2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "smbd/globals.h"
30 extern enum protocol_types Protocol;
32 /****************************************************************************
33 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
34 path or anything including wildcards.
35 We're assuming here that '/' is not the second byte in any multibyte char
36 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
38 ****************************************************************************/
40 /* Custom version for processing POSIX paths. */
41 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
43 static NTSTATUS check_path_syntax_internal(char *path,
45 bool *p_last_component_contains_wcard)
49 NTSTATUS ret = NT_STATUS_OK;
50 bool start_of_name_component = True;
51 bool stream_started = false;
53 *p_last_component_contains_wcard = False;
60 return NT_STATUS_OBJECT_NAME_INVALID;
63 return NT_STATUS_OBJECT_NAME_INVALID;
65 if (strchr_m(&s[1], ':')) {
66 return NT_STATUS_OBJECT_NAME_INVALID;
68 if (StrCaseCmp(s, ":$DATA") != 0) {
69 return NT_STATUS_INVALID_PARAMETER;
75 if (!posix_path && !stream_started && *s == ':') {
76 if (*p_last_component_contains_wcard) {
77 return NT_STATUS_OBJECT_NAME_INVALID;
79 /* Stream names allow more characters than file names.
80 We're overloading posix_path here to allow a wider
81 range of characters. If stream_started is true this
82 is still a Windows path even if posix_path is true.
85 stream_started = true;
86 start_of_name_component = false;
90 return NT_STATUS_OBJECT_NAME_INVALID;
94 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
96 * Safe to assume is not the second part of a mb char
97 * as this is handled below.
99 /* Eat multiple '/' or '\\' */
100 while (IS_PATH_SEP(*s,posix_path)) {
103 if ((d != path) && (*s != '\0')) {
104 /* We only care about non-leading or trailing '/' or '\\' */
108 start_of_name_component = True;
110 *p_last_component_contains_wcard = False;
114 if (start_of_name_component) {
115 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
116 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
119 * No mb char starts with '.' so we're safe checking the directory separator here.
122 /* If we just added a '/' - delete it */
123 if ((d > path) && (*(d-1) == '/')) {
128 /* Are we at the start ? Can't go back further if so. */
130 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
133 /* Go back one level... */
134 /* We know this is safe as '/' cannot be part of a mb sequence. */
135 /* NOTE - if this assumption is invalid we are not in good shape... */
136 /* Decrement d first as d points to the *next* char to write into. */
137 for (d--; d > path; d--) {
141 s += 2; /* Else go past the .. */
142 /* We're still at the start of a name component, just the previous one. */
145 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
157 if (*s <= 0x1f || *s == '|') {
158 return NT_STATUS_OBJECT_NAME_INVALID;
166 *p_last_component_contains_wcard = True;
175 /* Get the size of the next MB character. */
176 next_codepoint(s,&siz);
194 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
196 return NT_STATUS_INVALID_PARAMETER;
199 start_of_name_component = False;
207 /****************************************************************************
208 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
209 No wildcards allowed.
210 ****************************************************************************/
212 NTSTATUS check_path_syntax(char *path)
215 return check_path_syntax_internal(path, False, &ignore);
218 /****************************************************************************
219 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
220 Wildcards allowed - p_contains_wcard returns true if the last component contained
222 ****************************************************************************/
224 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
226 return check_path_syntax_internal(path, False, p_contains_wcard);
229 /****************************************************************************
230 Check the path for a POSIX client.
231 We're assuming here that '/' is not the second byte in any multibyte char
232 set (a safe assumption).
233 ****************************************************************************/
235 NTSTATUS check_path_syntax_posix(char *path)
238 return check_path_syntax_internal(path, True, &ignore);
241 /****************************************************************************
242 Pull a string and check the path allowing a wilcard - provide for error return.
243 ****************************************************************************/
245 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
246 const char *base_ptr,
253 bool *contains_wcard)
259 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
263 *err = NT_STATUS_INVALID_PARAMETER;
267 *contains_wcard = False;
269 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err = check_path_syntax_posix(*pp_dest);
281 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
287 /****************************************************************************
288 Pull a string and check the path - provide for error return.
289 ****************************************************************************/
291 size_t srvstr_get_path(TALLOC_CTX *ctx,
292 const char *base_ptr,
301 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
302 src_len, flags, err, &ignore);
305 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
306 char **pp_dest, const char *src, int flags,
307 NTSTATUS *err, bool *contains_wcard)
309 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
310 pp_dest, src, smbreq_bufrem(req, src),
311 flags, err, contains_wcard);
314 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
315 char **pp_dest, const char *src, int flags,
319 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
320 flags, err, &ignore);
323 /****************************************************************************
324 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
325 ****************************************************************************/
327 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
330 if (!(fsp) || !(conn)) {
331 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
334 if (((conn) != (fsp)->conn) || req->vuid != (fsp)->vuid) {
335 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
341 /****************************************************************************
342 Check if we have a correct fsp pointing to a file.
343 ****************************************************************************/
345 bool check_fsp(connection_struct *conn, struct smb_request *req,
348 if (!check_fsp_open(conn, req, fsp)) {
351 if ((fsp)->is_directory) {
352 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
355 if ((fsp)->fh->fd == -1) {
356 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
359 (fsp)->num_smb_operations++;
363 /****************************************************************************
364 Check if we have a correct fsp pointing to a quota fake file. Replacement for
365 the CHECK_NTQUOTA_HANDLE_OK macro.
366 ****************************************************************************/
368 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
371 if (!check_fsp_open(conn, req, fsp)) {
375 if (fsp->is_directory) {
379 if (fsp->fake_file_handle == NULL) {
383 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
387 if (fsp->fake_file_handle->private_data == NULL) {
394 /****************************************************************************
395 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
396 ****************************************************************************/
398 bool fsp_belongs_conn(connection_struct *conn, struct smb_request *req,
401 if ((fsp) && (conn) && ((conn)==(fsp)->conn)
402 && (req->vuid == (fsp)->vuid)) {
406 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
410 /****************************************************************************
411 Reply to a (netbios-level) special message.
412 ****************************************************************************/
414 void reply_special(char *inbuf)
416 int msg_type = CVAL(inbuf,0);
417 int msg_flags = CVAL(inbuf,1);
422 * We only really use 4 bytes of the outbuf, but for the smb_setlen
423 * calculation & friends (srv_send_smb uses that) we need the full smb
426 char outbuf[smb_size];
430 memset(outbuf, '\0', sizeof(outbuf));
432 smb_setlen(outbuf,0);
435 case 0x81: /* session request */
437 if (already_got_session) {
438 exit_server_cleanly("multiple session request not permitted");
441 SCVAL(outbuf,0,0x82);
443 if (name_len(inbuf+4) > 50 ||
444 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
445 DEBUG(0,("Invalid name length in session request\n"));
448 name_extract(inbuf,4,name1);
449 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
450 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
453 set_local_machine_name(name1, True);
454 set_remote_machine_name(name2, True);
456 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
457 get_local_machine_name(), get_remote_machine_name(),
460 if (name_type == 'R') {
461 /* We are being asked for a pathworks session ---
463 SCVAL(outbuf, 0,0x83);
467 /* only add the client's machine name to the list
468 of possibly valid usernames if we are operating
469 in share mode security */
470 if (lp_security() == SEC_SHARE) {
471 add_session_user(get_remote_machine_name());
474 reload_services(True);
477 already_got_session = True;
480 case 0x89: /* session keepalive request
481 (some old clients produce this?) */
482 SCVAL(outbuf,0,SMBkeepalive);
486 case 0x82: /* positive session response */
487 case 0x83: /* negative session response */
488 case 0x84: /* retarget session response */
489 DEBUG(0,("Unexpected session response\n"));
492 case SMBkeepalive: /* session keepalive */
497 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
498 msg_type, msg_flags));
500 srv_send_smb(smbd_server_fd(), outbuf, false, 0, false, NULL);
504 /****************************************************************************
506 conn POINTER CAN BE NULL HERE !
507 ****************************************************************************/
509 void reply_tcon(struct smb_request *req)
511 connection_struct *conn = req->conn;
513 char *service_buf = NULL;
514 char *password = NULL;
519 DATA_BLOB password_blob;
520 TALLOC_CTX *ctx = talloc_tos();
522 START_PROFILE(SMBtcon);
524 if (req->buflen < 4) {
525 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
526 END_PROFILE(SMBtcon);
530 p = (const char *)req->buf + 1;
531 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
533 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
535 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
538 if (service_buf == NULL || password == NULL || dev == NULL) {
539 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
540 END_PROFILE(SMBtcon);
543 p = strrchr_m(service_buf,'\\');
547 service = service_buf;
550 password_blob = data_blob(password, pwlen+1);
552 conn = make_connection(service,password_blob,dev,req->vuid,&nt_status);
555 data_blob_clear_free(&password_blob);
558 reply_nterror(req, nt_status);
559 END_PROFILE(SMBtcon);
563 reply_outbuf(req, 2, 0);
564 SSVAL(req->outbuf,smb_vwv0,max_recv);
565 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
566 SSVAL(req->outbuf,smb_tid,conn->cnum);
568 DEBUG(3,("tcon service=%s cnum=%d\n",
569 service, conn->cnum));
571 END_PROFILE(SMBtcon);
575 /****************************************************************************
576 Reply to a tcon and X.
577 conn POINTER CAN BE NULL HERE !
578 ****************************************************************************/
580 void reply_tcon_and_X(struct smb_request *req)
582 connection_struct *conn = req->conn;
583 const char *service = NULL;
585 TALLOC_CTX *ctx = talloc_tos();
586 /* what the cleint thinks the device is */
587 char *client_devicetype = NULL;
588 /* what the server tells the client the share represents */
589 const char *server_devicetype;
596 START_PROFILE(SMBtconX);
599 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
600 END_PROFILE(SMBtconX);
604 passlen = SVAL(req->vwv+3, 0);
605 tcon_flags = SVAL(req->vwv+2, 0);
607 /* we might have to close an old one */
608 if ((tcon_flags & 0x1) && conn) {
609 close_cnum(conn,req->vuid);
614 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
615 reply_doserror(req, ERRDOS, ERRbuftoosmall);
616 END_PROFILE(SMBtconX);
620 if (global_encrypted_passwords_negotiated) {
621 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
622 if (lp_security() == SEC_SHARE) {
624 * Security = share always has a pad byte
625 * after the password.
627 p = (const char *)req->buf + passlen + 1;
629 p = (const char *)req->buf + passlen;
632 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
633 /* Ensure correct termination */
634 password.data[passlen]=0;
635 p = (const char *)req->buf + passlen + 1;
638 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
641 data_blob_clear_free(&password);
642 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
643 END_PROFILE(SMBtconX);
648 * the service name can be either: \\server\share
649 * or share directly like on the DELL PowerVault 705
652 q = strchr_m(path+2,'\\');
654 data_blob_clear_free(&password);
655 reply_doserror(req, ERRDOS, ERRnosuchshare);
656 END_PROFILE(SMBtconX);
664 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
665 &client_devicetype, p,
666 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
668 if (client_devicetype == NULL) {
669 data_blob_clear_free(&password);
670 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
671 END_PROFILE(SMBtconX);
675 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
677 conn = make_connection(service, password, client_devicetype,
678 req->vuid, &nt_status);
681 data_blob_clear_free(&password);
684 reply_nterror(req, nt_status);
685 END_PROFILE(SMBtconX);
690 server_devicetype = "IPC";
691 else if ( IS_PRINT(conn) )
692 server_devicetype = "LPT1:";
694 server_devicetype = "A:";
696 if (Protocol < PROTOCOL_NT1) {
697 reply_outbuf(req, 2, 0);
698 if (message_push_string(&req->outbuf, server_devicetype,
699 STR_TERMINATE|STR_ASCII) == -1) {
700 reply_nterror(req, NT_STATUS_NO_MEMORY);
701 END_PROFILE(SMBtconX);
705 /* NT sets the fstype of IPC$ to the null string */
706 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
708 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
709 /* Return permissions. */
713 reply_outbuf(req, 7, 0);
716 perm1 = FILE_ALL_ACCESS;
717 perm2 = FILE_ALL_ACCESS;
719 perm1 = CAN_WRITE(conn) ?
724 SIVAL(req->outbuf, smb_vwv3, perm1);
725 SIVAL(req->outbuf, smb_vwv5, perm2);
727 reply_outbuf(req, 3, 0);
730 if ((message_push_string(&req->outbuf, server_devicetype,
731 STR_TERMINATE|STR_ASCII) == -1)
732 || (message_push_string(&req->outbuf, fstype,
733 STR_TERMINATE) == -1)) {
734 reply_nterror(req, NT_STATUS_NO_MEMORY);
735 END_PROFILE(SMBtconX);
739 /* what does setting this bit do? It is set by NT4 and
740 may affect the ability to autorun mounted cdroms */
741 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
742 (lp_csc_policy(SNUM(conn)) << 2));
744 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
745 DEBUG(2,("Serving %s as a Dfs root\n",
746 lp_servicename(SNUM(conn)) ));
747 SSVAL(req->outbuf, smb_vwv2,
748 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
753 DEBUG(3,("tconX service=%s \n",
756 /* set the incoming and outgoing tid to the just created one */
757 SSVAL(req->inbuf,smb_tid,conn->cnum);
758 SSVAL(req->outbuf,smb_tid,conn->cnum);
760 END_PROFILE(SMBtconX);
766 /****************************************************************************
767 Reply to an unknown type.
768 ****************************************************************************/
770 void reply_unknown_new(struct smb_request *req, uint8 type)
772 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
773 smb_fn_name(type), type, type));
774 reply_doserror(req, ERRSRV, ERRunknownsmb);
778 /****************************************************************************
780 conn POINTER CAN BE NULL HERE !
781 ****************************************************************************/
783 void reply_ioctl(struct smb_request *req)
785 connection_struct *conn = req->conn;
792 START_PROFILE(SMBioctl);
795 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
796 END_PROFILE(SMBioctl);
800 device = SVAL(req->vwv+1, 0);
801 function = SVAL(req->vwv+2, 0);
802 ioctl_code = (device << 16) + function;
804 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
806 switch (ioctl_code) {
807 case IOCTL_QUERY_JOB_INFO:
811 reply_doserror(req, ERRSRV, ERRnosupport);
812 END_PROFILE(SMBioctl);
816 reply_outbuf(req, 8, replysize+1);
817 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
818 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
819 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
820 p = smb_buf(req->outbuf);
821 memset(p, '\0', replysize+1); /* valgrind-safe. */
822 p += 1; /* Allow for alignment */
824 switch (ioctl_code) {
825 case IOCTL_QUERY_JOB_INFO:
827 files_struct *fsp = file_fsp(
828 req, SVAL(req->vwv+0, 0));
830 reply_doserror(req, ERRDOS, ERRbadfid);
831 END_PROFILE(SMBioctl);
834 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
835 srvstr_push((char *)req->outbuf, req->flags2, p+2,
837 STR_TERMINATE|STR_ASCII);
839 srvstr_push((char *)req->outbuf, req->flags2,
840 p+18, lp_servicename(SNUM(conn)),
841 13, STR_TERMINATE|STR_ASCII);
849 END_PROFILE(SMBioctl);
853 /****************************************************************************
854 Strange checkpath NTSTATUS mapping.
855 ****************************************************************************/
857 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
859 /* Strange DOS error code semantics only for checkpath... */
860 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
861 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
862 /* We need to map to ERRbadpath */
863 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
869 /****************************************************************************
870 Reply to a checkpath.
871 ****************************************************************************/
873 void reply_checkpath(struct smb_request *req)
875 connection_struct *conn = req->conn;
877 SMB_STRUCT_STAT sbuf;
879 TALLOC_CTX *ctx = talloc_tos();
881 START_PROFILE(SMBcheckpath);
883 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
884 STR_TERMINATE, &status);
886 if (!NT_STATUS_IS_OK(status)) {
887 status = map_checkpath_error(req->flags2, status);
888 reply_nterror(req, status);
889 END_PROFILE(SMBcheckpath);
893 status = resolve_dfspath(ctx, conn,
894 req->flags2 & FLAGS2_DFS_PATHNAMES,
897 if (!NT_STATUS_IS_OK(status)) {
898 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
899 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
901 END_PROFILE(SMBcheckpath);
907 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
909 status = unix_convert(ctx, conn, name, False, &name, NULL, &sbuf);
910 if (!NT_STATUS_IS_OK(status)) {
914 status = check_name(conn, name);
915 if (!NT_STATUS_IS_OK(status)) {
916 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
920 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) {
921 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
922 status = map_nt_error_from_unix(errno);
926 if (!S_ISDIR(sbuf.st_mode)) {
927 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
929 END_PROFILE(SMBcheckpath);
933 reply_outbuf(req, 0, 0);
935 END_PROFILE(SMBcheckpath);
940 END_PROFILE(SMBcheckpath);
942 /* We special case this - as when a Windows machine
943 is parsing a path is steps through the components
944 one at a time - if a component fails it expects
945 ERRbadpath, not ERRbadfile.
947 status = map_checkpath_error(req->flags2, status);
948 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
950 * Windows returns different error codes if
951 * the parent directory is valid but not the
952 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
953 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
954 * if the path is invalid.
