2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol;
32 unsigned int smb_echo_count = 0;
33 extern uint32 global_client_caps;
35 extern struct current_user current_user;
36 extern BOOL global_encrypted_passwords_negotiated;
38 /****************************************************************************
39 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
40 path or anything including wildcards.
41 We're assuming here that '/' is not the second byte in any multibyte char
42 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
44 ****************************************************************************/
46 /* Custom version for processing POSIX paths. */
47 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
49 static NTSTATUS check_path_syntax_internal(char *path,
51 BOOL *p_last_component_contains_wcard)
55 NTSTATUS ret = NT_STATUS_OK;
56 BOOL start_of_name_component = True;
58 *p_last_component_contains_wcard = False;
61 if (IS_PATH_SEP(*s,posix_path)) {
63 * Safe to assume is not the second part of a mb char
64 * as this is handled below.
66 /* Eat multiple '/' or '\\' */
67 while (IS_PATH_SEP(*s,posix_path)) {
70 if ((d != path) && (*s != '\0')) {
71 /* We only care about non-leading or trailing '/' or '\\' */
75 start_of_name_component = True;
77 *p_last_component_contains_wcard = False;
81 if (start_of_name_component) {
82 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
83 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
86 * No mb char starts with '.' so we're safe checking the directory separator here.
89 /* If we just added a '/' - delete it */
90 if ((d > path) && (*(d-1) == '/')) {
95 /* Are we at the start ? Can't go back further if so. */
97 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
100 /* Go back one level... */
101 /* We know this is safe as '/' cannot be part of a mb sequence. */
102 /* NOTE - if this assumption is invalid we are not in good shape... */
103 /* Decrement d first as d points to the *next* char to write into. */
104 for (d--; d > path; d--) {
108 s += 2; /* Else go past the .. */
109 /* We're still at the start of a name component, just the previous one. */
112 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
125 return NT_STATUS_OBJECT_NAME_INVALID;
133 *p_last_component_contains_wcard = True;
142 /* Get the size of the next MB character. */
143 next_codepoint(s,&siz);
161 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
163 return NT_STATUS_INVALID_PARAMETER;
166 start_of_name_component = False;
173 /****************************************************************************
174 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
175 No wildcards allowed.
176 ****************************************************************************/
178 NTSTATUS check_path_syntax(char *path)
181 return check_path_syntax_internal(path, False, &ignore);
184 /****************************************************************************
185 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
186 Wildcards allowed - p_contains_wcard returns true if the last component contained
188 ****************************************************************************/
190 NTSTATUS check_path_syntax_wcard(char *path, BOOL *p_contains_wcard)
192 return check_path_syntax_internal(path, False, p_contains_wcard);
195 /****************************************************************************
196 Check the path for a POSIX client.
197 We're assuming here that '/' is not the second byte in any multibyte char
198 set (a safe assumption).
199 ****************************************************************************/
201 NTSTATUS check_path_syntax_posix(char *path)
204 return check_path_syntax_internal(path, True, &ignore);
207 /****************************************************************************
208 Pull a string and check the path allowing a wilcard - provide for error return.
209 ****************************************************************************/
211 size_t srvstr_get_path_wcard(const char *inbuf, uint16 smb_flags2, char *dest,
212 const char *src, size_t dest_len, size_t src_len,
213 int flags, NTSTATUS *err, BOOL *contains_wcard)
217 SMB_ASSERT(dest_len == sizeof(pstring));
221 ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src,
224 ret = srvstr_pull(inbuf, smb_flags2, dest, src,
225 dest_len, src_len, flags);
228 *contains_wcard = False;
230 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
232 * For a DFS path the function parse_dfs_path()
233 * will do the path processing, just make a copy.
239 if (lp_posix_pathnames()) {
240 *err = check_path_syntax_posix(dest);
242 *err = check_path_syntax_wcard(dest, contains_wcard);
248 /****************************************************************************
249 Pull a string and check the path - provide for error return.
250 ****************************************************************************/
252 size_t srvstr_get_path(const char *inbuf, uint16 smb_flags2, char *dest,
253 const char *src, size_t dest_len, size_t src_len,
254 int flags, NTSTATUS *err)
258 SMB_ASSERT(dest_len == sizeof(pstring));
262 ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src,
265 ret = srvstr_pull(inbuf, smb_flags2, dest, src,
266 dest_len, src_len, flags);
269 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err = check_path_syntax_posix(dest);
281 *err = check_path_syntax(dest);
287 /****************************************************************************
288 Check if we have a correct fsp pointing to a file. Replacement for the
290 ****************************************************************************/
292 BOOL check_fsp(connection_struct *conn, struct smb_request *req,
293 files_struct *fsp, struct current_user *user)
295 if (!(fsp) || !(conn)) {
296 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
299 if (((conn) != (fsp)->conn) || user->vuid != (fsp)->vuid) {
300 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
303 if ((fsp)->is_directory) {
304 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
307 if ((fsp)->fh->fd == -1) {
308 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
311 (fsp)->num_smb_operations++;
315 /****************************************************************************
316 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
317 ****************************************************************************/
319 BOOL fsp_belongs_conn(connection_struct *conn, struct smb_request *req,
320 files_struct *fsp, struct current_user *user)
322 if ((fsp) && (conn) && ((conn)==(fsp)->conn)
323 && (current_user.vuid==(fsp)->vuid)) {
327 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
331 /****************************************************************************
332 Reply to a (netbios-level) special message.
333 ****************************************************************************/
335 void reply_special(char *inbuf)
337 int msg_type = CVAL(inbuf,0);
338 int msg_flags = CVAL(inbuf,1);
343 * We only really use 4 bytes of the outbuf, but for the smb_setlen
344 * calculation & friends (send_smb uses that) we need the full smb
347 char outbuf[smb_size];
349 static BOOL already_got_session = False;
353 memset(outbuf, '\0', sizeof(outbuf));
355 smb_setlen(inbuf,outbuf,0);
358 case 0x81: /* session request */
360 if (already_got_session) {
361 exit_server_cleanly("multiple session request not permitted");
364 SCVAL(outbuf,0,0x82);
366 if (name_len(inbuf+4) > 50 ||
367 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
368 DEBUG(0,("Invalid name length in session request\n"));
371 name_extract(inbuf,4,name1);
372 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
373 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
376 set_local_machine_name(name1, True);
377 set_remote_machine_name(name2, True);
379 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
380 get_local_machine_name(), get_remote_machine_name(),
383 if (name_type == 'R') {
384 /* We are being asked for a pathworks session ---
386 SCVAL(outbuf, 0,0x83);
390 /* only add the client's machine name to the list
391 of possibly valid usernames if we are operating
392 in share mode security */
393 if (lp_security() == SEC_SHARE) {
394 add_session_user(get_remote_machine_name());
397 reload_services(True);
400 already_got_session = True;
403 case 0x89: /* session keepalive request
404 (some old clients produce this?) */
405 SCVAL(outbuf,0,SMBkeepalive);
409 case 0x82: /* positive session response */
410 case 0x83: /* negative session response */
411 case 0x84: /* retarget session response */
412 DEBUG(0,("Unexpected session response\n"));
415 case SMBkeepalive: /* session keepalive */
420 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
421 msg_type, msg_flags));
423 send_smb(smbd_server_fd(), outbuf);
427 /****************************************************************************
429 conn POINTER CAN BE NULL HERE !
430 ****************************************************************************/
432 int reply_tcon(connection_struct *conn,
433 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
437 char *service_buf = NULL;
438 char *password = NULL;
441 uint16 vuid = SVAL(inbuf,smb_uid);
445 DATA_BLOB password_blob;
447 START_PROFILE(SMBtcon);
449 ctx = talloc_init("reply_tcon");
451 END_PROFILE(SMBtcon);
452 return ERROR_NT(NT_STATUS_NO_MEMORY);
455 p = smb_buf(inbuf)+1;
456 p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2),
457 &service_buf, p, STR_TERMINATE) + 1;
458 pwlen = srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2),
459 &password, p, STR_TERMINATE) + 1;
461 p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2),
462 &dev, p, STR_TERMINATE) + 1;
464 if (service_buf == NULL || password == NULL || dev == NULL) {
466 END_PROFILE(SMBtcon);
467 return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
469 p = strrchr_m(service_buf,'\\');
473 service = service_buf;
476 password_blob = data_blob(password, pwlen+1);
478 conn = make_connection(service,password_blob,dev,vuid,&nt_status);
480 data_blob_clear_free(&password_blob);
484 END_PROFILE(SMBtcon);
485 return ERROR_NT(nt_status);
488 outsize = set_message(inbuf,outbuf,2,0,True);
489 SSVAL(outbuf,smb_vwv0,max_recv);
490 SSVAL(outbuf,smb_vwv1,conn->cnum);
491 SSVAL(outbuf,smb_tid,conn->cnum);
493 DEBUG(3,("tcon service=%s cnum=%d\n",
494 service, conn->cnum));
496 END_PROFILE(SMBtcon);
501 /****************************************************************************
502 Reply to a tcon and X.
503 conn POINTER CAN BE NULL HERE !
504 ****************************************************************************/
506 void reply_tcon_and_X(connection_struct *conn, struct smb_request *req)
508 char *service = NULL;
511 TALLOC_CTX *ctx = NULL;
512 /* what the cleint thinks the device is */
513 char *client_devicetype = NULL;
514 /* what the server tells the client the share represents */
515 const char *server_devicetype;
522 START_PROFILE(SMBtconX);
525 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
526 END_PROFILE(SMBtconX);
530 passlen = SVAL(req->inbuf,smb_vwv3);
531 tcon_flags = SVAL(req->inbuf,smb_vwv2);
533 /* we might have to close an old one */
534 if ((tcon_flags & 0x1) && conn) {
535 close_cnum(conn,req->vuid);
538 if ((passlen > MAX_PASS_LEN) || (passlen >= smb_buflen(req->inbuf))) {
539 reply_doserror(req, ERRDOS, ERRbuftoosmall);
540 END_PROFILE(SMBtconX);
544 if (global_encrypted_passwords_negotiated) {
545 password = data_blob(smb_buf(req->inbuf),passlen);
546 if (lp_security() == SEC_SHARE) {
548 * Security = share always has a pad byte
549 * after the password.
551 p = smb_buf(req->inbuf) + passlen + 1;
553 p = smb_buf(req->inbuf) + passlen;
556 password = data_blob(smb_buf(req->inbuf),passlen+1);
557 /* Ensure correct termination */
558 password.data[passlen]=0;
559 p = smb_buf(req->inbuf) + passlen + 1;
562 ctx = talloc_init("reply_tcon_and_X");
564 data_blob_clear_free(&password);
565 reply_nterror(req, NT_STATUS_NO_MEMORY);
566 END_PROFILE(SMBtconX);
569 p += srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2, &path, p,
573 data_blob_clear_free(&password);
575 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
576 END_PROFILE(SMBtconX);
581 * the service name can be either: \\server\share
582 * or share directly like on the DELL PowerVault 705
585 q = strchr_m(path+2,'\\');
587 data_blob_clear_free(&password);
589 reply_doserror(req, ERRDOS, ERRnosuchshare);
590 END_PROFILE(SMBtconX);
598 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
599 &client_devicetype, p,
600 MIN(6,smb_bufrem(req->inbuf, p)), STR_ASCII);
602 if (client_devicetype == NULL) {
603 data_blob_clear_free(&password);
605 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
606 END_PROFILE(SMBtconX);
610 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
612 conn = make_connection(service, password, client_devicetype,
613 req->vuid, &nt_status);
615 data_blob_clear_free(&password);
619 reply_nterror(req, nt_status);
620 END_PROFILE(SMBtconX);
625 server_devicetype = "IPC";
626 else if ( IS_PRINT(conn) )
627 server_devicetype = "LPT1:";
629 server_devicetype = "A:";
631 if (Protocol < PROTOCOL_NT1) {
632 reply_outbuf(req, 2, 0);
633 if (message_push_string(&req->outbuf, server_devicetype,
634 STR_TERMINATE|STR_ASCII) == -1) {
636 reply_nterror(req, NT_STATUS_NO_MEMORY);
637 END_PROFILE(SMBtconX);
641 /* NT sets the fstype of IPC$ to the null string */
642 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
644 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
645 /* Return permissions. */
649 reply_outbuf(req, 7, 0);
652 perm1 = FILE_ALL_ACCESS;
653 perm2 = FILE_ALL_ACCESS;
655 perm1 = CAN_WRITE(conn) ?
660 SIVAL(req->outbuf, smb_vwv3, perm1);
661 SIVAL(req->outbuf, smb_vwv5, perm2);
663 reply_outbuf(req, 3, 0);
666 if ((message_push_string(&req->outbuf, server_devicetype,
667 STR_TERMINATE|STR_ASCII) == -1)
668 || (message_push_string(&req->outbuf, fstype,
669 STR_TERMINATE) == -1)) {
671 reply_nterror(req, NT_STATUS_NO_MEMORY);
672 END_PROFILE(SMBtconX);
676 /* what does setting this bit do? It is set by NT4 and
677 may affect the ability to autorun mounted cdroms */
678 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
679 (lp_csc_policy(SNUM(conn)) << 2));
681 init_dfsroot(conn, req->inbuf, req->outbuf);
685 DEBUG(3,("tconX service=%s \n",
688 /* set the incoming and outgoing tid to the just created one */
689 SSVAL(req->inbuf,smb_tid,conn->cnum);
690 SSVAL(req->outbuf,smb_tid,conn->cnum);
693 END_PROFILE(SMBtconX);
695 chain_reply_new(req);
699 /****************************************************************************
700 Reply to an unknown type.
701 ****************************************************************************/
703 int reply_unknown(char *inbuf,char *outbuf)
706 type = CVAL(inbuf,smb_com);
708 DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n",
709 smb_fn_name(type), type, type));
711 return(ERROR_DOS(ERRSRV,ERRunknownsmb));
714 void reply_unknown_new(struct smb_request *req, uint8 type)
716 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
717 smb_fn_name(type), type, type));
718 reply_doserror(req, ERRSRV, ERRunknownsmb);
722 /****************************************************************************
724 conn POINTER CAN BE NULL HERE !
725 ****************************************************************************/
727 int reply_ioctl(connection_struct *conn,
728 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
730 uint16 device = SVAL(inbuf,smb_vwv1);
731 uint16 function = SVAL(inbuf,smb_vwv2);
732 uint32 ioctl_code = (device << 16) + function;
733 int replysize, outsize;
735 START_PROFILE(SMBioctl);
737 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
739 switch (ioctl_code) {
740 case IOCTL_QUERY_JOB_INFO:
744 END_PROFILE(SMBioctl);
745 return(ERROR_DOS(ERRSRV,ERRnosupport));
748 outsize = set_message(inbuf,outbuf,8,replysize+1,True);
749 SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */
750 SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
751 SSVAL(outbuf,smb_vwv6,52); /* Offset to data */
752 p = smb_buf(outbuf) + 1; /* Allow for alignment */
754 switch (ioctl_code) {
755 case IOCTL_QUERY_JOB_INFO:
757 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
759 END_PROFILE(SMBioctl);
760 return(UNIXERROR(ERRDOS,ERRbadfid));
762 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
763 srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p+2,
765 STR_TERMINATE|STR_ASCII);
767 srvstr_push(outbuf, SVAL(outbuf, smb_flg2),
768 p+18, lp_servicename(SNUM(conn)),
769 13, STR_TERMINATE|STR_ASCII);
775 END_PROFILE(SMBioctl);
779 /****************************************************************************
780 Strange checkpath NTSTATUS mapping.
781 ****************************************************************************/
783 static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status)
785 /* Strange DOS error code semantics only for checkpath... */
786 if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) {
787 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
788 /* We need to map to ERRbadpath */
789 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
795 /****************************************************************************
796 Reply to a checkpath.
797 ****************************************************************************/
799 void reply_checkpath(connection_struct *conn, struct smb_request *req)
802 SMB_STRUCT_STAT sbuf;
805 START_PROFILE(SMBcheckpath);
807 srvstr_get_path((char *)req->inbuf, req->flags2, name,
808 smb_buf(req->inbuf) + 1, sizeof(name), 0,
809 STR_TERMINATE, &status);
810 if (!NT_STATUS_IS_OK(status)) {
811 status = map_checkpath_error((char *)req->inbuf, status);
812 reply_nterror(req, status);
813 END_PROFILE(SMBcheckpath);
817 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, name);
818 if (!NT_STATUS_IS_OK(status)) {
819 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
820 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
822 END_PROFILE(SMBcheckpath);
828 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->inbuf,smb_vwv0)));
830 status = unix_convert(conn, name, False, NULL, &sbuf);
831 if (!NT_STATUS_IS_OK(status)) {
835 status = check_name(conn, name);
836 if (!NT_STATUS_IS_OK(status)) {
837 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
841 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) {
842 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
843 status = map_nt_error_from_unix(errno);
847 if (!S_ISDIR(sbuf.st_mode)) {
848 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
850 END_PROFILE(SMBcheckpath);
854 reply_outbuf(req, 0, 0);
856 END_PROFILE(SMBcheckpath);
861 END_PROFILE(SMBcheckpath);
863 /* We special case this - as when a Windows machine
864 is parsing a path is steps through the components
865 one at a time - if a component fails it expects
866 ERRbadpath, not ERRbadfile.
868 status = map_checkpath_error((char *)req->inbuf, status);
869 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
871 * Windows returns different error codes if
872 * the parent directory is valid but not the
873 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
874 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
875 * if the path is invalid.
