /* Ensure we don't write bytes past the end of this packet. */
3381 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3382 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3383 error_to_writebrawerr(req);
3384 END_PROFILE(SMBwritebraw);
3388 if (is_locked(fsp,(uint32)req->smbpid,(SMB_BIG_UINT)tcount,
3389 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3390 reply_doserror(req, ERRDOS, ERRlock);
3391 error_to_writebrawerr(req);
3392 END_PROFILE(SMBwritebraw);
3397 nwritten = write_file(fsp,data,startpos,numtowrite);
3400 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3401 "wrote=%d sync=%d\n",
3402 fsp->fnum, (double)startpos, (int)numtowrite,
3403 (int)nwritten, (int)write_through));
3405 if (nwritten < (ssize_t)numtowrite) {
3406 reply_unixerror(req, ERRHRD, ERRdiskfull);
3407 error_to_writebrawerr(req);
3408 END_PROFILE(SMBwritebraw);
3412 total_written = nwritten;
3414 /* Allocate a buffer of 64k + length. */
3415 buf = TALLOC_ARRAY(NULL, char, 65540);
3417 reply_doserror(req, ERRDOS, ERRnomem);
3418 error_to_writebrawerr(req);
3419 END_PROFILE(SMBwritebraw);
3423 /* Return a SMBwritebraw message to the redirector to tell
3424 * it to send more bytes */
3426 memcpy(buf, req->inbuf, smb_size);
3427 outsize = set_message(NULL,buf,
3428 Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3429 SCVAL(buf,smb_com,SMBwritebraw);
3430 SSVALS(buf,smb_vwv0,0xFFFF);
3432 if (!send_smb(smbd_server_fd(),buf)) {
3433 exit_server_cleanly("reply_writebraw: send_smb "
3437 /* Now read the raw data into the buffer and write it */
3438 if (read_smb_length(smbd_server_fd(),buf,SMB_SECONDARY_WAIT) == -1) {
3439 exit_server_cleanly("secondary writebraw failed");
3443 * Even though this is not an smb message,
3444 * smb_len returns the generic length of a packet.
3447 numtowrite = smb_len(buf);
3449 /* Set up outbuf to return the correct size */
3450 reply_outbuf(req, 1, 0);
3452 if (numtowrite != 0) {
3454 if (numtowrite > 0xFFFF) {
3455 DEBUG(0,("reply_writebraw: Oversize secondary write "
3456 "raw requested (%u). Terminating\n",
3457 (unsigned int)numtowrite ));
3458 exit_server_cleanly("secondary writebraw failed");
3461 if (tcount > nwritten+numtowrite) {
3462 DEBUG(3,("reply_writebraw: Client overestimated the "
3464 (int)tcount,(int)nwritten,(int)numtowrite));
3467 if (read_data(smbd_server_fd(), buf+4, numtowrite)
3469 DEBUG(0,("reply_writebraw: Oversize secondary write "
3470 "raw read failed (%s). Terminating\n",
3472 exit_server_cleanly("secondary writebraw failed");
3475 nwritten = write_file(fsp,buf+4,startpos+nwritten,numtowrite);
3476 if (nwritten == -1) {
3478 reply_unixerror(req, ERRHRD, ERRdiskfull);
3479 error_to_writebrawerr(req);
3480 END_PROFILE(SMBwritebraw);
3484 if (nwritten < (ssize_t)numtowrite) {
3485 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3486 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3490 total_written += nwritten;
3495 SSVAL(req->outbuf,smb_vwv0,total_written);
3497 status = sync_file(conn, fsp, write_through);
3498 if (!NT_STATUS_IS_OK(status)) {
3499 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3500 fsp->fsp_name, nt_errstr(status) ));
3501 reply_nterror(req, status);
3502 error_to_writebrawerr(req);
3503 END_PROFILE(SMBwritebraw);
3507 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3509 fsp->fnum, (double)startpos, (int)numtowrite,
3510 (int)total_written));
3512 /* We won't return a status if write through is not selected - this
3513 * follows what WfWg does */
3514 END_PROFILE(SMBwritebraw);
3516 if (!write_through && total_written==tcount) {
3518 #if RABBIT_PELLET_FIX
3520 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3521 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3524 if (!send_keepalive(smbd_server_fd())) {
3525 exit_server_cleanly("reply_writebraw: send of "
3526 "keepalive failed");
3529 TALLOC_FREE(req->outbuf);
3535 #define DBGC_CLASS DBGC_LOCKING
3537 /****************************************************************************
3538 Reply to a writeunlock (core+).
3539 ****************************************************************************/
3541 void reply_writeunlock(connection_struct *conn, struct smb_request *req)
3543 ssize_t nwritten = -1;
3547 NTSTATUS status = NT_STATUS_OK;
3550 START_PROFILE(SMBwriteunlock);
3553 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3554 END_PROFILE(SMBwriteunlock);
3558 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
3560 if (!check_fsp(conn, req, fsp, ¤t_user)) {
3561 END_PROFILE(SMBwriteunlock);
3565 if (!CHECK_WRITE(fsp)) {
3566 reply_doserror(req, ERRDOS,ERRbadaccess);
3567 END_PROFILE(SMBwriteunlock);
3571 numtowrite = SVAL(req->inbuf,smb_vwv1);
3572 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
3573 data = smb_buf(req->inbuf) + 3;
3576 && is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)numtowrite,
3577 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3578 reply_doserror(req, ERRDOS, ERRlock);
3579 END_PROFILE(SMBwriteunlock);
3583 /* The special X/Open SMB protocol handling of
3584 zero length writes is *NOT* done for
3586 if(numtowrite == 0) {
3589 nwritten = write_file(fsp,data,startpos,numtowrite);
3592 status = sync_file(conn, fsp, False /* write through */);
3593 if (!NT_STATUS_IS_OK(status)) {
3594 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3595 fsp->fsp_name, nt_errstr(status) ));
3596 reply_nterror(req, status);
3597 END_PROFILE(SMBwriteunlock);
3601 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3602 reply_unixerror(req, ERRHRD, ERRdiskfull);
3603 END_PROFILE(SMBwriteunlock);
3608 status = do_unlock(smbd_messaging_context(),
3611 (SMB_BIG_UINT)numtowrite,
3612 (SMB_BIG_UINT)startpos,
3615 if (NT_STATUS_V(status)) {
3616 reply_nterror(req, status);
3617 END_PROFILE(SMBwriteunlock);
3622 reply_outbuf(req, 1, 0);
3624 SSVAL(req->outbuf,smb_vwv0,nwritten);
3626 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3627 fsp->fnum, (int)numtowrite, (int)nwritten));
3629 END_PROFILE(SMBwriteunlock);
3634 #define DBGC_CLASS DBGC_ALL
3636 /****************************************************************************
3638 ****************************************************************************/
3640 void reply_write(connection_struct *conn, struct smb_request *req)
3643 ssize_t nwritten = -1;
3649 START_PROFILE(SMBwrite);
3652 END_PROFILE(SMBwrite);
3653 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3657 /* If it's an IPC, pass off the pipe handler. */
3659 reply_pipe_write(req);
3660 END_PROFILE(SMBwrite);
3664 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
3666 if (!check_fsp(conn, req, fsp, ¤t_user)) {
3667 END_PROFILE(SMBwrite);
3671 if (!CHECK_WRITE(fsp)) {
3672 reply_doserror(req, ERRDOS, ERRbadaccess);
3673 END_PROFILE(SMBwrite);
3677 numtowrite = SVAL(req->inbuf,smb_vwv1);
3678 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
3679 data = smb_buf(req->inbuf) + 3;
3681 if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)numtowrite,
3682 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3683 reply_doserror(req, ERRDOS, ERRlock);
3684 END_PROFILE(SMBwrite);
3689 * X/Open SMB protocol says that if smb_vwv1 is
3690 * zero then the file size should be extended or
3691 * truncated to the size given in smb_vwv[2-3].
3694 if(numtowrite == 0) {
3696 * This is actually an allocate call, and set EOF. JRA.
3698 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
3700 reply_nterror(req, NT_STATUS_DISK_FULL);
3701 END_PROFILE(SMBwrite);
3704 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
3706 reply_nterror(req, NT_STATUS_DISK_FULL);
3707 END_PROFILE(SMBwrite);
3711 nwritten = write_file(fsp,data,startpos,numtowrite);
3713 status = sync_file(conn, fsp, False);
3714 if (!NT_STATUS_IS_OK(status)) {
3715 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3716 fsp->fsp_name, nt_errstr(status) ));
3717 reply_nterror(req, status);
3718 END_PROFILE(SMBwrite);
3722 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3723 reply_unixerror(req, ERRHRD, ERRdiskfull);
3724 END_PROFILE(SMBwrite);
3728 reply_outbuf(req, 1, 0);
3730 SSVAL(req->outbuf,smb_vwv0,nwritten);
3732 if (nwritten < (ssize_t)numtowrite) {
3733 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3734 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3737 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3739 END_PROFILE(SMBwrite);
3743 /****************************************************************************
3744 Reply to a write and X.
3745 ****************************************************************************/
3747 void reply_write_and_X(connection_struct *conn, struct smb_request *req)
3754 unsigned int smb_doff;
3755 unsigned int smblen;
3760 START_PROFILE(SMBwriteX);
3762 if ((req->wct != 12) && (req->wct != 14)) {
3763 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3764 END_PROFILE(SMBwriteX);
3768 numtowrite = SVAL(req->inbuf,smb_vwv10);
3769 smb_doff = SVAL(req->inbuf,smb_vwv11);
3770 smblen = smb_len(req->inbuf);
3771 large_writeX = ((req->wct == 14) && (smblen > 0xFFFF));
3773 /* Deal with possible LARGE_WRITEX */
3775 numtowrite |= ((((size_t)SVAL(req->inbuf,smb_vwv9)) & 1 )<<16);
3778 if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) {
3779 reply_doserror(req, ERRDOS, ERRbadmem);
3780 END_PROFILE(SMBwriteX);
3784 /* If it's an IPC, pass off the pipe handler. */
3786 reply_pipe_write_and_X(req);
3787 END_PROFILE(SMBwriteX);
3791 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
3792 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
3793 write_through = BITSETW(req->inbuf+smb_vwv7,0);
3795 if (!check_fsp(conn, req, fsp, ¤t_user)) {
3796 END_PROFILE(SMBwriteX);
3800 if (!CHECK_WRITE(fsp)) {
3801 reply_doserror(req, ERRDOS, ERRbadaccess);
3802 END_PROFILE(SMBwriteX);
3806 data = smb_base(req->inbuf) + smb_doff;
3808 if(req->wct == 14) {
3809 #ifdef LARGE_SMB_OFF_T
3811 * This is a large offset (64 bit) write.
