2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "smbd/globals.h"
30 extern enum protocol_types Protocol;
32 /****************************************************************************
33 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
34 path or anything including wildcards.
35 We're assuming here that '/' is not the second byte in any multibyte char
36 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
38 ****************************************************************************/
40 /* Custom version for processing POSIX paths. */
41 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
43 static NTSTATUS check_path_syntax_internal(char *path,
45 bool *p_last_component_contains_wcard)
49 NTSTATUS ret = NT_STATUS_OK;
50 bool start_of_name_component = True;
51 bool stream_started = false;
53 *p_last_component_contains_wcard = False;
60 return NT_STATUS_OBJECT_NAME_INVALID;
63 return NT_STATUS_OBJECT_NAME_INVALID;
65 if (strchr_m(&s[1], ':')) {
66 return NT_STATUS_OBJECT_NAME_INVALID;
68 if (StrCaseCmp(s, ":$DATA") != 0) {
69 return NT_STATUS_INVALID_PARAMETER;
75 if (!posix_path && !stream_started && *s == ':') {
76 if (*p_last_component_contains_wcard) {
77 return NT_STATUS_OBJECT_NAME_INVALID;
79 /* Stream names allow more characters than file names.
80 We're overloading posix_path here to allow a wider
81 range of characters. If stream_started is true this
82 is still a Windows path even if posix_path is true.
85 stream_started = true;
86 start_of_name_component = false;
90 return NT_STATUS_OBJECT_NAME_INVALID;
94 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
96 * Safe to assume is not the second part of a mb char
97 * as this is handled below.
99 /* Eat multiple '/' or '\\' */
100 while (IS_PATH_SEP(*s,posix_path)) {
103 if ((d != path) && (*s != '\0')) {
104 /* We only care about non-leading or trailing '/' or '\\' */
108 start_of_name_component = True;
110 *p_last_component_contains_wcard = False;
114 if (start_of_name_component) {
115 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
116 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
119 * No mb char starts with '.' so we're safe checking the directory separator here.
122 /* If we just added a '/' - delete it */
123 if ((d > path) && (*(d-1) == '/')) {
128 /* Are we at the start ? Can't go back further if so. */
130 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
133 /* Go back one level... */
134 /* We know this is safe as '/' cannot be part of a mb sequence. */
135 /* NOTE - if this assumption is invalid we are not in good shape... */
136 /* Decrement d first as d points to the *next* char to write into. */
137 for (d--; d > path; d--) {
141 s += 2; /* Else go past the .. */
142 /* We're still at the start of a name component, just the previous one. */
145 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
157 if (*s <= 0x1f || *s == '|') {
158 return NT_STATUS_OBJECT_NAME_INVALID;
166 *p_last_component_contains_wcard = True;
175 /* Get the size of the next MB character. */
176 next_codepoint(s,&siz);
194 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
196 return NT_STATUS_INVALID_PARAMETER;
199 start_of_name_component = False;
207 /****************************************************************************
208 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
209 No wildcards allowed.
210 ****************************************************************************/
212 NTSTATUS check_path_syntax(char *path)
215 return check_path_syntax_internal(path, False, &ignore);
218 /****************************************************************************
219 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
220 Wildcards allowed - p_contains_wcard returns true if the last component contained
222 ****************************************************************************/
224 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
226 return check_path_syntax_internal(path, False, p_contains_wcard);
229 /****************************************************************************
230 Check the path for a POSIX client.
231 We're assuming here that '/' is not the second byte in any multibyte char
232 set (a safe assumption).
233 ****************************************************************************/
235 NTSTATUS check_path_syntax_posix(char *path)
238 return check_path_syntax_internal(path, True, &ignore);
241 /****************************************************************************
242 Pull a string and check the path allowing a wilcard - provide for error return.
243 ****************************************************************************/
245 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
246 const char *base_ptr,
253 bool *contains_wcard)
259 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
263 *err = NT_STATUS_INVALID_PARAMETER;
267 *contains_wcard = False;
269 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err = check_path_syntax_posix(*pp_dest);
281 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
287 /****************************************************************************
288 Pull a string and check the path - provide for error return.
289 ****************************************************************************/
291 size_t srvstr_get_path(TALLOC_CTX *ctx,
292 const char *base_ptr,
301 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
302 src_len, flags, err, &ignore);
305 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
306 char **pp_dest, const char *src, int flags,
307 NTSTATUS *err, bool *contains_wcard)
309 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
310 pp_dest, src, smbreq_bufrem(req, src),
311 flags, err, contains_wcard);
314 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
315 char **pp_dest, const char *src, int flags,
319 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
320 flags, err, &ignore);
323 /****************************************************************************
324 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
325 ****************************************************************************/
327 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
330 if (!(fsp) || !(conn)) {
331 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
334 if (((conn) != (fsp)->conn) || req->vuid != (fsp)->vuid) {
335 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
341 /****************************************************************************
342 Check if we have a correct fsp pointing to a file.
343 ****************************************************************************/
345 bool check_fsp(connection_struct *conn, struct smb_request *req,
348 if (!check_fsp_open(conn, req, fsp)) {
351 if ((fsp)->is_directory) {
352 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
355 if ((fsp)->fh->fd == -1) {
356 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
359 (fsp)->num_smb_operations++;
363 /****************************************************************************
364 Check if we have a correct fsp pointing to a quota fake file. Replacement for
365 the CHECK_NTQUOTA_HANDLE_OK macro.
366 ****************************************************************************/
368 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
371 if (!check_fsp_open(conn, req, fsp)) {
375 if (fsp->is_directory) {
379 if (fsp->fake_file_handle == NULL) {
383 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
387 if (fsp->fake_file_handle->private_data == NULL) {
394 /****************************************************************************
395 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
396 ****************************************************************************/
398 bool fsp_belongs_conn(connection_struct *conn, struct smb_request *req,
401 if ((fsp) && (conn) && ((conn)==(fsp)->conn)
402 && (req->vuid == (fsp)->vuid)) {
406 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
410 static bool netbios_session_retarget(const char *name, int name_type)
413 char *trim_name_type;
414 const char *retarget_parm;
417 int retarget_type = 0x20;
418 int retarget_port = 139;
419 struct sockaddr_storage retarget_addr;
420 struct sockaddr_in *in_addr;
424 if (get_socket_port(smbd_server_fd()) != 139) {
428 trim_name = talloc_strdup(talloc_tos(), name);
429 if (trim_name == NULL) {
432 trim_char(trim_name, ' ', ' ');
434 trim_name_type = talloc_asprintf(trim_name, "%s#%2.2x", trim_name,
436 if (trim_name_type == NULL) {
440 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
441 trim_name_type, NULL);
442 if (retarget_parm == NULL) {
443 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
446 if (retarget_parm == NULL) {
450 retarget = talloc_strdup(trim_name, retarget_parm);
451 if (retarget == NULL) {
455 DEBUG(10, ("retargeting %s to %s\n", trim_name_type, retarget));
457 p = strchr(retarget, ':');
460 retarget_port = atoi(p);
463 p = strchr_m(retarget, '#');
466 sscanf(p, "%x", &retarget_type);
469 ret = resolve_name(retarget, &retarget_addr, retarget_type);
471 DEBUG(10, ("could not resolve %s\n", retarget));
475 if (retarget_addr.ss_family != AF_INET) {
476 DEBUG(10, ("Retarget target not an IPv4 addr\n"));
480 in_addr = (struct sockaddr_in *)(void *)&retarget_addr;
482 _smb_setlen(outbuf, 6);
483 SCVAL(outbuf, 0, 0x84);
484 *(uint32_t *)(outbuf+4) = in_addr->sin_addr.s_addr;
485 *(uint16_t *)(outbuf+8) = htons(retarget_port);
487 if (!srv_send_smb(smbd_server_fd(), (char *)outbuf, false, 0, false,
489 exit_server_cleanly("netbios_session_regarget: srv_send_smb "
495 TALLOC_FREE(trim_name);
499 /****************************************************************************
500 Reply to a (netbios-level) special message.
501 ****************************************************************************/
503 void reply_special(char *inbuf)
505 int msg_type = CVAL(inbuf,0);
506 int msg_flags = CVAL(inbuf,1);
508 char name_type1, name_type2;
509 struct smbd_server_connection *sconn = smbd_server_conn;
512 * We only really use 4 bytes of the outbuf, but for the smb_setlen
513 * calculation & friends (srv_send_smb uses that) we need the full smb
516 char outbuf[smb_size];
520 memset(outbuf, '\0', sizeof(outbuf));
522 smb_setlen(outbuf,0);
525 case 0x81: /* session request */
527 if (sconn->nbt.got_session) {
528 exit_server_cleanly("multiple session request not permitted");
531 SCVAL(outbuf,0,0x82);
533 if (name_len(inbuf+4) > 50 ||
534 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
535 DEBUG(0,("Invalid name length in session request\n"));
538 name_type1 = name_extract(inbuf,4,name1);
539 name_type2 = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
540 DEBUG(2,("netbios connect: name1=%s0x%x name2=%s0x%x\n",
541 name1, name_type1, name2, name_type2));
543 if (netbios_session_retarget(name1, name_type1)) {
544 exit_server_cleanly("retargeted client");
547 set_local_machine_name(name1, True);
548 set_remote_machine_name(name2, True);
550 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
551 get_local_machine_name(), get_remote_machine_name(),
554 if (name_type2 == 'R') {
555 /* We are being asked for a pathworks session ---
557 SCVAL(outbuf, 0,0x83);
561 /* only add the client's machine name to the list
562 of possibly valid usernames if we are operating
563 in share mode security */
564 if (lp_security() == SEC_SHARE) {
565 add_session_user(sconn, get_remote_machine_name());
568 reload_services(True);
571 sconn->nbt.got_session = true;
574 case 0x89: /* session keepalive request
575 (some old clients produce this?) */
576 SCVAL(outbuf,0,SMBkeepalive);
580 case 0x82: /* positive session response */
581 case 0x83: /* negative session response */
582 case 0x84: /* retarget session response */
583 DEBUG(0,("Unexpected session response\n"));
586 case SMBkeepalive: /* session keepalive */
591 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
592 msg_type, msg_flags));
594 srv_send_smb(smbd_server_fd(), outbuf, false, 0, false, NULL);
598 /****************************************************************************
600 conn POINTER CAN BE NULL HERE !
601 ****************************************************************************/
603 void reply_tcon(struct smb_request *req)
605 connection_struct *conn = req->conn;
607 char *service_buf = NULL;
608 char *password = NULL;
613 DATA_BLOB password_blob;
614 TALLOC_CTX *ctx = talloc_tos();
615 struct smbd_server_connection *sconn = smbd_server_conn;
617 START_PROFILE(SMBtcon);
619 if (req->buflen < 4) {
620 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
621 END_PROFILE(SMBtcon);
625 p = (const char *)req->buf + 1;
626 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
628 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
630 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
633 if (service_buf == NULL || password == NULL || dev == NULL) {
634 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
635 END_PROFILE(SMBtcon);
638 p = strrchr_m(service_buf,'\\');
642 service = service_buf;
645 password_blob = data_blob(password, pwlen+1);
647 conn = make_connection(sconn,service,password_blob,dev,
648 req->vuid,&nt_status);
651 data_blob_clear_free(&password_blob);
654 reply_nterror(req, nt_status);
655 END_PROFILE(SMBtcon);
659 reply_outbuf(req, 2, 0);
660 SSVAL(req->outbuf,smb_vwv0,sconn->smb1.negprot.max_recv);
661 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
662 SSVAL(req->outbuf,smb_tid,conn->cnum);
664 DEBUG(3,("tcon service=%s cnum=%d\n",
665 service, conn->cnum));
667 END_PROFILE(SMBtcon);
671 /****************************************************************************
672 Reply to a tcon and X.
673 conn POINTER CAN BE NULL HERE !
674 ****************************************************************************/
676 void reply_tcon_and_X(struct smb_request *req)
678 connection_struct *conn = req->conn;
679 const char *service = NULL;
681 TALLOC_CTX *ctx = talloc_tos();
682 /* what the cleint thinks the device is */
683 char *client_devicetype = NULL;
684 /* what the server tells the client the share represents */
685 const char *server_devicetype;
691 struct smbd_server_connection *sconn = smbd_server_conn;
693 START_PROFILE(SMBtconX);
696 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
697 END_PROFILE(SMBtconX);
701 passlen = SVAL(req->vwv+3, 0);
702 tcon_flags = SVAL(req->vwv+2, 0);
704 /* we might have to close an old one */
705 if ((tcon_flags & 0x1) && conn) {
706 close_cnum(sconn, conn,req->vuid);
711 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
712 reply_doserror(req, ERRDOS, ERRbuftoosmall);
713 END_PROFILE(SMBtconX);
717 if (sconn->smb1.negprot.encrypted_passwords) {
718 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
719 if (lp_security() == SEC_SHARE) {
721 * Security = share always has a pad byte
722 * after the password.
724 p = (const char *)req->buf + passlen + 1;
726 p = (const char *)req->buf + passlen;
729 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
730 /* Ensure correct termination */
731 password.data[passlen]=0;
732 p = (const char *)req->buf + passlen + 1;
735 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
738 data_blob_clear_free(&password);
739 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
740 END_PROFILE(SMBtconX);
745 * the service name can be either: \\server\share
746 * or share directly like on the DELL PowerVault 705
749 q = strchr_m(path+2,'\\');
751 data_blob_clear_free(&password);
752 reply_doserror(req, ERRDOS, ERRnosuchshare);
753 END_PROFILE(SMBtconX);
761 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
762 &client_devicetype, p,
763 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
765 if (client_devicetype == NULL) {
766 data_blob_clear_free(&password);
767 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
768 END_PROFILE(SMBtconX);
772 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
774 conn = make_connection(sconn, service, password, client_devicetype,
775 req->vuid, &nt_status);
778 data_blob_clear_free(&password);
781 reply_nterror(req, nt_status);
782 END_PROFILE(SMBtconX);
787 server_devicetype = "IPC";
788 else if ( IS_PRINT(conn) )
789 server_devicetype = "LPT1:";
791 server_devicetype = "A:";
793 if (Protocol < PROTOCOL_NT1) {
794 reply_outbuf(req, 2, 0);
795 if (message_push_string(&req->outbuf, server_devicetype,
796 STR_TERMINATE|STR_ASCII) == -1) {
797 reply_nterror(req, NT_STATUS_NO_MEMORY);
798 END_PROFILE(SMBtconX);
802 /* NT sets the fstype of IPC$ to the null string */
803 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
805 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
806 /* Return permissions. */
810 reply_outbuf(req, 7, 0);
813 perm1 = FILE_ALL_ACCESS;
814 perm2 = FILE_ALL_ACCESS;
816 perm1 = CAN_WRITE(conn) ?
821 SIVAL(req->outbuf, smb_vwv3, perm1);
822 SIVAL(req->outbuf, smb_vwv5, perm2);
824 reply_outbuf(req, 3, 0);
827 if ((message_push_string(&req->outbuf, server_devicetype,
828 STR_TERMINATE|STR_ASCII) == -1)
829 || (message_push_string(&req->outbuf, fstype,
830 STR_TERMINATE) == -1)) {
831 reply_nterror(req, NT_STATUS_NO_MEMORY);
832 END_PROFILE(SMBtconX);
836 /* what does setting this bit do? It is set by NT4 and
837 may affect the ability to autorun mounted cdroms */
838 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
839 (lp_csc_policy(SNUM(conn)) << 2));
841 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
842 DEBUG(2,("Serving %s as a Dfs root\n",
843 lp_servicename(SNUM(conn)) ));
844 SSVAL(req->outbuf, smb_vwv2,
845 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
850 DEBUG(3,("tconX service=%s \n",
853 /* set the incoming and outgoing tid to the just created one */
854 SSVAL(req->inbuf,smb_tid,conn->cnum);
855 SSVAL(req->outbuf,smb_tid,conn->cnum);
857 END_PROFILE(SMBtconX);
863 /****************************************************************************
864 Reply to an unknown type.
865 ****************************************************************************/
867 void reply_unknown_new(struct smb_request *req, uint8 type)
869 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
870 smb_fn_name(type), type, type));
871 reply_doserror(req, ERRSRV, ERRunknownsmb);
875 /****************************************************************************
877 conn POINTER CAN BE NULL HERE !
878 ****************************************************************************/
880 void reply_ioctl(struct smb_request *req)
882 connection_struct *conn = req->conn;
889 START_PROFILE(SMBioctl);
892 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
893 END_PROFILE(SMBioctl);
897 device = SVAL(req->vwv+1, 0);
898 function = SVAL(req->vwv+2, 0);
899 ioctl_code = (device << 16) + function;
901 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
903 switch (ioctl_code) {
904 case IOCTL_QUERY_JOB_INFO:
908 reply_doserror(req, ERRSRV, ERRnosupport);
909 END_PROFILE(SMBioctl);
913 reply_outbuf(req, 8, replysize+1);
914 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
915 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
916 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
917 p = smb_buf(req->outbuf);
918 memset(p, '\0', replysize+1); /* valgrind-safe. */
919 p += 1; /* Allow for alignment */
921 switch (ioctl_code) {
922 case IOCTL_QUERY_JOB_INFO:
924 files_struct *fsp = file_fsp(
925 req, SVAL(req->vwv+0, 0));
927 reply_doserror(req, ERRDOS, ERRbadfid);
928 END_PROFILE(SMBioctl);
931 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
932 srvstr_push((char *)req->outbuf, req->flags2, p+2,
934 STR_TERMINATE|STR_ASCII);
936 srvstr_push((char *)req->outbuf, req->flags2,
937 p+18, lp_servicename(SNUM(conn)),
938 13, STR_TERMINATE|STR_ASCII);
946 END_PROFILE(SMBioctl);
950 /****************************************************************************
951 Strange checkpath NTSTATUS mapping.
952 ****************************************************************************/
954 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
956 /* Strange DOS error code semantics only for checkpath... */
957 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
958 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
959 /* We need to map to ERRbadpath */
960 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
966 /****************************************************************************
967 Reply to a checkpath.
968 ****************************************************************************/
970 void reply_checkpath(struct smb_request *req)
972 connection_struct *conn = req->conn;
973 struct smb_filename *smb_fname = NULL;
976 TALLOC_CTX *ctx = talloc_tos();
978 START_PROFILE(SMBcheckpath);
980 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
981 STR_TERMINATE, &status);
983 if (!NT_STATUS_IS_OK(status)) {
984 status = map_checkpath_error(req->flags2, status);
985 reply_nterror(req, status);
986 END_PROFILE(SMBcheckpath);
990 status = resolve_dfspath(ctx, conn,
991 req->flags2 & FLAGS2_DFS_PATHNAMES,
994 if (!NT_STATUS_IS_OK(status)) {
995 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
996 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
998 END_PROFILE(SMBcheckpath);
1004 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
1006 status = unix_convert(ctx, conn, name, &smb_fname, 0);
1007 if (!NT_STATUS_IS_OK(status)) {
1011 status = get_full_smb_filename(ctx, smb_fname, &name);
1012 if (!NT_STATUS_IS_OK(status)) {
1016 status = check_name(conn, name);
1017 if (!NT_STATUS_IS_OK(status)) {
1018 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
1022 if (!VALID_STAT(smb_fname->st) &&
1023 (SMB_VFS_STAT(conn, name, &smb_fname->st) != 0)) {
1024 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
1025 status = map_nt_error_from_unix(errno);
1029 if (!S_ISDIR(smb_fname->st.st_ex_mode)) {
1030 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
1031 ERRDOS, ERRbadpath);
1035 reply_outbuf(req, 0, 0);
1037 TALLOC_FREE(smb_fname);
1038 END_PROFILE(SMBcheckpath);
1043 TALLOC_FREE(smb_fname);
1045 END_PROFILE(SMBcheckpath);
1047 /* We special case this - as when a Windows machine
1048 is parsing a path is steps through the components
1049 one at a time - if a component fails it expects
1050 ERRbadpath, not ERRbadfile.
1052 status = map_checkpath_error(req->flags2, status);
1053 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1055 * Windows returns different error codes if
1056 * the parent directory is valid but not the
1057 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
1058 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
1059 * if the path is invalid.