877 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
882 reply_nterror(req, status);
885 /****************************************************************************
887 ****************************************************************************/
889 int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
893 SMB_STRUCT_STAT sbuf;
900 START_PROFILE(SMBgetatr);
902 p = smb_buf(inbuf) + 1;
903 p += srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, p,
904 sizeof(fname), 0, STR_TERMINATE, &status);
905 if (!NT_STATUS_IS_OK(status)) {
906 END_PROFILE(SMBgetatr);
907 return ERROR_NT(status);
910 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
911 if (!NT_STATUS_IS_OK(status)) {
912 END_PROFILE(SMBgetatr);
913 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
914 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
916 return ERROR_NT(status);
919 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
920 under WfWg - weird! */
921 if (*fname == '\0') {
922 mode = aHIDDEN | aDIR;
923 if (!CAN_WRITE(conn)) {
929 status = unix_convert(conn, fname, False, NULL,&sbuf);
930 if (!NT_STATUS_IS_OK(status)) {
931 END_PROFILE(SMBgetatr);
932 return ERROR_NT(status);
934 status = check_name(conn, fname);
935 if (!NT_STATUS_IS_OK(status)) {
936 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
937 END_PROFILE(SMBgetatr);
938 return ERROR_NT(status);
940 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) {
941 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
942 return UNIXERROR(ERRDOS,ERRbadfile);
945 mode = dos_mode(conn,fname,&sbuf);
947 mtime = sbuf.st_mtime;
953 outsize = set_message(inbuf,outbuf,10,0,True);
955 SSVAL(outbuf,smb_vwv0,mode);
956 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
957 srv_put_dos_date3(outbuf,smb_vwv1,mtime & ~1);
959 srv_put_dos_date3(outbuf,smb_vwv1,mtime);
961 SIVAL(outbuf,smb_vwv3,(uint32)size);
963 if (Protocol >= PROTOCOL_NT1) {
964 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
967 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
969 END_PROFILE(SMBgetatr);
973 /****************************************************************************
975 ****************************************************************************/
977 int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
983 SMB_STRUCT_STAT sbuf;
987 START_PROFILE(SMBsetatr);
989 p = smb_buf(inbuf) + 1;
990 p += srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, p,
991 sizeof(fname), 0, STR_TERMINATE, &status);
992 if (!NT_STATUS_IS_OK(status)) {
993 END_PROFILE(SMBsetatr);
994 return ERROR_NT(status);
997 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
998 if (!NT_STATUS_IS_OK(status)) {
999 END_PROFILE(SMBsetatr);
1000 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1001 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1003 return ERROR_NT(status);
1006 status = unix_convert(conn, fname, False, NULL, &sbuf);
1007 if (!NT_STATUS_IS_OK(status)) {
1008 END_PROFILE(SMBsetatr);
1009 return ERROR_NT(status);
1012 status = check_name(conn, fname);
1013 if (!NT_STATUS_IS_OK(status)) {
1014 END_PROFILE(SMBsetatr);
1015 return ERROR_NT(status);
1018 if (fname[0] == '.' && fname[1] == '\0') {
1020 * Not sure here is the right place to catch this
1021 * condition. Might be moved to somewhere else later -- vl
1023 END_PROFILE(SMBsetatr);
1024 return ERROR_NT(NT_STATUS_ACCESS_DENIED);
1027 mode = SVAL(inbuf,smb_vwv0);
1028 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
1030 if (mode != FILE_ATTRIBUTE_NORMAL) {
1031 if (VALID_STAT_OF_DIR(sbuf))
1036 if (file_set_dosmode(conn,fname,mode,&sbuf,False) != 0) {
1037 END_PROFILE(SMBsetatr);
1038 return UNIXERROR(ERRDOS, ERRnoaccess);
1042 if (!set_filetime(conn,fname,convert_time_t_to_timespec(mtime))) {
1043 END_PROFILE(SMBsetatr);
1044 return UNIXERROR(ERRDOS, ERRnoaccess);
1047 outsize = set_message(inbuf,outbuf,0,0,False);
1049 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1051 END_PROFILE(SMBsetatr);
1055 /****************************************************************************
1057 ****************************************************************************/
1059 void reply_dskattr(connection_struct *conn, struct smb_request *req)
1061 SMB_BIG_UINT dfree,dsize,bsize;
1062 START_PROFILE(SMBdskattr);
1064 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) {
1065 reply_unixerror(req, ERRHRD, ERRgeneral);
1066 END_PROFILE(SMBdskattr);
1070 reply_outbuf(req, 5, 0);
1072 if (Protocol <= PROTOCOL_LANMAN2) {
1073 double total_space, free_space;
1074 /* we need to scale this to a number that DOS6 can handle. We
1075 use floating point so we can handle large drives on systems
1076 that don't have 64 bit integers
1078 we end up displaying a maximum of 2G to DOS systems
1080 total_space = dsize * (double)bsize;
1081 free_space = dfree * (double)bsize;
1083 dsize = (total_space+63*512) / (64*512);
1084 dfree = (free_space+63*512) / (64*512);
1086 if (dsize > 0xFFFF) dsize = 0xFFFF;
1087 if (dfree > 0xFFFF) dfree = 0xFFFF;
1089 SSVAL(req->outbuf,smb_vwv0,dsize);
1090 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1091 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1092 SSVAL(req->outbuf,smb_vwv3,dfree);
1094 SSVAL(req->outbuf,smb_vwv0,dsize);
1095 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1096 SSVAL(req->outbuf,smb_vwv2,512);
1097 SSVAL(req->outbuf,smb_vwv3,dfree);
1100 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1102 END_PROFILE(SMBdskattr);
1106 /****************************************************************************
1108 Can be called from SMBsearch, SMBffirst or SMBfunique.
1109 ****************************************************************************/
1111 int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1121 unsigned int numentries = 0;
1122 unsigned int maxentries = 0;
1123 BOOL finished = False;
1129 BOOL check_descend = False;
1130 BOOL expect_close = False;
1132 BOOL mask_contains_wcard = False;
1133 BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1135 START_PROFILE(SMBsearch);
1137 if (lp_posix_pathnames()) {
1138 END_PROFILE(SMBsearch);
1139 return reply_unknown(inbuf, outbuf);
1142 *mask = *directory = *fname = 0;
1144 /* If we were called as SMBffirst then we must expect close. */
1145 if(CVAL(inbuf,smb_com) == SMBffirst) {
1146 expect_close = True;
1149 outsize = set_message(inbuf,outbuf,1,3,True);
1150 maxentries = SVAL(inbuf,smb_vwv0);
1151 dirtype = SVAL(inbuf,smb_vwv1);
1152 p = smb_buf(inbuf) + 1;
1153 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), path, p,
1154 sizeof(path), 0, STR_TERMINATE, &nt_status,
1155 &mask_contains_wcard);
1156 if (!NT_STATUS_IS_OK(nt_status)) {
1157 END_PROFILE(SMBsearch);
1158 return ERROR_NT(nt_status);
1161 nt_status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, path, &mask_contains_wcard);
1162 if (!NT_STATUS_IS_OK(nt_status)) {
1163 END_PROFILE(SMBsearch);
1164 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1165 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1167 return ERROR_NT(nt_status);
1171 status_len = SVAL(p, 0);
1174 /* dirtype &= ~aDIR; */
1176 if (status_len == 0) {
1177 SMB_STRUCT_STAT sbuf;
1179 pstrcpy(directory,path);
1180 nt_status = unix_convert(conn, directory, True, NULL, &sbuf);
1181 if (!NT_STATUS_IS_OK(nt_status)) {
1182 END_PROFILE(SMBsearch);
1183 return ERROR_NT(nt_status);
1186 nt_status = check_name(conn, directory);
1187 if (!NT_STATUS_IS_OK(nt_status)) {
1188 END_PROFILE(SMBsearch);
1189 return ERROR_NT(nt_status);
1192 p = strrchr_m(directory,'/');
1194 pstrcpy(mask,directory);
1195 pstrcpy(directory,".");
1201 if (*directory == '\0') {
1202 pstrcpy(directory,".");
1204 memset((char *)status,'\0',21);
1205 SCVAL(status,0,(dirtype & 0x1F));
1209 memcpy(status,p,21);
1210 status_dirtype = CVAL(status,0) & 0x1F;
1211 if (status_dirtype != (dirtype & 0x1F)) {
1212 dirtype = status_dirtype;
1215 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1216 if (!conn->dirptr) {
1219 string_set(&conn->dirpath,dptr_path(dptr_num));
1220 pstrcpy(mask, dptr_wcard(dptr_num));
1222 * For a 'continue' search we have no string. So
1223 * check from the initial saved string.
1225 mask_contains_wcard = ms_has_wild(mask);
1228 p = smb_buf(outbuf) + 3;
1230 if (status_len == 0) {
1231 nt_status = dptr_create(conn,
1235 SVAL(inbuf,smb_pid),
1237 mask_contains_wcard,
1240 if (!NT_STATUS_IS_OK(nt_status)) {
1241 return ERROR_NT(nt_status);
1243 dptr_num = dptr_dnum(conn->dirptr);
1245 dirtype = dptr_attr(dptr_num);
1248 DEBUG(4,("dptr_num is %d\n",dptr_num));
1250 if ((dirtype&0x1F) == aVOLID) {
1251 memcpy(p,status,21);
1252 make_dir_struct(p,"???????????",volume_label(SNUM(conn)),
1253 0,aVOLID,0,!allow_long_path_components);
1254 dptr_fill(p+12,dptr_num);
1255 if (dptr_zero(p+12) && (status_len==0)) {
1260 p += DIR_STRUCT_SIZE;
1263 maxentries = MIN(maxentries, ((BUFFER_SIZE - (p - outbuf))/DIR_STRUCT_SIZE));
1265 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1266 conn->dirpath,lp_dontdescend(SNUM(conn))));
1267 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1268 check_descend = True;
1271 for (i=numentries;(i<maxentries) && !finished;i++) {
1272 finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
1274 memcpy(p,status,21);
1275 make_dir_struct(p,mask,fname,size, mode,date,
1276 !allow_long_path_components);
1277 if (!dptr_fill(p+12,dptr_num)) {
1281 p += DIR_STRUCT_SIZE;
1288 /* If we were called as SMBffirst with smb_search_id == NULL
1289 and no entries were found then return error and close dirptr
1292 if (numentries == 0) {
1293 dptr_close(&dptr_num);
1294 } else if(expect_close && status_len == 0) {
1295 /* Close the dptr - we know it's gone */
1296 dptr_close(&dptr_num);
1299 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1300 if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) {
1301 dptr_close(&dptr_num);
1304 if ((numentries == 0) && !mask_contains_wcard) {
1305 return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles);
1308 SSVAL(outbuf,smb_vwv0,numentries);
1309 SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1310 SCVAL(smb_buf(outbuf),0,5);
1311 SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE);
1313 /* The replies here are never long name. */
1314 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1315 if (!allow_long_path_components) {
1316 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_LONG_PATH_COMPONENTS));
1319 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1320 SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1322 outsize += DIR_STRUCT_SIZE*numentries;
1323 smb_setlen(inbuf,outbuf,outsize - 4);
1325 if ((! *directory) && dptr_path(dptr_num))
1326 slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num));
1328 DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1329 smb_fn_name(CVAL(inbuf,smb_com)),
1330 mask, directory, dirtype, numentries, maxentries ) );
1332 END_PROFILE(SMBsearch);
1336 /****************************************************************************
1337 Reply to a fclose (stop directory search).
1338 ****************************************************************************/
1340 int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1349 BOOL path_contains_wcard = False;
1351 START_PROFILE(SMBfclose);
1353 if (lp_posix_pathnames()) {
1354 END_PROFILE(SMBfclose);
1355 return reply_unknown(inbuf, outbuf);
1358 outsize = set_message(inbuf,outbuf,1,0,True);
1359 p = smb_buf(inbuf) + 1;
1360 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), path, p,
1361 sizeof(path), 0, STR_TERMINATE, &err,
1362 &path_contains_wcard);
1363 if (!NT_STATUS_IS_OK(err)) {
1364 END_PROFILE(SMBfclose);
1365 return ERROR_NT(err);
1368 status_len = SVAL(p,0);
1371 if (status_len == 0) {
1372 END_PROFILE(SMBfclose);
1373 return ERROR_DOS(ERRSRV,ERRsrverror);
1376 memcpy(status,p,21);
1378 if(dptr_fetch(status+12,&dptr_num)) {
1379 /* Close the dptr - we know it's gone */
1380 dptr_close(&dptr_num);
1383 SSVAL(outbuf,smb_vwv0,0);
1385 DEBUG(3,("search close\n"));
1387 END_PROFILE(SMBfclose);
1391 /****************************************************************************
1393 ****************************************************************************/
1395 int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1403 SMB_STRUCT_STAT sbuf;
1405 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1407 uint32 dos_attr = SVAL(inbuf,smb_vwv1);
1410 uint32 create_disposition;
1411 uint32 create_options = 0;
1413 struct smb_request req;
1415 START_PROFILE(SMBopen);
1417 init_smb_request(&req, (uint8 *)inbuf);
1419 deny_mode = SVAL(inbuf,smb_vwv0);
1421 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1,
1422 sizeof(fname), 0, STR_TERMINATE, &status);
1423 if (!NT_STATUS_IS_OK(status)) {
1424 END_PROFILE(SMBopen);
1425 return ERROR_NT(status);
1428 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1429 if (!NT_STATUS_IS_OK(status)) {
1430 END_PROFILE(SMBopen);
1431 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1432 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1434 return ERROR_NT(status);
1437 status = unix_convert(conn, fname, False, NULL, &sbuf);
1438 if (!NT_STATUS_IS_OK(status)) {
1439 END_PROFILE(SMBopen);
1440 return ERROR_NT(status);
1443 status = check_name(conn, fname);
1444 if (!NT_STATUS_IS_OK(status)) {
1445 END_PROFILE(SMBopen);
1446 return ERROR_NT(status);
1449 if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN,
1450 &access_mask, &share_mode, &create_disposition, &create_options)) {
1451 END_PROFILE(SMBopen);
1452 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1455 status = open_file_ntcreate(conn, &req, fname, &sbuf,
1464 if (!NT_STATUS_IS_OK(status)) {
1465 END_PROFILE(SMBopen);
1466 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1467 /* We have re-scheduled this call. */
1470 return ERROR_NT(status);
1473 size = sbuf.st_size;
1474 fattr = dos_mode(conn,fname,&sbuf);
1475 mtime = sbuf.st_mtime;
1478 DEBUG(3,("attempt to open a directory %s\n",fname));
1479 close_file(fsp,ERROR_CLOSE);
1480 END_PROFILE(SMBopen);
1481 return ERROR_DOS(ERRDOS,ERRnoaccess);
1484 outsize = set_message(inbuf,outbuf,7,0,True);
1485 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1486 SSVAL(outbuf,smb_vwv1,fattr);
1487 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1488 srv_put_dos_date3(outbuf,smb_vwv2,mtime & ~1);
1490 srv_put_dos_date3(outbuf,smb_vwv2,mtime);
1492 SIVAL(outbuf,smb_vwv4,(uint32)size);
1493 SSVAL(outbuf,smb_vwv6,deny_mode);
1495 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1496 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1499 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1500 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1502 END_PROFILE(SMBopen);
1506 /****************************************************************************
1507 Reply to an open and X.
1508 ****************************************************************************/
1510 void reply_open_and_X(connection_struct *conn, struct smb_request *req)
1516 /* Breakout the oplock request bits so we can set the
1517 reply bits separately. */
1518 int ex_oplock_request;
1519 int core_oplock_request;
1522 int smb_sattr = SVAL(req->inbuf,smb_vwv4);
1523 uint32 smb_time = make_unix_date3(req->inbuf+smb_vwv6);
1528 SMB_STRUCT_STAT sbuf;
1532 SMB_BIG_UINT allocation_size;
1533 ssize_t retval = -1;
1536 uint32 create_disposition;
1537 uint32 create_options = 0;
1539 START_PROFILE(SMBopenX);
1541 if (req->wct < 15) {
1542 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1543 END_PROFILE(SMBopenX);
1547 open_flags = SVAL(req->inbuf,smb_vwv2);
1548 deny_mode = SVAL(req->inbuf,smb_vwv3);
1549 smb_attr = SVAL(req->inbuf,smb_vwv5);
1550 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1551 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1552 oplock_request = ex_oplock_request | core_oplock_request;
1553 smb_ofun = SVAL(req->inbuf,smb_vwv8);
1554 allocation_size = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv9);
1556 /* If it's an IPC, pass off the pipe handler. */
1558 if (lp_nt_pipe_support()) {
1559 reply_open_pipe_and_X(conn, req);
1561 reply_doserror(req, ERRSRV, ERRaccess);
1563 END_PROFILE(SMBopenX);
1567 /* XXXX we need to handle passed times, sattr and flags */
1568 srvstr_get_path((char *)req->inbuf, req->flags2, fname,
1569 smb_buf(req->inbuf), sizeof(fname), 0, STR_TERMINATE,
1571 if (!NT_STATUS_IS_OK(status)) {
1572 reply_nterror(req, status);
1573 END_PROFILE(SMBopenX);
1577 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
1579 if (!NT_STATUS_IS_OK(status)) {
1580 END_PROFILE(SMBopenX);
1581 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1582 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1583 ERRSRV, ERRbadpath);
1586 reply_nterror(req, status);
1590 status = unix_convert(conn, fname, False, NULL, &sbuf);
1591 if (!NT_STATUS_IS_OK(status)) {
1592 reply_nterror(req, status);
1593 END_PROFILE(SMBopenX);
1597 status = check_name(conn, fname);
1598 if (!NT_STATUS_IS_OK(status)) {
1599 reply_nterror(req, status);
1600 END_PROFILE(SMBopenX);
1604 if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun,
1607 &create_disposition,
1609 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1610 END_PROFILE(SMBopenX);
1614 status = open_file_ntcreate(conn, req, fname, &sbuf,
1623 if (!NT_STATUS_IS_OK(status)) {
1624 END_PROFILE(SMBopenX);
1625 if (open_was_deferred(req->mid)) {
1626 /* We have re-scheduled this call. */
1629 reply_nterror(req, status);
1633 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1634 if the file is truncated or created. */
1635 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1636 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1637 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1638 close_file(fsp,ERROR_CLOSE);
1639 reply_nterror(req, NT_STATUS_DISK_FULL);
1640 END_PROFILE(SMBopenX);
1643 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1645 close_file(fsp,ERROR_CLOSE);
1646 reply_nterror(req, NT_STATUS_DISK_FULL);
1647 END_PROFILE(SMBopenX);
1650 sbuf.st_size = get_allocation_size(conn,fsp,&sbuf);
1653 fattr = dos_mode(conn,fname,&sbuf);
1654 mtime = sbuf.st_mtime;
1656 close_file(fsp,ERROR_CLOSE);
1657 reply_doserror(req, ERRDOS, ERRnoaccess);
1658 END_PROFILE(SMBopenX);
1662 /* If the caller set the extended oplock request bit
1663 and we granted one (by whatever means) - set the
1664 correct bit for extended oplock reply.
1667 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1668 smb_action |= EXTENDED_OPLOCK_GRANTED;
1671 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1672 smb_action |= EXTENDED_OPLOCK_GRANTED;
1675 /* If the caller set the core oplock request bit
1676 and we granted one (by whatever means) - set the
1677 correct bit for core oplock reply.
1680 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1681 reply_outbuf(req, 19, 0);
1683 reply_outbuf(req, 15, 0);
1686 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1687 SCVAL(req->outbuf, smb_flg,
1688 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1691 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1692 SCVAL(req->outbuf, smb_flg,
1693 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1696 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
1697 SSVAL(req->outbuf,smb_vwv3,fattr);
1698 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1699 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
1701 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
1703 SIVAL(req->outbuf,smb_vwv6,(uint32)sbuf.st_size);
1704 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1705 SSVAL(req->outbuf,smb_vwv11,smb_action);
1707 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1708 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1711 END_PROFILE(SMBopenX);
1712 chain_reply_new(req);
1716 /****************************************************************************
1717 Reply to a SMBulogoffX.
1718 conn POINTER CAN BE NULL HERE !