956 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
961 reply_nterror(req, status);
964 /****************************************************************************
966 ****************************************************************************/
968 void reply_getatr(struct smb_request *req)
970 connection_struct *conn = req->conn;
972 SMB_STRUCT_STAT sbuf;
978 TALLOC_CTX *ctx = talloc_tos();
980 START_PROFILE(SMBgetatr);
982 p = (const char *)req->buf + 1;
983 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
984 if (!NT_STATUS_IS_OK(status)) {
985 reply_nterror(req, status);
986 END_PROFILE(SMBgetatr);
990 status = resolve_dfspath(ctx, conn,
991 req->flags2 & FLAGS2_DFS_PATHNAMES,
994 if (!NT_STATUS_IS_OK(status)) {
995 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
996 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
998 END_PROFILE(SMBgetatr);
1001 reply_nterror(req, status);
1002 END_PROFILE(SMBgetatr);
1006 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1007 under WfWg - weird! */
1008 if (*fname == '\0') {
1009 mode = aHIDDEN | aDIR;
1010 if (!CAN_WRITE(conn)) {
1016 status = unix_convert(ctx, conn, fname, False, &fname, NULL,&sbuf);
1017 if (!NT_STATUS_IS_OK(status)) {
1018 reply_nterror(req, status);
1019 END_PROFILE(SMBgetatr);
1022 status = check_name(conn, fname);
1023 if (!NT_STATUS_IS_OK(status)) {
1024 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
1025 reply_nterror(req, status);
1026 END_PROFILE(SMBgetatr);
1029 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) {
1030 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
1031 reply_unixerror(req, ERRDOS,ERRbadfile);
1032 END_PROFILE(SMBgetatr);
1036 mode = dos_mode(conn,fname,&sbuf);
1037 size = sbuf.st_size;
1038 mtime = sbuf.st_mtime;
1044 reply_outbuf(req, 10, 0);
1046 SSVAL(req->outbuf,smb_vwv0,mode);
1047 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1048 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1050 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1052 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1054 if (Protocol >= PROTOCOL_NT1) {
1055 SSVAL(req->outbuf, smb_flg2,
1056 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1059 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
1061 END_PROFILE(SMBgetatr);
1065 /****************************************************************************
1067 ****************************************************************************/
1069 void reply_setatr(struct smb_request *req)
1071 struct smb_file_time ft;
1072 connection_struct *conn = req->conn;
1076 SMB_STRUCT_STAT sbuf;
1079 TALLOC_CTX *ctx = talloc_tos();
1081 START_PROFILE(SMBsetatr);
1086 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1090 p = (const char *)req->buf + 1;
1091 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1092 if (!NT_STATUS_IS_OK(status)) {
1093 reply_nterror(req, status);
1094 END_PROFILE(SMBsetatr);
1098 status = resolve_dfspath(ctx, conn,
1099 req->flags2 & FLAGS2_DFS_PATHNAMES,
1102 if (!NT_STATUS_IS_OK(status)) {
1103 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1104 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1105 ERRSRV, ERRbadpath);
1106 END_PROFILE(SMBsetatr);
1109 reply_nterror(req, status);
1110 END_PROFILE(SMBsetatr);
1114 status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
1115 if (!NT_STATUS_IS_OK(status)) {
1116 reply_nterror(req, status);
1117 END_PROFILE(SMBsetatr);
1121 status = check_name(conn, fname);
1122 if (!NT_STATUS_IS_OK(status)) {
1123 reply_nterror(req, status);
1124 END_PROFILE(SMBsetatr);
1128 if (fname[0] == '.' && fname[1] == '\0') {
1130 * Not sure here is the right place to catch this
1131 * condition. Might be moved to somewhere else later -- vl
1133 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1134 END_PROFILE(SMBsetatr);
1138 mode = SVAL(req->vwv+0, 0);
1139 mtime = srv_make_unix_date3(req->vwv+1);
1141 ft.mtime = convert_time_t_to_timespec(mtime);
1142 status = smb_set_file_time(conn, NULL, fname,
1144 if (!NT_STATUS_IS_OK(status)) {
1145 reply_unixerror(req, ERRDOS, ERRnoaccess);
1146 END_PROFILE(SMBsetatr);
1150 if (mode != FILE_ATTRIBUTE_NORMAL) {
1151 if (VALID_STAT_OF_DIR(sbuf))
1156 if (file_set_dosmode(conn,fname,mode,&sbuf,NULL,false) != 0) {
1157 reply_unixerror(req, ERRDOS, ERRnoaccess);
1158 END_PROFILE(SMBsetatr);
1163 reply_outbuf(req, 0, 0);
1165 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1167 END_PROFILE(SMBsetatr);
1171 /****************************************************************************
1173 ****************************************************************************/
1175 void reply_dskattr(struct smb_request *req)
1177 connection_struct *conn = req->conn;
1178 uint64_t dfree,dsize,bsize;
1179 START_PROFILE(SMBdskattr);
1181 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1182 reply_unixerror(req, ERRHRD, ERRgeneral);
1183 END_PROFILE(SMBdskattr);
1187 reply_outbuf(req, 5, 0);
1189 if (Protocol <= PROTOCOL_LANMAN2) {
1190 double total_space, free_space;
1191 /* we need to scale this to a number that DOS6 can handle. We
1192 use floating point so we can handle large drives on systems
1193 that don't have 64 bit integers
1195 we end up displaying a maximum of 2G to DOS systems
1197 total_space = dsize * (double)bsize;
1198 free_space = dfree * (double)bsize;
1200 dsize = (uint64_t)((total_space+63*512) / (64*512));
1201 dfree = (uint64_t)((free_space+63*512) / (64*512));
1203 if (dsize > 0xFFFF) dsize = 0xFFFF;
1204 if (dfree > 0xFFFF) dfree = 0xFFFF;
1206 SSVAL(req->outbuf,smb_vwv0,dsize);
1207 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1208 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1209 SSVAL(req->outbuf,smb_vwv3,dfree);
1211 SSVAL(req->outbuf,smb_vwv0,dsize);
1212 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1213 SSVAL(req->outbuf,smb_vwv2,512);
1214 SSVAL(req->outbuf,smb_vwv3,dfree);
1217 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1219 END_PROFILE(SMBdskattr);
1223 /****************************************************************************
1225 Can be called from SMBsearch, SMBffirst or SMBfunique.
1226 ****************************************************************************/
1228 void reply_search(struct smb_request *req)
1230 connection_struct *conn = req->conn;
1231 const char *mask = NULL;
1232 char *directory = NULL;
1238 unsigned int numentries = 0;
1239 unsigned int maxentries = 0;
1240 bool finished = False;
1246 bool check_descend = False;
1247 bool expect_close = False;
1249 bool mask_contains_wcard = False;
1250 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1251 TALLOC_CTX *ctx = talloc_tos();
1252 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1254 START_PROFILE(SMBsearch);
1257 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1258 END_PROFILE(SMBsearch);
1262 if (lp_posix_pathnames()) {
1263 reply_unknown_new(req, req->cmd);
1264 END_PROFILE(SMBsearch);
1268 /* If we were called as SMBffirst then we must expect close. */
1269 if(req->cmd == SMBffirst) {
1270 expect_close = True;
1273 reply_outbuf(req, 1, 3);
1274 maxentries = SVAL(req->vwv+0, 0);
1275 dirtype = SVAL(req->vwv+1, 0);
1276 p = (const char *)req->buf + 1;
1277 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1278 &nt_status, &mask_contains_wcard);
1279 if (!NT_STATUS_IS_OK(nt_status)) {
1280 reply_nterror(req, nt_status);
1281 END_PROFILE(SMBsearch);
1285 nt_status = resolve_dfspath_wcard(ctx, conn,
1286 req->flags2 & FLAGS2_DFS_PATHNAMES,
1289 &mask_contains_wcard);
1290 if (!NT_STATUS_IS_OK(nt_status)) {
1291 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1292 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1293 ERRSRV, ERRbadpath);
1294 END_PROFILE(SMBsearch);
1297 reply_nterror(req, nt_status);
1298 END_PROFILE(SMBsearch);
1303 status_len = SVAL(p, 0);
1306 /* dirtype &= ~aDIR; */
1308 if (status_len == 0) {
1309 SMB_STRUCT_STAT sbuf;
1311 nt_status = unix_convert(ctx, conn, path, True,
1312 &directory, NULL, &sbuf);
1313 if (!NT_STATUS_IS_OK(nt_status)) {
1314 reply_nterror(req, nt_status);
1315 END_PROFILE(SMBsearch);
1319 nt_status = check_name(conn, directory);
1320 if (!NT_STATUS_IS_OK(nt_status)) {
1321 reply_nterror(req, nt_status);
1322 END_PROFILE(SMBsearch);
1326 p = strrchr_m(directory,'/');
1327 if ((p != NULL) && (*directory != '/')) {
1329 directory = talloc_strndup(ctx, directory,
1330 PTR_DIFF(p, directory));
1333 directory = talloc_strdup(ctx,".");
1337 reply_nterror(req, NT_STATUS_NO_MEMORY);
1338 END_PROFILE(SMBsearch);
1342 memset((char *)status,'\0',21);
1343 SCVAL(status,0,(dirtype & 0x1F));
1345 nt_status = dptr_create(conn,
1351 mask_contains_wcard,
1354 if (!NT_STATUS_IS_OK(nt_status)) {
1355 reply_nterror(req, nt_status);
1356 END_PROFILE(SMBsearch);
1359 dptr_num = dptr_dnum(conn->dirptr);
1363 memcpy(status,p,21);
1364 status_dirtype = CVAL(status,0) & 0x1F;
1365 if (status_dirtype != (dirtype & 0x1F)) {
1366 dirtype = status_dirtype;
1369 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1370 if (!conn->dirptr) {
1373 string_set(&conn->dirpath,dptr_path(dptr_num));
1374 mask = dptr_wcard(dptr_num);
1379 * For a 'continue' search we have no string. So
1380 * check from the initial saved string.
1382 mask_contains_wcard = ms_has_wild(mask);
1383 dirtype = dptr_attr(dptr_num);
1386 DEBUG(4,("dptr_num is %d\n",dptr_num));
1388 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1389 dptr_init_search_op(conn->dirptr);
1391 if ((dirtype&0x1F) == aVOLID) {
1392 char buf[DIR_STRUCT_SIZE];
1393 memcpy(buf,status,21);
1394 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1395 0,aVOLID,0,!allow_long_path_components)) {
1396 reply_nterror(req, NT_STATUS_NO_MEMORY);
1397 END_PROFILE(SMBsearch);
1400 dptr_fill(buf+12,dptr_num);
1401 if (dptr_zero(buf+12) && (status_len==0)) {
1406 if (message_push_blob(&req->outbuf,
1407 data_blob_const(buf, sizeof(buf)))
1409 reply_nterror(req, NT_STATUS_NO_MEMORY);
1410 END_PROFILE(SMBsearch);
1418 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1421 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1422 conn->dirpath,lp_dontdescend(SNUM(conn))));
1423 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1424 check_descend = True;
1427 for (i=numentries;(i<maxentries) && !finished;i++) {
1428 finished = !get_dir_entry(ctx,
1439 char buf[DIR_STRUCT_SIZE];
1440 memcpy(buf,status,21);
1441 if (!make_dir_struct(ctx,
1448 !allow_long_path_components)) {
1449 reply_nterror(req, NT_STATUS_NO_MEMORY);
1450 END_PROFILE(SMBsearch);
1453 if (!dptr_fill(buf+12,dptr_num)) {
1456 if (message_push_blob(&req->outbuf,
1457 data_blob_const(buf, sizeof(buf)))
1459 reply_nterror(req, NT_STATUS_NO_MEMORY);
1460 END_PROFILE(SMBsearch);
1470 /* If we were called as SMBffirst with smb_search_id == NULL
1471 and no entries were found then return error and close dirptr
1474 if (numentries == 0) {
1475 dptr_close(&dptr_num);
1476 } else if(expect_close && status_len == 0) {
1477 /* Close the dptr - we know it's gone */
1478 dptr_close(&dptr_num);
1481 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1482 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1483 dptr_close(&dptr_num);
1486 if ((numentries == 0) && !mask_contains_wcard) {
1487 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1488 END_PROFILE(SMBsearch);
1492 SSVAL(req->outbuf,smb_vwv0,numentries);
1493 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1494 SCVAL(smb_buf(req->outbuf),0,5);
1495 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1497 /* The replies here are never long name. */
1498 SSVAL(req->outbuf, smb_flg2,
1499 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1500 if (!allow_long_path_components) {
1501 SSVAL(req->outbuf, smb_flg2,
1502 SVAL(req->outbuf, smb_flg2)
1503 & (~FLAGS2_LONG_PATH_COMPONENTS));
1506 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1507 SSVAL(req->outbuf, smb_flg2,
1508 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1511 directory = dptr_path(dptr_num);
1514 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1515 smb_fn_name(req->cmd),
1517 directory ? directory : "./",
1522 END_PROFILE(SMBsearch);
1526 /****************************************************************************
1527 Reply to a fclose (stop directory search).
1528 ****************************************************************************/
1530 void reply_fclose(struct smb_request *req)
1538 bool path_contains_wcard = False;
1539 TALLOC_CTX *ctx = talloc_tos();
1541 START_PROFILE(SMBfclose);
1543 if (lp_posix_pathnames()) {
1544 reply_unknown_new(req, req->cmd);
1545 END_PROFILE(SMBfclose);
1549 p = (const char *)req->buf + 1;
1550 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1551 &err, &path_contains_wcard);
1552 if (!NT_STATUS_IS_OK(err)) {
1553 reply_nterror(req, err);
1554 END_PROFILE(SMBfclose);
1558 status_len = SVAL(p,0);
1561 if (status_len == 0) {
1562 reply_doserror(req, ERRSRV, ERRsrverror);
1563 END_PROFILE(SMBfclose);
1567 memcpy(status,p,21);
1569 if(dptr_fetch(status+12,&dptr_num)) {
1570 /* Close the dptr - we know it's gone */
1571 dptr_close(&dptr_num);
1574 reply_outbuf(req, 1, 0);
1575 SSVAL(req->outbuf,smb_vwv0,0);
1577 DEBUG(3,("search close\n"));
1579 END_PROFILE(SMBfclose);
1583 /****************************************************************************
1585 ****************************************************************************/
1587 void reply_open(struct smb_request *req)
1589 connection_struct *conn = req->conn;
1595 SMB_STRUCT_STAT sbuf;
1602 uint32 create_disposition;
1603 uint32 create_options = 0;
1605 TALLOC_CTX *ctx = talloc_tos();
1607 START_PROFILE(SMBopen);
1610 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1611 END_PROFILE(SMBopen);
1615 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1616 deny_mode = SVAL(req->vwv+0, 0);
1617 dos_attr = SVAL(req->vwv+1, 0);
1619 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1620 STR_TERMINATE, &status);
1621 if (!NT_STATUS_IS_OK(status)) {
1622 reply_nterror(req, status);
1623 END_PROFILE(SMBopen);
1627 if (!map_open_params_to_ntcreate(
1628 fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask,
1629 &share_mode, &create_disposition, &create_options)) {
1630 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1631 END_PROFILE(SMBopen);
1635 status = SMB_VFS_CREATE_FILE(
1638 0, /* root_dir_fid */
1640 CFF_DOS_PATH, /* create_file_flags */
1641 access_mask, /* access_mask */
1642 share_mode, /* share_access */
1643 create_disposition, /* create_disposition*/
1644 create_options, /* create_options */
1645 dos_attr, /* file_attributes */
1646 oplock_request, /* oplock_request */
1647 0, /* allocation_size */
1654 if (!NT_STATUS_IS_OK(status)) {
1655 if (open_was_deferred(req->mid)) {
1656 /* We have re-scheduled this call. */
1657 END_PROFILE(SMBopen);
1660 reply_openerror(req, status);
1661 END_PROFILE(SMBopen);
1665 size = sbuf.st_size;
1666 fattr = dos_mode(conn,fsp->fsp_name,&sbuf);
1667 mtime = sbuf.st_mtime;
1670 DEBUG(3,("attempt to open a directory %s\n",fsp->fsp_name));
1671 close_file(req, fsp, ERROR_CLOSE);
1672 reply_doserror(req, ERRDOS,ERRnoaccess);
1673 END_PROFILE(SMBopen);
1677 reply_outbuf(req, 7, 0);
1678 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1679 SSVAL(req->outbuf,smb_vwv1,fattr);
1680 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1681 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1683 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1685 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1686 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1688 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1689 SCVAL(req->outbuf,smb_flg,
1690 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1693 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1694 SCVAL(req->outbuf,smb_flg,
1695 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1697 END_PROFILE(SMBopen);
1701 /****************************************************************************
1702 Reply to an open and X.
1703 ****************************************************************************/
1705 void reply_open_and_X(struct smb_request *req)
1707 connection_struct *conn = req->conn;
1712 /* Breakout the oplock request bits so we can set the
1713 reply bits separately. */
1714 int ex_oplock_request;
1715 int core_oplock_request;
1718 int smb_sattr = SVAL(req->vwv+4, 0);
1719 uint32 smb_time = make_unix_date3(req->vwv+6);
1724 SMB_STRUCT_STAT sbuf;
1728 uint64_t allocation_size;
1729 ssize_t retval = -1;
1732 uint32 create_disposition;
1733 uint32 create_options = 0;
1734 TALLOC_CTX *ctx = talloc_tos();
1736 START_PROFILE(SMBopenX);
1738 if (req->wct < 15) {
1739 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1740 END_PROFILE(SMBopenX);
1744 open_flags = SVAL(req->vwv+2, 0);
1745 deny_mode = SVAL(req->vwv+3, 0);
1746 smb_attr = SVAL(req->vwv+5, 0);
1747 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1748 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1749 oplock_request = ex_oplock_request | core_oplock_request;
1750 smb_ofun = SVAL(req->vwv+8, 0);
1751 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1753 /* If it's an IPC, pass off the pipe handler. */
1755 if (lp_nt_pipe_support()) {
1756 reply_open_pipe_and_X(conn, req);
1758 reply_doserror(req, ERRSRV, ERRaccess);
1760 END_PROFILE(SMBopenX);
1764 /* XXXX we need to handle passed times, sattr and flags */
1765 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1766 STR_TERMINATE, &status);
1767 if (!NT_STATUS_IS_OK(status)) {
1768 reply_nterror(req, status);
1769 END_PROFILE(SMBopenX);
1773 if (!map_open_params_to_ntcreate(
1774 fname, deny_mode, smb_ofun, &access_mask,
1775 &share_mode, &create_disposition, &create_options)) {
1776 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1777 END_PROFILE(SMBopenX);
1781 status = SMB_VFS_CREATE_FILE(
1784 0, /* root_dir_fid */
1786 CFF_DOS_PATH, /* create_file_flags */
1787 access_mask, /* access_mask */
1788 share_mode, /* share_access */
1789 create_disposition, /* create_disposition*/
1790 create_options, /* create_options */
1791 smb_attr, /* file_attributes */
1792 oplock_request, /* oplock_request */
1793 0, /* allocation_size */
1797 &smb_action, /* pinfo */
1800 if (!NT_STATUS_IS_OK(status)) {
1801 END_PROFILE(SMBopenX);
1802 if (open_was_deferred(req->mid)) {
1803 /* We have re-scheduled this call. */
1806 reply_openerror(req, status);
1810 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1811 if the file is truncated or created. */
1812 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1813 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1814 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1815 close_file(req, fsp, ERROR_CLOSE);
1816 reply_nterror(req, NT_STATUS_DISK_FULL);
1817 END_PROFILE(SMBopenX);
1820 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1822 close_file(req, fsp, ERROR_CLOSE);
1823 reply_nterror(req, NT_STATUS_DISK_FULL);
1824 END_PROFILE(SMBopenX);
1827 sbuf.st_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp,&sbuf);
1830 fattr = dos_mode(conn,fsp->fsp_name,&sbuf);
1831 mtime = sbuf.st_mtime;
1833 close_file(req, fsp, ERROR_CLOSE);
1834 reply_doserror(req, ERRDOS, ERRnoaccess);
1835 END_PROFILE(SMBopenX);
1839 /* If the caller set the extended oplock request bit
1840 and we granted one (by whatever means) - set the
1841 correct bit for extended oplock reply.
1844 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1845 smb_action |= EXTENDED_OPLOCK_GRANTED;
1848 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1849 smb_action |= EXTENDED_OPLOCK_GRANTED;
1852 /* If the caller set the core oplock request bit
1853 and we granted one (by whatever means) - set the
1854 correct bit for core oplock reply.