1061 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
1062 ERRDOS, ERRbadpath);
1066 reply_nterror(req, status);
1069 /****************************************************************************
1071 ****************************************************************************/
1073 void reply_getatr(struct smb_request *req)
1075 connection_struct *conn = req->conn;
1076 struct smb_filename *smb_fname = NULL;
1083 TALLOC_CTX *ctx = talloc_tos();
1085 START_PROFILE(SMBgetatr);
1087 p = (const char *)req->buf + 1;
1088 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1089 if (!NT_STATUS_IS_OK(status)) {
1090 reply_nterror(req, status);
1094 status = resolve_dfspath(ctx, conn,
1095 req->flags2 & FLAGS2_DFS_PATHNAMES,
1098 if (!NT_STATUS_IS_OK(status)) {
1099 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1100 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1101 ERRSRV, ERRbadpath);
1104 reply_nterror(req, status);
1108 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1109 under WfWg - weird! */
1110 if (*fname == '\0') {
1111 mode = aHIDDEN | aDIR;
1112 if (!CAN_WRITE(conn)) {
1118 status = unix_convert(ctx, conn, fname, &smb_fname, 0);
1119 if (!NT_STATUS_IS_OK(status)) {
1120 reply_nterror(req, status);
1123 status = get_full_smb_filename(ctx, smb_fname, &fname);
1124 if (!NT_STATUS_IS_OK(status)) {
1125 reply_nterror(req, status);
1128 status = check_name(conn, fname);
1129 if (!NT_STATUS_IS_OK(status)) {
1130 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
1131 reply_nterror(req, status);
1134 if (!VALID_STAT(smb_fname->st) &&
1135 (SMB_VFS_STAT(conn, fname, &smb_fname->st) != 0)) {
1136 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
1137 reply_unixerror(req, ERRDOS,ERRbadfile);
1141 mode = dos_mode(conn, fname, &smb_fname->st);
1142 size = smb_fname->st.st_ex_size;
1143 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1149 reply_outbuf(req, 10, 0);
1151 SSVAL(req->outbuf,smb_vwv0,mode);
1152 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1153 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1155 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1157 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1159 if (Protocol >= PROTOCOL_NT1) {
1160 SSVAL(req->outbuf, smb_flg2,
1161 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1164 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
1167 TALLOC_FREE(smb_fname);
1168 END_PROFILE(SMBgetatr);
1172 /****************************************************************************
1174 ****************************************************************************/
1176 void reply_setatr(struct smb_request *req)
1178 struct smb_file_time ft;
1179 connection_struct *conn = req->conn;
1180 struct smb_filename *smb_fname = NULL;
1186 TALLOC_CTX *ctx = talloc_tos();
1188 START_PROFILE(SMBsetatr);
1193 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1197 p = (const char *)req->buf + 1;
1198 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1199 if (!NT_STATUS_IS_OK(status)) {
1200 reply_nterror(req, status);
1204 status = resolve_dfspath(ctx, conn,
1205 req->flags2 & FLAGS2_DFS_PATHNAMES,
1208 if (!NT_STATUS_IS_OK(status)) {
1209 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1210 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1211 ERRSRV, ERRbadpath);
1214 reply_nterror(req, status);
1218 status = unix_convert(ctx, conn, fname, &smb_fname, 0);
1219 if (!NT_STATUS_IS_OK(status)) {
1220 reply_nterror(req, status);
1224 status = get_full_smb_filename(ctx, smb_fname, &fname);
1225 if (!NT_STATUS_IS_OK(status)) {
1226 reply_nterror(req, status);
1230 status = check_name(conn, fname);
1231 if (!NT_STATUS_IS_OK(status)) {
1232 reply_nterror(req, status);
1236 if (fname[0] == '.' && fname[1] == '\0') {
1238 * Not sure here is the right place to catch this
1239 * condition. Might be moved to somewhere else later -- vl
1241 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1245 mode = SVAL(req->vwv+0, 0);
1246 mtime = srv_make_unix_date3(req->vwv+1);
1248 ft.mtime = convert_time_t_to_timespec(mtime);
1249 status = smb_set_file_time(conn, NULL, fname,
1250 &smb_fname->st, &ft, true);
1251 if (!NT_STATUS_IS_OK(status)) {
1252 reply_unixerror(req, ERRDOS, ERRnoaccess);
1256 if (mode != FILE_ATTRIBUTE_NORMAL) {
1257 if (VALID_STAT_OF_DIR(smb_fname->st))
1262 if (file_set_dosmode(conn, fname, mode, &smb_fname->st, NULL,
1264 reply_unixerror(req, ERRDOS, ERRnoaccess);
1269 reply_outbuf(req, 0, 0);
1271 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1273 TALLOC_FREE(smb_fname);
1274 END_PROFILE(SMBsetatr);
1278 /****************************************************************************
1280 ****************************************************************************/
1282 void reply_dskattr(struct smb_request *req)
1284 connection_struct *conn = req->conn;
1285 uint64_t dfree,dsize,bsize;
1286 START_PROFILE(SMBdskattr);
1288 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1289 reply_unixerror(req, ERRHRD, ERRgeneral);
1290 END_PROFILE(SMBdskattr);
1294 reply_outbuf(req, 5, 0);
1296 if (Protocol <= PROTOCOL_LANMAN2) {
1297 double total_space, free_space;
1298 /* we need to scale this to a number that DOS6 can handle. We
1299 use floating point so we can handle large drives on systems
1300 that don't have 64 bit integers
1302 we end up displaying a maximum of 2G to DOS systems
1304 total_space = dsize * (double)bsize;
1305 free_space = dfree * (double)bsize;
1307 dsize = (uint64_t)((total_space+63*512) / (64*512));
1308 dfree = (uint64_t)((free_space+63*512) / (64*512));
1310 if (dsize > 0xFFFF) dsize = 0xFFFF;
1311 if (dfree > 0xFFFF) dfree = 0xFFFF;
1313 SSVAL(req->outbuf,smb_vwv0,dsize);
1314 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1315 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1316 SSVAL(req->outbuf,smb_vwv3,dfree);
1318 SSVAL(req->outbuf,smb_vwv0,dsize);
1319 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1320 SSVAL(req->outbuf,smb_vwv2,512);
1321 SSVAL(req->outbuf,smb_vwv3,dfree);
1324 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1326 END_PROFILE(SMBdskattr);
1331 * Utility function to split the filename from the directory.
1333 static NTSTATUS split_fname_dir_mask(TALLOC_CTX *ctx, const char *fname_in,
1334 char **fname_dir_out,
1335 char **fname_mask_out)
1337 const char *p = NULL;
1338 char *fname_dir = NULL;
1339 char *fname_mask = NULL;
1341 p = strrchr_m(fname_in, '/');
1343 fname_dir = talloc_strdup(ctx, ".");
1344 fname_mask = talloc_strdup(ctx, fname_in);
1346 fname_dir = talloc_strndup(ctx, fname_in,
1347 PTR_DIFF(p, fname_in));
1348 fname_mask = talloc_strdup(ctx, p+1);
1351 if (!fname_dir || !fname_mask) {
1352 TALLOC_FREE(fname_dir);
1353 TALLOC_FREE(fname_mask);
1354 return NT_STATUS_NO_MEMORY;
1357 *fname_dir_out = fname_dir;
1358 *fname_mask_out = fname_mask;
1359 return NT_STATUS_OK;
1362 /****************************************************************************
1364 Can be called from SMBsearch, SMBffirst or SMBfunique.
1365 ****************************************************************************/
1367 void reply_search(struct smb_request *req)
1369 connection_struct *conn = req->conn;
1370 const char *mask = NULL;
1371 char *directory = NULL;
1375 struct timespec date;
1377 unsigned int numentries = 0;
1378 unsigned int maxentries = 0;
1379 bool finished = False;
1385 bool check_descend = False;
1386 bool expect_close = False;
1388 bool mask_contains_wcard = False;
1389 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1390 TALLOC_CTX *ctx = talloc_tos();
1391 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1393 START_PROFILE(SMBsearch);
1396 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1397 END_PROFILE(SMBsearch);
1401 if (lp_posix_pathnames()) {
1402 reply_unknown_new(req, req->cmd);
1403 END_PROFILE(SMBsearch);
1407 /* If we were called as SMBffirst then we must expect close. */
1408 if(req->cmd == SMBffirst) {
1409 expect_close = True;
1412 reply_outbuf(req, 1, 3);
1413 maxentries = SVAL(req->vwv+0, 0);
1414 dirtype = SVAL(req->vwv+1, 0);
1415 p = (const char *)req->buf + 1;
1416 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1417 &nt_status, &mask_contains_wcard);
1418 if (!NT_STATUS_IS_OK(nt_status)) {
1419 reply_nterror(req, nt_status);
1420 END_PROFILE(SMBsearch);
1424 nt_status = resolve_dfspath_wcard(ctx, conn,
1425 req->flags2 & FLAGS2_DFS_PATHNAMES,
1428 &mask_contains_wcard);
1429 if (!NT_STATUS_IS_OK(nt_status)) {
1430 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1431 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1432 ERRSRV, ERRbadpath);
1433 END_PROFILE(SMBsearch);
1436 reply_nterror(req, nt_status);
1437 END_PROFILE(SMBsearch);
1442 status_len = SVAL(p, 0);
1445 /* dirtype &= ~aDIR; */
1447 if (status_len == 0) {
1448 struct smb_filename *smb_fname = NULL;
1450 nt_status = unix_convert(ctx, conn, path, &smb_fname,
1451 UCF_ALLOW_WCARD_LCOMP);
1452 if (!NT_STATUS_IS_OK(nt_status)) {
1453 reply_nterror(req, nt_status);
1454 END_PROFILE(SMBsearch);
1458 nt_status = get_full_smb_filename(ctx, smb_fname, &directory);
1459 TALLOC_FREE(smb_fname);
1460 if (!NT_STATUS_IS_OK(nt_status)) {
1461 reply_nterror(req, nt_status);
1462 END_PROFILE(SMBsearch);
1466 nt_status = check_name(conn, directory);
1467 if (!NT_STATUS_IS_OK(nt_status)) {
1468 reply_nterror(req, nt_status);
1469 END_PROFILE(SMBsearch);
1473 p = strrchr_m(directory,'/');
1474 if ((p != NULL) && (*directory != '/')) {
1476 directory = talloc_strndup(ctx, directory,
1477 PTR_DIFF(p, directory));
1480 directory = talloc_strdup(ctx,".");
1484 reply_nterror(req, NT_STATUS_NO_MEMORY);
1485 END_PROFILE(SMBsearch);
1489 memset((char *)status,'\0',21);
1490 SCVAL(status,0,(dirtype & 0x1F));
1492 nt_status = dptr_create(conn,
1498 mask_contains_wcard,
1501 if (!NT_STATUS_IS_OK(nt_status)) {
1502 reply_nterror(req, nt_status);
1503 END_PROFILE(SMBsearch);
1506 dptr_num = dptr_dnum(conn->dirptr);
1510 memcpy(status,p,21);
1511 status_dirtype = CVAL(status,0) & 0x1F;
1512 if (status_dirtype != (dirtype & 0x1F)) {
1513 dirtype = status_dirtype;
1516 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1517 if (!conn->dirptr) {
1520 string_set(&conn->dirpath,dptr_path(dptr_num));
1521 mask = dptr_wcard(dptr_num);
1526 * For a 'continue' search we have no string. So
1527 * check from the initial saved string.
1529 mask_contains_wcard = ms_has_wild(mask);
1530 dirtype = dptr_attr(dptr_num);
1533 DEBUG(4,("dptr_num is %d\n",dptr_num));
1535 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1536 dptr_init_search_op(conn->dirptr);
1538 if ((dirtype&0x1F) == aVOLID) {
1539 char buf[DIR_STRUCT_SIZE];
1540 memcpy(buf,status,21);
1541 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1542 0,aVOLID,0,!allow_long_path_components)) {
1543 reply_nterror(req, NT_STATUS_NO_MEMORY);
1544 END_PROFILE(SMBsearch);
1547 dptr_fill(buf+12,dptr_num);
1548 if (dptr_zero(buf+12) && (status_len==0)) {
1553 if (message_push_blob(&req->outbuf,
1554 data_blob_const(buf, sizeof(buf)))
1556 reply_nterror(req, NT_STATUS_NO_MEMORY);
1557 END_PROFILE(SMBsearch);
1565 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1568 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1569 conn->dirpath,lp_dontdescend(SNUM(conn))));
1570 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1571 check_descend = True;
1574 for (i=numentries;(i<maxentries) && !finished;i++) {
1575 finished = !get_dir_entry(ctx,
1586 char buf[DIR_STRUCT_SIZE];
1587 memcpy(buf,status,21);
1588 if (!make_dir_struct(ctx,
1594 convert_timespec_to_time_t(date),
1595 !allow_long_path_components)) {
1596 reply_nterror(req, NT_STATUS_NO_MEMORY);
1597 END_PROFILE(SMBsearch);
1600 if (!dptr_fill(buf+12,dptr_num)) {
1603 if (message_push_blob(&req->outbuf,
1604 data_blob_const(buf, sizeof(buf)))
1606 reply_nterror(req, NT_STATUS_NO_MEMORY);
1607 END_PROFILE(SMBsearch);
1617 /* If we were called as SMBffirst with smb_search_id == NULL
1618 and no entries were found then return error and close dirptr
1621 if (numentries == 0) {
1622 dptr_close(&dptr_num);
1623 } else if(expect_close && status_len == 0) {
1624 /* Close the dptr - we know it's gone */
1625 dptr_close(&dptr_num);
1628 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1629 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1630 dptr_close(&dptr_num);
1633 if ((numentries == 0) && !mask_contains_wcard) {
1634 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1635 END_PROFILE(SMBsearch);
1639 SSVAL(req->outbuf,smb_vwv0,numentries);
1640 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1641 SCVAL(smb_buf(req->outbuf),0,5);
1642 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1644 /* The replies here are never long name. */
1645 SSVAL(req->outbuf, smb_flg2,
1646 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1647 if (!allow_long_path_components) {
1648 SSVAL(req->outbuf, smb_flg2,
1649 SVAL(req->outbuf, smb_flg2)
1650 & (~FLAGS2_LONG_PATH_COMPONENTS));
1653 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1654 SSVAL(req->outbuf, smb_flg2,
1655 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1658 directory = dptr_path(dptr_num);
1661 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1662 smb_fn_name(req->cmd),
1664 directory ? directory : "./",
1669 END_PROFILE(SMBsearch);
1673 /****************************************************************************
1674 Reply to a fclose (stop directory search).
1675 ****************************************************************************/
1677 void reply_fclose(struct smb_request *req)
1685 bool path_contains_wcard = False;
1686 TALLOC_CTX *ctx = talloc_tos();
1688 START_PROFILE(SMBfclose);
1690 if (lp_posix_pathnames()) {
1691 reply_unknown_new(req, req->cmd);
1692 END_PROFILE(SMBfclose);
1696 p = (const char *)req->buf + 1;
1697 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1698 &err, &path_contains_wcard);
1699 if (!NT_STATUS_IS_OK(err)) {
1700 reply_nterror(req, err);
1701 END_PROFILE(SMBfclose);
1705 status_len = SVAL(p,0);
1708 if (status_len == 0) {
1709 reply_doserror(req, ERRSRV, ERRsrverror);
1710 END_PROFILE(SMBfclose);
1714 memcpy(status,p,21);
1716 if(dptr_fetch(status+12,&dptr_num)) {
1717 /* Close the dptr - we know it's gone */
1718 dptr_close(&dptr_num);
1721 reply_outbuf(req, 1, 0);
1722 SSVAL(req->outbuf,smb_vwv0,0);
1724 DEBUG(3,("search close\n"));
1726 END_PROFILE(SMBfclose);
1730 /****************************************************************************
1732 ****************************************************************************/
1734 void reply_open(struct smb_request *req)
1736 connection_struct *conn = req->conn;
1737 struct smb_filename *smb_fname = NULL;
1749 uint32 create_disposition;
1750 uint32 create_options = 0;
1752 TALLOC_CTX *ctx = talloc_tos();
1754 START_PROFILE(SMBopen);
1757 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1761 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1762 deny_mode = SVAL(req->vwv+0, 0);
1763 dos_attr = SVAL(req->vwv+1, 0);
1765 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1766 STR_TERMINATE, &status);
1767 if (!NT_STATUS_IS_OK(status)) {
1768 reply_nterror(req, status);
1772 status = resolve_dfspath(ctx,
1774 req->flags2 & FLAGS2_DFS_PATHNAMES,
1777 if (!NT_STATUS_IS_OK(status)) {
1778 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1779 reply_botherror(req,
1780 NT_STATUS_PATH_NOT_COVERED,
1781 ERRSRV, ERRbadpath);
1784 reply_nterror(req, status);
1788 status = unix_convert(ctx, conn, fname, &smb_fname, 0);
1789 if (!NT_STATUS_IS_OK(status)) {
1790 reply_nterror(req, status);
1794 if (!map_open_params_to_ntcreate(
1795 fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask,
1796 &share_mode, &create_disposition, &create_options)) {
1797 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1801 status = SMB_VFS_CREATE_FILE(
1804 0, /* root_dir_fid */
1805 smb_fname, /* fname */
1806 access_mask, /* access_mask */
1807 share_mode, /* share_access */
1808 create_disposition, /* create_disposition*/
1809 create_options, /* create_options */
1810 dos_attr, /* file_attributes */
1811 oplock_request, /* oplock_request */
1812 0, /* allocation_size */
1818 if (!NT_STATUS_IS_OK(status)) {
1819 if (open_was_deferred(req->mid)) {
1820 /* We have re-scheduled this call. */
1823 reply_openerror(req, status);
1827 size = smb_fname->st.st_ex_size;
1828 fattr = dos_mode(conn,fsp->fsp_name,&smb_fname->st);
1829 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1832 DEBUG(3,("attempt to open a directory %s\n",fsp->fsp_name));
1833 close_file(req, fsp, ERROR_CLOSE);
1834 reply_doserror(req, ERRDOS,ERRnoaccess);
1838 reply_outbuf(req, 7, 0);
1839 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1840 SSVAL(req->outbuf,smb_vwv1,fattr);
1841 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1842 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1844 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1846 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1847 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1849 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1850 SCVAL(req->outbuf,smb_flg,
1851 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1854 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1855 SCVAL(req->outbuf,smb_flg,
1856 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1859 TALLOC_FREE(smb_fname);
1860 END_PROFILE(SMBopen);
1864 /****************************************************************************
1865 Reply to an open and X.
1866 ****************************************************************************/
1868 void reply_open_and_X(struct smb_request *req)
1870 connection_struct *conn = req->conn;
1871 struct smb_filename *smb_fname = NULL;
1876 /* Breakout the oplock request bits so we can set the
1877 reply bits separately. */
1878 int ex_oplock_request;
1879 int core_oplock_request;
1882 int smb_sattr = SVAL(req->vwv+4, 0);
1883 uint32 smb_time = make_unix_date3(req->vwv+6);
1891 uint64_t allocation_size;
1892 ssize_t retval = -1;
1895 uint32 create_disposition;
1896 uint32 create_options = 0;
1897 TALLOC_CTX *ctx = talloc_tos();
1899 START_PROFILE(SMBopenX);
1901 if (req->wct < 15) {
1902 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1906 open_flags = SVAL(req->vwv+2, 0);
1907 deny_mode = SVAL(req->vwv+3, 0);
1908 smb_attr = SVAL(req->vwv+5, 0);
1909 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1910 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1911 oplock_request = ex_oplock_request | core_oplock_request;
1912 smb_ofun = SVAL(req->vwv+8, 0);
1913 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1915 /* If it's an IPC, pass off the pipe handler. */
1917 if (lp_nt_pipe_support()) {
1918 reply_open_pipe_and_X(conn, req);
1920 reply_doserror(req, ERRSRV, ERRaccess);
1925 /* XXXX we need to handle passed times, sattr and flags */
1926 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1927 STR_TERMINATE, &status);
1928 if (!NT_STATUS_IS_OK(status)) {
1929 reply_nterror(req, status);
1933 status = resolve_dfspath(ctx,
1935 req->flags2 & FLAGS2_DFS_PATHNAMES,
1938 if (!NT_STATUS_IS_OK(status)) {
1939 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1940 reply_botherror(req,
1941 NT_STATUS_PATH_NOT_COVERED,
1942 ERRSRV, ERRbadpath);
1945 reply_nterror(req, status);
1949 status = unix_convert(ctx, conn, fname, &smb_fname, 0);
1950 if (!NT_STATUS_IS_OK(status)) {
1951 reply_nterror(req, status);
1955 if (!map_open_params_to_ntcreate(
1956 fname, deny_mode, smb_ofun, &access_mask,
1957 &share_mode, &create_disposition, &create_options)) {
1958 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1962 status = SMB_VFS_CREATE_FILE(
1965 0, /* root_dir_fid */
1966 smb_fname, /* fname */
1967 access_mask, /* access_mask */
1968 share_mode, /* share_access */
1969 create_disposition, /* create_disposition*/
1970 create_options, /* create_options */
1971 smb_attr, /* file_attributes */
1972 oplock_request, /* oplock_request */
1973 0, /* allocation_size */
1977 &smb_action); /* pinfo */
1979 if (!NT_STATUS_IS_OK(status)) {
1980 if (open_was_deferred(req->mid)) {
1981 /* We have re-scheduled this call. */
1984 reply_openerror(req, status);
1988 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1989 if the file is truncated or created. */
1990 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1991 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1992 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1993 close_file(req, fsp, ERROR_CLOSE);
1994 reply_nterror(req, NT_STATUS_DISK_FULL);
1997 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1999 close_file(req, fsp, ERROR_CLOSE);
2000 reply_nterror(req, NT_STATUS_DISK_FULL);
2003 smb_fname->st.st_ex_size =
2004 SMB_VFS_GET_ALLOC_SIZE(conn, fsp, &smb_fname->st);
2007 fattr = dos_mode(conn,fsp->fsp_name,&smb_fname->st);
2008 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
2010 close_file(req, fsp, ERROR_CLOSE);
2011 reply_doserror(req, ERRDOS, ERRnoaccess);
2015 /* If the caller set the extended oplock request bit
2016 and we granted one (by whatever means) - set the
2017 correct bit for extended oplock reply.