1719 ****************************************************************************/
1721 void reply_ulogoffX(connection_struct *conn, struct smb_request *req)
1725 START_PROFILE(SMBulogoffX);
1727 vuser = get_valid_user_struct(req->vuid);
1730 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1734 /* in user level security we are supposed to close any files
1735 open by this user */
1736 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
1737 file_close_user(req->vuid);
1740 invalidate_vuid(req->vuid);
1742 reply_outbuf(req, 2, 0);
1744 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
1746 END_PROFILE(SMBulogoffX);
1747 chain_reply_new(req);
1750 /****************************************************************************
1751 Reply to a mknew or a create.
1752 ****************************************************************************/
1754 void reply_mknew(connection_struct *conn, struct smb_request *req)
1759 struct timespec ts[2];
1761 int oplock_request = 0;
1762 SMB_STRUCT_STAT sbuf;
1764 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1765 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1766 uint32 create_disposition;
1767 uint32 create_options = 0;
1769 START_PROFILE(SMBcreate);
1772 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1773 END_PROFILE(SMBcreate);
1777 fattr = SVAL(req->inbuf,smb_vwv0);
1778 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1779 com = SVAL(req->inbuf,smb_com);
1781 ts[1] =convert_time_t_to_timespec(
1782 srv_make_unix_date3(req->inbuf + smb_vwv1));
1785 srvstr_get_path((char *)req->inbuf, req->flags2, fname,
1786 smb_buf(req->inbuf) + 1, sizeof(fname), 0,
1787 STR_TERMINATE, &status);
1788 if (!NT_STATUS_IS_OK(status)) {
1789 reply_nterror(req, status);
1790 END_PROFILE(SMBcreate);
1794 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
1796 if (!NT_STATUS_IS_OK(status)) {
1797 END_PROFILE(SMBcreate);
1798 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1799 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1800 ERRSRV, ERRbadpath);
1803 reply_nterror(req, status);
1807 status = unix_convert(conn, fname, False, NULL, &sbuf);
1808 if (!NT_STATUS_IS_OK(status)) {
1809 reply_nterror(req, status);
1810 END_PROFILE(SMBcreate);
1814 status = check_name(conn, fname);
1815 if (!NT_STATUS_IS_OK(status)) {
1816 reply_nterror(req, status);
1817 END_PROFILE(SMBcreate);
1821 if (fattr & aVOLID) {
1822 DEBUG(0,("Attempt to create file (%s) with volid set - "
1823 "please report this\n", fname));
1826 if(com == SMBmknew) {
1827 /* We should fail if file exists. */
1828 create_disposition = FILE_CREATE;
1830 /* Create if file doesn't exist, truncate if it does. */
1831 create_disposition = FILE_OVERWRITE_IF;
1834 /* Open file using ntcreate. */
1835 status = open_file_ntcreate(conn, req, fname, &sbuf,
1844 if (!NT_STATUS_IS_OK(status)) {
1845 END_PROFILE(SMBcreate);
1846 if (open_was_deferred(req->mid)) {
1847 /* We have re-scheduled this call. */
1850 reply_nterror(req, status);
1854 ts[0] = get_atimespec(&sbuf); /* atime. */
1855 file_ntimes(conn, fname, ts);
1857 reply_outbuf(req, 1, 0);
1859 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1861 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1862 SCVAL(req->outbuf,smb_flg,
1863 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1866 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1867 SCVAL(req->outbuf,smb_flg,
1868 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1871 DEBUG( 2, ( "reply_mknew: file %s\n", fname ) );
1872 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
1873 fname, fsp->fh->fd, (unsigned int)fattr ) );
1875 END_PROFILE(SMBcreate);
1879 /****************************************************************************
1880 Reply to a create temporary file.
1881 ****************************************************************************/
1883 int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1887 uint32 fattr = SVAL(inbuf,smb_vwv0);
1889 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1891 SMB_STRUCT_STAT sbuf;
1894 unsigned int namelen;
1895 struct smb_request req;
1897 START_PROFILE(SMBctemp);
1899 init_smb_request(&req, (uint8 *)inbuf);
1901 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1,
1902 sizeof(fname), 0, STR_TERMINATE, &status);
1903 if (!NT_STATUS_IS_OK(status)) {
1904 END_PROFILE(SMBctemp);
1905 return ERROR_NT(status);
1908 pstrcat(fname,"/TMXXXXXX");
1910 pstrcat(fname,"TMXXXXXX");
1913 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1914 if (!NT_STATUS_IS_OK(status)) {
1915 END_PROFILE(SMBctemp);
1916 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1917 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1919 return ERROR_NT(status);
1922 status = unix_convert(conn, fname, False, NULL, &sbuf);
1923 if (!NT_STATUS_IS_OK(status)) {
1924 END_PROFILE(SMBctemp);
1925 return ERROR_NT(status);
1928 status = check_name(conn, fname);
1929 if (!NT_STATUS_IS_OK(status)) {
1930 END_PROFILE(SMBctemp);
1931 return ERROR_NT(status);
1934 tmpfd = smb_mkstemp(fname);
1936 END_PROFILE(SMBctemp);
1937 return(UNIXERROR(ERRDOS,ERRnoaccess));
1940 SMB_VFS_STAT(conn,fname,&sbuf);
1942 /* We should fail if file does not exist. */
1943 status = open_file_ntcreate(conn, &req, fname, &sbuf,
1944 FILE_GENERIC_READ | FILE_GENERIC_WRITE,
1945 FILE_SHARE_READ|FILE_SHARE_WRITE,
1952 /* close fd from smb_mkstemp() */
1955 if (!NT_STATUS_IS_OK(status)) {
1956 END_PROFILE(SMBctemp);
1957 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1958 /* We have re-scheduled this call. */
1961 return ERROR_NT(status);
1964 outsize = set_message(inbuf,outbuf,1,0,True);
1965 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1967 /* the returned filename is relative to the directory */
1968 s = strrchr_m(fname, '/');
1975 p = smb_buf(outbuf);
1977 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
1978 thing in the byte section. JRA */
1979 SSVALS(p, 0, -1); /* what is this? not in spec */
1981 namelen = srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p, s, -1,
1982 STR_ASCII|STR_TERMINATE);
1984 outsize = set_message_end(inbuf,outbuf, p);
1986 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1987 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1990 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1991 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1994 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) );
1995 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fname, fsp->fh->fd,
1996 (unsigned int)sbuf.st_mode ) );
1998 END_PROFILE(SMBctemp);
2002 /*******************************************************************
2003 Check if a user is allowed to rename a file.
2004 ********************************************************************/
2006 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2007 uint16 dirtype, SMB_STRUCT_STAT *pst)
2011 if (!CAN_WRITE(conn)) {
2012 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2015 fmode = dos_mode(conn, fsp->fsp_name, pst);
2016 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2017 return NT_STATUS_NO_SUCH_FILE;
2020 if (S_ISDIR(pst->st_mode)) {
2021 return NT_STATUS_OK;
2024 if (fsp->access_mask & DELETE_ACCESS) {
2025 return NT_STATUS_OK;
2028 return NT_STATUS_ACCESS_DENIED;
2031 /*******************************************************************
2032 * unlink a file with all relevant access checks
2033 *******************************************************************/
2035 static NTSTATUS do_unlink(connection_struct *conn, struct smb_request *req,
2036 char *fname, uint32 dirtype)
2038 SMB_STRUCT_STAT sbuf;
2041 uint32 dirtype_orig = dirtype;
2044 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2046 if (!CAN_WRITE(conn)) {
2047 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2050 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
2051 return map_nt_error_from_unix(errno);
2054 fattr = dos_mode(conn,fname,&sbuf);
2056 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2057 dirtype = aDIR|aARCH|aRONLY;
2060 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2062 return NT_STATUS_NO_SUCH_FILE;
2065 if (!dir_check_ftype(conn, fattr, dirtype)) {
2067 return NT_STATUS_FILE_IS_A_DIRECTORY;
2069 return NT_STATUS_NO_SUCH_FILE;
2072 if (dirtype_orig & 0x8000) {
2073 /* These will never be set for POSIX. */
2074 return NT_STATUS_NO_SUCH_FILE;
2078 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2079 return NT_STATUS_FILE_IS_A_DIRECTORY;
2082 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2083 return NT_STATUS_NO_SUCH_FILE;
2086 if (dirtype & 0xFF00) {
2087 /* These will never be set for POSIX. */
2088 return NT_STATUS_NO_SUCH_FILE;
2093 return NT_STATUS_NO_SUCH_FILE;
2096 /* Can't delete a directory. */
2098 return NT_STATUS_FILE_IS_A_DIRECTORY;
2103 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2104 return NT_STATUS_OBJECT_NAME_INVALID;
2105 #endif /* JRATEST */
2107 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2109 On a Windows share, a file with read-only dosmode can be opened with
2110 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2111 fails with NT_STATUS_CANNOT_DELETE error.
2113 This semantic causes a problem that a user can not
2114 rename a file with read-only dosmode on a Samba share
2115 from a Windows command prompt (i.e. cmd.exe, but can rename
2116 from Windows Explorer).
2119 if (!lp_delete_readonly(SNUM(conn))) {
2120 if (fattr & aRONLY) {
2121 return NT_STATUS_CANNOT_DELETE;
2125 /* On open checks the open itself will check the share mode, so
2126 don't do it here as we'll get it wrong. */
2128 status = open_file_ntcreate(conn, req, fname, &sbuf,
2133 FILE_ATTRIBUTE_NORMAL,
2134 req != NULL ? 0 : INTERNAL_OPEN_ONLY,
2137 if (!NT_STATUS_IS_OK(status)) {
2138 DEBUG(10, ("open_file_ntcreate failed: %s\n",
2139 nt_errstr(status)));
2143 /* The set is across all open files on this dev/inode pair. */
2144 if (!set_delete_on_close(fsp, True, ¤t_user.ut)) {
2145 close_file(fsp, NORMAL_CLOSE);
2146 return NT_STATUS_ACCESS_DENIED;
2149 return close_file(fsp,NORMAL_CLOSE);
2152 /****************************************************************************
2153 The guts of the unlink command, split out so it may be called by the NT SMB
2155 ****************************************************************************/
2157 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2158 uint32 dirtype, char *name, BOOL has_wild)
2164 NTSTATUS status = NT_STATUS_OK;
2165 SMB_STRUCT_STAT sbuf;
2167 *directory = *mask = 0;
2169 status = unix_convert(conn, name, has_wild, NULL, &sbuf);
2170 if (!NT_STATUS_IS_OK(status)) {
2174 p = strrchr_m(name,'/');
2176 pstrcpy(directory,".");
2180 pstrcpy(directory,name);
2185 * We should only check the mangled cache
2186 * here if unix_convert failed. This means
2187 * that the path in 'mask' doesn't exist
2188 * on the file system and so we need to look
2189 * for a possible mangle. This patch from
2190 * Tine Smukavec <valentin.smukavec@hermes.si>.
2193 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params))
2194 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
2197 pstrcat(directory,"/");
2198 pstrcat(directory,mask);
2200 dirtype = FILE_ATTRIBUTE_NORMAL;
2203 status = check_name(conn, directory);
2204 if (!NT_STATUS_IS_OK(status)) {
2208 status = do_unlink(conn, req, directory, dirtype);
2209 if (!NT_STATUS_IS_OK(status)) {
2215 struct smb_Dir *dir_hnd = NULL;
2219 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2220 return NT_STATUS_OBJECT_NAME_INVALID;
2223 if (strequal(mask,"????????.???")) {
2227 status = check_name(conn, directory);
2228 if (!NT_STATUS_IS_OK(status)) {
2232 dir_hnd = OpenDir(conn, directory, mask, dirtype);
2233 if (dir_hnd == NULL) {
2234 return map_nt_error_from_unix(errno);
2237 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2238 the pattern matches against the long name, otherwise the short name
2239 We don't implement this yet XXXX
2242 status = NT_STATUS_NO_SUCH_FILE;
2244 while ((dname = ReadDirName(dir_hnd, &offset))) {
2247 pstrcpy(fname,dname);
2249 if (!is_visible_file(conn, directory, dname, &st, True)) {
2253 /* Quick check for "." and ".." */
2254 if (fname[0] == '.') {
2255 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
2260 if(!mask_match(fname, mask, conn->case_sensitive)) {
2264 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
2266 status = check_name(conn, fname);
2267 if (!NT_STATUS_IS_OK(status)) {
2272 status = do_unlink(conn, req, fname, dirtype);
2273 if (!NT_STATUS_IS_OK(status)) {
2278 DEBUG(3,("unlink_internals: succesful unlink [%s]\n",
2284 if (count == 0 && NT_STATUS_IS_OK(status)) {
2285 status = map_nt_error_from_unix(errno);
2291 /****************************************************************************
2293 ****************************************************************************/
2295 void reply_unlink(connection_struct *conn, struct smb_request *req)
2300 BOOL path_contains_wcard = False;
2302 START_PROFILE(SMBunlink);
2305 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2306 END_PROFILE(SMBunlink);
2310 dirtype = SVAL(req->inbuf,smb_vwv0);
2312 srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name,
2313 smb_buf(req->inbuf) + 1, sizeof(name), 0,
2314 STR_TERMINATE, &status, &path_contains_wcard);
2315 if (!NT_STATUS_IS_OK(status)) {
2316 reply_nterror(req, status);
2317 END_PROFILE(SMBunlink);
2321 status = resolve_dfspath_wcard(conn,
2322 req->flags2 & FLAGS2_DFS_PATHNAMES,
2323 name, &path_contains_wcard);
2324 if (!NT_STATUS_IS_OK(status)) {
2325 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2326 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2327 ERRSRV, ERRbadpath);
2328 END_PROFILE(SMBunlink);
2331 reply_nterror(req, status);
2332 END_PROFILE(SMBunlink);
2336 DEBUG(3,("reply_unlink : %s\n",name));
2338 status = unlink_internals(conn, req, dirtype, name,
2339 path_contains_wcard);
2340 if (!NT_STATUS_IS_OK(status)) {
2341 if (open_was_deferred(req->mid)) {
2342 /* We have re-scheduled this call. */
2343 END_PROFILE(SMBunlink);
2346 reply_nterror(req, status);
2347 END_PROFILE(SMBunlink);
2351 reply_outbuf(req, 0, 0);
2352 END_PROFILE(SMBunlink);
2357 /****************************************************************************
2359 ****************************************************************************/
2361 static void fail_readraw(void)
2364 slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)",
2366 exit_server_cleanly(errstr);
2369 /****************************************************************************
2370 Fake (read/write) sendfile. Returns -1 on read or write fail.
2371 ****************************************************************************/
2373 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2377 size_t tosend = nread;
2384 bufsize = MIN(nread, 65536);
2386 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2390 while (tosend > 0) {
2394 if (tosend > bufsize) {
2399 ret = read_file(fsp,buf,startpos,cur_read);
2405 /* If we had a short read, fill with zeros. */
2406 if (ret < cur_read) {
2407 memset(buf, '\0', cur_read - ret);
2410 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2415 startpos += cur_read;
2419 return (ssize_t)nread;
2422 /****************************************************************************
2423 Return a readbraw error (4 bytes of zero).
2424 ****************************************************************************/
2426 static void reply_readbraw_error(void)
2430 if (write_data(smbd_server_fd(),header,4) != 4) {
2435 /****************************************************************************
2436 Use sendfile in readbraw.
2437 ****************************************************************************/
2439 void send_file_readbraw(connection_struct *conn,
2445 char *outbuf = NULL;
2448 #if defined(WITH_SENDFILE)
2450 * We can only use sendfile on a non-chained packet
2451 * but we can use on a non-oplocked file. tridge proved this
2452 * on a train in Germany :-). JRA.
2453 * reply_readbraw has already checked the length.
2456 if ( (chain_size == 0) && (nread > 0) &&
2457 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2459 DATA_BLOB header_blob;
2461 _smb_setlen(header,nread);
2462 header_blob = data_blob_const(header, 4);
2464 if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd,
2465 &header_blob, startpos, nread) == -1) {
2466 /* Returning ENOSYS means no data at all was sent.
2467 * Do this as a normal read. */
2468 if (errno == ENOSYS) {
2469 goto normal_readbraw;
2473 * Special hack for broken Linux with no working sendfile. If we
2474 * return EINTR we sent the header but not the rest of the data.
2475 * Fake this up by doing read/write calls.
2477 if (errno == EINTR) {
2478 /* Ensure we don't do this again. */
2479 set_use_sendfile(SNUM(conn), False);
2480 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2482 if (fake_sendfile(fsp, startpos, nread) == -1) {
2483 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2484 fsp->fsp_name, strerror(errno) ));
2485 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2490 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2491 fsp->fsp_name, strerror(errno) ));
2492 exit_server_cleanly("send_file_readbraw sendfile failed");
2501 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
2503 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2504 (unsigned)(nread+4)));
2505 reply_readbraw_error();
2510 ret = read_file(fsp,outbuf+4,startpos,nread);
2511 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2520 _smb_setlen(outbuf,ret);
2521 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2524 TALLOC_FREE(outbuf);
2527 /****************************************************************************
2528 Reply to a readbraw (core+ protocol).
2529 ****************************************************************************/
2531 void reply_readbraw(connection_struct *conn, struct smb_request *req)
2533 ssize_t maxcount,mincount;
2540 START_PROFILE(SMBreadbraw);
2542 if (srv_is_signing_active()) {
2543 exit_server_cleanly("reply_readbraw: SMB signing is active - "
2544 "raw reads/writes are disallowed.");
2548 reply_readbraw_error();
2549 END_PROFILE(SMBreadbraw);
2554 * Special check if an oplock break has been issued
2555 * and the readraw request croses on the wire, we must
2556 * return a zero length response here.
2559 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
2562 * We have to do a check_fsp by hand here, as
2563 * we must always return 4 zero bytes on error,
2567 if (!fsp || !conn || conn != fsp->conn ||
2568 current_user.vuid != fsp->vuid ||
2569 fsp->is_directory || fsp->fh->fd == -1) {
2571 * fsp could be NULL here so use the value from the packet. JRA.
2573 DEBUG(3,("reply_readbraw: fnum %d not valid "
2575 (int)SVAL(req->inbuf,smb_vwv0)));
2576 reply_readbraw_error();
2577 END_PROFILE(SMBreadbraw);
2581 /* Do a "by hand" version of CHECK_READ. */
2582 if (!(fsp->can_read ||
2583 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
2584 (fsp->access_mask & FILE_EXECUTE)))) {
2585 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2586 (int)SVAL(req->inbuf,smb_vwv0)));
2587 reply_readbraw_error();
2588 END_PROFILE(SMBreadbraw);
2592 flush_write_cache(fsp, READRAW_FLUSH);
2594 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv1);
2595 if(req->wct == 10) {
2597 * This is a large offset (64 bit) read.
2599 #ifdef LARGE_SMB_OFF_T
2601 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv8)) << 32);
2603 #else /* !LARGE_SMB_OFF_T */
2606 * Ensure we haven't been sent a >32 bit offset.