1857 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1858 reply_outbuf(req, 19, 0);
1860 reply_outbuf(req, 15, 0);
1863 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1864 SCVAL(req->outbuf, smb_flg,
1865 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1868 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1869 SCVAL(req->outbuf, smb_flg,
1870 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1873 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
1874 SSVAL(req->outbuf,smb_vwv3,fattr);
1875 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1876 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
1878 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
1880 SIVAL(req->outbuf,smb_vwv6,(uint32)sbuf.st_size);
1881 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1882 SSVAL(req->outbuf,smb_vwv11,smb_action);
1884 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1885 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1888 END_PROFILE(SMBopenX);
1893 /****************************************************************************
1894 Reply to a SMBulogoffX.
1895 ****************************************************************************/
1897 void reply_ulogoffX(struct smb_request *req)
1901 START_PROFILE(SMBulogoffX);
1903 vuser = get_valid_user_struct(req->vuid);
1906 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1910 /* in user level security we are supposed to close any files
1911 open by this user */
1912 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
1913 file_close_user(req->vuid);
1916 invalidate_vuid(req->vuid);
1918 reply_outbuf(req, 2, 0);
1920 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
1922 END_PROFILE(SMBulogoffX);
1926 /****************************************************************************
1927 Reply to a mknew or a create.
1928 ****************************************************************************/
1930 void reply_mknew(struct smb_request *req)
1932 connection_struct *conn = req->conn;
1935 struct smb_file_time ft;
1937 int oplock_request = 0;
1938 SMB_STRUCT_STAT sbuf;
1940 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1941 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1942 uint32 create_disposition;
1943 uint32 create_options = 0;
1944 TALLOC_CTX *ctx = talloc_tos();
1946 START_PROFILE(SMBcreate);
1950 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1951 END_PROFILE(SMBcreate);
1955 fattr = SVAL(req->vwv+0, 0);
1956 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1959 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
1961 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
1962 STR_TERMINATE, &status);
1963 if (!NT_STATUS_IS_OK(status)) {
1964 reply_nterror(req, status);
1965 END_PROFILE(SMBcreate);
1969 if (fattr & aVOLID) {
1970 DEBUG(0,("Attempt to create file (%s) with volid set - "
1971 "please report this\n", fname));
1974 if(req->cmd == SMBmknew) {
1975 /* We should fail if file exists. */
1976 create_disposition = FILE_CREATE;
1978 /* Create if file doesn't exist, truncate if it does. */
1979 create_disposition = FILE_OVERWRITE_IF;
1982 status = SMB_VFS_CREATE_FILE(
1985 0, /* root_dir_fid */
1987 CFF_DOS_PATH, /* create_file_flags */
1988 access_mask, /* access_mask */
1989 share_mode, /* share_access */
1990 create_disposition, /* create_disposition*/
1991 create_options, /* create_options */
1992 fattr, /* file_attributes */
1993 oplock_request, /* oplock_request */
1994 0, /* allocation_size */
2001 if (!NT_STATUS_IS_OK(status)) {
2002 END_PROFILE(SMBcreate);
2003 if (open_was_deferred(req->mid)) {
2004 /* We have re-scheduled this call. */
2007 reply_openerror(req, status);
2011 ft.atime = get_atimespec(&sbuf); /* atime. */
2012 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &sbuf, &ft, true);
2013 if (!NT_STATUS_IS_OK(status)) {
2014 END_PROFILE(SMBcreate);
2015 reply_openerror(req, status);
2019 reply_outbuf(req, 1, 0);
2020 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2022 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2023 SCVAL(req->outbuf,smb_flg,
2024 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2027 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2028 SCVAL(req->outbuf,smb_flg,
2029 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2032 DEBUG( 2, ( "reply_mknew: file %s\n", fsp->fsp_name ) );
2033 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
2034 fsp->fsp_name, fsp->fh->fd, (unsigned int)fattr ) );
2036 END_PROFILE(SMBcreate);
2040 /****************************************************************************
2041 Reply to a create temporary file.
2042 ****************************************************************************/
2044 void reply_ctemp(struct smb_request *req)
2046 connection_struct *conn = req->conn;
2052 SMB_STRUCT_STAT sbuf;
2055 TALLOC_CTX *ctx = talloc_tos();
2057 START_PROFILE(SMBctemp);
2060 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2061 END_PROFILE(SMBctemp);
2065 fattr = SVAL(req->vwv+0, 0);
2066 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2068 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2069 STR_TERMINATE, &status);
2070 if (!NT_STATUS_IS_OK(status)) {
2071 reply_nterror(req, status);
2072 END_PROFILE(SMBctemp);
2076 fname = talloc_asprintf(ctx,
2080 fname = talloc_strdup(ctx, "TMXXXXXX");
2084 reply_nterror(req, NT_STATUS_NO_MEMORY);
2085 END_PROFILE(SMBctemp);
2089 status = resolve_dfspath(ctx, conn,
2090 req->flags2 & FLAGS2_DFS_PATHNAMES,
2093 if (!NT_STATUS_IS_OK(status)) {
2094 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2095 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2096 ERRSRV, ERRbadpath);
2097 END_PROFILE(SMBctemp);
2100 reply_nterror(req, status);
2101 END_PROFILE(SMBctemp);
2105 status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
2106 if (!NT_STATUS_IS_OK(status)) {
2107 reply_nterror(req, status);
2108 END_PROFILE(SMBctemp);
2112 status = check_name(conn, fname);
2113 if (!NT_STATUS_IS_OK(status)) {
2114 reply_nterror(req, status);
2115 END_PROFILE(SMBctemp);
2119 tmpfd = smb_mkstemp(fname);
2121 reply_unixerror(req, ERRDOS, ERRnoaccess);
2122 END_PROFILE(SMBctemp);
2126 SMB_VFS_STAT(conn,fname,&sbuf);
2128 /* We should fail if file does not exist. */
2129 status = SMB_VFS_CREATE_FILE(
2132 0, /* root_dir_fid */
2134 0, /* create_file_flags */
2135 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2136 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2137 FILE_OPEN, /* create_disposition*/
2138 0, /* create_options */
2139 fattr, /* file_attributes */
2140 oplock_request, /* oplock_request */
2141 0, /* allocation_size */
2148 /* close fd from smb_mkstemp() */
2151 if (!NT_STATUS_IS_OK(status)) {
2152 if (open_was_deferred(req->mid)) {
2153 /* We have re-scheduled this call. */
2154 END_PROFILE(SMBctemp);
2157 reply_openerror(req, status);
2158 END_PROFILE(SMBctemp);
2162 reply_outbuf(req, 1, 0);
2163 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2165 /* the returned filename is relative to the directory */
2166 s = strrchr_m(fsp->fsp_name, '/');
2174 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2175 thing in the byte section. JRA */
2176 SSVALS(p, 0, -1); /* what is this? not in spec */
2178 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2180 reply_nterror(req, NT_STATUS_NO_MEMORY);
2181 END_PROFILE(SMBctemp);
2185 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2186 SCVAL(req->outbuf, smb_flg,
2187 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2190 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2191 SCVAL(req->outbuf, smb_flg,
2192 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2195 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp->fsp_name ) );
2196 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp->fsp_name,
2197 fsp->fh->fd, (unsigned int)sbuf.st_mode ) );
2199 END_PROFILE(SMBctemp);
2203 /*******************************************************************
2204 Check if a user is allowed to rename a file.
2205 ********************************************************************/
2207 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2208 uint16 dirtype, SMB_STRUCT_STAT *pst)
2212 if (!CAN_WRITE(conn)) {
2213 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2216 fmode = dos_mode(conn, fsp->fsp_name, pst);
2217 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2218 return NT_STATUS_NO_SUCH_FILE;
2221 if (S_ISDIR(pst->st_mode)) {
2222 if (fsp->posix_open) {
2223 return NT_STATUS_OK;
2226 /* If no pathnames are open below this
2227 directory, allow the rename. */
2229 if (file_find_subpath(fsp)) {
2230 return NT_STATUS_ACCESS_DENIED;
2232 return NT_STATUS_OK;
2235 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2236 return NT_STATUS_OK;
2239 return NT_STATUS_ACCESS_DENIED;
2242 /*******************************************************************
2243 * unlink a file with all relevant access checks
2244 *******************************************************************/
2246 static NTSTATUS do_unlink(connection_struct *conn,
2247 struct smb_request *req,
2251 SMB_STRUCT_STAT sbuf;
2254 uint32 dirtype_orig = dirtype;
2257 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2259 if (!CAN_WRITE(conn)) {
2260 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2263 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
2264 return map_nt_error_from_unix(errno);
2267 fattr = dos_mode(conn,fname,&sbuf);
2269 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2270 dirtype = aDIR|aARCH|aRONLY;
2273 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2275 return NT_STATUS_NO_SUCH_FILE;
2278 if (!dir_check_ftype(conn, fattr, dirtype)) {
2280 return NT_STATUS_FILE_IS_A_DIRECTORY;
2282 return NT_STATUS_NO_SUCH_FILE;
2285 if (dirtype_orig & 0x8000) {
2286 /* These will never be set for POSIX. */
2287 return NT_STATUS_NO_SUCH_FILE;
2291 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2292 return NT_STATUS_FILE_IS_A_DIRECTORY;
2295 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2296 return NT_STATUS_NO_SUCH_FILE;
2299 if (dirtype & 0xFF00) {
2300 /* These will never be set for POSIX. */
2301 return NT_STATUS_NO_SUCH_FILE;
2306 return NT_STATUS_NO_SUCH_FILE;
2309 /* Can't delete a directory. */
2311 return NT_STATUS_FILE_IS_A_DIRECTORY;
2316 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2317 return NT_STATUS_OBJECT_NAME_INVALID;
2318 #endif /* JRATEST */
2320 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2322 On a Windows share, a file with read-only dosmode can be opened with
2323 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2324 fails with NT_STATUS_CANNOT_DELETE error.
2326 This semantic causes a problem that a user can not
2327 rename a file with read-only dosmode on a Samba share
2328 from a Windows command prompt (i.e. cmd.exe, but can rename
2329 from Windows Explorer).
2332 if (!lp_delete_readonly(SNUM(conn))) {
2333 if (fattr & aRONLY) {
2334 return NT_STATUS_CANNOT_DELETE;
2338 /* On open checks the open itself will check the share mode, so
2339 don't do it here as we'll get it wrong. */
2341 status = SMB_VFS_CREATE_FILE
2344 0, /* root_dir_fid */
2346 0, /* create_file_flags */
2347 DELETE_ACCESS, /* access_mask */
2348 FILE_SHARE_NONE, /* share_access */
2349 FILE_OPEN, /* create_disposition*/
2350 FILE_NON_DIRECTORY_FILE, /* create_options */
2351 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2352 0, /* oplock_request */
2353 0, /* allocation_size */
2360 if (!NT_STATUS_IS_OK(status)) {
2361 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2362 nt_errstr(status)));
2366 /* The set is across all open files on this dev/inode pair. */
2367 if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) {
2368 close_file(req, fsp, NORMAL_CLOSE);
2369 return NT_STATUS_ACCESS_DENIED;
2372 return close_file(req, fsp, NORMAL_CLOSE);
2375 /****************************************************************************
2376 The guts of the unlink command, split out so it may be called by the NT SMB
2378 ****************************************************************************/
2380 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2381 uint32 dirtype, const char *name_in, bool has_wild)
2383 const char *directory = NULL;
2388 NTSTATUS status = NT_STATUS_OK;
2389 SMB_STRUCT_STAT sbuf, st;
2390 TALLOC_CTX *ctx = talloc_tos();
2392 status = unix_convert(ctx, conn, name_in, has_wild, &name, NULL, &sbuf);
2393 if (!NT_STATUS_IS_OK(status)) {
2397 p = strrchr_m(name,'/');
2399 directory = talloc_strdup(ctx, ".");
2401 return NT_STATUS_NO_MEMORY;
2411 * We should only check the mangled cache
2412 * here if unix_convert failed. This means
2413 * that the path in 'mask' doesn't exist
2414 * on the file system and so we need to look
2415 * for a possible mangle. This patch from
2416 * Tine Smukavec <valentin.smukavec@hermes.si>.
2419 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params)) {
2420 char *new_mask = NULL;
2421 mangle_lookup_name_from_8_3(ctx,
2431 directory = talloc_asprintf(ctx,
2436 return NT_STATUS_NO_MEMORY;
2439 dirtype = FILE_ATTRIBUTE_NORMAL;
2442 status = check_name(conn, directory);
2443 if (!NT_STATUS_IS_OK(status)) {
2447 status = do_unlink(conn, req, directory, dirtype);
2448 if (!NT_STATUS_IS_OK(status)) {
2454 struct smb_Dir *dir_hnd = NULL;
2458 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2459 return NT_STATUS_OBJECT_NAME_INVALID;
2462 if (strequal(mask,"????????.???")) {
2467 status = check_name(conn, directory);
2468 if (!NT_STATUS_IS_OK(status)) {
2472 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask,
2474 if (dir_hnd == NULL) {
2475 return map_nt_error_from_unix(errno);
2478 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2479 the pattern matches against the long name, otherwise the short name
2480 We don't implement this yet XXXX
2483 status = NT_STATUS_NO_SUCH_FILE;
2485 while ((dname = ReadDirName(dir_hnd, &offset, &st))) {
2488 if (!is_visible_file(conn, directory, dname, &st,
2494 /* Quick check for "." and ".." */
2495 if (ISDOT(dname) || ISDOTDOT(dname)) {
2499 if(!mask_match(dname, mask, conn->case_sensitive)) {
2503 fname = talloc_asprintf(ctx, "%s/%s",
2507 return NT_STATUS_NO_MEMORY;
2510 status = check_name(conn, fname);
2511 if (!NT_STATUS_IS_OK(status)) {
2512 TALLOC_FREE(dir_hnd);
2516 status = do_unlink(conn, req, fname, dirtype);
2517 if (!NT_STATUS_IS_OK(status)) {
2523 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2528 TALLOC_FREE(dir_hnd);
2531 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2532 status = map_nt_error_from_unix(errno);
2538 /****************************************************************************
2540 ****************************************************************************/
2542 void reply_unlink(struct smb_request *req)
2544 connection_struct *conn = req->conn;
2548 bool path_contains_wcard = False;
2549 TALLOC_CTX *ctx = talloc_tos();
2551 START_PROFILE(SMBunlink);
2554 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2555 END_PROFILE(SMBunlink);
2559 dirtype = SVAL(req->vwv+0, 0);
2561 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2562 STR_TERMINATE, &status,
2563 &path_contains_wcard);
2564 if (!NT_STATUS_IS_OK(status)) {
2565 reply_nterror(req, status);
2566 END_PROFILE(SMBunlink);
2570 status = resolve_dfspath_wcard(ctx, conn,
2571 req->flags2 & FLAGS2_DFS_PATHNAMES,
2574 &path_contains_wcard);
2575 if (!NT_STATUS_IS_OK(status)) {
2576 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2577 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2578 ERRSRV, ERRbadpath);
2579 END_PROFILE(SMBunlink);
2582 reply_nterror(req, status);
2583 END_PROFILE(SMBunlink);
2587 DEBUG(3,("reply_unlink : %s\n",name));
2589 status = unlink_internals(conn, req, dirtype, name,
2590 path_contains_wcard);
2591 if (!NT_STATUS_IS_OK(status)) {
2592 if (open_was_deferred(req->mid)) {
2593 /* We have re-scheduled this call. */
2594 END_PROFILE(SMBunlink);
2597 reply_nterror(req, status);
2598 END_PROFILE(SMBunlink);
2602 reply_outbuf(req, 0, 0);
2603 END_PROFILE(SMBunlink);
2608 /****************************************************************************
2610 ****************************************************************************/
2612 static void fail_readraw(void)
2614 const char *errstr = talloc_asprintf(talloc_tos(),
2615 "FAIL ! reply_readbraw: socket write fail (%s)",
2620 exit_server_cleanly(errstr);
2623 /****************************************************************************
2624 Fake (read/write) sendfile. Returns -1 on read or write fail.
2625 ****************************************************************************/
2627 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2631 size_t tosend = nread;
2638 bufsize = MIN(nread, 65536);
2640 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2644 while (tosend > 0) {
2648 if (tosend > bufsize) {
2653 ret = read_file(fsp,buf,startpos,cur_read);
2659 /* If we had a short read, fill with zeros. */
2660 if (ret < cur_read) {
2661 memset(buf, '\0', cur_read - ret);
2664 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2669 startpos += cur_read;
2673 return (ssize_t)nread;
2676 /****************************************************************************
2677 Deal with the case of sendfile reading less bytes from the file than
2678 requested. Fill with zeros (all we can do).
2679 ****************************************************************************/
2681 static void sendfile_short_send(files_struct *fsp,
2686 if (nread < headersize) {
2687 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2688 "header for file %s (%s). Terminating\n",
2689 fsp->fsp_name, strerror(errno) ));
2690 exit_server_cleanly("sendfile_short_send failed");
2693 nread -= headersize;
2695 if (nread < smb_maxcnt) {
2696 char *buf = SMB_CALLOC_ARRAY(char, 1024);
2698 exit_server_cleanly("sendfile_short_send: "
2702 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2703 "with zeros !\n", fsp->fsp_name));
2705 while (nread < smb_maxcnt) {
2707 * We asked for the real file size and told sendfile
2708 * to not go beyond the end of the file. But it can
2709 * happen that in between our fstat call and the
2710 * sendfile call the file was truncated. This is very
2711 * bad because we have already announced the larger
2712 * number of bytes to the client.
2714 * The best we can do now is to send 0-bytes, just as
2715 * a read from a hole in a sparse file would do.
2717 * This should happen rarely enough that I don't care
2718 * about efficiency here :-)
2722 to_write = MIN(sizeof(buf), smb_maxcnt - nread);
2723 if (write_data(smbd_server_fd(), buf, to_write) != to_write) {
2724 exit_server_cleanly("sendfile_short_send: "
2725 "write_data failed");
2733 /****************************************************************************
2734 Return a readbraw error (4 bytes of zero).
2735 ****************************************************************************/
2737 static void reply_readbraw_error(void)
2741 if (write_data(smbd_server_fd(),header,4) != 4) {
2746 /****************************************************************************
2747 Use sendfile in readbraw.
2748 ****************************************************************************/
2750 static void send_file_readbraw(connection_struct *conn,
2751 struct smb_request *req,
2757 char *outbuf = NULL;
2760 #if defined(WITH_SENDFILE)
2762 * We can only use sendfile on a non-chained packet
2763 * but we can use on a non-oplocked file. tridge proved this
2764 * on a train in Germany :-). JRA.
2765 * reply_readbraw has already checked the length.
2768 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
2769 (fsp->wcp == NULL) &&
2770 lp_use_sendfile(SNUM(conn), smbd_server_conn->signing_state) ) {
2771 ssize_t sendfile_read = -1;
2773 DATA_BLOB header_blob;
2775 _smb_setlen(header,nread);
2776 header_blob = data_blob_const(header, 4);
2778 if ((sendfile_read = SMB_VFS_SENDFILE(smbd_server_fd(), fsp,
2779 &header_blob, startpos, nread)) == -1) {
2780 /* Returning ENOSYS means no data at all was sent.
2781 * Do this as a normal read. */
2782 if (errno == ENOSYS) {
2783 goto normal_readbraw;
2787 * Special hack for broken Linux with no working sendfile. If we
2788 * return EINTR we sent the header but not the rest of the data.
2789 * Fake this up by doing read/write calls.
2791 if (errno == EINTR) {
2792 /* Ensure we don't do this again. */
2793 set_use_sendfile(SNUM(conn), False);
2794 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2796 if (fake_sendfile(fsp, startpos, nread) == -1) {
2797 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2798 fsp->fsp_name, strerror(errno) ));
2799 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2804 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2805 fsp->fsp_name, strerror(errno) ));
2806 exit_server_cleanly("send_file_readbraw sendfile failed");
2807 } else if (sendfile_read == 0) {
2809 * Some sendfile implementations return 0 to indicate
2810 * that there was a short read, but nothing was
2811 * actually written to the socket. In this case,
2812 * fallback to the normal read path so the header gets
2813 * the correct byte count.
2815 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
2816 "bytes falling back to the normal read: "
2817 "%s\n", fsp->fsp_name));
2818 goto normal_readbraw;
2821 /* Deal with possible short send. */
2822 if (sendfile_read != 4+nread) {
2823 sendfile_short_send(fsp, sendfile_read, 4, nread);
2831 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
2833 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2834 (unsigned)(nread+4)));
2835 reply_readbraw_error();
2840 ret = read_file(fsp,outbuf+4,startpos,nread);
2841 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2850 _smb_setlen(outbuf,ret);
2851 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2854 TALLOC_FREE(outbuf);
2857 /****************************************************************************
2858 Reply to a readbraw (core+ protocol).
2859 ****************************************************************************/
2861 void reply_readbraw(struct smb_request *req)
2863 connection_struct *conn = req->conn;
2864 ssize_t maxcount,mincount;
2868 struct lock_struct lock;
2872 START_PROFILE(SMBreadbraw);
2874 if (srv_is_signing_active(smbd_server_conn) ||
2875 is_encrypted_packet(req->inbuf)) {
2876 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
2877 "raw reads/writes are disallowed.");
2881 reply_readbraw_error();
2882 END_PROFILE(SMBreadbraw);
2887 * Special check if an oplock break has been issued
2888 * and the readraw request croses on the wire, we must
2889 * return a zero length response here.
