2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "system/filesys.h"
30 #include "smbd/smbd.h"
31 #include "smbd/globals.h"
32 #include "fake_file.h"
33 #include "../librpc/gen_ndr/ndr_spoolss_c.h"
34 #include "rpc_client/cli_spoolss.h"
35 #include "rpc_client/init_spoolss.h"
36 #include "rpc_server/rpc_ncacn_np.h"
37 #include "libcli/security/security.h"
38 #include "libsmb/nmblib.h"
40 /****************************************************************************
41 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
42 path or anything including wildcards.
43 We're assuming here that '/' is not the second byte in any multibyte char
44 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
46 ****************************************************************************/
48 /* Custom version for processing POSIX paths. */
49 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
51 static NTSTATUS check_path_syntax_internal(char *path,
53 bool *p_last_component_contains_wcard)
57 NTSTATUS ret = NT_STATUS_OK;
58 bool start_of_name_component = True;
59 bool stream_started = false;
61 *p_last_component_contains_wcard = False;
68 return NT_STATUS_OBJECT_NAME_INVALID;
71 return NT_STATUS_OBJECT_NAME_INVALID;
73 if (strchr_m(&s[1], ':')) {
74 return NT_STATUS_OBJECT_NAME_INVALID;
80 if ((*s == ':') && !posix_path && !stream_started) {
81 if (*p_last_component_contains_wcard) {
82 return NT_STATUS_OBJECT_NAME_INVALID;
84 /* Stream names allow more characters than file names.
85 We're overloading posix_path here to allow a wider
86 range of characters. If stream_started is true this
87 is still a Windows path even if posix_path is true.
90 stream_started = true;
91 start_of_name_component = false;
95 return NT_STATUS_OBJECT_NAME_INVALID;
99 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
101 * Safe to assume is not the second part of a mb char
102 * as this is handled below.
104 /* Eat multiple '/' or '\\' */
105 while (IS_PATH_SEP(*s,posix_path)) {
108 if ((d != path) && (*s != '\0')) {
109 /* We only care about non-leading or trailing '/' or '\\' */
113 start_of_name_component = True;
115 *p_last_component_contains_wcard = False;
119 if (start_of_name_component) {
120 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
121 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
124 * No mb char starts with '.' so we're safe checking the directory separator here.
127 /* If we just added a '/' - delete it */
128 if ((d > path) && (*(d-1) == '/')) {
133 /* Are we at the start ? Can't go back further if so. */
135 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
138 /* Go back one level... */
139 /* We know this is safe as '/' cannot be part of a mb sequence. */
140 /* NOTE - if this assumption is invalid we are not in good shape... */
141 /* Decrement d first as d points to the *next* char to write into. */
142 for (d--; d > path; d--) {
146 s += 2; /* Else go past the .. */
147 /* We're still at the start of a name component, just the previous one. */
150 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
162 if (*s <= 0x1f || *s == '|') {
163 return NT_STATUS_OBJECT_NAME_INVALID;
171 *p_last_component_contains_wcard = True;
180 /* Get the size of the next MB character. */
181 next_codepoint(s,&siz);
199 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
201 return NT_STATUS_INVALID_PARAMETER;
204 start_of_name_component = False;
212 /****************************************************************************
213 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
214 No wildcards allowed.
215 ****************************************************************************/
217 NTSTATUS check_path_syntax(char *path)
220 return check_path_syntax_internal(path, False, &ignore);
223 /****************************************************************************
224 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
225 Wildcards allowed - p_contains_wcard returns true if the last component contained
227 ****************************************************************************/
229 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
231 return check_path_syntax_internal(path, False, p_contains_wcard);
234 /****************************************************************************
235 Check the path for a POSIX client.
236 We're assuming here that '/' is not the second byte in any multibyte char
237 set (a safe assumption).
238 ****************************************************************************/
240 NTSTATUS check_path_syntax_posix(char *path)
243 return check_path_syntax_internal(path, True, &ignore);
246 /****************************************************************************
247 Pull a string and check the path allowing a wilcard - provide for error return.
248 ****************************************************************************/
250 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
251 const char *base_ptr,
258 bool *contains_wcard)
264 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
268 *err = NT_STATUS_INVALID_PARAMETER;
272 *contains_wcard = False;
274 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
276 * For a DFS path the function parse_dfs_path()
277 * will do the path processing, just make a copy.
283 if (lp_posix_pathnames()) {
284 *err = check_path_syntax_posix(*pp_dest);
286 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
292 /****************************************************************************
293 Pull a string and check the path - provide for error return.
294 ****************************************************************************/
296 size_t srvstr_get_path(TALLOC_CTX *ctx,
297 const char *base_ptr,
306 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
307 src_len, flags, err, &ignore);
310 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
311 char **pp_dest, const char *src, int flags,
312 NTSTATUS *err, bool *contains_wcard)
314 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
315 pp_dest, src, smbreq_bufrem(req, src),
316 flags, err, contains_wcard);
319 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
320 char **pp_dest, const char *src, int flags,
324 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
325 flags, err, &ignore);
328 /****************************************************************************
329 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
330 ****************************************************************************/
332 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
335 if ((fsp == NULL) || (conn == NULL)) {
336 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
339 if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
340 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
346 /****************************************************************************
347 Check if we have a correct fsp pointing to a file.
348 ****************************************************************************/
350 bool check_fsp(connection_struct *conn, struct smb_request *req,
353 if (!check_fsp_open(conn, req, fsp)) {
356 if (fsp->is_directory) {
357 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
360 if (fsp->fh->fd == -1) {
361 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
364 fsp->num_smb_operations++;
368 /****************************************************************************
369 Check if we have a correct fsp pointing to a quota fake file. Replacement for
370 the CHECK_NTQUOTA_HANDLE_OK macro.
371 ****************************************************************************/
373 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
376 if (!check_fsp_open(conn, req, fsp)) {
380 if (fsp->is_directory) {
384 if (fsp->fake_file_handle == NULL) {
388 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
392 if (fsp->fake_file_handle->private_data == NULL) {
399 static bool netbios_session_retarget(struct smbd_server_connection *sconn,
400 const char *name, int name_type)
403 char *trim_name_type;
404 const char *retarget_parm;
407 int retarget_type = 0x20;
408 int retarget_port = 139;
409 struct sockaddr_storage retarget_addr;
410 struct sockaddr_in *in_addr;
414 if (get_socket_port(sconn->sock) != 139) {
418 trim_name = talloc_strdup(talloc_tos(), name);
419 if (trim_name == NULL) {
422 trim_char(trim_name, ' ', ' ');
424 trim_name_type = talloc_asprintf(trim_name, "%s#%2.2x", trim_name,
426 if (trim_name_type == NULL) {
430 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
431 trim_name_type, NULL);
432 if (retarget_parm == NULL) {
433 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
436 if (retarget_parm == NULL) {
440 retarget = talloc_strdup(trim_name, retarget_parm);
441 if (retarget == NULL) {
445 DEBUG(10, ("retargeting %s to %s\n", trim_name_type, retarget));
447 p = strchr(retarget, ':');
450 retarget_port = atoi(p);
453 p = strchr_m(retarget, '#');
456 sscanf(p, "%x", &retarget_type);
459 ret = resolve_name(retarget, &retarget_addr, retarget_type, false);
461 DEBUG(10, ("could not resolve %s\n", retarget));
465 if (retarget_addr.ss_family != AF_INET) {
466 DEBUG(10, ("Retarget target not an IPv4 addr\n"));
470 in_addr = (struct sockaddr_in *)(void *)&retarget_addr;
472 _smb_setlen(outbuf, 6);
473 SCVAL(outbuf, 0, 0x84);
474 *(uint32_t *)(outbuf+4) = in_addr->sin_addr.s_addr;
475 *(uint16_t *)(outbuf+8) = htons(retarget_port);
477 if (!srv_send_smb(sconn, (char *)outbuf, false, 0, false,
479 exit_server_cleanly("netbios_session_regarget: srv_send_smb "
485 TALLOC_FREE(trim_name);
489 /****************************************************************************
490 Reply to a (netbios-level) special message.
491 ****************************************************************************/
493 void reply_special(struct smbd_server_connection *sconn, char *inbuf, size_t inbuf_size)
495 int msg_type = CVAL(inbuf,0);
496 int msg_flags = CVAL(inbuf,1);
498 * We only really use 4 bytes of the outbuf, but for the smb_setlen
499 * calculation & friends (srv_send_smb uses that) we need the full smb
502 char outbuf[smb_size];
504 memset(outbuf, '\0', sizeof(outbuf));
506 smb_setlen(outbuf,0);
509 case 0x81: /* session request */
511 /* inbuf_size is guarenteed to be at least 4. */
513 int name_type1, name_type2;
514 int name_len1, name_len2;
518 if (sconn->nbt.got_session) {
519 exit_server_cleanly("multiple session request not permitted");
522 SCVAL(outbuf,0,0x82);
525 /* inbuf_size is guaranteed to be at least 4. */
526 name_len1 = name_len((unsigned char *)(inbuf+4),inbuf_size - 4);
527 if (name_len1 <= 0 || name_len1 > inbuf_size - 4) {
528 DEBUG(0,("Invalid name length in session request\n"));
531 name_len2 = name_len((unsigned char *)(inbuf+4+name_len1),inbuf_size - 4 - name_len1);
532 if (name_len2 <= 0 || name_len2 > inbuf_size - 4 - name_len1) {
533 DEBUG(0,("Invalid name length in session request\n"));
537 name_type1 = name_extract((unsigned char *)inbuf,
538 inbuf_size,(unsigned int)4,name1);
539 name_type2 = name_extract((unsigned char *)inbuf,
540 inbuf_size,(unsigned int)(4 + name_len1),name2);
542 if (name_type1 == -1 || name_type2 == -1) {
543 DEBUG(0,("Invalid name type in session request\n"));
547 DEBUG(2,("netbios connect: name1=%s0x%x name2=%s0x%x\n",
548 name1, name_type1, name2, name_type2));
550 if (netbios_session_retarget(sconn, name1, name_type1)) {
551 exit_server_cleanly("retargeted client");
555 * Windows NT/2k uses "*SMBSERVER" and XP uses
556 * "*SMBSERV" arrggg!!!
558 if (strequal(name1, "*SMBSERVER ")
559 || strequal(name1, "*SMBSERV ")) {
560 fstrcpy(name1, sconn->client_id.addr);
563 set_local_machine_name(name1, True);
564 set_remote_machine_name(name2, True);
566 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
567 get_local_machine_name(), get_remote_machine_name(),
570 if (name_type2 == 'R') {
571 /* We are being asked for a pathworks session ---
573 SCVAL(outbuf, 0,0x83);
577 /* only add the client's machine name to the list
578 of possibly valid usernames if we are operating
579 in share mode security */
580 if (lp_security() == SEC_SHARE) {
581 add_session_user(sconn, get_remote_machine_name());
584 reload_services(sconn->msg_ctx, sconn->sock, True);
587 sconn->nbt.got_session = true;
591 case 0x89: /* session keepalive request
592 (some old clients produce this?) */
593 SCVAL(outbuf,0,SMBkeepalive);
597 case 0x82: /* positive session response */
598 case 0x83: /* negative session response */
599 case 0x84: /* retarget session response */
600 DEBUG(0,("Unexpected session response\n"));
603 case SMBkeepalive: /* session keepalive */
608 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
609 msg_type, msg_flags));
611 srv_send_smb(sconn, outbuf, false, 0, false, NULL);
615 /****************************************************************************
617 conn POINTER CAN BE NULL HERE !
618 ****************************************************************************/
620 void reply_tcon(struct smb_request *req)
622 connection_struct *conn = req->conn;
624 char *service_buf = NULL;
625 char *password = NULL;
630 DATA_BLOB password_blob;
631 TALLOC_CTX *ctx = talloc_tos();
632 struct smbd_server_connection *sconn = req->sconn;
634 START_PROFILE(SMBtcon);
636 if (req->buflen < 4) {
637 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
638 END_PROFILE(SMBtcon);
642 p = (const char *)req->buf + 1;
643 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
645 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
647 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
650 if (service_buf == NULL || password == NULL || dev == NULL) {
651 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
652 END_PROFILE(SMBtcon);
655 p = strrchr_m(service_buf,'\\');
659 service = service_buf;
662 password_blob = data_blob(password, pwlen+1);
664 conn = make_connection(sconn,service,password_blob,dev,
665 req->vuid,&nt_status);
668 data_blob_clear_free(&password_blob);
671 reply_nterror(req, nt_status);
672 END_PROFILE(SMBtcon);
676 reply_outbuf(req, 2, 0);
677 SSVAL(req->outbuf,smb_vwv0,sconn->smb1.negprot.max_recv);
678 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
679 SSVAL(req->outbuf,smb_tid,conn->cnum);
681 DEBUG(3,("tcon service=%s cnum=%d\n",
682 service, conn->cnum));
684 END_PROFILE(SMBtcon);
688 /****************************************************************************
689 Reply to a tcon and X.
690 conn POINTER CAN BE NULL HERE !
691 ****************************************************************************/
693 void reply_tcon_and_X(struct smb_request *req)
695 connection_struct *conn = req->conn;
696 const char *service = NULL;
698 TALLOC_CTX *ctx = talloc_tos();
699 /* what the cleint thinks the device is */
700 char *client_devicetype = NULL;
701 /* what the server tells the client the share represents */
702 const char *server_devicetype;
708 struct smbd_server_connection *sconn = req->sconn;
710 START_PROFILE(SMBtconX);
713 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
714 END_PROFILE(SMBtconX);
718 passlen = SVAL(req->vwv+3, 0);
719 tcon_flags = SVAL(req->vwv+2, 0);
721 /* we might have to close an old one */
722 if ((tcon_flags & 0x1) && conn) {
723 close_cnum(conn,req->vuid);
728 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
729 reply_force_doserror(req, ERRDOS, ERRbuftoosmall);
730 END_PROFILE(SMBtconX);
734 if (sconn->smb1.negprot.encrypted_passwords) {
735 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
736 if (lp_security() == SEC_SHARE) {
738 * Security = share always has a pad byte
739 * after the password.
741 p = (const char *)req->buf + passlen + 1;
743 p = (const char *)req->buf + passlen;
746 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
747 /* Ensure correct termination */
748 password.data[passlen]=0;
749 p = (const char *)req->buf + passlen + 1;
752 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
755 data_blob_clear_free(&password);
756 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
757 END_PROFILE(SMBtconX);
762 * the service name can be either: \\server\share
763 * or share directly like on the DELL PowerVault 705
766 q = strchr_m(path+2,'\\');
768 data_blob_clear_free(&password);
769 reply_nterror(req, NT_STATUS_BAD_NETWORK_NAME);
770 END_PROFILE(SMBtconX);
778 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
779 &client_devicetype, p,
780 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
782 if (client_devicetype == NULL) {
783 data_blob_clear_free(&password);
784 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
785 END_PROFILE(SMBtconX);
789 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
791 conn = make_connection(sconn, service, password, client_devicetype,
792 req->vuid, &nt_status);
795 data_blob_clear_free(&password);
798 reply_nterror(req, nt_status);
799 END_PROFILE(SMBtconX);
804 server_devicetype = "IPC";
805 else if ( IS_PRINT(conn) )
806 server_devicetype = "LPT1:";
808 server_devicetype = "A:";
810 if (get_Protocol() < PROTOCOL_NT1) {
811 reply_outbuf(req, 2, 0);
812 if (message_push_string(&req->outbuf, server_devicetype,
813 STR_TERMINATE|STR_ASCII) == -1) {
814 reply_nterror(req, NT_STATUS_NO_MEMORY);
815 END_PROFILE(SMBtconX);
819 /* NT sets the fstype of IPC$ to the null string */
820 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
822 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
823 /* Return permissions. */
827 reply_outbuf(req, 7, 0);
830 perm1 = FILE_ALL_ACCESS;
831 perm2 = FILE_ALL_ACCESS;
833 perm1 = CAN_WRITE(conn) ?
838 SIVAL(req->outbuf, smb_vwv3, perm1);
839 SIVAL(req->outbuf, smb_vwv5, perm2);
841 reply_outbuf(req, 3, 0);
844 if ((message_push_string(&req->outbuf, server_devicetype,
845 STR_TERMINATE|STR_ASCII) == -1)
846 || (message_push_string(&req->outbuf, fstype,
847 STR_TERMINATE) == -1)) {
848 reply_nterror(req, NT_STATUS_NO_MEMORY);
849 END_PROFILE(SMBtconX);
853 /* what does setting this bit do? It is set by NT4 and
854 may affect the ability to autorun mounted cdroms */
855 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
856 (lp_csc_policy(SNUM(conn)) << 2));
858 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
859 DEBUG(2,("Serving %s as a Dfs root\n",
860 lp_servicename(SNUM(conn)) ));
861 SSVAL(req->outbuf, smb_vwv2,
862 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
867 DEBUG(3,("tconX service=%s \n",
870 /* set the incoming and outgoing tid to the just created one */
871 SSVAL(req->inbuf,smb_tid,conn->cnum);
872 SSVAL(req->outbuf,smb_tid,conn->cnum);
874 END_PROFILE(SMBtconX);
876 req->tid = conn->cnum;
881 /****************************************************************************
882 Reply to an unknown type.
883 ****************************************************************************/
885 void reply_unknown_new(struct smb_request *req, uint8 type)
887 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
888 smb_fn_name(type), type, type));
889 reply_force_doserror(req, ERRSRV, ERRunknownsmb);
893 /****************************************************************************
895 conn POINTER CAN BE NULL HERE !
896 ****************************************************************************/
898 void reply_ioctl(struct smb_request *req)
900 connection_struct *conn = req->conn;
907 START_PROFILE(SMBioctl);
910 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
911 END_PROFILE(SMBioctl);
915 device = SVAL(req->vwv+1, 0);
916 function = SVAL(req->vwv+2, 0);
917 ioctl_code = (device << 16) + function;
919 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
921 switch (ioctl_code) {
922 case IOCTL_QUERY_JOB_INFO:
926 reply_force_doserror(req, ERRSRV, ERRnosupport);
927 END_PROFILE(SMBioctl);
931 reply_outbuf(req, 8, replysize+1);
932 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
933 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
934 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
935 p = smb_buf(req->outbuf);
936 memset(p, '\0', replysize+1); /* valgrind-safe. */
937 p += 1; /* Allow for alignment */
939 switch (ioctl_code) {
940 case IOCTL_QUERY_JOB_INFO:
942 files_struct *fsp = file_fsp(
943 req, SVAL(req->vwv+0, 0));
945 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
946 END_PROFILE(SMBioctl);
950 if (fsp->print_file) {
951 SSVAL(p, 0, fsp->print_file->rap_jobid);
955 srvstr_push((char *)req->outbuf, req->flags2, p+2,
957 STR_TERMINATE|STR_ASCII);
959 srvstr_push((char *)req->outbuf, req->flags2,
960 p+18, lp_servicename(SNUM(conn)),
961 13, STR_TERMINATE|STR_ASCII);
969 END_PROFILE(SMBioctl);
973 /****************************************************************************
974 Strange checkpath NTSTATUS mapping.
975 ****************************************************************************/
977 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
979 /* Strange DOS error code semantics only for checkpath... */
980 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
981 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
982 /* We need to map to ERRbadpath */
983 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
989 /****************************************************************************
990 Reply to a checkpath.
991 ****************************************************************************/
993 void reply_checkpath(struct smb_request *req)
995 connection_struct *conn = req->conn;
996 struct smb_filename *smb_fname = NULL;
999 TALLOC_CTX *ctx = talloc_tos();
1001 START_PROFILE(SMBcheckpath);
1003 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
1004 STR_TERMINATE, &status);
1006 if (!NT_STATUS_IS_OK(status)) {
1007 status = map_checkpath_error(req->flags2, status);
1008 reply_nterror(req, status);
1009 END_PROFILE(SMBcheckpath);
1013 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
1015 status = filename_convert(ctx,
1017 req->flags2 & FLAGS2_DFS_PATHNAMES,
1023 if (!NT_STATUS_IS_OK(status)) {
1024 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1025 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1026 ERRSRV, ERRbadpath);
1027 END_PROFILE(SMBcheckpath);
1033 if (!VALID_STAT(smb_fname->st) &&
1034 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1035 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",
1036 smb_fname_str_dbg(smb_fname), strerror(errno)));
1037 status = map_nt_error_from_unix(errno);
1041 if (!S_ISDIR(smb_fname->st.st_ex_mode)) {
1042 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
1043 ERRDOS, ERRbadpath);
1047 reply_outbuf(req, 0, 0);
1050 /* We special case this - as when a Windows machine
1051 is parsing a path is steps through the components
1052 one at a time - if a component fails it expects
1053 ERRbadpath, not ERRbadfile.
1055 status = map_checkpath_error(req->flags2, status);
1056 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1058 * Windows returns different error codes if
1059 * the parent directory is valid but not the
1060 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
1061 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
1062 * if the path is invalid.