2609 if(IVAL(req->inbuf,smb_vwv8) != 0) {
2610 DEBUG(0,("reply_readbraw: large offset "
2611 "(%x << 32) used and we don't support "
2612 "64 bit offsets.\n",
2613 (unsigned int)IVAL(req->inbuf,smb_vwv8) ));
2614 reply_readbraw_error();
2615 END_PROFILE(SMBreadbraw);
2619 #endif /* LARGE_SMB_OFF_T */
2622 DEBUG(0,("reply_readbraw: negative 64 bit "
2623 "readraw offset (%.0f) !\n",
2624 (double)startpos ));
2625 reply_readbraw_error();
2626 END_PROFILE(SMBreadbraw);
2631 maxcount = (SVAL(req->inbuf,smb_vwv3) & 0xFFFF);
2632 mincount = (SVAL(req->inbuf,smb_vwv4) & 0xFFFF);
2634 /* ensure we don't overrun the packet size */
2635 maxcount = MIN(65535,maxcount);
2637 if (is_locked(fsp,(uint32)req->smbpid,
2638 (SMB_BIG_UINT)maxcount,
2639 (SMB_BIG_UINT)startpos,
2641 reply_readbraw_error();
2642 END_PROFILE(SMBreadbraw);
2646 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) {
2650 if (startpos >= size) {
2653 nread = MIN(maxcount,(size - startpos));
2656 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2657 if (nread < mincount)
2661 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
2662 "min=%lu nread=%lu\n",
2663 fsp->fnum, (double)startpos,
2664 (unsigned long)maxcount,
2665 (unsigned long)mincount,
2666 (unsigned long)nread ) );
2668 send_file_readbraw(conn, fsp, startpos, nread, mincount);
2670 DEBUG(5,("reply_readbraw finished\n"));
2671 END_PROFILE(SMBreadbraw);
2675 #define DBGC_CLASS DBGC_LOCKING
2677 /****************************************************************************
2678 Reply to a lockread (core+ protocol).
2679 ****************************************************************************/
2681 int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz)
2689 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
2690 struct byte_range_lock *br_lck = NULL;
2691 START_PROFILE(SMBlockread);
2693 CHECK_FSP(fsp,conn);
2694 if (!CHECK_READ(fsp,inbuf)) {
2695 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2698 release_level_2_oplocks_on_change(fsp);
2700 numtoread = SVAL(inbuf,smb_vwv1);
2701 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2703 outsize = set_message(inbuf,outbuf,5,3,True);
2704 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2705 data = smb_buf(outbuf) + 3;
2708 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2709 * protocol request that predates the read/write lock concept.
2710 * Thus instead of asking for a read lock here we need to ask
2711 * for a write lock. JRA.
2712 * Note that the requested lock size is unaffected by max_recv.
2715 br_lck = do_lock(smbd_messaging_context(),
2717 (uint32)SVAL(inbuf,smb_pid),
2718 (SMB_BIG_UINT)numtoread,
2719 (SMB_BIG_UINT)startpos,
2722 False, /* Non-blocking lock. */
2725 TALLOC_FREE(br_lck);
2727 if (NT_STATUS_V(status)) {
2728 END_PROFILE(SMBlockread);
2729 return ERROR_NT(status);
2733 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
2736 if (numtoread > max_recv) {
2737 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
2738 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2739 (unsigned int)numtoread, (unsigned int)max_recv ));
2740 numtoread = MIN(numtoread,max_recv);
2742 nread = read_file(fsp,data,startpos,numtoread);
2745 END_PROFILE(SMBlockread);
2746 return(UNIXERROR(ERRDOS,ERRnoaccess));
2750 SSVAL(outbuf,smb_vwv0,nread);
2751 SSVAL(outbuf,smb_vwv5,nread+3);
2752 SSVAL(smb_buf(outbuf),1,nread);
2754 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
2755 fsp->fnum, (int)numtoread, (int)nread));
2757 END_PROFILE(SMBlockread);
2762 #define DBGC_CLASS DBGC_ALL
2764 /****************************************************************************
2766 ****************************************************************************/
2768 int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2775 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
2776 START_PROFILE(SMBread);
2778 CHECK_FSP(fsp,conn);
2779 if (!CHECK_READ(fsp,inbuf)) {
2780 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2783 numtoread = SVAL(inbuf,smb_vwv1);
2784 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2786 outsize = set_message(inbuf,outbuf,5,3,True);
2787 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2789 * The requested read size cannot be greater than max_recv. JRA.
2791 if (numtoread > max_recv) {
2792 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
2793 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2794 (unsigned int)numtoread, (unsigned int)max_recv ));
2795 numtoread = MIN(numtoread,max_recv);
2798 data = smb_buf(outbuf) + 3;
2800 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2801 END_PROFILE(SMBread);
2802 return ERROR_DOS(ERRDOS,ERRlock);
2806 nread = read_file(fsp,data,startpos,numtoread);
2809 END_PROFILE(SMBread);
2810 return(UNIXERROR(ERRDOS,ERRnoaccess));
2814 SSVAL(outbuf,smb_vwv0,nread);
2815 SSVAL(outbuf,smb_vwv5,nread+3);
2816 SCVAL(smb_buf(outbuf),0,1);
2817 SSVAL(smb_buf(outbuf),1,nread);
2819 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
2820 fsp->fnum, (int)numtoread, (int)nread ) );
2822 END_PROFILE(SMBread);
2826 /****************************************************************************
2828 ****************************************************************************/
2830 static int setup_readX_header(const uint8 *inbuf, uint8 *outbuf,
2836 outsize = set_message((char *)inbuf, (char *)outbuf,12,smb_maxcnt,
2838 data = smb_buf(outbuf);
2840 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2841 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
2842 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2843 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
2844 SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
2845 SCVAL(outbuf,smb_vwv0,0xFF);
2846 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
2847 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
2851 /****************************************************************************
2852 Reply to a read and X - possibly using sendfile.
2853 ****************************************************************************/
2855 static void send_file_readX(connection_struct *conn, struct smb_request *req,
2856 files_struct *fsp, SMB_OFF_T startpos,
2859 SMB_STRUCT_STAT sbuf;
2862 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
2863 reply_unixerror(req, ERRDOS, ERRnoaccess);
2867 if (startpos > sbuf.st_size) {
2869 } else if (smb_maxcnt > (sbuf.st_size - startpos)) {
2870 smb_maxcnt = (sbuf.st_size - startpos);
2873 if (smb_maxcnt == 0) {
2877 #if defined(WITH_SENDFILE)
2879 * We can only use sendfile on a non-chained packet
2880 * but we can use on a non-oplocked file. tridge proved this
2881 * on a train in Germany :-). JRA.
2884 if ((chain_size == 0) && (CVAL(req->inbuf,smb_vwv0) == 0xFF) &&
2885 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
2886 uint8 headerbuf[smb_size + 12 * 2];
2890 * Set up the packet header before send. We
2891 * assume here the sendfile will work (get the
2892 * correct amount of data).
2895 header = data_blob_const(headerbuf, sizeof(headerbuf));
2897 construct_reply_common((char *)req->inbuf, (char *)headerbuf);
2898 setup_readX_header(req->inbuf, headerbuf, smb_maxcnt);
2900 if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) {
2901 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2902 if (errno == ENOSYS) {
2907 * Special hack for broken Linux with no working sendfile. If we
2908 * return EINTR we sent the header but not the rest of the data.
2909 * Fake this up by doing read/write calls.
2912 if (errno == EINTR) {
2913 /* Ensure we don't do this again. */
2914 set_use_sendfile(SNUM(conn), False);
2915 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
2916 nread = fake_sendfile(fsp, startpos,
2919 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2920 fsp->fsp_name, strerror(errno) ));
2921 exit_server_cleanly("send_file_readX: fake_sendfile failed");
2923 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
2924 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2925 /* No outbuf here means successful sendfile. */
2926 TALLOC_FREE(req->outbuf);
2930 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
2931 fsp->fsp_name, strerror(errno) ));
2932 exit_server_cleanly("send_file_readX sendfile failed");
2935 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
2936 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2937 /* No outbuf here means successful sendfile. */
2938 TALLOC_FREE(req->outbuf);
2946 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
2947 uint8 headerbuf[smb_size + 2*12];
2949 construct_reply_common((char *)req->inbuf, (char *)headerbuf);
2950 setup_readX_header(req->inbuf, headerbuf, smb_maxcnt);
2952 /* Send out the header. */
2953 if (write_data(smbd_server_fd(), (char *)headerbuf,
2954 sizeof(headerbuf)) != sizeof(headerbuf)) {
2955 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
2956 fsp->fsp_name, strerror(errno) ));
2957 exit_server_cleanly("send_file_readX sendfile failed");
2959 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
2961 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2962 fsp->fsp_name, strerror(errno) ));
2963 exit_server_cleanly("send_file_readX: fake_sendfile failed");
2965 TALLOC_FREE(req->outbuf);
2968 reply_outbuf(req, 12, smb_maxcnt);
2970 nread = read_file(fsp, smb_buf(req->outbuf), startpos,
2973 reply_unixerror(req, ERRDOS, ERRnoaccess);
2977 setup_readX_header(req->inbuf, req->outbuf, nread);
2979 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
2980 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2982 chain_reply_new(req);
2988 /****************************************************************************
2989 Reply to a read and X.
2990 ****************************************************************************/
2992 void reply_read_and_X(connection_struct *conn, struct smb_request *req)
2997 BOOL big_readX = False;
2999 size_t smb_mincnt = SVAL(req->inbuf,smb_vwv6);
3002 START_PROFILE(SMBreadX);
3004 if ((req->wct != 10) && (req->wct != 12)) {
3005 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3009 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
3010 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
3011 smb_maxcnt = SVAL(req->inbuf,smb_vwv5);
3013 /* If it's an IPC, pass off the pipe handler. */
3015 reply_pipe_read_and_X(req);
3016 END_PROFILE(SMBreadX);
3020 if (!check_fsp(conn, req, fsp, ¤t_user)) {
3021 END_PROFILE(SMBreadX);
3025 if (!CHECK_READ(fsp,req->inbuf)) {
3026 reply_doserror(req, ERRDOS,ERRbadaccess);
3027 END_PROFILE(SMBreadX);
3031 if (global_client_caps & CAP_LARGE_READX) {
3032 size_t upper_size = SVAL(req->inbuf,smb_vwv7);
3033 smb_maxcnt |= (upper_size<<16);
3034 if (upper_size > 1) {
3035 /* Can't do this on a chained packet. */
3036 if ((CVAL(req->inbuf,smb_vwv0) != 0xFF)) {
3037 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3038 END_PROFILE(SMBreadX);
3041 /* We currently don't do this on signed or sealed data. */
3042 if (srv_is_signing_active() || srv_encryption_on()) {
3043 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3044 END_PROFILE(SMBreadX);
3047 /* Is there room in the reply for this data ? */
3048 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3050 NT_STATUS_INVALID_PARAMETER);
3051 END_PROFILE(SMBreadX);
3058 if (req->wct == 12) {
3059 #ifdef LARGE_SMB_OFF_T
3061 * This is a large offset (64 bit) read.
3063 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv10)) << 32);
3065 #else /* !LARGE_SMB_OFF_T */
3068 * Ensure we haven't been sent a >32 bit offset.
3071 if(IVAL(req->inbuf,smb_vwv10) != 0) {
3072 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3073 "used and we don't support 64 bit offsets.\n",
3074 (unsigned int)IVAL(req->inbuf,smb_vwv10) ));
3075 END_PROFILE(SMBreadX);
3076 reply_doserror(req, ERRDOS, ERRbadaccess);
3080 #endif /* LARGE_SMB_OFF_T */
3084 if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)smb_maxcnt,
3085 (SMB_BIG_UINT)startpos, READ_LOCK)) {
3086 END_PROFILE(SMBreadX);
3087 reply_doserror(req, ERRDOS, ERRlock);
3092 && schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
3093 END_PROFILE(SMBreadX);
3094 reply_post_legacy(req, -1);
3098 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3100 END_PROFILE(SMBreadX);
3104 /****************************************************************************
3105 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3106 ****************************************************************************/
3108 int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3111 ssize_t total_written=0;
3112 size_t numtowrite=0;
3117 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3120 START_PROFILE(SMBwritebraw);
3122 if (srv_is_signing_active()) {
3123 exit_server_cleanly("reply_writebraw: SMB signing is active - raw reads/writes are disallowed.");
3126 CHECK_FSP(fsp,conn);
3127 if (!CHECK_WRITE(fsp)) {
3128 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3131 tcount = IVAL(inbuf,smb_vwv1);
3132 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
3133 write_through = BITSETW(inbuf+smb_vwv7,0);
3135 /* We have to deal with slightly different formats depending
3136 on whether we are using the core+ or lanman1.0 protocol */
3138 if(Protocol <= PROTOCOL_COREPLUS) {
3139 numtowrite = SVAL(smb_buf(inbuf),-2);
3140 data = smb_buf(inbuf);
3142 numtowrite = SVAL(inbuf,smb_vwv10);
3143 data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11);
3146 /* force the error type */
3147 SCVAL(inbuf,smb_com,SMBwritec);
3148 SCVAL(outbuf,smb_com,SMBwritec);
3150 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3151 END_PROFILE(SMBwritebraw);
3152 return(ERROR_DOS(ERRDOS,ERRlock));
3156 nwritten = write_file(fsp,data,startpos,numtowrite);
3158 DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n",
3159 fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through));
3161 if (nwritten < (ssize_t)numtowrite) {
3162 END_PROFILE(SMBwritebraw);
3163 return(UNIXERROR(ERRHRD,ERRdiskfull));
3166 total_written = nwritten;
3168 /* Return a message to the redirector to tell it to send more bytes */
3169 SCVAL(outbuf,smb_com,SMBwritebraw);
3170 SSVALS(outbuf,smb_vwv0,-1);
3171 outsize = set_message(inbuf,outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3173 if (!send_smb(smbd_server_fd(),outbuf))
3174 exit_server_cleanly("reply_writebraw: send_smb failed.");
3176 /* Now read the raw data into the buffer and write it */
3177 if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) {
3178 exit_server_cleanly("secondary writebraw failed");
3181 /* Even though this is not an smb message, smb_len returns the generic length of an smb message */
3182 numtowrite = smb_len(inbuf);
3184 /* Set up outbuf to return the correct return */
3185 outsize = set_message(inbuf,outbuf,1,0,True);
3186 SCVAL(outbuf,smb_com,SMBwritec);
3188 if (numtowrite != 0) {
3190 if (numtowrite > BUFFER_SIZE) {
3191 DEBUG(0,("reply_writebraw: Oversize secondary write raw requested (%u). Terminating\n",
3192 (unsigned int)numtowrite ));
3193 exit_server_cleanly("secondary writebraw failed");
3196 if (tcount > nwritten+numtowrite) {
3197 DEBUG(3,("Client overestimated the write %d %d %d\n",
3198 (int)tcount,(int)nwritten,(int)numtowrite));
3201 if (read_data( smbd_server_fd(), inbuf+4, numtowrite) != numtowrite ) {
3202 DEBUG(0,("reply_writebraw: Oversize secondary write raw read failed (%s). Terminating\n",
3204 exit_server_cleanly("secondary writebraw failed");
3207 nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite);
3208 if (nwritten == -1) {
3209 END_PROFILE(SMBwritebraw);
3210 return(UNIXERROR(ERRHRD,ERRdiskfull));
3213 if (nwritten < (ssize_t)numtowrite) {
3214 SCVAL(outbuf,smb_rcls,ERRHRD);
3215 SSVAL(outbuf,smb_err,ERRdiskfull);
3219 total_written += nwritten;
3222 SSVAL(outbuf,smb_vwv0,total_written);
3224 status = sync_file(conn, fsp, write_through);
3225 if (!NT_STATUS_IS_OK(status)) {
3226 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3227 fsp->fsp_name, nt_errstr(status) ));
3228 END_PROFILE(SMBwritebraw);
3229 return ERROR_NT(status);
3232 DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n",
3233 fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written));
3235 /* we won't return a status if write through is not selected - this follows what WfWg does */
3236 END_PROFILE(SMBwritebraw);
3237 if (!write_through && total_written==tcount) {
3239 #if RABBIT_PELLET_FIX
3241 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3242 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA.
3244 if (!send_keepalive(smbd_server_fd()))
3245 exit_server_cleanly("reply_writebraw: send of keepalive failed");
3254 #define DBGC_CLASS DBGC_LOCKING
3256 /****************************************************************************
3257 Reply to a writeunlock (core+).
3258 ****************************************************************************/
3260 int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf,
3261 int size, int dum_buffsize)
3263 ssize_t nwritten = -1;
3267 NTSTATUS status = NT_STATUS_OK;
3268 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3270 START_PROFILE(SMBwriteunlock);
3272 CHECK_FSP(fsp,conn);
3273 if (!CHECK_WRITE(fsp)) {
3274 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3277 numtowrite = SVAL(inbuf,smb_vwv1);
3278 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3279 data = smb_buf(inbuf) + 3;
3281 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3282 END_PROFILE(SMBwriteunlock);
3283 return ERROR_DOS(ERRDOS,ERRlock);
3286 /* The special X/Open SMB protocol handling of
3287 zero length writes is *NOT* done for
3289 if(numtowrite == 0) {
3292 nwritten = write_file(fsp,data,startpos,numtowrite);
3295 status = sync_file(conn, fsp, False /* write through */);
3296 if (!NT_STATUS_IS_OK(status)) {
3297 END_PROFILE(SMBwriteunlock);
3298 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3299 fsp->fsp_name, nt_errstr(status) ));
3300 return ERROR_NT(status);
3303 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3304 END_PROFILE(SMBwriteunlock);
3305 return(UNIXERROR(ERRHRD,ERRdiskfull));
3309 status = do_unlock(smbd_messaging_context(),
3311 (uint32)SVAL(inbuf,smb_pid),
3312 (SMB_BIG_UINT)numtowrite,
3313 (SMB_BIG_UINT)startpos,
3316 if (NT_STATUS_V(status)) {
3317 END_PROFILE(SMBwriteunlock);
3318 return ERROR_NT(status);
3322 outsize = set_message(inbuf,outbuf,1,0,True);
3324 SSVAL(outbuf,smb_vwv0,nwritten);
3326 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3327 fsp->fnum, (int)numtowrite, (int)nwritten));
3329 END_PROFILE(SMBwriteunlock);
3334 #define DBGC_CLASS DBGC_ALL
3336 /****************************************************************************
3338 ****************************************************************************/
3340 int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize)
3343 ssize_t nwritten = -1;
3346 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3349 START_PROFILE(SMBwrite);
3351 /* If it's an IPC, pass off the pipe handler. */
3353 END_PROFILE(SMBwrite);
3354 return reply_pipe_write(inbuf,outbuf,size,dum_buffsize);
3357 CHECK_FSP(fsp,conn);
3358 if (!CHECK_WRITE(fsp)) {
3359 END_PROFILE(SMBwrite);
3360 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3363 numtowrite = SVAL(inbuf,smb_vwv1);
3364 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3365 data = smb_buf(inbuf) + 3;
3367 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3368 END_PROFILE(SMBwrite);
3369 return ERROR_DOS(ERRDOS,ERRlock);
3373 * X/Open SMB protocol says that if smb_vwv1 is
3374 * zero then the file size should be extended or
3375 * truncated to the size given in smb_vwv[2-3].