2892 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
2895 * We have to do a check_fsp by hand here, as
2896 * we must always return 4 zero bytes on error,
2900 if (!fsp || !conn || conn != fsp->conn ||
2901 req->vuid != fsp->vuid ||
2902 fsp->is_directory || fsp->fh->fd == -1) {
2904 * fsp could be NULL here so use the value from the packet. JRA.
2906 DEBUG(3,("reply_readbraw: fnum %d not valid "
2908 (int)SVAL(req->vwv+0, 0)));
2909 reply_readbraw_error();
2910 END_PROFILE(SMBreadbraw);
2914 /* Do a "by hand" version of CHECK_READ. */
2915 if (!(fsp->can_read ||
2916 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
2917 (fsp->access_mask & FILE_EXECUTE)))) {
2918 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2919 (int)SVAL(req->vwv+0, 0)));
2920 reply_readbraw_error();
2921 END_PROFILE(SMBreadbraw);
2925 flush_write_cache(fsp, READRAW_FLUSH);
2927 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
2928 if(req->wct == 10) {
2930 * This is a large offset (64 bit) read.
2932 #ifdef LARGE_SMB_OFF_T
2934 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
2936 #else /* !LARGE_SMB_OFF_T */
2939 * Ensure we haven't been sent a >32 bit offset.
2942 if(IVAL(req->vwv+8, 0) != 0) {
2943 DEBUG(0,("reply_readbraw: large offset "
2944 "(%x << 32) used and we don't support "
2945 "64 bit offsets.\n",
2946 (unsigned int)IVAL(req->vwv+8, 0) ));
2947 reply_readbraw_error();
2948 END_PROFILE(SMBreadbraw);
2952 #endif /* LARGE_SMB_OFF_T */
2955 DEBUG(0,("reply_readbraw: negative 64 bit "
2956 "readraw offset (%.0f) !\n",
2957 (double)startpos ));
2958 reply_readbraw_error();
2959 END_PROFILE(SMBreadbraw);
2964 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
2965 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
2967 /* ensure we don't overrun the packet size */
2968 maxcount = MIN(65535,maxcount);
2970 init_strict_lock_struct(fsp, (uint32)req->smbpid,
2971 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
2974 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
2975 reply_readbraw_error();
2976 END_PROFILE(SMBreadbraw);
2980 if (SMB_VFS_FSTAT(fsp, &st) == 0) {
2984 if (startpos >= size) {
2987 nread = MIN(maxcount,(size - startpos));
2990 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2991 if (nread < mincount)
2995 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
2996 "min=%lu nread=%lu\n",
2997 fsp->fnum, (double)startpos,
2998 (unsigned long)maxcount,
2999 (unsigned long)mincount,
3000 (unsigned long)nread ) );
3002 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3004 DEBUG(5,("reply_readbraw finished\n"));
3006 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3008 END_PROFILE(SMBreadbraw);
3013 #define DBGC_CLASS DBGC_LOCKING
3015 /****************************************************************************
3016 Reply to a lockread (core+ protocol).
3017 ****************************************************************************/
3019 void reply_lockread(struct smb_request *req)
3021 connection_struct *conn = req->conn;
3028 struct byte_range_lock *br_lck = NULL;
3031 START_PROFILE(SMBlockread);
3034 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3035 END_PROFILE(SMBlockread);
3039 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3041 if (!check_fsp(conn, req, fsp)) {
3042 END_PROFILE(SMBlockread);
3046 if (!CHECK_READ(fsp,req)) {
3047 reply_doserror(req, ERRDOS, ERRbadaccess);
3048 END_PROFILE(SMBlockread);
3052 numtoread = SVAL(req->vwv+1, 0);
3053 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3055 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3057 reply_outbuf(req, 5, numtoread + 3);
3059 data = smb_buf(req->outbuf) + 3;
3062 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3063 * protocol request that predates the read/write lock concept.
3064 * Thus instead of asking for a read lock here we need to ask
3065 * for a write lock. JRA.
3066 * Note that the requested lock size is unaffected by max_recv.
3069 br_lck = do_lock(smbd_messaging_context(),
3072 (uint64_t)numtoread,
3076 False, /* Non-blocking lock. */
3080 TALLOC_FREE(br_lck);
3082 if (NT_STATUS_V(status)) {
3083 reply_nterror(req, status);
3084 END_PROFILE(SMBlockread);
3089 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3092 if (numtoread > max_recv) {
3093 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3094 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3095 (unsigned int)numtoread, (unsigned int)max_recv ));
3096 numtoread = MIN(numtoread,max_recv);
3098 nread = read_file(fsp,data,startpos,numtoread);
3101 reply_unixerror(req, ERRDOS, ERRnoaccess);
3102 END_PROFILE(SMBlockread);
3106 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3108 SSVAL(req->outbuf,smb_vwv0,nread);
3109 SSVAL(req->outbuf,smb_vwv5,nread+3);
3110 p = smb_buf(req->outbuf);
3111 SCVAL(p,0,0); /* pad byte. */
3114 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3115 fsp->fnum, (int)numtoread, (int)nread));
3117 END_PROFILE(SMBlockread);
3122 #define DBGC_CLASS DBGC_ALL
3124 /****************************************************************************
3126 ****************************************************************************/
3128 void reply_read(struct smb_request *req)
3130 connection_struct *conn = req->conn;
3137 struct lock_struct lock;
3139 START_PROFILE(SMBread);
3142 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3143 END_PROFILE(SMBread);
3147 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3149 if (!check_fsp(conn, req, fsp)) {
3150 END_PROFILE(SMBread);
3154 if (!CHECK_READ(fsp,req)) {
3155 reply_doserror(req, ERRDOS, ERRbadaccess);
3156 END_PROFILE(SMBread);
3160 numtoread = SVAL(req->vwv+1, 0);
3161 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3163 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3166 * The requested read size cannot be greater than max_recv. JRA.
3168 if (numtoread > max_recv) {
3169 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3170 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3171 (unsigned int)numtoread, (unsigned int)max_recv ));
3172 numtoread = MIN(numtoread,max_recv);
3175 reply_outbuf(req, 5, numtoread+3);
3177 data = smb_buf(req->outbuf) + 3;
3179 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3180 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3183 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3184 reply_doserror(req, ERRDOS,ERRlock);
3185 END_PROFILE(SMBread);
3190 nread = read_file(fsp,data,startpos,numtoread);
3193 reply_unixerror(req, ERRDOS,ERRnoaccess);
3197 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3199 SSVAL(req->outbuf,smb_vwv0,nread);
3200 SSVAL(req->outbuf,smb_vwv5,nread+3);
3201 SCVAL(smb_buf(req->outbuf),0,1);
3202 SSVAL(smb_buf(req->outbuf),1,nread);
3204 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3205 fsp->fnum, (int)numtoread, (int)nread ) );
3208 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3210 END_PROFILE(SMBread);
3214 /****************************************************************************
3216 ****************************************************************************/
3218 static int setup_readX_header(struct smb_request *req, char *outbuf,
3224 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3225 data = smb_buf(outbuf);
3227 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3229 SCVAL(outbuf,smb_vwv0,0xFF);
3230 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3231 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3232 SSVAL(outbuf,smb_vwv6,
3234 + 1 /* the wct field */
3235 + 12 * sizeof(uint16_t) /* vwv */
3236 + 2); /* the buflen field */
3237 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3238 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3239 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3240 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3244 /****************************************************************************
3245 Reply to a read and X - possibly using sendfile.
3246 ****************************************************************************/
3248 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3249 files_struct *fsp, SMB_OFF_T startpos,
3252 SMB_STRUCT_STAT sbuf;
3255 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
3256 reply_unixerror(req, ERRDOS, ERRnoaccess);
3260 if (startpos > sbuf.st_size) {
3262 } else if (smb_maxcnt > (sbuf.st_size - startpos)) {
3263 smb_maxcnt = (sbuf.st_size - startpos);
3266 if (smb_maxcnt == 0) {
3270 #if defined(WITH_SENDFILE)
3272 * We can only use sendfile on a non-chained packet
3273 * but we can use on a non-oplocked file. tridge proved this
3274 * on a train in Germany :-). JRA.
3277 if (!req_is_in_chain(req) &&
3278 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3279 (fsp->wcp == NULL) &&
3280 lp_use_sendfile(SNUM(conn), smbd_server_conn->signing_state) ) {
3281 uint8 headerbuf[smb_size + 12 * 2];
3285 * Set up the packet header before send. We
3286 * assume here the sendfile will work (get the
3287 * correct amount of data).
3290 header = data_blob_const(headerbuf, sizeof(headerbuf));
3292 construct_reply_common_req(req, (char *)headerbuf);
3293 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3295 if ((nread = SMB_VFS_SENDFILE(smbd_server_fd(), fsp, &header, startpos, smb_maxcnt)) == -1) {
3296 /* Returning ENOSYS means no data at all was sent.
3297 Do this as a normal read. */
3298 if (errno == ENOSYS) {
3303 * Special hack for broken Linux with no working sendfile. If we
3304 * return EINTR we sent the header but not the rest of the data.
3305 * Fake this up by doing read/write calls.
3308 if (errno == EINTR) {
3309 /* Ensure we don't do this again. */
3310 set_use_sendfile(SNUM(conn), False);
3311 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3312 nread = fake_sendfile(fsp, startpos,
3315 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3316 fsp->fsp_name, strerror(errno) ));
3317 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3319 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3320 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3321 /* No outbuf here means successful sendfile. */
3322 TALLOC_FREE(req->outbuf);
3326 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3327 fsp->fsp_name, strerror(errno) ));
3328 exit_server_cleanly("send_file_readX sendfile failed");
3329 } else if (nread == 0) {
3331 * Some sendfile implementations return 0 to indicate
3332 * that there was a short read, but nothing was
3333 * actually written to the socket. In this case,
3334 * fallback to the normal read path so the header gets
3335 * the correct byte count.
3337 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3338 "falling back to the normal read: %s\n",
3343 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3344 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3346 /* Deal with possible short send. */
3347 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3348 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3351 /* No outbuf here means successful sendfile. */
3352 TALLOC_FREE(req->outbuf);
3353 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req->pcd, nread);
3354 SMB_PERFCOUNT_END(&req->pcd);
3361 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3362 uint8 headerbuf[smb_size + 2*12];
3364 construct_reply_common_req(req, (char *)headerbuf);
3365 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3367 /* Send out the header. */
3368 if (write_data(smbd_server_fd(), (char *)headerbuf,
3369 sizeof(headerbuf)) != sizeof(headerbuf)) {
3370 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3371 fsp->fsp_name, strerror(errno) ));
3372 exit_server_cleanly("send_file_readX sendfile failed");
3374 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3376 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3377 fsp->fsp_name, strerror(errno) ));
3378 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3380 TALLOC_FREE(req->outbuf);
3384 reply_outbuf(req, 12, smb_maxcnt);
3386 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3388 reply_unixerror(req, ERRDOS, ERRnoaccess);
3392 setup_readX_header(req, (char *)req->outbuf, nread);
3394 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3395 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3400 /****************************************************************************
3401 Reply to a read and X.
3402 ****************************************************************************/
3404 void reply_read_and_X(struct smb_request *req)
3406 connection_struct *conn = req->conn;
3410 struct lock_struct lock;
3411 bool big_readX = False;
3413 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3416 START_PROFILE(SMBreadX);
3418 if ((req->wct != 10) && (req->wct != 12)) {
3419 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3423 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3424 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3425 smb_maxcnt = SVAL(req->vwv+5, 0);
3427 /* If it's an IPC, pass off the pipe handler. */
3429 reply_pipe_read_and_X(req);
3430 END_PROFILE(SMBreadX);
3434 if (!check_fsp(conn, req, fsp)) {
3435 END_PROFILE(SMBreadX);
3439 if (!CHECK_READ(fsp,req)) {
3440 reply_doserror(req, ERRDOS,ERRbadaccess);
3441 END_PROFILE(SMBreadX);
3445 if (global_client_caps & CAP_LARGE_READX) {
3446 size_t upper_size = SVAL(req->vwv+7, 0);
3447 smb_maxcnt |= (upper_size<<16);
3448 if (upper_size > 1) {
3449 /* Can't do this on a chained packet. */
3450 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3451 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3452 END_PROFILE(SMBreadX);
3455 /* We currently don't do this on signed or sealed data. */
3456 if (srv_is_signing_active(smbd_server_conn) ||
3457 is_encrypted_packet(req->inbuf)) {
3458 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3459 END_PROFILE(SMBreadX);
3462 /* Is there room in the reply for this data ? */
3463 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3465 NT_STATUS_INVALID_PARAMETER);
3466 END_PROFILE(SMBreadX);
3473 if (req->wct == 12) {
3474 #ifdef LARGE_SMB_OFF_T
3476 * This is a large offset (64 bit) read.
3478 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3480 #else /* !LARGE_SMB_OFF_T */
3483 * Ensure we haven't been sent a >32 bit offset.
3486 if(IVAL(req->vwv+10, 0) != 0) {
3487 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3488 "used and we don't support 64 bit offsets.\n",
3489 (unsigned int)IVAL(req->vwv+10, 0) ));
3490 END_PROFILE(SMBreadX);
3491 reply_doserror(req, ERRDOS, ERRbadaccess);
3495 #endif /* LARGE_SMB_OFF_T */
3499 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3500 (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
3503 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3504 END_PROFILE(SMBreadX);
3505 reply_doserror(req, ERRDOS, ERRlock);
3510 schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
3514 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3517 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3519 END_PROFILE(SMBreadX);
3523 /****************************************************************************
3524 Error replies to writebraw must have smb_wct == 1. Fix this up.
3525 ****************************************************************************/
3527 void error_to_writebrawerr(struct smb_request *req)
3529 uint8 *old_outbuf = req->outbuf;
3531 reply_outbuf(req, 1, 0);
3533 memcpy(req->outbuf, old_outbuf, smb_size);
3534 TALLOC_FREE(old_outbuf);
3537 /****************************************************************************
3538 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3539 ****************************************************************************/
3541 void reply_writebraw(struct smb_request *req)
3543 connection_struct *conn = req->conn;
3546 ssize_t total_written=0;
3547 size_t numtowrite=0;
3553 struct lock_struct lock;
3556 START_PROFILE(SMBwritebraw);
3559 * If we ever reply with an error, it must have the SMB command
3560 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3563 SCVAL(req->inbuf,smb_com,SMBwritec);
3565 if (srv_is_signing_active(smbd_server_conn)) {
3566 END_PROFILE(SMBwritebraw);
3567 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3568 "raw reads/writes are disallowed.");
3571 if (req->wct < 12) {
3572 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3573 error_to_writebrawerr(req);
3574 END_PROFILE(SMBwritebraw);
3578 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3579 if (!check_fsp(conn, req, fsp)) {
3580 error_to_writebrawerr(req);
3581 END_PROFILE(SMBwritebraw);
3585 if (!CHECK_WRITE(fsp)) {
3586 reply_doserror(req, ERRDOS, ERRbadaccess);
3587 error_to_writebrawerr(req);
3588 END_PROFILE(SMBwritebraw);
3592 tcount = IVAL(req->vwv+1, 0);
3593 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3594 write_through = BITSETW(req->vwv+7,0);
3596 /* We have to deal with slightly different formats depending
3597 on whether we are using the core+ or lanman1.0 protocol */
3599 if(Protocol <= PROTOCOL_COREPLUS) {
3600 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3601 data = smb_buf(req->inbuf);
3603 numtowrite = SVAL(req->vwv+10, 0);
3604 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3607 /* Ensure we don't write bytes past the end of this packet. */
3608 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3609 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3610 error_to_writebrawerr(req);
3611 END_PROFILE(SMBwritebraw);
3615 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3616 (uint64_t)startpos, (uint64_t)tcount, WRITE_LOCK,
3619 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3620 reply_doserror(req, ERRDOS, ERRlock);
3621 error_to_writebrawerr(req);
3622 END_PROFILE(SMBwritebraw);
3627 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3630 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3631 "wrote=%d sync=%d\n",
3632 fsp->fnum, (double)startpos, (int)numtowrite,
3633 (int)nwritten, (int)write_through));
3635 if (nwritten < (ssize_t)numtowrite) {
3636 reply_unixerror(req, ERRHRD, ERRdiskfull);
3637 error_to_writebrawerr(req);
3641 total_written = nwritten;
3643 /* Allocate a buffer of 64k + length. */
3644 buf = TALLOC_ARRAY(NULL, char, 65540);
3646 reply_doserror(req, ERRDOS, ERRnomem);
3647 error_to_writebrawerr(req);
3651 /* Return a SMBwritebraw message to the redirector to tell
3652 * it to send more bytes */
3654 memcpy(buf, req->inbuf, smb_size);
3655 srv_set_message(buf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3656 SCVAL(buf,smb_com,SMBwritebraw);
3657 SSVALS(buf,smb_vwv0,0xFFFF);
3659 if (!srv_send_smb(smbd_server_fd(),
3661 false, 0, /* no signing */
3662 IS_CONN_ENCRYPTED(conn),
3664 exit_server_cleanly("reply_writebraw: srv_send_smb "
3668 /* Now read the raw data into the buffer and write it */
3669 status = read_smb_length(smbd_server_fd(), buf, SMB_SECONDARY_WAIT,
3671 if (!NT_STATUS_IS_OK(status)) {
3672 exit_server_cleanly("secondary writebraw failed");
3675 /* Set up outbuf to return the correct size */
3676 reply_outbuf(req, 1, 0);
3678 if (numtowrite != 0) {
3680 if (numtowrite > 0xFFFF) {
3681 DEBUG(0,("reply_writebraw: Oversize secondary write "
3682 "raw requested (%u). Terminating\n",
3683 (unsigned int)numtowrite ));
3684 exit_server_cleanly("secondary writebraw failed");
3687 if (tcount > nwritten+numtowrite) {
3688 DEBUG(3,("reply_writebraw: Client overestimated the "
3690 (int)tcount,(int)nwritten,(int)numtowrite));
3693 status = read_data(smbd_server_fd(), buf+4, numtowrite);
3695 if (!NT_STATUS_IS_OK(status)) {
3696 DEBUG(0,("reply_writebraw: Oversize secondary write "
3697 "raw read failed (%s). Terminating\n",
3698 nt_errstr(status)));
3699 exit_server_cleanly("secondary writebraw failed");
3702 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
3703 if (nwritten == -1) {
3705 reply_unixerror(req, ERRHRD, ERRdiskfull);
3706 error_to_writebrawerr(req);
3710 if (nwritten < (ssize_t)numtowrite) {
3711 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3712 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3716 total_written += nwritten;
3721 SSVAL(req->outbuf,smb_vwv0,total_written);
3723 status = sync_file(conn, fsp, write_through);
3724 if (!NT_STATUS_IS_OK(status)) {
3725 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3726 fsp->fsp_name, nt_errstr(status) ));
3727 reply_nterror(req, status);
3728 error_to_writebrawerr(req);
3732 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3734 fsp->fnum, (double)startpos, (int)numtowrite,
3735 (int)total_written));
3737 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3739 /* We won't return a status if write through is not selected - this
3740 * follows what WfWg does */
3741 END_PROFILE(SMBwritebraw);
3743 if (!write_through && total_written==tcount) {
3745 #if RABBIT_PELLET_FIX
3747 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3748 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3751 if (!send_keepalive(smbd_server_fd())) {
3752 exit_server_cleanly("reply_writebraw: send of "
3753 "keepalive failed");
3756 TALLOC_FREE(req->outbuf);
3761 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3763 END_PROFILE(SMBwritebraw);
3768 #define DBGC_CLASS DBGC_LOCKING
3770 /****************************************************************************