1064 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
1065 ERRDOS, ERRbadpath);
1069 reply_nterror(req, status);
1072 TALLOC_FREE(smb_fname);
1073 END_PROFILE(SMBcheckpath);
1077 /****************************************************************************
1079 ****************************************************************************/
1081 void reply_getatr(struct smb_request *req)
1083 connection_struct *conn = req->conn;
1084 struct smb_filename *smb_fname = NULL;
1091 TALLOC_CTX *ctx = talloc_tos();
1092 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1094 START_PROFILE(SMBgetatr);
1096 p = (const char *)req->buf + 1;
1097 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1098 if (!NT_STATUS_IS_OK(status)) {
1099 reply_nterror(req, status);
1103 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1104 under WfWg - weird! */
1105 if (*fname == '\0') {
1106 mode = aHIDDEN | aDIR;
1107 if (!CAN_WRITE(conn)) {
1113 status = filename_convert(ctx,
1115 req->flags2 & FLAGS2_DFS_PATHNAMES,
1120 if (!NT_STATUS_IS_OK(status)) {
1121 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1122 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1123 ERRSRV, ERRbadpath);
1126 reply_nterror(req, status);
1129 if (!VALID_STAT(smb_fname->st) &&
1130 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1131 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",
1132 smb_fname_str_dbg(smb_fname),
1134 reply_nterror(req, map_nt_error_from_unix(errno));
1138 mode = dos_mode(conn, smb_fname);
1139 size = smb_fname->st.st_ex_size;
1141 if (ask_sharemode) {
1142 struct timespec write_time_ts;
1143 struct file_id fileid;
1145 ZERO_STRUCT(write_time_ts);
1146 fileid = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1147 get_file_infos(fileid, 0, NULL, &write_time_ts);
1148 if (!null_timespec(write_time_ts)) {
1149 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1153 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1159 reply_outbuf(req, 10, 0);
1161 SSVAL(req->outbuf,smb_vwv0,mode);
1162 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1163 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1165 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1167 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1169 if (get_Protocol() >= PROTOCOL_NT1) {
1170 SSVAL(req->outbuf, smb_flg2,
1171 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1174 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n",
1175 smb_fname_str_dbg(smb_fname), mode, (unsigned int)size));
1178 TALLOC_FREE(smb_fname);
1180 END_PROFILE(SMBgetatr);
1184 /****************************************************************************
1186 ****************************************************************************/
1188 void reply_setatr(struct smb_request *req)
1190 struct smb_file_time ft;
1191 connection_struct *conn = req->conn;
1192 struct smb_filename *smb_fname = NULL;
1198 TALLOC_CTX *ctx = talloc_tos();
1200 START_PROFILE(SMBsetatr);
1205 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1209 p = (const char *)req->buf + 1;
1210 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1211 if (!NT_STATUS_IS_OK(status)) {
1212 reply_nterror(req, status);
1216 status = filename_convert(ctx,
1218 req->flags2 & FLAGS2_DFS_PATHNAMES,
1223 if (!NT_STATUS_IS_OK(status)) {
1224 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1225 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1226 ERRSRV, ERRbadpath);
1229 reply_nterror(req, status);
1233 if (smb_fname->base_name[0] == '.' &&
1234 smb_fname->base_name[1] == '\0') {
1236 * Not sure here is the right place to catch this
1237 * condition. Might be moved to somewhere else later -- vl
1239 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1243 mode = SVAL(req->vwv+0, 0);
1244 mtime = srv_make_unix_date3(req->vwv+1);
1246 ft.mtime = convert_time_t_to_timespec(mtime);
1247 status = smb_set_file_time(conn, NULL, smb_fname, &ft, true);
1248 if (!NT_STATUS_IS_OK(status)) {
1249 reply_nterror(req, status);
1253 if (mode != FILE_ATTRIBUTE_NORMAL) {
1254 if (VALID_STAT_OF_DIR(smb_fname->st))
1259 if (file_set_dosmode(conn, smb_fname, mode, NULL,
1261 reply_nterror(req, map_nt_error_from_unix(errno));
1266 reply_outbuf(req, 0, 0);
1268 DEBUG(3, ("setatr name=%s mode=%d\n", smb_fname_str_dbg(smb_fname),
1271 TALLOC_FREE(smb_fname);
1272 END_PROFILE(SMBsetatr);
1276 /****************************************************************************
1278 ****************************************************************************/
1280 void reply_dskattr(struct smb_request *req)
1282 connection_struct *conn = req->conn;
1283 uint64_t dfree,dsize,bsize;
1284 START_PROFILE(SMBdskattr);
1286 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1287 reply_nterror(req, map_nt_error_from_unix(errno));
1288 END_PROFILE(SMBdskattr);
1292 reply_outbuf(req, 5, 0);
1294 if (get_Protocol() <= PROTOCOL_LANMAN2) {
1295 double total_space, free_space;
1296 /* we need to scale this to a number that DOS6 can handle. We
1297 use floating point so we can handle large drives on systems
1298 that don't have 64 bit integers
1300 we end up displaying a maximum of 2G to DOS systems
1302 total_space = dsize * (double)bsize;
1303 free_space = dfree * (double)bsize;
1305 dsize = (uint64_t)((total_space+63*512) / (64*512));
1306 dfree = (uint64_t)((free_space+63*512) / (64*512));
1308 if (dsize > 0xFFFF) dsize = 0xFFFF;
1309 if (dfree > 0xFFFF) dfree = 0xFFFF;
1311 SSVAL(req->outbuf,smb_vwv0,dsize);
1312 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1313 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1314 SSVAL(req->outbuf,smb_vwv3,dfree);
1316 SSVAL(req->outbuf,smb_vwv0,dsize);
1317 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1318 SSVAL(req->outbuf,smb_vwv2,512);
1319 SSVAL(req->outbuf,smb_vwv3,dfree);
1322 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1324 END_PROFILE(SMBdskattr);
1329 * Utility function to split the filename from the directory.
1331 static NTSTATUS split_fname_dir_mask(TALLOC_CTX *ctx, const char *fname_in,
1332 char **fname_dir_out,
1333 char **fname_mask_out)
1335 const char *p = NULL;
1336 char *fname_dir = NULL;
1337 char *fname_mask = NULL;
1339 p = strrchr_m(fname_in, '/');
1341 fname_dir = talloc_strdup(ctx, ".");
1342 fname_mask = talloc_strdup(ctx, fname_in);
1344 fname_dir = talloc_strndup(ctx, fname_in,
1345 PTR_DIFF(p, fname_in));
1346 fname_mask = talloc_strdup(ctx, p+1);
1349 if (!fname_dir || !fname_mask) {
1350 TALLOC_FREE(fname_dir);
1351 TALLOC_FREE(fname_mask);
1352 return NT_STATUS_NO_MEMORY;
1355 *fname_dir_out = fname_dir;
1356 *fname_mask_out = fname_mask;
1357 return NT_STATUS_OK;
1360 /****************************************************************************
1362 Can be called from SMBsearch, SMBffirst or SMBfunique.
1363 ****************************************************************************/
1365 void reply_search(struct smb_request *req)
1367 connection_struct *conn = req->conn;
1369 const char *mask = NULL;
1370 char *directory = NULL;
1371 struct smb_filename *smb_fname = NULL;
1375 struct timespec date;
1377 unsigned int numentries = 0;
1378 unsigned int maxentries = 0;
1379 bool finished = False;
1384 bool check_descend = False;
1385 bool expect_close = False;
1387 bool mask_contains_wcard = False;
1388 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1389 TALLOC_CTX *ctx = talloc_tos();
1390 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1391 struct dptr_struct *dirptr = NULL;
1392 struct smbd_server_connection *sconn = req->sconn;
1394 START_PROFILE(SMBsearch);
1397 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1401 if (lp_posix_pathnames()) {
1402 reply_unknown_new(req, req->cmd);
1406 /* If we were called as SMBffirst then we must expect close. */
1407 if(req->cmd == SMBffirst) {
1408 expect_close = True;
1411 reply_outbuf(req, 1, 3);
1412 maxentries = SVAL(req->vwv+0, 0);
1413 dirtype = SVAL(req->vwv+1, 0);
1414 p = (const char *)req->buf + 1;
1415 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1416 &nt_status, &mask_contains_wcard);
1417 if (!NT_STATUS_IS_OK(nt_status)) {
1418 reply_nterror(req, nt_status);
1423 status_len = SVAL(p, 0);
1426 /* dirtype &= ~aDIR; */
1428 if (status_len == 0) {
1429 nt_status = filename_convert(ctx, conn,
1430 req->flags2 & FLAGS2_DFS_PATHNAMES,
1432 UCF_ALWAYS_ALLOW_WCARD_LCOMP,
1433 &mask_contains_wcard,
1435 if (!NT_STATUS_IS_OK(nt_status)) {
1436 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1437 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1438 ERRSRV, ERRbadpath);
1441 reply_nterror(req, nt_status);
1445 directory = smb_fname->base_name;
1447 p = strrchr_m(directory,'/');
1448 if ((p != NULL) && (*directory != '/')) {
1450 directory = talloc_strndup(ctx, directory,
1451 PTR_DIFF(p, directory));
1454 directory = talloc_strdup(ctx,".");
1458 reply_nterror(req, NT_STATUS_NO_MEMORY);
1462 memset((char *)status,'\0',21);
1463 SCVAL(status,0,(dirtype & 0x1F));
1465 nt_status = dptr_create(conn,
1472 mask_contains_wcard,
1475 if (!NT_STATUS_IS_OK(nt_status)) {
1476 reply_nterror(req, nt_status);
1479 dptr_num = dptr_dnum(dirptr);
1482 const char *dirpath;
1484 memcpy(status,p,21);
1485 status_dirtype = CVAL(status,0) & 0x1F;
1486 if (status_dirtype != (dirtype & 0x1F)) {
1487 dirtype = status_dirtype;
1490 dirptr = dptr_fetch(sconn, status+12,&dptr_num);
1494 dirpath = dptr_path(sconn, dptr_num);
1495 directory = talloc_strdup(ctx, dirpath);
1497 reply_nterror(req, NT_STATUS_NO_MEMORY);
1501 mask = dptr_wcard(sconn, dptr_num);
1506 * For a 'continue' search we have no string. So
1507 * check from the initial saved string.
1509 mask_contains_wcard = ms_has_wild(mask);
1510 dirtype = dptr_attr(sconn, dptr_num);
1513 DEBUG(4,("dptr_num is %d\n",dptr_num));
1515 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1516 dptr_init_search_op(dirptr);
1518 if ((dirtype&0x1F) == aVOLID) {
1519 char buf[DIR_STRUCT_SIZE];
1520 memcpy(buf,status,21);
1521 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1522 0,aVOLID,0,!allow_long_path_components)) {
1523 reply_nterror(req, NT_STATUS_NO_MEMORY);
1526 dptr_fill(sconn, buf+12,dptr_num);
1527 if (dptr_zero(buf+12) && (status_len==0)) {
1532 if (message_push_blob(&req->outbuf,
1533 data_blob_const(buf, sizeof(buf)))
1535 reply_nterror(req, NT_STATUS_NO_MEMORY);
1543 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1546 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1547 directory,lp_dontdescend(SNUM(conn))));
1548 if (in_list(directory, lp_dontdescend(SNUM(conn)),True)) {
1549 check_descend = True;
1552 for (i=numentries;(i<maxentries) && !finished;i++) {
1553 finished = !get_dir_entry(ctx,
1564 char buf[DIR_STRUCT_SIZE];
1565 memcpy(buf,status,21);
1566 if (!make_dir_struct(ctx,
1572 convert_timespec_to_time_t(date),
1573 !allow_long_path_components)) {
1574 reply_nterror(req, NT_STATUS_NO_MEMORY);
1577 if (!dptr_fill(sconn, buf+12,dptr_num)) {
1580 if (message_push_blob(&req->outbuf,
1581 data_blob_const(buf, sizeof(buf)))
1583 reply_nterror(req, NT_STATUS_NO_MEMORY);
1593 /* If we were called as SMBffirst with smb_search_id == NULL
1594 and no entries were found then return error and close dirptr
1597 if (numentries == 0) {
1598 dptr_close(sconn, &dptr_num);
1599 } else if(expect_close && status_len == 0) {
1600 /* Close the dptr - we know it's gone */
1601 dptr_close(sconn, &dptr_num);
1604 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1605 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1606 dptr_close(sconn, &dptr_num);
1609 if ((numentries == 0) && !mask_contains_wcard) {
1610 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1614 SSVAL(req->outbuf,smb_vwv0,numentries);
1615 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1616 SCVAL(smb_buf(req->outbuf),0,5);
1617 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1619 /* The replies here are never long name. */
1620 SSVAL(req->outbuf, smb_flg2,
1621 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1622 if (!allow_long_path_components) {
1623 SSVAL(req->outbuf, smb_flg2,
1624 SVAL(req->outbuf, smb_flg2)
1625 & (~FLAGS2_LONG_PATH_COMPONENTS));
1628 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1629 SSVAL(req->outbuf, smb_flg2,
1630 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1632 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1633 smb_fn_name(req->cmd),
1640 TALLOC_FREE(directory);
1641 TALLOC_FREE(smb_fname);
1642 END_PROFILE(SMBsearch);
1646 /****************************************************************************
1647 Reply to a fclose (stop directory search).
1648 ****************************************************************************/
1650 void reply_fclose(struct smb_request *req)
1658 bool path_contains_wcard = False;
1659 TALLOC_CTX *ctx = talloc_tos();
1660 struct smbd_server_connection *sconn = req->sconn;
1662 START_PROFILE(SMBfclose);
1664 if (lp_posix_pathnames()) {
1665 reply_unknown_new(req, req->cmd);
1666 END_PROFILE(SMBfclose);
1670 p = (const char *)req->buf + 1;
1671 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1672 &err, &path_contains_wcard);
1673 if (!NT_STATUS_IS_OK(err)) {
1674 reply_nterror(req, err);
1675 END_PROFILE(SMBfclose);
1679 status_len = SVAL(p,0);
1682 if (status_len == 0) {
1683 reply_force_doserror(req, ERRSRV, ERRsrverror);
1684 END_PROFILE(SMBfclose);
1688 memcpy(status,p,21);
1690 if(dptr_fetch(sconn, status+12,&dptr_num)) {
1691 /* Close the dptr - we know it's gone */
1692 dptr_close(sconn, &dptr_num);
1695 reply_outbuf(req, 1, 0);
1696 SSVAL(req->outbuf,smb_vwv0,0);
1698 DEBUG(3,("search close\n"));
1700 END_PROFILE(SMBfclose);
1704 /****************************************************************************
1706 ****************************************************************************/
1708 void reply_open(struct smb_request *req)
1710 connection_struct *conn = req->conn;
1711 struct smb_filename *smb_fname = NULL;
1723 uint32 create_disposition;
1724 uint32 create_options = 0;
1725 uint32_t private_flags = 0;
1727 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1728 TALLOC_CTX *ctx = talloc_tos();
1730 START_PROFILE(SMBopen);
1733 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1737 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1738 deny_mode = SVAL(req->vwv+0, 0);
1739 dos_attr = SVAL(req->vwv+1, 0);
1741 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1742 STR_TERMINATE, &status);
1743 if (!NT_STATUS_IS_OK(status)) {
1744 reply_nterror(req, status);
1748 status = filename_convert(ctx,
1750 req->flags2 & FLAGS2_DFS_PATHNAMES,
1755 if (!NT_STATUS_IS_OK(status)) {
1756 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1757 reply_botherror(req,
1758 NT_STATUS_PATH_NOT_COVERED,
1759 ERRSRV, ERRbadpath);
1762 reply_nterror(req, status);
1766 if (!map_open_params_to_ntcreate(smb_fname, deny_mode,
1767 OPENX_FILE_EXISTS_OPEN, &access_mask,
1768 &share_mode, &create_disposition,
1769 &create_options, &private_flags)) {
1770 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1774 status = SMB_VFS_CREATE_FILE(
1777 0, /* root_dir_fid */
1778 smb_fname, /* fname */
1779 access_mask, /* access_mask */
1780 share_mode, /* share_access */
1781 create_disposition, /* create_disposition*/
1782 create_options, /* create_options */
1783 dos_attr, /* file_attributes */
1784 oplock_request, /* oplock_request */
1785 0, /* allocation_size */
1792 if (!NT_STATUS_IS_OK(status)) {
1793 if (open_was_deferred(req->mid)) {
1794 /* We have re-scheduled this call. */
1797 reply_openerror(req, status);
1801 size = smb_fname->st.st_ex_size;
1802 fattr = dos_mode(conn, smb_fname);
1804 /* Deal with other possible opens having a modified
1806 if (ask_sharemode) {
1807 struct timespec write_time_ts;
1809 ZERO_STRUCT(write_time_ts);
1810 get_file_infos(fsp->file_id, 0, NULL, &write_time_ts);
1811 if (!null_timespec(write_time_ts)) {
1812 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1816 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1819 DEBUG(3,("attempt to open a directory %s\n",
1821 close_file(req, fsp, ERROR_CLOSE);
1822 reply_botherror(req, NT_STATUS_ACCESS_DENIED,
1823 ERRDOS, ERRnoaccess);
1827 reply_outbuf(req, 7, 0);
1828 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1829 SSVAL(req->outbuf,smb_vwv1,fattr);
1830 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1831 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1833 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1835 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1836 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1838 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1839 SCVAL(req->outbuf,smb_flg,
1840 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1843 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1844 SCVAL(req->outbuf,smb_flg,
1845 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1848 TALLOC_FREE(smb_fname);
1849 END_PROFILE(SMBopen);
1853 /****************************************************************************
1854 Reply to an open and X.
1855 ****************************************************************************/
1857 void reply_open_and_X(struct smb_request *req)
1859 connection_struct *conn = req->conn;
1860 struct smb_filename *smb_fname = NULL;
1865 /* Breakout the oplock request bits so we can set the
1866 reply bits separately. */
1867 int ex_oplock_request;
1868 int core_oplock_request;
1871 int smb_sattr = SVAL(req->vwv+4, 0);
1872 uint32 smb_time = make_unix_date3(req->vwv+6);
1880 uint64_t allocation_size;
1881 ssize_t retval = -1;
1884 uint32 create_disposition;
1885 uint32 create_options = 0;
1886 uint32_t private_flags = 0;
1887 TALLOC_CTX *ctx = talloc_tos();
1889 START_PROFILE(SMBopenX);
1891 if (req->wct < 15) {
1892 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1896 open_flags = SVAL(req->vwv+2, 0);
1897 deny_mode = SVAL(req->vwv+3, 0);
1898 smb_attr = SVAL(req->vwv+5, 0);
1899 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1900 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1901 oplock_request = ex_oplock_request | core_oplock_request;
1902 smb_ofun = SVAL(req->vwv+8, 0);
1903 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1905 /* If it's an IPC, pass off the pipe handler. */
1907 if (lp_nt_pipe_support()) {
1908 reply_open_pipe_and_X(conn, req);
1910 reply_nterror(req, NT_STATUS_NETWORK_ACCESS_DENIED);
1915 /* XXXX we need to handle passed times, sattr and flags */
1916 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1917 STR_TERMINATE, &status);
1918 if (!NT_STATUS_IS_OK(status)) {
1919 reply_nterror(req, status);
1923 status = filename_convert(ctx,
1925 req->flags2 & FLAGS2_DFS_PATHNAMES,
1930 if (!NT_STATUS_IS_OK(status)) {
1931 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1932 reply_botherror(req,
1933 NT_STATUS_PATH_NOT_COVERED,
1934 ERRSRV, ERRbadpath);
1937 reply_nterror(req, status);
1941 if (!map_open_params_to_ntcreate(smb_fname, deny_mode, smb_ofun,
1942 &access_mask, &share_mode,
1943 &create_disposition,
1946 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1950 status = SMB_VFS_CREATE_FILE(
1953 0, /* root_dir_fid */
1954 smb_fname, /* fname */
1955 access_mask, /* access_mask */
1956 share_mode, /* share_access */
1957 create_disposition, /* create_disposition*/
1958 create_options, /* create_options */
1959 smb_attr, /* file_attributes */
1960 oplock_request, /* oplock_request */
1961 0, /* allocation_size */
1966 &smb_action); /* pinfo */
1968 if (!NT_STATUS_IS_OK(status)) {
1969 if (open_was_deferred(req->mid)) {
1970 /* We have re-scheduled this call. */
1973 reply_openerror(req, status);
1977 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1978 if the file is truncated or created. */
1979 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1980 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1981 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1982 close_file(req, fsp, ERROR_CLOSE);
1983 reply_nterror(req, NT_STATUS_DISK_FULL);
1986 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1988 close_file(req, fsp, ERROR_CLOSE);
1989 reply_nterror(req, NT_STATUS_DISK_FULL);
1992 status = vfs_stat_fsp(fsp);
1993 if (!NT_STATUS_IS_OK(status)) {
1994 close_file(req, fsp, ERROR_CLOSE);
1995 reply_nterror(req, status);
2000 fattr = dos_mode(conn, fsp->fsp_name);
2001 mtime = convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_mtime);
2003 close_file(req, fsp, ERROR_CLOSE);
2004 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
2008 /* If the caller set the extended oplock request bit
2009 and we granted one (by whatever means) - set the
2010 correct bit for extended oplock reply.
2013 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2014 smb_action |= EXTENDED_OPLOCK_GRANTED;
2017 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2018 smb_action |= EXTENDED_OPLOCK_GRANTED;
2021 /* If the caller set the core oplock request bit
2022 and we granted one (by whatever means) - set the
2023 correct bit for core oplock reply.