3813 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv12)) << 32);
3815 #else /* !LARGE_SMB_OFF_T */
3818 * Ensure we haven't been sent a >32 bit offset.
3821 if(IVAL(req->inbuf,smb_vwv12) != 0) {
3822 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
3823 "used and we don't support 64 bit offsets.\n",
3824 (unsigned int)IVAL(inbuf,smb_vwv12) ));
3825 reply_doserror(req, ERRDOS, ERRbadaccess);
3826 END_PROFILE(SMBwriteX);
3830 #endif /* LARGE_SMB_OFF_T */
3833 if (is_locked(fsp,(uint32)req->smbpid,
3834 (SMB_BIG_UINT)numtowrite,
3835 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3836 reply_doserror(req, ERRDOS, ERRlock);
3837 END_PROFILE(SMBwriteX);
3841 /* X/Open SMB protocol says that, unlike SMBwrite
3842 if the length is zero then NO truncation is
3843 done, just a write of zero. To truncate a file,
3846 if(numtowrite == 0) {
3850 if (schedule_aio_write_and_X(conn, req, fsp, data, startpos,
3852 END_PROFILE(SMBwriteX);
3856 nwritten = write_file(fsp,data,startpos,numtowrite);
3859 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3860 reply_unixerror(req, ERRHRD, ERRdiskfull);
3861 END_PROFILE(SMBwriteX);
3865 reply_outbuf(req, 6, 0);
3866 SSVAL(req->outbuf,smb_vwv2,nwritten);
3868 SSVAL(req->outbuf,smb_vwv4,(nwritten>>16)&1);
3870 if (nwritten < (ssize_t)numtowrite) {
3871 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3872 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3875 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
3876 fsp->fnum, (int)numtowrite, (int)nwritten));
3878 status = sync_file(conn, fsp, write_through);
3879 if (!NT_STATUS_IS_OK(status)) {
3880 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
3881 fsp->fsp_name, nt_errstr(status) ));
3882 reply_nterror(req, status);
3883 END_PROFILE(SMBwriteX);
3887 END_PROFILE(SMBwriteX);
3892 /****************************************************************************
3894 ****************************************************************************/
3896 void reply_lseek(connection_struct *conn, struct smb_request *req)
3903 START_PROFILE(SMBlseek);
3906 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3907 END_PROFILE(SMBlseek);
3911 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
3913 if (!check_fsp(conn, req, fsp, ¤t_user)) {
3917 flush_write_cache(fsp, SEEK_FLUSH);
3919 mode = SVAL(req->inbuf,smb_vwv1) & 3;
3920 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
3921 startpos = (SMB_OFF_T)IVALS(req->inbuf,smb_vwv2);
3930 res = fsp->fh->pos + startpos;
3941 if (umode == SEEK_END) {
3942 if((res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,startpos,umode)) == -1) {
3943 if(errno == EINVAL) {
3944 SMB_OFF_T current_pos = startpos;
3945 SMB_STRUCT_STAT sbuf;
3947 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
3948 reply_unixerror(req, ERRDOS,
3950 END_PROFILE(SMBlseek);
3954 current_pos += sbuf.st_size;
3956 res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,0,SEEK_SET);
3961 reply_unixerror(req, ERRDOS, ERRnoaccess);
3962 END_PROFILE(SMBlseek);
3969 reply_outbuf(req, 2, 0);
3970 SIVAL(req->outbuf,smb_vwv0,res);
3972 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
3973 fsp->fnum, (double)startpos, (double)res, mode));
3975 END_PROFILE(SMBlseek);
3979 /****************************************************************************
3981 ****************************************************************************/
3983 void reply_flush(connection_struct *conn, struct smb_request *req)
3988 START_PROFILE(SMBflush);
3991 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3995 fnum = SVAL(req->inbuf,smb_vwv0);
3996 fsp = file_fsp(fnum);
3998 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp, ¤t_user)) {
4003 file_sync_all(conn);
4005 NTSTATUS status = sync_file(conn, fsp, True);
4006 if (!NT_STATUS_IS_OK(status)) {
4007 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4008 fsp->fsp_name, nt_errstr(status) ));
4009 reply_nterror(req, status);
4010 END_PROFILE(SMBflush);
4015 reply_outbuf(req, 0, 0);
4017 DEBUG(3,("flush\n"));
4018 END_PROFILE(SMBflush);
4022 /****************************************************************************
4024 conn POINTER CAN BE NULL HERE !
4025 ****************************************************************************/
4027 void reply_exit(connection_struct *conn, struct smb_request *req)
4029 START_PROFILE(SMBexit);
4031 file_close_pid(req->smbpid, req->vuid);
4033 reply_outbuf(req, 0, 0);
4035 DEBUG(3,("exit\n"));
4037 END_PROFILE(SMBexit);
4041 /****************************************************************************
4042 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4043 ****************************************************************************/
4045 void reply_close(connection_struct *conn, struct smb_request *req)
4047 NTSTATUS status = NT_STATUS_OK;
4048 files_struct *fsp = NULL;
4049 START_PROFILE(SMBclose);
4052 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4053 END_PROFILE(SMBclose);
4057 /* If it's an IPC, pass off to the pipe handler. */
4059 reply_pipe_close(conn, req);
4060 END_PROFILE(SMBclose);
4064 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4067 * We can only use CHECK_FSP if we know it's not a directory.
4070 if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) {
4071 reply_doserror(req, ERRDOS, ERRbadfid);
4072 END_PROFILE(SMBclose);
4076 if(fsp->is_directory) {
4078 * Special case - close NT SMB directory handle.
4080 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4081 status = close_file(fsp,NORMAL_CLOSE);
4084 * Close ordinary file.
4087 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4088 fsp->fh->fd, fsp->fnum,
4089 conn->num_files_open));
4092 * Take care of any time sent in the close.
4095 fsp_set_pending_modtime(fsp, convert_time_t_to_timespec(
4096 srv_make_unix_date3(
4097 req->inbuf+smb_vwv1)));
4100 * close_file() returns the unix errno if an error
4101 * was detected on close - normally this is due to
4102 * a disk full error. If not then it was probably an I/O error.
4105 status = close_file(fsp,NORMAL_CLOSE);
4108 if (!NT_STATUS_IS_OK(status)) {
4109 reply_nterror(req, status);
4110 END_PROFILE(SMBclose);
4114 reply_outbuf(req, 0, 0);
4115 END_PROFILE(SMBclose);
4119 /****************************************************************************
4120 Reply to a writeclose (Core+ protocol).
4121 ****************************************************************************/
4123 void reply_writeclose(connection_struct *conn, struct smb_request *req)
4126 ssize_t nwritten = -1;
4127 NTSTATUS close_status = NT_STATUS_OK;
4130 struct timespec mtime;
4133 START_PROFILE(SMBwriteclose);
4136 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4137 END_PROFILE(SMBwriteclose);
4141 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4143 if (!check_fsp(conn, req, fsp, ¤t_user)) {
4144 END_PROFILE(SMBwriteclose);
4147 if (!CHECK_WRITE(fsp)) {
4148 reply_doserror(req, ERRDOS,ERRbadaccess);
4149 END_PROFILE(SMBwriteclose);
4153 numtowrite = SVAL(req->inbuf,smb_vwv1);
4154 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
4155 mtime = convert_time_t_to_timespec(srv_make_unix_date3(
4156 req->inbuf+smb_vwv4));
4157 data = smb_buf(req->inbuf) + 1;
4160 && is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)numtowrite,
4161 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
4162 reply_doserror(req, ERRDOS,ERRlock);
4163 END_PROFILE(SMBwriteclose);
4167 nwritten = write_file(fsp,data,startpos,numtowrite);
4169 set_filetime(conn, fsp->fsp_name, mtime);
4172 * More insanity. W2K only closes the file if writelen > 0.
4177 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4179 close_status = close_file(fsp,NORMAL_CLOSE);
4182 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4183 fsp->fnum, (int)numtowrite, (int)nwritten,
4184 conn->num_files_open));
4186 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4187 reply_doserror(req, ERRHRD, ERRdiskfull);
4188 END_PROFILE(SMBwriteclose);
4192 if(!NT_STATUS_IS_OK(close_status)) {
4193 reply_nterror(req, close_status);
4194 END_PROFILE(SMBwriteclose);
4198 reply_outbuf(req, 1, 0);
4200 SSVAL(req->outbuf,smb_vwv0,nwritten);
4201 END_PROFILE(SMBwriteclose);
4206 #define DBGC_CLASS DBGC_LOCKING
4208 /****************************************************************************
4210 ****************************************************************************/
4212 void reply_lock(connection_struct *conn, struct smb_request *req)
4214 SMB_BIG_UINT count,offset;
4217 struct byte_range_lock *br_lck = NULL;
4219 START_PROFILE(SMBlock);
4222 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4223 END_PROFILE(SMBlock);
4227 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4229 if (!check_fsp(conn, req, fsp, ¤t_user)) {
4230 END_PROFILE(SMBlock);
4234 release_level_2_oplocks_on_change(fsp);
4236 count = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv1);
4237 offset = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv3);
4239 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4240 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
4242 br_lck = do_lock(smbd_messaging_context(),
4249 False, /* Non-blocking lock. */
4253 TALLOC_FREE(br_lck);
4255 if (NT_STATUS_V(status)) {
4256 reply_nterror(req, status);
4257 END_PROFILE(SMBlock);
4261 reply_outbuf(req, 0, 0);
4263 END_PROFILE(SMBlock);
4267 /****************************************************************************
4269 ****************************************************************************/
4271 void reply_unlock(connection_struct *conn, struct smb_request *req)
4273 SMB_BIG_UINT count,offset;
4277 START_PROFILE(SMBunlock);
4280 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4281 END_PROFILE(SMBunlock);
4285 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4287 if (!check_fsp(conn, req, fsp, ¤t_user)) {
4288 END_PROFILE(SMBunlock);
4292 count = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv1);
4293 offset = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv3);
4295 status = do_unlock(smbd_messaging_context(),
4302 if (NT_STATUS_V(status)) {
4303 reply_nterror(req, status);
4304 END_PROFILE(SMBunlock);
4308 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4309 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
4311 reply_outbuf(req, 0, 0);
4313 END_PROFILE(SMBunlock);
4318 #define DBGC_CLASS DBGC_ALL
4320 /****************************************************************************
4322 conn POINTER CAN BE NULL HERE !