3771 Reply to a writeunlock (core+).
3772 ****************************************************************************/
3774 void reply_writeunlock(struct smb_request *req)
3776 connection_struct *conn = req->conn;
3777 ssize_t nwritten = -1;
3781 NTSTATUS status = NT_STATUS_OK;
3783 struct lock_struct lock;
3785 START_PROFILE(SMBwriteunlock);
3788 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3789 END_PROFILE(SMBwriteunlock);
3793 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3795 if (!check_fsp(conn, req, fsp)) {
3796 END_PROFILE(SMBwriteunlock);
3800 if (!CHECK_WRITE(fsp)) {
3801 reply_doserror(req, ERRDOS,ERRbadaccess);
3802 END_PROFILE(SMBwriteunlock);
3806 numtowrite = SVAL(req->vwv+1, 0);
3807 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3808 data = (const char *)req->buf + 3;
3811 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3812 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
3815 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3816 reply_doserror(req, ERRDOS, ERRlock);
3817 END_PROFILE(SMBwriteunlock);
3822 /* The special X/Open SMB protocol handling of
3823 zero length writes is *NOT* done for
3825 if(numtowrite == 0) {
3828 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3831 status = sync_file(conn, fsp, False /* write through */);
3832 if (!NT_STATUS_IS_OK(status)) {
3833 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3834 fsp->fsp_name, nt_errstr(status) ));
3835 reply_nterror(req, status);
3839 if(((nwritten < numtowrite) && (numtowrite != 0))||(nwritten < 0)) {
3840 reply_unixerror(req, ERRHRD, ERRdiskfull);
3845 status = do_unlock(smbd_messaging_context(),
3848 (uint64_t)numtowrite,
3852 if (NT_STATUS_V(status)) {
3853 reply_nterror(req, status);
3858 reply_outbuf(req, 1, 0);
3860 SSVAL(req->outbuf,smb_vwv0,nwritten);
3862 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3863 fsp->fnum, (int)numtowrite, (int)nwritten));
3867 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3870 END_PROFILE(SMBwriteunlock);
3875 #define DBGC_CLASS DBGC_ALL
3877 /****************************************************************************
3879 ****************************************************************************/
3881 void reply_write(struct smb_request *req)
3883 connection_struct *conn = req->conn;
3885 ssize_t nwritten = -1;
3889 struct lock_struct lock;
3892 START_PROFILE(SMBwrite);
3895 END_PROFILE(SMBwrite);
3896 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3900 /* If it's an IPC, pass off the pipe handler. */
3902 reply_pipe_write(req);
3903 END_PROFILE(SMBwrite);
3907 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3909 if (!check_fsp(conn, req, fsp)) {
3910 END_PROFILE(SMBwrite);
3914 if (!CHECK_WRITE(fsp)) {
3915 reply_doserror(req, ERRDOS, ERRbadaccess);
3916 END_PROFILE(SMBwrite);
3920 numtowrite = SVAL(req->vwv+1, 0);
3921 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3922 data = (const char *)req->buf + 3;
3924 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3925 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
3928 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3929 reply_doserror(req, ERRDOS, ERRlock);
3930 END_PROFILE(SMBwrite);
3935 * X/Open SMB protocol says that if smb_vwv1 is
3936 * zero then the file size should be extended or
3937 * truncated to the size given in smb_vwv[2-3].
3940 if(numtowrite == 0) {
3942 * This is actually an allocate call, and set EOF. JRA.
3944 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
3946 reply_nterror(req, NT_STATUS_DISK_FULL);
3949 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
3951 reply_nterror(req, NT_STATUS_DISK_FULL);
3954 trigger_write_time_update_immediate(fsp);
3956 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3959 status = sync_file(conn, fsp, False);
3960 if (!NT_STATUS_IS_OK(status)) {
3961 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3962 fsp->fsp_name, nt_errstr(status) ));
3963 reply_nterror(req, status);
3967 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3968 reply_unixerror(req, ERRHRD, ERRdiskfull);
3972 reply_outbuf(req, 1, 0);
3974 SSVAL(req->outbuf,smb_vwv0,nwritten);
3976 if (nwritten < (ssize_t)numtowrite) {
3977 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3978 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3981 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3984 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3986 END_PROFILE(SMBwrite);
3990 /****************************************************************************
3991 Ensure a buffer is a valid writeX for recvfile purposes.
3992 ****************************************************************************/
3994 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
3995 (2*14) + /* word count (including bcc) */ \
3998 bool is_valid_writeX_buffer(const uint8_t *inbuf)
4001 connection_struct *conn = NULL;
4002 unsigned int doff = 0;
4003 size_t len = smb_len_large(inbuf);
4005 if (is_encrypted_packet(inbuf)) {
4006 /* Can't do this on encrypted
4011 if (CVAL(inbuf,smb_com) != SMBwriteX) {
4015 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
4016 CVAL(inbuf,smb_wct) != 14) {
4017 DEBUG(10,("is_valid_writeX_buffer: chained or "
4018 "invalid word length.\n"));
4022 conn = conn_find(SVAL(inbuf, smb_tid));
4024 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4028 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4031 if (IS_PRINT(conn)) {
4032 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4035 doff = SVAL(inbuf,smb_vwv11);
4037 numtowrite = SVAL(inbuf,smb_vwv10);
4039 if (len > doff && len - doff > 0xFFFF) {
4040 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
4043 if (numtowrite == 0) {
4044 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4048 /* Ensure the sizes match up. */
4049 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
4050 /* no pad byte...old smbclient :-( */
4051 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4053 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
4057 if (len - doff != numtowrite) {
4058 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4059 "len = %u, doff = %u, numtowrite = %u\n",
4062 (unsigned int)numtowrite ));
4066 DEBUG(10,("is_valid_writeX_buffer: true "
4067 "len = %u, doff = %u, numtowrite = %u\n",
4070 (unsigned int)numtowrite ));
4075 /****************************************************************************
4076 Reply to a write and X.
4077 ****************************************************************************/
4079 void reply_write_and_X(struct smb_request *req)
4081 connection_struct *conn = req->conn;
4083 struct lock_struct lock;
4088 unsigned int smb_doff;
4089 unsigned int smblen;
4093 START_PROFILE(SMBwriteX);
4095 if ((req->wct != 12) && (req->wct != 14)) {
4096 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4097 END_PROFILE(SMBwriteX);
4101 numtowrite = SVAL(req->vwv+10, 0);
4102 smb_doff = SVAL(req->vwv+11, 0);
4103 smblen = smb_len(req->inbuf);
4105 if (req->unread_bytes > 0xFFFF ||
4106 (smblen > smb_doff &&
4107 smblen - smb_doff > 0xFFFF)) {
4108 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4111 if (req->unread_bytes) {
4112 /* Can't do a recvfile write on IPC$ */
4114 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4115 END_PROFILE(SMBwriteX);
4118 if (numtowrite != req->unread_bytes) {
4119 reply_doserror(req, ERRDOS, ERRbadmem);
4120 END_PROFILE(SMBwriteX);
4124 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4125 smb_doff + numtowrite > smblen) {
4126 reply_doserror(req, ERRDOS, ERRbadmem);
4127 END_PROFILE(SMBwriteX);
4132 /* If it's an IPC, pass off the pipe handler. */
4134 if (req->unread_bytes) {
4135 reply_doserror(req, ERRDOS, ERRbadmem);
4136 END_PROFILE(SMBwriteX);
4139 reply_pipe_write_and_X(req);
4140 END_PROFILE(SMBwriteX);
4144 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4145 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4146 write_through = BITSETW(req->vwv+7,0);
4148 if (!check_fsp(conn, req, fsp)) {
4149 END_PROFILE(SMBwriteX);
4153 if (!CHECK_WRITE(fsp)) {
4154 reply_doserror(req, ERRDOS, ERRbadaccess);
4155 END_PROFILE(SMBwriteX);
4159 data = smb_base(req->inbuf) + smb_doff;
4161 if(req->wct == 14) {
4162 #ifdef LARGE_SMB_OFF_T
4164 * This is a large offset (64 bit) write.
4166 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4168 #else /* !LARGE_SMB_OFF_T */
4171 * Ensure we haven't been sent a >32 bit offset.
4174 if(IVAL(req->vwv+12, 0) != 0) {
4175 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4176 "used and we don't support 64 bit offsets.\n",
4177 (unsigned int)IVAL(req->vwv+12, 0) ));
4178 reply_doserror(req, ERRDOS, ERRbadaccess);
4179 END_PROFILE(SMBwriteX);
4183 #endif /* LARGE_SMB_OFF_T */
4186 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4187 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4190 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4191 reply_doserror(req, ERRDOS, ERRlock);
4192 END_PROFILE(SMBwriteX);
4196 /* X/Open SMB protocol says that, unlike SMBwrite
4197 if the length is zero then NO truncation is
4198 done, just a write of zero. To truncate a file,
4201 if(numtowrite == 0) {
4205 if ((req->unread_bytes == 0) &&
4206 schedule_aio_write_and_X(conn, req, fsp, data, startpos,
4211 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4214 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4215 reply_unixerror(req, ERRHRD, ERRdiskfull);
4219 reply_outbuf(req, 6, 0);
4220 SSVAL(req->outbuf,smb_vwv2,nwritten);
4221 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4223 if (nwritten < (ssize_t)numtowrite) {
4224 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4225 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4228 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4229 fsp->fnum, (int)numtowrite, (int)nwritten));
4231 status = sync_file(conn, fsp, write_through);
4232 if (!NT_STATUS_IS_OK(status)) {
4233 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4234 fsp->fsp_name, nt_errstr(status) ));
4235 reply_nterror(req, status);
4239 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4241 END_PROFILE(SMBwriteX);
4246 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4248 END_PROFILE(SMBwriteX);
4252 /****************************************************************************
4254 ****************************************************************************/
4256 void reply_lseek(struct smb_request *req)
4258 connection_struct *conn = req->conn;
4264 START_PROFILE(SMBlseek);
4267 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4268 END_PROFILE(SMBlseek);
4272 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4274 if (!check_fsp(conn, req, fsp)) {
4278 flush_write_cache(fsp, SEEK_FLUSH);
4280 mode = SVAL(req->vwv+1, 0) & 3;
4281 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4282 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4291 res = fsp->fh->pos + startpos;
4302 if (umode == SEEK_END) {
4303 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4304 if(errno == EINVAL) {
4305 SMB_OFF_T current_pos = startpos;
4306 SMB_STRUCT_STAT sbuf;
4308 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
4309 reply_unixerror(req, ERRDOS,
4311 END_PROFILE(SMBlseek);
4315 current_pos += sbuf.st_size;
4317 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4322 reply_unixerror(req, ERRDOS, ERRnoaccess);
4323 END_PROFILE(SMBlseek);
4330 reply_outbuf(req, 2, 0);
4331 SIVAL(req->outbuf,smb_vwv0,res);
4333 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4334 fsp->fnum, (double)startpos, (double)res, mode));
4336 END_PROFILE(SMBlseek);
4340 /****************************************************************************
4342 ****************************************************************************/
4344 void reply_flush(struct smb_request *req)
4346 connection_struct *conn = req->conn;
4350 START_PROFILE(SMBflush);
4353 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4357 fnum = SVAL(req->vwv+0, 0);
4358 fsp = file_fsp(req, fnum);
4360 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4365 file_sync_all(conn);
4367 NTSTATUS status = sync_file(conn, fsp, True);
4368 if (!NT_STATUS_IS_OK(status)) {
4369 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4370 fsp->fsp_name, nt_errstr(status) ));
4371 reply_nterror(req, status);
4372 END_PROFILE(SMBflush);
4377 reply_outbuf(req, 0, 0);
4379 DEBUG(3,("flush\n"));
4380 END_PROFILE(SMBflush);
4384 /****************************************************************************
4386 conn POINTER CAN BE NULL HERE !
4387 ****************************************************************************/
4389 void reply_exit(struct smb_request *req)
4391 START_PROFILE(SMBexit);
4393 file_close_pid(req->smbpid, req->vuid);
4395 reply_outbuf(req, 0, 0);
4397 DEBUG(3,("exit\n"));
4399 END_PROFILE(SMBexit);
4403 /****************************************************************************
4404 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4405 ****************************************************************************/
4407 void reply_close(struct smb_request *req)
4409 connection_struct *conn = req->conn;
4410 NTSTATUS status = NT_STATUS_OK;
4411 files_struct *fsp = NULL;
4412 START_PROFILE(SMBclose);
4415 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4416 END_PROFILE(SMBclose);
4420 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4423 * We can only use check_fsp if we know it's not a directory.
4426 if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) {
4427 reply_doserror(req, ERRDOS, ERRbadfid);
4428 END_PROFILE(SMBclose);
4432 if(fsp->is_directory) {
4434 * Special case - close NT SMB directory handle.
4436 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4437 status = close_file(req, fsp, NORMAL_CLOSE);
4441 * Close ordinary file.
4444 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4445 fsp->fh->fd, fsp->fnum,
4446 conn->num_files_open));
4449 * Take care of any time sent in the close.
4452 t = srv_make_unix_date3(req->vwv+1);
4453 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4456 * close_file() returns the unix errno if an error
4457 * was detected on close - normally this is due to
4458 * a disk full error. If not then it was probably an I/O error.
4461 status = close_file(req, fsp, NORMAL_CLOSE);
4464 if (!NT_STATUS_IS_OK(status)) {
4465 reply_nterror(req, status);
4466 END_PROFILE(SMBclose);
4470 reply_outbuf(req, 0, 0);
4471 END_PROFILE(SMBclose);
4475 /****************************************************************************
4476 Reply to a writeclose (Core+ protocol).
4477 ****************************************************************************/
4479 void reply_writeclose(struct smb_request *req)
4481 connection_struct *conn = req->conn;
4483 ssize_t nwritten = -1;
4484 NTSTATUS close_status = NT_STATUS_OK;
4487 struct timespec mtime;
4489 struct lock_struct lock;
4491 START_PROFILE(SMBwriteclose);
4494 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4495 END_PROFILE(SMBwriteclose);
4499 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4501 if (!check_fsp(conn, req, fsp)) {
4502 END_PROFILE(SMBwriteclose);
4505 if (!CHECK_WRITE(fsp)) {
4506 reply_doserror(req, ERRDOS,ERRbadaccess);
4507 END_PROFILE(SMBwriteclose);
4511 numtowrite = SVAL(req->vwv+1, 0);
4512 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4513 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4514 data = (const char *)req->buf + 1;
4517 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4518 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4521 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4522 reply_doserror(req, ERRDOS,ERRlock);
4523 END_PROFILE(SMBwriteclose);
4528 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4530 set_close_write_time(fsp, mtime);
4533 * More insanity. W2K only closes the file if writelen > 0.
4538 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4540 close_status = close_file(req, fsp, NORMAL_CLOSE);
4543 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4544 fsp->fnum, (int)numtowrite, (int)nwritten,
4545 conn->num_files_open));
4547 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4548 reply_doserror(req, ERRHRD, ERRdiskfull);
4552 if(!NT_STATUS_IS_OK(close_status)) {
4553 reply_nterror(req, close_status);
4557 reply_outbuf(req, 1, 0);
4559 SSVAL(req->outbuf,smb_vwv0,nwritten);
4563 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4566 END_PROFILE(SMBwriteclose);
4571 #define DBGC_CLASS DBGC_LOCKING
4573 /****************************************************************************
4575 ****************************************************************************/
4577 void reply_lock(struct smb_request *req)
4579 connection_struct *conn = req->conn;
4580 uint64_t count,offset;
4583 struct byte_range_lock *br_lck = NULL;
4585 START_PROFILE(SMBlock);
4588 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4589 END_PROFILE(SMBlock);
4593 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4595 if (!check_fsp(conn, req, fsp)) {
4596 END_PROFILE(SMBlock);
4600 count = (uint64_t)IVAL(req->vwv+1, 0);
4601 offset = (uint64_t)IVAL(req->vwv+3, 0);
4603 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4604 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
4606 br_lck = do_lock(smbd_messaging_context(),
4613 False, /* Non-blocking lock. */
4618 TALLOC_FREE(br_lck);
4620 if (NT_STATUS_V(status)) {
4621 reply_nterror(req, status);
4622 END_PROFILE(SMBlock);
4626 reply_outbuf(req, 0, 0);
4628 END_PROFILE(SMBlock);
4632 /****************************************************************************
4634 ****************************************************************************/
4636 void reply_unlock(struct smb_request *req)
4638 connection_struct *conn = req->conn;
4639 uint64_t count,offset;
4643 START_PROFILE(SMBunlock);
4646 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4647 END_PROFILE(SMBunlock);
4651 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4653 if (!check_fsp(conn, req, fsp)) {
4654 END_PROFILE(SMBunlock);
4658 count = (uint64_t)IVAL(req->vwv+1, 0);
4659 offset = (uint64_t)IVAL(req->vwv+3, 0);
4661 status = do_unlock(smbd_messaging_context(),
4668 if (NT_STATUS_V(status)) {
4669 reply_nterror(req, status);
4670 END_PROFILE(SMBunlock);
4674 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4675 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
4677 reply_outbuf(req, 0, 0);
4679 END_PROFILE(SMBunlock);
4684 #define DBGC_CLASS DBGC_ALL
4686 /****************************************************************************
4688 conn POINTER CAN BE NULL HERE !
4689 ****************************************************************************/
4691 void reply_tdis(struct smb_request *req)
4693 connection_struct *conn = req->conn;
4694 START_PROFILE(SMBtdis);
4697 DEBUG(4,("Invalid connection in tdis\n"));
4698 reply_doserror(req, ERRSRV, ERRinvnid);
4699 END_PROFILE(SMBtdis);
4705 close_cnum(conn,req->vuid);
4708 reply_outbuf(req, 0, 0);
4709 END_PROFILE(SMBtdis);
4713 /****************************************************************************
4715 conn POINTER CAN BE NULL HERE !