2026 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2027 reply_outbuf(req, 19, 0);
2029 reply_outbuf(req, 15, 0);
2032 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2033 SCVAL(req->outbuf, smb_flg,
2034 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2037 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2038 SCVAL(req->outbuf, smb_flg,
2039 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2042 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
2043 SSVAL(req->outbuf,smb_vwv3,fattr);
2044 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
2045 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
2047 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
2049 SIVAL(req->outbuf,smb_vwv6,(uint32)fsp->fsp_name->st.st_ex_size);
2050 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
2051 SSVAL(req->outbuf,smb_vwv11,smb_action);
2053 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2054 SIVAL(req->outbuf, smb_vwv15, SEC_STD_ALL);
2059 TALLOC_FREE(smb_fname);
2060 END_PROFILE(SMBopenX);
2064 /****************************************************************************
2065 Reply to a SMBulogoffX.
2066 ****************************************************************************/
2068 void reply_ulogoffX(struct smb_request *req)
2070 struct smbd_server_connection *sconn = req->sconn;
2073 START_PROFILE(SMBulogoffX);
2075 vuser = get_valid_user_struct(sconn, req->vuid);
2078 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
2082 /* in user level security we are supposed to close any files
2083 open by this user */
2084 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
2085 file_close_user(sconn, req->vuid);
2088 invalidate_vuid(sconn, req->vuid);
2090 reply_outbuf(req, 2, 0);
2092 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
2094 END_PROFILE(SMBulogoffX);
2095 req->vuid = UID_FIELD_INVALID;
2099 /****************************************************************************
2100 Reply to a mknew or a create.
2101 ****************************************************************************/
2103 void reply_mknew(struct smb_request *req)
2105 connection_struct *conn = req->conn;
2106 struct smb_filename *smb_fname = NULL;
2109 struct smb_file_time ft;
2111 int oplock_request = 0;
2113 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
2114 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
2115 uint32 create_disposition;
2116 uint32 create_options = 0;
2117 TALLOC_CTX *ctx = talloc_tos();
2119 START_PROFILE(SMBcreate);
2123 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2127 fattr = SVAL(req->vwv+0, 0);
2128 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2131 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
2133 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
2134 STR_TERMINATE, &status);
2135 if (!NT_STATUS_IS_OK(status)) {
2136 reply_nterror(req, status);
2140 status = filename_convert(ctx,
2142 req->flags2 & FLAGS2_DFS_PATHNAMES,
2147 if (!NT_STATUS_IS_OK(status)) {
2148 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2149 reply_botherror(req,
2150 NT_STATUS_PATH_NOT_COVERED,
2151 ERRSRV, ERRbadpath);
2154 reply_nterror(req, status);
2158 if (fattr & aVOLID) {
2159 DEBUG(0,("Attempt to create file (%s) with volid set - "
2160 "please report this\n",
2161 smb_fname_str_dbg(smb_fname)));
2164 if(req->cmd == SMBmknew) {
2165 /* We should fail if file exists. */
2166 create_disposition = FILE_CREATE;
2168 /* Create if file doesn't exist, truncate if it does. */
2169 create_disposition = FILE_OVERWRITE_IF;
2172 status = SMB_VFS_CREATE_FILE(
2175 0, /* root_dir_fid */
2176 smb_fname, /* fname */
2177 access_mask, /* access_mask */
2178 share_mode, /* share_access */
2179 create_disposition, /* create_disposition*/
2180 create_options, /* create_options */
2181 fattr, /* file_attributes */
2182 oplock_request, /* oplock_request */
2183 0, /* allocation_size */
2184 0, /* private_flags */
2190 if (!NT_STATUS_IS_OK(status)) {
2191 if (open_was_deferred(req->mid)) {
2192 /* We have re-scheduled this call. */
2195 reply_openerror(req, status);
2199 ft.atime = smb_fname->st.st_ex_atime; /* atime. */
2200 status = smb_set_file_time(conn, fsp, smb_fname, &ft, true);
2201 if (!NT_STATUS_IS_OK(status)) {
2202 END_PROFILE(SMBcreate);
2206 reply_outbuf(req, 1, 0);
2207 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2209 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2210 SCVAL(req->outbuf,smb_flg,
2211 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2214 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2215 SCVAL(req->outbuf,smb_flg,
2216 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2219 DEBUG(2, ("reply_mknew: file %s\n", smb_fname_str_dbg(smb_fname)));
2220 DEBUG(3, ("reply_mknew %s fd=%d dmode=0x%x\n",
2221 smb_fname_str_dbg(smb_fname), fsp->fh->fd,
2222 (unsigned int)fattr));
2225 TALLOC_FREE(smb_fname);
2226 END_PROFILE(SMBcreate);
2230 /****************************************************************************
2231 Reply to a create temporary file.
2232 ****************************************************************************/
2234 void reply_ctemp(struct smb_request *req)
2236 connection_struct *conn = req->conn;
2237 struct smb_filename *smb_fname = NULL;
2245 TALLOC_CTX *ctx = talloc_tos();
2247 START_PROFILE(SMBctemp);
2250 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2254 fattr = SVAL(req->vwv+0, 0);
2255 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2257 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2258 STR_TERMINATE, &status);
2259 if (!NT_STATUS_IS_OK(status)) {
2260 reply_nterror(req, status);
2264 fname = talloc_asprintf(ctx,
2268 fname = talloc_strdup(ctx, "TMXXXXXX");
2272 reply_nterror(req, NT_STATUS_NO_MEMORY);
2276 status = filename_convert(ctx, conn,
2277 req->flags2 & FLAGS2_DFS_PATHNAMES,
2282 if (!NT_STATUS_IS_OK(status)) {
2283 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2284 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2285 ERRSRV, ERRbadpath);
2288 reply_nterror(req, status);
2292 tmpfd = mkstemp(smb_fname->base_name);
2294 reply_nterror(req, map_nt_error_from_unix(errno));
2298 SMB_VFS_STAT(conn, smb_fname);
2300 /* We should fail if file does not exist. */
2301 status = SMB_VFS_CREATE_FILE(
2304 0, /* root_dir_fid */
2305 smb_fname, /* fname */
2306 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2307 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2308 FILE_OPEN, /* create_disposition*/
2309 0, /* create_options */
2310 fattr, /* file_attributes */
2311 oplock_request, /* oplock_request */
2312 0, /* allocation_size */
2313 0, /* private_flags */
2319 /* close fd from mkstemp() */
2322 if (!NT_STATUS_IS_OK(status)) {
2323 if (open_was_deferred(req->mid)) {
2324 /* We have re-scheduled this call. */
2327 reply_openerror(req, status);
2331 reply_outbuf(req, 1, 0);
2332 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2334 /* the returned filename is relative to the directory */
2335 s = strrchr_m(fsp->fsp_name->base_name, '/');
2337 s = fsp->fsp_name->base_name;
2343 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2344 thing in the byte section. JRA */
2345 SSVALS(p, 0, -1); /* what is this? not in spec */
2347 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2349 reply_nterror(req, NT_STATUS_NO_MEMORY);
2353 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2354 SCVAL(req->outbuf, smb_flg,
2355 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2358 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2359 SCVAL(req->outbuf, smb_flg,
2360 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2363 DEBUG(2, ("reply_ctemp: created temp file %s\n", fsp_str_dbg(fsp)));
2364 DEBUG(3, ("reply_ctemp %s fd=%d umode=0%o\n", fsp_str_dbg(fsp),
2365 fsp->fh->fd, (unsigned int)smb_fname->st.st_ex_mode));
2367 TALLOC_FREE(smb_fname);
2368 END_PROFILE(SMBctemp);
2372 /*******************************************************************
2373 Check if a user is allowed to rename a file.
2374 ********************************************************************/
2376 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2381 if (!CAN_WRITE(conn)) {
2382 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2385 fmode = dos_mode(conn, fsp->fsp_name);
2386 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2387 return NT_STATUS_NO_SUCH_FILE;
2390 if (S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
2391 if (fsp->posix_open) {
2392 return NT_STATUS_OK;
2395 /* If no pathnames are open below this
2396 directory, allow the rename. */
2398 if (file_find_subpath(fsp)) {
2399 return NT_STATUS_ACCESS_DENIED;
2401 return NT_STATUS_OK;
2404 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2405 return NT_STATUS_OK;
2408 return NT_STATUS_ACCESS_DENIED;
2411 /*******************************************************************
2412 * unlink a file with all relevant access checks
2413 *******************************************************************/
2415 static NTSTATUS do_unlink(connection_struct *conn,
2416 struct smb_request *req,
2417 struct smb_filename *smb_fname,
2422 uint32 dirtype_orig = dirtype;
2425 bool posix_paths = lp_posix_pathnames();
2427 DEBUG(10,("do_unlink: %s, dirtype = %d\n",
2428 smb_fname_str_dbg(smb_fname),
2431 if (!CAN_WRITE(conn)) {
2432 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2436 ret = SMB_VFS_LSTAT(conn, smb_fname);
2438 ret = SMB_VFS_STAT(conn, smb_fname);
2441 return map_nt_error_from_unix(errno);
2444 fattr = dos_mode(conn, smb_fname);
2446 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2447 dirtype = aDIR|aARCH|aRONLY;
2450 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2452 return NT_STATUS_NO_SUCH_FILE;
2455 if (!dir_check_ftype(conn, fattr, dirtype)) {
2457 return NT_STATUS_FILE_IS_A_DIRECTORY;
2459 return NT_STATUS_NO_SUCH_FILE;
2462 if (dirtype_orig & 0x8000) {
2463 /* These will never be set for POSIX. */
2464 return NT_STATUS_NO_SUCH_FILE;
2468 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2469 return NT_STATUS_FILE_IS_A_DIRECTORY;
2472 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2473 return NT_STATUS_NO_SUCH_FILE;
2476 if (dirtype & 0xFF00) {
2477 /* These will never be set for POSIX. */
2478 return NT_STATUS_NO_SUCH_FILE;
2483 return NT_STATUS_NO_SUCH_FILE;
2486 /* Can't delete a directory. */
2488 return NT_STATUS_FILE_IS_A_DIRECTORY;
2493 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2494 return NT_STATUS_OBJECT_NAME_INVALID;
2495 #endif /* JRATEST */
2497 /* On open checks the open itself will check the share mode, so
2498 don't do it here as we'll get it wrong. */
2500 status = SMB_VFS_CREATE_FILE
2503 0, /* root_dir_fid */
2504 smb_fname, /* fname */
2505 DELETE_ACCESS, /* access_mask */
2506 FILE_SHARE_NONE, /* share_access */
2507 FILE_OPEN, /* create_disposition*/
2508 FILE_NON_DIRECTORY_FILE, /* create_options */
2509 /* file_attributes */
2510 posix_paths ? FILE_FLAG_POSIX_SEMANTICS|0777 :
2511 FILE_ATTRIBUTE_NORMAL,
2512 0, /* oplock_request */
2513 0, /* allocation_size */
2514 0, /* private_flags */
2520 if (!NT_STATUS_IS_OK(status)) {
2521 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2522 nt_errstr(status)));
2526 status = can_set_delete_on_close(fsp, fattr);
2527 if (!NT_STATUS_IS_OK(status)) {
2528 DEBUG(10, ("do_unlink can_set_delete_on_close for file %s - "
2530 smb_fname_str_dbg(smb_fname),
2531 nt_errstr(status)));
2532 close_file(req, fsp, NORMAL_CLOSE);
2536 /* The set is across all open files on this dev/inode pair. */
2537 if (!set_delete_on_close(fsp, True, &conn->session_info->utok)) {
2538 close_file(req, fsp, NORMAL_CLOSE);
2539 return NT_STATUS_ACCESS_DENIED;
2542 return close_file(req, fsp, NORMAL_CLOSE);
2545 /****************************************************************************
2546 The guts of the unlink command, split out so it may be called by the NT SMB
2548 ****************************************************************************/
2550 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2551 uint32 dirtype, struct smb_filename *smb_fname,
2554 char *fname_dir = NULL;
2555 char *fname_mask = NULL;
2557 NTSTATUS status = NT_STATUS_OK;
2558 TALLOC_CTX *ctx = talloc_tos();
2560 /* Split up the directory from the filename/mask. */
2561 status = split_fname_dir_mask(ctx, smb_fname->base_name,
2562 &fname_dir, &fname_mask);
2563 if (!NT_STATUS_IS_OK(status)) {
2568 * We should only check the mangled cache
2569 * here if unix_convert failed. This means
2570 * that the path in 'mask' doesn't exist
2571 * on the file system and so we need to look
2572 * for a possible mangle. This patch from
2573 * Tine Smukavec <valentin.smukavec@hermes.si>.
2576 if (!VALID_STAT(smb_fname->st) &&
2577 mangle_is_mangled(fname_mask, conn->params)) {
2578 char *new_mask = NULL;
2579 mangle_lookup_name_from_8_3(ctx, fname_mask,
2580 &new_mask, conn->params);
2582 TALLOC_FREE(fname_mask);
2583 fname_mask = new_mask;
2590 * Only one file needs to be unlinked. Append the mask back
2591 * onto the directory.
2593 TALLOC_FREE(smb_fname->base_name);
2594 if (ISDOT(fname_dir)) {
2595 /* Ensure we use canonical names on open. */
2596 smb_fname->base_name = talloc_asprintf(smb_fname,
2600 smb_fname->base_name = talloc_asprintf(smb_fname,
2605 if (!smb_fname->base_name) {
2606 status = NT_STATUS_NO_MEMORY;
2610 dirtype = FILE_ATTRIBUTE_NORMAL;
2613 status = check_name(conn, smb_fname->base_name);
2614 if (!NT_STATUS_IS_OK(status)) {
2618 status = do_unlink(conn, req, smb_fname, dirtype);
2619 if (!NT_STATUS_IS_OK(status)) {
2625 struct smb_Dir *dir_hnd = NULL;
2627 const char *dname = NULL;
2628 char *talloced = NULL;
2630 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2631 status = NT_STATUS_OBJECT_NAME_INVALID;
2635 if (strequal(fname_mask,"????????.???")) {
2636 TALLOC_FREE(fname_mask);
2637 fname_mask = talloc_strdup(ctx, "*");
2639 status = NT_STATUS_NO_MEMORY;
2644 status = check_name(conn, fname_dir);
2645 if (!NT_STATUS_IS_OK(status)) {
2649 dir_hnd = OpenDir(talloc_tos(), conn, fname_dir, fname_mask,
2651 if (dir_hnd == NULL) {
2652 status = map_nt_error_from_unix(errno);
2656 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2657 the pattern matches against the long name, otherwise the short name
2658 We don't implement this yet XXXX
2661 status = NT_STATUS_NO_SUCH_FILE;
2663 while ((dname = ReadDirName(dir_hnd, &offset,
2664 &smb_fname->st, &talloced))) {
2665 TALLOC_CTX *frame = talloc_stackframe();
2667 if (!is_visible_file(conn, fname_dir, dname,
2668 &smb_fname->st, true)) {
2670 TALLOC_FREE(talloced);
2674 /* Quick check for "." and ".." */
2675 if (ISDOT(dname) || ISDOTDOT(dname)) {
2677 TALLOC_FREE(talloced);
2681 if(!mask_match(dname, fname_mask,
2682 conn->case_sensitive)) {
2684 TALLOC_FREE(talloced);
2688 TALLOC_FREE(smb_fname->base_name);
2689 if (ISDOT(fname_dir)) {
2690 /* Ensure we use canonical names on open. */
2691 smb_fname->base_name =
2692 talloc_asprintf(smb_fname, "%s",
2695 smb_fname->base_name =
2696 talloc_asprintf(smb_fname, "%s/%s",
2700 if (!smb_fname->base_name) {
2701 TALLOC_FREE(dir_hnd);
2702 status = NT_STATUS_NO_MEMORY;
2704 TALLOC_FREE(talloced);
2708 status = check_name(conn, smb_fname->base_name);
2709 if (!NT_STATUS_IS_OK(status)) {
2710 TALLOC_FREE(dir_hnd);
2712 TALLOC_FREE(talloced);
2716 status = do_unlink(conn, req, smb_fname, dirtype);
2717 if (!NT_STATUS_IS_OK(status)) {
2719 TALLOC_FREE(talloced);
2724 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2725 smb_fname->base_name));
2728 TALLOC_FREE(talloced);
2730 TALLOC_FREE(dir_hnd);
2733 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2734 status = map_nt_error_from_unix(errno);
2738 TALLOC_FREE(fname_dir);
2739 TALLOC_FREE(fname_mask);
2743 /****************************************************************************
2745 ****************************************************************************/
2747 void reply_unlink(struct smb_request *req)
2749 connection_struct *conn = req->conn;
2751 struct smb_filename *smb_fname = NULL;
2754 bool path_contains_wcard = False;
2755 TALLOC_CTX *ctx = talloc_tos();
2757 START_PROFILE(SMBunlink);
2760 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2764 dirtype = SVAL(req->vwv+0, 0);
2766 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2767 STR_TERMINATE, &status,
2768 &path_contains_wcard);
2769 if (!NT_STATUS_IS_OK(status)) {
2770 reply_nterror(req, status);
2774 status = filename_convert(ctx, conn,
2775 req->flags2 & FLAGS2_DFS_PATHNAMES,
2777 UCF_COND_ALLOW_WCARD_LCOMP,
2778 &path_contains_wcard,
2780 if (!NT_STATUS_IS_OK(status)) {
2781 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2782 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2783 ERRSRV, ERRbadpath);
2786 reply_nterror(req, status);
2790 DEBUG(3,("reply_unlink : %s\n", smb_fname_str_dbg(smb_fname)));
2792 status = unlink_internals(conn, req, dirtype, smb_fname,
2793 path_contains_wcard);
2794 if (!NT_STATUS_IS_OK(status)) {
2795 if (open_was_deferred(req->mid)) {
2796 /* We have re-scheduled this call. */
2799 reply_nterror(req, status);
2803 reply_outbuf(req, 0, 0);
2805 TALLOC_FREE(smb_fname);
2806 END_PROFILE(SMBunlink);
2810 /****************************************************************************
2812 ****************************************************************************/
2814 static void fail_readraw(void)
2816 const char *errstr = talloc_asprintf(talloc_tos(),
2817 "FAIL ! reply_readbraw: socket write fail (%s)",
2822 exit_server_cleanly(errstr);
2825 /****************************************************************************
2826 Fake (read/write) sendfile. Returns -1 on read or write fail.
2827 ****************************************************************************/
2829 ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread)
2832 size_t tosend = nread;
2839 bufsize = MIN(nread, 65536);
2841 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2845 while (tosend > 0) {
2849 if (tosend > bufsize) {
2854 ret = read_file(fsp,buf,startpos,cur_read);
2860 /* If we had a short read, fill with zeros. */
2861 if (ret < cur_read) {
2862 memset(buf + ret, '\0', cur_read - ret);
2865 if (write_data(fsp->conn->sconn->sock, buf, cur_read)
2867 char addr[INET6_ADDRSTRLEN];
2869 * Try and give an error message saying what
2872 DEBUG(0, ("write_data failed for client %s. "
2874 get_peer_addr(fsp->conn->sconn->sock, addr,
2881 startpos += cur_read;
2885 return (ssize_t)nread;
2888 /****************************************************************************
2889 Deal with the case of sendfile reading less bytes from the file than
2890 requested. Fill with zeros (all we can do).
2891 ****************************************************************************/
2893 void sendfile_short_send(files_struct *fsp,
2898 #define SHORT_SEND_BUFSIZE 1024
2899 if (nread < headersize) {
2900 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2901 "header for file %s (%s). Terminating\n",
2902 fsp_str_dbg(fsp), strerror(errno)));
2903 exit_server_cleanly("sendfile_short_send failed");
2906 nread -= headersize;
2908 if (nread < smb_maxcnt) {
2909 char *buf = SMB_CALLOC_ARRAY(char, SHORT_SEND_BUFSIZE);
2911 exit_server_cleanly("sendfile_short_send: "
2915 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2916 "with zeros !\n", fsp_str_dbg(fsp)));
2918 while (nread < smb_maxcnt) {
2920 * We asked for the real file size and told sendfile
2921 * to not go beyond the end of the file. But it can
2922 * happen that in between our fstat call and the
2923 * sendfile call the file was truncated. This is very
2924 * bad because we have already announced the larger
2925 * number of bytes to the client.
2927 * The best we can do now is to send 0-bytes, just as
2928 * a read from a hole in a sparse file would do.
2930 * This should happen rarely enough that I don't care
2931 * about efficiency here :-)
2935 to_write = MIN(SHORT_SEND_BUFSIZE, smb_maxcnt - nread);
2936 if (write_data(fsp->conn->sconn->sock, buf, to_write)
2938 char addr[INET6_ADDRSTRLEN];
2940 * Try and give an error message saying what
2943 DEBUG(0, ("write_data failed for client %s. "
2946 fsp->conn->sconn->sock, addr,
2949 exit_server_cleanly("sendfile_short_send: "
2950 "write_data failed");
2958 /****************************************************************************
2959 Return a readbraw error (4 bytes of zero).
2960 ****************************************************************************/
2962 static void reply_readbraw_error(struct smbd_server_connection *sconn)
2968 smbd_lock_socket(sconn);
2969 if (write_data(sconn->sock,header,4) != 4) {
2970 char addr[INET6_ADDRSTRLEN];
2972 * Try and give an error message saying what
2975 DEBUG(0, ("write_data failed for client %s. "
2977 get_peer_addr(sconn->sock, addr, sizeof(addr)),
2982 smbd_unlock_socket(sconn);
2985 /****************************************************************************
2986 Use sendfile in readbraw.
2987 ****************************************************************************/
2989 static void send_file_readbraw(connection_struct *conn,
2990 struct smb_request *req,
2996 struct smbd_server_connection *sconn = req->sconn;
2997 char *outbuf = NULL;
3001 * We can only use sendfile on a non-chained packet
3002 * but we can use on a non-oplocked file. tridge proved this
3003 * on a train in Germany :-). JRA.
3004 * reply_readbraw has already checked the length.
3007 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
3008 (fsp->wcp == NULL) &&
3009 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
3010 ssize_t sendfile_read = -1;
3012 DATA_BLOB header_blob;
3014 _smb_setlen(header,nread);
3015 header_blob = data_blob_const(header, 4);
3017 sendfile_read = SMB_VFS_SENDFILE(sconn->sock, fsp,
3018 &header_blob, startpos,
3020 if (sendfile_read == -1) {
3021 /* Returning ENOSYS means no data at all was sent.
3022 * Do this as a normal read. */
3023 if (errno == ENOSYS) {
3024 goto normal_readbraw;
3028 * Special hack for broken Linux with no working sendfile. If we
3029 * return EINTR we sent the header but not the rest of the data.
3030 * Fake this up by doing read/write calls.
3032 if (errno == EINTR) {
3033 /* Ensure we don't do this again. */
3034 set_use_sendfile(SNUM(conn), False);
3035 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
3037 if (fake_sendfile(fsp, startpos, nread) == -1) {
3038 DEBUG(0,("send_file_readbraw: "
3039 "fake_sendfile failed for "
3043 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
3048 DEBUG(0,("send_file_readbraw: sendfile failed for "
3049 "file %s (%s). Terminating\n",
3050 fsp_str_dbg(fsp), strerror(errno)));
3051 exit_server_cleanly("send_file_readbraw sendfile failed");
3052 } else if (sendfile_read == 0) {
3054 * Some sendfile implementations return 0 to indicate
3055 * that there was a short read, but nothing was
3056 * actually written to the socket. In this case,
3057 * fallback to the normal read path so the header gets
3058 * the correct byte count.
3060 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
3061 "bytes falling back to the normal read: "
3062 "%s\n", fsp_str_dbg(fsp)));
3063 goto normal_readbraw;
3066 /* Deal with possible short send. */
3067 if (sendfile_read != 4+nread) {
3068 sendfile_short_send(fsp, sendfile_read, 4, nread);
3075 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
3077 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
3078 (unsigned)(nread+4)));
3079 reply_readbraw_error(sconn);
3084 ret = read_file(fsp,outbuf+4,startpos,nread);
3085 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3094 _smb_setlen(outbuf,ret);
3095 if (write_data(sconn->sock, outbuf, 4+ret) != 4+ret) {
3096 char addr[INET6_ADDRSTRLEN];
3098 * Try and give an error message saying what
3101 DEBUG(0, ("write_data failed for client %s. "
3103 get_peer_addr(fsp->conn->sconn->sock, addr,
3110 TALLOC_FREE(outbuf);
3113 /****************************************************************************
3114 Reply to a readbraw (core+ protocol).
3115 ****************************************************************************/
3117 void reply_readbraw(struct smb_request *req)
3119 connection_struct *conn = req->conn;
3120 struct smbd_server_connection *sconn = req->sconn;
3121 ssize_t maxcount,mincount;
3125 struct lock_struct lock;
3128 START_PROFILE(SMBreadbraw);
3130 if (srv_is_signing_active(sconn) ||
3131 is_encrypted_packet(req->inbuf)) {
3132 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
3133 "raw reads/writes are disallowed.");
3137 reply_readbraw_error(sconn);
3138 END_PROFILE(SMBreadbraw);
3142 if (sconn->smb1.echo_handler.trusted_fde) {
3143 DEBUG(2,("SMBreadbraw rejected with NOT_SUPPORTED because of "
3144 "'async smb echo handler = yes'\n"));
3145 reply_readbraw_error(sconn);
3146 END_PROFILE(SMBreadbraw);
3151 * Special check if an oplock break has been issued
3152 * and the readraw request croses on the wire, we must
3153 * return a zero length response here.