2020 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2021 smb_action |= EXTENDED_OPLOCK_GRANTED;
2024 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2025 smb_action |= EXTENDED_OPLOCK_GRANTED;
2028 /* If the caller set the core oplock request bit
2029 and we granted one (by whatever means) - set the
2030 correct bit for core oplock reply.
2033 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2034 reply_outbuf(req, 19, 0);
2036 reply_outbuf(req, 15, 0);
2039 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2040 SCVAL(req->outbuf, smb_flg,
2041 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2044 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2045 SCVAL(req->outbuf, smb_flg,
2046 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2049 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
2050 SSVAL(req->outbuf,smb_vwv3,fattr);
2051 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
2052 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
2054 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
2056 SIVAL(req->outbuf,smb_vwv6,(uint32)smb_fname->st.st_ex_size);
2057 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
2058 SSVAL(req->outbuf,smb_vwv11,smb_action);
2060 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2061 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
2066 TALLOC_FREE(smb_fname);
2067 END_PROFILE(SMBopenX);
2071 /****************************************************************************
2072 Reply to a SMBulogoffX.
2073 ****************************************************************************/
2075 void reply_ulogoffX(struct smb_request *req)
2077 struct smbd_server_connection *sconn = smbd_server_conn;
2080 START_PROFILE(SMBulogoffX);
2082 vuser = get_valid_user_struct(sconn, req->vuid);
2085 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
2089 /* in user level security we are supposed to close any files
2090 open by this user */
2091 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
2092 file_close_user(req->vuid);
2095 invalidate_vuid(sconn, req->vuid);
2097 reply_outbuf(req, 2, 0);
2099 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
2101 END_PROFILE(SMBulogoffX);
2105 /****************************************************************************
2106 Reply to a mknew or a create.
2107 ****************************************************************************/
2109 void reply_mknew(struct smb_request *req)
2111 connection_struct *conn = req->conn;
2112 struct smb_filename *smb_fname = NULL;
2115 struct smb_file_time ft;
2117 int oplock_request = 0;
2119 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
2120 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
2121 uint32 create_disposition;
2122 uint32 create_options = 0;
2123 TALLOC_CTX *ctx = talloc_tos();
2125 START_PROFILE(SMBcreate);
2129 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2133 fattr = SVAL(req->vwv+0, 0);
2134 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2137 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
2139 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
2140 STR_TERMINATE, &status);
2141 if (!NT_STATUS_IS_OK(status)) {
2142 reply_nterror(req, status);
2146 status = resolve_dfspath(ctx,
2148 req->flags2 & FLAGS2_DFS_PATHNAMES,
2151 if (!NT_STATUS_IS_OK(status)) {
2152 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2153 reply_botherror(req,
2154 NT_STATUS_PATH_NOT_COVERED,
2155 ERRSRV, ERRbadpath);
2158 reply_nterror(req, status);
2162 status = unix_convert(ctx, conn, fname, &smb_fname, 0);
2163 if (!NT_STATUS_IS_OK(status)) {
2164 reply_nterror(req, status);
2168 if (fattr & aVOLID) {
2169 DEBUG(0,("Attempt to create file (%s) with volid set - "
2170 "please report this\n", fname));
2173 if(req->cmd == SMBmknew) {
2174 /* We should fail if file exists. */
2175 create_disposition = FILE_CREATE;
2177 /* Create if file doesn't exist, truncate if it does. */
2178 create_disposition = FILE_OVERWRITE_IF;
2181 status = SMB_VFS_CREATE_FILE(
2184 0, /* root_dir_fid */
2185 smb_fname, /* fname */
2186 access_mask, /* access_mask */
2187 share_mode, /* share_access */
2188 create_disposition, /* create_disposition*/
2189 create_options, /* create_options */
2190 fattr, /* file_attributes */
2191 oplock_request, /* oplock_request */
2192 0, /* allocation_size */
2198 if (!NT_STATUS_IS_OK(status)) {
2199 if (open_was_deferred(req->mid)) {
2200 /* We have re-scheduled this call. */
2203 reply_openerror(req, status);
2207 ft.atime = smb_fname->st.st_ex_atime; /* atime. */
2208 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &smb_fname->st,
2210 if (!NT_STATUS_IS_OK(status)) {
2211 END_PROFILE(SMBcreate);
2215 reply_outbuf(req, 1, 0);
2216 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2218 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2219 SCVAL(req->outbuf,smb_flg,
2220 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2223 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2224 SCVAL(req->outbuf,smb_flg,
2225 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2228 DEBUG( 2, ( "reply_mknew: file %s\n", fsp->fsp_name ) );
2229 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
2230 fsp->fsp_name, fsp->fh->fd, (unsigned int)fattr ) );
2233 TALLOC_FREE(smb_fname);
2234 END_PROFILE(SMBcreate);
2238 /****************************************************************************
2239 Reply to a create temporary file.
2240 ****************************************************************************/
2242 void reply_ctemp(struct smb_request *req)
2244 connection_struct *conn = req->conn;
2245 struct smb_filename *smb_fname = NULL;
2253 TALLOC_CTX *ctx = talloc_tos();
2255 START_PROFILE(SMBctemp);
2258 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2262 fattr = SVAL(req->vwv+0, 0);
2263 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2265 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2266 STR_TERMINATE, &status);
2267 if (!NT_STATUS_IS_OK(status)) {
2268 reply_nterror(req, status);
2272 fname = talloc_asprintf(ctx,
2276 fname = talloc_strdup(ctx, "TMXXXXXX");
2280 reply_nterror(req, NT_STATUS_NO_MEMORY);
2284 status = resolve_dfspath(ctx, conn,
2285 req->flags2 & FLAGS2_DFS_PATHNAMES,
2288 if (!NT_STATUS_IS_OK(status)) {
2289 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2290 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2291 ERRSRV, ERRbadpath);
2294 reply_nterror(req, status);
2298 status = unix_convert(ctx, conn, fname, &smb_fname, 0);
2299 if (!NT_STATUS_IS_OK(status)) {
2300 reply_nterror(req, status);
2304 status = check_name(conn, smb_fname->base_name);
2305 if (!NT_STATUS_IS_OK(status)) {
2306 reply_nterror(req, status);
2310 tmpfd = mkstemp(smb_fname->base_name);
2312 reply_unixerror(req, ERRDOS, ERRnoaccess);
2316 SET_STAT_INVALID(smb_fname->st);
2317 SMB_VFS_STAT(conn, smb_fname->base_name, &smb_fname->st);
2319 /* We should fail if file does not exist. */
2320 status = SMB_VFS_CREATE_FILE(
2323 0, /* root_dir_fid */
2324 smb_fname, /* fname */
2325 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2326 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2327 FILE_OPEN, /* create_disposition*/
2328 0, /* create_options */
2329 fattr, /* file_attributes */
2330 oplock_request, /* oplock_request */
2331 0, /* allocation_size */
2337 /* close fd from mkstemp() */
2340 if (!NT_STATUS_IS_OK(status)) {
2341 if (open_was_deferred(req->mid)) {
2342 /* We have re-scheduled this call. */
2345 reply_openerror(req, status);
2349 reply_outbuf(req, 1, 0);
2350 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2352 /* the returned filename is relative to the directory */
2353 s = strrchr_m(fsp->fsp_name, '/');
2361 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2362 thing in the byte section. JRA */
2363 SSVALS(p, 0, -1); /* what is this? not in spec */
2365 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2367 reply_nterror(req, NT_STATUS_NO_MEMORY);
2371 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2372 SCVAL(req->outbuf, smb_flg,
2373 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2376 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2377 SCVAL(req->outbuf, smb_flg,
2378 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2381 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp->fsp_name ) );
2382 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp->fsp_name,
2383 fsp->fh->fd, (unsigned int)smb_fname->st.st_ex_mode));
2385 TALLOC_FREE(smb_fname);
2386 END_PROFILE(SMBctemp);
2390 /*******************************************************************
2391 Check if a user is allowed to rename a file.
2392 ********************************************************************/
2394 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2395 uint16 dirtype, SMB_STRUCT_STAT *pst)
2399 if (!CAN_WRITE(conn)) {
2400 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2403 fmode = dos_mode(conn, fsp->fsp_name, pst);
2404 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2405 return NT_STATUS_NO_SUCH_FILE;
2408 if (S_ISDIR(pst->st_ex_mode)) {
2409 if (fsp->posix_open) {
2410 return NT_STATUS_OK;
2413 /* If no pathnames are open below this
2414 directory, allow the rename. */
2416 if (file_find_subpath(fsp)) {
2417 return NT_STATUS_ACCESS_DENIED;
2419 return NT_STATUS_OK;
2422 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2423 return NT_STATUS_OK;
2426 return NT_STATUS_ACCESS_DENIED;
2429 /*******************************************************************
2430 * unlink a file with all relevant access checks
2431 *******************************************************************/
2433 static NTSTATUS do_unlink(connection_struct *conn,
2434 struct smb_request *req,
2435 struct smb_filename *smb_fname,
2441 uint32 dirtype_orig = dirtype;
2444 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2446 if (!CAN_WRITE(conn)) {
2447 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2450 status = get_full_smb_filename(smb_fname, smb_fname, &fname);
2451 if (!NT_STATUS_IS_OK(status)) {
2455 if (SMB_VFS_LSTAT(conn, fname, &smb_fname->st) != 0) {
2456 return map_nt_error_from_unix(errno);
2459 fattr = dos_mode(conn, fname, &smb_fname->st);
2461 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2462 dirtype = aDIR|aARCH|aRONLY;
2465 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2467 return NT_STATUS_NO_SUCH_FILE;
2470 if (!dir_check_ftype(conn, fattr, dirtype)) {
2472 return NT_STATUS_FILE_IS_A_DIRECTORY;
2474 return NT_STATUS_NO_SUCH_FILE;
2477 if (dirtype_orig & 0x8000) {
2478 /* These will never be set for POSIX. */
2479 return NT_STATUS_NO_SUCH_FILE;
2483 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2484 return NT_STATUS_FILE_IS_A_DIRECTORY;
2487 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2488 return NT_STATUS_NO_SUCH_FILE;
2491 if (dirtype & 0xFF00) {
2492 /* These will never be set for POSIX. */
2493 return NT_STATUS_NO_SUCH_FILE;
2498 return NT_STATUS_NO_SUCH_FILE;
2501 /* Can't delete a directory. */
2503 return NT_STATUS_FILE_IS_A_DIRECTORY;
2508 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2509 return NT_STATUS_OBJECT_NAME_INVALID;
2510 #endif /* JRATEST */
2512 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2514 On a Windows share, a file with read-only dosmode can be opened with
2515 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2516 fails with NT_STATUS_CANNOT_DELETE error.
2518 This semantic causes a problem that a user can not
2519 rename a file with read-only dosmode on a Samba share
2520 from a Windows command prompt (i.e. cmd.exe, but can rename
2521 from Windows Explorer).
2524 if (!lp_delete_readonly(SNUM(conn))) {
2525 if (fattr & aRONLY) {
2526 return NT_STATUS_CANNOT_DELETE;
2530 /* On open checks the open itself will check the share mode, so
2531 don't do it here as we'll get it wrong. */
2533 status = SMB_VFS_CREATE_FILE
2536 0, /* root_dir_fid */
2537 smb_fname, /* fname */
2538 DELETE_ACCESS, /* access_mask */
2539 FILE_SHARE_NONE, /* share_access */
2540 FILE_OPEN, /* create_disposition*/
2541 FILE_NON_DIRECTORY_FILE, /* create_options */
2542 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2543 0, /* oplock_request */
2544 0, /* allocation_size */
2550 if (!NT_STATUS_IS_OK(status)) {
2551 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2552 nt_errstr(status)));
2556 /* The set is across all open files on this dev/inode pair. */
2557 if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) {
2558 close_file(req, fsp, NORMAL_CLOSE);
2559 return NT_STATUS_ACCESS_DENIED;
2562 return close_file(req, fsp, NORMAL_CLOSE);
2565 /****************************************************************************
2566 The guts of the unlink command, split out so it may be called by the NT SMB
2568 ****************************************************************************/
2570 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2571 uint32 dirtype, const char *name_in, bool has_wild)
2573 struct smb_filename *smb_fname = NULL;
2574 char *fname_dir = NULL;
2575 char *fname_mask = NULL;
2577 NTSTATUS status = NT_STATUS_OK;
2578 TALLOC_CTX *ctx = talloc_tos();
2580 status = unix_convert(ctx, conn, name_in, &smb_fname,
2581 has_wild ? UCF_ALLOW_WCARD_LCOMP : 0);
2582 if (!NT_STATUS_IS_OK(status)) {
2586 /* Split up the directory from the filename/mask. */
2587 status = split_fname_dir_mask(ctx, smb_fname->base_name,
2588 &fname_dir, &fname_mask);
2589 if (!NT_STATUS_IS_OK(status)) {
2594 * We should only check the mangled cache
2595 * here if unix_convert failed. This means
2596 * that the path in 'mask' doesn't exist
2597 * on the file system and so we need to look
2598 * for a possible mangle. This patch from
2599 * Tine Smukavec <valentin.smukavec@hermes.si>.
2602 if (!VALID_STAT(smb_fname->st) &&
2603 mangle_is_mangled(fname_mask, conn->params)) {
2604 char *new_mask = NULL;
2605 mangle_lookup_name_from_8_3(ctx, fname_mask,
2606 &new_mask, conn->params);
2608 TALLOC_FREE(fname_mask);
2609 fname_mask = new_mask;
2616 * Only one file needs to be unlinked. Append the mask back
2617 * onto the directory.
2619 TALLOC_FREE(smb_fname->base_name);
2620 smb_fname->base_name = talloc_asprintf(smb_fname,
2624 if (!smb_fname->base_name) {
2625 status = NT_STATUS_NO_MEMORY;
2629 dirtype = FILE_ATTRIBUTE_NORMAL;
2632 status = check_name(conn, smb_fname->base_name);
2633 if (!NT_STATUS_IS_OK(status)) {
2637 status = do_unlink(conn, req, smb_fname, dirtype);
2638 if (!NT_STATUS_IS_OK(status)) {
2644 struct smb_Dir *dir_hnd = NULL;
2648 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2649 status = NT_STATUS_OBJECT_NAME_INVALID;
2653 if (strequal(fname_mask,"????????.???")) {
2654 TALLOC_FREE(fname_mask);
2655 fname_mask = talloc_strdup(ctx, "*");
2657 status = NT_STATUS_NO_MEMORY;
2662 status = check_name(conn, fname_dir);
2663 if (!NT_STATUS_IS_OK(status)) {
2667 dir_hnd = OpenDir(talloc_tos(), conn, fname_dir, fname_mask,
2669 if (dir_hnd == NULL) {
2670 status = map_nt_error_from_unix(errno);
2674 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2675 the pattern matches against the long name, otherwise the short name
2676 We don't implement this yet XXXX
2679 status = NT_STATUS_NO_SUCH_FILE;
2681 while ((dname = ReadDirName(dir_hnd, &offset,
2683 if (!is_visible_file(conn, fname_dir, dname,
2684 &smb_fname->st, true)) {
2688 /* Quick check for "." and ".." */
2689 if (ISDOT(dname) || ISDOTDOT(dname)) {
2693 if(!mask_match(dname, fname_mask,
2694 conn->case_sensitive)) {
2698 TALLOC_FREE(smb_fname->base_name);
2699 smb_fname->base_name =
2700 talloc_asprintf(smb_fname, "%s/%s",
2703 if (!smb_fname->base_name) {
2704 TALLOC_FREE(dir_hnd);
2705 status = NT_STATUS_NO_MEMORY;
2709 status = check_name(conn, smb_fname->base_name);
2710 if (!NT_STATUS_IS_OK(status)) {
2711 TALLOC_FREE(dir_hnd);
2715 status = do_unlink(conn, req, smb_fname, dirtype);
2716 if (!NT_STATUS_IS_OK(status)) {
2721 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2722 smb_fname->base_name));
2724 TALLOC_FREE(dir_hnd);
2727 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2728 status = map_nt_error_from_unix(errno);
2732 TALLOC_FREE(smb_fname);
2733 TALLOC_FREE(fname_dir);
2734 TALLOC_FREE(fname_mask);
2738 /****************************************************************************
2740 ****************************************************************************/
2742 void reply_unlink(struct smb_request *req)
2744 connection_struct *conn = req->conn;
2748 bool path_contains_wcard = False;
2749 TALLOC_CTX *ctx = talloc_tos();
2751 START_PROFILE(SMBunlink);
2754 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2755 END_PROFILE(SMBunlink);
2759 dirtype = SVAL(req->vwv+0, 0);
2761 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2762 STR_TERMINATE, &status,
2763 &path_contains_wcard);
2764 if (!NT_STATUS_IS_OK(status)) {
2765 reply_nterror(req, status);
2766 END_PROFILE(SMBunlink);
2770 status = resolve_dfspath_wcard(ctx, conn,
2771 req->flags2 & FLAGS2_DFS_PATHNAMES,
2774 &path_contains_wcard);
2775 if (!NT_STATUS_IS_OK(status)) {
2776 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2777 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2778 ERRSRV, ERRbadpath);
2779 END_PROFILE(SMBunlink);
2782 reply_nterror(req, status);
2783 END_PROFILE(SMBunlink);
2787 DEBUG(3,("reply_unlink : %s\n",name));
2789 status = unlink_internals(conn, req, dirtype, name,
2790 path_contains_wcard);
2791 if (!NT_STATUS_IS_OK(status)) {
2792 if (open_was_deferred(req->mid)) {
2793 /* We have re-scheduled this call. */
2794 END_PROFILE(SMBunlink);
2797 reply_nterror(req, status);
2798 END_PROFILE(SMBunlink);
2802 reply_outbuf(req, 0, 0);
2803 END_PROFILE(SMBunlink);
2808 /****************************************************************************
2810 ****************************************************************************/
2812 static void fail_readraw(void)
2814 const char *errstr = talloc_asprintf(talloc_tos(),
2815 "FAIL ! reply_readbraw: socket write fail (%s)",
2820 exit_server_cleanly(errstr);
2823 /****************************************************************************
2824 Fake (read/write) sendfile. Returns -1 on read or write fail.
2825 ****************************************************************************/
2827 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2831 size_t tosend = nread;
2838 bufsize = MIN(nread, 65536);
2840 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2844 while (tosend > 0) {
2848 if (tosend > bufsize) {
2853 ret = read_file(fsp,buf,startpos,cur_read);
2859 /* If we had a short read, fill with zeros. */
2860 if (ret < cur_read) {
2861 memset(buf + ret, '\0', cur_read - ret);
2864 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2869 startpos += cur_read;
2873 return (ssize_t)nread;
2876 #if defined(WITH_SENDFILE)
2877 /****************************************************************************
2878 Deal with the case of sendfile reading less bytes from the file than
2879 requested. Fill with zeros (all we can do).
2880 ****************************************************************************/
2882 static void sendfile_short_send(files_struct *fsp,
2887 #define SHORT_SEND_BUFSIZE 1024
2888 if (nread < headersize) {
2889 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2890 "header for file %s (%s). Terminating\n",
2891 fsp->fsp_name, strerror(errno) ));
2892 exit_server_cleanly("sendfile_short_send failed");
2895 nread -= headersize;
2897 if (nread < smb_maxcnt) {
2898 char *buf = SMB_CALLOC_ARRAY(char, SHORT_SEND_BUFSIZE);
2900 exit_server_cleanly("sendfile_short_send: "
2904 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2905 "with zeros !\n", fsp->fsp_name));
2907 while (nread < smb_maxcnt) {
2909 * We asked for the real file size and told sendfile
2910 * to not go beyond the end of the file. But it can
2911 * happen that in between our fstat call and the
2912 * sendfile call the file was truncated. This is very
2913 * bad because we have already announced the larger
2914 * number of bytes to the client.