3378 if(numtowrite == 0) {
3380 * This is actually an allocate call, and set EOF. JRA.
3382 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
3384 END_PROFILE(SMBwrite);
3385 return ERROR_NT(NT_STATUS_DISK_FULL);
3387 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
3389 END_PROFILE(SMBwrite);
3390 return ERROR_NT(NT_STATUS_DISK_FULL);
3393 nwritten = write_file(fsp,data,startpos,numtowrite);
3395 status = sync_file(conn, fsp, False);
3396 if (!NT_STATUS_IS_OK(status)) {
3397 END_PROFILE(SMBwrite);
3398 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3399 fsp->fsp_name, nt_errstr(status) ));
3400 return ERROR_NT(status);
3403 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3404 END_PROFILE(SMBwrite);
3405 return(UNIXERROR(ERRHRD,ERRdiskfull));
3408 outsize = set_message(inbuf,outbuf,1,0,True);
3410 SSVAL(outbuf,smb_vwv0,nwritten);
3412 if (nwritten < (ssize_t)numtowrite) {
3413 SCVAL(outbuf,smb_rcls,ERRHRD);
3414 SSVAL(outbuf,smb_err,ERRdiskfull);
3417 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3419 END_PROFILE(SMBwrite);
3423 /****************************************************************************
3424 Reply to a write and X.
3425 ****************************************************************************/
3427 void reply_write_and_X(connection_struct *conn, struct smb_request *req)
3434 unsigned int smb_doff;
3435 unsigned int smblen;
3440 START_PROFILE(SMBwriteX);
3442 if ((req->wct != 12) && (req->wct != 14)) {
3443 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3444 END_PROFILE(SMBwriteX);
3448 numtowrite = SVAL(req->inbuf,smb_vwv10);
3449 smb_doff = SVAL(req->inbuf,smb_vwv11);
3450 smblen = smb_len(req->inbuf);
3451 large_writeX = ((req->wct == 14) && (smblen > 0xFFFF));
3453 /* Deal with possible LARGE_WRITEX */
3455 numtowrite |= ((((size_t)SVAL(req->inbuf,smb_vwv9)) & 1 )<<16);
3458 if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) {
3459 reply_doserror(req, ERRDOS, ERRbadmem);
3460 END_PROFILE(SMBwriteX);
3464 /* If it's an IPC, pass off the pipe handler. */
3466 reply_pipe_write_and_X(req);
3467 END_PROFILE(SMBwriteX);
3471 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
3472 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
3473 write_through = BITSETW(req->inbuf+smb_vwv7,0);
3475 if (!check_fsp(conn, req, fsp, ¤t_user)) {
3476 END_PROFILE(SMBwriteX);
3480 if (!CHECK_WRITE(fsp)) {
3481 reply_doserror(req, ERRDOS, ERRbadaccess);
3482 END_PROFILE(SMBwriteX);
3486 data = smb_base(req->inbuf) + smb_doff;
3488 if(req->wct == 14) {
3489 #ifdef LARGE_SMB_OFF_T
3491 * This is a large offset (64 bit) write.
3493 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv12)) << 32);
3495 #else /* !LARGE_SMB_OFF_T */
3498 * Ensure we haven't been sent a >32 bit offset.
3501 if(IVAL(req->inbuf,smb_vwv12) != 0) {
3502 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
3503 "used and we don't support 64 bit offsets.\n",
3504 (unsigned int)IVAL(inbuf,smb_vwv12) ));
3505 reply_doserror(req, ERRDOS, ERRbadaccess);
3506 END_PROFILE(SMBwriteX);
3510 #endif /* LARGE_SMB_OFF_T */
3513 if (is_locked(fsp,(uint32)req->smbpid,
3514 (SMB_BIG_UINT)numtowrite,
3515 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3516 reply_doserror(req, ERRDOS, ERRlock);
3517 END_PROFILE(SMBwriteX);
3521 /* X/Open SMB protocol says that, unlike SMBwrite
3522 if the length is zero then NO truncation is
3523 done, just a write of zero. To truncate a file,
3526 if(numtowrite == 0) {
3530 if (schedule_aio_write_and_X(conn, req, fsp, data, startpos,
3532 END_PROFILE(SMBwriteX);
3536 nwritten = write_file(fsp,data,startpos,numtowrite);
3539 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3540 reply_unixerror(req, ERRHRD, ERRdiskfull);
3541 END_PROFILE(SMBwriteX);
3545 reply_outbuf(req, 6, 0);
3546 SSVAL(req->outbuf,smb_vwv2,nwritten);
3548 SSVAL(req->outbuf,smb_vwv4,(nwritten>>16)&1);
3550 if (nwritten < (ssize_t)numtowrite) {
3551 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3552 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3555 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
3556 fsp->fnum, (int)numtowrite, (int)nwritten));
3558 status = sync_file(conn, fsp, write_through);
3559 if (!NT_STATUS_IS_OK(status)) {
3560 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
3561 fsp->fsp_name, nt_errstr(status) ));
3562 reply_nterror(req, status);
3563 END_PROFILE(SMBwriteX);
3567 END_PROFILE(SMBwriteX);
3568 chain_reply_new(req);
3572 /****************************************************************************
3574 ****************************************************************************/
3576 int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3582 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3583 START_PROFILE(SMBlseek);
3585 CHECK_FSP(fsp,conn);
3587 flush_write_cache(fsp, SEEK_FLUSH);
3589 mode = SVAL(inbuf,smb_vwv1) & 3;
3590 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
3591 startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2);
3600 res = fsp->fh->pos + startpos;
3611 if (umode == SEEK_END) {
3612 if((res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,startpos,umode)) == -1) {
3613 if(errno == EINVAL) {
3614 SMB_OFF_T current_pos = startpos;
3615 SMB_STRUCT_STAT sbuf;
3617 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
3618 END_PROFILE(SMBlseek);
3619 return(UNIXERROR(ERRDOS,ERRnoaccess));
3622 current_pos += sbuf.st_size;
3624 res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,0,SEEK_SET);
3629 END_PROFILE(SMBlseek);
3630 return(UNIXERROR(ERRDOS,ERRnoaccess));
3636 outsize = set_message(inbuf,outbuf,2,0,True);
3637 SIVAL(outbuf,smb_vwv0,res);
3639 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
3640 fsp->fnum, (double)startpos, (double)res, mode));
3642 END_PROFILE(SMBlseek);
3646 /****************************************************************************
3648 ****************************************************************************/
3650 void reply_flush(connection_struct *conn, struct smb_request *req)
3655 START_PROFILE(SMBflush);
3658 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3662 fnum = SVAL(req->inbuf,smb_vwv0);
3663 fsp = file_fsp(fnum);
3665 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp, ¤t_user)) {
3670 file_sync_all(conn);
3672 NTSTATUS status = sync_file(conn, fsp, True);
3673 if (!NT_STATUS_IS_OK(status)) {
3674 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
3675 fsp->fsp_name, nt_errstr(status) ));
3676 reply_nterror(req, status);
3677 END_PROFILE(SMBflush);
3682 reply_outbuf(req, 0, 0);
3684 DEBUG(3,("flush\n"));
3685 END_PROFILE(SMBflush);
3689 /****************************************************************************
3691 conn POINTER CAN BE NULL HERE !
3692 ****************************************************************************/
3694 void reply_exit(connection_struct *conn, struct smb_request *req)
3696 START_PROFILE(SMBexit);
3698 file_close_pid(req->smbpid, req->vuid);
3700 reply_outbuf(req, 0, 0);
3702 DEBUG(3,("exit\n"));
3704 END_PROFILE(SMBexit);
3708 /****************************************************************************
3709 Reply to a close - has to deal with closing a directory opened by NT SMB's.
3710 ****************************************************************************/
3712 void reply_close(connection_struct *conn, struct smb_request *req)
3714 NTSTATUS status = NT_STATUS_OK;
3715 files_struct *fsp = NULL;
3716 START_PROFILE(SMBclose);
3719 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3720 END_PROFILE(SMBclose);
3724 /* If it's an IPC, pass off to the pipe handler. */
3726 reply_pipe_close(conn, req);
3727 END_PROFILE(SMBclose);
3731 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
3734 * We can only use CHECK_FSP if we know it's not a directory.
3737 if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) {
3738 reply_doserror(req, ERRDOS, ERRbadfid);
3739 END_PROFILE(SMBclose);
3743 if(fsp->is_directory) {
3745 * Special case - close NT SMB directory handle.
3747 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
3748 status = close_file(fsp,NORMAL_CLOSE);
3751 * Close ordinary file.
3754 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
3755 fsp->fh->fd, fsp->fnum,
3756 conn->num_files_open));
3759 * Take care of any time sent in the close.
3762 fsp_set_pending_modtime(fsp, convert_time_t_to_timespec(
3763 srv_make_unix_date3(
3764 req->inbuf+smb_vwv1)));
3767 * close_file() returns the unix errno if an error
3768 * was detected on close - normally this is due to
3769 * a disk full error. If not then it was probably an I/O error.
3772 status = close_file(fsp,NORMAL_CLOSE);
3775 if (!NT_STATUS_IS_OK(status)) {
3776 reply_nterror(req, status);
3777 END_PROFILE(SMBclose);
3781 reply_outbuf(req, 0, 0);
3782 END_PROFILE(SMBclose);
3786 /****************************************************************************
3787 Reply to a writeclose (Core+ protocol).
3788 ****************************************************************************/
3790 int reply_writeclose(connection_struct *conn,
3791 char *inbuf,char *outbuf, int size, int dum_buffsize)
3794 ssize_t nwritten = -1;
3796 NTSTATUS close_status = NT_STATUS_OK;
3799 struct timespec mtime;
3800 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3801 START_PROFILE(SMBwriteclose);
3803 CHECK_FSP(fsp,conn);
3804 if (!CHECK_WRITE(fsp)) {
3805 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3808 numtowrite = SVAL(inbuf,smb_vwv1);
3809 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3810 mtime = convert_time_t_to_timespec(srv_make_unix_date3(inbuf+smb_vwv4));
3811 data = smb_buf(inbuf) + 1;
3813 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3814 END_PROFILE(SMBwriteclose);
3815 return ERROR_DOS(ERRDOS,ERRlock);
3818 nwritten = write_file(fsp,data,startpos,numtowrite);
3820 set_filetime(conn, fsp->fsp_name, mtime);
3823 * More insanity. W2K only closes the file if writelen > 0.
3828 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
3830 close_status = close_file(fsp,NORMAL_CLOSE);
3833 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
3834 fsp->fnum, (int)numtowrite, (int)nwritten,
3835 conn->num_files_open));
3837 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3838 END_PROFILE(SMBwriteclose);
3839 return(UNIXERROR(ERRHRD,ERRdiskfull));
3842 if(!NT_STATUS_IS_OK(close_status)) {
3843 END_PROFILE(SMBwriteclose);
3844 return ERROR_NT(close_status);
3847 outsize = set_message(inbuf,outbuf,1,0,True);
3849 SSVAL(outbuf,smb_vwv0,nwritten);
3850 END_PROFILE(SMBwriteclose);
3855 #define DBGC_CLASS DBGC_LOCKING
3857 /****************************************************************************
3859 ****************************************************************************/
3861 int reply_lock(connection_struct *conn,
3862 char *inbuf,char *outbuf, int length, int dum_buffsize)
3864 int outsize = set_message(inbuf,outbuf,0,0,False);
3865 SMB_BIG_UINT count,offset;
3867 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3868 struct byte_range_lock *br_lck = NULL;
3870 START_PROFILE(SMBlock);
3872 CHECK_FSP(fsp,conn);
3874 release_level_2_oplocks_on_change(fsp);
3876 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3877 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3879 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3880 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
3882 br_lck = do_lock(smbd_messaging_context(),
3884 (uint32)SVAL(inbuf,smb_pid),
3889 False, /* Non-blocking lock. */
3893 TALLOC_FREE(br_lck);
3895 if (NT_STATUS_V(status)) {
3896 END_PROFILE(SMBlock);
3897 return ERROR_NT(status);
3900 END_PROFILE(SMBlock);
3904 /****************************************************************************
3906 ****************************************************************************/
3908 int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size,
3911 int outsize = set_message(inbuf,outbuf,0,0,False);
3912 SMB_BIG_UINT count,offset;
3914 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3915 START_PROFILE(SMBunlock);
3917 CHECK_FSP(fsp,conn);
3919 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3920 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3922 status = do_unlock(smbd_messaging_context(),
3924 (uint32)SVAL(inbuf,smb_pid),
3929 if (NT_STATUS_V(status)) {
3930 END_PROFILE(SMBunlock);
3931 return ERROR_NT(status);
3934 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3935 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
3937 END_PROFILE(SMBunlock);
3942 #define DBGC_CLASS DBGC_ALL
3944 /****************************************************************************
3946 conn POINTER CAN BE NULL HERE !
3947 ****************************************************************************/
3949 void reply_tdis(connection_struct *conn, struct smb_request *req)
3951 START_PROFILE(SMBtdis);
3954 DEBUG(4,("Invalid connection in tdis\n"));
3955 reply_doserror(req, ERRSRV, ERRinvnid);
3956 END_PROFILE(SMBtdis);
3962 close_cnum(conn,req->vuid);
3964 reply_outbuf(req, 0, 0);
3965 END_PROFILE(SMBtdis);
3969 /****************************************************************************
3971 conn POINTER CAN BE NULL HERE !
3972 ****************************************************************************/
3974 void reply_echo(connection_struct *conn, struct smb_request *req)
3978 unsigned int data_len = smb_buflen(req->inbuf);
3980 START_PROFILE(SMBecho);
3983 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3984 END_PROFILE(SMBecho);
3988 if (data_len > BUFFER_SIZE) {
3989 DEBUG(0,("reply_echo: data_len too large.\n"));
3990 reply_nterror(req, NT_STATUS_INSUFFICIENT_RESOURCES);
3991 END_PROFILE(SMBecho);
3995 smb_reverb = SVAL(req->inbuf,smb_vwv0);
3997 reply_outbuf(req, 1, data_len);
3999 /* copy any incoming data back out */
4001 memcpy(smb_buf(req->outbuf),smb_buf(req->inbuf),data_len);
4004 if (smb_reverb > 100) {
4005 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
4009 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
4010 SSVAL(req->outbuf,smb_vwv0,seq_num);
4012 show_msg((char *)req->outbuf);
4013 if (!send_smb(smbd_server_fd(),(char *)req->outbuf))
4014 exit_server_cleanly("reply_echo: send_smb failed.");
4017 DEBUG(3,("echo %d times\n", smb_reverb));
4019 TALLOC_FREE(req->outbuf);
4023 END_PROFILE(SMBecho);
4027 /****************************************************************************
4028 Reply to a printopen.
4029 ****************************************************************************/
4031 int reply_printopen(connection_struct *conn,
4032 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4038 START_PROFILE(SMBsplopen);
4040 if (!CAN_PRINT(conn)) {
4041 END_PROFILE(SMBsplopen);
4042 return ERROR_DOS(ERRDOS,ERRnoaccess);
4045 /* Open for exclusive use, write only. */
4046 status = print_fsp_open(conn, NULL, &fsp);
4048 if (!NT_STATUS_IS_OK(status)) {
4049 END_PROFILE(SMBsplopen);
4050 return(ERROR_NT(status));
4053 outsize = set_message(inbuf,outbuf,1,0,True);
4054 SSVAL(outbuf,smb_vwv0,fsp->fnum);
4056 DEBUG(3,("openprint fd=%d fnum=%d\n",
4057 fsp->fh->fd, fsp->fnum));
4059 END_PROFILE(SMBsplopen);
4063 /****************************************************************************
4064 Reply to a printclose.
4065 ****************************************************************************/
4067 int reply_printclose(connection_struct *conn,
4068 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4070 int outsize = set_message(inbuf,outbuf,0,0,False);
4071 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
4073 START_PROFILE(SMBsplclose);
4075 CHECK_FSP(fsp,conn);
4077 if (!CAN_PRINT(conn)) {
4078 END_PROFILE(SMBsplclose);
4079 return ERROR_NT(NT_STATUS_DOS(ERRSRV, ERRerror));
4082 DEBUG(3,("printclose fd=%d fnum=%d\n",
4083 fsp->fh->fd,fsp->fnum));
4085 status = close_file(fsp,NORMAL_CLOSE);
4087 if(!NT_STATUS_IS_OK(status)) {
4088 END_PROFILE(SMBsplclose);
4089 return ERROR_NT(status);
4092 END_PROFILE(SMBsplclose);
4096 /****************************************************************************
4097 Reply to a printqueue.
4098 ****************************************************************************/
4100 int reply_printqueue(connection_struct *conn,
4101 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4103 int outsize = set_message(inbuf,outbuf,2,3,True);
4104 int max_count = SVAL(inbuf,smb_vwv0);
4105 int start_index = SVAL(inbuf,smb_vwv1);
4106 START_PROFILE(SMBsplretq);
4108 /* we used to allow the client to get the cnum wrong, but that
4109 is really quite gross and only worked when there was only
4110 one printer - I think we should now only accept it if they
4111 get it right (tridge) */
4112 if (!CAN_PRINT(conn)) {
4113 END_PROFILE(SMBsplretq);
4114 return ERROR_DOS(ERRDOS,ERRnoaccess);
4117 SSVAL(outbuf,smb_vwv0,0);
4118 SSVAL(outbuf,smb_vwv1,0);
4119 SCVAL(smb_buf(outbuf),0,1);
4120 SSVAL(smb_buf(outbuf),1,0);
4122 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4123 start_index, max_count));
4126 print_queue_struct *queue = NULL;
4127 print_status_struct status;
4128 char *p = smb_buf(outbuf) + 3;
4129 int count = print_queue_status(SNUM(conn), &queue, &status);
4130 int num_to_get = ABS(max_count);
4131 int first = (max_count>0?start_index:start_index+max_count+1);
4137 num_to_get = MIN(num_to_get,count-first);
4140 for (i=first;i<first+num_to_get;i++) {
4141 srv_put_dos_date2(p,0,queue[i].time);
4142 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
4143 SSVAL(p,5, queue[i].job);
4144 SIVAL(p,7,queue[i].size);
4146 srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p+12,
4147 queue[i].fs_user, 16, STR_ASCII);
4152 outsize = set_message(inbuf,outbuf,2,28*count+3,False);
4153 SSVAL(outbuf,smb_vwv0,count);
4154 SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1));
4155 SCVAL(smb_buf(outbuf),0,1);
4156 SSVAL(smb_buf(outbuf),1,28*count);
4161 DEBUG(3,("%d entries returned in queue\n",count));
4164 END_PROFILE(SMBsplretq);
4168 /****************************************************************************