3156 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3159 * We have to do a check_fsp by hand here, as
3160 * we must always return 4 zero bytes on error,
3164 if (!fsp || !conn || conn != fsp->conn ||
3165 req->vuid != fsp->vuid ||
3166 fsp->is_directory || fsp->fh->fd == -1) {
3168 * fsp could be NULL here so use the value from the packet. JRA.
3170 DEBUG(3,("reply_readbraw: fnum %d not valid "
3172 (int)SVAL(req->vwv+0, 0)));
3173 reply_readbraw_error(sconn);
3174 END_PROFILE(SMBreadbraw);
3178 /* Do a "by hand" version of CHECK_READ. */
3179 if (!(fsp->can_read ||
3180 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
3181 (fsp->access_mask & FILE_EXECUTE)))) {
3182 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
3183 (int)SVAL(req->vwv+0, 0)));
3184 reply_readbraw_error(sconn);
3185 END_PROFILE(SMBreadbraw);
3189 flush_write_cache(fsp, READRAW_FLUSH);
3191 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
3192 if(req->wct == 10) {
3194 * This is a large offset (64 bit) read.
3196 #ifdef LARGE_SMB_OFF_T
3198 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
3200 #else /* !LARGE_SMB_OFF_T */
3203 * Ensure we haven't been sent a >32 bit offset.
3206 if(IVAL(req->vwv+8, 0) != 0) {
3207 DEBUG(0,("reply_readbraw: large offset "
3208 "(%x << 32) used and we don't support "
3209 "64 bit offsets.\n",
3210 (unsigned int)IVAL(req->vwv+8, 0) ));
3211 reply_readbraw_error();
3212 END_PROFILE(SMBreadbraw);
3216 #endif /* LARGE_SMB_OFF_T */
3219 DEBUG(0,("reply_readbraw: negative 64 bit "
3220 "readraw offset (%.0f) !\n",
3221 (double)startpos ));
3222 reply_readbraw_error(sconn);
3223 END_PROFILE(SMBreadbraw);
3228 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
3229 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
3231 /* ensure we don't overrun the packet size */
3232 maxcount = MIN(65535,maxcount);
3234 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3235 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
3238 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3239 reply_readbraw_error(sconn);
3240 END_PROFILE(SMBreadbraw);
3244 if (fsp_stat(fsp) == 0) {
3245 size = fsp->fsp_name->st.st_ex_size;
3248 if (startpos >= size) {
3251 nread = MIN(maxcount,(size - startpos));
3254 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3255 if (nread < mincount)
3259 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3260 "min=%lu nread=%lu\n",
3261 fsp->fnum, (double)startpos,
3262 (unsigned long)maxcount,
3263 (unsigned long)mincount,
3264 (unsigned long)nread ) );
3266 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3268 DEBUG(5,("reply_readbraw finished\n"));
3270 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3272 END_PROFILE(SMBreadbraw);
3277 #define DBGC_CLASS DBGC_LOCKING
3279 /****************************************************************************
3280 Reply to a lockread (core+ protocol).
3281 ****************************************************************************/
3283 void reply_lockread(struct smb_request *req)
3285 connection_struct *conn = req->conn;
3292 struct byte_range_lock *br_lck = NULL;
3294 struct smbd_server_connection *sconn = req->sconn;
3296 START_PROFILE(SMBlockread);
3299 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3300 END_PROFILE(SMBlockread);
3304 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3306 if (!check_fsp(conn, req, fsp)) {
3307 END_PROFILE(SMBlockread);
3311 if (!CHECK_READ(fsp,req)) {
3312 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3313 END_PROFILE(SMBlockread);
3317 numtoread = SVAL(req->vwv+1, 0);
3318 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3320 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3322 reply_outbuf(req, 5, numtoread + 3);
3324 data = smb_buf(req->outbuf) + 3;
3327 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3328 * protocol request that predates the read/write lock concept.
3329 * Thus instead of asking for a read lock here we need to ask
3330 * for a write lock. JRA.
3331 * Note that the requested lock size is unaffected by max_recv.
3334 br_lck = do_lock(req->sconn->msg_ctx,
3336 (uint64_t)req->smbpid,
3337 (uint64_t)numtoread,
3341 False, /* Non-blocking lock. */
3345 TALLOC_FREE(br_lck);
3347 if (NT_STATUS_V(status)) {
3348 reply_nterror(req, status);
3349 END_PROFILE(SMBlockread);
3354 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3357 if (numtoread > sconn->smb1.negprot.max_recv) {
3358 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3359 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3360 (unsigned int)numtoread,
3361 (unsigned int)sconn->smb1.negprot.max_recv));
3362 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3364 nread = read_file(fsp,data,startpos,numtoread);
3367 reply_nterror(req, map_nt_error_from_unix(errno));
3368 END_PROFILE(SMBlockread);
3372 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3374 SSVAL(req->outbuf,smb_vwv0,nread);
3375 SSVAL(req->outbuf,smb_vwv5,nread+3);
3376 p = smb_buf(req->outbuf);
3377 SCVAL(p,0,0); /* pad byte. */
3380 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3381 fsp->fnum, (int)numtoread, (int)nread));
3383 END_PROFILE(SMBlockread);
3388 #define DBGC_CLASS DBGC_ALL
3390 /****************************************************************************
3392 ****************************************************************************/
3394 void reply_read(struct smb_request *req)
3396 connection_struct *conn = req->conn;
3403 struct lock_struct lock;
3404 struct smbd_server_connection *sconn = req->sconn;
3406 START_PROFILE(SMBread);
3409 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3410 END_PROFILE(SMBread);
3414 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3416 if (!check_fsp(conn, req, fsp)) {
3417 END_PROFILE(SMBread);
3421 if (!CHECK_READ(fsp,req)) {
3422 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3423 END_PROFILE(SMBread);
3427 numtoread = SVAL(req->vwv+1, 0);
3428 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3430 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3433 * The requested read size cannot be greater than max_recv. JRA.
3435 if (numtoread > sconn->smb1.negprot.max_recv) {
3436 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3437 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3438 (unsigned int)numtoread,
3439 (unsigned int)sconn->smb1.negprot.max_recv));
3440 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3443 reply_outbuf(req, 5, numtoread+3);
3445 data = smb_buf(req->outbuf) + 3;
3447 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3448 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3451 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3452 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3453 END_PROFILE(SMBread);
3458 nread = read_file(fsp,data,startpos,numtoread);
3461 reply_nterror(req, map_nt_error_from_unix(errno));
3465 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3467 SSVAL(req->outbuf,smb_vwv0,nread);
3468 SSVAL(req->outbuf,smb_vwv5,nread+3);
3469 SCVAL(smb_buf(req->outbuf),0,1);
3470 SSVAL(smb_buf(req->outbuf),1,nread);
3472 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3473 fsp->fnum, (int)numtoread, (int)nread ) );
3476 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3478 END_PROFILE(SMBread);
3482 /****************************************************************************
3484 ****************************************************************************/
3486 static int setup_readX_header(struct smb_request *req, char *outbuf,
3492 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3493 data = smb_buf(outbuf);
3495 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3497 SCVAL(outbuf,smb_vwv0,0xFF);
3498 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3499 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3500 SSVAL(outbuf,smb_vwv6,
3502 + 1 /* the wct field */
3503 + 12 * sizeof(uint16_t) /* vwv */
3504 + 2); /* the buflen field */
3505 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3506 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3507 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3508 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3512 /****************************************************************************
3513 Reply to a read and X - possibly using sendfile.
3514 ****************************************************************************/
3516 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3517 files_struct *fsp, SMB_OFF_T startpos,
3521 struct lock_struct lock;
3522 int saved_errno = 0;
3524 if(fsp_stat(fsp) == -1) {
3525 reply_nterror(req, map_nt_error_from_unix(errno));
3529 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3530 (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
3533 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3534 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3538 if (!S_ISREG(fsp->fsp_name->st.st_ex_mode) ||
3539 (startpos > fsp->fsp_name->st.st_ex_size)
3540 || (smb_maxcnt > (fsp->fsp_name->st.st_ex_size - startpos))) {
3542 * We already know that we would do a short read, so don't
3543 * try the sendfile() path.
3545 goto nosendfile_read;
3549 * We can only use sendfile on a non-chained packet
3550 * but we can use on a non-oplocked file. tridge proved this
3551 * on a train in Germany :-). JRA.
3554 if (!req_is_in_chain(req) &&
3555 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3556 (fsp->wcp == NULL) &&
3557 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
3558 uint8 headerbuf[smb_size + 12 * 2];
3562 * Set up the packet header before send. We
3563 * assume here the sendfile will work (get the
3564 * correct amount of data).
3567 header = data_blob_const(headerbuf, sizeof(headerbuf));
3569 construct_reply_common_req(req, (char *)headerbuf);
3570 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3572 nread = SMB_VFS_SENDFILE(req->sconn->sock, fsp, &header,
3573 startpos, smb_maxcnt);
3575 /* Returning ENOSYS means no data at all was sent.
3576 Do this as a normal read. */
3577 if (errno == ENOSYS) {
3582 * Special hack for broken Linux with no working sendfile. If we
3583 * return EINTR we sent the header but not the rest of the data.
3584 * Fake this up by doing read/write calls.
3587 if (errno == EINTR) {
3588 /* Ensure we don't do this again. */
3589 set_use_sendfile(SNUM(conn), False);
3590 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3591 nread = fake_sendfile(fsp, startpos,
3594 DEBUG(0,("send_file_readX: "
3595 "fake_sendfile failed for "
3599 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3601 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3602 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3603 /* No outbuf here means successful sendfile. */
3607 DEBUG(0,("send_file_readX: sendfile failed for file "
3608 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3610 exit_server_cleanly("send_file_readX sendfile failed");
3611 } else if (nread == 0) {
3613 * Some sendfile implementations return 0 to indicate
3614 * that there was a short read, but nothing was
3615 * actually written to the socket. In this case,
3616 * fallback to the normal read path so the header gets
3617 * the correct byte count.
3619 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3620 "falling back to the normal read: %s\n",
3625 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3626 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3628 /* Deal with possible short send. */
3629 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3630 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3632 /* No outbuf here means successful sendfile. */
3633 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req->pcd, nread);
3634 SMB_PERFCOUNT_END(&req->pcd);
3640 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3641 uint8 headerbuf[smb_size + 2*12];
3643 construct_reply_common_req(req, (char *)headerbuf);
3644 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3646 /* Send out the header. */
3647 if (write_data(req->sconn->sock, (char *)headerbuf,
3648 sizeof(headerbuf)) != sizeof(headerbuf)) {
3650 char addr[INET6_ADDRSTRLEN];
3652 * Try and give an error message saying what
3655 DEBUG(0, ("write_data failed for client %s. "
3657 get_peer_addr(req->sconn->sock, addr,
3661 DEBUG(0,("send_file_readX: write_data failed for file "
3662 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3664 exit_server_cleanly("send_file_readX sendfile failed");
3666 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3668 DEBUG(0,("send_file_readX: fake_sendfile failed for "
3669 "file %s (%s).\n", fsp_str_dbg(fsp),
3671 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3678 reply_outbuf(req, 12, smb_maxcnt);
3680 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3681 saved_errno = errno;
3683 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3686 reply_nterror(req, map_nt_error_from_unix(saved_errno));
3690 setup_readX_header(req, (char *)req->outbuf, nread);
3692 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3693 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3699 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3700 TALLOC_FREE(req->outbuf);
3704 /****************************************************************************
3705 Reply to a read and X.
3706 ****************************************************************************/
3708 void reply_read_and_X(struct smb_request *req)
3710 connection_struct *conn = req->conn;
3714 bool big_readX = False;
3716 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3719 START_PROFILE(SMBreadX);
3721 if ((req->wct != 10) && (req->wct != 12)) {
3722 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3726 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3727 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3728 smb_maxcnt = SVAL(req->vwv+5, 0);
3730 /* If it's an IPC, pass off the pipe handler. */
3732 reply_pipe_read_and_X(req);
3733 END_PROFILE(SMBreadX);
3737 if (!check_fsp(conn, req, fsp)) {
3738 END_PROFILE(SMBreadX);
3742 if (!CHECK_READ(fsp,req)) {
3743 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3744 END_PROFILE(SMBreadX);
3748 if (global_client_caps & CAP_LARGE_READX) {
3749 size_t upper_size = SVAL(req->vwv+7, 0);
3750 smb_maxcnt |= (upper_size<<16);
3751 if (upper_size > 1) {
3752 /* Can't do this on a chained packet. */
3753 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3754 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3755 END_PROFILE(SMBreadX);
3758 /* We currently don't do this on signed or sealed data. */
3759 if (srv_is_signing_active(req->sconn) ||
3760 is_encrypted_packet(req->inbuf)) {
3761 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3762 END_PROFILE(SMBreadX);
3765 /* Is there room in the reply for this data ? */
3766 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3768 NT_STATUS_INVALID_PARAMETER);
3769 END_PROFILE(SMBreadX);
3776 if (req->wct == 12) {
3777 #ifdef LARGE_SMB_OFF_T
3779 * This is a large offset (64 bit) read.
3781 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3783 #else /* !LARGE_SMB_OFF_T */
3786 * Ensure we haven't been sent a >32 bit offset.
3789 if(IVAL(req->vwv+10, 0) != 0) {
3790 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3791 "used and we don't support 64 bit offsets.\n",
3792 (unsigned int)IVAL(req->vwv+10, 0) ));
3793 END_PROFILE(SMBreadX);
3794 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3798 #endif /* LARGE_SMB_OFF_T */
3803 NTSTATUS status = schedule_aio_read_and_X(conn,
3808 if (NT_STATUS_IS_OK(status)) {
3809 /* Read scheduled - we're done. */
3812 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
3813 /* Real error - report to client. */
3814 END_PROFILE(SMBreadX);
3815 reply_nterror(req, status);
3818 /* NT_STATUS_RETRY - fall back to sync read. */
3821 smbd_lock_socket(req->sconn);
3822 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3823 smbd_unlock_socket(req->sconn);
3826 END_PROFILE(SMBreadX);
3830 /****************************************************************************
3831 Error replies to writebraw must have smb_wct == 1. Fix this up.
3832 ****************************************************************************/
3834 void error_to_writebrawerr(struct smb_request *req)
3836 uint8 *old_outbuf = req->outbuf;
3838 reply_outbuf(req, 1, 0);
3840 memcpy(req->outbuf, old_outbuf, smb_size);
3841 TALLOC_FREE(old_outbuf);
3844 /****************************************************************************
3845 Read 4 bytes of a smb packet and return the smb length of the packet.
3846 Store the result in the buffer. This version of the function will
3847 never return a session keepalive (length of zero).
3848 Timeout is in milliseconds.
3849 ****************************************************************************/
3851 static NTSTATUS read_smb_length(int fd, char *inbuf, unsigned int timeout,
3854 uint8_t msgtype = SMBkeepalive;
3856 while (msgtype == SMBkeepalive) {
3859 status = read_smb_length_return_keepalive(fd, inbuf, timeout,
3861 if (!NT_STATUS_IS_OK(status)) {
3862 char addr[INET6_ADDRSTRLEN];
3863 /* Try and give an error message
3864 * saying what client failed. */
3865 DEBUG(0, ("read_fd_with_timeout failed for "
3866 "client %s read error = %s.\n",
3867 get_peer_addr(fd,addr,sizeof(addr)),
3868 nt_errstr(status)));
3872 msgtype = CVAL(inbuf, 0);
3875 DEBUG(10,("read_smb_length: got smb length of %lu\n",
3876 (unsigned long)len));
3878 return NT_STATUS_OK;
3881 /****************************************************************************
3882 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3883 ****************************************************************************/
3885 void reply_writebraw(struct smb_request *req)
3887 connection_struct *conn = req->conn;
3890 ssize_t total_written=0;
3891 size_t numtowrite=0;
3897 struct lock_struct lock;
3900 START_PROFILE(SMBwritebraw);
3903 * If we ever reply with an error, it must have the SMB command
3904 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3907 SCVAL(req->inbuf,smb_com,SMBwritec);
3909 if (srv_is_signing_active(req->sconn)) {
3910 END_PROFILE(SMBwritebraw);
3911 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3912 "raw reads/writes are disallowed.");
3915 if (req->wct < 12) {
3916 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3917 error_to_writebrawerr(req);
3918 END_PROFILE(SMBwritebraw);
3922 if (req->sconn->smb1.echo_handler.trusted_fde) {
3923 DEBUG(2,("SMBwritebraw rejected with NOT_SUPPORTED because of "
3924 "'async smb echo handler = yes'\n"));
3925 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3926 error_to_writebrawerr(req);
3927 END_PROFILE(SMBwritebraw);
3931 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3932 if (!check_fsp(conn, req, fsp)) {
3933 error_to_writebrawerr(req);
3934 END_PROFILE(SMBwritebraw);
3938 if (!CHECK_WRITE(fsp)) {
3939 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3940 error_to_writebrawerr(req);
3941 END_PROFILE(SMBwritebraw);
3945 tcount = IVAL(req->vwv+1, 0);
3946 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3947 write_through = BITSETW(req->vwv+7,0);
3949 /* We have to deal with slightly different formats depending
3950 on whether we are using the core+ or lanman1.0 protocol */
3952 if(get_Protocol() <= PROTOCOL_COREPLUS) {
3953 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3954 data = smb_buf(req->inbuf);
3956 numtowrite = SVAL(req->vwv+10, 0);
3957 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3960 /* Ensure we don't write bytes past the end of this packet. */
3961 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3962 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3963 error_to_writebrawerr(req);
3964 END_PROFILE(SMBwritebraw);
3968 if (!fsp->print_file) {
3969 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3970 (uint64_t)startpos, (uint64_t)tcount, WRITE_LOCK,
3973 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3974 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3975 error_to_writebrawerr(req);
3976 END_PROFILE(SMBwritebraw);
3982 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3985 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3986 "wrote=%d sync=%d\n",
3987 fsp->fnum, (double)startpos, (int)numtowrite,
3988 (int)nwritten, (int)write_through));
3990 if (nwritten < (ssize_t)numtowrite) {
3991 reply_nterror(req, NT_STATUS_DISK_FULL);
3992 error_to_writebrawerr(req);
3996 total_written = nwritten;
3998 /* Allocate a buffer of 64k + length. */
3999 buf = TALLOC_ARRAY(NULL, char, 65540);
4001 reply_nterror(req, NT_STATUS_NO_MEMORY);
4002 error_to_writebrawerr(req);
4006 /* Return a SMBwritebraw message to the redirector to tell
4007 * it to send more bytes */
4009 memcpy(buf, req->inbuf, smb_size);
4010 srv_set_message(buf,get_Protocol()>PROTOCOL_COREPLUS?1:0,0,True);
4011 SCVAL(buf,smb_com,SMBwritebraw);
4012 SSVALS(buf,smb_vwv0,0xFFFF);
4014 if (!srv_send_smb(req->sconn,
4016 false, 0, /* no signing */
4017 IS_CONN_ENCRYPTED(conn),
4019 exit_server_cleanly("reply_writebraw: srv_send_smb "
4023 /* Now read the raw data into the buffer and write it */
4024 status = read_smb_length(req->sconn->sock, buf, SMB_SECONDARY_WAIT,
4026 if (!NT_STATUS_IS_OK(status)) {
4027 exit_server_cleanly("secondary writebraw failed");
4030 /* Set up outbuf to return the correct size */
4031 reply_outbuf(req, 1, 0);
4033 if (numtowrite != 0) {
4035 if (numtowrite > 0xFFFF) {
4036 DEBUG(0,("reply_writebraw: Oversize secondary write "
4037 "raw requested (%u). Terminating\n",
4038 (unsigned int)numtowrite ));
4039 exit_server_cleanly("secondary writebraw failed");
4042 if (tcount > nwritten+numtowrite) {
4043 DEBUG(3,("reply_writebraw: Client overestimated the "
4045 (int)tcount,(int)nwritten,(int)numtowrite));
4048 status = read_data(req->sconn->sock, buf+4, numtowrite);
4050 if (!NT_STATUS_IS_OK(status)) {
4051 char addr[INET6_ADDRSTRLEN];
4052 /* Try and give an error message
4053 * saying what client failed. */
4054 DEBUG(0, ("reply_writebraw: Oversize secondary write "
4055 "raw read failed (%s) for client %s. "
4056 "Terminating\n", nt_errstr(status),
4057 get_peer_addr(req->sconn->sock, addr,
4059 exit_server_cleanly("secondary writebraw failed");
4062 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
4063 if (nwritten == -1) {
4065 reply_nterror(req, map_nt_error_from_unix(errno));
4066 error_to_writebrawerr(req);
4070 if (nwritten < (ssize_t)numtowrite) {
4071 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4072 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4076 total_written += nwritten;
4081 SSVAL(req->outbuf,smb_vwv0,total_written);
4083 status = sync_file(conn, fsp, write_through);
4084 if (!NT_STATUS_IS_OK(status)) {
4085 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
4086 fsp_str_dbg(fsp), nt_errstr(status)));
4087 reply_nterror(req, status);
4088 error_to_writebrawerr(req);
4092 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
4094 fsp->fnum, (double)startpos, (int)numtowrite,
4095 (int)total_written));
4097 if (!fsp->print_file) {
4098 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4101 /* We won't return a status if write through is not selected - this
4102 * follows what WfWg does */
4103 END_PROFILE(SMBwritebraw);
4105 if (!write_through && total_written==tcount) {
4107 #if RABBIT_PELLET_FIX
4109 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
4110 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
4113 if (!send_keepalive(req->sconn->sock)) {
4114 exit_server_cleanly("reply_writebraw: send of "
4115 "keepalive failed");
4118 TALLOC_FREE(req->outbuf);
4123 if (!fsp->print_file) {
4124 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4127 END_PROFILE(SMBwritebraw);
4132 #define DBGC_CLASS DBGC_LOCKING
4134 /****************************************************************************