4323 ****************************************************************************/
4325 void reply_tdis(connection_struct *conn, struct smb_request *req)
4327 START_PROFILE(SMBtdis);
4330 DEBUG(4,("Invalid connection in tdis\n"));
4331 reply_doserror(req, ERRSRV, ERRinvnid);
4332 END_PROFILE(SMBtdis);
4338 close_cnum(conn,req->vuid);
4340 reply_outbuf(req, 0, 0);
4341 END_PROFILE(SMBtdis);
4345 /****************************************************************************
4347 conn POINTER CAN BE NULL HERE !
4348 ****************************************************************************/
4350 void reply_echo(connection_struct *conn, struct smb_request *req)
4354 unsigned int data_len = smb_buflen(req->inbuf);
4356 START_PROFILE(SMBecho);
4359 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4360 END_PROFILE(SMBecho);
4364 if (data_len > BUFFER_SIZE) {
4365 DEBUG(0,("reply_echo: data_len too large.\n"));
4366 reply_nterror(req, NT_STATUS_INSUFFICIENT_RESOURCES);
4367 END_PROFILE(SMBecho);
4371 smb_reverb = SVAL(req->inbuf,smb_vwv0);
4373 reply_outbuf(req, 1, data_len);
4375 /* copy any incoming data back out */
4377 memcpy(smb_buf(req->outbuf),smb_buf(req->inbuf),data_len);
4380 if (smb_reverb > 100) {
4381 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
4385 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
4386 SSVAL(req->outbuf,smb_vwv0,seq_num);
4388 show_msg((char *)req->outbuf);
4389 if (!send_smb(smbd_server_fd(),(char *)req->outbuf))
4390 exit_server_cleanly("reply_echo: send_smb failed.");
4393 DEBUG(3,("echo %d times\n", smb_reverb));
4395 TALLOC_FREE(req->outbuf);
4399 END_PROFILE(SMBecho);
4403 /****************************************************************************
4404 Reply to a printopen.
4405 ****************************************************************************/
4407 void reply_printopen(connection_struct *conn, struct smb_request *req)
4412 START_PROFILE(SMBsplopen);
4415 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4416 END_PROFILE(SMBsplopen);
4420 if (!CAN_PRINT(conn)) {
4421 reply_doserror(req, ERRDOS, ERRnoaccess);
4422 END_PROFILE(SMBsplopen);
4426 /* Open for exclusive use, write only. */
4427 status = print_fsp_open(conn, NULL, &fsp);
4429 if (!NT_STATUS_IS_OK(status)) {
4430 reply_nterror(req, status);
4431 END_PROFILE(SMBsplopen);
4435 reply_outbuf(req, 1, 0);
4436 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
4438 DEBUG(3,("openprint fd=%d fnum=%d\n",
4439 fsp->fh->fd, fsp->fnum));
4441 END_PROFILE(SMBsplopen);
4445 /****************************************************************************
4446 Reply to a printclose.
4447 ****************************************************************************/
4449 void reply_printclose(connection_struct *conn, struct smb_request *req)
4454 START_PROFILE(SMBsplclose);
4457 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4458 END_PROFILE(SMBsplclose);
4462 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4464 if (!check_fsp(conn, req, fsp, ¤t_user)) {
4465 END_PROFILE(SMBsplclose);
4469 if (!CAN_PRINT(conn)) {
4470 reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRerror));
4471 END_PROFILE(SMBsplclose);
4475 DEBUG(3,("printclose fd=%d fnum=%d\n",
4476 fsp->fh->fd,fsp->fnum));
4478 status = close_file(fsp,NORMAL_CLOSE);
4480 if(!NT_STATUS_IS_OK(status)) {
4481 reply_nterror(req, status);
4482 END_PROFILE(SMBsplclose);
4486 END_PROFILE(SMBsplclose);
4490 /****************************************************************************
4491 Reply to a printqueue.
4492 ****************************************************************************/
4494 void reply_printqueue(connection_struct *conn, struct smb_request *req)
4499 START_PROFILE(SMBsplretq);
4502 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4503 END_PROFILE(SMBsplretq);
4507 max_count = SVAL(req->inbuf,smb_vwv0);
4508 start_index = SVAL(req->inbuf,smb_vwv1);
4510 /* we used to allow the client to get the cnum wrong, but that
4511 is really quite gross and only worked when there was only
4512 one printer - I think we should now only accept it if they
4513 get it right (tridge) */
4514 if (!CAN_PRINT(conn)) {
4515 reply_doserror(req, ERRDOS, ERRnoaccess);
4516 END_PROFILE(SMBsplretq);
4520 reply_outbuf(req, 2, 3);
4521 SSVAL(req->outbuf,smb_vwv0,0);
4522 SSVAL(req->outbuf,smb_vwv1,0);
4523 SCVAL(smb_buf(req->outbuf),0,1);
4524 SSVAL(smb_buf(req->outbuf),1,0);
4526 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4527 start_index, max_count));
4530 print_queue_struct *queue = NULL;
4531 print_status_struct status;
4532 int count = print_queue_status(SNUM(conn), &queue, &status);
4533 int num_to_get = ABS(max_count);
4534 int first = (max_count>0?start_index:start_index+max_count+1);
4540 num_to_get = MIN(num_to_get,count-first);
4543 for (i=first;i<first+num_to_get;i++) {
4547 srv_put_dos_date2(p,0,queue[i].time);
4548 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
4549 SSVAL(p,5, queue[i].job);
4550 SIVAL(p,7,queue[i].size);
4552 srvstr_push(blob, req->flags2, p+12,
4553 queue[i].fs_user, 16, STR_ASCII);
4555 if (message_push_blob(
4558 blob, sizeof(blob))) == -1) {
4559 reply_nterror(req, NT_STATUS_NO_MEMORY);
4560 END_PROFILE(SMBsplretq);
4566 SSVAL(req->outbuf,smb_vwv0,count);
4567 SSVAL(req->outbuf,smb_vwv1,
4568 (max_count>0?first+count:first-1));
4569 SCVAL(smb_buf(req->outbuf),0,1);
4570 SSVAL(smb_buf(req->outbuf),1,28*count);
4575 DEBUG(3,("%d entries returned in queue\n",count));
4578 END_PROFILE(SMBsplretq);
4582 /****************************************************************************
4583 Reply to a printwrite.
4584 ****************************************************************************/
4586 void reply_printwrite(connection_struct *conn, struct smb_request *req)
4592 START_PROFILE(SMBsplwr);
4595 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4596 END_PROFILE(SMBsplwr);
4600 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4602 if (!check_fsp(conn, req, fsp, ¤t_user)) {
4603 END_PROFILE(SMBsplwr);
4607 if (!CAN_PRINT(conn)) {
4608 reply_doserror(req, ERRDOS, ERRnoaccess);
4609 END_PROFILE(SMBsplwr);
4613 if (!CHECK_WRITE(fsp)) {
4614 reply_doserror(req, ERRDOS, ERRbadaccess);
4615 END_PROFILE(SMBsplwr);
4619 numtowrite = SVAL(smb_buf(req->inbuf),1);
4621 if (smb_buflen(req->inbuf) < numtowrite + 3) {
4622 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4623 END_PROFILE(SMBsplwr);
4627 data = smb_buf(req->inbuf) + 3;
4629 if (write_file(fsp,data,-1,numtowrite) != numtowrite) {
4630 reply_unixerror(req, ERRHRD, ERRdiskfull);
4631 END_PROFILE(SMBsplwr);
4635 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
4637 END_PROFILE(SMBsplwr);
4641 /****************************************************************************
4643 ****************************************************************************/
4645 void reply_mkdir(connection_struct *conn, struct smb_request *req)
4647 pstring directory_in;
4648 char *directory = NULL;
4650 SMB_STRUCT_STAT sbuf;
4652 START_PROFILE(SMBmkdir);
4654 srvstr_get_path((char *)req->inbuf, req->flags2, directory_in,
4655 smb_buf(req->inbuf) + 1, sizeof(directory_in), 0,
4656 STR_TERMINATE, &status);
4657 if (!NT_STATUS_IS_OK(status)) {
4658 reply_nterror(req, status);
4659 END_PROFILE(SMBmkdir);
4663 status = resolve_dfspath(conn,
4664 req->flags2 & FLAGS2_DFS_PATHNAMES,
4666 if (!NT_STATUS_IS_OK(status)) {
4667 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4668 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4669 ERRSRV, ERRbadpath);
4670 END_PROFILE(SMBmkdir);
4673 reply_nterror(req, status);
4674 END_PROFILE(SMBmkdir);
4678 status = unix_convert(conn, directory_in, False, &directory, NULL, &sbuf);
4679 if (!NT_STATUS_IS_OK(status)) {
4680 reply_nterror(req, status);
4681 END_PROFILE(SMBmkdir);
4685 status = check_name(conn, directory);
4686 if (!NT_STATUS_IS_OK(status)) {
4687 reply_nterror(req, status);
4688 END_PROFILE(SMBmkdir);
4692 status = create_directory(conn, directory);
4694 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
4696 if (!NT_STATUS_IS_OK(status)) {
4698 if (!use_nt_status()
4699 && NT_STATUS_EQUAL(status,
4700 NT_STATUS_OBJECT_NAME_COLLISION)) {
4702 * Yes, in the DOS error code case we get a
4703 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
4704 * samba4 torture test.