4716 ****************************************************************************/
4718 void reply_echo(struct smb_request *req)
4720 connection_struct *conn = req->conn;
4721 struct smb_perfcount_data local_pcd;
4722 struct smb_perfcount_data *cur_pcd;
4726 START_PROFILE(SMBecho);
4728 smb_init_perfcount_data(&local_pcd);
4731 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4732 END_PROFILE(SMBecho);
4736 smb_reverb = SVAL(req->vwv+0, 0);
4738 reply_outbuf(req, 1, req->buflen);
4740 /* copy any incoming data back out */
4741 if (req->buflen > 0) {
4742 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
4745 if (smb_reverb > 100) {
4746 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
4750 for (seq_num = 1 ; seq_num <= smb_reverb ; seq_num++) {
4752 /* this makes sure we catch the request pcd */
4753 if (seq_num == smb_reverb) {
4754 cur_pcd = &req->pcd;
4756 SMB_PERFCOUNT_COPY_CONTEXT(&req->pcd, &local_pcd);
4757 cur_pcd = &local_pcd;
4760 SSVAL(req->outbuf,smb_vwv0,seq_num);
4762 show_msg((char *)req->outbuf);
4763 if (!srv_send_smb(smbd_server_fd(),
4764 (char *)req->outbuf,
4765 true, req->seqnum+1,
4766 IS_CONN_ENCRYPTED(conn)||req->encrypted,
4768 exit_server_cleanly("reply_echo: srv_send_smb failed.");
4771 DEBUG(3,("echo %d times\n", smb_reverb));
4773 TALLOC_FREE(req->outbuf);
4775 END_PROFILE(SMBecho);
4779 /****************************************************************************
4780 Reply to a printopen.
4781 ****************************************************************************/
4783 void reply_printopen(struct smb_request *req)
4785 connection_struct *conn = req->conn;
4787 SMB_STRUCT_STAT sbuf;
4790 START_PROFILE(SMBsplopen);
4793 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4794 END_PROFILE(SMBsplopen);
4798 if (!CAN_PRINT(conn)) {
4799 reply_doserror(req, ERRDOS, ERRnoaccess);
4800 END_PROFILE(SMBsplopen);
4804 status = file_new(req, conn, &fsp);
4805 if(!NT_STATUS_IS_OK(status)) {
4806 reply_nterror(req, status);
4807 END_PROFILE(SMBsplopen);
4811 /* Open for exclusive use, write only. */
4812 status = print_fsp_open(req, conn, NULL, req->vuid, fsp, &sbuf);
4814 if (!NT_STATUS_IS_OK(status)) {
4815 reply_nterror(req, status);
4816 END_PROFILE(SMBsplopen);
4820 reply_outbuf(req, 1, 0);
4821 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
4823 DEBUG(3,("openprint fd=%d fnum=%d\n",
4824 fsp->fh->fd, fsp->fnum));
4826 END_PROFILE(SMBsplopen);
4830 /****************************************************************************
4831 Reply to a printclose.
4832 ****************************************************************************/
4834 void reply_printclose(struct smb_request *req)
4836 connection_struct *conn = req->conn;
4840 START_PROFILE(SMBsplclose);
4843 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4844 END_PROFILE(SMBsplclose);
4848 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4850 if (!check_fsp(conn, req, fsp)) {
4851 END_PROFILE(SMBsplclose);
4855 if (!CAN_PRINT(conn)) {
4856 reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRerror));
4857 END_PROFILE(SMBsplclose);
4861 DEBUG(3,("printclose fd=%d fnum=%d\n",
4862 fsp->fh->fd,fsp->fnum));
4864 status = close_file(req, fsp, NORMAL_CLOSE);
4866 if(!NT_STATUS_IS_OK(status)) {
4867 reply_nterror(req, status);
4868 END_PROFILE(SMBsplclose);
4872 reply_outbuf(req, 0, 0);
4874 END_PROFILE(SMBsplclose);
4878 /****************************************************************************
4879 Reply to a printqueue.
4880 ****************************************************************************/
4882 void reply_printqueue(struct smb_request *req)
4884 connection_struct *conn = req->conn;
4888 START_PROFILE(SMBsplretq);
4891 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4892 END_PROFILE(SMBsplretq);
4896 max_count = SVAL(req->vwv+0, 0);
4897 start_index = SVAL(req->vwv+1, 0);
4899 /* we used to allow the client to get the cnum wrong, but that
4900 is really quite gross and only worked when there was only
4901 one printer - I think we should now only accept it if they
4902 get it right (tridge) */
4903 if (!CAN_PRINT(conn)) {
4904 reply_doserror(req, ERRDOS, ERRnoaccess);
4905 END_PROFILE(SMBsplretq);
4909 reply_outbuf(req, 2, 3);
4910 SSVAL(req->outbuf,smb_vwv0,0);
4911 SSVAL(req->outbuf,smb_vwv1,0);
4912 SCVAL(smb_buf(req->outbuf),0,1);
4913 SSVAL(smb_buf(req->outbuf),1,0);
4915 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4916 start_index, max_count));
4919 print_queue_struct *queue = NULL;
4920 print_status_struct status;
4921 int count = print_queue_status(SNUM(conn), &queue, &status);
4922 int num_to_get = ABS(max_count);
4923 int first = (max_count>0?start_index:start_index+max_count+1);
4929 num_to_get = MIN(num_to_get,count-first);
4932 for (i=first;i<first+num_to_get;i++) {
4936 srv_put_dos_date2(p,0,queue[i].time);
4937 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
4938 SSVAL(p,5, queue[i].job);
4939 SIVAL(p,7,queue[i].size);
4941 srvstr_push(blob, req->flags2, p+12,
4942 queue[i].fs_user, 16, STR_ASCII);
4944 if (message_push_blob(
4947 blob, sizeof(blob))) == -1) {
4948 reply_nterror(req, NT_STATUS_NO_MEMORY);
4949 END_PROFILE(SMBsplretq);
4955 SSVAL(req->outbuf,smb_vwv0,count);
4956 SSVAL(req->outbuf,smb_vwv1,
4957 (max_count>0?first+count:first-1));
4958 SCVAL(smb_buf(req->outbuf),0,1);
4959 SSVAL(smb_buf(req->outbuf),1,28*count);
4964 DEBUG(3,("%d entries returned in queue\n",count));
4967 END_PROFILE(SMBsplretq);
4971 /****************************************************************************
4972 Reply to a printwrite.
4973 ****************************************************************************/
4975 void reply_printwrite(struct smb_request *req)
4977 connection_struct *conn = req->conn;
4982 START_PROFILE(SMBsplwr);
4985 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4986 END_PROFILE(SMBsplwr);
4990 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4992 if (!check_fsp(conn, req, fsp)) {
4993 END_PROFILE(SMBsplwr);
4997 if (!CAN_PRINT(conn)) {
4998 reply_doserror(req, ERRDOS, ERRnoaccess);
4999 END_PROFILE(SMBsplwr);
5003 if (!CHECK_WRITE(fsp)) {
5004 reply_doserror(req, ERRDOS, ERRbadaccess);
5005 END_PROFILE(SMBsplwr);
5009 numtowrite = SVAL(req->buf, 1);
5011 if (req->buflen < numtowrite + 3) {
5012 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5013 END_PROFILE(SMBsplwr);
5017 data = (const char *)req->buf + 3;
5019 if (write_file(req,fsp,data,-1,numtowrite) != numtowrite) {
5020 reply_unixerror(req, ERRHRD, ERRdiskfull);
5021 END_PROFILE(SMBsplwr);
5025 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
5027 END_PROFILE(SMBsplwr);
5031 /****************************************************************************
5033 ****************************************************************************/
5035 void reply_mkdir(struct smb_request *req)
5037 connection_struct *conn = req->conn;
5038 char *directory = NULL;
5040 SMB_STRUCT_STAT sbuf;
5041 TALLOC_CTX *ctx = talloc_tos();
5043 START_PROFILE(SMBmkdir);
5045 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5046 STR_TERMINATE, &status);
5047 if (!NT_STATUS_IS_OK(status)) {
5048 reply_nterror(req, status);
5049 END_PROFILE(SMBmkdir);
5053 status = resolve_dfspath(ctx, conn,
5054 req->flags2 & FLAGS2_DFS_PATHNAMES,
5057 if (!NT_STATUS_IS_OK(status)) {
5058 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5059 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5060 ERRSRV, ERRbadpath);
5061 END_PROFILE(SMBmkdir);
5064 reply_nterror(req, status);
5065 END_PROFILE(SMBmkdir);
5069 status = unix_convert(ctx, conn, directory, False, &directory, NULL, &sbuf);
5070 if (!NT_STATUS_IS_OK(status)) {
5071 reply_nterror(req, status);
5072 END_PROFILE(SMBmkdir);
5076 status = check_name(conn, directory);
5077 if (!NT_STATUS_IS_OK(status)) {
5078 reply_nterror(req, status);
5079 END_PROFILE(SMBmkdir);
5083 status = create_directory(conn, req, directory);
5085 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
5087 if (!NT_STATUS_IS_OK(status)) {
5089 if (!use_nt_status()
5090 && NT_STATUS_EQUAL(status,
5091 NT_STATUS_OBJECT_NAME_COLLISION)) {
5093 * Yes, in the DOS error code case we get a
5094 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5095 * samba4 torture test.
5097 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
5100 reply_nterror(req, status);
5101 END_PROFILE(SMBmkdir);
5105 reply_outbuf(req, 0, 0);
5107 DEBUG( 3, ( "mkdir %s\n", directory ) );
5109 END_PROFILE(SMBmkdir);
5113 /****************************************************************************
5114 Static function used by reply_rmdir to delete an entire directory
5115 tree recursively. Return True on ok, False on fail.
5116 ****************************************************************************/
5118 static bool recursive_rmdir(TALLOC_CTX *ctx,
5119 connection_struct *conn,
5122 const char *dname = NULL;
5126 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn, directory,
5132 while((dname = ReadDirName(dir_hnd, &offset, &st))) {
5133 char *fullname = NULL;
5135 if (ISDOT(dname) || ISDOTDOT(dname)) {
5139 if (!is_visible_file(conn, directory, dname, &st, False)) {
5143 /* Construct the full name. */
5144 fullname = talloc_asprintf(ctx,
5154 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
5159 if(st.st_mode & S_IFDIR) {
5160 if(!recursive_rmdir(ctx, conn, fullname)) {
5164 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5168 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5172 TALLOC_FREE(fullname);
5174 TALLOC_FREE(dir_hnd);
5178 /****************************************************************************
5179 The internals of the rmdir code - called elsewhere.
5180 ****************************************************************************/
5182 NTSTATUS rmdir_internals(TALLOC_CTX *ctx,
5183 connection_struct *conn,
5184 const char *directory)
5189 /* Might be a symlink. */
5190 if(SMB_VFS_LSTAT(conn, directory, &st) != 0) {
5191 return map_nt_error_from_unix(errno);
5194 if (S_ISLNK(st.st_mode)) {
5195 /* Is what it points to a directory ? */
5196 if(SMB_VFS_STAT(conn, directory, &st) != 0) {
5197 return map_nt_error_from_unix(errno);
5199 if (!(S_ISDIR(st.st_mode))) {
5200 return NT_STATUS_NOT_A_DIRECTORY;
5202 ret = SMB_VFS_UNLINK(conn,directory);
5204 ret = SMB_VFS_RMDIR(conn,directory);
5207 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5208 FILE_NOTIFY_CHANGE_DIR_NAME,
5210 return NT_STATUS_OK;
5213 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
5215 * Check to see if the only thing in this directory are
5216 * vetoed files/directories. If so then delete them and
5217 * retry. If we fail to delete any of them (and we *don't*
5218 * do a recursive delete) then fail the rmdir.
5222 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn,
5223 directory, NULL, 0);
5225 if(dir_hnd == NULL) {
5230 while ((dname = ReadDirName(dir_hnd, &dirpos, &st))) {
5231 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
5233 if (!is_visible_file(conn, directory, dname, &st, False))
5235 if(!IS_VETO_PATH(conn, dname)) {
5236 TALLOC_FREE(dir_hnd);
5242 /* We only have veto files/directories.
5243 * Are we allowed to delete them ? */
5245 if(!lp_recursive_veto_delete(SNUM(conn))) {
5246 TALLOC_FREE(dir_hnd);
5251 /* Do a recursive delete. */
5252 RewindDir(dir_hnd,&dirpos);
5253 while ((dname = ReadDirName(dir_hnd, &dirpos, &st))) {
5254 char *fullname = NULL;
5256 if (ISDOT(dname) || ISDOTDOT(dname)) {
5259 if (!is_visible_file(conn, directory, dname, &st, False)) {
5263 fullname = talloc_asprintf(ctx,
5273 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
5276 if(st.st_mode & S_IFDIR) {
5277 if(!recursive_rmdir(ctx, conn, fullname)) {
5280 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5283 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5286 TALLOC_FREE(fullname);
5288 TALLOC_FREE(dir_hnd);
5289 /* Retry the rmdir */
5290 ret = SMB_VFS_RMDIR(conn,directory);
5296 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
5297 "%s\n", directory,strerror(errno)));
5298 return map_nt_error_from_unix(errno);
5301 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5302 FILE_NOTIFY_CHANGE_DIR_NAME,
5305 return NT_STATUS_OK;
5308 /****************************************************************************
5310 ****************************************************************************/
5312 void reply_rmdir(struct smb_request *req)
5314 connection_struct *conn = req->conn;
5315 char *directory = NULL;
5316 SMB_STRUCT_STAT sbuf;
5318 TALLOC_CTX *ctx = talloc_tos();
5320 START_PROFILE(SMBrmdir);
5322 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5323 STR_TERMINATE, &status);
5324 if (!NT_STATUS_IS_OK(status)) {
5325 reply_nterror(req, status);
5326 END_PROFILE(SMBrmdir);
5330 status = resolve_dfspath(ctx, conn,
5331 req->flags2 & FLAGS2_DFS_PATHNAMES,
5334 if (!NT_STATUS_IS_OK(status)) {
5335 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5336 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5337 ERRSRV, ERRbadpath);
5338 END_PROFILE(SMBrmdir);
5341 reply_nterror(req, status);
5342 END_PROFILE(SMBrmdir);
5346 status = unix_convert(ctx, conn, directory, False, &directory,
5348 if (!NT_STATUS_IS_OK(status)) {
5349 reply_nterror(req, status);
5350 END_PROFILE(SMBrmdir);
5354 status = check_name(conn, directory);
5355 if (!NT_STATUS_IS_OK(status)) {
5356 reply_nterror(req, status);
5357 END_PROFILE(SMBrmdir);
5361 dptr_closepath(directory, req->smbpid);
5362 status = rmdir_internals(ctx, conn, directory);
5363 if (!NT_STATUS_IS_OK(status)) {
5364 reply_nterror(req, status);
5365 END_PROFILE(SMBrmdir);
5369 reply_outbuf(req, 0, 0);
5371 DEBUG( 3, ( "rmdir %s\n", directory ) );
5373 END_PROFILE(SMBrmdir);
5377 /*******************************************************************
5378 Resolve wildcards in a filename rename.
5379 ********************************************************************/
5381 static bool resolve_wildcards(TALLOC_CTX *ctx,
5386 char *name2_copy = NULL;
5391 char *p,*p2, *pname1, *pname2;
5393 name2_copy = talloc_strdup(ctx, name2);
5398 pname1 = strrchr_m(name1,'/');
5399 pname2 = strrchr_m(name2_copy,'/');
5401 if (!pname1 || !pname2) {
5405 /* Truncate the copy of name2 at the last '/' */
5408 /* Now go past the '/' */
5412 root1 = talloc_strdup(ctx, pname1);
5413 root2 = talloc_strdup(ctx, pname2);
5415 if (!root1 || !root2) {
5419 p = strrchr_m(root1,'.');
5422 ext1 = talloc_strdup(ctx, p+1);
5424 ext1 = talloc_strdup(ctx, "");
5426 p = strrchr_m(root2,'.');
5429 ext2 = talloc_strdup(ctx, p+1);
5431 ext2 = talloc_strdup(ctx, "");
5434 if (!ext1 || !ext2) {
5442 /* Hmmm. Should this be mb-aware ? */
5445 } else if (*p2 == '*') {
5447 root2 = talloc_asprintf(ctx, "%s%s",
5466 /* Hmmm. Should this be mb-aware ? */
5469 } else if (*p2 == '*') {
5471 ext2 = talloc_asprintf(ctx, "%s%s",
5487 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5492 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5504 /****************************************************************************
5505 Ensure open files have their names updated. Updated to notify other smbd's
5507 ****************************************************************************/
5509 static void rename_open_files(connection_struct *conn,
5510 struct share_mode_lock *lck,
5511 const char *newname)
5514 bool did_rename = False;
5516 for(fsp = file_find_di_first(lck->id); fsp;
5517 fsp = file_find_di_next(fsp)) {
5518 /* fsp_name is a relative path under the fsp. To change this for other
5519 sharepaths we need to manipulate relative paths. */
5520 /* TODO - create the absolute path and manipulate the newname
5521 relative to the sharepath. */
5522 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5525 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
5526 fsp->fnum, file_id_string_tos(&fsp->file_id),
5527 fsp->fsp_name, newname ));
5528 string_set(&fsp->fsp_name, newname);
5533 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
5534 file_id_string_tos(&lck->id), newname ));
5537 /* Send messages to all smbd's (not ourself) that the name has changed. */
5538 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
5542 /****************************************************************************
5543 We need to check if the source path is a parent directory of the destination
5544 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5545 refuse the rename with a sharing violation. Under UNIX the above call can
5546 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5547 probably need to check that the client is a Windows one before disallowing
5548 this as a UNIX client (one with UNIX extensions) can know the source is a
5549 symlink and make this decision intelligently. Found by an excellent bug
5550 report from <AndyLiebman@aol.com>.
5551 ****************************************************************************/
5553 static bool rename_path_prefix_equal(const char *src, const char *dest)
5555 const char *psrc = src;
5556 const char *pdst = dest;
5559 if (psrc[0] == '.' && psrc[1] == '/') {
5562 if (pdst[0] == '.' && pdst[1] == '/') {
5565 if ((slen = strlen(psrc)) > strlen(pdst)) {
5568 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5572 * Do the notify calls from a rename
5575 static void notify_rename(connection_struct *conn, bool is_dir,
5576 const char *oldpath, const char *newpath)
5578 char *olddir, *newdir;
5579 const char *oldname, *newname;
5582 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5583 : FILE_NOTIFY_CHANGE_FILE_NAME;
5585 if (!parent_dirname(talloc_tos(), oldpath, &olddir, &oldname)
5586 || !parent_dirname(talloc_tos(), newpath, &newdir, &newname)) {
5587 TALLOC_FREE(olddir);
5591 if (strcmp(olddir, newdir) == 0) {
5592 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
5593 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
5596 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
5597 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
5599 TALLOC_FREE(olddir);
5600 TALLOC_FREE(newdir);
5602 /* this is a strange one. w2k3 gives an additional event for
5603 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5604 files, but not directories */
5606 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5607 FILE_NOTIFY_CHANGE_ATTRIBUTES
5608 |FILE_NOTIFY_CHANGE_CREATION,
5613 /****************************************************************************
5614 Rename an open file - given an fsp.
5615 ****************************************************************************/
5617 NTSTATUS rename_internals_fsp(connection_struct *conn,
5620 const char *newname_last_component,
5622 bool replace_if_exists)
5624 TALLOC_CTX *ctx = talloc_tos();
5625 SMB_STRUCT_STAT sbuf, sbuf1;
5626 NTSTATUS status = NT_STATUS_OK;
5627 struct share_mode_lock *lck = NULL;
5628 bool dst_exists, old_is_stream, new_is_stream;
5632 status = check_name(conn, newname);
5633 if (!NT_STATUS_IS_OK(status)) {
5637 /* Ensure newname contains a '/' */
5638 if(strrchr_m(newname,'/') == 0) {
5639 newname = talloc_asprintf(ctx,
5643 return NT_STATUS_NO_MEMORY;
5648 * Check for special case with case preserving and not
5649 * case sensitive. If the old last component differs from the original
5650 * last component only by case, then we should allow
5651 * the rename (user is trying to change the case of the
5655 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5656 strequal(newname, fsp->fsp_name)) {
5658 char *newname_modified_last_component = NULL;
5661 * Get the last component of the modified name.
5662 * Note that we guarantee that newname contains a '/'
5665 p = strrchr_m(newname,'/');
5666 newname_modified_last_component = talloc_strdup(ctx,
5668 if (!newname_modified_last_component) {
5669 return NT_STATUS_NO_MEMORY;
5672 if(strcsequal(newname_modified_last_component,
5673 newname_last_component) == False) {
5675 * Replace the modified last component with
5678 *p = '\0'; /* Truncate at the '/' */
5679 newname = talloc_asprintf(ctx,
5682 newname_last_component);
5687 * If the src and dest names are identical - including case,
5688 * don't do the rename, just return success.