4169 Reply to a printwrite.
4170 ****************************************************************************/
4172 int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4175 int outsize = set_message(inbuf,outbuf,0,0,False);
4177 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
4179 START_PROFILE(SMBsplwr);
4181 if (!CAN_PRINT(conn)) {
4182 END_PROFILE(SMBsplwr);
4183 return ERROR_DOS(ERRDOS,ERRnoaccess);
4186 CHECK_FSP(fsp,conn);
4187 if (!CHECK_WRITE(fsp)) {
4188 return(ERROR_DOS(ERRDOS,ERRbadaccess));
4191 numtowrite = SVAL(smb_buf(inbuf),1);
4192 data = smb_buf(inbuf) + 3;
4194 if (write_file(fsp,data,-1,numtowrite) != numtowrite) {
4195 END_PROFILE(SMBsplwr);
4196 return(UNIXERROR(ERRHRD,ERRdiskfull));
4199 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
4201 END_PROFILE(SMBsplwr);
4205 /****************************************************************************
4207 ****************************************************************************/
4209 void reply_mkdir(connection_struct *conn, struct smb_request *req)
4213 SMB_STRUCT_STAT sbuf;
4215 START_PROFILE(SMBmkdir);
4217 srvstr_get_path((char *)req->inbuf, req->flags2, directory,
4218 smb_buf(req->inbuf) + 1, sizeof(directory), 0,
4219 STR_TERMINATE, &status);
4220 if (!NT_STATUS_IS_OK(status)) {
4221 reply_nterror(req, status);
4222 END_PROFILE(SMBmkdir);
4226 status = resolve_dfspath(conn,
4227 req->flags2 & FLAGS2_DFS_PATHNAMES,
4229 if (!NT_STATUS_IS_OK(status)) {
4230 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4231 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4232 ERRSRV, ERRbadpath);
4233 END_PROFILE(SMBmkdir);
4236 reply_nterror(req, status);
4237 END_PROFILE(SMBmkdir);
4241 status = unix_convert(conn, directory, False, NULL, &sbuf);
4242 if (!NT_STATUS_IS_OK(status)) {
4243 reply_nterror(req, status);
4244 END_PROFILE(SMBmkdir);
4248 status = check_name(conn, directory);
4249 if (!NT_STATUS_IS_OK(status)) {
4250 reply_nterror(req, status);
4251 END_PROFILE(SMBmkdir);
4255 status = create_directory(conn, directory);
4257 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
4259 if (!NT_STATUS_IS_OK(status)) {
4261 if (!use_nt_status()
4262 && NT_STATUS_EQUAL(status,
4263 NT_STATUS_OBJECT_NAME_COLLISION)) {
4265 * Yes, in the DOS error code case we get a
4266 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
4267 * samba4 torture test.
4269 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
4272 reply_nterror(req, status);
4273 END_PROFILE(SMBmkdir);
4277 reply_outbuf(req, 0, 0);
4279 DEBUG( 3, ( "mkdir %s\n", directory ) );
4281 END_PROFILE(SMBmkdir);
4285 /****************************************************************************
4286 Static function used by reply_rmdir to delete an entire directory
4287 tree recursively. Return True on ok, False on fail.
4288 ****************************************************************************/
4290 static BOOL recursive_rmdir(connection_struct *conn, char *directory)
4292 const char *dname = NULL;
4295 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
4300 while((dname = ReadDirName(dir_hnd, &offset))) {
4304 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4307 if (!is_visible_file(conn, directory, dname, &st, False))
4310 /* Construct the full name. */
4311 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
4317 pstrcpy(fullname, directory);
4318 pstrcat(fullname, "/");
4319 pstrcat(fullname, dname);
4321 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
4326 if(st.st_mode & S_IFDIR) {
4327 if(!recursive_rmdir(conn, fullname)) {
4331 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
4335 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
4344 /****************************************************************************
4345 The internals of the rmdir code - called elsewhere.
4346 ****************************************************************************/
4348 NTSTATUS rmdir_internals(connection_struct *conn, const char *directory)
4353 /* Might be a symlink. */
4354 if(SMB_VFS_LSTAT(conn, directory, &st) != 0) {
4355 return map_nt_error_from_unix(errno);
4358 if (S_ISLNK(st.st_mode)) {
4359 /* Is what it points to a directory ? */
4360 if(SMB_VFS_STAT(conn, directory, &st) != 0) {
4361 return map_nt_error_from_unix(errno);
4363 if (!(S_ISDIR(st.st_mode))) {
4364 return NT_STATUS_NOT_A_DIRECTORY;
4366 ret = SMB_VFS_UNLINK(conn,directory);
4368 ret = SMB_VFS_RMDIR(conn,directory);
4371 notify_fname(conn, NOTIFY_ACTION_REMOVED,
4372 FILE_NOTIFY_CHANGE_DIR_NAME,
4374 return NT_STATUS_OK;
4377 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
4379 * Check to see if the only thing in this directory are
4380 * vetoed files/directories. If so then delete them and
4381 * retry. If we fail to delete any of them (and we *don't*
4382 * do a recursive delete) then fail the rmdir.
4386 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
4388 if(dir_hnd == NULL) {
4393 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
4394 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4396 if (!is_visible_file(conn, directory, dname, &st, False))
4398 if(!IS_VETO_PATH(conn, dname)) {
4405 /* We only have veto files/directories. Recursive delete. */
4407 RewindDir(dir_hnd,&dirpos);
4408 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
4411 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4413 if (!is_visible_file(conn, directory, dname, &st, False))
4416 /* Construct the full name. */
4417 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
4422 pstrcpy(fullname, directory);
4423 pstrcat(fullname, "/");
4424 pstrcat(fullname, dname);
4426 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0)
4428 if(st.st_mode & S_IFDIR) {
4429 if(lp_recursive_veto_delete(SNUM(conn))) {
4430 if(!recursive_rmdir(conn, fullname))
4433 if(SMB_VFS_RMDIR(conn,fullname) != 0)
4435 } else if(SMB_VFS_UNLINK(conn,fullname) != 0)
4439 /* Retry the rmdir */
4440 ret = SMB_VFS_RMDIR(conn,directory);
4446 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
4447 "%s\n", directory,strerror(errno)));
4448 return map_nt_error_from_unix(errno);
4451 notify_fname(conn, NOTIFY_ACTION_REMOVED,
4452 FILE_NOTIFY_CHANGE_DIR_NAME,
4455 return NT_STATUS_OK;
4458 /****************************************************************************
4460 ****************************************************************************/
4462 void reply_rmdir(connection_struct *conn, struct smb_request *req)
4465 SMB_STRUCT_STAT sbuf;
4467 START_PROFILE(SMBrmdir);
4469 srvstr_get_path((char *)req->inbuf, req->flags2, directory,
4470 smb_buf(req->inbuf) + 1, sizeof(directory), 0,
4471 STR_TERMINATE, &status);
4472 if (!NT_STATUS_IS_OK(status)) {
4473 reply_nterror(req, status);
4474 END_PROFILE(SMBrmdir);
4478 status = resolve_dfspath(conn,
4479 req->flags2 & FLAGS2_DFS_PATHNAMES,
4481 if (!NT_STATUS_IS_OK(status)) {
4482 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4483 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4484 ERRSRV, ERRbadpath);
4485 END_PROFILE(SMBrmdir);
4488 reply_nterror(req, status);
4489 END_PROFILE(SMBrmdir);
4493 status = unix_convert(conn, directory, False, NULL, &sbuf);
4494 if (!NT_STATUS_IS_OK(status)) {
4495 reply_nterror(req, status);
4496 END_PROFILE(SMBrmdir);
4500 status = check_name(conn, directory);
4501 if (!NT_STATUS_IS_OK(status)) {
4502 reply_nterror(req, status);
4503 END_PROFILE(SMBrmdir);
4507 dptr_closepath(directory, req->smbpid);
4508 status = rmdir_internals(conn, directory);
4509 if (!NT_STATUS_IS_OK(status)) {
4510 reply_nterror(req, status);
4511 END_PROFILE(SMBrmdir);
4515 reply_outbuf(req, 0, 0);
4517 DEBUG( 3, ( "rmdir %s\n", directory ) );
4519 END_PROFILE(SMBrmdir);
4523 /*******************************************************************
4524 Resolve wildcards in a filename rename.
4525 Note that name is in UNIX charset and thus potentially can be more
4526 than fstring buffer (255 bytes) especially in default UTF-8 case.
4527 Therefore, we use pstring inside and all calls should ensure that
4528 name2 is at least pstring-long (they do already)
4529 ********************************************************************/
4531 static BOOL resolve_wildcards(const char *name1, char *name2)
4533 pstring root1,root2;
4535 char *p,*p2, *pname1, *pname2;
4536 int available_space, actual_space;
4538 pname1 = strrchr_m(name1,'/');
4539 pname2 = strrchr_m(name2,'/');
4541 if (!pname1 || !pname2)
4544 pstrcpy(root1,pname1);
4545 pstrcpy(root2,pname2);
4546 p = strrchr_m(root1,'.');
4553 p = strrchr_m(root2,'.');
4567 } else if (*p2 == '*') {
4583 } else if (*p2 == '*') {
4593 available_space = sizeof(pstring) - PTR_DIFF(pname2, name2);
4596 actual_space = snprintf(pname2, available_space - 1, "%s.%s", root2, ext2);
4597 if (actual_space >= available_space - 1) {
4598 DEBUG(1,("resolve_wildcards: can't fit resolved name into specified buffer (overrun by %d bytes)\n",
4599 actual_space - available_space));
4602 pstrcpy_base(pname2, root2, name2);
4608 /****************************************************************************
4609 Ensure open files have their names updated. Updated to notify other smbd's
4611 ****************************************************************************/
4613 static void rename_open_files(connection_struct *conn,
4614 struct share_mode_lock *lck,
4615 const char *newname)
4618 BOOL did_rename = False;
4620 for(fsp = file_find_di_first(lck->id); fsp;
4621 fsp = file_find_di_next(fsp)) {
4622 /* fsp_name is a relative path under the fsp. To change this for other
4623 sharepaths we need to manipulate relative paths. */
4624 /* TODO - create the absolute path and manipulate the newname
4625 relative to the sharepath. */
4626 if (fsp->conn != conn) {
4629 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
4630 fsp->fnum, file_id_static_string(&fsp->file_id),
4631 fsp->fsp_name, newname ));
4632 string_set(&fsp->fsp_name, newname);
4637 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
4638 file_id_static_string(&lck->id), newname ));
4641 /* Send messages to all smbd's (not ourself) that the name has changed. */
4642 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
4646 /****************************************************************************
4647 We need to check if the source path is a parent directory of the destination
4648 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
4649 refuse the rename with a sharing violation. Under UNIX the above call can
4650 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
4651 probably need to check that the client is a Windows one before disallowing
4652 this as a UNIX client (one with UNIX extensions) can know the source is a
4653 symlink and make this decision intelligently. Found by an excellent bug
4654 report from <AndyLiebman@aol.com>.
4655 ****************************************************************************/
4657 static BOOL rename_path_prefix_equal(const char *src, const char *dest)
4659 const char *psrc = src;
4660 const char *pdst = dest;
4663 if (psrc[0] == '.' && psrc[1] == '/') {
4666 if (pdst[0] == '.' && pdst[1] == '/') {
4669 if ((slen = strlen(psrc)) > strlen(pdst)) {
4672 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
4676 * Do the notify calls from a rename
4679 static void notify_rename(connection_struct *conn, BOOL is_dir,
4680 const char *oldpath, const char *newpath)
4682 char *olddir, *newdir;
4683 const char *oldname, *newname;
4686 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
4687 : FILE_NOTIFY_CHANGE_FILE_NAME;
4689 if (!parent_dirname_talloc(NULL, oldpath, &olddir, &oldname)
4690 || !parent_dirname_talloc(NULL, newpath, &newdir, &newname)) {
4691 TALLOC_FREE(olddir);
4695 if (strcmp(olddir, newdir) == 0) {
4696 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
4697 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
4700 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
4701 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
4703 TALLOC_FREE(olddir);
4704 TALLOC_FREE(newdir);
4706 /* this is a strange one. w2k3 gives an additional event for
4707 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
4708 files, but not directories */
4710 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
4711 FILE_NOTIFY_CHANGE_ATTRIBUTES
4712 |FILE_NOTIFY_CHANGE_CREATION,
4717 /****************************************************************************
4718 Rename an open file - given an fsp.
4719 ****************************************************************************/
4721 NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstring newname, uint32 attrs, BOOL replace_if_exists)
4723 SMB_STRUCT_STAT sbuf, sbuf1;
4724 pstring newname_last_component;
4725 NTSTATUS status = NT_STATUS_OK;
4726 struct share_mode_lock *lck = NULL;
4731 status = unix_convert(conn, newname, False, newname_last_component, &sbuf);
4733 /* If an error we expect this to be NT_STATUS_OBJECT_PATH_NOT_FOUND */
4735 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(NT_STATUS_OBJECT_PATH_NOT_FOUND, status)) {
4739 status = check_name(conn, newname);
4740 if (!NT_STATUS_IS_OK(status)) {
4744 /* Ensure newname contains a '/' */
4745 if(strrchr_m(newname,'/') == 0) {
4748 pstrcpy(tmpstr, "./");
4749 pstrcat(tmpstr, newname);
4750 pstrcpy(newname, tmpstr);
4754 * Check for special case with case preserving and not
4755 * case sensitive. If the old last component differs from the original
4756 * last component only by case, then we should allow
4757 * the rename (user is trying to change the case of the
4761 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
4762 strequal(newname, fsp->fsp_name)) {
4764 pstring newname_modified_last_component;
4767 * Get the last component of the modified name.
4768 * Note that we guarantee that newname contains a '/'
4771 p = strrchr_m(newname,'/');
4772 pstrcpy(newname_modified_last_component,p+1);
4774 if(strcsequal(newname_modified_last_component,
4775 newname_last_component) == False) {
4777 * Replace the modified last component with
4780 pstrcpy(p+1, newname_last_component);
4785 * If the src and dest names are identical - including case,
4786 * don't do the rename, just return success.
4789 if (strcsequal(fsp->fsp_name, newname)) {
4790 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
4792 return NT_STATUS_OK;
4796 * Have vfs_object_exist also fill sbuf1
4798 dst_exists = vfs_object_exist(conn, newname, &sbuf1);
4800 if(!replace_if_exists && dst_exists) {
4801 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
4802 fsp->fsp_name,newname));
4803 return NT_STATUS_OBJECT_NAME_COLLISION;
4807 struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1);
4808 files_struct *dst_fsp = file_find_di_first(fileid);
4810 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
4811 return NT_STATUS_ACCESS_DENIED;
4815 /* Ensure we have a valid stat struct for the source. */
4816 if (fsp->fh->fd != -1) {
4817 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) == -1) {
4818 return map_nt_error_from_unix(errno);
4821 if (SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf) == -1) {
4822 return map_nt_error_from_unix(errno);
4826 status = can_rename(conn, fsp, attrs, &sbuf);
4828 if (!NT_STATUS_IS_OK(status)) {
4829 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4830 nt_errstr(status), fsp->fsp_name,newname));
4831 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
4832 status = NT_STATUS_ACCESS_DENIED;
4836 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
4837 return NT_STATUS_ACCESS_DENIED;
4840 lck = get_share_mode_lock(NULL, fsp->file_id, NULL, NULL);
4843 * We have the file open ourselves, so not being able to get the
4844 * corresponding share mode lock is a fatal error.
4847 SMB_ASSERT(lck != NULL);
4849 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
4850 uint32 create_options = fsp->fh->private_options;
4852 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
4853 fsp->fsp_name,newname));
4855 rename_open_files(conn, lck, newname);
4857 notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
4860 * A rename acts as a new file create w.r.t. allowing an initial delete
4861 * on close, probably because in Windows there is a new handle to the
4862 * new file. If initial delete on close was requested but not
4863 * originally set, we need to set it here. This is probably not 100% correct,
4864 * but will work for the CIFSFS client which in non-posix mode
4865 * depends on these semantics. JRA.
4868 set_allow_initial_delete_on_close(lck, fsp, True);
4870 if (create_options & FILE_DELETE_ON_CLOSE) {
4871 status = can_set_delete_on_close(fsp, True, 0);
4873 if (NT_STATUS_IS_OK(status)) {
4874 /* Note that here we set the *inital* delete on close flag,
4875 * not the regular one. The magic gets handled in close. */
4876 fsp->initial_delete_on_close = True;
4880 return NT_STATUS_OK;
4885 if (errno == ENOTDIR || errno == EISDIR) {
4886 status = NT_STATUS_OBJECT_NAME_COLLISION;
4888 status = map_nt_error_from_unix(errno);
4891 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4892 nt_errstr(status), fsp->fsp_name,newname));
4897 /****************************************************************************
4898 The guts of the rename command, split out so it may be called by the NT SMB
4900 ****************************************************************************/
4902 NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req,
4906 BOOL replace_if_exists,
4912 pstring last_component_src;
4913 pstring last_component_dest;
4916 NTSTATUS status = NT_STATUS_OK;
4917 SMB_STRUCT_STAT sbuf1, sbuf2;
4918 struct smb_Dir *dir_hnd = NULL;
4923 *directory = *mask = 0;
4928 status = unix_convert(conn, name, src_has_wild, last_component_src, &sbuf1);
4929 if (!NT_STATUS_IS_OK(status)) {
4933 status = unix_convert(conn, newname, dest_has_wild, last_component_dest, &sbuf2);
4934 if (!NT_STATUS_IS_OK(status)) {
4939 * Split the old name into directory and last component
4940 * strings. Note that unix_convert may have stripped off a
4941 * leading ./ from both name and newname if the rename is
4942 * at the root of the share. We need to make sure either both
4943 * name and newname contain a / character or neither of them do
4944 * as this is checked in resolve_wildcards().
4947 p = strrchr_m(name,'/');
4949 pstrcpy(directory,".");
4953 pstrcpy(directory,name);
4955 *p = '/'; /* Replace needed for exceptional test below. */
4959 * We should only check the mangled cache
4960 * here if unix_convert failed. This means
4961 * that the path in 'mask' doesn't exist
4962 * on the file system and so we need to look
4963 * for a possible mangle. This patch from
4964 * Tine Smukavec <valentin.smukavec@hermes.si>.
4967 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
4968 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
4971 if (!src_has_wild) {
4975 * No wildcards - just process the one file.