2916 * The best we can do now is to send 0-bytes, just as
2917 * a read from a hole in a sparse file would do.
2919 * This should happen rarely enough that I don't care
2920 * about efficiency here :-)
2924 to_write = MIN(SHORT_SEND_BUFSIZE, smb_maxcnt - nread);
2925 if (write_data(smbd_server_fd(), buf, to_write) != to_write) {
2926 exit_server_cleanly("sendfile_short_send: "
2927 "write_data failed");
2934 #endif /* defined WITH_SENDFILE */
2936 /****************************************************************************
2937 Return a readbraw error (4 bytes of zero).
2938 ****************************************************************************/
2940 static void reply_readbraw_error(void)
2944 if (write_data(smbd_server_fd(),header,4) != 4) {
2949 /****************************************************************************
2950 Use sendfile in readbraw.
2951 ****************************************************************************/
2953 static void send_file_readbraw(connection_struct *conn,
2954 struct smb_request *req,
2960 char *outbuf = NULL;
2963 #if defined(WITH_SENDFILE)
2965 * We can only use sendfile on a non-chained packet
2966 * but we can use on a non-oplocked file. tridge proved this
2967 * on a train in Germany :-). JRA.
2968 * reply_readbraw has already checked the length.
2971 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
2972 (fsp->wcp == NULL) &&
2973 lp_use_sendfile(SNUM(conn), smbd_server_conn->smb1.signing_state) ) {
2974 ssize_t sendfile_read = -1;
2976 DATA_BLOB header_blob;
2978 _smb_setlen(header,nread);
2979 header_blob = data_blob_const(header, 4);
2981 if ((sendfile_read = SMB_VFS_SENDFILE(smbd_server_fd(), fsp,
2982 &header_blob, startpos, nread)) == -1) {
2983 /* Returning ENOSYS means no data at all was sent.
2984 * Do this as a normal read. */
2985 if (errno == ENOSYS) {
2986 goto normal_readbraw;
2990 * Special hack for broken Linux with no working sendfile. If we
2991 * return EINTR we sent the header but not the rest of the data.
2992 * Fake this up by doing read/write calls.
2994 if (errno == EINTR) {
2995 /* Ensure we don't do this again. */
2996 set_use_sendfile(SNUM(conn), False);
2997 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2999 if (fake_sendfile(fsp, startpos, nread) == -1) {
3000 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
3001 fsp->fsp_name, strerror(errno) ));
3002 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
3007 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
3008 fsp->fsp_name, strerror(errno) ));
3009 exit_server_cleanly("send_file_readbraw sendfile failed");
3010 } else if (sendfile_read == 0) {
3012 * Some sendfile implementations return 0 to indicate
3013 * that there was a short read, but nothing was
3014 * actually written to the socket. In this case,
3015 * fallback to the normal read path so the header gets
3016 * the correct byte count.
3018 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
3019 "bytes falling back to the normal read: "
3020 "%s\n", fsp->fsp_name));
3021 goto normal_readbraw;
3024 /* Deal with possible short send. */
3025 if (sendfile_read != 4+nread) {
3026 sendfile_short_send(fsp, sendfile_read, 4, nread);
3034 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
3036 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
3037 (unsigned)(nread+4)));
3038 reply_readbraw_error();
3043 ret = read_file(fsp,outbuf+4,startpos,nread);
3044 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3053 _smb_setlen(outbuf,ret);
3054 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
3057 TALLOC_FREE(outbuf);
3060 /****************************************************************************
3061 Reply to a readbraw (core+ protocol).
3062 ****************************************************************************/
3064 void reply_readbraw(struct smb_request *req)
3066 connection_struct *conn = req->conn;
3067 ssize_t maxcount,mincount;
3071 struct lock_struct lock;
3075 START_PROFILE(SMBreadbraw);
3077 if (srv_is_signing_active(smbd_server_conn) ||
3078 is_encrypted_packet(req->inbuf)) {
3079 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
3080 "raw reads/writes are disallowed.");
3084 reply_readbraw_error();
3085 END_PROFILE(SMBreadbraw);
3090 * Special check if an oplock break has been issued
3091 * and the readraw request croses on the wire, we must
3092 * return a zero length response here.
3095 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3098 * We have to do a check_fsp by hand here, as
3099 * we must always return 4 zero bytes on error,
3103 if (!fsp || !conn || conn != fsp->conn ||
3104 req->vuid != fsp->vuid ||
3105 fsp->is_directory || fsp->fh->fd == -1) {
3107 * fsp could be NULL here so use the value from the packet. JRA.
3109 DEBUG(3,("reply_readbraw: fnum %d not valid "
3111 (int)SVAL(req->vwv+0, 0)));
3112 reply_readbraw_error();
3113 END_PROFILE(SMBreadbraw);
3117 /* Do a "by hand" version of CHECK_READ. */
3118 if (!(fsp->can_read ||
3119 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
3120 (fsp->access_mask & FILE_EXECUTE)))) {
3121 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
3122 (int)SVAL(req->vwv+0, 0)));
3123 reply_readbraw_error();
3124 END_PROFILE(SMBreadbraw);
3128 flush_write_cache(fsp, READRAW_FLUSH);
3130 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
3131 if(req->wct == 10) {
3133 * This is a large offset (64 bit) read.
3135 #ifdef LARGE_SMB_OFF_T
3137 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
3139 #else /* !LARGE_SMB_OFF_T */
3142 * Ensure we haven't been sent a >32 bit offset.
3145 if(IVAL(req->vwv+8, 0) != 0) {
3146 DEBUG(0,("reply_readbraw: large offset "
3147 "(%x << 32) used and we don't support "
3148 "64 bit offsets.\n",
3149 (unsigned int)IVAL(req->vwv+8, 0) ));
3150 reply_readbraw_error();
3151 END_PROFILE(SMBreadbraw);
3155 #endif /* LARGE_SMB_OFF_T */
3158 DEBUG(0,("reply_readbraw: negative 64 bit "
3159 "readraw offset (%.0f) !\n",
3160 (double)startpos ));
3161 reply_readbraw_error();
3162 END_PROFILE(SMBreadbraw);
3167 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
3168 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
3170 /* ensure we don't overrun the packet size */
3171 maxcount = MIN(65535,maxcount);
3173 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3174 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
3177 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3178 reply_readbraw_error();
3179 END_PROFILE(SMBreadbraw);
3183 if (SMB_VFS_FSTAT(fsp, &st) == 0) {
3184 size = st.st_ex_size;
3187 if (startpos >= size) {
3190 nread = MIN(maxcount,(size - startpos));
3193 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3194 if (nread < mincount)
3198 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3199 "min=%lu nread=%lu\n",
3200 fsp->fnum, (double)startpos,
3201 (unsigned long)maxcount,
3202 (unsigned long)mincount,
3203 (unsigned long)nread ) );
3205 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3207 DEBUG(5,("reply_readbraw finished\n"));
3209 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3211 END_PROFILE(SMBreadbraw);
3216 #define DBGC_CLASS DBGC_LOCKING
3218 /****************************************************************************
3219 Reply to a lockread (core+ protocol).
3220 ****************************************************************************/
3222 void reply_lockread(struct smb_request *req)
3224 connection_struct *conn = req->conn;
3231 struct byte_range_lock *br_lck = NULL;
3233 struct smbd_server_connection *sconn = smbd_server_conn;
3235 START_PROFILE(SMBlockread);
3238 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3239 END_PROFILE(SMBlockread);
3243 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3245 if (!check_fsp(conn, req, fsp)) {
3246 END_PROFILE(SMBlockread);
3250 if (!CHECK_READ(fsp,req)) {
3251 reply_doserror(req, ERRDOS, ERRbadaccess);
3252 END_PROFILE(SMBlockread);
3256 numtoread = SVAL(req->vwv+1, 0);
3257 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3259 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3261 reply_outbuf(req, 5, numtoread + 3);
3263 data = smb_buf(req->outbuf) + 3;
3266 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3267 * protocol request that predates the read/write lock concept.
3268 * Thus instead of asking for a read lock here we need to ask
3269 * for a write lock. JRA.
3270 * Note that the requested lock size is unaffected by max_recv.
3273 br_lck = do_lock(smbd_messaging_context(),
3276 (uint64_t)numtoread,
3280 False, /* Non-blocking lock. */
3284 TALLOC_FREE(br_lck);
3286 if (NT_STATUS_V(status)) {
3287 reply_nterror(req, status);
3288 END_PROFILE(SMBlockread);
3293 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3296 if (numtoread > sconn->smb1.negprot.max_recv) {
3297 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3298 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3299 (unsigned int)numtoread,
3300 (unsigned int)sconn->smb1.negprot.max_recv));
3301 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3303 nread = read_file(fsp,data,startpos,numtoread);
3306 reply_unixerror(req, ERRDOS, ERRnoaccess);
3307 END_PROFILE(SMBlockread);
3311 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3313 SSVAL(req->outbuf,smb_vwv0,nread);
3314 SSVAL(req->outbuf,smb_vwv5,nread+3);
3315 p = smb_buf(req->outbuf);
3316 SCVAL(p,0,0); /* pad byte. */
3319 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3320 fsp->fnum, (int)numtoread, (int)nread));
3322 END_PROFILE(SMBlockread);
3327 #define DBGC_CLASS DBGC_ALL
3329 /****************************************************************************
3331 ****************************************************************************/
3333 void reply_read(struct smb_request *req)
3335 connection_struct *conn = req->conn;
3342 struct lock_struct lock;
3343 struct smbd_server_connection *sconn = smbd_server_conn;
3345 START_PROFILE(SMBread);
3348 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3349 END_PROFILE(SMBread);
3353 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3355 if (!check_fsp(conn, req, fsp)) {
3356 END_PROFILE(SMBread);
3360 if (!CHECK_READ(fsp,req)) {
3361 reply_doserror(req, ERRDOS, ERRbadaccess);
3362 END_PROFILE(SMBread);
3366 numtoread = SVAL(req->vwv+1, 0);
3367 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3369 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3372 * The requested read size cannot be greater than max_recv. JRA.
3374 if (numtoread > sconn->smb1.negprot.max_recv) {
3375 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3376 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3377 (unsigned int)numtoread,
3378 (unsigned int)sconn->smb1.negprot.max_recv));
3379 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3382 reply_outbuf(req, 5, numtoread+3);
3384 data = smb_buf(req->outbuf) + 3;
3386 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3387 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3390 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3391 reply_doserror(req, ERRDOS,ERRlock);
3392 END_PROFILE(SMBread);
3397 nread = read_file(fsp,data,startpos,numtoread);
3400 reply_unixerror(req, ERRDOS,ERRnoaccess);
3404 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3406 SSVAL(req->outbuf,smb_vwv0,nread);
3407 SSVAL(req->outbuf,smb_vwv5,nread+3);
3408 SCVAL(smb_buf(req->outbuf),0,1);
3409 SSVAL(smb_buf(req->outbuf),1,nread);
3411 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3412 fsp->fnum, (int)numtoread, (int)nread ) );
3415 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3417 END_PROFILE(SMBread);
3421 /****************************************************************************
3423 ****************************************************************************/
3425 static int setup_readX_header(struct smb_request *req, char *outbuf,
3431 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3432 data = smb_buf(outbuf);
3434 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3436 SCVAL(outbuf,smb_vwv0,0xFF);
3437 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3438 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3439 SSVAL(outbuf,smb_vwv6,
3441 + 1 /* the wct field */
3442 + 12 * sizeof(uint16_t) /* vwv */
3443 + 2); /* the buflen field */
3444 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3445 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3446 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3447 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3451 /****************************************************************************
3452 Reply to a read and X - possibly using sendfile.
3453 ****************************************************************************/
3455 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3456 files_struct *fsp, SMB_OFF_T startpos,
3459 SMB_STRUCT_STAT sbuf;
3461 struct lock_struct lock;
3463 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
3464 reply_unixerror(req, ERRDOS, ERRnoaccess);
3468 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3469 (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
3472 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3473 reply_doserror(req, ERRDOS, ERRlock);
3477 if (!S_ISREG(sbuf.st_ex_mode) || (startpos > sbuf.st_ex_size)
3478 || (smb_maxcnt > (sbuf.st_ex_size - startpos))) {
3480 * We already know that we would do a short read, so don't
3481 * try the sendfile() path.
3483 goto nosendfile_read;
3486 #if defined(WITH_SENDFILE)
3488 * We can only use sendfile on a non-chained packet
3489 * but we can use on a non-oplocked file. tridge proved this
3490 * on a train in Germany :-). JRA.
3493 if (!req_is_in_chain(req) &&
3494 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3495 (fsp->wcp == NULL) &&
3496 lp_use_sendfile(SNUM(conn), smbd_server_conn->smb1.signing_state) ) {
3497 uint8 headerbuf[smb_size + 12 * 2];
3501 * Set up the packet header before send. We
3502 * assume here the sendfile will work (get the
3503 * correct amount of data).
3506 header = data_blob_const(headerbuf, sizeof(headerbuf));
3508 construct_reply_common_req(req, (char *)headerbuf);
3509 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3511 if ((nread = SMB_VFS_SENDFILE(smbd_server_fd(), fsp, &header, startpos, smb_maxcnt)) == -1) {
3512 /* Returning ENOSYS means no data at all was sent.
3513 Do this as a normal read. */
3514 if (errno == ENOSYS) {
3519 * Special hack for broken Linux with no working sendfile. If we
3520 * return EINTR we sent the header but not the rest of the data.
3521 * Fake this up by doing read/write calls.
3524 if (errno == EINTR) {
3525 /* Ensure we don't do this again. */
3526 set_use_sendfile(SNUM(conn), False);
3527 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3528 nread = fake_sendfile(fsp, startpos,
3531 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3532 fsp->fsp_name, strerror(errno) ));
3533 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3535 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3536 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3537 /* No outbuf here means successful sendfile. */
3541 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3542 fsp->fsp_name, strerror(errno) ));
3543 exit_server_cleanly("send_file_readX sendfile failed");
3544 } else if (nread == 0) {
3546 * Some sendfile implementations return 0 to indicate
3547 * that there was a short read, but nothing was
3548 * actually written to the socket. In this case,
3549 * fallback to the normal read path so the header gets
3550 * the correct byte count.
3552 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3553 "falling back to the normal read: %s\n",
3558 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3559 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3561 /* Deal with possible short send. */
3562 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3563 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3565 /* No outbuf here means successful sendfile. */
3566 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req->pcd, nread);
3567 SMB_PERFCOUNT_END(&req->pcd);
3575 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3576 uint8 headerbuf[smb_size + 2*12];
3578 construct_reply_common_req(req, (char *)headerbuf);
3579 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3581 /* Send out the header. */
3582 if (write_data(smbd_server_fd(), (char *)headerbuf,
3583 sizeof(headerbuf)) != sizeof(headerbuf)) {
3584 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3585 fsp->fsp_name, strerror(errno) ));
3586 exit_server_cleanly("send_file_readX sendfile failed");
3588 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3590 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3591 fsp->fsp_name, strerror(errno) ));
3592 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3599 reply_outbuf(req, 12, smb_maxcnt);
3601 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3603 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3606 reply_unixerror(req, ERRDOS, ERRnoaccess);
3610 setup_readX_header(req, (char *)req->outbuf, nread);
3612 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3613 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3619 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3620 TALLOC_FREE(req->outbuf);
3624 /****************************************************************************
3625 Reply to a read and X.
3626 ****************************************************************************/
3628 void reply_read_and_X(struct smb_request *req)
3630 connection_struct *conn = req->conn;
3634 bool big_readX = False;
3636 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3639 START_PROFILE(SMBreadX);
3641 if ((req->wct != 10) && (req->wct != 12)) {
3642 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3646 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3647 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3648 smb_maxcnt = SVAL(req->vwv+5, 0);
3650 /* If it's an IPC, pass off the pipe handler. */
3652 reply_pipe_read_and_X(req);
3653 END_PROFILE(SMBreadX);
3657 if (!check_fsp(conn, req, fsp)) {
3658 END_PROFILE(SMBreadX);
3662 if (!CHECK_READ(fsp,req)) {
3663 reply_doserror(req, ERRDOS,ERRbadaccess);
3664 END_PROFILE(SMBreadX);
3668 if (global_client_caps & CAP_LARGE_READX) {
3669 size_t upper_size = SVAL(req->vwv+7, 0);
3670 smb_maxcnt |= (upper_size<<16);
3671 if (upper_size > 1) {
3672 /* Can't do this on a chained packet. */
3673 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3674 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3675 END_PROFILE(SMBreadX);
3678 /* We currently don't do this on signed or sealed data. */
3679 if (srv_is_signing_active(smbd_server_conn) ||
3680 is_encrypted_packet(req->inbuf)) {
3681 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3682 END_PROFILE(SMBreadX);
3685 /* Is there room in the reply for this data ? */
3686 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3688 NT_STATUS_INVALID_PARAMETER);
3689 END_PROFILE(SMBreadX);
3696 if (req->wct == 12) {
3697 #ifdef LARGE_SMB_OFF_T
3699 * This is a large offset (64 bit) read.
3701 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3703 #else /* !LARGE_SMB_OFF_T */
3706 * Ensure we haven't been sent a >32 bit offset.
3709 if(IVAL(req->vwv+10, 0) != 0) {
3710 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3711 "used and we don't support 64 bit offsets.\n",
3712 (unsigned int)IVAL(req->vwv+10, 0) ));
3713 END_PROFILE(SMBreadX);
3714 reply_doserror(req, ERRDOS, ERRbadaccess);
3718 #endif /* LARGE_SMB_OFF_T */
3723 schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
3727 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3730 END_PROFILE(SMBreadX);
3734 /****************************************************************************