5691 if (strcsequal(fsp->fsp_name, newname)) {
5692 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
5694 return NT_STATUS_OK;
5697 old_is_stream = is_ntfs_stream_name(fsp->fsp_name);
5698 new_is_stream = is_ntfs_stream_name(newname);
5700 /* Return the correct error code if both names aren't streams. */
5701 if (!old_is_stream && new_is_stream) {
5702 return NT_STATUS_OBJECT_NAME_INVALID;
5705 if (old_is_stream && !new_is_stream) {
5706 return NT_STATUS_INVALID_PARAMETER;
5710 * Have vfs_object_exist also fill sbuf1
5712 dst_exists = vfs_object_exist(conn, newname, &sbuf1);
5714 if(!replace_if_exists && dst_exists) {
5715 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
5716 fsp->fsp_name,newname));
5717 return NT_STATUS_OBJECT_NAME_COLLISION;
5721 struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1);
5722 files_struct *dst_fsp = file_find_di_first(fileid);
5723 /* The file can be open when renaming a stream */
5724 if (dst_fsp && !new_is_stream) {
5725 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
5726 return NT_STATUS_ACCESS_DENIED;
5730 /* Ensure we have a valid stat struct for the source. */
5731 if (fsp->fh->fd != -1) {
5732 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
5733 return map_nt_error_from_unix(errno);
5737 if (fsp->posix_open) {
5738 ret = SMB_VFS_LSTAT(conn,fsp->fsp_name,&sbuf);
5740 ret = SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf);
5743 return map_nt_error_from_unix(errno);
5747 status = can_rename(conn, fsp, attrs, &sbuf);
5749 if (!NT_STATUS_IS_OK(status)) {
5750 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5751 nt_errstr(status), fsp->fsp_name,newname));
5752 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
5753 status = NT_STATUS_ACCESS_DENIED;
5757 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
5758 return NT_STATUS_ACCESS_DENIED;
5761 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
5765 * We have the file open ourselves, so not being able to get the
5766 * corresponding share mode lock is a fatal error.
5769 SMB_ASSERT(lck != NULL);
5771 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
5772 uint32 create_options = fsp->fh->private_options;
5774 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
5775 fsp->fsp_name,newname));
5777 notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
5779 rename_open_files(conn, lck, newname);
5782 * A rename acts as a new file create w.r.t. allowing an initial delete
5783 * on close, probably because in Windows there is a new handle to the
5784 * new file. If initial delete on close was requested but not
5785 * originally set, we need to set it here. This is probably not 100% correct,
5786 * but will work for the CIFSFS client which in non-posix mode
5787 * depends on these semantics. JRA.
5790 if (create_options & FILE_DELETE_ON_CLOSE) {
5791 status = can_set_delete_on_close(fsp, True, 0);
5793 if (NT_STATUS_IS_OK(status)) {
5794 /* Note that here we set the *inital* delete on close flag,
5795 * not the regular one. The magic gets handled in close. */
5796 fsp->initial_delete_on_close = True;
5800 return NT_STATUS_OK;
5805 if (errno == ENOTDIR || errno == EISDIR) {
5806 status = NT_STATUS_OBJECT_NAME_COLLISION;
5808 status = map_nt_error_from_unix(errno);
5811 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5812 nt_errstr(status), fsp->fsp_name,newname));
5817 /****************************************************************************
5818 The guts of the rename command, split out so it may be called by the NT SMB
5820 ****************************************************************************/
5822 NTSTATUS rename_internals(TALLOC_CTX *ctx,
5823 connection_struct *conn,
5824 struct smb_request *req,
5825 const char *name_in,
5826 const char *newname_in,
5828 bool replace_if_exists,
5831 uint32_t access_mask)
5833 char *directory = NULL;
5835 char *last_component_src = NULL;
5836 char *last_component_dest = NULL;
5838 char *newname = NULL;
5841 NTSTATUS status = NT_STATUS_OK;
5842 SMB_STRUCT_STAT sbuf1, sbuf2;
5843 struct smb_Dir *dir_hnd = NULL;
5846 int create_options = 0;
5847 bool posix_pathnames = lp_posix_pathnames();
5852 status = unix_convert(ctx, conn, name_in, src_has_wild, &name,
5853 &last_component_src, &sbuf1);
5854 if (!NT_STATUS_IS_OK(status)) {
5858 status = unix_convert(ctx, conn, newname_in, dest_has_wild, &newname,
5859 &last_component_dest, &sbuf2);
5860 if (!NT_STATUS_IS_OK(status)) {
5865 * Split the old name into directory and last component
5866 * strings. Note that unix_convert may have stripped off a
5867 * leading ./ from both name and newname if the rename is
5868 * at the root of the share. We need to make sure either both
5869 * name and newname contain a / character or neither of them do
5870 * as this is checked in resolve_wildcards().
5873 p = strrchr_m(name,'/');
5875 directory = talloc_strdup(ctx, ".");
5877 return NT_STATUS_NO_MEMORY;
5882 directory = talloc_strdup(ctx, name);
5884 return NT_STATUS_NO_MEMORY;
5887 *p = '/'; /* Replace needed for exceptional test below. */
5891 * We should only check the mangled cache
5892 * here if unix_convert failed. This means
5893 * that the path in 'mask' doesn't exist
5894 * on the file system and so we need to look
5895 * for a possible mangle. This patch from
5896 * Tine Smukavec <valentin.smukavec@hermes.si>.
5899 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
5900 char *new_mask = NULL;
5901 mangle_lookup_name_from_8_3(ctx,
5910 if (!src_has_wild) {
5914 * No wildcards - just process the one file.
5916 bool is_short_name = mangle_is_8_3(name, True, conn->params);
5918 /* Add a terminating '/' to the directory name. */
5919 directory = talloc_asprintf_append(directory,
5923 return NT_STATUS_NO_MEMORY;
5926 /* Ensure newname contains a '/' also */
5927 if(strrchr_m(newname,'/') == 0) {
5928 newname = talloc_asprintf(ctx,
5932 return NT_STATUS_NO_MEMORY;
5936 DEBUG(3, ("rename_internals: case_sensitive = %d, "
5937 "case_preserve = %d, short case preserve = %d, "
5938 "directory = %s, newname = %s, "
5939 "last_component_dest = %s, is_8_3 = %d\n",
5940 conn->case_sensitive, conn->case_preserve,
5941 conn->short_case_preserve, directory,
5942 newname, last_component_dest, is_short_name));
5944 /* The dest name still may have wildcards. */
5945 if (dest_has_wild) {
5946 char *mod_newname = NULL;
5947 if (!resolve_wildcards(ctx,
5948 directory,newname,&mod_newname)) {
5949 DEBUG(6, ("rename_internals: resolve_wildcards "
5953 return NT_STATUS_NO_MEMORY;
5955 newname = mod_newname;
5959 if (posix_pathnames) {
5960 SMB_VFS_LSTAT(conn, directory, &sbuf1);
5962 SMB_VFS_STAT(conn, directory, &sbuf1);
5965 if (S_ISDIR(sbuf1.st_mode)) {
5966 create_options |= FILE_DIRECTORY_FILE;
5969 status = SMB_VFS_CREATE_FILE(
5972 0, /* root_dir_fid */
5973 directory, /* fname */
5974 0, /* create_file_flags */
5975 access_mask, /* access_mask */
5976 (FILE_SHARE_READ | /* share_access */
5978 FILE_OPEN, /* create_disposition*/
5979 create_options, /* create_options */
5980 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
5981 0, /* oplock_request */
5982 0, /* allocation_size */
5987 &sbuf1); /* psbuf */
5989 if (!NT_STATUS_IS_OK(status)) {
5990 DEBUG(3, ("Could not open rename source %s: %s\n",
5991 directory, nt_errstr(status)));
5995 status = rename_internals_fsp(conn, fsp, newname,
5996 last_component_dest,
5997 attrs, replace_if_exists);
5999 close_file(req, fsp, NORMAL_CLOSE);
6001 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6002 nt_errstr(status), directory,newname));
6008 * Wildcards - process each file that matches.
6010 if (strequal(mask,"????????.???")) {
6015 status = check_name(conn, directory);
6016 if (!NT_STATUS_IS_OK(status)) {
6020 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, attrs);
6021 if (dir_hnd == NULL) {
6022 return map_nt_error_from_unix(errno);
6025 status = NT_STATUS_NO_SUCH_FILE;
6027 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6028 * - gentest fix. JRA
6031 while ((dname = ReadDirName(dir_hnd, &offset, &sbuf1))) {
6032 files_struct *fsp = NULL;
6034 char *destname = NULL;
6035 bool sysdir_entry = False;
6037 /* Quick check for "." and ".." */
6038 if (ISDOT(dname) || ISDOTDOT(dname)) {
6040 sysdir_entry = True;
6046 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
6050 if(!mask_match(dname, mask, conn->case_sensitive)) {
6055 status = NT_STATUS_OBJECT_NAME_INVALID;
6059 fname = talloc_asprintf(ctx,
6064 return NT_STATUS_NO_MEMORY;
6067 if (!resolve_wildcards(ctx,
6068 fname,newname,&destname)) {
6069 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6075 return NT_STATUS_NO_MEMORY;
6079 if (posix_pathnames) {
6080 SMB_VFS_LSTAT(conn, fname, &sbuf1);
6082 SMB_VFS_STAT(conn, fname, &sbuf1);
6087 if (S_ISDIR(sbuf1.st_mode)) {
6088 create_options |= FILE_DIRECTORY_FILE;
6091 status = SMB_VFS_CREATE_FILE(
6094 0, /* root_dir_fid */
6096 0, /* create_file_flags */
6097 access_mask, /* access_mask */
6098 (FILE_SHARE_READ | /* share_access */
6100 FILE_OPEN, /* create_disposition*/
6101 create_options, /* create_options */
6102 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6103 0, /* oplock_request */
6104 0, /* allocation_size */
6109 &sbuf1); /* psbuf */
6111 if (!NT_STATUS_IS_OK(status)) {
6112 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6113 "returned %s rename %s -> %s\n",
6114 nt_errstr(status), directory, newname));
6118 status = rename_internals_fsp(conn, fsp, destname, dname,
6119 attrs, replace_if_exists);
6121 close_file(req, fsp, NORMAL_CLOSE);
6123 if (!NT_STATUS_IS_OK(status)) {
6124 DEBUG(3, ("rename_internals_fsp returned %s for "
6125 "rename %s -> %s\n", nt_errstr(status),
6126 directory, newname));
6132 DEBUG(3,("rename_internals: doing rename on %s -> "
6133 "%s\n",fname,destname));
6136 TALLOC_FREE(destname);
6138 TALLOC_FREE(dir_hnd);
6140 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6141 status = map_nt_error_from_unix(errno);
6147 /****************************************************************************
6149 ****************************************************************************/
6151 void reply_mv(struct smb_request *req)
6153 connection_struct *conn = req->conn;
6155 char *newname = NULL;
6159 bool src_has_wcard = False;
6160 bool dest_has_wcard = False;
6161 TALLOC_CTX *ctx = talloc_tos();
6163 START_PROFILE(SMBmv);
6166 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6171 attrs = SVAL(req->vwv+0, 0);
6173 p = (const char *)req->buf + 1;
6174 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6175 &status, &src_has_wcard);
6176 if (!NT_STATUS_IS_OK(status)) {
6177 reply_nterror(req, status);
6182 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6183 &status, &dest_has_wcard);
6184 if (!NT_STATUS_IS_OK(status)) {
6185 reply_nterror(req, status);
6190 status = resolve_dfspath_wcard(ctx, conn,
6191 req->flags2 & FLAGS2_DFS_PATHNAMES,
6195 if (!NT_STATUS_IS_OK(status)) {
6196 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6197 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6198 ERRSRV, ERRbadpath);
6202 reply_nterror(req, status);
6207 status = resolve_dfspath_wcard(ctx, conn,
6208 req->flags2 & FLAGS2_DFS_PATHNAMES,
6212 if (!NT_STATUS_IS_OK(status)) {
6213 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6214 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6215 ERRSRV, ERRbadpath);
6219 reply_nterror(req, status);
6224 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
6226 status = rename_internals(ctx, conn, req, name, newname, attrs, False,
6227 src_has_wcard, dest_has_wcard, DELETE_ACCESS);
6228 if (!NT_STATUS_IS_OK(status)) {
6229 if (open_was_deferred(req->mid)) {
6230 /* We have re-scheduled this call. */
6234 reply_nterror(req, status);
6239 reply_outbuf(req, 0, 0);
6245 /*******************************************************************
6246 Copy a file as part of a reply_copy.
6247 ******************************************************************/
6250 * TODO: check error codes on all callers
6253 NTSTATUS copy_file(TALLOC_CTX *ctx,
6254 connection_struct *conn,
6259 bool target_is_directory)
6261 SMB_STRUCT_STAT src_sbuf, sbuf2;
6263 files_struct *fsp1,*fsp2;
6266 uint32 new_create_disposition;
6269 dest = talloc_strdup(ctx, dest1);
6271 return NT_STATUS_NO_MEMORY;
6273 if (target_is_directory) {
6274 const char *p = strrchr_m(src,'/');
6280 dest = talloc_asprintf_append(dest,
6284 return NT_STATUS_NO_MEMORY;
6288 if (!vfs_file_exist(conn,src,&src_sbuf)) {
6290 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
6293 if (!target_is_directory && count) {
6294 new_create_disposition = FILE_OPEN;
6296 if (!map_open_params_to_ntcreate(dest1,0,ofun,
6297 NULL, NULL, &new_create_disposition, NULL)) {
6299 return NT_STATUS_INVALID_PARAMETER;
6303 status = SMB_VFS_CREATE_FILE(
6306 0, /* root_dir_fid */
6308 0, /* create_file_flags */
6309 FILE_GENERIC_READ, /* access_mask */
6310 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6311 FILE_OPEN, /* create_disposition*/
6312 0, /* create_options */
6313 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6314 INTERNAL_OPEN_ONLY, /* oplock_request */
6315 0, /* allocation_size */
6320 &src_sbuf); /* psbuf */
6322 if (!NT_STATUS_IS_OK(status)) {
6327 dosattrs = dos_mode(conn, src, &src_sbuf);
6328 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
6329 ZERO_STRUCTP(&sbuf2);
6332 status = SMB_VFS_CREATE_FILE(
6335 0, /* root_dir_fid */
6337 0, /* create_file_flags */
6338 FILE_GENERIC_WRITE, /* access_mask */
6339 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6340 new_create_disposition, /* create_disposition*/
6341 0, /* create_options */
6342 dosattrs, /* file_attributes */
6343 INTERNAL_OPEN_ONLY, /* oplock_request */
6344 0, /* allocation_size */
6349 &sbuf2); /* psbuf */
6353 if (!NT_STATUS_IS_OK(status)) {
6354 close_file(NULL, fsp1, ERROR_CLOSE);
6358 if ((ofun&3) == 1) {
6359 if(SMB_VFS_LSEEK(fsp2,0,SEEK_END) == -1) {
6360 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
6362 * Stop the copy from occurring.
6365 src_sbuf.st_size = 0;
6369 if (src_sbuf.st_size) {
6370 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
6373 close_file(NULL, fsp1, NORMAL_CLOSE);
6375 /* Ensure the modtime is set correctly on the destination file. */
6376 set_close_write_time(fsp2, get_mtimespec(&src_sbuf));
6379 * As we are opening fsp1 read-only we only expect
6380 * an error on close on fsp2 if we are out of space.
6381 * Thus we don't look at the error return from the
6384 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6386 if (!NT_STATUS_IS_OK(status)) {
6390 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
6391 return NT_STATUS_DISK_FULL;
6394 return NT_STATUS_OK;
6397 /****************************************************************************
6398 Reply to a file copy.
6399 ****************************************************************************/
6401 void reply_copy(struct smb_request *req)
6403 connection_struct *conn = req->conn;
6405 char *newname = NULL;
6406 char *directory = NULL;
6407 const char *mask = NULL;
6408 const char mask_star[] = "*";
6411 int error = ERRnoaccess;
6416 bool target_is_directory=False;
6417 bool source_has_wild = False;
6418 bool dest_has_wild = False;
6419 SMB_STRUCT_STAT sbuf1, sbuf2;
6421 TALLOC_CTX *ctx = talloc_tos();
6423 START_PROFILE(SMBcopy);
6426 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6427 END_PROFILE(SMBcopy);
6431 tid2 = SVAL(req->vwv+0, 0);
6432 ofun = SVAL(req->vwv+1, 0);
6433 flags = SVAL(req->vwv+2, 0);
6435 p = (const char *)req->buf;
6436 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6437 &status, &source_has_wild);
6438 if (!NT_STATUS_IS_OK(status)) {
6439 reply_nterror(req, status);
6440 END_PROFILE(SMBcopy);
6443 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6444 &status, &dest_has_wild);
6445 if (!NT_STATUS_IS_OK(status)) {
6446 reply_nterror(req, status);
6447 END_PROFILE(SMBcopy);
6451 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
6453 if (tid2 != conn->cnum) {
6454 /* can't currently handle inter share copies XXXX */
6455 DEBUG(3,("Rejecting inter-share copy\n"));
6456 reply_doserror(req, ERRSRV, ERRinvdevice);
6457 END_PROFILE(SMBcopy);
6461 status = resolve_dfspath_wcard(ctx, conn,
6462 req->flags2 & FLAGS2_DFS_PATHNAMES,
6466 if (!NT_STATUS_IS_OK(status)) {
6467 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6468 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6469 ERRSRV, ERRbadpath);
6470 END_PROFILE(SMBcopy);
6473 reply_nterror(req, status);
6474 END_PROFILE(SMBcopy);
6478 status = resolve_dfspath_wcard(ctx, conn,
6479 req->flags2 & FLAGS2_DFS_PATHNAMES,
6483 if (!NT_STATUS_IS_OK(status)) {
6484 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6485 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6486 ERRSRV, ERRbadpath);
6487 END_PROFILE(SMBcopy);
6490 reply_nterror(req, status);
6491 END_PROFILE(SMBcopy);
6495 status = unix_convert(ctx, conn, name, source_has_wild,
6496 &name, NULL, &sbuf1);
6497 if (!NT_STATUS_IS_OK(status)) {
6498 reply_nterror(req, status);
6499 END_PROFILE(SMBcopy);
6503 status = unix_convert(ctx, conn, newname, dest_has_wild,
6504 &newname, NULL, &sbuf2);
6505 if (!NT_STATUS_IS_OK(status)) {
6506 reply_nterror(req, status);
6507 END_PROFILE(SMBcopy);
6511 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
6513 if ((flags&1) && target_is_directory) {
6514 reply_doserror(req, ERRDOS, ERRbadfile);
6515 END_PROFILE(SMBcopy);
6519 if ((flags&2) && !target_is_directory) {
6520 reply_doserror(req, ERRDOS, ERRbadpath);
6521 END_PROFILE(SMBcopy);
6525 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
6526 /* wants a tree copy! XXXX */
6527 DEBUG(3,("Rejecting tree copy\n"));
6528 reply_doserror(req, ERRSRV, ERRerror);
6529 END_PROFILE(SMBcopy);
6533 p = strrchr_m(name,'/');
6535 directory = talloc_strndup(ctx, name, PTR_DIFF(p, name));
6538 directory = talloc_strdup(ctx, "./");
6543 reply_nterror(req, NT_STATUS_NO_MEMORY);
6544 END_PROFILE(SMBcopy);
6549 * We should only check the mangled cache
6550 * here if unix_convert failed. This means
6551 * that the path in 'mask' doesn't exist
6552 * on the file system and so we need to look
6553 * for a possible mangle. This patch from
6554 * Tine Smukavec <valentin.smukavec@hermes.si>.