4135 Reply to a writeunlock (core+).
4136 ****************************************************************************/
4138 void reply_writeunlock(struct smb_request *req)
4140 connection_struct *conn = req->conn;
4141 ssize_t nwritten = -1;
4145 NTSTATUS status = NT_STATUS_OK;
4147 struct lock_struct lock;
4148 int saved_errno = 0;
4150 START_PROFILE(SMBwriteunlock);
4153 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4154 END_PROFILE(SMBwriteunlock);
4158 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4160 if (!check_fsp(conn, req, fsp)) {
4161 END_PROFILE(SMBwriteunlock);
4165 if (!CHECK_WRITE(fsp)) {
4166 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4167 END_PROFILE(SMBwriteunlock);
4171 numtowrite = SVAL(req->vwv+1, 0);
4172 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4173 data = (const char *)req->buf + 3;
4175 if (!fsp->print_file && numtowrite > 0) {
4176 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4177 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4180 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4181 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4182 END_PROFILE(SMBwriteunlock);
4187 /* The special X/Open SMB protocol handling of
4188 zero length writes is *NOT* done for
4190 if(numtowrite == 0) {
4193 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4194 saved_errno = errno;
4197 status = sync_file(conn, fsp, False /* write through */);
4198 if (!NT_STATUS_IS_OK(status)) {
4199 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
4200 fsp_str_dbg(fsp), nt_errstr(status)));
4201 reply_nterror(req, status);
4206 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4210 if((nwritten < numtowrite) && (numtowrite != 0)) {
4211 reply_nterror(req, NT_STATUS_DISK_FULL);
4215 if (numtowrite && !fsp->print_file) {
4216 status = do_unlock(req->sconn->msg_ctx,
4218 (uint64_t)req->smbpid,
4219 (uint64_t)numtowrite,
4223 if (NT_STATUS_V(status)) {
4224 reply_nterror(req, status);
4229 reply_outbuf(req, 1, 0);
4231 SSVAL(req->outbuf,smb_vwv0,nwritten);
4233 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
4234 fsp->fnum, (int)numtowrite, (int)nwritten));
4237 if (numtowrite && !fsp->print_file) {
4238 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4241 END_PROFILE(SMBwriteunlock);
4246 #define DBGC_CLASS DBGC_ALL
4248 /****************************************************************************
4250 ****************************************************************************/
4252 void reply_write(struct smb_request *req)
4254 connection_struct *conn = req->conn;
4256 ssize_t nwritten = -1;
4260 struct lock_struct lock;
4262 int saved_errno = 0;
4264 START_PROFILE(SMBwrite);
4267 END_PROFILE(SMBwrite);
4268 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4272 /* If it's an IPC, pass off the pipe handler. */
4274 reply_pipe_write(req);
4275 END_PROFILE(SMBwrite);
4279 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4281 if (!check_fsp(conn, req, fsp)) {
4282 END_PROFILE(SMBwrite);
4286 if (!CHECK_WRITE(fsp)) {
4287 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4288 END_PROFILE(SMBwrite);
4292 numtowrite = SVAL(req->vwv+1, 0);
4293 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4294 data = (const char *)req->buf + 3;
4296 if (!fsp->print_file) {
4297 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4298 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4301 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4302 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4303 END_PROFILE(SMBwrite);
4309 * X/Open SMB protocol says that if smb_vwv1 is
4310 * zero then the file size should be extended or
4311 * truncated to the size given in smb_vwv[2-3].
4314 if(numtowrite == 0) {
4316 * This is actually an allocate call, and set EOF. JRA.
4318 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
4320 reply_nterror(req, NT_STATUS_DISK_FULL);
4323 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
4325 reply_nterror(req, NT_STATUS_DISK_FULL);
4328 trigger_write_time_update_immediate(fsp);
4330 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4333 status = sync_file(conn, fsp, False);
4334 if (!NT_STATUS_IS_OK(status)) {
4335 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
4336 fsp_str_dbg(fsp), nt_errstr(status)));
4337 reply_nterror(req, status);
4342 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4346 if((nwritten == 0) && (numtowrite != 0)) {
4347 reply_nterror(req, NT_STATUS_DISK_FULL);
4351 reply_outbuf(req, 1, 0);
4353 SSVAL(req->outbuf,smb_vwv0,nwritten);
4355 if (nwritten < (ssize_t)numtowrite) {
4356 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4357 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4360 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
4363 if (!fsp->print_file) {
4364 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4367 END_PROFILE(SMBwrite);
4371 /****************************************************************************
4372 Ensure a buffer is a valid writeX for recvfile purposes.
4373 ****************************************************************************/
4375 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
4376 (2*14) + /* word count (including bcc) */ \
4379 bool is_valid_writeX_buffer(struct smbd_server_connection *sconn,
4380 const uint8_t *inbuf)
4383 connection_struct *conn = NULL;
4384 unsigned int doff = 0;
4385 size_t len = smb_len_large(inbuf);
4387 if (is_encrypted_packet(inbuf)) {
4388 /* Can't do this on encrypted
4393 if (CVAL(inbuf,smb_com) != SMBwriteX) {
4397 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
4398 CVAL(inbuf,smb_wct) != 14) {
4399 DEBUG(10,("is_valid_writeX_buffer: chained or "
4400 "invalid word length.\n"));
4404 conn = conn_find(sconn, SVAL(inbuf, smb_tid));
4406 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4410 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4413 if (IS_PRINT(conn)) {
4414 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4417 doff = SVAL(inbuf,smb_vwv11);
4419 numtowrite = SVAL(inbuf,smb_vwv10);
4421 if (len > doff && len - doff > 0xFFFF) {
4422 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
4425 if (numtowrite == 0) {
4426 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4430 /* Ensure the sizes match up. */
4431 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
4432 /* no pad byte...old smbclient :-( */
4433 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4435 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
4439 if (len - doff != numtowrite) {
4440 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4441 "len = %u, doff = %u, numtowrite = %u\n",
4444 (unsigned int)numtowrite ));
4448 DEBUG(10,("is_valid_writeX_buffer: true "
4449 "len = %u, doff = %u, numtowrite = %u\n",
4452 (unsigned int)numtowrite ));
4457 /****************************************************************************
4458 Reply to a write and X.
4459 ****************************************************************************/
4461 void reply_write_and_X(struct smb_request *req)
4463 connection_struct *conn = req->conn;
4465 struct lock_struct lock;
4470 unsigned int smb_doff;
4471 unsigned int smblen;
4474 int saved_errno = 0;
4476 START_PROFILE(SMBwriteX);
4478 if ((req->wct != 12) && (req->wct != 14)) {
4479 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4480 END_PROFILE(SMBwriteX);
4484 numtowrite = SVAL(req->vwv+10, 0);
4485 smb_doff = SVAL(req->vwv+11, 0);
4486 smblen = smb_len(req->inbuf);
4488 if (req->unread_bytes > 0xFFFF ||
4489 (smblen > smb_doff &&
4490 smblen - smb_doff > 0xFFFF)) {
4491 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4494 if (req->unread_bytes) {
4495 /* Can't do a recvfile write on IPC$ */
4497 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4498 END_PROFILE(SMBwriteX);
4501 if (numtowrite != req->unread_bytes) {
4502 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4503 END_PROFILE(SMBwriteX);
4507 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4508 smb_doff + numtowrite > smblen) {
4509 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4510 END_PROFILE(SMBwriteX);
4515 /* If it's an IPC, pass off the pipe handler. */
4517 if (req->unread_bytes) {
4518 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4519 END_PROFILE(SMBwriteX);
4522 reply_pipe_write_and_X(req);
4523 END_PROFILE(SMBwriteX);
4527 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4528 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4529 write_through = BITSETW(req->vwv+7,0);
4531 if (!check_fsp(conn, req, fsp)) {
4532 END_PROFILE(SMBwriteX);
4536 if (!CHECK_WRITE(fsp)) {
4537 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4538 END_PROFILE(SMBwriteX);
4542 data = smb_base(req->inbuf) + smb_doff;
4544 if(req->wct == 14) {
4545 #ifdef LARGE_SMB_OFF_T
4547 * This is a large offset (64 bit) write.
4549 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4551 #else /* !LARGE_SMB_OFF_T */
4554 * Ensure we haven't been sent a >32 bit offset.
4557 if(IVAL(req->vwv+12, 0) != 0) {
4558 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4559 "used and we don't support 64 bit offsets.\n",
4560 (unsigned int)IVAL(req->vwv+12, 0) ));
4561 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4562 END_PROFILE(SMBwriteX);
4566 #endif /* LARGE_SMB_OFF_T */
4569 /* X/Open SMB protocol says that, unlike SMBwrite
4570 if the length is zero then NO truncation is
4571 done, just a write of zero. To truncate a file,
4574 if(numtowrite == 0) {
4577 if (req->unread_bytes == 0) {
4578 status = schedule_aio_write_and_X(conn,
4585 if (NT_STATUS_IS_OK(status)) {
4586 /* write scheduled - we're done. */
4589 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
4590 /* Real error - report to client. */
4591 reply_nterror(req, status);
4594 /* NT_STATUS_RETRY - fall through to sync write. */
4597 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4598 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4601 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4602 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4606 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4607 saved_errno = errno;
4609 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4613 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4617 if((nwritten == 0) && (numtowrite != 0)) {
4618 reply_nterror(req, NT_STATUS_DISK_FULL);
4622 reply_outbuf(req, 6, 0);
4623 SSVAL(req->outbuf,smb_vwv2,nwritten);
4624 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4626 if (nwritten < (ssize_t)numtowrite) {
4627 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4628 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4631 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4632 fsp->fnum, (int)numtowrite, (int)nwritten));
4634 status = sync_file(conn, fsp, write_through);
4635 if (!NT_STATUS_IS_OK(status)) {
4636 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4637 fsp_str_dbg(fsp), nt_errstr(status)));
4638 reply_nterror(req, status);
4642 END_PROFILE(SMBwriteX);
4647 END_PROFILE(SMBwriteX);
4651 /****************************************************************************
4653 ****************************************************************************/
4655 void reply_lseek(struct smb_request *req)
4657 connection_struct *conn = req->conn;
4663 START_PROFILE(SMBlseek);
4666 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4667 END_PROFILE(SMBlseek);
4671 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4673 if (!check_fsp(conn, req, fsp)) {
4677 flush_write_cache(fsp, SEEK_FLUSH);
4679 mode = SVAL(req->vwv+1, 0) & 3;
4680 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4681 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4690 res = fsp->fh->pos + startpos;
4701 if (umode == SEEK_END) {
4702 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4703 if(errno == EINVAL) {
4704 SMB_OFF_T current_pos = startpos;
4706 if(fsp_stat(fsp) == -1) {
4708 map_nt_error_from_unix(errno));
4709 END_PROFILE(SMBlseek);
4713 current_pos += fsp->fsp_name->st.st_ex_size;
4715 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4720 reply_nterror(req, map_nt_error_from_unix(errno));
4721 END_PROFILE(SMBlseek);
4728 reply_outbuf(req, 2, 0);
4729 SIVAL(req->outbuf,smb_vwv0,res);
4731 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4732 fsp->fnum, (double)startpos, (double)res, mode));
4734 END_PROFILE(SMBlseek);
4738 /****************************************************************************
4740 ****************************************************************************/
4742 void reply_flush(struct smb_request *req)
4744 connection_struct *conn = req->conn;
4748 START_PROFILE(SMBflush);
4751 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4755 fnum = SVAL(req->vwv+0, 0);
4756 fsp = file_fsp(req, fnum);
4758 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4763 file_sync_all(conn);
4765 NTSTATUS status = sync_file(conn, fsp, True);
4766 if (!NT_STATUS_IS_OK(status)) {
4767 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4768 fsp_str_dbg(fsp), nt_errstr(status)));
4769 reply_nterror(req, status);
4770 END_PROFILE(SMBflush);
4775 reply_outbuf(req, 0, 0);
4777 DEBUG(3,("flush\n"));
4778 END_PROFILE(SMBflush);
4782 /****************************************************************************
4784 conn POINTER CAN BE NULL HERE !
4785 ****************************************************************************/
4787 void reply_exit(struct smb_request *req)
4789 START_PROFILE(SMBexit);
4791 file_close_pid(req->sconn, req->smbpid, req->vuid);
4793 reply_outbuf(req, 0, 0);
4795 DEBUG(3,("exit\n"));
4797 END_PROFILE(SMBexit);
4801 /****************************************************************************
4802 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4803 ****************************************************************************/
4805 void reply_close(struct smb_request *req)
4807 connection_struct *conn = req->conn;
4808 NTSTATUS status = NT_STATUS_OK;
4809 files_struct *fsp = NULL;
4810 START_PROFILE(SMBclose);
4813 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4814 END_PROFILE(SMBclose);
4818 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4821 * We can only use check_fsp if we know it's not a directory.
4824 if (!check_fsp_open(conn, req, fsp)) {
4825 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
4826 END_PROFILE(SMBclose);
4830 if(fsp->is_directory) {
4832 * Special case - close NT SMB directory handle.
4834 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4835 status = close_file(req, fsp, NORMAL_CLOSE);
4839 * Close ordinary file.
4842 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4843 fsp->fh->fd, fsp->fnum,
4844 conn->num_files_open));
4847 * Take care of any time sent in the close.
4850 t = srv_make_unix_date3(req->vwv+1);
4851 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4854 * close_file() returns the unix errno if an error
4855 * was detected on close - normally this is due to
4856 * a disk full error. If not then it was probably an I/O error.
4859 status = close_file(req, fsp, NORMAL_CLOSE);
4862 if (!NT_STATUS_IS_OK(status)) {
4863 reply_nterror(req, status);
4864 END_PROFILE(SMBclose);
4868 reply_outbuf(req, 0, 0);
4869 END_PROFILE(SMBclose);
4873 /****************************************************************************
4874 Reply to a writeclose (Core+ protocol).
4875 ****************************************************************************/
4877 void reply_writeclose(struct smb_request *req)
4879 connection_struct *conn = req->conn;
4881 ssize_t nwritten = -1;
4882 NTSTATUS close_status = NT_STATUS_OK;
4885 struct timespec mtime;
4887 struct lock_struct lock;
4889 START_PROFILE(SMBwriteclose);
4892 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4893 END_PROFILE(SMBwriteclose);
4897 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4899 if (!check_fsp(conn, req, fsp)) {
4900 END_PROFILE(SMBwriteclose);
4903 if (!CHECK_WRITE(fsp)) {
4904 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4905 END_PROFILE(SMBwriteclose);
4909 numtowrite = SVAL(req->vwv+1, 0);
4910 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4911 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4912 data = (const char *)req->buf + 1;
4914 if (!fsp->print_file) {
4915 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4916 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4919 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4920 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4921 END_PROFILE(SMBwriteclose);
4926 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4928 set_close_write_time(fsp, mtime);
4931 * More insanity. W2K only closes the file if writelen > 0.
4936 DEBUG(3,("reply_writeclose: zero length write doesn't close "
4937 "file %s\n", fsp_str_dbg(fsp)));
4938 close_status = close_file(req, fsp, NORMAL_CLOSE);
4941 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4942 fsp->fnum, (int)numtowrite, (int)nwritten,
4943 conn->num_files_open));
4945 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4946 reply_nterror(req, NT_STATUS_DISK_FULL);
4950 if(!NT_STATUS_IS_OK(close_status)) {
4951 reply_nterror(req, close_status);
4955 reply_outbuf(req, 1, 0);
4957 SSVAL(req->outbuf,smb_vwv0,nwritten);
4960 if (numtowrite && !fsp->print_file) {
4961 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4964 END_PROFILE(SMBwriteclose);
4969 #define DBGC_CLASS DBGC_LOCKING
4971 /****************************************************************************
4973 ****************************************************************************/
4975 void reply_lock(struct smb_request *req)
4977 connection_struct *conn = req->conn;
4978 uint64_t count,offset;
4981 struct byte_range_lock *br_lck = NULL;
4983 START_PROFILE(SMBlock);
4986 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4987 END_PROFILE(SMBlock);
4991 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4993 if (!check_fsp(conn, req, fsp)) {
4994 END_PROFILE(SMBlock);
4998 count = (uint64_t)IVAL(req->vwv+1, 0);
4999 offset = (uint64_t)IVAL(req->vwv+3, 0);
5001 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
5002 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
5004 br_lck = do_lock(req->sconn->msg_ctx,
5006 (uint64_t)req->smbpid,
5011 False, /* Non-blocking lock. */
5016 TALLOC_FREE(br_lck);
5018 if (NT_STATUS_V(status)) {
5019 reply_nterror(req, status);
5020 END_PROFILE(SMBlock);
5024 reply_outbuf(req, 0, 0);
5026 END_PROFILE(SMBlock);
5030 /****************************************************************************
5032 ****************************************************************************/
5034 void reply_unlock(struct smb_request *req)
5036 connection_struct *conn = req->conn;
5037 uint64_t count,offset;
5041 START_PROFILE(SMBunlock);
5044 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5045 END_PROFILE(SMBunlock);
5049 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5051 if (!check_fsp(conn, req, fsp)) {
5052 END_PROFILE(SMBunlock);
5056 count = (uint64_t)IVAL(req->vwv+1, 0);
5057 offset = (uint64_t)IVAL(req->vwv+3, 0);
5059 status = do_unlock(req->sconn->msg_ctx,
5061 (uint64_t)req->smbpid,
5066 if (NT_STATUS_V(status)) {
5067 reply_nterror(req, status);
5068 END_PROFILE(SMBunlock);
5072 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
5073 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
5075 reply_outbuf(req, 0, 0);
5077 END_PROFILE(SMBunlock);
5082 #define DBGC_CLASS DBGC_ALL
5084 /****************************************************************************
5086 conn POINTER CAN BE NULL HERE !
5087 ****************************************************************************/
5089 void reply_tdis(struct smb_request *req)
5091 connection_struct *conn = req->conn;
5092 START_PROFILE(SMBtdis);
5095 DEBUG(4,("Invalid connection in tdis\n"));
5096 reply_nterror(req, NT_STATUS_NETWORK_NAME_DELETED);
5097 END_PROFILE(SMBtdis);
5103 close_cnum(conn,req->vuid);
5106 reply_outbuf(req, 0, 0);
5107 END_PROFILE(SMBtdis);
5111 /****************************************************************************
5113 conn POINTER CAN BE NULL HERE !
5114 ****************************************************************************/
5116 void reply_echo(struct smb_request *req)
5118 connection_struct *conn = req->conn;
5119 struct smb_perfcount_data local_pcd;
5120 struct smb_perfcount_data *cur_pcd;
5124 START_PROFILE(SMBecho);
5126 smb_init_perfcount_data(&local_pcd);
5129 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5130 END_PROFILE(SMBecho);
5134 smb_reverb = SVAL(req->vwv+0, 0);
5136 reply_outbuf(req, 1, req->buflen);
5138 /* copy any incoming data back out */
5139 if (req->buflen > 0) {
5140 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
5143 if (smb_reverb > 100) {
5144 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
5148 for (seq_num = 1 ; seq_num <= smb_reverb ; seq_num++) {
5150 /* this makes sure we catch the request pcd */
5151 if (seq_num == smb_reverb) {
5152 cur_pcd = &req->pcd;
5154 SMB_PERFCOUNT_COPY_CONTEXT(&req->pcd, &local_pcd);
5155 cur_pcd = &local_pcd;
5158 SSVAL(req->outbuf,smb_vwv0,seq_num);
5160 show_msg((char *)req->outbuf);
5161 if (!srv_send_smb(req->sconn,
5162 (char *)req->outbuf,
5163 true, req->seqnum+1,
5164 IS_CONN_ENCRYPTED(conn)||req->encrypted,
5166 exit_server_cleanly("reply_echo: srv_send_smb failed.");
5169 DEBUG(3,("echo %d times\n", smb_reverb));
5171 TALLOC_FREE(req->outbuf);
5173 END_PROFILE(SMBecho);
5177 /****************************************************************************
5178 Reply to a printopen.
5179 ****************************************************************************/
5181 void reply_printopen(struct smb_request *req)
5183 connection_struct *conn = req->conn;
5187 START_PROFILE(SMBsplopen);
5190 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5191 END_PROFILE(SMBsplopen);
5195 if (!CAN_PRINT(conn)) {
5196 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5197 END_PROFILE(SMBsplopen);
5201 status = file_new(req, conn, &fsp);
5202 if(!NT_STATUS_IS_OK(status)) {
5203 reply_nterror(req, status);
5204 END_PROFILE(SMBsplopen);
5208 /* Open for exclusive use, write only. */
5209 status = print_spool_open(fsp, NULL, req->vuid);
5211 if (!NT_STATUS_IS_OK(status)) {
5212 file_free(req, fsp);
5213 reply_nterror(req, status);
5214 END_PROFILE(SMBsplopen);
5218 reply_outbuf(req, 1, 0);
5219 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
5221 DEBUG(3,("openprint fd=%d fnum=%d\n",
5222 fsp->fh->fd, fsp->fnum));
5224 END_PROFILE(SMBsplopen);
5228 /****************************************************************************
5229 Reply to a printclose.
5230 ****************************************************************************/
5232 void reply_printclose(struct smb_request *req)
5234 connection_struct *conn = req->conn;
5238 START_PROFILE(SMBsplclose);
5241 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5242 END_PROFILE(SMBsplclose);
5246 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5248 if (!check_fsp(conn, req, fsp)) {
5249 END_PROFILE(SMBsplclose);
5253 if (!CAN_PRINT(conn)) {
5254 reply_force_doserror(req, ERRSRV, ERRerror);
5255 END_PROFILE(SMBsplclose);
5259 DEBUG(3,("printclose fd=%d fnum=%d\n",
5260 fsp->fh->fd,fsp->fnum));
5262 status = close_file(req, fsp, NORMAL_CLOSE);
5264 if(!NT_STATUS_IS_OK(status)) {
5265 reply_nterror(req, status);
5266 END_PROFILE(SMBsplclose);
5270 reply_outbuf(req, 0, 0);
5272 END_PROFILE(SMBsplclose);
5276 /****************************************************************************