3735 Error replies to writebraw must have smb_wct == 1. Fix this up.
3736 ****************************************************************************/
3738 void error_to_writebrawerr(struct smb_request *req)
3740 uint8 *old_outbuf = req->outbuf;
3742 reply_outbuf(req, 1, 0);
3744 memcpy(req->outbuf, old_outbuf, smb_size);
3745 TALLOC_FREE(old_outbuf);
3748 /****************************************************************************
3749 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3750 ****************************************************************************/
3752 void reply_writebraw(struct smb_request *req)
3754 connection_struct *conn = req->conn;
3757 ssize_t total_written=0;
3758 size_t numtowrite=0;
3764 struct lock_struct lock;
3767 START_PROFILE(SMBwritebraw);
3770 * If we ever reply with an error, it must have the SMB command
3771 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3774 SCVAL(req->inbuf,smb_com,SMBwritec);
3776 if (srv_is_signing_active(smbd_server_conn)) {
3777 END_PROFILE(SMBwritebraw);
3778 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3779 "raw reads/writes are disallowed.");
3782 if (req->wct < 12) {
3783 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3784 error_to_writebrawerr(req);
3785 END_PROFILE(SMBwritebraw);
3789 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3790 if (!check_fsp(conn, req, fsp)) {
3791 error_to_writebrawerr(req);
3792 END_PROFILE(SMBwritebraw);
3796 if (!CHECK_WRITE(fsp)) {
3797 reply_doserror(req, ERRDOS, ERRbadaccess);
3798 error_to_writebrawerr(req);
3799 END_PROFILE(SMBwritebraw);
3803 tcount = IVAL(req->vwv+1, 0);
3804 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3805 write_through = BITSETW(req->vwv+7,0);
3807 /* We have to deal with slightly different formats depending
3808 on whether we are using the core+ or lanman1.0 protocol */
3810 if(Protocol <= PROTOCOL_COREPLUS) {
3811 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3812 data = smb_buf(req->inbuf);
3814 numtowrite = SVAL(req->vwv+10, 0);
3815 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3818 /* Ensure we don't write bytes past the end of this packet. */
3819 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3820 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3821 error_to_writebrawerr(req);
3822 END_PROFILE(SMBwritebraw);
3826 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3827 (uint64_t)startpos, (uint64_t)tcount, WRITE_LOCK,
3830 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3831 reply_doserror(req, ERRDOS, ERRlock);
3832 error_to_writebrawerr(req);
3833 END_PROFILE(SMBwritebraw);
3838 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3841 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3842 "wrote=%d sync=%d\n",
3843 fsp->fnum, (double)startpos, (int)numtowrite,
3844 (int)nwritten, (int)write_through));
3846 if (nwritten < (ssize_t)numtowrite) {
3847 reply_unixerror(req, ERRHRD, ERRdiskfull);
3848 error_to_writebrawerr(req);
3852 total_written = nwritten;
3854 /* Allocate a buffer of 64k + length. */
3855 buf = TALLOC_ARRAY(NULL, char, 65540);
3857 reply_doserror(req, ERRDOS, ERRnomem);
3858 error_to_writebrawerr(req);
3862 /* Return a SMBwritebraw message to the redirector to tell
3863 * it to send more bytes */
3865 memcpy(buf, req->inbuf, smb_size);
3866 srv_set_message(buf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3867 SCVAL(buf,smb_com,SMBwritebraw);
3868 SSVALS(buf,smb_vwv0,0xFFFF);
3870 if (!srv_send_smb(smbd_server_fd(),
3872 false, 0, /* no signing */
3873 IS_CONN_ENCRYPTED(conn),
3875 exit_server_cleanly("reply_writebraw: srv_send_smb "
3879 /* Now read the raw data into the buffer and write it */
3880 status = read_smb_length(smbd_server_fd(), buf, SMB_SECONDARY_WAIT,
3882 if (!NT_STATUS_IS_OK(status)) {
3883 exit_server_cleanly("secondary writebraw failed");
3886 /* Set up outbuf to return the correct size */
3887 reply_outbuf(req, 1, 0);
3889 if (numtowrite != 0) {
3891 if (numtowrite > 0xFFFF) {
3892 DEBUG(0,("reply_writebraw: Oversize secondary write "
3893 "raw requested (%u). Terminating\n",
3894 (unsigned int)numtowrite ));
3895 exit_server_cleanly("secondary writebraw failed");
3898 if (tcount > nwritten+numtowrite) {
3899 DEBUG(3,("reply_writebraw: Client overestimated the "
3901 (int)tcount,(int)nwritten,(int)numtowrite));
3904 status = read_data(smbd_server_fd(), buf+4, numtowrite);
3906 if (!NT_STATUS_IS_OK(status)) {
3907 DEBUG(0,("reply_writebraw: Oversize secondary write "
3908 "raw read failed (%s). Terminating\n",
3909 nt_errstr(status)));
3910 exit_server_cleanly("secondary writebraw failed");
3913 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
3914 if (nwritten == -1) {
3916 reply_unixerror(req, ERRHRD, ERRdiskfull);
3917 error_to_writebrawerr(req);
3921 if (nwritten < (ssize_t)numtowrite) {
3922 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3923 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3927 total_written += nwritten;
3932 SSVAL(req->outbuf,smb_vwv0,total_written);
3934 status = sync_file(conn, fsp, write_through);
3935 if (!NT_STATUS_IS_OK(status)) {
3936 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3937 fsp->fsp_name, nt_errstr(status) ));
3938 reply_nterror(req, status);
3939 error_to_writebrawerr(req);
3943 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3945 fsp->fnum, (double)startpos, (int)numtowrite,
3946 (int)total_written));
3948 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3950 /* We won't return a status if write through is not selected - this
3951 * follows what WfWg does */
3952 END_PROFILE(SMBwritebraw);
3954 if (!write_through && total_written==tcount) {
3956 #if RABBIT_PELLET_FIX
3958 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3959 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3962 if (!send_keepalive(smbd_server_fd())) {
3963 exit_server_cleanly("reply_writebraw: send of "
3964 "keepalive failed");
3967 TALLOC_FREE(req->outbuf);
3972 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3974 END_PROFILE(SMBwritebraw);
3979 #define DBGC_CLASS DBGC_LOCKING
3981 /****************************************************************************
3982 Reply to a writeunlock (core+).
3983 ****************************************************************************/
3985 void reply_writeunlock(struct smb_request *req)
3987 connection_struct *conn = req->conn;
3988 ssize_t nwritten = -1;
3992 NTSTATUS status = NT_STATUS_OK;
3994 struct lock_struct lock;
3996 START_PROFILE(SMBwriteunlock);
3999 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4000 END_PROFILE(SMBwriteunlock);
4004 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4006 if (!check_fsp(conn, req, fsp)) {
4007 END_PROFILE(SMBwriteunlock);
4011 if (!CHECK_WRITE(fsp)) {
4012 reply_doserror(req, ERRDOS,ERRbadaccess);
4013 END_PROFILE(SMBwriteunlock);
4017 numtowrite = SVAL(req->vwv+1, 0);
4018 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4019 data = (const char *)req->buf + 3;
4022 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4023 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4026 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4027 reply_doserror(req, ERRDOS, ERRlock);
4028 END_PROFILE(SMBwriteunlock);
4033 /* The special X/Open SMB protocol handling of
4034 zero length writes is *NOT* done for
4036 if(numtowrite == 0) {
4039 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4042 status = sync_file(conn, fsp, False /* write through */);
4043 if (!NT_STATUS_IS_OK(status)) {
4044 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
4045 fsp->fsp_name, nt_errstr(status) ));
4046 reply_nterror(req, status);
4050 if(((nwritten < numtowrite) && (numtowrite != 0))||(nwritten < 0)) {
4051 reply_unixerror(req, ERRHRD, ERRdiskfull);
4056 status = do_unlock(smbd_messaging_context(),
4059 (uint64_t)numtowrite,
4063 if (NT_STATUS_V(status)) {
4064 reply_nterror(req, status);
4069 reply_outbuf(req, 1, 0);
4071 SSVAL(req->outbuf,smb_vwv0,nwritten);
4073 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
4074 fsp->fnum, (int)numtowrite, (int)nwritten));
4078 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4081 END_PROFILE(SMBwriteunlock);
4086 #define DBGC_CLASS DBGC_ALL
4088 /****************************************************************************
4090 ****************************************************************************/
4092 void reply_write(struct smb_request *req)
4094 connection_struct *conn = req->conn;
4096 ssize_t nwritten = -1;
4100 struct lock_struct lock;
4103 START_PROFILE(SMBwrite);
4106 END_PROFILE(SMBwrite);
4107 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4111 /* If it's an IPC, pass off the pipe handler. */
4113 reply_pipe_write(req);
4114 END_PROFILE(SMBwrite);
4118 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4120 if (!check_fsp(conn, req, fsp)) {
4121 END_PROFILE(SMBwrite);
4125 if (!CHECK_WRITE(fsp)) {
4126 reply_doserror(req, ERRDOS, ERRbadaccess);
4127 END_PROFILE(SMBwrite);
4131 numtowrite = SVAL(req->vwv+1, 0);
4132 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4133 data = (const char *)req->buf + 3;
4135 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4136 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4139 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4140 reply_doserror(req, ERRDOS, ERRlock);
4141 END_PROFILE(SMBwrite);
4146 * X/Open SMB protocol says that if smb_vwv1 is
4147 * zero then the file size should be extended or
4148 * truncated to the size given in smb_vwv[2-3].
4151 if(numtowrite == 0) {
4153 * This is actually an allocate call, and set EOF. JRA.
4155 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
4157 reply_nterror(req, NT_STATUS_DISK_FULL);
4160 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
4162 reply_nterror(req, NT_STATUS_DISK_FULL);
4165 trigger_write_time_update_immediate(fsp);
4167 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4170 status = sync_file(conn, fsp, False);
4171 if (!NT_STATUS_IS_OK(status)) {
4172 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
4173 fsp->fsp_name, nt_errstr(status) ));
4174 reply_nterror(req, status);
4178 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4179 reply_unixerror(req, ERRHRD, ERRdiskfull);
4183 reply_outbuf(req, 1, 0);
4185 SSVAL(req->outbuf,smb_vwv0,nwritten);
4187 if (nwritten < (ssize_t)numtowrite) {
4188 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4189 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4192 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
4195 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4197 END_PROFILE(SMBwrite);
4201 /****************************************************************************
4202 Ensure a buffer is a valid writeX for recvfile purposes.
4203 ****************************************************************************/
4205 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
4206 (2*14) + /* word count (including bcc) */ \
4209 bool is_valid_writeX_buffer(const uint8_t *inbuf)
4212 connection_struct *conn = NULL;
4213 unsigned int doff = 0;
4214 size_t len = smb_len_large(inbuf);
4215 struct smbd_server_connection *sconn = smbd_server_conn;
4217 if (is_encrypted_packet(inbuf)) {
4218 /* Can't do this on encrypted
4223 if (CVAL(inbuf,smb_com) != SMBwriteX) {
4227 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
4228 CVAL(inbuf,smb_wct) != 14) {
4229 DEBUG(10,("is_valid_writeX_buffer: chained or "
4230 "invalid word length.\n"));
4234 conn = conn_find(sconn, SVAL(inbuf, smb_tid));
4236 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4240 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4243 if (IS_PRINT(conn)) {
4244 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4247 doff = SVAL(inbuf,smb_vwv11);
4249 numtowrite = SVAL(inbuf,smb_vwv10);
4251 if (len > doff && len - doff > 0xFFFF) {
4252 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
4255 if (numtowrite == 0) {
4256 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4260 /* Ensure the sizes match up. */
4261 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
4262 /* no pad byte...old smbclient :-( */
4263 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4265 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
4269 if (len - doff != numtowrite) {
4270 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4271 "len = %u, doff = %u, numtowrite = %u\n",
4274 (unsigned int)numtowrite ));
4278 DEBUG(10,("is_valid_writeX_buffer: true "
4279 "len = %u, doff = %u, numtowrite = %u\n",
4282 (unsigned int)numtowrite ));
4287 /****************************************************************************
4288 Reply to a write and X.
4289 ****************************************************************************/
4291 void reply_write_and_X(struct smb_request *req)
4293 connection_struct *conn = req->conn;
4295 struct lock_struct lock;
4300 unsigned int smb_doff;
4301 unsigned int smblen;
4305 START_PROFILE(SMBwriteX);
4307 if ((req->wct != 12) && (req->wct != 14)) {
4308 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4309 END_PROFILE(SMBwriteX);
4313 numtowrite = SVAL(req->vwv+10, 0);
4314 smb_doff = SVAL(req->vwv+11, 0);
4315 smblen = smb_len(req->inbuf);
4317 if (req->unread_bytes > 0xFFFF ||
4318 (smblen > smb_doff &&
4319 smblen - smb_doff > 0xFFFF)) {
4320 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4323 if (req->unread_bytes) {
4324 /* Can't do a recvfile write on IPC$ */
4326 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4327 END_PROFILE(SMBwriteX);
4330 if (numtowrite != req->unread_bytes) {
4331 reply_doserror(req, ERRDOS, ERRbadmem);
4332 END_PROFILE(SMBwriteX);
4336 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4337 smb_doff + numtowrite > smblen) {
4338 reply_doserror(req, ERRDOS, ERRbadmem);
4339 END_PROFILE(SMBwriteX);
4344 /* If it's an IPC, pass off the pipe handler. */
4346 if (req->unread_bytes) {
4347 reply_doserror(req, ERRDOS, ERRbadmem);
4348 END_PROFILE(SMBwriteX);
4351 reply_pipe_write_and_X(req);
4352 END_PROFILE(SMBwriteX);
4356 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4357 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4358 write_through = BITSETW(req->vwv+7,0);
4360 if (!check_fsp(conn, req, fsp)) {
4361 END_PROFILE(SMBwriteX);
4365 if (!CHECK_WRITE(fsp)) {
4366 reply_doserror(req, ERRDOS, ERRbadaccess);
4367 END_PROFILE(SMBwriteX);
4371 data = smb_base(req->inbuf) + smb_doff;
4373 if(req->wct == 14) {
4374 #ifdef LARGE_SMB_OFF_T
4376 * This is a large offset (64 bit) write.
4378 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4380 #else /* !LARGE_SMB_OFF_T */
4383 * Ensure we haven't been sent a >32 bit offset.
4386 if(IVAL(req->vwv+12, 0) != 0) {
4387 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4388 "used and we don't support 64 bit offsets.\n",
4389 (unsigned int)IVAL(req->vwv+12, 0) ));
4390 reply_doserror(req, ERRDOS, ERRbadaccess);
4391 END_PROFILE(SMBwriteX);
4395 #endif /* LARGE_SMB_OFF_T */
4398 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4399 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4402 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4403 reply_doserror(req, ERRDOS, ERRlock);
4404 END_PROFILE(SMBwriteX);
4408 /* X/Open SMB protocol says that, unlike SMBwrite
4409 if the length is zero then NO truncation is
4410 done, just a write of zero. To truncate a file,
4413 if(numtowrite == 0) {
4417 if ((req->unread_bytes == 0) &&
4418 schedule_aio_write_and_X(conn, req, fsp, data, startpos,
4423 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4426 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4427 reply_unixerror(req, ERRHRD, ERRdiskfull);
4431 reply_outbuf(req, 6, 0);
4432 SSVAL(req->outbuf,smb_vwv2,nwritten);
4433 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4435 if (nwritten < (ssize_t)numtowrite) {
4436 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4437 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4440 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4441 fsp->fnum, (int)numtowrite, (int)nwritten));
4443 status = sync_file(conn, fsp, write_through);
4444 if (!NT_STATUS_IS_OK(status)) {
4445 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4446 fsp->fsp_name, nt_errstr(status) ));
4447 reply_nterror(req, status);
4451 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4453 END_PROFILE(SMBwriteX);
4458 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4460 END_PROFILE(SMBwriteX);
4464 /****************************************************************************
4466 ****************************************************************************/
4468 void reply_lseek(struct smb_request *req)
4470 connection_struct *conn = req->conn;
4476 START_PROFILE(SMBlseek);
4479 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4480 END_PROFILE(SMBlseek);
4484 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4486 if (!check_fsp(conn, req, fsp)) {
4490 flush_write_cache(fsp, SEEK_FLUSH);
4492 mode = SVAL(req->vwv+1, 0) & 3;
4493 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4494 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4503 res = fsp->fh->pos + startpos;
4514 if (umode == SEEK_END) {
4515 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4516 if(errno == EINVAL) {
4517 SMB_OFF_T current_pos = startpos;
4518 SMB_STRUCT_STAT sbuf;
4520 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
4521 reply_unixerror(req, ERRDOS,
4523 END_PROFILE(SMBlseek);
4527 current_pos += sbuf.st_ex_size;
4529 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4534 reply_unixerror(req, ERRDOS, ERRnoaccess);
4535 END_PROFILE(SMBlseek);
4542 reply_outbuf(req, 2, 0);
4543 SIVAL(req->outbuf,smb_vwv0,res);
4545 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4546 fsp->fnum, (double)startpos, (double)res, mode));
4548 END_PROFILE(SMBlseek);
4552 /****************************************************************************
4554 ****************************************************************************/
4556 void reply_flush(struct smb_request *req)
4558 connection_struct *conn = req->conn;
4562 START_PROFILE(SMBflush);
4565 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4569 fnum = SVAL(req->vwv+0, 0);
4570 fsp = file_fsp(req, fnum);
4572 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4577 file_sync_all(conn);
4579 NTSTATUS status = sync_file(conn, fsp, True);
4580 if (!NT_STATUS_IS_OK(status)) {
4581 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4582 fsp->fsp_name, nt_errstr(status) ));
4583 reply_nterror(req, status);
4584 END_PROFILE(SMBflush);
4589 reply_outbuf(req, 0, 0);
4591 DEBUG(3,("flush\n"));
4592 END_PROFILE(SMBflush);
4596 /****************************************************************************
4598 conn POINTER CAN BE NULL HERE !
4599 ****************************************************************************/
4601 void reply_exit(struct smb_request *req)
4603 START_PROFILE(SMBexit);
4605 file_close_pid(req->smbpid, req->vuid);
4607 reply_outbuf(req, 0, 0);
4609 DEBUG(3,("exit\n"));
4611 END_PROFILE(SMBexit);
4615 /****************************************************************************
4616 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4617 ****************************************************************************/
4619 void reply_close(struct smb_request *req)
4621 connection_struct *conn = req->conn;
4622 NTSTATUS status = NT_STATUS_OK;
4623 files_struct *fsp = NULL;
4624 START_PROFILE(SMBclose);
4627 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4628 END_PROFILE(SMBclose);
4632 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4635 * We can only use check_fsp if we know it's not a directory.
4638 if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) {
4639 reply_doserror(req, ERRDOS, ERRbadfid);
4640 END_PROFILE(SMBclose);
4644 if(fsp->is_directory) {
4646 * Special case - close NT SMB directory handle.
4648 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4649 status = close_file(req, fsp, NORMAL_CLOSE);
4653 * Close ordinary file.
4656 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4657 fsp->fh->fd, fsp->fnum,
4658 conn->num_files_open));
4661 * Take care of any time sent in the close.
4664 t = srv_make_unix_date3(req->vwv+1);
4665 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4668 * close_file() returns the unix errno if an error
4669 * was detected on close - normally this is due to
4670 * a disk full error. If not then it was probably an I/O error.
4673 status = close_file(req, fsp, NORMAL_CLOSE);
4676 if (!NT_STATUS_IS_OK(status)) {
4677 reply_nterror(req, status);
4678 END_PROFILE(SMBclose);
4682 reply_outbuf(req, 0, 0);
4683 END_PROFILE(SMBclose);
4687 /****************************************************************************
4688 Reply to a writeclose (Core+ protocol).
4689 ****************************************************************************/
4691 void reply_writeclose(struct smb_request *req)
4693 connection_struct *conn = req->conn;
4695 ssize_t nwritten = -1;
4696 NTSTATUS close_status = NT_STATUS_OK;
4699 struct timespec mtime;
4701 struct lock_struct lock;
4703 START_PROFILE(SMBwriteclose);
4706 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4707 END_PROFILE(SMBwriteclose);
4711 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4713 if (!check_fsp(conn, req, fsp)) {
4714 END_PROFILE(SMBwriteclose);
4717 if (!CHECK_WRITE(fsp)) {
4718 reply_doserror(req, ERRDOS,ERRbadaccess);
4719 END_PROFILE(SMBwriteclose);
4723 numtowrite = SVAL(req->vwv+1, 0);
4724 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4725 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4726 data = (const char *)req->buf + 1;
4729 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4730 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4733 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4734 reply_doserror(req, ERRDOS,ERRlock);
4735 END_PROFILE(SMBwriteclose);
4740 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4742 set_close_write_time(fsp, mtime);
4745 * More insanity. W2K only closes the file if writelen > 0.
4750 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4752 close_status = close_file(req, fsp, NORMAL_CLOSE);
4755 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4756 fsp->fnum, (int)numtowrite, (int)nwritten,
4757 conn->num_files_open));
4759 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4760 reply_doserror(req, ERRHRD, ERRdiskfull);
4764 if(!NT_STATUS_IS_OK(close_status)) {
4765 reply_nterror(req, close_status);
4769 reply_outbuf(req, 1, 0);
4771 SSVAL(req->outbuf,smb_vwv0,nwritten);
4775 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4778 END_PROFILE(SMBwriteclose);
4783 #define DBGC_CLASS DBGC_LOCKING
4785 /****************************************************************************
4787 ****************************************************************************/
4789 void reply_lock(struct smb_request *req)
4791 connection_struct *conn = req->conn;
4792 uint64_t count,offset;
4795 struct byte_range_lock *br_lck = NULL;
4797 START_PROFILE(SMBlock);
4800 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4801 END_PROFILE(SMBlock);
4805 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4807 if (!check_fsp(conn, req, fsp)) {
4808 END_PROFILE(SMBlock);
4812 count = (uint64_t)IVAL(req->vwv+1, 0);
4813 offset = (uint64_t)IVAL(req->vwv+3, 0);
4815 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4816 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
4818 br_lck = do_lock(smbd_messaging_context(),
4825 False, /* Non-blocking lock. */
4830 TALLOC_FREE(br_lck);
4832 if (NT_STATUS_V(status)) {
4833 reply_nterror(req, status);
4834 END_PROFILE(SMBlock);
4838 reply_outbuf(req, 0, 0);
4840 END_PROFILE(SMBlock);
4844 /****************************************************************************
4846 ****************************************************************************/
4848 void reply_unlock(struct smb_request *req)
4850 connection_struct *conn = req->conn;
4851 uint64_t count,offset;
4855 START_PROFILE(SMBunlock);
4858 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4859 END_PROFILE(SMBunlock);
4863 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4865 if (!check_fsp(conn, req, fsp)) {
4866 END_PROFILE(SMBunlock);
4870 count = (uint64_t)IVAL(req->vwv+1, 0);
4871 offset = (uint64_t)IVAL(req->vwv+3, 0);
4873 status = do_unlock(smbd_messaging_context(),
4880 if (NT_STATUS_V(status)) {
4881 reply_nterror(req, status);
4882 END_PROFILE(SMBunlock);
4886 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4887 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
4889 reply_outbuf(req, 0, 0);
4891 END_PROFILE(SMBunlock);
4896 #define DBGC_CLASS DBGC_ALL
4898 /****************************************************************************
4900 conn POINTER CAN BE NULL HERE !