4977 BOOL is_short_name = mangle_is_8_3(name, True, conn->params);
4979 /* Add a terminating '/' to the directory name. */
4980 pstrcat(directory,"/");
4981 pstrcat(directory,mask);
4983 /* Ensure newname contains a '/' also */
4984 if(strrchr_m(newname,'/') == 0) {
4987 pstrcpy(tmpstr, "./");
4988 pstrcat(tmpstr, newname);
4989 pstrcpy(newname, tmpstr);
4992 DEBUG(3, ("rename_internals: case_sensitive = %d, "
4993 "case_preserve = %d, short case preserve = %d, "
4994 "directory = %s, newname = %s, "
4995 "last_component_dest = %s, is_8_3 = %d\n",
4996 conn->case_sensitive, conn->case_preserve,
4997 conn->short_case_preserve, directory,
4998 newname, last_component_dest, is_short_name));
5000 /* The dest name still may have wildcards. */
5001 if (dest_has_wild) {
5002 if (!resolve_wildcards(directory,newname)) {
5003 DEBUG(6, ("rename_internals: resolve_wildcards %s %s failed\n",
5004 directory,newname));
5005 return NT_STATUS_NO_MEMORY;
5010 SMB_VFS_STAT(conn, directory, &sbuf1);
5012 status = S_ISDIR(sbuf1.st_mode) ?
5013 open_directory(conn, req, directory, &sbuf1,
5015 FILE_SHARE_READ|FILE_SHARE_WRITE,
5016 FILE_OPEN, 0, 0, NULL,
5018 : open_file_ntcreate(conn, req, directory, &sbuf1,
5020 FILE_SHARE_READ|FILE_SHARE_WRITE,
5021 FILE_OPEN, 0, 0, 0, NULL,
5024 if (!NT_STATUS_IS_OK(status)) {
5025 DEBUG(3, ("Could not open rename source %s: %s\n",
5026 directory, nt_errstr(status)));
5030 status = rename_internals_fsp(conn, fsp, newname, attrs,
5033 close_file(fsp, NORMAL_CLOSE);
5035 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
5036 nt_errstr(status), directory,newname));
5042 * Wildcards - process each file that matches.
5044 if (strequal(mask,"????????.???")) {
5048 status = check_name(conn, directory);
5049 if (!NT_STATUS_IS_OK(status)) {
5053 dir_hnd = OpenDir(conn, directory, mask, attrs);
5054 if (dir_hnd == NULL) {
5055 return map_nt_error_from_unix(errno);
5058 status = NT_STATUS_NO_SUCH_FILE;
5060 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
5061 * - gentest fix. JRA
5064 while ((dname = ReadDirName(dir_hnd, &offset))) {
5067 BOOL sysdir_entry = False;
5069 pstrcpy(fname,dname);
5071 /* Quick check for "." and ".." */
5072 if (fname[0] == '.') {
5073 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
5075 sysdir_entry = True;
5082 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
5086 if(!mask_match(fname, mask, conn->case_sensitive)) {
5091 status = NT_STATUS_OBJECT_NAME_INVALID;
5095 slprintf(fname, sizeof(fname)-1, "%s/%s", directory, dname);
5097 pstrcpy(destname,newname);
5099 if (!resolve_wildcards(fname,destname)) {
5100 DEBUG(6, ("resolve_wildcards %s %s failed\n",
5106 SMB_VFS_STAT(conn, fname, &sbuf1);
5108 status = S_ISDIR(sbuf1.st_mode) ?
5109 open_directory(conn, req, fname, &sbuf1,
5111 FILE_SHARE_READ|FILE_SHARE_WRITE,
5112 FILE_OPEN, 0, 0, NULL,
5114 : open_file_ntcreate(conn, req, fname, &sbuf1,
5116 FILE_SHARE_READ|FILE_SHARE_WRITE,
5117 FILE_OPEN, 0, 0, 0, NULL,
5120 if (!NT_STATUS_IS_OK(status)) {
5121 DEBUG(3,("rename_internals: open_file_ntcreate "
5122 "returned %s rename %s -> %s\n",
5123 nt_errstr(status), directory, newname));
5127 status = rename_internals_fsp(conn, fsp, destname, attrs,
5130 close_file(fsp, NORMAL_CLOSE);
5132 if (!NT_STATUS_IS_OK(status)) {
5133 DEBUG(3, ("rename_internals_fsp returned %s for "
5134 "rename %s -> %s\n", nt_errstr(status),
5135 directory, newname));
5141 DEBUG(3,("rename_internals: doing rename on %s -> "
5142 "%s\n",fname,destname));
5146 if (count == 0 && NT_STATUS_IS_OK(status)) {
5147 status = map_nt_error_from_unix(errno);
5153 /****************************************************************************
5155 ****************************************************************************/
5157 int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
5164 uint32 attrs = SVAL(inbuf,smb_vwv0);
5166 BOOL src_has_wcard = False;
5167 BOOL dest_has_wcard = False;
5168 struct smb_request req;
5170 START_PROFILE(SMBmv);
5172 init_smb_request(&req, (uint8 *)inbuf);
5174 p = smb_buf(inbuf) + 1;
5175 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, p,
5176 sizeof(name), 0, STR_TERMINATE, &status,
5178 if (!NT_STATUS_IS_OK(status)) {
5180 return ERROR_NT(status);
5183 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), newname, p,
5184 sizeof(newname), 0, STR_TERMINATE, &status,
5186 if (!NT_STATUS_IS_OK(status)) {
5188 return ERROR_NT(status);
5191 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &src_has_wcard);
5192 if (!NT_STATUS_IS_OK(status)) {
5194 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5195 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5197 return ERROR_NT(status);
5200 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wcard);
5201 if (!NT_STATUS_IS_OK(status)) {
5203 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5204 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5206 return ERROR_NT(status);
5209 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
5211 status = rename_internals(conn, &req, name, newname, attrs, False,
5212 src_has_wcard, dest_has_wcard);
5213 if (!NT_STATUS_IS_OK(status)) {
5215 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
5216 /* We have re-scheduled this call. */
5219 return ERROR_NT(status);
5222 outsize = set_message(inbuf,outbuf,0,0,False);
5228 /*******************************************************************
5229 Copy a file as part of a reply_copy.
5230 ******************************************************************/
5233 * TODO: check error codes on all callers
5236 NTSTATUS copy_file(connection_struct *conn,
5241 BOOL target_is_directory)
5243 SMB_STRUCT_STAT src_sbuf, sbuf2;
5245 files_struct *fsp1,*fsp2;
5248 uint32 new_create_disposition;
5251 pstrcpy(dest,dest1);
5252 if (target_is_directory) {
5253 char *p = strrchr_m(src,'/');
5263 if (!vfs_file_exist(conn,src,&src_sbuf)) {
5264 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
5267 if (!target_is_directory && count) {
5268 new_create_disposition = FILE_OPEN;
5270 if (!map_open_params_to_ntcreate(dest1,0,ofun,
5271 NULL, NULL, &new_create_disposition, NULL)) {
5272 return NT_STATUS_INVALID_PARAMETER;
5276 status = open_file_ntcreate(conn, NULL, src, &src_sbuf,
5278 FILE_SHARE_READ|FILE_SHARE_WRITE,
5281 FILE_ATTRIBUTE_NORMAL,
5285 if (!NT_STATUS_IS_OK(status)) {
5289 dosattrs = dos_mode(conn, src, &src_sbuf);
5290 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
5291 ZERO_STRUCTP(&sbuf2);
5294 status = open_file_ntcreate(conn, NULL, dest, &sbuf2,
5296 FILE_SHARE_READ|FILE_SHARE_WRITE,
5297 new_create_disposition,
5303 if (!NT_STATUS_IS_OK(status)) {
5304 close_file(fsp1,ERROR_CLOSE);
5308 if ((ofun&3) == 1) {
5309 if(SMB_VFS_LSEEK(fsp2,fsp2->fh->fd,0,SEEK_END) == -1) {
5310 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
5312 * Stop the copy from occurring.
5315 src_sbuf.st_size = 0;
5319 if (src_sbuf.st_size) {
5320 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
5323 close_file(fsp1,NORMAL_CLOSE);
5325 /* Ensure the modtime is set correctly on the destination file. */
5326 fsp_set_pending_modtime( fsp2, get_mtimespec(&src_sbuf));
5329 * As we are opening fsp1 read-only we only expect
5330 * an error on close on fsp2 if we are out of space.
5331 * Thus we don't look at the error return from the
5334 status = close_file(fsp2,NORMAL_CLOSE);
5336 if (!NT_STATUS_IS_OK(status)) {
5340 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
5341 return NT_STATUS_DISK_FULL;
5344 return NT_STATUS_OK;
5347 /****************************************************************************
5348 Reply to a file copy.
5349 ****************************************************************************/
5351 int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5356 pstring mask,newname;
5359 int error = ERRnoaccess;
5361 int tid2 = SVAL(inbuf,smb_vwv0);
5362 int ofun = SVAL(inbuf,smb_vwv1);
5363 int flags = SVAL(inbuf,smb_vwv2);
5364 BOOL target_is_directory=False;
5365 BOOL source_has_wild = False;
5366 BOOL dest_has_wild = False;
5367 SMB_STRUCT_STAT sbuf1, sbuf2;
5369 START_PROFILE(SMBcopy);
5371 *directory = *mask = 0;
5374 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, p,
5375 sizeof(name), 0, STR_TERMINATE, &status,
5377 if (!NT_STATUS_IS_OK(status)) {
5378 END_PROFILE(SMBcopy);
5379 return ERROR_NT(status);
5381 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), newname, p,
5382 sizeof(newname), 0, STR_TERMINATE, &status,
5384 if (!NT_STATUS_IS_OK(status)) {
5385 END_PROFILE(SMBcopy);
5386 return ERROR_NT(status);
5389 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
5391 if (tid2 != conn->cnum) {
5392 /* can't currently handle inter share copies XXXX */
5393 DEBUG(3,("Rejecting inter-share copy\n"));
5394 END_PROFILE(SMBcopy);
5395 return ERROR_DOS(ERRSRV,ERRinvdevice);
5398 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &source_has_wild);
5399 if (!NT_STATUS_IS_OK(status)) {
5400 END_PROFILE(SMBcopy);
5401 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5402 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5404 return ERROR_NT(status);
5407 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wild);
5408 if (!NT_STATUS_IS_OK(status)) {
5409 END_PROFILE(SMBcopy);
5410 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5411 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5413 return ERROR_NT(status);
5416 status = unix_convert(conn, name, source_has_wild, NULL, &sbuf1);
5417 if (!NT_STATUS_IS_OK(status)) {
5418 END_PROFILE(SMBcopy);
5419 return ERROR_NT(status);
5422 status = unix_convert(conn, newname, dest_has_wild, NULL, &sbuf2);
5423 if (!NT_STATUS_IS_OK(status)) {
5424 END_PROFILE(SMBcopy);
5425 return ERROR_NT(status);
5428 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
5430 if ((flags&1) && target_is_directory) {
5431 END_PROFILE(SMBcopy);
5432 return ERROR_DOS(ERRDOS,ERRbadfile);
5435 if ((flags&2) && !target_is_directory) {
5436 END_PROFILE(SMBcopy);
5437 return ERROR_DOS(ERRDOS,ERRbadpath);
5440 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
5441 /* wants a tree copy! XXXX */
5442 DEBUG(3,("Rejecting tree copy\n"));
5443 END_PROFILE(SMBcopy);
5444 return ERROR_DOS(ERRSRV,ERRerror);
5447 p = strrchr_m(name,'/');
5449 pstrcpy(directory,"./");
5453 pstrcpy(directory,name);
5458 * We should only check the mangled cache
5459 * here if unix_convert failed. This means
5460 * that the path in 'mask' doesn't exist
5461 * on the file system and so we need to look
5462 * for a possible mangle. This patch from
5463 * Tine Smukavec <valentin.smukavec@hermes.si>.
5466 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
5467 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
5470 if (!source_has_wild) {
5471 pstrcat(directory,"/");
5472 pstrcat(directory,mask);
5473 if (dest_has_wild) {
5474 if (!resolve_wildcards(directory,newname)) {
5475 END_PROFILE(SMBcopy);
5476 return ERROR_NT(NT_STATUS_NO_MEMORY);
5480 status = check_name(conn, directory);
5481 if (!NT_STATUS_IS_OK(status)) {
5482 return ERROR_NT(status);
5485 status = check_name(conn, newname);
5486 if (!NT_STATUS_IS_OK(status)) {
5487 return ERROR_NT(status);
5490 status = copy_file(conn,directory,newname,ofun,
5491 count,target_is_directory);
5493 if(!NT_STATUS_IS_OK(status)) {
5494 END_PROFILE(SMBcopy);
5495 return ERROR_NT(status);
5500 struct smb_Dir *dir_hnd = NULL;
5505 if (strequal(mask,"????????.???"))
5508 status = check_name(conn, directory);
5509 if (!NT_STATUS_IS_OK(status)) {
5510 return ERROR_NT(status);
5513 dir_hnd = OpenDir(conn, directory, mask, 0);
5514 if (dir_hnd == NULL) {
5515 status = map_nt_error_from_unix(errno);
5516 return ERROR_NT(status);
5521 while ((dname = ReadDirName(dir_hnd, &offset))) {
5523 pstrcpy(fname,dname);
5525 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
5529 if(!mask_match(fname, mask, conn->case_sensitive)) {
5533 error = ERRnoaccess;
5534 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
5535 pstrcpy(destname,newname);
5536 if (!resolve_wildcards(fname,destname)) {
5540 status = check_name(conn, fname);
5541 if (!NT_STATUS_IS_OK(status)) {
5542 return ERROR_NT(status);
5545 status = check_name(conn, destname);
5546 if (!NT_STATUS_IS_OK(status)) {
5547 return ERROR_NT(status);
5550 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname));
5552 status = copy_file(conn,fname,destname,ofun,
5553 count,target_is_directory);
5554 if (NT_STATUS_IS_OK(status)) {
5563 /* Error on close... */
5565 END_PROFILE(SMBcopy);
5566 return(UNIXERROR(ERRHRD,ERRgeneral));
5569 END_PROFILE(SMBcopy);
5570 return ERROR_DOS(ERRDOS,error);
5573 outsize = set_message(inbuf,outbuf,1,0,True);
5574 SSVAL(outbuf,smb_vwv0,count);
5576 END_PROFILE(SMBcopy);
5580 /****************************************************************************
5582 ****************************************************************************/
5584 int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5591 START_PROFILE(pathworks_setdir);
5594 if (!CAN_SETDIR(snum)) {
5595 END_PROFILE(pathworks_setdir);
5596 return ERROR_DOS(ERRDOS,ERRnoaccess);
5599 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), newdir,
5600 smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE,
5602 if (!NT_STATUS_IS_OK(status)) {
5603 END_PROFILE(pathworks_setdir);
5604 return ERROR_NT(status);
5607 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newdir);
5608 if (!NT_STATUS_IS_OK(status)) {
5609 END_PROFILE(pathworks_setdir);
5610 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5611 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5613 return ERROR_NT(status);
5616 if (strlen(newdir) != 0) {
5617 if (!vfs_directory_exist(conn,newdir,NULL)) {
5618 END_PROFILE(pathworks_setdir);
5619 return ERROR_DOS(ERRDOS,ERRbadpath);
5621 set_conn_connectpath(conn,newdir);
5624 outsize = set_message(inbuf,outbuf,0,0,False);
5625 SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh));
5627 DEBUG(3,("setdir %s\n", newdir));
5629 END_PROFILE(pathworks_setdir);
5634 #define DBGC_CLASS DBGC_LOCKING
5636 /****************************************************************************
5637 Get a lock pid, dealing with large count requests.
5638 ****************************************************************************/
5640 uint32 get_lock_pid( char *data, int data_offset, BOOL large_file_format)
5642 if(!large_file_format)
5643 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
5645 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
5648 /****************************************************************************
5649 Get a lock count, dealing with large count requests.
5650 ****************************************************************************/
5652 SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format)
5654 SMB_BIG_UINT count = 0;
5656 if(!large_file_format) {
5657 count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
5660 #if defined(HAVE_LONGLONG)
5661 count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
5662 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
5663 #else /* HAVE_LONGLONG */
5666 * NT4.x seems to be broken in that it sends large file (64 bit)
5667 * lockingX calls even if the CAP_LARGE_FILES was *not*
5668 * negotiated. For boxes without large unsigned ints truncate the
5669 * lock count by dropping the top 32 bits.
5672 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
5673 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
5674 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
5675 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
5676 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
5679 count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
5680 #endif /* HAVE_LONGLONG */
5686 #if !defined(HAVE_LONGLONG)
5687 /****************************************************************************
5688 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
5689 ****************************************************************************/
5691 static uint32 map_lock_offset(uint32 high, uint32 low)
5695 uint32 highcopy = high;
5698 * Try and find out how many significant bits there are in high.
5701 for(i = 0; highcopy; i++)
5705 * We use 31 bits not 32 here as POSIX
5706 * lock offsets may not be negative.
5709 mask = (~0) << (31 - i);
5712 return 0; /* Fail. */
5718 #endif /* !defined(HAVE_LONGLONG) */
5720 /****************************************************************************
5721 Get a lock offset, dealing with large offset requests.
5722 ****************************************************************************/
5724 SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err)
5726 SMB_BIG_UINT offset = 0;
5730 if(!large_file_format) {
5731 offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
5734 #if defined(HAVE_LONGLONG)
5735 offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
5736 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
5737 #else /* HAVE_LONGLONG */
5740 * NT4.x seems to be broken in that it sends large file (64 bit)
5741 * lockingX calls even if the CAP_LARGE_FILES was *not*
5742 * negotiated. For boxes without large unsigned ints mangle the
5743 * lock offset by mapping the top 32 bits onto the lower 32.
5746 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
5747 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5748 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
5751 if((new_low = map_lock_offset(high, low)) == 0) {
5753 return (SMB_BIG_UINT)-1;
5756 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
5757 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
5758 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
5759 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
5762 offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5763 #endif /* HAVE_LONGLONG */
5769 /****************************************************************************
5770 Reply to a lockingX request.
5771 ****************************************************************************/
5773 void reply_lockingX(connection_struct *conn, struct smb_request *req)
5776 unsigned char locktype;
5777 unsigned char oplocklevel;
5780 SMB_BIG_UINT count = 0, offset = 0;
5785 BOOL large_file_format;
5787 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
5789 char *inbuf, *outbuf;
5790 int length, bufsize;
5792 START_PROFILE(SMBlockingX);
5794 if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) {
5795 reply_nterror(req, NT_STATUS_NO_MEMORY);
5796 END_PROFILE(SMBlockingX);
5800 if (CVAL(inbuf, smb_wct) < 8) {
5801 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5802 END_PROFILE(SMBlockingX);
5806 fsp = file_fsp(SVAL(inbuf,smb_vwv2));
5807 locktype = CVAL(inbuf,smb_vwv3);
5808 oplocklevel = CVAL(inbuf,smb_vwv3+1);
5809 num_ulocks = SVAL(inbuf,smb_vwv6);
5810 num_locks = SVAL(inbuf,smb_vwv7);
5811 lock_timeout = IVAL(inbuf,smb_vwv4);
5812 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
5814 if (!check_fsp(conn, req, fsp, ¤t_user)) {
5818 data = smb_buf(inbuf);
5820 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
5821 /* we don't support these - and CANCEL_LOCK makes w2k
5822 and XP reboot so I don't really want to be
5823 compatible! (tridge) */
5824 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
5825 END_PROFILE(SMBlockingX);
5829 /* Check if this is an oplock break on a file
5830 we have granted an oplock on.