4706 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
4709 reply_nterror(req, status);
4710 END_PROFILE(SMBmkdir);
4714 reply_outbuf(req, 0, 0);
4716 DEBUG( 3, ( "mkdir %s\n", directory ) );
4718 END_PROFILE(SMBmkdir);
4722 /****************************************************************************
4723 Static function used by reply_rmdir to delete an entire directory
4724 tree recursively. Return True on ok, False on fail.
4725 ****************************************************************************/
4727 static BOOL recursive_rmdir(connection_struct *conn, char *directory)
4729 const char *dname = NULL;
4732 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
4737 while((dname = ReadDirName(dir_hnd, &offset))) {
4741 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4744 if (!is_visible_file(conn, directory, dname, &st, False))
4747 /* Construct the full name. */
4748 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
4754 pstrcpy(fullname, directory);
4755 pstrcat(fullname, "/");
4756 pstrcat(fullname, dname);
4758 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
4763 if(st.st_mode & S_IFDIR) {
4764 if(!recursive_rmdir(conn, fullname)) {
4768 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
4772 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
4781 /****************************************************************************
4782 The internals of the rmdir code - called elsewhere.
4783 ****************************************************************************/
4785 NTSTATUS rmdir_internals(connection_struct *conn, const char *directory)
4790 /* Might be a symlink. */
4791 if(SMB_VFS_LSTAT(conn, directory, &st) != 0) {
4792 return map_nt_error_from_unix(errno);
4795 if (S_ISLNK(st.st_mode)) {
4796 /* Is what it points to a directory ? */
4797 if(SMB_VFS_STAT(conn, directory, &st) != 0) {
4798 return map_nt_error_from_unix(errno);
4800 if (!(S_ISDIR(st.st_mode))) {
4801 return NT_STATUS_NOT_A_DIRECTORY;
4803 ret = SMB_VFS_UNLINK(conn,directory);
4805 ret = SMB_VFS_RMDIR(conn,directory);
4808 notify_fname(conn, NOTIFY_ACTION_REMOVED,
4809 FILE_NOTIFY_CHANGE_DIR_NAME,
4811 return NT_STATUS_OK;
4814 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
4816 * Check to see if the only thing in this directory are
4817 * vetoed files/directories. If so then delete them and
4818 * retry. If we fail to delete any of them (and we *don't*
4819 * do a recursive delete) then fail the rmdir.
4823 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
4825 if(dir_hnd == NULL) {
4830 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
4831 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4833 if (!is_visible_file(conn, directory, dname, &st, False))
4835 if(!IS_VETO_PATH(conn, dname)) {
4842 /* We only have veto files/directories. Recursive delete. */
4844 RewindDir(dir_hnd,&dirpos);
4845 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
4848 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4850 if (!is_visible_file(conn, directory, dname, &st, False))
4853 /* Construct the full name. */
4854 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
4859 pstrcpy(fullname, directory);
4860 pstrcat(fullname, "/");
4861 pstrcat(fullname, dname);
4863 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0)
4865 if(st.st_mode & S_IFDIR) {
4866 if(lp_recursive_veto_delete(SNUM(conn))) {
4867 if(!recursive_rmdir(conn, fullname))
4870 if(SMB_VFS_RMDIR(conn,fullname) != 0)
4872 } else if(SMB_VFS_UNLINK(conn,fullname) != 0)
4876 /* Retry the rmdir */
4877 ret = SMB_VFS_RMDIR(conn,directory);
4883 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
4884 "%s\n", directory,strerror(errno)));
4885 return map_nt_error_from_unix(errno);
4888 notify_fname(conn, NOTIFY_ACTION_REMOVED,
4889 FILE_NOTIFY_CHANGE_DIR_NAME,
4892 return NT_STATUS_OK;
4895 /****************************************************************************
4897 ****************************************************************************/
4899 void reply_rmdir(connection_struct *conn, struct smb_request *req)
4901 pstring directory_in;
4902 char *directory = NULL;
4903 SMB_STRUCT_STAT sbuf;
4905 START_PROFILE(SMBrmdir);
4907 srvstr_get_path((char *)req->inbuf, req->flags2, directory_in,
4908 smb_buf(req->inbuf) + 1, sizeof(directory_in), 0,
4909 STR_TERMINATE, &status);
4910 if (!NT_STATUS_IS_OK(status)) {
4911 reply_nterror(req, status);
4912 END_PROFILE(SMBrmdir);
4916 status = resolve_dfspath(conn,
4917 req->flags2 & FLAGS2_DFS_PATHNAMES,
4919 if (!NT_STATUS_IS_OK(status)) {
4920 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4921 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4922 ERRSRV, ERRbadpath);
4923 END_PROFILE(SMBrmdir);
4926 reply_nterror(req, status);
4927 END_PROFILE(SMBrmdir);
4931 status = unix_convert(conn, directory_in, False, &directory,
4933 if (!NT_STATUS_IS_OK(status)) {
4934 reply_nterror(req, status);
4935 END_PROFILE(SMBrmdir);
4939 status = check_name(conn, directory);
4940 if (!NT_STATUS_IS_OK(status)) {
4941 reply_nterror(req, status);
4942 END_PROFILE(SMBrmdir);
4946 dptr_closepath(directory, req->smbpid);
4947 status = rmdir_internals(conn, directory);
4948 if (!NT_STATUS_IS_OK(status)) {
4949 reply_nterror(req, status);
4950 END_PROFILE(SMBrmdir);
4954 reply_outbuf(req, 0, 0);
4956 DEBUG( 3, ( "rmdir %s\n", directory ) );
4958 END_PROFILE(SMBrmdir);
4962 /*******************************************************************
4963 Resolve wildcards in a filename rename.
4964 ********************************************************************/
4966 static BOOL resolve_wildcards(TALLOC_CTX *ctx,
4971 char *name2_copy = NULL;
4976 char *p,*p2, *pname1, *pname2;
4978 name2_copy = talloc_strdup(ctx, name2);
4983 pname1 = strrchr_m(name1,'/');
4984 pname2 = strrchr_m(name2_copy,'/');
4986 if (!pname1 || !pname2) {
4990 /* Truncate the copy of name2 at the last '/' */
4993 /* Now go past the '/' */
4997 root1 = talloc_strdup(ctx, pname1);
4998 root2 = talloc_strdup(ctx, pname2);
5000 if (!root1 || !root2) {
5004 p = strrchr_m(root1,'.');
5007 ext1 = talloc_strdup(ctx, p+1);
5009 ext1 = talloc_strdup(ctx, "");
5011 p = strrchr_m(root2,'.');
5014 ext2 = talloc_strdup(ctx, p+1);
5016 ext2 = talloc_strdup(ctx, "");
5019 if (!ext1 || !ext2) {
5027 /* Hmmm. Should this be mb-aware ? */
5030 } else if (*p2 == '*') {
5032 root2 = talloc_asprintf(ctx, "%s%s",
5051 /* Hmmm. Should this be mb-aware ? */
5054 } else if (*p2 == '*') {
5056 ext2 = talloc_asprintf(ctx, "%s%s",
5072 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5077 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5089 /****************************************************************************
5090 Ensure open files have their names updated. Updated to notify other smbd's
5092 ****************************************************************************/
5094 static void rename_open_files(connection_struct *conn,
5095 struct share_mode_lock *lck,
5096 const char *newname)
5099 BOOL did_rename = False;
5101 for(fsp = file_find_di_first(lck->id); fsp;
5102 fsp = file_find_di_next(fsp)) {
5103 /* fsp_name is a relative path under the fsp. To change this for other
5104 sharepaths we need to manipulate relative paths. */
5105 /* TODO - create the absolute path and manipulate the newname
5106 relative to the sharepath. */
5107 if (fsp->conn != conn) {
5110 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
5111 fsp->fnum, file_id_string_tos(&fsp->file_id),
5112 fsp->fsp_name, newname ));
5113 string_set(&fsp->fsp_name, newname);
5118 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
5119 file_id_string_tos(&lck->id), newname ));
5122 /* Send messages to all smbd's (not ourself) that the name has changed. */
5123 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
5127 /****************************************************************************
5128 We need to check if the source path is a parent directory of the destination
5129 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5130 refuse the rename with a sharing violation. Under UNIX the above call can
5131 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5132 probably need to check that the client is a Windows one before disallowing
5133 this as a UNIX client (one with UNIX extensions) can know the source is a
5134 symlink and make this decision intelligently. Found by an excellent bug
5135 report from <AndyLiebman@aol.com>.