6557 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
6558 char *new_mask = NULL;
6559 mangle_lookup_name_from_8_3(ctx,
6568 if (!source_has_wild) {
6569 directory = talloc_asprintf_append(directory,
6572 if (dest_has_wild) {
6573 char *mod_newname = NULL;
6574 if (!resolve_wildcards(ctx,
6575 directory,newname,&mod_newname)) {
6576 reply_nterror(req, NT_STATUS_NO_MEMORY);
6577 END_PROFILE(SMBcopy);
6580 newname = mod_newname;
6583 status = check_name(conn, directory);
6584 if (!NT_STATUS_IS_OK(status)) {
6585 reply_nterror(req, status);
6586 END_PROFILE(SMBcopy);
6590 status = check_name(conn, newname);
6591 if (!NT_STATUS_IS_OK(status)) {
6592 reply_nterror(req, status);
6593 END_PROFILE(SMBcopy);
6597 status = copy_file(ctx,conn,directory,newname,ofun,
6598 count,target_is_directory);
6600 if(!NT_STATUS_IS_OK(status)) {
6601 reply_nterror(req, status);
6602 END_PROFILE(SMBcopy);
6608 struct smb_Dir *dir_hnd = NULL;
6609 const char *dname = NULL;
6612 if (strequal(mask,"????????.???")) {
6616 status = check_name(conn, directory);
6617 if (!NT_STATUS_IS_OK(status)) {
6618 reply_nterror(req, status);
6619 END_PROFILE(SMBcopy);
6623 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, 0);
6624 if (dir_hnd == NULL) {
6625 status = map_nt_error_from_unix(errno);
6626 reply_nterror(req, status);
6627 END_PROFILE(SMBcopy);
6633 while ((dname = ReadDirName(dir_hnd, &offset, &sbuf1))) {
6634 char *destname = NULL;
6637 if (ISDOT(dname) || ISDOTDOT(dname)) {
6641 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
6645 if(!mask_match(dname, mask, conn->case_sensitive)) {
6649 error = ERRnoaccess;
6650 fname = talloc_asprintf(ctx,
6655 TALLOC_FREE(dir_hnd);
6656 reply_nterror(req, NT_STATUS_NO_MEMORY);
6657 END_PROFILE(SMBcopy);
6661 if (!resolve_wildcards(ctx,
6662 fname,newname,&destname)) {
6666 TALLOC_FREE(dir_hnd);
6667 reply_nterror(req, NT_STATUS_NO_MEMORY);
6668 END_PROFILE(SMBcopy);
6672 status = check_name(conn, fname);
6673 if (!NT_STATUS_IS_OK(status)) {
6674 TALLOC_FREE(dir_hnd);
6675 reply_nterror(req, status);
6676 END_PROFILE(SMBcopy);
6680 status = check_name(conn, destname);
6681 if (!NT_STATUS_IS_OK(status)) {
6682 TALLOC_FREE(dir_hnd);
6683 reply_nterror(req, status);
6684 END_PROFILE(SMBcopy);
6688 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname));
6690 status = copy_file(ctx,conn,fname,destname,ofun,
6691 count,target_is_directory);
6692 if (NT_STATUS_IS_OK(status)) {
6696 TALLOC_FREE(destname);
6698 TALLOC_FREE(dir_hnd);
6703 /* Error on close... */
6705 reply_unixerror(req, ERRHRD, ERRgeneral);
6706 END_PROFILE(SMBcopy);
6710 reply_doserror(req, ERRDOS, error);
6711 END_PROFILE(SMBcopy);
6715 reply_outbuf(req, 1, 0);
6716 SSVAL(req->outbuf,smb_vwv0,count);
6718 END_PROFILE(SMBcopy);
6723 #define DBGC_CLASS DBGC_LOCKING
6725 /****************************************************************************
6726 Get a lock pid, dealing with large count requests.
6727 ****************************************************************************/
6729 uint32 get_lock_pid(const uint8_t *data, int data_offset,
6730 bool large_file_format)
6732 if(!large_file_format)
6733 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
6735 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
6738 /****************************************************************************
6739 Get a lock count, dealing with large count requests.
6740 ****************************************************************************/
6742 uint64_t get_lock_count(const uint8_t *data, int data_offset,
6743 bool large_file_format)
6747 if(!large_file_format) {
6748 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
6751 #if defined(HAVE_LONGLONG)
6752 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
6753 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
6754 #else /* HAVE_LONGLONG */
6757 * NT4.x seems to be broken in that it sends large file (64 bit)
6758 * lockingX calls even if the CAP_LARGE_FILES was *not*
6759 * negotiated. For boxes without large unsigned ints truncate the
6760 * lock count by dropping the top 32 bits.
6763 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
6764 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
6765 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
6766 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
6767 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
6770 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
6771 #endif /* HAVE_LONGLONG */
6777 #if !defined(HAVE_LONGLONG)
6778 /****************************************************************************
6779 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
6780 ****************************************************************************/
6782 static uint32 map_lock_offset(uint32 high, uint32 low)
6786 uint32 highcopy = high;
6789 * Try and find out how many significant bits there are in high.
6792 for(i = 0; highcopy; i++)
6796 * We use 31 bits not 32 here as POSIX
6797 * lock offsets may not be negative.
6800 mask = (~0) << (31 - i);
6803 return 0; /* Fail. */
6809 #endif /* !defined(HAVE_LONGLONG) */
6811 /****************************************************************************
6812 Get a lock offset, dealing with large offset requests.
6813 ****************************************************************************/
6815 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
6816 bool large_file_format, bool *err)
6818 uint64_t offset = 0;
6822 if(!large_file_format) {
6823 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
6826 #if defined(HAVE_LONGLONG)
6827 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
6828 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
6829 #else /* HAVE_LONGLONG */
6832 * NT4.x seems to be broken in that it sends large file (64 bit)
6833 * lockingX calls even if the CAP_LARGE_FILES was *not*
6834 * negotiated. For boxes without large unsigned ints mangle the
6835 * lock offset by mapping the top 32 bits onto the lower 32.
6838 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
6839 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
6840 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
6843 if((new_low = map_lock_offset(high, low)) == 0) {
6845 return (uint64_t)-1;
6848 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
6849 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
6850 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
6851 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
6854 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
6855 #endif /* HAVE_LONGLONG */
6861 /****************************************************************************
6862 Reply to a lockingX request.
6863 ****************************************************************************/
6865 void reply_lockingX(struct smb_request *req)
6867 connection_struct *conn = req->conn;
6869 unsigned char locktype;
6870 unsigned char oplocklevel;
6873 uint64_t count = 0, offset = 0;
6877 const uint8_t *data;
6878 bool large_file_format;
6880 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
6882 START_PROFILE(SMBlockingX);
6885 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6886 END_PROFILE(SMBlockingX);
6890 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
6891 locktype = CVAL(req->vwv+3, 0);
6892 oplocklevel = CVAL(req->vwv+3, 1);
6893 num_ulocks = SVAL(req->vwv+6, 0);
6894 num_locks = SVAL(req->vwv+7, 0);
6895 lock_timeout = IVAL(req->vwv+4, 0);
6896 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
6898 if (!check_fsp(conn, req, fsp)) {
6899 END_PROFILE(SMBlockingX);
6905 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
6906 /* we don't support these - and CANCEL_LOCK makes w2k
6907 and XP reboot so I don't really want to be
6908 compatible! (tridge) */
6909 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
6910 END_PROFILE(SMBlockingX);
6914 /* Check if this is an oplock break on a file
6915 we have granted an oplock on.
6917 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
6918 /* Client can insist on breaking to none. */
6919 bool break_to_none = (oplocklevel == 0);
6922 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
6923 "for fnum = %d\n", (unsigned int)oplocklevel,
6927 * Make sure we have granted an exclusive or batch oplock on
6931 if (fsp->oplock_type == 0) {
6933 /* The Samba4 nbench simulator doesn't understand
6934 the difference between break to level2 and break
6935 to none from level2 - it sends oplock break
6936 replies in both cases. Don't keep logging an error
6937 message here - just ignore it. JRA. */
6939 DEBUG(5,("reply_lockingX: Error : oplock break from "
6940 "client for fnum = %d (oplock=%d) and no "
6941 "oplock granted on this file (%s).\n",
6942 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
6944 /* if this is a pure oplock break request then don't
6946 if (num_locks == 0 && num_ulocks == 0) {
6947 END_PROFILE(SMBlockingX);
6950 END_PROFILE(SMBlockingX);
6951 reply_doserror(req, ERRDOS, ERRlock);
6956 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
6958 result = remove_oplock(fsp);
6960 result = downgrade_oplock(fsp);
6964 DEBUG(0, ("reply_lockingX: error in removing "
6965 "oplock on file %s\n", fsp->fsp_name));
6966 /* Hmmm. Is this panic justified? */
6967 smb_panic("internal tdb error");
6970 reply_to_oplock_break_requests(fsp);
6972 /* if this is a pure oplock break request then don't send a
6974 if (num_locks == 0 && num_ulocks == 0) {
6975 /* Sanity check - ensure a pure oplock break is not a
6977 if(CVAL(req->vwv+0, 0) != 0xff)
6978 DEBUG(0,("reply_lockingX: Error : pure oplock "
6979 "break is a chained %d request !\n",
6980 (unsigned int)CVAL(req->vwv+0, 0)));
6981 END_PROFILE(SMBlockingX);
6987 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
6988 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6989 END_PROFILE(SMBlockingX);
6993 /* Data now points at the beginning of the list
6994 of smb_unlkrng structs */
6995 for(i = 0; i < (int)num_ulocks; i++) {
6996 lock_pid = get_lock_pid( data, i, large_file_format);
6997 count = get_lock_count( data, i, large_file_format);
6998 offset = get_lock_offset( data, i, large_file_format, &err);
7001 * There is no error code marked "stupid client bug".... :-).
7004 END_PROFILE(SMBlockingX);
7005 reply_doserror(req, ERRDOS, ERRnoaccess);
7009 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
7010 "pid %u, file %s\n", (double)offset, (double)count,
7011 (unsigned int)lock_pid, fsp->fsp_name ));
7013 status = do_unlock(smbd_messaging_context(),
7020 DEBUG(10, ("reply_lockingX: unlock returned %s\n",
7021 nt_errstr(status)));
7023 if (NT_STATUS_V(status)) {
7024 END_PROFILE(SMBlockingX);
7025 reply_nterror(req, status);
7030 /* Setup the timeout in seconds. */
7032 if (!lp_blocking_locks(SNUM(conn))) {
7036 /* Now do any requested locks */
7037 data += ((large_file_format ? 20 : 10)*num_ulocks);
7039 /* Data now points at the beginning of the list
7040 of smb_lkrng structs */
7042 for(i = 0; i < (int)num_locks; i++) {
7043 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
7044 READ_LOCK:WRITE_LOCK);
7045 lock_pid = get_lock_pid( data, i, large_file_format);
7046 count = get_lock_count( data, i, large_file_format);
7047 offset = get_lock_offset( data, i, large_file_format, &err);
7050 * There is no error code marked "stupid client bug".... :-).
7053 END_PROFILE(SMBlockingX);
7054 reply_doserror(req, ERRDOS, ERRnoaccess);
7058 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
7059 "%u, file %s timeout = %d\n", (double)offset,
7060 (double)count, (unsigned int)lock_pid,
7061 fsp->fsp_name, (int)lock_timeout ));
7063 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7064 struct blocking_lock_record *blr = NULL;
7066 if (lp_blocking_locks(SNUM(conn))) {
7068 /* Schedule a message to ourselves to
7069 remove the blocking lock record and
7070 return the right error. */
7072 blr = blocking_lock_cancel(fsp,
7078 NT_STATUS_FILE_LOCK_CONFLICT);
7080 END_PROFILE(SMBlockingX);
7085 ERRcancelviolation));
7089 /* Remove a matching pending lock. */
7090 status = do_lock_cancel(fsp,
7097 bool blocking_lock = lock_timeout ? True : False;
7098 bool defer_lock = False;
7099 struct byte_range_lock *br_lck;
7100 uint32 block_smbpid;
7102 br_lck = do_lock(smbd_messaging_context(),
7114 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
7115 /* Windows internal resolution for blocking locks seems
7116 to be about 200ms... Don't wait for less than that. JRA. */
7117 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
7118 lock_timeout = lp_lock_spin_time();
7123 /* This heuristic seems to match W2K3 very well. If a
7124 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
7125 it pretends we asked for a timeout of between 150 - 300 milliseconds as
7126 far as I can tell. Replacement for do_lock_spin(). JRA. */
7128 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
7129 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
7131 lock_timeout = lp_lock_spin_time();
7134 if (br_lck && defer_lock) {
7136 * A blocking lock was requested. Package up
7137 * this smb into a queued request and push it
7138 * onto the blocking lock queue.
7140 if(push_blocking_lock_request(br_lck,
7151 TALLOC_FREE(br_lck);
7152 END_PROFILE(SMBlockingX);
7157 TALLOC_FREE(br_lck);
7160 if (NT_STATUS_V(status)) {
7161 END_PROFILE(SMBlockingX);
7162 reply_nterror(req, status);
7167 /* If any of the above locks failed, then we must unlock
7168 all of the previous locks (X/Open spec). */
7170 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
7174 * Ensure we don't do a remove on the lock that just failed,
7175 * as under POSIX rules, if we have a lock already there, we
7176 * will delete it (and we shouldn't) .....
7178 for(i--; i >= 0; i--) {
7179 lock_pid = get_lock_pid( data, i, large_file_format);
7180 count = get_lock_count( data, i, large_file_format);
7181 offset = get_lock_offset( data, i, large_file_format,
7185 * There is no error code marked "stupid client
7189 END_PROFILE(SMBlockingX);
7190 reply_doserror(req, ERRDOS, ERRnoaccess);
7194 do_unlock(smbd_messaging_context(),
7201 END_PROFILE(SMBlockingX);
7202 reply_nterror(req, status);
7206 reply_outbuf(req, 2, 0);
7208 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7209 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7211 END_PROFILE(SMBlockingX);
7216 #define DBGC_CLASS DBGC_ALL
7218 /****************************************************************************
7219 Reply to a SMBreadbmpx (read block multiplex) request.
7220 Always reply with an error, if someone has a platform really needs this,
7221 please contact vl@samba.org
7222 ****************************************************************************/
7224 void reply_readbmpx(struct smb_request *req)
7226 START_PROFILE(SMBreadBmpx);
7227 reply_doserror(req, ERRSRV, ERRuseSTD);
7228 END_PROFILE(SMBreadBmpx);
7232 /****************************************************************************
7233 Reply to a SMBreadbs (read block multiplex secondary) request.
7234 Always reply with an error, if someone has a platform really needs this,
7235 please contact vl@samba.org
7236 ****************************************************************************/
7238 void reply_readbs(struct smb_request *req)
7240 START_PROFILE(SMBreadBs);
7241 reply_doserror(req, ERRSRV, ERRuseSTD);
7242 END_PROFILE(SMBreadBs);
7246 /****************************************************************************
7247 Reply to a SMBsetattrE.
7248 ****************************************************************************/
7250 void reply_setattrE(struct smb_request *req)
7252 connection_struct *conn = req->conn;
7253 struct smb_file_time ft;
7255 SMB_STRUCT_STAT sbuf;
7258 START_PROFILE(SMBsetattrE);
7262 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7263 END_PROFILE(SMBsetattrE);
7267 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7269 if(!fsp || (fsp->conn != conn)) {
7270 reply_doserror(req, ERRDOS, ERRbadfid);
7271 END_PROFILE(SMBsetattrE);
7277 * Convert the DOS times into unix times.
7280 ft.atime = convert_time_t_to_timespec(
7281 srv_make_unix_date2(req->vwv+3));
7282 ft.mtime = convert_time_t_to_timespec(
7283 srv_make_unix_date2(req->vwv+5));
7284 ft.create_time = convert_time_t_to_timespec(
7285 srv_make_unix_date2(req->vwv+1));
7287 reply_outbuf(req, 0, 0);
7290 * Patch from Ray Frush <frush@engr.colostate.edu>
7291 * Sometimes times are sent as zero - ignore them.
7294 /* Ensure we have a valid stat struct for the source. */
7295 if (fsp->fh->fd != -1) {
7296 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
7297 status = map_nt_error_from_unix(errno);
7298 reply_nterror(req, status);
7299 END_PROFILE(SMBsetattrE);
7305 if (fsp->posix_open) {
7306 ret = SMB_VFS_LSTAT(conn, fsp->fsp_name, &sbuf);
7308 ret = SMB_VFS_STAT(conn, fsp->fsp_name, &sbuf);
7311 status = map_nt_error_from_unix(errno);
7312 reply_nterror(req, status);
7313 END_PROFILE(SMBsetattrE);
7318 status = smb_set_file_time(conn, fsp, fsp->fsp_name,
7320 if (!NT_STATUS_IS_OK(status)) {
7321 reply_doserror(req, ERRDOS, ERRnoaccess);
7322 END_PROFILE(SMBsetattrE);
7326 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7329 (unsigned int)ft.atime.tv_sec,
7330 (unsigned int)ft.mtime.tv_sec,
7331 (unsigned int)ft.create_time.tv_sec
7334 END_PROFILE(SMBsetattrE);
7339 /* Back from the dead for OS/2..... JRA. */
7341 /****************************************************************************
7342 Reply to a SMBwritebmpx (write block multiplex primary) request.
7343 Always reply with an error, if someone has a platform really needs this,
7344 please contact vl@samba.org
7345 ****************************************************************************/
7347 void reply_writebmpx(struct smb_request *req)
7349 START_PROFILE(SMBwriteBmpx);
7350 reply_doserror(req, ERRSRV, ERRuseSTD);
7351 END_PROFILE(SMBwriteBmpx);
7355 /****************************************************************************
7356 Reply to a SMBwritebs (write block multiplex secondary) request.
7357 Always reply with an error, if someone has a platform really needs this,
7358 please contact vl@samba.org
7359 ****************************************************************************/
7361 void reply_writebs(struct smb_request *req)
7363 START_PROFILE(SMBwriteBs);
7364 reply_doserror(req, ERRSRV, ERRuseSTD);
7365 END_PROFILE(SMBwriteBs);
7369 /****************************************************************************
7370 Reply to a SMBgetattrE.
7371 ****************************************************************************/
7373 void reply_getattrE(struct smb_request *req)
7375 connection_struct *conn = req->conn;
7376 SMB_STRUCT_STAT sbuf;
7379 struct timespec create_ts;
7381 START_PROFILE(SMBgetattrE);
7384 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7385 END_PROFILE(SMBgetattrE);
7389 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7391 if(!fsp || (fsp->conn != conn)) {
7392 reply_doserror(req, ERRDOS, ERRbadfid);
7393 END_PROFILE(SMBgetattrE);
7397 /* Do an fstat on this file */
7398 if(fsp_stat(fsp, &sbuf)) {
7399 reply_unixerror(req, ERRDOS, ERRnoaccess);
7400 END_PROFILE(SMBgetattrE);
7404 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
7407 * Convert the times into dos times. Set create
7408 * date to be last modify date as UNIX doesn't save
7412 reply_outbuf(req, 11, 0);
7414 create_ts = get_create_timespec(&sbuf,
7415 lp_fake_dir_create_times(SNUM(conn)));
7416 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7417 srv_put_dos_date2((char *)req->outbuf, smb_vwv2, sbuf.st_atime);
7418 /* Should we check pending modtime here ? JRA */
7419 srv_put_dos_date2((char *)req->outbuf, smb_vwv4, sbuf.st_mtime);
7422 SIVAL(req->outbuf, smb_vwv6, 0);
7423 SIVAL(req->outbuf, smb_vwv8, 0);
7425 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &sbuf);
7426 SIVAL(req->outbuf, smb_vwv6, (uint32)sbuf.st_size);
7427 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7429 SSVAL(req->outbuf,smb_vwv10, mode);
7431 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7433 END_PROFILE(SMBgetattrE);
git.samba.org / metze / samba / wip.git / blob