5277 Reply to a printqueue.
5278 ****************************************************************************/
5280 void reply_printqueue(struct smb_request *req)
5282 connection_struct *conn = req->conn;
5286 START_PROFILE(SMBsplretq);
5289 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5290 END_PROFILE(SMBsplretq);
5294 max_count = SVAL(req->vwv+0, 0);
5295 start_index = SVAL(req->vwv+1, 0);
5297 /* we used to allow the client to get the cnum wrong, but that
5298 is really quite gross and only worked when there was only
5299 one printer - I think we should now only accept it if they
5300 get it right (tridge) */
5301 if (!CAN_PRINT(conn)) {
5302 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5303 END_PROFILE(SMBsplretq);
5307 reply_outbuf(req, 2, 3);
5308 SSVAL(req->outbuf,smb_vwv0,0);
5309 SSVAL(req->outbuf,smb_vwv1,0);
5310 SCVAL(smb_buf(req->outbuf),0,1);
5311 SSVAL(smb_buf(req->outbuf),1,0);
5313 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
5314 start_index, max_count));
5317 TALLOC_CTX *mem_ctx = talloc_tos();
5320 const char *sharename = lp_servicename(SNUM(conn));
5321 struct rpc_pipe_client *cli = NULL;
5322 struct dcerpc_binding_handle *b = NULL;
5323 struct policy_handle handle;
5324 struct spoolss_DevmodeContainer devmode_ctr;
5325 union spoolss_JobInfo *info;
5327 uint32_t num_to_get;
5331 ZERO_STRUCT(handle);
5333 status = rpc_pipe_open_interface(conn,
5334 &ndr_table_spoolss.syntax_id,
5336 &conn->sconn->client_id,
5337 conn->sconn->msg_ctx,
5339 if (!NT_STATUS_IS_OK(status)) {
5340 DEBUG(0, ("reply_printqueue: "
5341 "could not connect to spoolss: %s\n",
5342 nt_errstr(status)));
5343 reply_nterror(req, status);
5346 b = cli->binding_handle;
5348 ZERO_STRUCT(devmode_ctr);
5350 status = dcerpc_spoolss_OpenPrinter(b, mem_ctx,
5353 SEC_FLAG_MAXIMUM_ALLOWED,
5356 if (!NT_STATUS_IS_OK(status)) {
5357 reply_nterror(req, status);
5360 if (!W_ERROR_IS_OK(werr)) {
5361 reply_nterror(req, werror_to_ntstatus(werr));
5365 werr = rpccli_spoolss_enumjobs(cli, mem_ctx,
5373 if (!W_ERROR_IS_OK(werr)) {
5374 reply_nterror(req, werror_to_ntstatus(werr));
5378 if (max_count > 0) {
5379 first = start_index;
5381 first = start_index + max_count + 1;
5384 if (first >= count) {
5387 num_to_get = first + MIN(ABS(max_count), count - first);
5390 for (i = first; i < num_to_get; i++) {
5393 time_t qtime = spoolss_Time_to_time_t(&info[i].info2.submitted);
5395 uint16_t qrapjobid = pjobid_to_rap(sharename,
5396 info[i].info2.job_id);
5398 if (info[i].info2.status == JOB_STATUS_PRINTING) {
5404 srv_put_dos_date2(p, 0, qtime);
5405 SCVAL(p, 4, qstatus);
5406 SSVAL(p, 5, qrapjobid);
5407 SIVAL(p, 7, info[i].info2.size);
5409 srvstr_push(blob, req->flags2, p+12,
5410 info[i].info2.notify_name, 16, STR_ASCII);
5412 if (message_push_blob(
5415 blob, sizeof(blob))) == -1) {
5416 reply_nterror(req, NT_STATUS_NO_MEMORY);
5422 SSVAL(req->outbuf,smb_vwv0,count);
5423 SSVAL(req->outbuf,smb_vwv1,
5424 (max_count>0?first+count:first-1));
5425 SCVAL(smb_buf(req->outbuf),0,1);
5426 SSVAL(smb_buf(req->outbuf),1,28*count);
5430 DEBUG(3, ("%u entries returned in queue\n",
5434 if (b && is_valid_policy_hnd(&handle)) {
5435 dcerpc_spoolss_ClosePrinter(b, mem_ctx, &handle, &werr);
5440 END_PROFILE(SMBsplretq);
5444 /****************************************************************************
5445 Reply to a printwrite.
5446 ****************************************************************************/
5448 void reply_printwrite(struct smb_request *req)
5450 connection_struct *conn = req->conn;
5455 START_PROFILE(SMBsplwr);
5458 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5459 END_PROFILE(SMBsplwr);
5463 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5465 if (!check_fsp(conn, req, fsp)) {
5466 END_PROFILE(SMBsplwr);
5470 if (!fsp->print_file) {
5471 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5472 END_PROFILE(SMBsplwr);
5476 if (!CHECK_WRITE(fsp)) {
5477 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5478 END_PROFILE(SMBsplwr);
5482 numtowrite = SVAL(req->buf, 1);
5484 if (req->buflen < numtowrite + 3) {
5485 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5486 END_PROFILE(SMBsplwr);
5490 data = (const char *)req->buf + 3;
5492 if (write_file(req,fsp,data,(SMB_OFF_T)-1,numtowrite) != numtowrite) {
5493 reply_nterror(req, map_nt_error_from_unix(errno));
5494 END_PROFILE(SMBsplwr);
5498 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
5500 END_PROFILE(SMBsplwr);
5504 /****************************************************************************
5506 ****************************************************************************/
5508 void reply_mkdir(struct smb_request *req)
5510 connection_struct *conn = req->conn;
5511 struct smb_filename *smb_dname = NULL;
5512 char *directory = NULL;
5514 TALLOC_CTX *ctx = talloc_tos();
5516 START_PROFILE(SMBmkdir);
5518 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5519 STR_TERMINATE, &status);
5520 if (!NT_STATUS_IS_OK(status)) {
5521 reply_nterror(req, status);
5525 status = filename_convert(ctx, conn,
5526 req->flags2 & FLAGS2_DFS_PATHNAMES,
5531 if (!NT_STATUS_IS_OK(status)) {
5532 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5533 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5534 ERRSRV, ERRbadpath);
5537 reply_nterror(req, status);
5541 status = create_directory(conn, req, smb_dname);
5543 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
5545 if (!NT_STATUS_IS_OK(status)) {
5547 if (!use_nt_status()
5548 && NT_STATUS_EQUAL(status,
5549 NT_STATUS_OBJECT_NAME_COLLISION)) {
5551 * Yes, in the DOS error code case we get a
5552 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5553 * samba4 torture test.
5555 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
5558 reply_nterror(req, status);
5562 reply_outbuf(req, 0, 0);
5564 DEBUG(3, ("mkdir %s\n", smb_dname->base_name));
5566 TALLOC_FREE(smb_dname);
5567 END_PROFILE(SMBmkdir);
5571 /****************************************************************************
5573 ****************************************************************************/
5575 void reply_rmdir(struct smb_request *req)
5577 connection_struct *conn = req->conn;
5578 struct smb_filename *smb_dname = NULL;
5579 char *directory = NULL;
5581 TALLOC_CTX *ctx = talloc_tos();
5582 files_struct *fsp = NULL;
5584 struct smbd_server_connection *sconn = req->sconn;
5586 START_PROFILE(SMBrmdir);
5588 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5589 STR_TERMINATE, &status);
5590 if (!NT_STATUS_IS_OK(status)) {
5591 reply_nterror(req, status);
5595 status = filename_convert(ctx, conn,
5596 req->flags2 & FLAGS2_DFS_PATHNAMES,
5601 if (!NT_STATUS_IS_OK(status)) {
5602 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5603 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5604 ERRSRV, ERRbadpath);
5607 reply_nterror(req, status);
5611 if (is_ntfs_stream_smb_fname(smb_dname)) {
5612 reply_nterror(req, NT_STATUS_NOT_A_DIRECTORY);
5616 status = SMB_VFS_CREATE_FILE(
5619 0, /* root_dir_fid */
5620 smb_dname, /* fname */
5621 DELETE_ACCESS, /* access_mask */
5622 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
5624 FILE_OPEN, /* create_disposition*/
5625 FILE_DIRECTORY_FILE, /* create_options */
5626 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
5627 0, /* oplock_request */
5628 0, /* allocation_size */
5629 0, /* private_flags */
5635 if (!NT_STATUS_IS_OK(status)) {
5636 if (open_was_deferred(req->mid)) {
5637 /* We have re-scheduled this call. */
5640 reply_nterror(req, status);
5644 status = can_set_delete_on_close(fsp, FILE_ATTRIBUTE_DIRECTORY);
5645 if (!NT_STATUS_IS_OK(status)) {
5646 close_file(req, fsp, ERROR_CLOSE);
5647 reply_nterror(req, status);
5651 if (!set_delete_on_close(fsp, true, &conn->session_info->utok)) {
5652 close_file(req, fsp, ERROR_CLOSE);
5653 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5657 status = close_file(req, fsp, NORMAL_CLOSE);
5658 if (!NT_STATUS_IS_OK(status)) {
5659 reply_nterror(req, status);
5661 reply_outbuf(req, 0, 0);
5664 dptr_closepath(sconn, smb_dname->base_name, req->smbpid);
5666 DEBUG(3, ("rmdir %s\n", smb_fname_str_dbg(smb_dname)));
5668 TALLOC_FREE(smb_dname);
5669 END_PROFILE(SMBrmdir);
5673 /*******************************************************************
5674 Resolve wildcards in a filename rename.
5675 ********************************************************************/
5677 static bool resolve_wildcards(TALLOC_CTX *ctx,
5682 char *name2_copy = NULL;
5687 char *p,*p2, *pname1, *pname2;
5689 name2_copy = talloc_strdup(ctx, name2);
5694 pname1 = strrchr_m(name1,'/');
5695 pname2 = strrchr_m(name2_copy,'/');
5697 if (!pname1 || !pname2) {
5701 /* Truncate the copy of name2 at the last '/' */
5704 /* Now go past the '/' */
5708 root1 = talloc_strdup(ctx, pname1);
5709 root2 = talloc_strdup(ctx, pname2);
5711 if (!root1 || !root2) {
5715 p = strrchr_m(root1,'.');
5718 ext1 = talloc_strdup(ctx, p+1);
5720 ext1 = talloc_strdup(ctx, "");
5722 p = strrchr_m(root2,'.');
5725 ext2 = talloc_strdup(ctx, p+1);
5727 ext2 = talloc_strdup(ctx, "");
5730 if (!ext1 || !ext2) {
5738 /* Hmmm. Should this be mb-aware ? */
5741 } else if (*p2 == '*') {
5743 root2 = talloc_asprintf(ctx, "%s%s",
5762 /* Hmmm. Should this be mb-aware ? */
5765 } else if (*p2 == '*') {
5767 ext2 = talloc_asprintf(ctx, "%s%s",
5783 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5788 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5800 /****************************************************************************
5801 Ensure open files have their names updated. Updated to notify other smbd's
5803 ****************************************************************************/
5805 static void rename_open_files(connection_struct *conn,
5806 struct share_mode_lock *lck,
5807 uint32_t orig_name_hash,
5808 const struct smb_filename *smb_fname_dst)
5811 bool did_rename = False;
5813 uint32_t new_name_hash;
5815 for(fsp = file_find_di_first(conn->sconn, lck->id); fsp;
5816 fsp = file_find_di_next(fsp)) {
5817 /* fsp_name is a relative path under the fsp. To change this for other
5818 sharepaths we need to manipulate relative paths. */
5819 /* TODO - create the absolute path and manipulate the newname
5820 relative to the sharepath. */
5821 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5824 if (fsp->name_hash != orig_name_hash) {
5827 DEBUG(10, ("rename_open_files: renaming file fnum %d "
5828 "(file_id %s) from %s -> %s\n", fsp->fnum,
5829 file_id_string_tos(&fsp->file_id), fsp_str_dbg(fsp),
5830 smb_fname_str_dbg(smb_fname_dst)));
5832 status = fsp_set_smb_fname(fsp, smb_fname_dst);
5833 if (NT_STATUS_IS_OK(status)) {
5835 new_name_hash = fsp->name_hash;
5840 DEBUG(10, ("rename_open_files: no open files on file_id %s "
5841 "for %s\n", file_id_string_tos(&lck->id),
5842 smb_fname_str_dbg(smb_fname_dst)));
5845 /* Send messages to all smbd's (not ourself) that the name has changed. */
5846 rename_share_filename(conn->sconn->msg_ctx, lck, conn->connectpath,
5847 orig_name_hash, new_name_hash,
5852 /****************************************************************************
5853 We need to check if the source path is a parent directory of the destination
5854 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5855 refuse the rename with a sharing violation. Under UNIX the above call can
5856 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5857 probably need to check that the client is a Windows one before disallowing
5858 this as a UNIX client (one with UNIX extensions) can know the source is a
5859 symlink and make this decision intelligently. Found by an excellent bug
5860 report from <AndyLiebman@aol.com>.
5861 ****************************************************************************/
5863 static bool rename_path_prefix_equal(const struct smb_filename *smb_fname_src,
5864 const struct smb_filename *smb_fname_dst)
5866 const char *psrc = smb_fname_src->base_name;
5867 const char *pdst = smb_fname_dst->base_name;
5870 if (psrc[0] == '.' && psrc[1] == '/') {
5873 if (pdst[0] == '.' && pdst[1] == '/') {
5876 if ((slen = strlen(psrc)) > strlen(pdst)) {
5879 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5883 * Do the notify calls from a rename
5886 static void notify_rename(connection_struct *conn, bool is_dir,
5887 const struct smb_filename *smb_fname_src,
5888 const struct smb_filename *smb_fname_dst)
5890 char *parent_dir_src = NULL;
5891 char *parent_dir_dst = NULL;
5894 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5895 : FILE_NOTIFY_CHANGE_FILE_NAME;
5897 if (!parent_dirname(talloc_tos(), smb_fname_src->base_name,
5898 &parent_dir_src, NULL) ||
5899 !parent_dirname(talloc_tos(), smb_fname_dst->base_name,
5900 &parent_dir_dst, NULL)) {
5904 if (strcmp(parent_dir_src, parent_dir_dst) == 0) {
5905 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask,
5906 smb_fname_src->base_name);
5907 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask,
5908 smb_fname_dst->base_name);
5911 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask,
5912 smb_fname_src->base_name);
5913 notify_fname(conn, NOTIFY_ACTION_ADDED, mask,
5914 smb_fname_dst->base_name);
5917 /* this is a strange one. w2k3 gives an additional event for
5918 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5919 files, but not directories */
5921 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5922 FILE_NOTIFY_CHANGE_ATTRIBUTES
5923 |FILE_NOTIFY_CHANGE_CREATION,
5924 smb_fname_dst->base_name);
5927 TALLOC_FREE(parent_dir_src);
5928 TALLOC_FREE(parent_dir_dst);
5931 /****************************************************************************
5932 Rename an open file - given an fsp.
5933 ****************************************************************************/
5935 NTSTATUS rename_internals_fsp(connection_struct *conn,
5937 const struct smb_filename *smb_fname_dst_in,
5939 bool replace_if_exists)
5941 TALLOC_CTX *ctx = talloc_tos();
5942 struct smb_filename *smb_fname_dst = NULL;
5943 NTSTATUS status = NT_STATUS_OK;
5944 struct share_mode_lock *lck = NULL;
5945 bool dst_exists, old_is_stream, new_is_stream;
5947 status = check_name(conn, smb_fname_dst_in->base_name);
5948 if (!NT_STATUS_IS_OK(status)) {
5952 /* Make a copy of the dst smb_fname structs */
5954 status = copy_smb_filename(ctx, smb_fname_dst_in, &smb_fname_dst);
5955 if (!NT_STATUS_IS_OK(status)) {
5960 * Check for special case with case preserving and not
5961 * case sensitive. If the old last component differs from the original
5962 * last component only by case, then we should allow
5963 * the rename (user is trying to change the case of the
5966 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5967 strequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
5968 strequal(fsp->fsp_name->stream_name, smb_fname_dst->stream_name)) {
5970 char *fname_dst_lcomp_base_mod = NULL;
5971 struct smb_filename *smb_fname_orig_lcomp = NULL;
5974 * Get the last component of the destination name.
5976 last_slash = strrchr_m(smb_fname_dst->base_name, '/');
5978 fname_dst_lcomp_base_mod = talloc_strdup(ctx, last_slash + 1);
5980 fname_dst_lcomp_base_mod = talloc_strdup(ctx, smb_fname_dst->base_name);
5982 if (!fname_dst_lcomp_base_mod) {
5983 status = NT_STATUS_NO_MEMORY;
5988 * Create an smb_filename struct using the original last
5989 * component of the destination.
5991 status = create_synthetic_smb_fname_split(ctx,
5992 smb_fname_dst->original_lcomp, NULL,
5993 &smb_fname_orig_lcomp);
5994 if (!NT_STATUS_IS_OK(status)) {
5995 TALLOC_FREE(fname_dst_lcomp_base_mod);
5999 /* If the base names only differ by case, use original. */
6000 if(!strcsequal(fname_dst_lcomp_base_mod,
6001 smb_fname_orig_lcomp->base_name)) {
6004 * Replace the modified last component with the
6008 *last_slash = '\0'; /* Truncate at the '/' */
6009 tmp = talloc_asprintf(smb_fname_dst,
6011 smb_fname_dst->base_name,
6012 smb_fname_orig_lcomp->base_name);
6014 tmp = talloc_asprintf(smb_fname_dst,
6016 smb_fname_orig_lcomp->base_name);
6019 status = NT_STATUS_NO_MEMORY;
6020 TALLOC_FREE(fname_dst_lcomp_base_mod);
6021 TALLOC_FREE(smb_fname_orig_lcomp);
6024 TALLOC_FREE(smb_fname_dst->base_name);
6025 smb_fname_dst->base_name = tmp;
6028 /* If the stream_names only differ by case, use original. */
6029 if(!strcsequal(smb_fname_dst->stream_name,
6030 smb_fname_orig_lcomp->stream_name)) {
6032 /* Use the original stream. */
6033 tmp = talloc_strdup(smb_fname_dst,
6034 smb_fname_orig_lcomp->stream_name);
6036 status = NT_STATUS_NO_MEMORY;
6037 TALLOC_FREE(fname_dst_lcomp_base_mod);
6038 TALLOC_FREE(smb_fname_orig_lcomp);
6041 TALLOC_FREE(smb_fname_dst->stream_name);
6042 smb_fname_dst->stream_name = tmp;
6044 TALLOC_FREE(fname_dst_lcomp_base_mod);
6045 TALLOC_FREE(smb_fname_orig_lcomp);
6049 * If the src and dest names are identical - including case,
6050 * don't do the rename, just return success.
6053 if (strcsequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
6054 strcsequal(fsp->fsp_name->stream_name,
6055 smb_fname_dst->stream_name)) {
6056 DEBUG(3, ("rename_internals_fsp: identical names in rename %s "
6057 "- returning success\n",
6058 smb_fname_str_dbg(smb_fname_dst)));
6059 status = NT_STATUS_OK;
6063 old_is_stream = is_ntfs_stream_smb_fname(fsp->fsp_name);
6064 new_is_stream = is_ntfs_stream_smb_fname(smb_fname_dst);
6066 /* Return the correct error code if both names aren't streams. */
6067 if (!old_is_stream && new_is_stream) {
6068 status = NT_STATUS_OBJECT_NAME_INVALID;
6072 if (old_is_stream && !new_is_stream) {
6073 status = NT_STATUS_INVALID_PARAMETER;
6077 dst_exists = SMB_VFS_STAT(conn, smb_fname_dst) == 0;
6079 if(!replace_if_exists && dst_exists) {
6080 DEBUG(3, ("rename_internals_fsp: dest exists doing rename "
6081 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6082 smb_fname_str_dbg(smb_fname_dst)));
6083 status = NT_STATUS_OBJECT_NAME_COLLISION;
6088 struct file_id fileid = vfs_file_id_from_sbuf(conn,
6089 &smb_fname_dst->st);
6090 files_struct *dst_fsp = file_find_di_first(conn->sconn,
6092 /* The file can be open when renaming a stream */
6093 if (dst_fsp && !new_is_stream) {
6094 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
6095 status = NT_STATUS_ACCESS_DENIED;
6100 /* Ensure we have a valid stat struct for the source. */
6101 status = vfs_stat_fsp(fsp);
6102 if (!NT_STATUS_IS_OK(status)) {
6106 status = can_rename(conn, fsp, attrs);
6108 if (!NT_STATUS_IS_OK(status)) {
6109 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6110 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6111 smb_fname_str_dbg(smb_fname_dst)));
6112 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
6113 status = NT_STATUS_ACCESS_DENIED;
6117 if (rename_path_prefix_equal(fsp->fsp_name, smb_fname_dst)) {
6118 status = NT_STATUS_ACCESS_DENIED;
6121 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
6125 * We have the file open ourselves, so not being able to get the
6126 * corresponding share mode lock is a fatal error.
6129 SMB_ASSERT(lck != NULL);
6131 if(SMB_VFS_RENAME(conn, fsp->fsp_name, smb_fname_dst) == 0) {
6132 uint32 create_options = fsp->fh->private_options;
6134 DEBUG(3, ("rename_internals_fsp: succeeded doing rename on "
6135 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6136 smb_fname_str_dbg(smb_fname_dst)));
6138 if (!lp_posix_pathnames() &&
6139 (lp_map_archive(SNUM(conn)) ||
6140 lp_store_dos_attributes(SNUM(conn)))) {
6141 /* We must set the archive bit on the newly
6143 if (SMB_VFS_STAT(conn, smb_fname_dst) == 0) {
6144 uint32_t old_dosmode = dos_mode(conn,
6146 file_set_dosmode(conn,
6148 old_dosmode | FILE_ATTRIBUTE_ARCHIVE,
6154 notify_rename(conn, fsp->is_directory, fsp->fsp_name,
6157 rename_open_files(conn, lck, fsp->name_hash, smb_fname_dst);
6160 * A rename acts as a new file create w.r.t. allowing an initial delete
6161 * on close, probably because in Windows there is a new handle to the
6162 * new file. If initial delete on close was requested but not
6163 * originally set, we need to set it here. This is probably not 100% correct,
6164 * but will work for the CIFSFS client which in non-posix mode
6165 * depends on these semantics. JRA.