5136 ****************************************************************************/
5138 static BOOL rename_path_prefix_equal(const char *src, const char *dest)
5140 const char *psrc = src;
5141 const char *pdst = dest;
5144 if (psrc[0] == '.' && psrc[1] == '/') {
5147 if (pdst[0] == '.' && pdst[1] == '/') {
5150 if ((slen = strlen(psrc)) > strlen(pdst)) {
5153 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5157 * Do the notify calls from a rename
5160 static void notify_rename(connection_struct *conn, BOOL is_dir,
5161 const char *oldpath, const char *newpath)
5163 char *olddir, *newdir;
5164 const char *oldname, *newname;
5167 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5168 : FILE_NOTIFY_CHANGE_FILE_NAME;
5170 if (!parent_dirname_talloc(NULL, oldpath, &olddir, &oldname)
5171 || !parent_dirname_talloc(NULL, newpath, &newdir, &newname)) {
5172 TALLOC_FREE(olddir);
5176 if (strcmp(olddir, newdir) == 0) {
5177 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
5178 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
5181 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
5182 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
5184 TALLOC_FREE(olddir);
5185 TALLOC_FREE(newdir);
5187 /* this is a strange one. w2k3 gives an additional event for
5188 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5189 files, but not directories */
5191 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5192 FILE_NOTIFY_CHANGE_ATTRIBUTES
5193 |FILE_NOTIFY_CHANGE_CREATION,
5198 /****************************************************************************
5199 Rename an open file - given an fsp.
5200 ****************************************************************************/
5202 NTSTATUS rename_internals_fsp(connection_struct *conn,
5205 const char *newname_last_component,
5207 BOOL replace_if_exists)
5209 TALLOC_CTX *ctx = talloc_tos();
5210 SMB_STRUCT_STAT sbuf, sbuf1;
5211 NTSTATUS status = NT_STATUS_OK;
5212 struct share_mode_lock *lck = NULL;
5217 status = check_name(conn, newname);
5218 if (!NT_STATUS_IS_OK(status)) {
5222 /* Ensure newname contains a '/' */
5223 if(strrchr_m(newname,'/') == 0) {
5224 newname = talloc_asprintf(ctx,
5228 return NT_STATUS_NO_MEMORY;
5233 * Check for special case with case preserving and not
5234 * case sensitive. If the old last component differs from the original
5235 * last component only by case, then we should allow
5236 * the rename (user is trying to change the case of the
5240 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5241 strequal(newname, fsp->fsp_name)) {
5243 char *newname_modified_last_component = NULL;
5246 * Get the last component of the modified name.
5247 * Note that we guarantee that newname contains a '/'
5250 p = strrchr_m(newname,'/');
5251 newname_modified_last_component = talloc_strdup(ctx,
5253 if (!newname_modified_last_component) {
5254 return NT_STATUS_NO_MEMORY;
5257 if(strcsequal(newname_modified_last_component,
5258 newname_last_component) == False) {
5260 * Replace the modified last component with
5263 *p = '\0'; /* Truncate at the '/' */
5264 newname = talloc_asprintf(ctx,
5267 newname_last_component);
5272 * If the src and dest names are identical - including case,
5273 * don't do the rename, just return success.
5276 if (strcsequal(fsp->fsp_name, newname)) {
5277 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
5279 return NT_STATUS_OK;
5283 * Have vfs_object_exist also fill sbuf1
5285 dst_exists = vfs_object_exist(conn, newname, &sbuf1);
5287 if(!replace_if_exists && dst_exists) {
5288 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
5289 fsp->fsp_name,newname));
5290 return NT_STATUS_OBJECT_NAME_COLLISION;
5294 struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1);
5295 files_struct *dst_fsp = file_find_di_first(fileid);
5297 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
5298 return NT_STATUS_ACCESS_DENIED;
5302 /* Ensure we have a valid stat struct for the source. */
5303 if (fsp->fh->fd != -1) {
5304 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) == -1) {
5305 return map_nt_error_from_unix(errno);
5308 if (SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf) == -1) {
5309 return map_nt_error_from_unix(errno);
5313 status = can_rename(conn, fsp, attrs, &sbuf);
5315 if (!NT_STATUS_IS_OK(status)) {
5316 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5317 nt_errstr(status), fsp->fsp_name,newname));
5318 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
5319 status = NT_STATUS_ACCESS_DENIED;
5323 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
5324 return NT_STATUS_ACCESS_DENIED;
5327 lck = get_share_mode_lock(NULL, fsp->file_id, NULL, NULL);
5330 * We have the file open ourselves, so not being able to get the
5331 * corresponding share mode lock is a fatal error.
5334 SMB_ASSERT(lck != NULL);
5336 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
5337 uint32 create_options = fsp->fh->private_options;
5339 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
5340 fsp->fsp_name,newname));
5342 rename_open_files(conn, lck, newname);
5344 notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
5347 * A rename acts as a new file create w.r.t. allowing an initial delete
5348 * on close, probably because in Windows there is a new handle to the
5349 * new file. If initial delete on close was requested but not
5350 * originally set, we need to set it here. This is probably not 100% correct,
5351 * but will work for the CIFSFS client which in non-posix mode
5352 * depends on these semantics. JRA.
5355 set_allow_initial_delete_on_close(lck, fsp, True);
5357 if (create_options & FILE_DELETE_ON_CLOSE) {
5358 status = can_set_delete_on_close(fsp, True, 0);
5360 if (NT_STATUS_IS_OK(status)) {
5361 /* Note that here we set the *inital* delete on close flag,
5362 * not the regular one. The magic gets handled in close. */
5363 fsp->initial_delete_on_close = True;
5367 return NT_STATUS_OK;
5372 if (errno == ENOTDIR || errno == EISDIR) {
5373 status = NT_STATUS_OBJECT_NAME_COLLISION;
5375 status = map_nt_error_from_unix(errno);
5378 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5379 nt_errstr(status), fsp->fsp_name,newname));
5384 /****************************************************************************
5385 The guts of the rename command, split out so it may be called by the NT SMB
5387 ****************************************************************************/
5389 NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req,
5390 const char *name_in,
5391 const char *newname_in,
5393 BOOL replace_if_exists,
5399 char *last_component_src = NULL;
5400 char *last_component_dest = NULL;
5402 char *newname = NULL;
5405 NTSTATUS status = NT_STATUS_OK;
5406 SMB_STRUCT_STAT sbuf1, sbuf2;
5407 struct smb_Dir *dir_hnd = NULL;
5412 *directory = *mask = 0;
5417 status = unix_convert(conn, name_in, src_has_wild, &name,
5418 &last_component_src, &sbuf1);
5419 if (!NT_STATUS_IS_OK(status)) {
5423 status = unix_convert(conn, newname_in, dest_has_wild, &newname,
5424 &last_component_dest, &sbuf2);
5425 if (!NT_STATUS_IS_OK(status)) {
5430 * Split the old name into directory and last component
5431 * strings. Note that unix_convert may have stripped off a
5432 * leading ./ from both name and newname if the rename is
5433 * at the root of the share. We need to make sure either both
5434 * name and newname contain a / character or neither of them do
5435 * as this is checked in resolve_wildcards().
5438 p = strrchr_m(name,'/');
5440 pstrcpy(directory,".");
5444 pstrcpy(directory,name);
5446 *p = '/'; /* Replace needed for exceptional test below. */
5450 * We should only check the mangled cache
5451 * here if unix_convert failed. This means
5452 * that the path in 'mask' doesn't exist
5453 * on the file system and so we need to look
5454 * for a possible mangle. This patch from
5455 * Tine Smukavec <valentin.smukavec@hermes.si>.
5458 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
5459 char *new_mask = NULL;
5460 mangle_lookup_name_from_8_3(talloc_tos(),
5465 pstrcpy(mask, new_mask);
5469 if (!src_has_wild) {
5473 * No wildcards - just process the one file.
5475 BOOL is_short_name = mangle_is_8_3(name, True, conn->params);
5477 /* Add a terminating '/' to the directory name. */
5478 pstrcat(directory,"/");
5479 pstrcat(directory,mask);
5481 /* Ensure newname contains a '/' also */
5482 if(strrchr_m(newname,'/') == 0) {
5483 newname = talloc_asprintf(talloc_tos(),
5487 return NT_STATUS_NO_MEMORY;
5491 DEBUG(3, ("rename_internals: case_sensitive = %d, "
5492 "case_preserve = %d, short case preserve = %d, "
5493 "directory = %s, newname = %s, "
5494 "last_component_dest = %s, is_8_3 = %d\n",
5495 conn->case_sensitive, conn->case_preserve,
5496 conn->short_case_preserve, directory,
5497 newname, last_component_dest, is_short_name));
5499 /* The dest name still may have wildcards. */
5500 if (dest_has_wild) {
5501 char *mod_newname = NULL;
5502 if (!resolve_wildcards(talloc_tos(),
5503 directory,newname,&mod_newname)) {
5504 DEBUG(6, ("rename_internals: resolve_wildcards %s %s failed\n",
5505 directory,newname));
5506 return NT_STATUS_NO_MEMORY;
5508 newname = mod_newname;
5512 SMB_VFS_STAT(conn, directory, &sbuf1);
5514 status = S_ISDIR(sbuf1.st_mode) ?
5515 open_directory(conn, req, directory, &sbuf1,
5517 FILE_SHARE_READ|FILE_SHARE_WRITE,
5518 FILE_OPEN, 0, 0, NULL,
5520 : open_file_ntcreate(conn, req, directory, &sbuf1,
5522 FILE_SHARE_READ|FILE_SHARE_WRITE,
5523 FILE_OPEN, 0, 0, 0, NULL,
5526 if (!NT_STATUS_IS_OK(status)) {
5527 DEBUG(3, ("Could not open rename source %s: %s\n",
5528 directory, nt_errstr(status)));
5532 status = rename_internals_fsp(conn, fsp, newname,
5533 last_component_dest,
5534 attrs, replace_if_exists);
5536 close_file(fsp, NORMAL_CLOSE);
5538 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
5539 nt_errstr(status), directory,newname));
5545 * Wildcards - process each file that matches.
5547 if (strequal(mask,"????????.???")) {
5551 status = check_name(conn, directory);
5552 if (!NT_STATUS_IS_OK(status)) {
5556 dir_hnd = OpenDir(conn, directory, mask, attrs);
5557 if (dir_hnd == NULL) {
5558 return map_nt_error_from_unix(errno);
5561 status = NT_STATUS_NO_SUCH_FILE;
5563 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
5564 * - gentest fix. JRA
5567 while ((dname = ReadDirName(dir_hnd, &offset))) {
5570 BOOL sysdir_entry = False;
5571 char *mod_destname = NULL;
5573 pstrcpy(fname,dname);
5575 /* Quick check for "." and ".." */
5576 if (fname[0] == '.') {
5577 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
5579 sysdir_entry = True;
5586 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
5590 if(!mask_match(fname, mask, conn->case_sensitive)) {
5595 status = NT_STATUS_OBJECT_NAME_INVALID;
5599 slprintf(fname, sizeof(fname)-1, "%s/%s", directory, dname);
5601 pstrcpy(destname,newname);
5603 if (!resolve_wildcards(talloc_tos(),
5604 fname,destname,&mod_destname)) {
5605 DEBUG(6, ("resolve_wildcards %s %s failed\n",
5609 pstrcpy(destname,mod_destname);
5612 SMB_VFS_STAT(conn, fname, &sbuf1);
5614 status = S_ISDIR(sbuf1.st_mode) ?