5832 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
5833 /* Client can insist on breaking to none. */
5834 BOOL break_to_none = (oplocklevel == 0);
5837 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
5838 "for fnum = %d\n", (unsigned int)oplocklevel,
5842 * Make sure we have granted an exclusive or batch oplock on
5846 if (fsp->oplock_type == 0) {
5848 /* The Samba4 nbench simulator doesn't understand
5849 the difference between break to level2 and break
5850 to none from level2 - it sends oplock break
5851 replies in both cases. Don't keep logging an error
5852 message here - just ignore it. JRA. */
5854 DEBUG(5,("reply_lockingX: Error : oplock break from "
5855 "client for fnum = %d (oplock=%d) and no "
5856 "oplock granted on this file (%s).\n",
5857 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
5859 /* if this is a pure oplock break request then don't
5861 if (num_locks == 0 && num_ulocks == 0) {
5862 END_PROFILE(SMBlockingX);
5863 reply_post_legacy(req, -1);
5866 END_PROFILE(SMBlockingX);
5867 reply_doserror(req, ERRDOS, ERRlock);
5872 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
5874 result = remove_oplock(fsp);
5876 result = downgrade_oplock(fsp);
5880 DEBUG(0, ("reply_lockingX: error in removing "
5881 "oplock on file %s\n", fsp->fsp_name));
5882 /* Hmmm. Is this panic justified? */
5883 smb_panic("internal tdb error");
5886 reply_to_oplock_break_requests(fsp);
5888 /* if this is a pure oplock break request then don't send a
5890 if (num_locks == 0 && num_ulocks == 0) {
5891 /* Sanity check - ensure a pure oplock break is not a
5893 if(CVAL(inbuf,smb_vwv0) != 0xff)
5894 DEBUG(0,("reply_lockingX: Error : pure oplock "
5895 "break is a chained %d request !\n",
5896 (unsigned int)CVAL(inbuf,smb_vwv0) ));
5897 END_PROFILE(SMBlockingX);
5898 reply_post_legacy(req, -1);
5904 * We do this check *after* we have checked this is not a oplock break
5905 * response message. JRA.
5908 release_level_2_oplocks_on_change(fsp);
5910 /* Data now points at the beginning of the list
5911 of smb_unlkrng structs */
5912 for(i = 0; i < (int)num_ulocks; i++) {
5913 lock_pid = get_lock_pid( data, i, large_file_format);
5914 count = get_lock_count( data, i, large_file_format);
5915 offset = get_lock_offset( data, i, large_file_format, &err);
5918 * There is no error code marked "stupid client bug".... :-).
5921 END_PROFILE(SMBlockingX);
5922 reply_doserror(req, ERRDOS, ERRnoaccess);
5926 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
5927 "pid %u, file %s\n", (double)offset, (double)count,
5928 (unsigned int)lock_pid, fsp->fsp_name ));
5930 status = do_unlock(smbd_messaging_context(),
5937 if (NT_STATUS_V(status)) {
5938 END_PROFILE(SMBlockingX);
5939 reply_nterror(req, status);
5944 /* Setup the timeout in seconds. */
5946 if (!lp_blocking_locks(SNUM(conn))) {
5950 /* Now do any requested locks */
5951 data += ((large_file_format ? 20 : 10)*num_ulocks);
5953 /* Data now points at the beginning of the list
5954 of smb_lkrng structs */
5956 for(i = 0; i < (int)num_locks; i++) {
5957 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
5958 READ_LOCK:WRITE_LOCK);
5959 lock_pid = get_lock_pid( data, i, large_file_format);
5960 count = get_lock_count( data, i, large_file_format);
5961 offset = get_lock_offset( data, i, large_file_format, &err);
5964 * There is no error code marked "stupid client bug".... :-).
5967 END_PROFILE(SMBlockingX);
5968 reply_doserror(req, ERRDOS, ERRnoaccess);
5972 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
5973 "%u, file %s timeout = %d\n", (double)offset,
5974 (double)count, (unsigned int)lock_pid,
5975 fsp->fsp_name, (int)lock_timeout ));
5977 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
5978 if (lp_blocking_locks(SNUM(conn))) {
5980 /* Schedule a message to ourselves to
5981 remove the blocking lock record and
5982 return the right error. */
5984 if (!blocking_lock_cancel(fsp,
5990 NT_STATUS_FILE_LOCK_CONFLICT)) {
5991 END_PROFILE(SMBlockingX);
5996 ERRcancelviolation));
6000 /* Remove a matching pending lock. */
6001 status = do_lock_cancel(fsp,
6007 BOOL blocking_lock = lock_timeout ? True : False;
6008 BOOL defer_lock = False;
6009 struct byte_range_lock *br_lck;
6010 uint32 block_smbpid;
6012 br_lck = do_lock(smbd_messaging_context(),
6023 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
6024 /* Windows internal resolution for blocking locks seems
6025 to be about 200ms... Don't wait for less than that. JRA. */
6026 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
6027 lock_timeout = lp_lock_spin_time();
6032 /* This heuristic seems to match W2K3 very well. If a
6033 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
6034 it pretends we asked for a timeout of between 150 - 300 milliseconds as
6035 far as I can tell. Replacement for do_lock_spin(). JRA. */
6037 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
6038 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
6040 lock_timeout = lp_lock_spin_time();
6043 if (br_lck && defer_lock) {
6045 * A blocking lock was requested. Package up
6046 * this smb into a queued request and push it
6047 * onto the blocking lock queue.
6049 if(push_blocking_lock_request(br_lck,
6060 TALLOC_FREE(br_lck);
6061 END_PROFILE(SMBlockingX);
6062 reply_post_legacy(req, -1);
6067 TALLOC_FREE(br_lck);
6070 if (NT_STATUS_V(status)) {
6071 END_PROFILE(SMBlockingX);
6072 reply_nterror(req, status);
6077 /* If any of the above locks failed, then we must unlock
6078 all of the previous locks (X/Open spec). */
6080 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
6084 * Ensure we don't do a remove on the lock that just failed,
6085 * as under POSIX rules, if we have a lock already there, we
6086 * will delete it (and we shouldn't) .....
6088 for(i--; i >= 0; i--) {
6089 lock_pid = get_lock_pid( data, i, large_file_format);
6090 count = get_lock_count( data, i, large_file_format);
6091 offset = get_lock_offset( data, i, large_file_format,
6095 * There is no error code marked "stupid client
6099 END_PROFILE(SMBlockingX);
6100 reply_doserror(req, ERRDOS, ERRnoaccess);
6104 do_unlock(smbd_messaging_context(),
6111 END_PROFILE(SMBlockingX);
6112 reply_nterror(req, status);
6116 set_message(inbuf,outbuf,2,0,True);
6118 reply_post_legacy(req, smb_len(outbuf)+4);
6120 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
6121 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
6123 END_PROFILE(SMBlockingX);
6124 chain_reply_new(req);
6128 #define DBGC_CLASS DBGC_ALL
6130 /****************************************************************************
6131 Reply to a SMBreadbmpx (read block multiplex) request.
6132 ****************************************************************************/
6134 int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
6145 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6146 START_PROFILE(SMBreadBmpx);
6148 /* this function doesn't seem to work - disable by default */
6149 if (!lp_readbmpx()) {
6150 END_PROFILE(SMBreadBmpx);
6151 return ERROR_DOS(ERRSRV,ERRuseSTD);
6154 outsize = set_message(inbuf,outbuf,8,0,True);
6156 CHECK_FSP(fsp,conn);
6157 if (!CHECK_READ(fsp,inbuf)) {
6158 return(ERROR_DOS(ERRDOS,ERRbadaccess));
6161 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
6162 maxcount = SVAL(inbuf,smb_vwv3);
6164 data = smb_buf(outbuf);
6165 pad = ((long)data)%4;
6170 max_per_packet = bufsize-(outsize+pad);
6174 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
6175 END_PROFILE(SMBreadBmpx);
6176 return ERROR_DOS(ERRDOS,ERRlock);
6180 size_t N = MIN(max_per_packet,tcount-total_read);
6182 nread = read_file(fsp,data,startpos,N);
6187 if (nread < (ssize_t)N)
6188 tcount = total_read + nread;
6190 set_message(inbuf,outbuf,8,nread+pad,False);
6191 SIVAL(outbuf,smb_vwv0,startpos);
6192 SSVAL(outbuf,smb_vwv2,tcount);
6193 SSVAL(outbuf,smb_vwv6,nread);
6194 SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf));
6197 if (!send_smb(smbd_server_fd(),outbuf))
6198 exit_server_cleanly("reply_readbmpx: send_smb failed.");
6200 total_read += nread;
6202 } while (total_read < (ssize_t)tcount);
6204 END_PROFILE(SMBreadBmpx);
6208 /****************************************************************************
6209 Reply to a SMBsetattrE.
6210 ****************************************************************************/
6212 int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
6214 struct timespec ts[2];
6216 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6217 START_PROFILE(SMBsetattrE);
6219 outsize = set_message(inbuf,outbuf,0,0,False);
6221 if(!fsp || (fsp->conn != conn)) {
6222 END_PROFILE(SMBsetattrE);
6223 return ERROR_DOS(ERRDOS,ERRbadfid);
6227 * Convert the DOS times into unix times. Ignore create
6228 * time as UNIX can't set this.
6231 ts[0] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv3)); /* atime. */
6232 ts[1] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv5)); /* mtime. */
6235 * Patch from Ray Frush <frush@engr.colostate.edu>
6236 * Sometimes times are sent as zero - ignore them.
6239 if (null_timespec(ts[0]) && null_timespec(ts[1])) {
6240 /* Ignore request */
6241 if( DEBUGLVL( 3 ) ) {
6242 dbgtext( "reply_setattrE fnum=%d ", fsp->fnum);
6243 dbgtext( "ignoring zero request - not setting timestamps of 0\n" );
6245 END_PROFILE(SMBsetattrE);
6247 } else if (!null_timespec(ts[0]) && null_timespec(ts[1])) {
6248 /* set modify time = to access time if modify time was unset */
6252 /* Set the date on this file */
6253 /* Should we set pending modtime here ? JRA */
6254 if(file_ntimes(conn, fsp->fsp_name, ts)) {
6255 END_PROFILE(SMBsetattrE);
6256 return ERROR_DOS(ERRDOS,ERRnoaccess);
6259 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n",
6261 (unsigned int)ts[0].tv_sec,
6262 (unsigned int)ts[1].tv_sec));
6264 END_PROFILE(SMBsetattrE);
6269 /* Back from the dead for OS/2..... JRA. */
6271 /****************************************************************************
6272 Reply to a SMBwritebmpx (write block multiplex primary) request.
6273 ****************************************************************************/
6275 int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
6278 ssize_t nwritten = -1;
6285 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6287 START_PROFILE(SMBwriteBmpx);
6289 CHECK_FSP(fsp,conn);
6290 if (!CHECK_WRITE(fsp)) {
6291 return(ERROR_DOS(ERRDOS,ERRbadaccess));
6293 if (HAS_CACHED_ERROR(fsp)) {
6294 return(CACHED_ERROR(fsp));
6297 tcount = SVAL(inbuf,smb_vwv1);
6298 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
6299 write_through = BITSETW(inbuf+smb_vwv7,0);
6300 numtowrite = SVAL(inbuf,smb_vwv10);
6301 smb_doff = SVAL(inbuf,smb_vwv11);
6303 data = smb_base(inbuf) + smb_doff;
6305 /* If this fails we need to send an SMBwriteC response,
6306 not an SMBwritebmpx - set this up now so we don't forget */
6307 SCVAL(outbuf,smb_com,SMBwritec);
6309 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) {
6310 END_PROFILE(SMBwriteBmpx);
6311 return(ERROR_DOS(ERRDOS,ERRlock));
6314 nwritten = write_file(fsp,data,startpos,numtowrite);
6316 status = sync_file(conn, fsp, write_through);
6317 if (!NT_STATUS_IS_OK(status)) {
6318 END_PROFILE(SMBwriteBmpx);
6319 DEBUG(5,("reply_writebmpx: sync_file for %s returned %s\n",
6320 fsp->fsp_name, nt_errstr(status) ));
6321 return ERROR_NT(status);
6324 if(nwritten < (ssize_t)numtowrite) {
6325 END_PROFILE(SMBwriteBmpx);
6326 return(UNIXERROR(ERRHRD,ERRdiskfull));
6329 /* If the maximum to be written to this file
6330 is greater than what we just wrote then set
6331 up a secondary struct to be attached to this
6332 fd, we will use this to cache error messages etc. */
6334 if((ssize_t)tcount > nwritten) {
6335 write_bmpx_struct *wbms;
6336 if(fsp->wbmpx_ptr != NULL)
6337 wbms = fsp->wbmpx_ptr; /* Use an existing struct */
6339 wbms = SMB_MALLOC_P(write_bmpx_struct);
6341 DEBUG(0,("Out of memory in reply_readmpx\n"));
6342 END_PROFILE(SMBwriteBmpx);
6343 return(ERROR_DOS(ERRSRV,ERRnoresource));
6345 wbms->wr_mode = write_through;
6346 wbms->wr_discard = False; /* No errors yet */
6347 wbms->wr_total_written = nwritten;
6348 wbms->wr_errclass = 0;
6350 fsp->wbmpx_ptr = wbms;
6353 /* We are returning successfully, set the message type back to
6355 SCVAL(outbuf,smb_com,SMBwriteBmpx);
6357 outsize = set_message(inbuf,outbuf,1,0,True);
6359 SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */
6361 DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n",
6362 fsp->fnum, (int)numtowrite, (int)nwritten ) );
6364 if (write_through && tcount==nwritten) {
6365 /* We need to send both a primary and a secondary response */
6366 smb_setlen(inbuf,outbuf,outsize - 4);
6368 if (!send_smb(smbd_server_fd(),outbuf))
6369 exit_server_cleanly("reply_writebmpx: send_smb failed.");
6371 /* Now the secondary */
6372 outsize = set_message(inbuf,outbuf,1,0,True);
6373 SCVAL(outbuf,smb_com,SMBwritec);
6374 SSVAL(outbuf,smb_vwv0,nwritten);
6377 END_PROFILE(SMBwriteBmpx);
6381 /****************************************************************************
6382 Reply to a SMBwritebs (write block multiplex secondary) request.
6383 ****************************************************************************/
6385 int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
6388 ssize_t nwritten = -1;
6395 write_bmpx_struct *wbms;
6396 BOOL send_response = False;
6397 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6399 START_PROFILE(SMBwriteBs);
6401 CHECK_FSP(fsp,conn);
6402 if (!CHECK_WRITE(fsp)) {
6403 return(ERROR_DOS(ERRDOS,ERRbadaccess));
6406 tcount = SVAL(inbuf,smb_vwv1);
6407 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
6408 numtowrite = SVAL(inbuf,smb_vwv6);
6409 smb_doff = SVAL(inbuf,smb_vwv7);
6411 data = smb_base(inbuf) + smb_doff;
6413 /* We need to send an SMBwriteC response, not an SMBwritebs */
6414 SCVAL(outbuf,smb_com,SMBwritec);
6416 /* This fd should have an auxiliary struct attached,
6417 check that it does */
6418 wbms = fsp->wbmpx_ptr;
6420 END_PROFILE(SMBwriteBs);
6424 /* If write through is set we can return errors, else we must cache them */
6425 write_through = wbms->wr_mode;
6427 /* Check for an earlier error */
6428 if(wbms->wr_discard) {
6429 END_PROFILE(SMBwriteBs);
6430 return -1; /* Just discard the packet */
6433 nwritten = write_file(fsp,data,startpos,numtowrite);
6435 status = sync_file(conn, fsp, write_through);
6437 if (nwritten < (ssize_t)numtowrite || !NT_STATUS_IS_OK(status)) {
6439 /* We are returning an error - we can delete the aux struct */
6442 fsp->wbmpx_ptr = NULL;
6443 END_PROFILE(SMBwriteBs);
6444 return(ERROR_DOS(ERRHRD,ERRdiskfull));
6446 wbms->wr_errclass = ERRHRD;
6447 wbms->wr_error = ERRdiskfull;
6448 wbms->wr_status = NT_STATUS_DISK_FULL;
6449 wbms->wr_discard = True;
6450 END_PROFILE(SMBwriteBs);
6454 /* Increment the total written, if this matches tcount
6455 we can discard the auxiliary struct (hurrah !) and return a writeC */
6456 wbms->wr_total_written += nwritten;
6457 if(wbms->wr_total_written >= tcount) {
6458 if (write_through) {
6459 outsize = set_message(inbuf,outbuf,1,0,True);
6460 SSVAL(outbuf,smb_vwv0,wbms->wr_total_written);
6461 send_response = True;
6465 fsp->wbmpx_ptr = NULL;
6469 END_PROFILE(SMBwriteBs);
6473 END_PROFILE(SMBwriteBs);
6477 /****************************************************************************
6478 Reply to a SMBgetattrE.
6479 ****************************************************************************/
6481 int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
6483 SMB_STRUCT_STAT sbuf;
6486 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6487 START_PROFILE(SMBgetattrE);
6489 outsize = set_message(inbuf,outbuf,11,0,True);
6491 if(!fsp || (fsp->conn != conn)) {
6492 END_PROFILE(SMBgetattrE);
6493 return ERROR_DOS(ERRDOS,ERRbadfid);
6496 /* Do an fstat on this file */
6497 if(fsp_stat(fsp, &sbuf)) {
6498 END_PROFILE(SMBgetattrE);
6499 return(UNIXERROR(ERRDOS,ERRnoaccess));
6502 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
6505 * Convert the times into dos times. Set create
6506 * date to be last modify date as UNIX doesn't save
6510 srv_put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn))));
6511 srv_put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime);
6512 /* Should we check pending modtime here ? JRA */
6513 srv_put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime);
6516 SIVAL(outbuf,smb_vwv6,0);
6517 SIVAL(outbuf,smb_vwv8,0);
6519 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
6520 SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size);
6521 SIVAL(outbuf,smb_vwv8,allocation_size);
6523 SSVAL(outbuf,smb_vwv10, mode);
6525 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
6527 END_PROFILE(SMBgetattrE);