6168 if (create_options & FILE_DELETE_ON_CLOSE) {
6169 status = can_set_delete_on_close(fsp, 0);
6171 if (NT_STATUS_IS_OK(status)) {
6172 /* Note that here we set the *inital* delete on close flag,
6173 * not the regular one. The magic gets handled in close. */
6174 fsp->initial_delete_on_close = True;
6178 status = NT_STATUS_OK;
6184 if (errno == ENOTDIR || errno == EISDIR) {
6185 status = NT_STATUS_OBJECT_NAME_COLLISION;
6187 status = map_nt_error_from_unix(errno);
6190 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6191 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6192 smb_fname_str_dbg(smb_fname_dst)));
6195 TALLOC_FREE(smb_fname_dst);
6200 /****************************************************************************
6201 The guts of the rename command, split out so it may be called by the NT SMB
6203 ****************************************************************************/
6205 NTSTATUS rename_internals(TALLOC_CTX *ctx,
6206 connection_struct *conn,
6207 struct smb_request *req,
6208 struct smb_filename *smb_fname_src,
6209 struct smb_filename *smb_fname_dst,
6211 bool replace_if_exists,
6214 uint32_t access_mask)
6216 char *fname_src_dir = NULL;
6217 char *fname_src_mask = NULL;
6219 NTSTATUS status = NT_STATUS_OK;
6220 struct smb_Dir *dir_hnd = NULL;
6221 const char *dname = NULL;
6222 char *talloced = NULL;
6224 int create_options = 0;
6225 bool posix_pathnames = lp_posix_pathnames();
6228 * Split the old name into directory and last component
6229 * strings. Note that unix_convert may have stripped off a
6230 * leading ./ from both name and newname if the rename is
6231 * at the root of the share. We need to make sure either both
6232 * name and newname contain a / character or neither of them do
6233 * as this is checked in resolve_wildcards().
6236 /* Split up the directory from the filename/mask. */
6237 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6238 &fname_src_dir, &fname_src_mask);
6239 if (!NT_STATUS_IS_OK(status)) {
6240 status = NT_STATUS_NO_MEMORY;
6245 * We should only check the mangled cache
6246 * here if unix_convert failed. This means
6247 * that the path in 'mask' doesn't exist
6248 * on the file system and so we need to look
6249 * for a possible mangle. This patch from
6250 * Tine Smukavec <valentin.smukavec@hermes.si>.
6253 if (!VALID_STAT(smb_fname_src->st) &&
6254 mangle_is_mangled(fname_src_mask, conn->params)) {
6255 char *new_mask = NULL;
6256 mangle_lookup_name_from_8_3(ctx, fname_src_mask, &new_mask,
6259 TALLOC_FREE(fname_src_mask);
6260 fname_src_mask = new_mask;
6264 if (!src_has_wild) {
6268 * Only one file needs to be renamed. Append the mask back
6269 * onto the directory.
6271 TALLOC_FREE(smb_fname_src->base_name);
6272 if (ISDOT(fname_src_dir)) {
6273 /* Ensure we use canonical names on open. */
6274 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6278 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6283 if (!smb_fname_src->base_name) {
6284 status = NT_STATUS_NO_MEMORY;
6288 DEBUG(3, ("rename_internals: case_sensitive = %d, "
6289 "case_preserve = %d, short case preserve = %d, "
6290 "directory = %s, newname = %s, "
6291 "last_component_dest = %s\n",
6292 conn->case_sensitive, conn->case_preserve,
6293 conn->short_case_preserve,
6294 smb_fname_str_dbg(smb_fname_src),
6295 smb_fname_str_dbg(smb_fname_dst),
6296 smb_fname_dst->original_lcomp));
6298 /* The dest name still may have wildcards. */
6299 if (dest_has_wild) {
6300 char *fname_dst_mod = NULL;
6301 if (!resolve_wildcards(smb_fname_dst,
6302 smb_fname_src->base_name,
6303 smb_fname_dst->base_name,
6305 DEBUG(6, ("rename_internals: resolve_wildcards "
6307 smb_fname_src->base_name,
6308 smb_fname_dst->base_name));
6309 status = NT_STATUS_NO_MEMORY;
6312 TALLOC_FREE(smb_fname_dst->base_name);
6313 smb_fname_dst->base_name = fname_dst_mod;
6316 ZERO_STRUCT(smb_fname_src->st);
6317 if (posix_pathnames) {
6318 SMB_VFS_LSTAT(conn, smb_fname_src);
6320 SMB_VFS_STAT(conn, smb_fname_src);
6323 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6324 create_options |= FILE_DIRECTORY_FILE;
6327 status = SMB_VFS_CREATE_FILE(
6330 0, /* root_dir_fid */
6331 smb_fname_src, /* fname */
6332 access_mask, /* access_mask */
6333 (FILE_SHARE_READ | /* share_access */
6335 FILE_OPEN, /* create_disposition*/
6336 create_options, /* create_options */
6337 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6338 0, /* oplock_request */
6339 0, /* allocation_size */
6340 0, /* private_flags */
6346 if (!NT_STATUS_IS_OK(status)) {
6347 DEBUG(3, ("Could not open rename source %s: %s\n",
6348 smb_fname_str_dbg(smb_fname_src),
6349 nt_errstr(status)));
6353 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6354 attrs, replace_if_exists);
6356 close_file(req, fsp, NORMAL_CLOSE);
6358 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6359 nt_errstr(status), smb_fname_str_dbg(smb_fname_src),
6360 smb_fname_str_dbg(smb_fname_dst)));
6366 * Wildcards - process each file that matches.
6368 if (strequal(fname_src_mask, "????????.???")) {
6369 TALLOC_FREE(fname_src_mask);
6370 fname_src_mask = talloc_strdup(ctx, "*");
6371 if (!fname_src_mask) {
6372 status = NT_STATUS_NO_MEMORY;
6377 status = check_name(conn, fname_src_dir);
6378 if (!NT_STATUS_IS_OK(status)) {
6382 dir_hnd = OpenDir(talloc_tos(), conn, fname_src_dir, fname_src_mask,
6384 if (dir_hnd == NULL) {
6385 status = map_nt_error_from_unix(errno);
6389 status = NT_STATUS_NO_SUCH_FILE;
6391 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6392 * - gentest fix. JRA
6395 while ((dname = ReadDirName(dir_hnd, &offset, &smb_fname_src->st,
6397 files_struct *fsp = NULL;
6398 char *destname = NULL;
6399 bool sysdir_entry = False;
6401 /* Quick check for "." and ".." */
6402 if (ISDOT(dname) || ISDOTDOT(dname)) {
6404 sysdir_entry = True;
6406 TALLOC_FREE(talloced);
6411 if (!is_visible_file(conn, fname_src_dir, dname,
6412 &smb_fname_src->st, false)) {
6413 TALLOC_FREE(talloced);
6417 if(!mask_match(dname, fname_src_mask, conn->case_sensitive)) {
6418 TALLOC_FREE(talloced);
6423 status = NT_STATUS_OBJECT_NAME_INVALID;
6427 TALLOC_FREE(smb_fname_src->base_name);
6428 if (ISDOT(fname_src_dir)) {
6429 /* Ensure we use canonical names on open. */
6430 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6434 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6439 if (!smb_fname_src->base_name) {
6440 status = NT_STATUS_NO_MEMORY;
6444 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
6445 smb_fname_dst->base_name,
6447 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6448 smb_fname_src->base_name, destname));
6449 TALLOC_FREE(talloced);
6453 status = NT_STATUS_NO_MEMORY;
6457 TALLOC_FREE(smb_fname_dst->base_name);
6458 smb_fname_dst->base_name = destname;
6460 ZERO_STRUCT(smb_fname_src->st);
6461 if (posix_pathnames) {
6462 SMB_VFS_LSTAT(conn, smb_fname_src);
6464 SMB_VFS_STAT(conn, smb_fname_src);
6469 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6470 create_options |= FILE_DIRECTORY_FILE;
6473 status = SMB_VFS_CREATE_FILE(
6476 0, /* root_dir_fid */
6477 smb_fname_src, /* fname */
6478 access_mask, /* access_mask */
6479 (FILE_SHARE_READ | /* share_access */
6481 FILE_OPEN, /* create_disposition*/
6482 create_options, /* create_options */
6483 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6484 0, /* oplock_request */
6485 0, /* allocation_size */
6486 0, /* private_flags */
6492 if (!NT_STATUS_IS_OK(status)) {
6493 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6494 "returned %s rename %s -> %s\n",
6496 smb_fname_str_dbg(smb_fname_src),
6497 smb_fname_str_dbg(smb_fname_dst)));
6501 smb_fname_dst->original_lcomp = talloc_strdup(smb_fname_dst,
6503 if (!smb_fname_dst->original_lcomp) {
6504 status = NT_STATUS_NO_MEMORY;
6508 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6509 attrs, replace_if_exists);
6511 close_file(req, fsp, NORMAL_CLOSE);
6513 if (!NT_STATUS_IS_OK(status)) {
6514 DEBUG(3, ("rename_internals_fsp returned %s for "
6515 "rename %s -> %s\n", nt_errstr(status),
6516 smb_fname_str_dbg(smb_fname_src),
6517 smb_fname_str_dbg(smb_fname_dst)));
6523 DEBUG(3,("rename_internals: doing rename on %s -> "
6524 "%s\n", smb_fname_str_dbg(smb_fname_src),
6525 smb_fname_str_dbg(smb_fname_src)));
6526 TALLOC_FREE(talloced);
6528 TALLOC_FREE(dir_hnd);
6530 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6531 status = map_nt_error_from_unix(errno);
6535 TALLOC_FREE(talloced);
6536 TALLOC_FREE(fname_src_dir);
6537 TALLOC_FREE(fname_src_mask);
6541 /****************************************************************************
6543 ****************************************************************************/
6545 void reply_mv(struct smb_request *req)
6547 connection_struct *conn = req->conn;
6549 char *newname = NULL;
6553 bool src_has_wcard = False;
6554 bool dest_has_wcard = False;
6555 TALLOC_CTX *ctx = talloc_tos();
6556 struct smb_filename *smb_fname_src = NULL;
6557 struct smb_filename *smb_fname_dst = NULL;
6558 bool stream_rename = false;
6560 START_PROFILE(SMBmv);
6563 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6567 attrs = SVAL(req->vwv+0, 0);
6569 p = (const char *)req->buf + 1;
6570 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6571 &status, &src_has_wcard);
6572 if (!NT_STATUS_IS_OK(status)) {
6573 reply_nterror(req, status);
6577 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6578 &status, &dest_has_wcard);
6579 if (!NT_STATUS_IS_OK(status)) {
6580 reply_nterror(req, status);
6584 if (!lp_posix_pathnames()) {
6585 /* The newname must begin with a ':' if the
6586 name contains a ':'. */
6587 if (strchr_m(name, ':')) {
6588 if (newname[0] != ':') {
6589 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6592 stream_rename = true;
6596 status = filename_convert(ctx,
6598 req->flags2 & FLAGS2_DFS_PATHNAMES,
6600 UCF_COND_ALLOW_WCARD_LCOMP,
6604 if (!NT_STATUS_IS_OK(status)) {
6605 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6606 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6607 ERRSRV, ERRbadpath);
6610 reply_nterror(req, status);
6614 status = filename_convert(ctx,
6616 req->flags2 & FLAGS2_DFS_PATHNAMES,
6618 UCF_COND_ALLOW_WCARD_LCOMP | UCF_SAVE_LCOMP,
6622 if (!NT_STATUS_IS_OK(status)) {
6623 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6624 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6625 ERRSRV, ERRbadpath);
6628 reply_nterror(req, status);
6632 if (stream_rename) {
6633 /* smb_fname_dst->base_name must be the same as
6634 smb_fname_src->base_name. */
6635 TALLOC_FREE(smb_fname_dst->base_name);
6636 smb_fname_dst->base_name = talloc_strdup(smb_fname_dst,
6637 smb_fname_src->base_name);
6638 if (!smb_fname_dst->base_name) {
6639 reply_nterror(req, NT_STATUS_NO_MEMORY);
6644 DEBUG(3,("reply_mv : %s -> %s\n", smb_fname_str_dbg(smb_fname_src),
6645 smb_fname_str_dbg(smb_fname_dst)));
6647 status = rename_internals(ctx, conn, req, smb_fname_src, smb_fname_dst,
6648 attrs, False, src_has_wcard, dest_has_wcard,
6650 if (!NT_STATUS_IS_OK(status)) {
6651 if (open_was_deferred(req->mid)) {
6652 /* We have re-scheduled this call. */
6655 reply_nterror(req, status);
6659 reply_outbuf(req, 0, 0);
6661 TALLOC_FREE(smb_fname_src);
6662 TALLOC_FREE(smb_fname_dst);
6667 /*******************************************************************
6668 Copy a file as part of a reply_copy.
6669 ******************************************************************/
6672 * TODO: check error codes on all callers
6675 NTSTATUS copy_file(TALLOC_CTX *ctx,
6676 connection_struct *conn,
6677 struct smb_filename *smb_fname_src,
6678 struct smb_filename *smb_fname_dst,
6681 bool target_is_directory)
6683 struct smb_filename *smb_fname_dst_tmp = NULL;
6685 files_struct *fsp1,*fsp2;
6687 uint32 new_create_disposition;
6691 status = copy_smb_filename(ctx, smb_fname_dst, &smb_fname_dst_tmp);
6692 if (!NT_STATUS_IS_OK(status)) {
6697 * If the target is a directory, extract the last component from the
6698 * src filename and append it to the dst filename
6700 if (target_is_directory) {
6703 /* dest/target can't be a stream if it's a directory. */
6704 SMB_ASSERT(smb_fname_dst->stream_name == NULL);
6706 p = strrchr_m(smb_fname_src->base_name,'/');
6710 p = smb_fname_src->base_name;
6712 smb_fname_dst_tmp->base_name =
6713 talloc_asprintf_append(smb_fname_dst_tmp->base_name, "/%s",
6715 if (!smb_fname_dst_tmp->base_name) {
6716 status = NT_STATUS_NO_MEMORY;
6721 status = vfs_file_exist(conn, smb_fname_src);
6722 if (!NT_STATUS_IS_OK(status)) {
6726 if (!target_is_directory && count) {
6727 new_create_disposition = FILE_OPEN;
6729 if (!map_open_params_to_ntcreate(smb_fname_dst_tmp, 0, ofun,
6731 &new_create_disposition,
6734 status = NT_STATUS_INVALID_PARAMETER;
6739 /* Open the src file for reading. */
6740 status = SMB_VFS_CREATE_FILE(
6743 0, /* root_dir_fid */
6744 smb_fname_src, /* fname */
6745 FILE_GENERIC_READ, /* access_mask */
6746 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6747 FILE_OPEN, /* create_disposition*/
6748 0, /* create_options */
6749 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6750 INTERNAL_OPEN_ONLY, /* oplock_request */
6751 0, /* allocation_size */
6752 0, /* private_flags */
6758 if (!NT_STATUS_IS_OK(status)) {
6762 dosattrs = dos_mode(conn, smb_fname_src);
6764 if (SMB_VFS_STAT(conn, smb_fname_dst_tmp) == -1) {
6765 ZERO_STRUCTP(&smb_fname_dst_tmp->st);
6768 /* Open the dst file for writing. */
6769 status = SMB_VFS_CREATE_FILE(
6772 0, /* root_dir_fid */
6773 smb_fname_dst, /* fname */
6774 FILE_GENERIC_WRITE, /* access_mask */
6775 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6776 new_create_disposition, /* create_disposition*/
6777 0, /* create_options */
6778 dosattrs, /* file_attributes */
6779 INTERNAL_OPEN_ONLY, /* oplock_request */
6780 0, /* allocation_size */
6781 0, /* private_flags */
6787 if (!NT_STATUS_IS_OK(status)) {
6788 close_file(NULL, fsp1, ERROR_CLOSE);
6792 if (ofun & OPENX_FILE_EXISTS_OPEN) {
6793 ret = SMB_VFS_LSEEK(fsp2, 0, SEEK_END);
6795 DEBUG(0, ("error - vfs lseek returned error %s\n",
6797 status = map_nt_error_from_unix(errno);
6798 close_file(NULL, fsp1, ERROR_CLOSE);
6799 close_file(NULL, fsp2, ERROR_CLOSE);
6804 /* Do the actual copy. */
6805 if (smb_fname_src->st.st_ex_size) {
6806 ret = vfs_transfer_file(fsp1, fsp2, smb_fname_src->st.st_ex_size);
6811 close_file(NULL, fsp1, NORMAL_CLOSE);
6813 /* Ensure the modtime is set correctly on the destination file. */
6814 set_close_write_time(fsp2, smb_fname_src->st.st_ex_mtime);
6817 * As we are opening fsp1 read-only we only expect
6818 * an error on close on fsp2 if we are out of space.
6819 * Thus we don't look at the error return from the
6822 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6824 if (!NT_STATUS_IS_OK(status)) {
6828 if (ret != (SMB_OFF_T)smb_fname_src->st.st_ex_size) {
6829 status = NT_STATUS_DISK_FULL;
6833 status = NT_STATUS_OK;
6836 TALLOC_FREE(smb_fname_dst_tmp);
6840 /****************************************************************************
6841 Reply to a file copy.
6842 ****************************************************************************/
6844 void reply_copy(struct smb_request *req)
6846 connection_struct *conn = req->conn;
6847 struct smb_filename *smb_fname_src = NULL;
6848 struct smb_filename *smb_fname_dst = NULL;
6849 char *fname_src = NULL;
6850 char *fname_dst = NULL;
6851 char *fname_src_mask = NULL;
6852 char *fname_src_dir = NULL;
6855 int error = ERRnoaccess;
6859 bool target_is_directory=False;
6860 bool source_has_wild = False;
6861 bool dest_has_wild = False;
6863 TALLOC_CTX *ctx = talloc_tos();
6865 START_PROFILE(SMBcopy);
6868 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6872 tid2 = SVAL(req->vwv+0, 0);
6873 ofun = SVAL(req->vwv+1, 0);
6874 flags = SVAL(req->vwv+2, 0);
6876 p = (const char *)req->buf;
6877 p += srvstr_get_path_req_wcard(ctx, req, &fname_src, p, STR_TERMINATE,
6878 &status, &source_has_wild);
6879 if (!NT_STATUS_IS_OK(status)) {
6880 reply_nterror(req, status);
6883 p += srvstr_get_path_req_wcard(ctx, req, &fname_dst, p, STR_TERMINATE,
6884 &status, &dest_has_wild);
6885 if (!NT_STATUS_IS_OK(status)) {
6886 reply_nterror(req, status);
6890 DEBUG(3,("reply_copy : %s -> %s\n", fname_src, fname_dst));
6892 if (tid2 != conn->cnum) {
6893 /* can't currently handle inter share copies XXXX */
6894 DEBUG(3,("Rejecting inter-share copy\n"));
6895 reply_nterror(req, NT_STATUS_BAD_DEVICE_TYPE);
6899 status = filename_convert(ctx, conn,
6900 req->flags2 & FLAGS2_DFS_PATHNAMES,
6902 UCF_COND_ALLOW_WCARD_LCOMP,
6905 if (!NT_STATUS_IS_OK(status)) {
6906 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6907 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6908 ERRSRV, ERRbadpath);
6911 reply_nterror(req, status);
6915 status = filename_convert(ctx, conn,
6916 req->flags2 & FLAGS2_DFS_PATHNAMES,
6918 UCF_COND_ALLOW_WCARD_LCOMP,
6921 if (!NT_STATUS_IS_OK(status)) {
6922 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6923 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6924 ERRSRV, ERRbadpath);
6927 reply_nterror(req, status);
6931 target_is_directory = VALID_STAT_OF_DIR(smb_fname_dst->st);
6933 if ((flags&1) && target_is_directory) {
6934 reply_nterror(req, NT_STATUS_NO_SUCH_FILE);
6938 if ((flags&2) && !target_is_directory) {
6939 reply_nterror(req, NT_STATUS_OBJECT_PATH_NOT_FOUND);
6943 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(smb_fname_src->st)) {
6944 /* wants a tree copy! XXXX */
6945 DEBUG(3,("Rejecting tree copy\n"));
6946 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6950 /* Split up the directory from the filename/mask. */
6951 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6952 &fname_src_dir, &fname_src_mask);
6953 if (!NT_STATUS_IS_OK(status)) {
6954 reply_nterror(req, NT_STATUS_NO_MEMORY);
6959 * We should only check the mangled cache
6960 * here if unix_convert failed. This means
6961 * that the path in 'mask' doesn't exist
6962 * on the file system and so we need to look
6963 * for a possible mangle. This patch from
6964 * Tine Smukavec <valentin.smukavec@hermes.si>.
6966 if (!VALID_STAT(smb_fname_src->st) &&
6967 mangle_is_mangled(fname_src_mask, conn->params)) {
6968 char *new_mask = NULL;
6969 mangle_lookup_name_from_8_3(ctx, fname_src_mask,
6970 &new_mask, conn->params);
6972 /* Use demangled name if one was successfully found. */
6974 TALLOC_FREE(fname_src_mask);
6975 fname_src_mask = new_mask;
6979 if (!source_has_wild) {
6982 * Only one file needs to be copied. Append the mask back onto
6985 TALLOC_FREE(smb_fname_src->base_name);
6986 if (ISDOT(fname_src_dir)) {
6987 /* Ensure we use canonical names on open. */
6988 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6992 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6997 if (!smb_fname_src->base_name) {
6998 reply_nterror(req, NT_STATUS_NO_MEMORY);
7002 if (dest_has_wild) {
7003 char *fname_dst_mod = NULL;
7004 if (!resolve_wildcards(smb_fname_dst,
7005 smb_fname_src->base_name,
7006 smb_fname_dst->base_name,
7008 reply_nterror(req, NT_STATUS_NO_MEMORY);
7011 TALLOC_FREE(smb_fname_dst->base_name);
7012 smb_fname_dst->base_name = fname_dst_mod;
7015 status = check_name(conn, smb_fname_src->base_name);
7016 if (!NT_STATUS_IS_OK(status)) {
7017 reply_nterror(req, status);
7021 status = check_name(conn, smb_fname_dst->base_name);
7022 if (!NT_STATUS_IS_OK(status)) {
7023 reply_nterror(req, status);
7027 status = copy_file(ctx, conn, smb_fname_src, smb_fname_dst,
7028 ofun, count, target_is_directory);
7030 if(!NT_STATUS_IS_OK(status)) {
7031 reply_nterror(req, status);
7037 struct smb_Dir *dir_hnd = NULL;
7038 const char *dname = NULL;
7039 char *talloced = NULL;
7043 * There is a wildcard that requires us to actually read the
7044 * src dir and copy each file matching the mask to the dst.