5615 open_directory(conn, req, fname, &sbuf1,
5617 FILE_SHARE_READ|FILE_SHARE_WRITE,
5618 FILE_OPEN, 0, 0, NULL,
5620 : open_file_ntcreate(conn, req, fname, &sbuf1,
5622 FILE_SHARE_READ|FILE_SHARE_WRITE,
5623 FILE_OPEN, 0, 0, 0, NULL,
5626 if (!NT_STATUS_IS_OK(status)) {
5627 DEBUG(3,("rename_internals: open_file_ntcreate "
5628 "returned %s rename %s -> %s\n",
5629 nt_errstr(status), directory, newname));
5633 status = rename_internals_fsp(conn, fsp, destname, dname,
5634 attrs, replace_if_exists);
5636 close_file(fsp, NORMAL_CLOSE);
5638 if (!NT_STATUS_IS_OK(status)) {
5639 DEBUG(3, ("rename_internals_fsp returned %s for "
5640 "rename %s -> %s\n", nt_errstr(status),
5641 directory, newname));
5647 DEBUG(3,("rename_internals: doing rename on %s -> "
5648 "%s\n",fname,destname));
5652 if (count == 0 && NT_STATUS_IS_OK(status)) {
5653 status = map_nt_error_from_unix(errno);
5659 /****************************************************************************
5661 ****************************************************************************/
5663 void reply_mv(connection_struct *conn, struct smb_request *req)
5670 BOOL src_has_wcard = False;
5671 BOOL dest_has_wcard = False;
5673 START_PROFILE(SMBmv);
5676 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5681 attrs = SVAL(req->inbuf,smb_vwv0);
5683 p = smb_buf(req->inbuf) + 1;
5684 p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name, p,
5685 sizeof(name), 0, STR_TERMINATE, &status,
5687 if (!NT_STATUS_IS_OK(status)) {
5688 reply_nterror(req, status);
5693 p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, newname, p,
5694 sizeof(newname), 0, STR_TERMINATE, &status,
5696 if (!NT_STATUS_IS_OK(status)) {
5697 reply_nterror(req, status);
5702 status = resolve_dfspath_wcard(conn,
5703 req->flags2 & FLAGS2_DFS_PATHNAMES,
5704 name, &src_has_wcard);
5705 if (!NT_STATUS_IS_OK(status)) {
5706 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5707 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5708 ERRSRV, ERRbadpath);
5712 reply_nterror(req, status);
5717 status = resolve_dfspath_wcard(conn,
5718 req->flags2 & FLAGS2_DFS_PATHNAMES,
5719 newname, &dest_has_wcard);
5720 if (!NT_STATUS_IS_OK(status)) {
5721 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5722 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5723 ERRSRV, ERRbadpath);
5727 reply_nterror(req, status);
5732 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
5734 status = rename_internals(conn, req, name, newname, attrs, False,
5735 src_has_wcard, dest_has_wcard);
5736 if (!NT_STATUS_IS_OK(status)) {
5737 if (open_was_deferred(req->mid)) {
5738 /* We have re-scheduled this call. */
5742 reply_nterror(req, status);
5747 reply_outbuf(req, 0, 0);
5753 /*******************************************************************
5754 Copy a file as part of a reply_copy.
5755 ******************************************************************/
5758 * TODO: check error codes on all callers
5761 NTSTATUS copy_file(connection_struct *conn,
5766 BOOL target_is_directory)
5768 SMB_STRUCT_STAT src_sbuf, sbuf2;
5770 files_struct *fsp1,*fsp2;
5773 uint32 new_create_disposition;
5776 pstrcpy(dest,dest1);
5777 if (target_is_directory) {
5778 char *p = strrchr_m(src,'/');
5788 if (!vfs_file_exist(conn,src,&src_sbuf)) {
5789 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
5792 if (!target_is_directory && count) {
5793 new_create_disposition = FILE_OPEN;
5795 if (!map_open_params_to_ntcreate(dest1,0,ofun,
5796 NULL, NULL, &new_create_disposition, NULL)) {
5797 return NT_STATUS_INVALID_PARAMETER;
5801 status = open_file_ntcreate(conn, NULL, src, &src_sbuf,
5803 FILE_SHARE_READ|FILE_SHARE_WRITE,
5806 FILE_ATTRIBUTE_NORMAL,
5810 if (!NT_STATUS_IS_OK(status)) {
5814 dosattrs = dos_mode(conn, src, &src_sbuf);
5815 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
5816 ZERO_STRUCTP(&sbuf2);
5819 status = open_file_ntcreate(conn, NULL, dest, &sbuf2,
5821 FILE_SHARE_READ|FILE_SHARE_WRITE,
5822 new_create_disposition,
5828 if (!NT_STATUS_IS_OK(status)) {
5829 close_file(fsp1,ERROR_CLOSE);
5833 if ((ofun&3) == 1) {
5834 if(SMB_VFS_LSEEK(fsp2,fsp2->fh->fd,0,SEEK_END) == -1) {
5835 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
5837 * Stop the copy from occurring.
5840 src_sbuf.st_size = 0;
5844 if (src_sbuf.st_size) {
5845 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
5848 close_file(fsp1,NORMAL_CLOSE);
5850 /* Ensure the modtime is set correctly on the destination file. */
5851 fsp_set_pending_modtime( fsp2, get_mtimespec(&src_sbuf));
5854 * As we are opening fsp1 read-only we only expect
5855 * an error on close on fsp2 if we are out of space.
5856 * Thus we don't look at the error return from the
5859 status = close_file(fsp2,NORMAL_CLOSE);
5861 if (!NT_STATUS_IS_OK(status)) {
5865 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
5866 return NT_STATUS_DISK_FULL;
5869 return NT_STATUS_OK;
5872 /****************************************************************************
5873 Reply to a file copy.
5874 ****************************************************************************/
5876 void reply_copy(connection_struct *conn, struct smb_request *req)
5881 char *newname = NULL;
5886 int error = ERRnoaccess;
5891 BOOL target_is_directory=False;
5892 BOOL source_has_wild = False;
5893 BOOL dest_has_wild = False;
5894 SMB_STRUCT_STAT sbuf1, sbuf2;
5897 START_PROFILE(SMBcopy);
5900 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5901 END_PROFILE(SMBcopy);
5905 tid2 = SVAL(req->inbuf,smb_vwv0);
5906 ofun = SVAL(req->inbuf,smb_vwv1);
5907 flags = SVAL(req->inbuf,smb_vwv2);
5909 *directory = *mask = 0;
5911 p = smb_buf(req->inbuf);
5912 p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name_in, p,
5913 sizeof(name_in), 0, STR_TERMINATE, &status,
5915 if (!NT_STATUS_IS_OK(status)) {
5916 reply_nterror(req, status);
5917 END_PROFILE(SMBcopy);
5920 p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, newname_in, p,
5921 sizeof(newname_in), 0, STR_TERMINATE, &status,
5923 if (!NT_STATUS_IS_OK(status)) {
5924 reply_nterror(req, status);
5925 END_PROFILE(SMBcopy);
5929 DEBUG(3,("reply_copy : %s -> %s\n",name_in,newname_in));
5931 if (tid2 != conn->cnum) {
5932 /* can't currently handle inter share copies XXXX */
5933 DEBUG(3,("Rejecting inter-share copy\n"));
5934 reply_doserror(req, ERRSRV, ERRinvdevice);
5935 END_PROFILE(SMBcopy);
5939 status = resolve_dfspath_wcard(conn,
5940 req->flags2 & FLAGS2_DFS_PATHNAMES,
5941 name_in, &source_has_wild);
5942 if (!NT_STATUS_IS_OK(status)) {
5943 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5944 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5945 ERRSRV, ERRbadpath);
5946 END_PROFILE(SMBcopy);
5949 reply_nterror(req, status);
5950 END_PROFILE(SMBcopy);
5954 status = resolve_dfspath_wcard(conn,
5955 req->flags2 & FLAGS2_DFS_PATHNAMES,
5956 newname_in, &dest_has_wild);
5957 if (!NT_STATUS_IS_OK(status)) {
5958 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5959 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5960 ERRSRV, ERRbadpath);
5961 END_PROFILE(SMBcopy);
5964 reply_nterror(req, status);
5965 END_PROFILE(SMBcopy);
5969 status = unix_convert(conn, name_in, source_has_wild, &name, NULL, &sbuf1);
5970 if (!NT_STATUS_IS_OK(status)) {
5971 reply_nterror(req, status);
5972 END_PROFILE(SMBcopy);
5976 status = unix_convert(conn, newname_in, dest_has_wild, &newname, NULL, &sbuf2);
5977 if (!NT_STATUS_IS_OK(status)) {
5978 reply_nterror(req, status);
5979 END_PROFILE(SMBcopy);
5983 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
5985 if ((flags&1) && target_is_directory) {
5986 reply_doserror(req, ERRDOS, ERRbadfile);
5987 END_PROFILE(SMBcopy);
5991 if ((flags&2) && !target_is_directory) {
5992 reply_doserror(req, ERRDOS, ERRbadpath);
5993 END_PROFILE(SMBcopy);
5997 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
5998 /* wants a tree copy! XXXX */
5999 DEBUG(3,("Rejecting tree copy\n"));
6000 reply_doserror(req, ERRSRV, ERRerror);
6001 END_PROFILE(SMBcopy);
6005 p = strrchr_m(name,'/');
6007 pstrcpy(directory,"./");
6011 pstrcpy(directory,name);
6016 * We should only check the mangled cache
6017 * here if unix_convert failed. This means
6018 * that the path in 'mask' doesn't exist
6019 * on the file system and so we need to look
6020 * for a possible mangle. This patch from
6021 * Tine Smukavec <valentin.smukavec@hermes.si>.