4901 ****************************************************************************/
4903 void reply_tdis(struct smb_request *req)
4905 struct smbd_server_connection *sconn = smbd_server_conn;
4906 connection_struct *conn = req->conn;
4907 START_PROFILE(SMBtdis);
4910 DEBUG(4,("Invalid connection in tdis\n"));
4911 reply_doserror(req, ERRSRV, ERRinvnid);
4912 END_PROFILE(SMBtdis);
4918 close_cnum(sconn, conn,req->vuid);
4921 reply_outbuf(req, 0, 0);
4922 END_PROFILE(SMBtdis);
4926 /****************************************************************************
4928 conn POINTER CAN BE NULL HERE !
4929 ****************************************************************************/
4931 void reply_echo(struct smb_request *req)
4933 connection_struct *conn = req->conn;
4934 struct smb_perfcount_data local_pcd;
4935 struct smb_perfcount_data *cur_pcd;
4939 START_PROFILE(SMBecho);
4941 smb_init_perfcount_data(&local_pcd);
4944 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4945 END_PROFILE(SMBecho);
4949 smb_reverb = SVAL(req->vwv+0, 0);
4951 reply_outbuf(req, 1, req->buflen);
4953 /* copy any incoming data back out */
4954 if (req->buflen > 0) {
4955 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
4958 if (smb_reverb > 100) {
4959 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
4963 for (seq_num = 1 ; seq_num <= smb_reverb ; seq_num++) {
4965 /* this makes sure we catch the request pcd */
4966 if (seq_num == smb_reverb) {
4967 cur_pcd = &req->pcd;
4969 SMB_PERFCOUNT_COPY_CONTEXT(&req->pcd, &local_pcd);
4970 cur_pcd = &local_pcd;
4973 SSVAL(req->outbuf,smb_vwv0,seq_num);
4975 show_msg((char *)req->outbuf);
4976 if (!srv_send_smb(smbd_server_fd(),
4977 (char *)req->outbuf,
4978 true, req->seqnum+1,
4979 IS_CONN_ENCRYPTED(conn)||req->encrypted,
4981 exit_server_cleanly("reply_echo: srv_send_smb failed.");
4984 DEBUG(3,("echo %d times\n", smb_reverb));
4986 TALLOC_FREE(req->outbuf);
4988 END_PROFILE(SMBecho);
4992 /****************************************************************************
4993 Reply to a printopen.
4994 ****************************************************************************/
4996 void reply_printopen(struct smb_request *req)
4998 connection_struct *conn = req->conn;
5000 SMB_STRUCT_STAT sbuf;
5003 START_PROFILE(SMBsplopen);
5006 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5007 END_PROFILE(SMBsplopen);
5011 if (!CAN_PRINT(conn)) {
5012 reply_doserror(req, ERRDOS, ERRnoaccess);
5013 END_PROFILE(SMBsplopen);
5017 status = file_new(req, conn, &fsp);
5018 if(!NT_STATUS_IS_OK(status)) {
5019 reply_nterror(req, status);
5020 END_PROFILE(SMBsplopen);
5024 /* Open for exclusive use, write only. */
5025 status = print_fsp_open(req, conn, NULL, req->vuid, fsp, &sbuf);
5027 if (!NT_STATUS_IS_OK(status)) {
5028 file_free(req, fsp);
5029 reply_nterror(req, status);
5030 END_PROFILE(SMBsplopen);
5034 reply_outbuf(req, 1, 0);
5035 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
5037 DEBUG(3,("openprint fd=%d fnum=%d\n",
5038 fsp->fh->fd, fsp->fnum));
5040 END_PROFILE(SMBsplopen);
5044 /****************************************************************************
5045 Reply to a printclose.
5046 ****************************************************************************/
5048 void reply_printclose(struct smb_request *req)
5050 connection_struct *conn = req->conn;
5054 START_PROFILE(SMBsplclose);
5057 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5058 END_PROFILE(SMBsplclose);
5062 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5064 if (!check_fsp(conn, req, fsp)) {
5065 END_PROFILE(SMBsplclose);
5069 if (!CAN_PRINT(conn)) {
5070 reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRerror));
5071 END_PROFILE(SMBsplclose);
5075 DEBUG(3,("printclose fd=%d fnum=%d\n",
5076 fsp->fh->fd,fsp->fnum));
5078 status = close_file(req, fsp, NORMAL_CLOSE);
5080 if(!NT_STATUS_IS_OK(status)) {
5081 reply_nterror(req, status);
5082 END_PROFILE(SMBsplclose);
5086 reply_outbuf(req, 0, 0);
5088 END_PROFILE(SMBsplclose);
5092 /****************************************************************************
5093 Reply to a printqueue.
5094 ****************************************************************************/
5096 void reply_printqueue(struct smb_request *req)
5098 connection_struct *conn = req->conn;
5102 START_PROFILE(SMBsplretq);
5105 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5106 END_PROFILE(SMBsplretq);
5110 max_count = SVAL(req->vwv+0, 0);
5111 start_index = SVAL(req->vwv+1, 0);
5113 /* we used to allow the client to get the cnum wrong, but that
5114 is really quite gross and only worked when there was only
5115 one printer - I think we should now only accept it if they
5116 get it right (tridge) */
5117 if (!CAN_PRINT(conn)) {
5118 reply_doserror(req, ERRDOS, ERRnoaccess);
5119 END_PROFILE(SMBsplretq);
5123 reply_outbuf(req, 2, 3);
5124 SSVAL(req->outbuf,smb_vwv0,0);
5125 SSVAL(req->outbuf,smb_vwv1,0);
5126 SCVAL(smb_buf(req->outbuf),0,1);
5127 SSVAL(smb_buf(req->outbuf),1,0);
5129 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
5130 start_index, max_count));
5133 print_queue_struct *queue = NULL;
5134 print_status_struct status;
5135 int count = print_queue_status(SNUM(conn), &queue, &status);
5136 int num_to_get = ABS(max_count);
5137 int first = (max_count>0?start_index:start_index+max_count+1);
5143 num_to_get = MIN(num_to_get,count-first);
5146 for (i=first;i<first+num_to_get;i++) {
5150 srv_put_dos_date2(p,0,queue[i].time);
5151 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
5152 SSVAL(p,5, queue[i].job);
5153 SIVAL(p,7,queue[i].size);
5155 srvstr_push(blob, req->flags2, p+12,
5156 queue[i].fs_user, 16, STR_ASCII);
5158 if (message_push_blob(
5161 blob, sizeof(blob))) == -1) {
5162 reply_nterror(req, NT_STATUS_NO_MEMORY);
5163 END_PROFILE(SMBsplretq);
5169 SSVAL(req->outbuf,smb_vwv0,count);
5170 SSVAL(req->outbuf,smb_vwv1,
5171 (max_count>0?first+count:first-1));
5172 SCVAL(smb_buf(req->outbuf),0,1);
5173 SSVAL(smb_buf(req->outbuf),1,28*count);
5178 DEBUG(3,("%d entries returned in queue\n",count));
5181 END_PROFILE(SMBsplretq);
5185 /****************************************************************************
5186 Reply to a printwrite.
5187 ****************************************************************************/
5189 void reply_printwrite(struct smb_request *req)
5191 connection_struct *conn = req->conn;
5196 START_PROFILE(SMBsplwr);
5199 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5200 END_PROFILE(SMBsplwr);
5204 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5206 if (!check_fsp(conn, req, fsp)) {
5207 END_PROFILE(SMBsplwr);
5211 if (!CAN_PRINT(conn)) {
5212 reply_doserror(req, ERRDOS, ERRnoaccess);
5213 END_PROFILE(SMBsplwr);
5217 if (!CHECK_WRITE(fsp)) {
5218 reply_doserror(req, ERRDOS, ERRbadaccess);
5219 END_PROFILE(SMBsplwr);
5223 numtowrite = SVAL(req->buf, 1);
5225 if (req->buflen < numtowrite + 3) {
5226 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5227 END_PROFILE(SMBsplwr);
5231 data = (const char *)req->buf + 3;
5233 if (write_file(req,fsp,data,-1,numtowrite) != numtowrite) {
5234 reply_unixerror(req, ERRHRD, ERRdiskfull);
5235 END_PROFILE(SMBsplwr);
5239 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
5241 END_PROFILE(SMBsplwr);
5245 /****************************************************************************
5247 ****************************************************************************/
5249 void reply_mkdir(struct smb_request *req)
5251 connection_struct *conn = req->conn;
5252 struct smb_filename *smb_dname = NULL;
5253 char *directory = NULL;
5255 TALLOC_CTX *ctx = talloc_tos();
5257 START_PROFILE(SMBmkdir);
5259 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5260 STR_TERMINATE, &status);
5261 if (!NT_STATUS_IS_OK(status)) {
5262 reply_nterror(req, status);
5266 status = resolve_dfspath(ctx, conn,
5267 req->flags2 & FLAGS2_DFS_PATHNAMES,
5270 if (!NT_STATUS_IS_OK(status)) {
5271 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5272 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5273 ERRSRV, ERRbadpath);
5276 reply_nterror(req, status);
5280 status = unix_convert(ctx, conn, directory, &smb_dname, 0);
5281 if (!NT_STATUS_IS_OK(status)) {
5282 reply_nterror(req, status);
5286 status = check_name(conn, smb_dname->base_name);
5287 if (!NT_STATUS_IS_OK(status)) {
5288 reply_nterror(req, status);
5292 status = create_directory(conn, req, smb_dname);
5294 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
5296 if (!NT_STATUS_IS_OK(status)) {
5298 if (!use_nt_status()
5299 && NT_STATUS_EQUAL(status,
5300 NT_STATUS_OBJECT_NAME_COLLISION)) {
5302 * Yes, in the DOS error code case we get a
5303 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5304 * samba4 torture test.
5306 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
5309 reply_nterror(req, status);
5313 reply_outbuf(req, 0, 0);
5315 DEBUG(3, ("mkdir %s\n", smb_dname->base_name));
5317 TALLOC_FREE(smb_dname);
5318 END_PROFILE(SMBmkdir);
5322 /****************************************************************************
5323 Static function used by reply_rmdir to delete an entire directory
5324 tree recursively. Return True on ok, False on fail.
5325 ****************************************************************************/
5327 static bool recursive_rmdir(TALLOC_CTX *ctx,
5328 connection_struct *conn,
5331 const char *dname = NULL;
5335 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn, directory,
5341 while((dname = ReadDirName(dir_hnd, &offset, &st))) {
5342 char *fullname = NULL;
5344 if (ISDOT(dname) || ISDOTDOT(dname)) {
5348 if (!is_visible_file(conn, directory, dname, &st, False)) {
5352 /* Construct the full name. */
5353 fullname = talloc_asprintf(ctx,
5363 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
5368 if(st.st_ex_mode & S_IFDIR) {
5369 if(!recursive_rmdir(ctx, conn, fullname)) {
5373 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5377 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5381 TALLOC_FREE(fullname);
5383 TALLOC_FREE(dir_hnd);
5387 /****************************************************************************
5388 The internals of the rmdir code - called elsewhere.
5389 ****************************************************************************/
5391 NTSTATUS rmdir_internals(TALLOC_CTX *ctx,
5392 connection_struct *conn,
5393 const char *directory)
5398 /* Might be a symlink. */
5399 if(SMB_VFS_LSTAT(conn, directory, &st) != 0) {
5400 return map_nt_error_from_unix(errno);
5403 if (S_ISLNK(st.st_ex_mode)) {
5404 /* Is what it points to a directory ? */
5405 if(SMB_VFS_STAT(conn, directory, &st) != 0) {
5406 return map_nt_error_from_unix(errno);
5408 if (!(S_ISDIR(st.st_ex_mode))) {
5409 return NT_STATUS_NOT_A_DIRECTORY;
5411 ret = SMB_VFS_UNLINK(conn,directory);
5413 ret = SMB_VFS_RMDIR(conn,directory);
5416 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5417 FILE_NOTIFY_CHANGE_DIR_NAME,
5419 return NT_STATUS_OK;
5422 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
5424 * Check to see if the only thing in this directory are
5425 * vetoed files/directories. If so then delete them and
5426 * retry. If we fail to delete any of them (and we *don't*
5427 * do a recursive delete) then fail the rmdir.
5431 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn,
5432 directory, NULL, 0);
5434 if(dir_hnd == NULL) {
5439 while ((dname = ReadDirName(dir_hnd, &dirpos, &st))) {
5440 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
5442 if (!is_visible_file(conn, directory, dname, &st, False))
5444 if(!IS_VETO_PATH(conn, dname)) {
5445 TALLOC_FREE(dir_hnd);
5451 /* We only have veto files/directories.
5452 * Are we allowed to delete them ? */
5454 if(!lp_recursive_veto_delete(SNUM(conn))) {
5455 TALLOC_FREE(dir_hnd);
5460 /* Do a recursive delete. */
5461 RewindDir(dir_hnd,&dirpos);
5462 while ((dname = ReadDirName(dir_hnd, &dirpos, &st))) {
5463 char *fullname = NULL;
5465 if (ISDOT(dname) || ISDOTDOT(dname)) {
5468 if (!is_visible_file(conn, directory, dname, &st, False)) {
5472 fullname = talloc_asprintf(ctx,
5482 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
5485 if(st.st_ex_mode & S_IFDIR) {
5486 if(!recursive_rmdir(ctx, conn, fullname)) {
5489 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5492 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5495 TALLOC_FREE(fullname);
5497 TALLOC_FREE(dir_hnd);
5498 /* Retry the rmdir */
5499 ret = SMB_VFS_RMDIR(conn,directory);
5505 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
5506 "%s\n", directory,strerror(errno)));
5507 return map_nt_error_from_unix(errno);
5510 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5511 FILE_NOTIFY_CHANGE_DIR_NAME,
5514 return NT_STATUS_OK;
5517 /****************************************************************************
5519 ****************************************************************************/
5521 void reply_rmdir(struct smb_request *req)
5523 connection_struct *conn = req->conn;
5524 struct smb_filename *smb_dname = NULL;
5525 char *directory = NULL;
5527 TALLOC_CTX *ctx = talloc_tos();
5529 START_PROFILE(SMBrmdir);
5531 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5532 STR_TERMINATE, &status);
5533 if (!NT_STATUS_IS_OK(status)) {
5534 reply_nterror(req, status);
5538 status = resolve_dfspath(ctx, conn,
5539 req->flags2 & FLAGS2_DFS_PATHNAMES,
5542 if (!NT_STATUS_IS_OK(status)) {
5543 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5544 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5545 ERRSRV, ERRbadpath);
5548 reply_nterror(req, status);
5552 status = unix_convert(ctx, conn, directory, &smb_dname, 0);
5553 if (!NT_STATUS_IS_OK(status)) {
5554 reply_nterror(req, status);
5558 status = get_full_smb_filename(ctx, smb_dname, &directory);
5559 if (!NT_STATUS_IS_OK(status)) {
5560 reply_nterror(req, status);
5564 status = check_name(conn, directory);
5565 if (!NT_STATUS_IS_OK(status)) {
5566 reply_nterror(req, status);
5570 dptr_closepath(directory, req->smbpid);
5571 status = rmdir_internals(ctx, conn, directory);
5572 if (!NT_STATUS_IS_OK(status)) {
5573 reply_nterror(req, status);
5577 reply_outbuf(req, 0, 0);
5579 DEBUG( 3, ( "rmdir %s\n", directory ) );
5581 TALLOC_FREE(smb_dname);
5582 END_PROFILE(SMBrmdir);
5586 /*******************************************************************
5587 Resolve wildcards in a filename rename.
5588 ********************************************************************/
5590 static bool resolve_wildcards(TALLOC_CTX *ctx,
5595 char *name2_copy = NULL;
5600 char *p,*p2, *pname1, *pname2;
5602 name2_copy = talloc_strdup(ctx, name2);
5607 pname1 = strrchr_m(name1,'/');
5608 pname2 = strrchr_m(name2_copy,'/');
5610 if (!pname1 || !pname2) {
5614 /* Truncate the copy of name2 at the last '/' */
5617 /* Now go past the '/' */
5621 root1 = talloc_strdup(ctx, pname1);
5622 root2 = talloc_strdup(ctx, pname2);
5624 if (!root1 || !root2) {
5628 p = strrchr_m(root1,'.');
5631 ext1 = talloc_strdup(ctx, p+1);
5633 ext1 = talloc_strdup(ctx, "");
5635 p = strrchr_m(root2,'.');
5638 ext2 = talloc_strdup(ctx, p+1);
5640 ext2 = talloc_strdup(ctx, "");
5643 if (!ext1 || !ext2) {
5651 /* Hmmm. Should this be mb-aware ? */
5654 } else if (*p2 == '*') {
5656 root2 = talloc_asprintf(ctx, "%s%s",
5675 /* Hmmm. Should this be mb-aware ? */
5678 } else if (*p2 == '*') {
5680 ext2 = talloc_asprintf(ctx, "%s%s",
5696 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5701 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5713 /****************************************************************************
5714 Ensure open files have their names updated. Updated to notify other smbd's
5716 ****************************************************************************/
5718 static void rename_open_files(connection_struct *conn,
5719 struct share_mode_lock *lck,
5720 const char *newname)
5723 bool did_rename = False;
5725 for(fsp = file_find_di_first(lck->id); fsp;
5726 fsp = file_find_di_next(fsp)) {
5727 /* fsp_name is a relative path under the fsp. To change this for other
5728 sharepaths we need to manipulate relative paths. */
5729 /* TODO - create the absolute path and manipulate the newname
5730 relative to the sharepath. */
5731 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5734 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
5735 fsp->fnum, file_id_string_tos(&fsp->file_id),
5736 fsp->fsp_name, newname ));
5737 string_set(&fsp->fsp_name, newname);
5742 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
5743 file_id_string_tos(&lck->id), newname ));
5746 /* Send messages to all smbd's (not ourself) that the name has changed. */
5747 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
5751 /****************************************************************************
5752 We need to check if the source path is a parent directory of the destination
5753 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5754 refuse the rename with a sharing violation. Under UNIX the above call can
5755 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5756 probably need to check that the client is a Windows one before disallowing
5757 this as a UNIX client (one with UNIX extensions) can know the source is a
5758 symlink and make this decision intelligently. Found by an excellent bug
5759 report from <AndyLiebman@aol.com>.
5760 ****************************************************************************/
5762 static bool rename_path_prefix_equal(const char *src, const char *dest)
5764 const char *psrc = src;
5765 const char *pdst = dest;
5768 if (psrc[0] == '.' && psrc[1] == '/') {
5771 if (pdst[0] == '.' && pdst[1] == '/') {
5774 if ((slen = strlen(psrc)) > strlen(pdst)) {
5777 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5781 * Do the notify calls from a rename
5784 static void notify_rename(connection_struct *conn, bool is_dir,
5785 const char *oldpath, const char *newpath)
5787 char *olddir, *newdir;
5788 const char *oldname, *newname;
5791 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5792 : FILE_NOTIFY_CHANGE_FILE_NAME;
5794 if (!parent_dirname(talloc_tos(), oldpath, &olddir, &oldname)
5795 || !parent_dirname(talloc_tos(), newpath, &newdir, &newname)) {
5796 TALLOC_FREE(olddir);
5800 if (strcmp(olddir, newdir) == 0) {
5801 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
5802 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
5805 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
5806 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
5808 TALLOC_FREE(olddir);
5809 TALLOC_FREE(newdir);
5811 /* this is a strange one. w2k3 gives an additional event for
5812 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5813 files, but not directories */
5815 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5816 FILE_NOTIFY_CHANGE_ATTRIBUTES
5817 |FILE_NOTIFY_CHANGE_CREATION,
5822 /****************************************************************************
5823 Rename an open file - given an fsp.
5824 ****************************************************************************/
5826 NTSTATUS rename_internals_fsp(connection_struct *conn,
5829 const char *newname_last_component,
5831 bool replace_if_exists)
5833 TALLOC_CTX *ctx = talloc_tos();
5834 SMB_STRUCT_STAT sbuf, sbuf1;
5835 NTSTATUS status = NT_STATUS_OK;
5836 struct share_mode_lock *lck = NULL;
5837 bool dst_exists, old_is_stream, new_is_stream;
5841 status = check_name(conn, newname);
5842 if (!NT_STATUS_IS_OK(status)) {
5846 /* Ensure newname contains a '/' */
5847 if(strrchr_m(newname,'/') == 0) {
5848 newname = talloc_asprintf(ctx,
5852 return NT_STATUS_NO_MEMORY;
5857 * Check for special case with case preserving and not
5858 * case sensitive. If the old last component differs from the original
5859 * last component only by case, then we should allow
5860 * the rename (user is trying to change the case of the
5864 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5865 strequal(newname, fsp->fsp_name)) {
5867 char *newname_modified_last_component = NULL;
5870 * Get the last component of the modified name.