7045 * Right now streams won't be copied, but this could
7046 * presumably be added with a nested loop for reach dir entry.
7048 SMB_ASSERT(!smb_fname_src->stream_name);
7049 SMB_ASSERT(!smb_fname_dst->stream_name);
7051 smb_fname_src->stream_name = NULL;
7052 smb_fname_dst->stream_name = NULL;
7054 if (strequal(fname_src_mask,"????????.???")) {
7055 TALLOC_FREE(fname_src_mask);
7056 fname_src_mask = talloc_strdup(ctx, "*");
7057 if (!fname_src_mask) {
7058 reply_nterror(req, NT_STATUS_NO_MEMORY);
7063 status = check_name(conn, fname_src_dir);
7064 if (!NT_STATUS_IS_OK(status)) {
7065 reply_nterror(req, status);
7069 dir_hnd = OpenDir(ctx, conn, fname_src_dir, fname_src_mask, 0);
7070 if (dir_hnd == NULL) {
7071 status = map_nt_error_from_unix(errno);
7072 reply_nterror(req, status);
7078 /* Iterate over the src dir copying each entry to the dst. */
7079 while ((dname = ReadDirName(dir_hnd, &offset,
7080 &smb_fname_src->st, &talloced))) {
7081 char *destname = NULL;
7083 if (ISDOT(dname) || ISDOTDOT(dname)) {
7084 TALLOC_FREE(talloced);
7088 if (!is_visible_file(conn, fname_src_dir, dname,
7089 &smb_fname_src->st, false)) {
7090 TALLOC_FREE(talloced);
7094 if(!mask_match(dname, fname_src_mask,
7095 conn->case_sensitive)) {
7096 TALLOC_FREE(talloced);
7100 error = ERRnoaccess;
7102 /* Get the src smb_fname struct setup. */
7103 TALLOC_FREE(smb_fname_src->base_name);
7104 if (ISDOT(fname_src_dir)) {
7105 /* Ensure we use canonical names on open. */
7106 smb_fname_src->base_name =
7107 talloc_asprintf(smb_fname_src, "%s",
7110 smb_fname_src->base_name =
7111 talloc_asprintf(smb_fname_src, "%s/%s",
7112 fname_src_dir, dname);
7115 if (!smb_fname_src->base_name) {
7116 TALLOC_FREE(dir_hnd);
7117 TALLOC_FREE(talloced);
7118 reply_nterror(req, NT_STATUS_NO_MEMORY);
7122 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
7123 smb_fname_dst->base_name,
7125 TALLOC_FREE(talloced);
7129 TALLOC_FREE(dir_hnd);
7130 TALLOC_FREE(talloced);
7131 reply_nterror(req, NT_STATUS_NO_MEMORY);
7135 TALLOC_FREE(smb_fname_dst->base_name);
7136 smb_fname_dst->base_name = destname;
7138 status = check_name(conn, smb_fname_src->base_name);
7139 if (!NT_STATUS_IS_OK(status)) {
7140 TALLOC_FREE(dir_hnd);
7141 TALLOC_FREE(talloced);
7142 reply_nterror(req, status);
7146 status = check_name(conn, smb_fname_dst->base_name);
7147 if (!NT_STATUS_IS_OK(status)) {
7148 TALLOC_FREE(dir_hnd);
7149 TALLOC_FREE(talloced);
7150 reply_nterror(req, status);
7154 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",
7155 smb_fname_src->base_name,
7156 smb_fname_dst->base_name));
7158 status = copy_file(ctx, conn, smb_fname_src,
7159 smb_fname_dst, ofun, count,
7160 target_is_directory);
7161 if (NT_STATUS_IS_OK(status)) {
7165 TALLOC_FREE(talloced);
7167 TALLOC_FREE(dir_hnd);
7171 reply_nterror(req, dos_to_ntstatus(ERRDOS, error));
7175 reply_outbuf(req, 1, 0);
7176 SSVAL(req->outbuf,smb_vwv0,count);
7178 TALLOC_FREE(smb_fname_src);
7179 TALLOC_FREE(smb_fname_dst);
7180 TALLOC_FREE(fname_src);
7181 TALLOC_FREE(fname_dst);
7182 TALLOC_FREE(fname_src_mask);
7183 TALLOC_FREE(fname_src_dir);
7185 END_PROFILE(SMBcopy);
7190 #define DBGC_CLASS DBGC_LOCKING
7192 /****************************************************************************
7193 Get a lock pid, dealing with large count requests.
7194 ****************************************************************************/
7196 uint64_t get_lock_pid(const uint8_t *data, int data_offset,
7197 bool large_file_format)
7199 if(!large_file_format)
7200 return (uint64_t)SVAL(data,SMB_LPID_OFFSET(data_offset));
7202 return (uint64_t)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
7205 /****************************************************************************
7206 Get a lock count, dealing with large count requests.
7207 ****************************************************************************/
7209 uint64_t get_lock_count(const uint8_t *data, int data_offset,
7210 bool large_file_format)
7214 if(!large_file_format) {
7215 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
7218 #if defined(HAVE_LONGLONG)
7219 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
7220 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
7221 #else /* HAVE_LONGLONG */
7224 * NT4.x seems to be broken in that it sends large file (64 bit)
7225 * lockingX calls even if the CAP_LARGE_FILES was *not*
7226 * negotiated. For boxes without large unsigned ints truncate the
7227 * lock count by dropping the top 32 bits.
7230 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
7231 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
7232 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
7233 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
7234 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
7237 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
7238 #endif /* HAVE_LONGLONG */
7244 #if !defined(HAVE_LONGLONG)
7245 /****************************************************************************
7246 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
7247 ****************************************************************************/
7249 static uint32 map_lock_offset(uint32 high, uint32 low)
7253 uint32 highcopy = high;
7256 * Try and find out how many significant bits there are in high.
7259 for(i = 0; highcopy; i++)
7263 * We use 31 bits not 32 here as POSIX
7264 * lock offsets may not be negative.
7267 mask = (~0) << (31 - i);
7270 return 0; /* Fail. */
7276 #endif /* !defined(HAVE_LONGLONG) */
7278 /****************************************************************************
7279 Get a lock offset, dealing with large offset requests.
7280 ****************************************************************************/
7282 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
7283 bool large_file_format, bool *err)
7285 uint64_t offset = 0;
7289 if(!large_file_format) {
7290 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
7293 #if defined(HAVE_LONGLONG)
7294 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
7295 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
7296 #else /* HAVE_LONGLONG */
7299 * NT4.x seems to be broken in that it sends large file (64 bit)
7300 * lockingX calls even if the CAP_LARGE_FILES was *not*
7301 * negotiated. For boxes without large unsigned ints mangle the
7302 * lock offset by mapping the top 32 bits onto the lower 32.
7305 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
7306 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7307 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
7310 if((new_low = map_lock_offset(high, low)) == 0) {
7312 return (uint64_t)-1;
7315 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
7316 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
7317 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
7318 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
7321 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7322 #endif /* HAVE_LONGLONG */
7328 NTSTATUS smbd_do_locking(struct smb_request *req,
7332 uint16_t num_ulocks,
7333 struct smbd_lock_element *ulocks,
7335 struct smbd_lock_element *locks,
7338 connection_struct *conn = req->conn;
7340 NTSTATUS status = NT_STATUS_OK;
7344 /* Data now points at the beginning of the list
7345 of smb_unlkrng structs */
7346 for(i = 0; i < (int)num_ulocks; i++) {
7347 struct smbd_lock_element *e = &ulocks[i];
7349 DEBUG(10,("smbd_do_locking: unlock start=%.0f, len=%.0f for "
7350 "pid %u, file %s\n",
7353 (unsigned int)e->smblctx,
7356 if (e->brltype != UNLOCK_LOCK) {
7357 /* this can only happen with SMB2 */
7358 return NT_STATUS_INVALID_PARAMETER;
7361 status = do_unlock(req->sconn->msg_ctx,
7368 DEBUG(10, ("smbd_do_locking: unlock returned %s\n",
7369 nt_errstr(status)));
7371 if (!NT_STATUS_IS_OK(status)) {
7376 /* Setup the timeout in seconds. */
7378 if (!lp_blocking_locks(SNUM(conn))) {
7382 /* Data now points at the beginning of the list
7383 of smb_lkrng structs */
7385 for(i = 0; i < (int)num_locks; i++) {
7386 struct smbd_lock_element *e = &locks[i];
7388 DEBUG(10,("smbd_do_locking: lock start=%.0f, len=%.0f for smblctx "
7389 "%llu, file %s timeout = %d\n",
7392 (unsigned long long)e->smblctx,
7396 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7397 struct blocking_lock_record *blr = NULL;
7399 if (num_locks > 1) {
7401 * MS-CIFS (2.2.4.32.1) states that a cancel is honored if and only
7402 * if the lock vector contains one entry. When given mutliple cancel
7403 * requests in a single PDU we expect the server to return an
7404 * error. Windows servers seem to accept the request but only
7405 * cancel the first lock.
7406 * JRA - Do what Windows does (tm) :-).
7410 /* MS-CIFS (2.2.4.32.1) behavior. */
7411 return NT_STATUS_DOS(ERRDOS,
7412 ERRcancelviolation);
7414 /* Windows behavior. */
7416 DEBUG(10,("smbd_do_locking: ignoring subsequent "
7417 "cancel request\n"));
7423 if (lp_blocking_locks(SNUM(conn))) {
7425 /* Schedule a message to ourselves to
7426 remove the blocking lock record and
7427 return the right error. */
7429 blr = blocking_lock_cancel_smb1(fsp,
7435 NT_STATUS_FILE_LOCK_CONFLICT);
7437 return NT_STATUS_DOS(
7439 ERRcancelviolation);
7442 /* Remove a matching pending lock. */
7443 status = do_lock_cancel(fsp,
7450 bool blocking_lock = timeout ? true : false;
7451 bool defer_lock = false;
7452 struct byte_range_lock *br_lck;
7453 uint64_t block_smblctx;
7455 br_lck = do_lock(req->sconn->msg_ctx,
7467 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
7468 /* Windows internal resolution for blocking locks seems
7469 to be about 200ms... Don't wait for less than that. JRA. */
7470 if (timeout != -1 && timeout < lp_lock_spin_time()) {
7471 timeout = lp_lock_spin_time();
7476 /* If a lock sent with timeout of zero would fail, and
7477 * this lock has been requested multiple times,
7478 * according to brl_lock_failed() we convert this
7479 * request to a blocking lock with a timeout of between
7480 * 150 - 300 milliseconds.
7482 * If lp_lock_spin_time() has been set to 0, we skip
7483 * this blocking retry and fail immediately.
7485 * Replacement for do_lock_spin(). JRA. */
7487 if (!req->sconn->using_smb2 &&
7488 br_lck && lp_blocking_locks(SNUM(conn)) &&
7489 lp_lock_spin_time() && !blocking_lock &&
7490 NT_STATUS_EQUAL((status),
7491 NT_STATUS_FILE_LOCK_CONFLICT))
7494 timeout = lp_lock_spin_time();
7497 if (br_lck && defer_lock) {
7499 * A blocking lock was requested. Package up
7500 * this smb into a queued request and push it
7501 * onto the blocking lock queue.
7503 if(push_blocking_lock_request(br_lck,
7514 TALLOC_FREE(br_lck);
7516 return NT_STATUS_OK;
7520 TALLOC_FREE(br_lck);
7523 if (!NT_STATUS_IS_OK(status)) {
7528 /* If any of the above locks failed, then we must unlock
7529 all of the previous locks (X/Open spec). */
7531 if (num_locks != 0 && !NT_STATUS_IS_OK(status)) {
7533 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7534 i = -1; /* we want to skip the for loop */
7538 * Ensure we don't do a remove on the lock that just failed,
7539 * as under POSIX rules, if we have a lock already there, we
7540 * will delete it (and we shouldn't) .....
7542 for(i--; i >= 0; i--) {
7543 struct smbd_lock_element *e = &locks[i];
7545 do_unlock(req->sconn->msg_ctx,
7555 DEBUG(3, ("smbd_do_locking: fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7556 fsp->fnum, (unsigned int)type, num_locks, num_ulocks));
7558 return NT_STATUS_OK;
7561 /****************************************************************************
7562 Reply to a lockingX request.
7563 ****************************************************************************/
7565 void reply_lockingX(struct smb_request *req)
7567 connection_struct *conn = req->conn;
7569 unsigned char locktype;
7570 unsigned char oplocklevel;
7575 const uint8_t *data;
7576 bool large_file_format;
7578 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
7579 struct smbd_lock_element *ulocks;
7580 struct smbd_lock_element *locks;
7583 START_PROFILE(SMBlockingX);
7586 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7587 END_PROFILE(SMBlockingX);
7591 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
7592 locktype = CVAL(req->vwv+3, 0);
7593 oplocklevel = CVAL(req->vwv+3, 1);
7594 num_ulocks = SVAL(req->vwv+6, 0);
7595 num_locks = SVAL(req->vwv+7, 0);
7596 lock_timeout = IVAL(req->vwv+4, 0);
7597 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
7599 if (!check_fsp(conn, req, fsp)) {
7600 END_PROFILE(SMBlockingX);
7606 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
7607 /* we don't support these - and CANCEL_LOCK makes w2k
7608 and XP reboot so I don't really want to be
7609 compatible! (tridge) */
7610 reply_force_doserror(req, ERRDOS, ERRnoatomiclocks);
7611 END_PROFILE(SMBlockingX);
7615 /* Check if this is an oplock break on a file
7616 we have granted an oplock on.
7618 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
7619 /* Client can insist on breaking to none. */
7620 bool break_to_none = (oplocklevel == 0);
7623 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
7624 "for fnum = %d\n", (unsigned int)oplocklevel,
7628 * Make sure we have granted an exclusive or batch oplock on
7632 if (fsp->oplock_type == 0) {
7634 /* The Samba4 nbench simulator doesn't understand
7635 the difference between break to level2 and break
7636 to none from level2 - it sends oplock break
7637 replies in both cases. Don't keep logging an error
7638 message here - just ignore it. JRA. */
7640 DEBUG(5,("reply_lockingX: Error : oplock break from "
7641 "client for fnum = %d (oplock=%d) and no "
7642 "oplock granted on this file (%s).\n",
7643 fsp->fnum, fsp->oplock_type,
7646 /* if this is a pure oplock break request then don't
7648 if (num_locks == 0 && num_ulocks == 0) {
7649 END_PROFILE(SMBlockingX);
7652 END_PROFILE(SMBlockingX);
7653 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
7658 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
7660 result = remove_oplock(fsp);
7662 result = downgrade_oplock(fsp);
7666 DEBUG(0, ("reply_lockingX: error in removing "
7667 "oplock on file %s\n", fsp_str_dbg(fsp)));
7668 /* Hmmm. Is this panic justified? */
7669 smb_panic("internal tdb error");
7672 reply_to_oplock_break_requests(fsp);
7674 /* if this is a pure oplock break request then don't send a
7676 if (num_locks == 0 && num_ulocks == 0) {
7677 /* Sanity check - ensure a pure oplock break is not a
7679 if(CVAL(req->vwv+0, 0) != 0xff)
7680 DEBUG(0,("reply_lockingX: Error : pure oplock "
7681 "break is a chained %d request !\n",
7682 (unsigned int)CVAL(req->vwv+0, 0)));
7683 END_PROFILE(SMBlockingX);
7689 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
7690 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7691 END_PROFILE(SMBlockingX);
7695 ulocks = talloc_array(req, struct smbd_lock_element, num_ulocks);
7696 if (ulocks == NULL) {
7697 reply_nterror(req, NT_STATUS_NO_MEMORY);
7698 END_PROFILE(SMBlockingX);
7702 locks = talloc_array(req, struct smbd_lock_element, num_locks);
7703 if (locks == NULL) {
7704 reply_nterror(req, NT_STATUS_NO_MEMORY);
7705 END_PROFILE(SMBlockingX);
7709 /* Data now points at the beginning of the list
7710 of smb_unlkrng structs */
7711 for(i = 0; i < (int)num_ulocks; i++) {
7712 ulocks[i].smblctx = get_lock_pid(data, i, large_file_format);
7713 ulocks[i].count = get_lock_count(data, i, large_file_format);
7714 ulocks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7715 ulocks[i].brltype = UNLOCK_LOCK;
7718 * There is no error code marked "stupid client bug".... :-).
7721 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7722 END_PROFILE(SMBlockingX);
7727 /* Now do any requested locks */
7728 data += ((large_file_format ? 20 : 10)*num_ulocks);
7730 /* Data now points at the beginning of the list
7731 of smb_lkrng structs */
7733 for(i = 0; i < (int)num_locks; i++) {
7734 locks[i].smblctx = get_lock_pid(data, i, large_file_format);
7735 locks[i].count = get_lock_count(data, i, large_file_format);
7736 locks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7738 if (locktype & LOCKING_ANDX_SHARED_LOCK) {
7739 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7740 locks[i].brltype = PENDING_READ_LOCK;
7742 locks[i].brltype = READ_LOCK;
7745 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7746 locks[i].brltype = PENDING_WRITE_LOCK;
7748 locks[i].brltype = WRITE_LOCK;
7753 * There is no error code marked "stupid client bug".... :-).
7756 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7757 END_PROFILE(SMBlockingX);
7762 status = smbd_do_locking(req, fsp,
7763 locktype, lock_timeout,
7767 if (!NT_STATUS_IS_OK(status)) {
7768 END_PROFILE(SMBlockingX);
7769 reply_nterror(req, status);
7773 END_PROFILE(SMBlockingX);
7777 reply_outbuf(req, 2, 0);
7779 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7780 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7782 END_PROFILE(SMBlockingX);
7787 #define DBGC_CLASS DBGC_ALL
7789 /****************************************************************************
7790 Reply to a SMBreadbmpx (read block multiplex) request.
7791 Always reply with an error, if someone has a platform really needs this,
7792 please contact vl@samba.org
7793 ****************************************************************************/
7795 void reply_readbmpx(struct smb_request *req)
7797 START_PROFILE(SMBreadBmpx);
7798 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7799 END_PROFILE(SMBreadBmpx);
7803 /****************************************************************************
7804 Reply to a SMBreadbs (read block multiplex secondary) request.
7805 Always reply with an error, if someone has a platform really needs this,
7806 please contact vl@samba.org
7807 ****************************************************************************/
7809 void reply_readbs(struct smb_request *req)
7811 START_PROFILE(SMBreadBs);
7812 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7813 END_PROFILE(SMBreadBs);
7817 /****************************************************************************
7818 Reply to a SMBsetattrE.
7819 ****************************************************************************/
7821 void reply_setattrE(struct smb_request *req)
7823 connection_struct *conn = req->conn;
7824 struct smb_file_time ft;
7828 START_PROFILE(SMBsetattrE);
7832 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7836 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7838 if(!fsp || (fsp->conn != conn)) {
7839 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7844 * Convert the DOS times into unix times.
7847 ft.atime = convert_time_t_to_timespec(
7848 srv_make_unix_date2(req->vwv+3));
7849 ft.mtime = convert_time_t_to_timespec(
7850 srv_make_unix_date2(req->vwv+5));
7851 ft.create_time = convert_time_t_to_timespec(
7852 srv_make_unix_date2(req->vwv+1));
7854 reply_outbuf(req, 0, 0);
7857 * Patch from Ray Frush <frush@engr.colostate.edu>
7858 * Sometimes times are sent as zero - ignore them.
7861 /* Ensure we have a valid stat struct for the source. */
7862 status = vfs_stat_fsp(fsp);
7863 if (!NT_STATUS_IS_OK(status)) {
7864 reply_nterror(req, status);
7868 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &ft, true);
7869 if (!NT_STATUS_IS_OK(status)) {
7870 reply_nterror(req, status);
7874 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7877 (unsigned int)ft.atime.tv_sec,
7878 (unsigned int)ft.mtime.tv_sec,
7879 (unsigned int)ft.create_time.tv_sec
7882 END_PROFILE(SMBsetattrE);
7887 /* Back from the dead for OS/2..... JRA. */
7889 /****************************************************************************
7890 Reply to a SMBwritebmpx (write block multiplex primary) request.
7891 Always reply with an error, if someone has a platform really needs this,
7892 please contact vl@samba.org
7893 ****************************************************************************/
7895 void reply_writebmpx(struct smb_request *req)
7897 START_PROFILE(SMBwriteBmpx);
7898 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7899 END_PROFILE(SMBwriteBmpx);
7903 /****************************************************************************
7904 Reply to a SMBwritebs (write block multiplex secondary) request.
7905 Always reply with an error, if someone has a platform really needs this,
7906 please contact vl@samba.org
7907 ****************************************************************************/
7909 void reply_writebs(struct smb_request *req)
7911 START_PROFILE(SMBwriteBs);
7912 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7913 END_PROFILE(SMBwriteBs);
7917 /****************************************************************************
7918 Reply to a SMBgetattrE.
7919 ****************************************************************************/
7921 void reply_getattrE(struct smb_request *req)
7923 connection_struct *conn = req->conn;
7926 struct timespec create_ts;
7928 START_PROFILE(SMBgetattrE);
7931 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7932 END_PROFILE(SMBgetattrE);
7936 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7938 if(!fsp || (fsp->conn != conn)) {
7939 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7940 END_PROFILE(SMBgetattrE);
7944 /* Do an fstat on this file */
7946 reply_nterror(req, map_nt_error_from_unix(errno));
7947 END_PROFILE(SMBgetattrE);
7951 mode = dos_mode(conn, fsp->fsp_name);
7954 * Convert the times into dos times. Set create
7955 * date to be last modify date as UNIX doesn't save
7959 reply_outbuf(req, 11, 0);
7961 create_ts = get_create_timespec(conn, fsp, fsp->fsp_name);
7962 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7963 srv_put_dos_date2((char *)req->outbuf, smb_vwv2,
7964 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_atime));
7965 /* Should we check pending modtime here ? JRA */
7966 srv_put_dos_date2((char *)req->outbuf, smb_vwv4,
7967 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_mtime));
7970 SIVAL(req->outbuf, smb_vwv6, 0);
7971 SIVAL(req->outbuf, smb_vwv8, 0);
7973 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &fsp->fsp_name->st);
7974 SIVAL(req->outbuf, smb_vwv6, (uint32)fsp->fsp_name->st.st_ex_size);
7975 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7977 SSVAL(req->outbuf,smb_vwv10, mode);
7979 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7981 END_PROFILE(SMBgetattrE);