6024 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
6025 char *new_mask = NULL;
6026 mangle_lookup_name_from_8_3( talloc_tos(),
6031 pstrcpy(mask, new_mask);
6035 if (!source_has_wild) {
6036 pstrcat(directory,"/");
6037 pstrcat(directory,mask);
6038 if (dest_has_wild) {
6039 char *mod_newname = NULL;
6040 if (!resolve_wildcards(talloc_tos(),
6041 directory,newname,&mod_newname)) {
6042 reply_nterror(req, NT_STATUS_NO_MEMORY);
6043 END_PROFILE(SMBcopy);
6046 newname = mod_newname;
6049 status = check_name(conn, directory);
6050 if (!NT_STATUS_IS_OK(status)) {
6051 reply_nterror(req, status);
6052 END_PROFILE(SMBcopy);
6056 status = check_name(conn, newname);
6057 if (!NT_STATUS_IS_OK(status)) {
6058 reply_nterror(req, status);
6059 END_PROFILE(SMBcopy);
6063 status = copy_file(conn,directory,newname,ofun,
6064 count,target_is_directory);
6066 if(!NT_STATUS_IS_OK(status)) {
6067 reply_nterror(req, status);
6068 END_PROFILE(SMBcopy);
6074 struct smb_Dir *dir_hnd = NULL;
6079 if (strequal(mask,"????????.???"))
6082 status = check_name(conn, directory);
6083 if (!NT_STATUS_IS_OK(status)) {
6084 reply_nterror(req, status);
6085 END_PROFILE(SMBcopy);
6089 dir_hnd = OpenDir(conn, directory, mask, 0);
6090 if (dir_hnd == NULL) {
6091 status = map_nt_error_from_unix(errno);
6092 reply_nterror(req, status);
6093 END_PROFILE(SMBcopy);
6099 while ((dname = ReadDirName(dir_hnd, &offset))) {
6100 char *mod_destname = NULL;
6102 pstrcpy(fname,dname);
6104 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
6108 if(!mask_match(fname, mask, conn->case_sensitive)) {
6112 error = ERRnoaccess;
6113 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
6114 pstrcpy(destname,newname);
6115 if (!resolve_wildcards(talloc_tos(),
6116 fname,destname,&mod_destname)) {
6119 pstrcpy(destname,mod_destname);
6121 status = check_name(conn, fname);
6122 if (!NT_STATUS_IS_OK(status)) {
6123 reply_nterror(req, status);
6124 END_PROFILE(SMBcopy);
6128 status = check_name(conn, destname);
6129 if (!NT_STATUS_IS_OK(status)) {
6130 reply_nterror(req, status);
6131 END_PROFILE(SMBcopy);
6135 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname));
6137 status = copy_file(conn,fname,destname,ofun,
6138 count,target_is_directory);
6139 if (NT_STATUS_IS_OK(status)) {
6148 /* Error on close... */
6150 reply_unixerror(req, ERRHRD, ERRgeneral);
6151 END_PROFILE(SMBcopy);
6155 reply_doserror(req, ERRDOS, error);
6156 END_PROFILE(SMBcopy);
6160 reply_outbuf(req, 1, 0);
6161 SSVAL(req->outbuf,smb_vwv0,count);
6163 END_PROFILE(SMBcopy);
6168 #define DBGC_CLASS DBGC_LOCKING
6170 /****************************************************************************
6171 Get a lock pid, dealing with large count requests.
6172 ****************************************************************************/
6174 uint32 get_lock_pid( char *data, int data_offset, BOOL large_file_format)
6176 if(!large_file_format)
6177 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
6179 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
6182 /****************************************************************************
6183 Get a lock count, dealing with large count requests.
6184 ****************************************************************************/
6186 SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format)
6188 SMB_BIG_UINT count = 0;
6190 if(!large_file_format) {
6191 count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
6194 #if defined(HAVE_LONGLONG)
6195 count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
6196 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
6197 #else /* HAVE_LONGLONG */
6200 * NT4.x seems to be broken in that it sends large file (64 bit)
6201 * lockingX calls even if the CAP_LARGE_FILES was *not*
6202 * negotiated. For boxes without large unsigned ints truncate the
6203 * lock count by dropping the top 32 bits.
6206 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
6207 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
6208 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
6209 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
6210 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
6213 count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
6214 #endif /* HAVE_LONGLONG */
6220 #if !defined(HAVE_LONGLONG)
6221 /****************************************************************************
6222 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
6223 ****************************************************************************/
6225 static uint32 map_lock_offset(uint32 high, uint32 low)
6229 uint32 highcopy = high;
6232 * Try and find out how many significant bits there are in high.
6235 for(i = 0; highcopy; i++)
6239 * We use 31 bits not 32 here as POSIX
6240 * lock offsets may not be negative.
6243 mask = (~0) << (31 - i);
6246 return 0; /* Fail. */
6252 #endif /* !defined(HAVE_LONGLONG) */
6254 /****************************************************************************
6255 Get a lock offset, dealing with large offset requests.
6256 ****************************************************************************/
6258 SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err)
6260 SMB_BIG_UINT offset = 0;
6264 if(!large_file_format) {
6265 offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
6268 #if defined(HAVE_LONGLONG)
6269 offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
6270 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
6271 #else /* HAVE_LONGLONG */
6274 * NT4.x seems to be broken in that it sends large file (64 bit)
6275 * lockingX calls even if the CAP_LARGE_FILES was *not*
6276 * negotiated. For boxes without large unsigned ints mangle the
6277 * lock offset by mapping the top 32 bits onto the lower 32.
6280 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
6281 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
6282 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
6285 if((new_low = map_lock_offset(high, low)) == 0) {
6287 return (SMB_BIG_UINT)-1;
6290 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
6291 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
6292 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
6293 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
6296 offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
6297 #endif /* HAVE_LONGLONG */
6303 /****************************************************************************
6304 Reply to a lockingX request.
6305 ****************************************************************************/
6307 void reply_lockingX(connection_struct *conn, struct smb_request *req)
6310 unsigned char locktype;
6311 unsigned char oplocklevel;
6314 SMB_BIG_UINT count = 0, offset = 0;
6319 BOOL large_file_format;
6321 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
6323 START_PROFILE(SMBlockingX);
6326 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6327 END_PROFILE(SMBlockingX);
6331 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
6332 locktype = CVAL(req->inbuf,smb_vwv3);
6333 oplocklevel = CVAL(req->inbuf,smb_vwv3+1);
6334 num_ulocks = SVAL(req->inbuf,smb_vwv6);
6335 num_locks = SVAL(req->inbuf,smb_vwv7);
6336 lock_timeout = IVAL(req->inbuf,smb_vwv4);
6337 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
6339 if (!check_fsp(conn, req, fsp, ¤t_user)) {
6340 END_PROFILE(SMBlockingX);
6344 data = smb_buf(req->inbuf);
6346 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
6347 /* we don't support these - and CANCEL_LOCK makes w2k
6348 and XP reboot so I don't really want to be
6349 compatible! (tridge) */
6350 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
6351 END_PROFILE(SMBlockingX);
6355 /* Check if this is an oplock break on a file
6356 we have granted an oplock on.
6358 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
6359 /* Client can insist on breaking to none. */
6360 BOOL break_to_none = (oplocklevel == 0);
6363 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
6364 "for fnum = %d\n", (unsigned int)oplocklevel,
6368 * Make sure we have granted an exclusive or batch oplock on
6372 if (fsp->oplock_type == 0) {
6374 /* The Samba4 nbench simulator doesn't understand
6375 the difference between break to level2 and break
6376 to none from level2 - it sends oplock break
6377 replies in both cases. Don't keep logging an error
6378 message here - just ignore it. JRA. */
6380 DEBUG(5,("reply_lockingX: Error : oplock break from "
6381 "client for fnum = %d (oplock=%d) and no "
6382 "oplock granted on this file (%s).\n",
6383 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
6385 /* if this is a pure oplock break request then don't
6387 if (num_locks == 0 && num_ulocks == 0) {
6388 END_PROFILE(SMBlockingX);
6391 END_PROFILE(SMBlockingX);
6392 reply_doserror(req, ERRDOS, ERRlock);
6397 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
6399 result = remove_oplock(fsp);
6401 result = downgrade_oplock(fsp);
6405 DEBUG(0, ("reply_lockingX: error in removing "
6406 "oplock on file %s\n", fsp->fsp_name));
6407 /* Hmmm. Is this panic justified? */
6408 smb_panic("internal tdb error");
6411 reply_to_oplock_break_requests(fsp);
6413 /* if this is a pure oplock break request then don't send a
6415 if (num_locks == 0 && num_ulocks == 0) {
6416 /* Sanity check - ensure a pure oplock break is not a
6418 if(CVAL(req->inbuf,smb_vwv0) != 0xff)
6419 DEBUG(0,("reply_lockingX: Error : pure oplock "
6420 "break is a chained %d request !\n",
6421 (unsigned int)CVAL(req->inbuf,
6423 END_PROFILE(SMBlockingX);
6429 * We do this check *after* we have checked this is not a oplock break
6430 * response message. JRA.
6433 release_level_2_oplocks_on_change(fsp);
6435 if (smb_buflen(req->inbuf) <
6436 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
6437 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6438 END_PROFILE(SMBlockingX);
6442 /* Data now points at the beginning of the list
6443 of smb_unlkrng structs */
6444 for(i = 0; i < (int)num_ulocks; i++) {
6445 lock_pid = get_lock_pid( data, i, large_file_format);
6446 count = get_lock_count( data, i, large_file_format);
6447 offset = get_lock_offset( data, i, large_file_format, &err);
6450 * There is no error code marked "stupid client bug".... :-).