5871 * Note that we guarantee that newname contains a '/'
5874 p = strrchr_m(newname,'/');
5875 newname_modified_last_component = talloc_strdup(ctx,
5877 if (!newname_modified_last_component) {
5878 return NT_STATUS_NO_MEMORY;
5881 if(strcsequal(newname_modified_last_component,
5882 newname_last_component) == False) {
5884 * Replace the modified last component with
5887 *p = '\0'; /* Truncate at the '/' */
5888 newname = talloc_asprintf(ctx,
5891 newname_last_component);
5896 * If the src and dest names are identical - including case,
5897 * don't do the rename, just return success.
5900 if (strcsequal(fsp->fsp_name, newname)) {
5901 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
5903 return NT_STATUS_OK;
5906 old_is_stream = is_ntfs_stream_name(fsp->fsp_name);
5907 new_is_stream = is_ntfs_stream_name(newname);
5909 /* Return the correct error code if both names aren't streams. */
5910 if (!old_is_stream && new_is_stream) {
5911 return NT_STATUS_OBJECT_NAME_INVALID;
5914 if (old_is_stream && !new_is_stream) {
5915 return NT_STATUS_INVALID_PARAMETER;
5919 * Have vfs_object_exist also fill sbuf1
5921 dst_exists = vfs_object_exist(conn, newname, &sbuf1);
5923 if(!replace_if_exists && dst_exists) {
5924 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
5925 fsp->fsp_name,newname));
5926 return NT_STATUS_OBJECT_NAME_COLLISION;
5930 struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1);
5931 files_struct *dst_fsp = file_find_di_first(fileid);
5932 /* The file can be open when renaming a stream */
5933 if (dst_fsp && !new_is_stream) {
5934 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
5935 return NT_STATUS_ACCESS_DENIED;
5939 /* Ensure we have a valid stat struct for the source. */
5940 if (fsp->fh->fd != -1) {
5941 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
5942 return map_nt_error_from_unix(errno);
5946 if (fsp->posix_open) {
5947 ret = SMB_VFS_LSTAT(conn,fsp->fsp_name,&sbuf);
5949 ret = SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf);
5952 return map_nt_error_from_unix(errno);
5956 status = can_rename(conn, fsp, attrs, &sbuf);
5958 if (!NT_STATUS_IS_OK(status)) {
5959 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5960 nt_errstr(status), fsp->fsp_name,newname));
5961 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
5962 status = NT_STATUS_ACCESS_DENIED;
5966 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
5967 return NT_STATUS_ACCESS_DENIED;
5970 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
5974 * We have the file open ourselves, so not being able to get the
5975 * corresponding share mode lock is a fatal error.
5978 SMB_ASSERT(lck != NULL);
5980 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
5981 uint32 create_options = fsp->fh->private_options;
5983 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
5984 fsp->fsp_name,newname));
5986 notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
5988 rename_open_files(conn, lck, newname);
5991 * A rename acts as a new file create w.r.t. allowing an initial delete
5992 * on close, probably because in Windows there is a new handle to the
5993 * new file. If initial delete on close was requested but not
5994 * originally set, we need to set it here. This is probably not 100% correct,
5995 * but will work for the CIFSFS client which in non-posix mode
5996 * depends on these semantics. JRA.
5999 if (create_options & FILE_DELETE_ON_CLOSE) {
6000 status = can_set_delete_on_close(fsp, True, 0);
6002 if (NT_STATUS_IS_OK(status)) {
6003 /* Note that here we set the *inital* delete on close flag,
6004 * not the regular one. The magic gets handled in close. */
6005 fsp->initial_delete_on_close = True;
6009 return NT_STATUS_OK;
6014 if (errno == ENOTDIR || errno == EISDIR) {
6015 status = NT_STATUS_OBJECT_NAME_COLLISION;
6017 status = map_nt_error_from_unix(errno);
6020 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
6021 nt_errstr(status), fsp->fsp_name,newname));
6026 /****************************************************************************
6027 The guts of the rename command, split out so it may be called by the NT SMB
6029 ****************************************************************************/
6031 NTSTATUS rename_internals(TALLOC_CTX *ctx,
6032 connection_struct *conn,
6033 struct smb_request *req,
6034 const char *name_in,
6035 const char *newname_in,
6037 bool replace_if_exists,
6040 uint32_t access_mask)
6042 struct smb_filename *smb_fname_src = NULL;
6043 struct smb_filename *smb_fname_dst = NULL;
6044 char *fname_src_dir = NULL;
6045 char *fname_src_mask = NULL;
6047 NTSTATUS status = NT_STATUS_OK;
6048 struct smb_Dir *dir_hnd = NULL;
6051 int create_options = 0;
6052 bool posix_pathnames = lp_posix_pathnames();
6054 status = unix_convert(ctx, conn, name_in, &smb_fname_src,
6055 src_has_wild ? UCF_ALLOW_WCARD_LCOMP : 0);
6056 if (!NT_STATUS_IS_OK(status)) {
6060 status = unix_convert(ctx, conn, newname_in, &smb_fname_dst,
6062 (dest_has_wild ? UCF_ALLOW_WCARD_LCOMP : 0)));
6063 if (!NT_STATUS_IS_OK(status)) {
6068 * Split the old name into directory and last component
6069 * strings. Note that unix_convert may have stripped off a
6070 * leading ./ from both name and newname if the rename is
6071 * at the root of the share. We need to make sure either both
6072 * name and newname contain a / character or neither of them do
6073 * as this is checked in resolve_wildcards().
6076 /* Split up the directory from the filename/mask. */
6077 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6078 &fname_src_dir, &fname_src_mask);
6079 if (!NT_STATUS_IS_OK(status)) {
6080 status = NT_STATUS_NO_MEMORY;
6085 * We should only check the mangled cache
6086 * here if unix_convert failed. This means
6087 * that the path in 'mask' doesn't exist
6088 * on the file system and so we need to look
6089 * for a possible mangle. This patch from
6090 * Tine Smukavec <valentin.smukavec@hermes.si>.
6093 if (!VALID_STAT(smb_fname_src->st) &&
6094 mangle_is_mangled(fname_src_mask, conn->params)) {
6095 char *new_mask = NULL;
6096 mangle_lookup_name_from_8_3(ctx, fname_src_mask, &new_mask,
6099 TALLOC_FREE(fname_src_mask);
6100 fname_src_mask = new_mask;
6104 if (!src_has_wild) {
6106 char *fname_src = NULL;
6107 char *fname_dst = NULL;
6110 * Only one file needs to be renamied. Append the mask back
6111 * onto the directory.
6113 TALLOC_FREE(smb_fname_src->base_name);
6114 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6118 if (!smb_fname_src->base_name) {
6119 status = NT_STATUS_NO_MEMORY;
6123 /* Ensure dst fname contains a '/' also */
6124 if(strrchr_m(smb_fname_dst->base_name, '/') == 0) {
6126 tmp = talloc_asprintf(smb_fname_dst, "./%s",
6127 smb_fname_dst->base_name);
6129 status = NT_STATUS_NO_MEMORY;
6132 TALLOC_FREE(smb_fname_dst->base_name);
6133 smb_fname_dst->base_name = tmp;
6136 DEBUG(3, ("rename_internals: case_sensitive = %d, "
6137 "case_preserve = %d, short case preserve = %d, "
6138 "directory = %s, newname = %s, "
6139 "last_component_dest = %s\n",
6140 conn->case_sensitive, conn->case_preserve,
6141 conn->short_case_preserve,
6142 smb_fname_str_dbg(smb_fname_src),
6143 smb_fname_str_dbg(smb_fname_dst),
6144 smb_fname_dst->original_lcomp));
6146 /* The dest name still may have wildcards. */
6147 if (dest_has_wild) {
6148 char *fname_dst_mod = NULL;
6149 if (!resolve_wildcards(smb_fname_dst,
6150 smb_fname_src->base_name,
6151 smb_fname_dst->base_name,
6153 DEBUG(6, ("rename_internals: resolve_wildcards "
6155 smb_fname_src->base_name,
6156 smb_fname_dst->base_name));
6157 status = NT_STATUS_NO_MEMORY;
6160 TALLOC_FREE(smb_fname_dst->base_name);
6161 smb_fname_dst->base_name = fname_dst_mod;
6164 status = get_full_smb_filename(ctx, smb_fname_src, &fname_src);
6165 if (!NT_STATUS_IS_OK(status)) {
6169 ZERO_STRUCT(smb_fname_src->st);
6170 if (posix_pathnames) {
6171 SMB_VFS_LSTAT(conn, fname_src, &smb_fname_src->st);
6173 SMB_VFS_STAT(conn, fname_src, &smb_fname_src->st);
6176 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6177 create_options |= FILE_DIRECTORY_FILE;
6180 TALLOC_FREE(fname_src);
6182 status = SMB_VFS_CREATE_FILE(
6185 0, /* root_dir_fid */
6186 smb_fname_src, /* fname */
6187 access_mask, /* access_mask */
6188 (FILE_SHARE_READ | /* share_access */
6190 FILE_OPEN, /* create_disposition*/
6191 create_options, /* create_options */
6192 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6193 0, /* oplock_request */
6194 0, /* allocation_size */
6200 if (!NT_STATUS_IS_OK(status)) {
6201 DEBUG(3, ("Could not open rename source %s: %s\n",
6202 smb_fname_str_dbg(smb_fname_src),
6203 nt_errstr(status)));
6207 status = get_full_smb_filename(ctx, smb_fname_dst, &fname_dst);
6208 if (!NT_STATUS_IS_OK(status)) {
6209 TALLOC_FREE(fname_src);
6213 status = rename_internals_fsp(conn, fsp, fname_dst,
6214 smb_fname_dst->original_lcomp,
6215 attrs, replace_if_exists);
6217 TALLOC_FREE(fname_dst);
6219 close_file(req, fsp, NORMAL_CLOSE);
6221 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6222 nt_errstr(status), smb_fname_str_dbg(smb_fname_src),
6223 smb_fname_str_dbg(smb_fname_dst)));
6229 * Wildcards - process each file that matches.
6231 if (strequal(fname_src_mask, "????????.???")) {
6232 TALLOC_FREE(fname_src_mask);
6233 fname_src_mask = talloc_strdup(ctx, "*");
6234 if (!fname_src_mask) {
6235 status = NT_STATUS_NO_MEMORY;
6240 status = check_name(conn, fname_src_dir);
6241 if (!NT_STATUS_IS_OK(status)) {
6245 dir_hnd = OpenDir(talloc_tos(), conn, fname_src_dir, fname_src_mask,
6247 if (dir_hnd == NULL) {
6248 status = map_nt_error_from_unix(errno);
6252 status = NT_STATUS_NO_SUCH_FILE;
6254 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6255 * - gentest fix. JRA
6258 while ((dname = ReadDirName(dir_hnd, &offset, &smb_fname_src->st))) {
6259 files_struct *fsp = NULL;
6260 char *fname_src = NULL;
6261 char *fname_dst = NULL;
6262 char *destname = NULL;
6263 bool sysdir_entry = False;
6265 /* Quick check for "." and ".." */
6266 if (ISDOT(dname) || ISDOTDOT(dname)) {
6268 sysdir_entry = True;
6274 if (!is_visible_file(conn, fname_src_dir, dname,
6275 &smb_fname_src->st, false)) {
6279 if(!mask_match(dname, fname_src_mask, conn->case_sensitive)) {
6284 status = NT_STATUS_OBJECT_NAME_INVALID;
6288 TALLOC_FREE(smb_fname_src->base_name);
6289 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6293 if (!smb_fname_src->base_name) {
6294 status = NT_STATUS_NO_MEMORY;
6298 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
6299 smb_fname_dst->base_name,
6301 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6302 smb_fname_src->base_name, destname));
6306 status = NT_STATUS_NO_MEMORY;
6310 TALLOC_FREE(smb_fname_dst->base_name);
6311 smb_fname_dst->base_name = destname;
6313 status = get_full_smb_filename(ctx, smb_fname_src, &fname_src);
6314 if (!NT_STATUS_IS_OK(status)) {
6318 ZERO_STRUCT(smb_fname_src->st);
6319 if (posix_pathnames) {
6320 SMB_VFS_LSTAT(conn, fname_src, &smb_fname_src->st);
6322 SMB_VFS_STAT(conn, fname_src, &smb_fname_src->st);
6325 TALLOC_FREE(fname_src);
6329 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6330 create_options |= FILE_DIRECTORY_FILE;
6333 status = SMB_VFS_CREATE_FILE(
6336 0, /* root_dir_fid */
6337 smb_fname_src, /* fname */
6338 access_mask, /* access_mask */
6339 (FILE_SHARE_READ | /* share_access */
6341 FILE_OPEN, /* create_disposition*/
6342 create_options, /* create_options */
6343 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6344 0, /* oplock_request */
6345 0, /* allocation_size */
6351 if (!NT_STATUS_IS_OK(status)) {
6352 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6353 "returned %s rename %s -> %s\n",
6355 smb_fname_str_dbg(smb_fname_src),
6356 smb_fname_str_dbg(smb_fname_dst)));
6360 status = get_full_smb_filename(ctx, smb_fname_dst, &fname_dst);
6361 if (!NT_STATUS_IS_OK(status)) {
6365 status = rename_internals_fsp(conn, fsp, fname_dst, dname,
6366 attrs, replace_if_exists);
6368 TALLOC_FREE(fname_dst);
6370 close_file(req, fsp, NORMAL_CLOSE);
6372 if (!NT_STATUS_IS_OK(status)) {
6373 DEBUG(3, ("rename_internals_fsp returned %s for "
6374 "rename %s -> %s\n", nt_errstr(status),
6375 smb_fname_str_dbg(smb_fname_src),
6376 smb_fname_str_dbg(smb_fname_dst)));
6382 DEBUG(3,("rename_internals: doing rename on %s -> "
6383 "%s\n", smb_fname_str_dbg(smb_fname_src),
6384 smb_fname_str_dbg(smb_fname_src)));
6387 TALLOC_FREE(dir_hnd);
6389 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6390 status = map_nt_error_from_unix(errno);
6394 TALLOC_FREE(smb_fname_src);
6395 TALLOC_FREE(smb_fname_dst);
6396 TALLOC_FREE(fname_src_dir);
6397 TALLOC_FREE(fname_src_mask);
6401 /****************************************************************************
6403 ****************************************************************************/
6405 void reply_mv(struct smb_request *req)
6407 connection_struct *conn = req->conn;
6409 char *newname = NULL;
6413 bool src_has_wcard = False;
6414 bool dest_has_wcard = False;
6415 TALLOC_CTX *ctx = talloc_tos();
6417 START_PROFILE(SMBmv);
6420 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6425 attrs = SVAL(req->vwv+0, 0);
6427 p = (const char *)req->buf + 1;
6428 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6429 &status, &src_has_wcard);
6430 if (!NT_STATUS_IS_OK(status)) {
6431 reply_nterror(req, status);
6436 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6437 &status, &dest_has_wcard);
6438 if (!NT_STATUS_IS_OK(status)) {
6439 reply_nterror(req, status);
6444 status = resolve_dfspath_wcard(ctx, conn,
6445 req->flags2 & FLAGS2_DFS_PATHNAMES,
6449 if (!NT_STATUS_IS_OK(status)) {
6450 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6451 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6452 ERRSRV, ERRbadpath);
6456 reply_nterror(req, status);
6461 status = resolve_dfspath_wcard(ctx, conn,
6462 req->flags2 & FLAGS2_DFS_PATHNAMES,
6466 if (!NT_STATUS_IS_OK(status)) {
6467 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6468 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6469 ERRSRV, ERRbadpath);
6473 reply_nterror(req, status);
6478 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
6480 status = rename_internals(ctx, conn, req, name, newname, attrs, False,
6481 src_has_wcard, dest_has_wcard, DELETE_ACCESS);
6482 if (!NT_STATUS_IS_OK(status)) {
6483 if (open_was_deferred(req->mid)) {
6484 /* We have re-scheduled this call. */
6488 reply_nterror(req, status);
6493 reply_outbuf(req, 0, 0);
6499 /*******************************************************************
6500 Copy a file as part of a reply_copy.
6501 ******************************************************************/
6504 * TODO: check error codes on all callers
6507 NTSTATUS copy_file(TALLOC_CTX *ctx,
6508 connection_struct *conn,
6509 struct smb_filename *smb_fname_src,
6510 struct smb_filename *smb_fname_dst,
6513 bool target_is_directory)
6515 struct smb_filename *smb_fname_dst_tmp = NULL;
6516 char *fname_src = NULL;
6517 char *fname_dst = NULL;
6519 files_struct *fsp1,*fsp2;
6521 uint32 new_create_disposition;
6525 status = copy_smb_filename(ctx, smb_fname_dst, &smb_fname_dst_tmp);
6526 if (!NT_STATUS_IS_OK(status)) {
6531 * If the target is a directory, extract the last component from the
6532 * src filename and append it to the dst filename
6534 if (target_is_directory) {
6537 /* dest/target can't be a stream if it's a directory. */
6538 SMB_ASSERT(smb_fname_dst->stream_name == NULL);
6540 p = strrchr_m(smb_fname_src->base_name,'/');
6544 p = smb_fname_src->base_name;
6546 smb_fname_dst_tmp->base_name =
6547 talloc_asprintf_append(smb_fname_dst_tmp->base_name, "/%s",
6549 if (!smb_fname_dst_tmp->base_name) {
6550 status = NT_STATUS_NO_MEMORY;
6555 status = vfs_file_exist(conn, smb_fname_src);
6556 if (!NT_STATUS_IS_OK(status)) {
6560 if (!target_is_directory && count) {
6561 new_create_disposition = FILE_OPEN;
6563 if (!map_open_params_to_ntcreate(smb_fname_dst_tmp->base_name,
6564 0, ofun, NULL, NULL,
6565 &new_create_disposition,
6567 status = NT_STATUS_INVALID_PARAMETER;
6572 /* Open the src file for reading. */
6573 status = SMB_VFS_CREATE_FILE(
6576 0, /* root_dir_fid */
6577 smb_fname_src, /* fname */
6578 FILE_GENERIC_READ, /* access_mask */
6579 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6580 FILE_OPEN, /* create_disposition*/
6581 0, /* create_options */
6582 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6583 INTERNAL_OPEN_ONLY, /* oplock_request */
6584 0, /* allocation_size */
6590 if (!NT_STATUS_IS_OK(status)) {
6594 status = get_full_smb_filename(talloc_tos(), smb_fname_src, &fname_src);
6595 if (!NT_STATUS_IS_OK(status)) {
6599 dosattrs = dos_mode(conn, fname_src, &smb_fname_src->st);
6601 TALLOC_FREE(fname_src);
6603 status = get_full_smb_filename(talloc_tos(), smb_fname_dst_tmp, &fname_dst);
6604 if (!NT_STATUS_IS_OK(status)) {
6608 if (SMB_VFS_STAT(conn, fname_dst, &smb_fname_dst_tmp->st) == -1) {
6609 ZERO_STRUCTP(&smb_fname_dst_tmp->st);
6612 TALLOC_FREE(fname_dst);
6614 /* Open the dst file for writing. */
6615 status = SMB_VFS_CREATE_FILE(
6618 0, /* root_dir_fid */
6619 smb_fname_dst, /* fname */
6620 FILE_GENERIC_WRITE, /* access_mask */
6621 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6622 new_create_disposition, /* create_disposition*/
6623 0, /* create_options */
6624 dosattrs, /* file_attributes */
6625 INTERNAL_OPEN_ONLY, /* oplock_request */
6626 0, /* allocation_size */
6632 if (!NT_STATUS_IS_OK(status)) {
6633 close_file(NULL, fsp1, ERROR_CLOSE);
6637 if ((ofun&3) == 1) {
6638 if(SMB_VFS_LSEEK(fsp2,0,SEEK_END) == -1) {
6639 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
6641 * Stop the copy from occurring.
6644 smb_fname_src->st.st_ex_size = 0;
6648 /* Do the actual copy. */
6649 if (smb_fname_src->st.st_ex_size) {
6650 ret = vfs_transfer_file(fsp1, fsp2, smb_fname_src->st.st_ex_size);
6653 close_file(NULL, fsp1, NORMAL_CLOSE);
6655 /* Ensure the modtime is set correctly on the destination file. */
6656 set_close_write_time(fsp2, smb_fname_src->st.st_ex_mtime);
6659 * As we are opening fsp1 read-only we only expect
6660 * an error on close on fsp2 if we are out of space.