6453 END_PROFILE(SMBlockingX);
6454 reply_doserror(req, ERRDOS, ERRnoaccess);
6458 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
6459 "pid %u, file %s\n", (double)offset, (double)count,
6460 (unsigned int)lock_pid, fsp->fsp_name ));
6462 status = do_unlock(smbd_messaging_context(),
6469 if (NT_STATUS_V(status)) {
6470 END_PROFILE(SMBlockingX);
6471 reply_nterror(req, status);
6476 /* Setup the timeout in seconds. */
6478 if (!lp_blocking_locks(SNUM(conn))) {
6482 /* Now do any requested locks */
6483 data += ((large_file_format ? 20 : 10)*num_ulocks);
6485 /* Data now points at the beginning of the list
6486 of smb_lkrng structs */
6488 for(i = 0; i < (int)num_locks; i++) {
6489 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
6490 READ_LOCK:WRITE_LOCK);
6491 lock_pid = get_lock_pid( data, i, large_file_format);
6492 count = get_lock_count( data, i, large_file_format);
6493 offset = get_lock_offset( data, i, large_file_format, &err);
6496 * There is no error code marked "stupid client bug".... :-).
6499 END_PROFILE(SMBlockingX);
6500 reply_doserror(req, ERRDOS, ERRnoaccess);
6504 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
6505 "%u, file %s timeout = %d\n", (double)offset,
6506 (double)count, (unsigned int)lock_pid,
6507 fsp->fsp_name, (int)lock_timeout ));
6509 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
6510 if (lp_blocking_locks(SNUM(conn))) {
6512 /* Schedule a message to ourselves to
6513 remove the blocking lock record and
6514 return the right error. */
6516 if (!blocking_lock_cancel(fsp,
6522 NT_STATUS_FILE_LOCK_CONFLICT)) {
6523 END_PROFILE(SMBlockingX);
6528 ERRcancelviolation));
6532 /* Remove a matching pending lock. */
6533 status = do_lock_cancel(fsp,
6539 BOOL blocking_lock = lock_timeout ? True : False;
6540 BOOL defer_lock = False;
6541 struct byte_range_lock *br_lck;
6542 uint32 block_smbpid;
6544 br_lck = do_lock(smbd_messaging_context(),
6555 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
6556 /* Windows internal resolution for blocking locks seems
6557 to be about 200ms... Don't wait for less than that. JRA. */
6558 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
6559 lock_timeout = lp_lock_spin_time();
6564 /* This heuristic seems to match W2K3 very well. If a
6565 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
6566 it pretends we asked for a timeout of between 150 - 300 milliseconds as
6567 far as I can tell. Replacement for do_lock_spin(). JRA. */
6569 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
6570 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
6572 lock_timeout = lp_lock_spin_time();
6575 if (br_lck && defer_lock) {
6577 * A blocking lock was requested. Package up
6578 * this smb into a queued request and push it
6579 * onto the blocking lock queue.
6581 if(push_blocking_lock_request(br_lck,
6583 smb_len(req->inbuf)+4,
6593 TALLOC_FREE(br_lck);
6594 END_PROFILE(SMBlockingX);
6599 TALLOC_FREE(br_lck);
6602 if (NT_STATUS_V(status)) {
6603 END_PROFILE(SMBlockingX);
6604 reply_nterror(req, status);
6609 /* If any of the above locks failed, then we must unlock
6610 all of the previous locks (X/Open spec). */
6612 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
6616 * Ensure we don't do a remove on the lock that just failed,
6617 * as under POSIX rules, if we have a lock already there, we
6618 * will delete it (and we shouldn't) .....
6620 for(i--; i >= 0; i--) {
6621 lock_pid = get_lock_pid( data, i, large_file_format);
6622 count = get_lock_count( data, i, large_file_format);
6623 offset = get_lock_offset( data, i, large_file_format,
6627 * There is no error code marked "stupid client
6631 END_PROFILE(SMBlockingX);
6632 reply_doserror(req, ERRDOS, ERRnoaccess);
6636 do_unlock(smbd_messaging_context(),
6643 END_PROFILE(SMBlockingX);
6644 reply_nterror(req, status);
6648 reply_outbuf(req, 2, 0);
6650 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
6651 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
6653 END_PROFILE(SMBlockingX);
6658 #define DBGC_CLASS DBGC_ALL
6660 /****************************************************************************
6661 Reply to a SMBreadbmpx (read block multiplex) request.
6662 Always reply with an error, if someone has a platform really needs this,
6663 please contact vl@samba.org
6664 ****************************************************************************/
6666 void reply_readbmpx(connection_struct *conn, struct smb_request *req)
6668 START_PROFILE(SMBreadBmpx);
6669 reply_doserror(req, ERRSRV, ERRuseSTD);
6670 END_PROFILE(SMBreadBmpx);
6674 /****************************************************************************
6675 Reply to a SMBreadbs (read block multiplex secondary) request.
6676 Always reply with an error, if someone has a platform really needs this,
6677 please contact vl@samba.org
6678 ****************************************************************************/
6680 void reply_readbs(connection_struct *conn, struct smb_request *req)
6682 START_PROFILE(SMBreadBs);
6683 reply_doserror(req, ERRSRV, ERRuseSTD);
6684 END_PROFILE(SMBreadBs);
6688 /****************************************************************************
6689 Reply to a SMBsetattrE.
6690 ****************************************************************************/
6692 void reply_setattrE(connection_struct *conn, struct smb_request *req)
6694 struct timespec ts[2];
6697 START_PROFILE(SMBsetattrE);
6700 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6701 END_PROFILE(SMBsetattrE);
6705 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
6707 if(!fsp || (fsp->conn != conn)) {
6708 reply_doserror(req, ERRDOS, ERRbadfid);
6709 END_PROFILE(SMBsetattrE);
6715 * Convert the DOS times into unix times. Ignore create
6716 * time as UNIX can't set this.
6719 ts[0] = convert_time_t_to_timespec(
6720 srv_make_unix_date2(req->inbuf+smb_vwv3)); /* atime. */
6721 ts[1] = convert_time_t_to_timespec(
6722 srv_make_unix_date2(req->inbuf+smb_vwv5)); /* mtime. */
6724 reply_outbuf(req, 0, 0);
6727 * Patch from Ray Frush <frush@engr.colostate.edu>
6728 * Sometimes times are sent as zero - ignore them.
6731 if (null_timespec(ts[0]) && null_timespec(ts[1])) {
6732 /* Ignore request */
6733 if( DEBUGLVL( 3 ) ) {
6734 dbgtext( "reply_setattrE fnum=%d ", fsp->fnum);
6735 dbgtext( "ignoring zero request - not setting timestamps of 0\n" );
6737 END_PROFILE(SMBsetattrE);
6739 } else if (!null_timespec(ts[0]) && null_timespec(ts[1])) {
6740 /* set modify time = to access time if modify time was unset */
6744 /* Set the date on this file */
6745 /* Should we set pending modtime here ? JRA */
6746 if(file_ntimes(conn, fsp->fsp_name, ts)) {
6747 reply_doserror(req, ERRDOS, ERRnoaccess);
6748 END_PROFILE(SMBsetattrE);
6752 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n",
6754 (unsigned int)ts[0].tv_sec,
6755 (unsigned int)ts[1].tv_sec));
6757 END_PROFILE(SMBsetattrE);
6762 /* Back from the dead for OS/2..... JRA. */
6764 /****************************************************************************
6765 Reply to a SMBwritebmpx (write block multiplex primary) request.
6766 Always reply with an error, if someone has a platform really needs this,
6767 please contact vl@samba.org
6768 ****************************************************************************/
6770 void reply_writebmpx(connection_struct *conn, struct smb_request *req)
6772 START_PROFILE(SMBwriteBmpx);
6773 reply_doserror(req, ERRSRV, ERRuseSTD);
6774 END_PROFILE(SMBwriteBmpx);
6778 /****************************************************************************
6779 Reply to a SMBwritebs (write block multiplex secondary) request.
6780 Always reply with an error, if someone has a platform really needs this,
6781 please contact vl@samba.org
6782 ****************************************************************************/
6784 void reply_writebs(connection_struct *conn, struct smb_request *req)
6786 START_PROFILE(SMBwriteBs);
6787 reply_doserror(req, ERRSRV, ERRuseSTD);
6788 END_PROFILE(SMBwriteBs);
6792 /****************************************************************************
6793 Reply to a SMBgetattrE.
6794 ****************************************************************************/
6796 void reply_getattrE(connection_struct *conn, struct smb_request *req)
6798 SMB_STRUCT_STAT sbuf;
6802 START_PROFILE(SMBgetattrE);
6805 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6806 END_PROFILE(SMBgetattrE);
6810 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
6812 if(!fsp || (fsp->conn != conn)) {
6813 reply_doserror(req, ERRDOS, ERRbadfid);
6814 END_PROFILE(SMBgetattrE);
6818 /* Do an fstat on this file */
6819 if(fsp_stat(fsp, &sbuf)) {
6820 reply_unixerror(req, ERRDOS, ERRnoaccess);
6821 END_PROFILE(SMBgetattrE);
6825 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
6828 * Convert the times into dos times. Set create
6829 * date to be last modify date as UNIX doesn't save
6833 reply_outbuf(req, 11, 0);
6835 srv_put_dos_date2((char *)req->outbuf, smb_vwv0,
6836 get_create_time(&sbuf,
6837 lp_fake_dir_create_times(SNUM(conn))));
6838 srv_put_dos_date2((char *)req->outbuf, smb_vwv2, sbuf.st_atime);
6839 /* Should we check pending modtime here ? JRA */
6840 srv_put_dos_date2((char *)req->outbuf, smb_vwv4, sbuf.st_mtime);
6843 SIVAL(req->outbuf, smb_vwv6, 0);
6844 SIVAL(req->outbuf, smb_vwv8, 0);
6846 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
6847 SIVAL(req->outbuf, smb_vwv6, (uint32)sbuf.st_size);
6848 SIVAL(req->outbuf, smb_vwv8, allocation_size);
6850 SSVAL(req->outbuf,smb_vwv10, mode);
6852 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
6854 END_PROFILE(SMBgetattrE);