6661 * Thus we don't look at the error return from the
6664 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6666 if (!NT_STATUS_IS_OK(status)) {
6670 if (ret != (SMB_OFF_T)smb_fname_src->st.st_ex_size) {
6671 status = NT_STATUS_DISK_FULL;
6675 status = NT_STATUS_OK;
6678 TALLOC_FREE(smb_fname_dst_tmp);
6682 /****************************************************************************
6683 Reply to a file copy.
6684 ****************************************************************************/
6686 void reply_copy(struct smb_request *req)
6688 connection_struct *conn = req->conn;
6689 struct smb_filename *smb_fname_src = NULL;
6690 struct smb_filename *smb_fname_dst = NULL;
6691 char *fname_src = NULL;
6692 char *fname_dst = NULL;
6693 char *fname_src_mask = NULL;
6694 char *fname_src_dir = NULL;
6697 int error = ERRnoaccess;
6702 bool target_is_directory=False;
6703 bool source_has_wild = False;
6704 bool dest_has_wild = False;
6706 TALLOC_CTX *ctx = talloc_tos();
6708 START_PROFILE(SMBcopy);
6711 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6715 tid2 = SVAL(req->vwv+0, 0);
6716 ofun = SVAL(req->vwv+1, 0);
6717 flags = SVAL(req->vwv+2, 0);
6719 p = (const char *)req->buf;
6720 p += srvstr_get_path_req_wcard(ctx, req, &fname_src, p, STR_TERMINATE,
6721 &status, &source_has_wild);
6722 if (!NT_STATUS_IS_OK(status)) {
6723 reply_nterror(req, status);
6726 p += srvstr_get_path_req_wcard(ctx, req, &fname_dst, p, STR_TERMINATE,
6727 &status, &dest_has_wild);
6728 if (!NT_STATUS_IS_OK(status)) {
6729 reply_nterror(req, status);
6733 DEBUG(3,("reply_copy : %s -> %s\n", fname_src, fname_dst));
6735 if (tid2 != conn->cnum) {
6736 /* can't currently handle inter share copies XXXX */
6737 DEBUG(3,("Rejecting inter-share copy\n"));
6738 reply_doserror(req, ERRSRV, ERRinvdevice);
6742 status = resolve_dfspath_wcard(ctx, conn,
6743 req->flags2 & FLAGS2_DFS_PATHNAMES,
6747 if (!NT_STATUS_IS_OK(status)) {
6748 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6749 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6750 ERRSRV, ERRbadpath);
6753 reply_nterror(req, status);
6757 status = resolve_dfspath_wcard(ctx, conn,
6758 req->flags2 & FLAGS2_DFS_PATHNAMES,
6762 if (!NT_STATUS_IS_OK(status)) {
6763 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6764 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6765 ERRSRV, ERRbadpath);
6768 reply_nterror(req, status);
6772 status = unix_convert(ctx, conn, fname_src, &smb_fname_src,
6773 source_has_wild ? UCF_ALLOW_WCARD_LCOMP : 0);
6774 if (!NT_STATUS_IS_OK(status)) {
6775 reply_nterror(req, status);
6779 status = unix_convert(ctx, conn, fname_dst, &smb_fname_dst,
6780 dest_has_wild ? UCF_ALLOW_WCARD_LCOMP : 0);
6781 if (!NT_STATUS_IS_OK(status)) {
6782 reply_nterror(req, status);
6786 target_is_directory = VALID_STAT_OF_DIR(smb_fname_dst->st);
6788 if ((flags&1) && target_is_directory) {
6789 reply_doserror(req, ERRDOS, ERRbadfile);
6793 if ((flags&2) && !target_is_directory) {
6794 reply_doserror(req, ERRDOS, ERRbadpath);
6798 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(smb_fname_src->st)) {
6799 /* wants a tree copy! XXXX */
6800 DEBUG(3,("Rejecting tree copy\n"));
6801 reply_doserror(req, ERRSRV, ERRerror);
6805 /* Split up the directory from the filename/mask. */
6806 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6807 &fname_src_dir, &fname_src_mask);
6808 if (!NT_STATUS_IS_OK(status)) {
6809 reply_nterror(req, NT_STATUS_NO_MEMORY);
6814 * We should only check the mangled cache
6815 * here if unix_convert failed. This means
6816 * that the path in 'mask' doesn't exist
6817 * on the file system and so we need to look
6818 * for a possible mangle. This patch from
6819 * Tine Smukavec <valentin.smukavec@hermes.si>.
6821 if (!VALID_STAT(smb_fname_src->st) &&
6822 mangle_is_mangled(fname_src_mask, conn->params)) {
6823 char *new_mask = NULL;
6824 mangle_lookup_name_from_8_3(ctx, fname_src_mask,
6825 &new_mask, conn->params);
6827 /* Use demangled name if one was successfully found. */
6829 TALLOC_FREE(fname_src_mask);
6830 fname_src_mask = new_mask;
6834 if (!source_has_wild) {
6837 * Only one file needs to be copied. Append the mask back onto
6840 TALLOC_FREE(smb_fname_src->base_name);
6841 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6845 if (!smb_fname_src->base_name) {
6846 reply_nterror(req, NT_STATUS_NO_MEMORY);
6850 if (dest_has_wild) {
6851 char *fname_dst_mod = NULL;
6852 if (!resolve_wildcards(smb_fname_dst,
6853 smb_fname_src->base_name,
6854 smb_fname_dst->base_name,
6856 reply_nterror(req, NT_STATUS_NO_MEMORY);
6859 TALLOC_FREE(smb_fname_dst->base_name);
6860 smb_fname_dst->base_name = fname_dst_mod;
6863 status = check_name(conn, smb_fname_src->base_name);
6864 if (!NT_STATUS_IS_OK(status)) {
6865 reply_nterror(req, status);
6869 status = check_name(conn, smb_fname_dst->base_name);
6870 if (!NT_STATUS_IS_OK(status)) {
6871 reply_nterror(req, status);
6875 status = copy_file(ctx, conn, smb_fname_src, smb_fname_dst,
6876 ofun, count, target_is_directory);
6878 if(!NT_STATUS_IS_OK(status)) {
6879 reply_nterror(req, status);
6885 struct smb_Dir *dir_hnd = NULL;
6886 const char *dname = NULL;
6890 * There is a wildcard that requires us to actually read the
6891 * src dir and copy each file matching the mask to the dst.
6892 * Right now streams won't be copied, but this could
6893 * presumably be added with a nested loop for reach dir entry.
6895 SMB_ASSERT(!smb_fname_src->stream_name);
6896 SMB_ASSERT(!smb_fname_dst->stream_name);
6898 smb_fname_src->stream_name = NULL;
6899 smb_fname_dst->stream_name = NULL;
6901 if (strequal(fname_src_mask,"????????.???")) {
6902 TALLOC_FREE(fname_src_mask);
6903 fname_src_mask = talloc_strdup(ctx, "*");
6904 if (!fname_src_mask) {
6905 reply_nterror(req, NT_STATUS_NO_MEMORY);
6910 status = check_name(conn, fname_src_dir);
6911 if (!NT_STATUS_IS_OK(status)) {
6912 reply_nterror(req, status);
6916 dir_hnd = OpenDir(ctx, conn, fname_src_dir, fname_src_mask, 0);
6917 if (dir_hnd == NULL) {
6918 status = map_nt_error_from_unix(errno);
6919 reply_nterror(req, status);
6925 /* Iterate over the src dir copying each entry to the dst. */
6926 while ((dname = ReadDirName(dir_hnd, &offset,
6927 &smb_fname_src->st))) {
6928 char *destname = NULL;
6930 if (ISDOT(dname) || ISDOTDOT(dname)) {
6934 if (!is_visible_file(conn, fname_src_dir, dname,
6935 &smb_fname_src->st, false)) {
6939 if(!mask_match(dname, fname_src_mask,
6940 conn->case_sensitive)) {
6944 error = ERRnoaccess;
6946 /* Get the src smb_fname struct setup. */
6947 TALLOC_FREE(smb_fname_src->base_name);
6948 smb_fname_src->base_name =
6949 talloc_asprintf(smb_fname_src, "%s/%s",
6950 fname_src_dir, dname);
6952 if (!smb_fname_src->base_name) {
6953 TALLOC_FREE(dir_hnd);
6954 reply_nterror(req, NT_STATUS_NO_MEMORY);
6958 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
6959 smb_fname_dst->base_name,
6964 TALLOC_FREE(dir_hnd);
6965 reply_nterror(req, NT_STATUS_NO_MEMORY);
6969 TALLOC_FREE(smb_fname_dst->base_name);
6970 smb_fname_dst->base_name = destname;
6972 status = check_name(conn, smb_fname_src->base_name);
6973 if (!NT_STATUS_IS_OK(status)) {
6974 TALLOC_FREE(dir_hnd);
6975 reply_nterror(req, status);
6979 status = check_name(conn, smb_fname_dst->base_name);
6980 if (!NT_STATUS_IS_OK(status)) {
6981 TALLOC_FREE(dir_hnd);
6982 reply_nterror(req, status);
6986 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",
6987 smb_fname_src->base_name,
6988 smb_fname_dst->base_name));
6990 status = copy_file(ctx, conn, smb_fname_src,
6991 smb_fname_dst, ofun, count,
6992 target_is_directory);
6993 if (NT_STATUS_IS_OK(status)) {
6997 TALLOC_FREE(dir_hnd);
7002 /* Error on close... */
7004 reply_unixerror(req, ERRHRD, ERRgeneral);
7008 reply_doserror(req, ERRDOS, error);
7012 reply_outbuf(req, 1, 0);
7013 SSVAL(req->outbuf,smb_vwv0,count);
7015 TALLOC_FREE(smb_fname_src);
7016 TALLOC_FREE(smb_fname_dst);
7017 TALLOC_FREE(fname_src);
7018 TALLOC_FREE(fname_dst);
7019 TALLOC_FREE(fname_src_mask);
7020 TALLOC_FREE(fname_src_dir);
7022 END_PROFILE(SMBcopy);
7027 #define DBGC_CLASS DBGC_LOCKING
7029 /****************************************************************************
7030 Get a lock pid, dealing with large count requests.
7031 ****************************************************************************/
7033 uint32 get_lock_pid(const uint8_t *data, int data_offset,
7034 bool large_file_format)
7036 if(!large_file_format)
7037 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
7039 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
7042 /****************************************************************************
7043 Get a lock count, dealing with large count requests.
7044 ****************************************************************************/
7046 uint64_t get_lock_count(const uint8_t *data, int data_offset,
7047 bool large_file_format)
7051 if(!large_file_format) {
7052 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
7055 #if defined(HAVE_LONGLONG)
7056 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
7057 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
7058 #else /* HAVE_LONGLONG */
7061 * NT4.x seems to be broken in that it sends large file (64 bit)
7062 * lockingX calls even if the CAP_LARGE_FILES was *not*
7063 * negotiated. For boxes without large unsigned ints truncate the
7064 * lock count by dropping the top 32 bits.
7067 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
7068 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
7069 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
7070 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
7071 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
7074 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
7075 #endif /* HAVE_LONGLONG */
7081 #if !defined(HAVE_LONGLONG)
7082 /****************************************************************************
7083 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
7084 ****************************************************************************/
7086 static uint32 map_lock_offset(uint32 high, uint32 low)
7090 uint32 highcopy = high;
7093 * Try and find out how many significant bits there are in high.
7096 for(i = 0; highcopy; i++)
7100 * We use 31 bits not 32 here as POSIX
7101 * lock offsets may not be negative.
7104 mask = (~0) << (31 - i);
7107 return 0; /* Fail. */
7113 #endif /* !defined(HAVE_LONGLONG) */
7115 /****************************************************************************
7116 Get a lock offset, dealing with large offset requests.
7117 ****************************************************************************/
7119 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
7120 bool large_file_format, bool *err)
7122 uint64_t offset = 0;
7126 if(!large_file_format) {
7127 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
7130 #if defined(HAVE_LONGLONG)
7131 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
7132 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
7133 #else /* HAVE_LONGLONG */
7136 * NT4.x seems to be broken in that it sends large file (64 bit)
7137 * lockingX calls even if the CAP_LARGE_FILES was *not*
7138 * negotiated. For boxes without large unsigned ints mangle the
7139 * lock offset by mapping the top 32 bits onto the lower 32.
7142 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
7143 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7144 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
7147 if((new_low = map_lock_offset(high, low)) == 0) {
7149 return (uint64_t)-1;
7152 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
7153 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
7154 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
7155 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
7158 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7159 #endif /* HAVE_LONGLONG */
7165 /****************************************************************************
7166 Reply to a lockingX request.
7167 ****************************************************************************/
7169 void reply_lockingX(struct smb_request *req)
7171 connection_struct *conn = req->conn;
7173 unsigned char locktype;
7174 unsigned char oplocklevel;
7177 uint64_t count = 0, offset = 0;
7181 const uint8_t *data;
7182 bool large_file_format;
7184 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
7186 START_PROFILE(SMBlockingX);
7189 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7190 END_PROFILE(SMBlockingX);
7194 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
7195 locktype = CVAL(req->vwv+3, 0);
7196 oplocklevel = CVAL(req->vwv+3, 1);
7197 num_ulocks = SVAL(req->vwv+6, 0);
7198 num_locks = SVAL(req->vwv+7, 0);
7199 lock_timeout = IVAL(req->vwv+4, 0);
7200 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
7202 if (!check_fsp(conn, req, fsp)) {
7203 END_PROFILE(SMBlockingX);
7209 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
7210 /* we don't support these - and CANCEL_LOCK makes w2k
7211 and XP reboot so I don't really want to be
7212 compatible! (tridge) */
7213 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
7214 END_PROFILE(SMBlockingX);
7218 /* Check if this is an oplock break on a file
7219 we have granted an oplock on.
7221 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
7222 /* Client can insist on breaking to none. */
7223 bool break_to_none = (oplocklevel == 0);
7226 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
7227 "for fnum = %d\n", (unsigned int)oplocklevel,
7231 * Make sure we have granted an exclusive or batch oplock on
7235 if (fsp->oplock_type == 0) {
7237 /* The Samba4 nbench simulator doesn't understand
7238 the difference between break to level2 and break
7239 to none from level2 - it sends oplock break
7240 replies in both cases. Don't keep logging an error
7241 message here - just ignore it. JRA. */
7243 DEBUG(5,("reply_lockingX: Error : oplock break from "
7244 "client for fnum = %d (oplock=%d) and no "
7245 "oplock granted on this file (%s).\n",
7246 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
7248 /* if this is a pure oplock break request then don't
7250 if (num_locks == 0 && num_ulocks == 0) {
7251 END_PROFILE(SMBlockingX);
7254 END_PROFILE(SMBlockingX);
7255 reply_doserror(req, ERRDOS, ERRlock);
7260 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
7262 result = remove_oplock(fsp);
7264 result = downgrade_oplock(fsp);
7268 DEBUG(0, ("reply_lockingX: error in removing "
7269 "oplock on file %s\n", fsp->fsp_name));
7270 /* Hmmm. Is this panic justified? */
7271 smb_panic("internal tdb error");
7274 reply_to_oplock_break_requests(fsp);
7276 /* if this is a pure oplock break request then don't send a
7278 if (num_locks == 0 && num_ulocks == 0) {
7279 /* Sanity check - ensure a pure oplock break is not a
7281 if(CVAL(req->vwv+0, 0) != 0xff)
7282 DEBUG(0,("reply_lockingX: Error : pure oplock "
7283 "break is a chained %d request !\n",
7284 (unsigned int)CVAL(req->vwv+0, 0)));
7285 END_PROFILE(SMBlockingX);
7291 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
7292 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7293 END_PROFILE(SMBlockingX);
7297 /* Data now points at the beginning of the list
7298 of smb_unlkrng structs */
7299 for(i = 0; i < (int)num_ulocks; i++) {
7300 lock_pid = get_lock_pid( data, i, large_file_format);
7301 count = get_lock_count( data, i, large_file_format);
7302 offset = get_lock_offset( data, i, large_file_format, &err);
7305 * There is no error code marked "stupid client bug".... :-).
7308 END_PROFILE(SMBlockingX);
7309 reply_doserror(req, ERRDOS, ERRnoaccess);
7313 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
7314 "pid %u, file %s\n", (double)offset, (double)count,
7315 (unsigned int)lock_pid, fsp->fsp_name ));
7317 status = do_unlock(smbd_messaging_context(),
7324 DEBUG(10, ("reply_lockingX: unlock returned %s\n",
7325 nt_errstr(status)));
7327 if (NT_STATUS_V(status)) {
7328 END_PROFILE(SMBlockingX);
7329 reply_nterror(req, status);
7334 /* Setup the timeout in seconds. */
7336 if (!lp_blocking_locks(SNUM(conn))) {
7340 /* Now do any requested locks */
7341 data += ((large_file_format ? 20 : 10)*num_ulocks);
7343 /* Data now points at the beginning of the list
7344 of smb_lkrng structs */
7346 for(i = 0; i < (int)num_locks; i++) {
7347 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
7348 READ_LOCK:WRITE_LOCK);
7349 lock_pid = get_lock_pid( data, i, large_file_format);
7350 count = get_lock_count( data, i, large_file_format);
7351 offset = get_lock_offset( data, i, large_file_format, &err);
7354 * There is no error code marked "stupid client bug".... :-).
7357 END_PROFILE(SMBlockingX);
7358 reply_doserror(req, ERRDOS, ERRnoaccess);
7362 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
7363 "%u, file %s timeout = %d\n", (double)offset,
7364 (double)count, (unsigned int)lock_pid,
7365 fsp->fsp_name, (int)lock_timeout ));
7367 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7368 struct blocking_lock_record *blr = NULL;
7370 if (lp_blocking_locks(SNUM(conn))) {
7372 /* Schedule a message to ourselves to
7373 remove the blocking lock record and
7374 return the right error. */
7376 blr = blocking_lock_cancel(fsp,
7382 NT_STATUS_FILE_LOCK_CONFLICT);
7384 END_PROFILE(SMBlockingX);
7389 ERRcancelviolation));
7393 /* Remove a matching pending lock. */
7394 status = do_lock_cancel(fsp,
7401 bool blocking_lock = lock_timeout ? True : False;
7402 bool defer_lock = False;
7403 struct byte_range_lock *br_lck;
7404 uint32 block_smbpid;
7406 br_lck = do_lock(smbd_messaging_context(),
7418 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
7419 /* Windows internal resolution for blocking locks seems
7420 to be about 200ms... Don't wait for less than that. JRA. */
7421 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
7422 lock_timeout = lp_lock_spin_time();
7427 /* This heuristic seems to match W2K3 very well. If a
7428 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
7429 it pretends we asked for a timeout of between 150 - 300 milliseconds as
7430 far as I can tell. Replacement for do_lock_spin(). JRA. */
7432 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
7433 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
7435 lock_timeout = lp_lock_spin_time();
7438 if (br_lck && defer_lock) {
7440 * A blocking lock was requested. Package up
7441 * this smb into a queued request and push it
7442 * onto the blocking lock queue.
7444 if(push_blocking_lock_request(br_lck,
7455 TALLOC_FREE(br_lck);
7456 END_PROFILE(SMBlockingX);
7461 TALLOC_FREE(br_lck);
7464 if (NT_STATUS_V(status)) {
7465 END_PROFILE(SMBlockingX);
7466 reply_nterror(req, status);
7471 /* If any of the above locks failed, then we must unlock
7472 all of the previous locks (X/Open spec). */
7474 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
7478 * Ensure we don't do a remove on the lock that just failed,
7479 * as under POSIX rules, if we have a lock already there, we
7480 * will delete it (and we shouldn't) .....
7482 for(i--; i >= 0; i--) {
7483 lock_pid = get_lock_pid( data, i, large_file_format);
7484 count = get_lock_count( data, i, large_file_format);
7485 offset = get_lock_offset( data, i, large_file_format,
7489 * There is no error code marked "stupid client
7493 END_PROFILE(SMBlockingX);
7494 reply_doserror(req, ERRDOS, ERRnoaccess);
7498 do_unlock(smbd_messaging_context(),
7505 END_PROFILE(SMBlockingX);
7506 reply_nterror(req, status);
7510 reply_outbuf(req, 2, 0);
7512 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7513 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7515 END_PROFILE(SMBlockingX);
7520 #define DBGC_CLASS DBGC_ALL
7522 /****************************************************************************
7523 Reply to a SMBreadbmpx (read block multiplex) request.
7524 Always reply with an error, if someone has a platform really needs this,
7525 please contact vl@samba.org
7526 ****************************************************************************/
7528 void reply_readbmpx(struct smb_request *req)
7530 START_PROFILE(SMBreadBmpx);
7531 reply_doserror(req, ERRSRV, ERRuseSTD);
7532 END_PROFILE(SMBreadBmpx);
7536 /****************************************************************************
7537 Reply to a SMBreadbs (read block multiplex secondary) request.
7538 Always reply with an error, if someone has a platform really needs this,
7539 please contact vl@samba.org
7540 ****************************************************************************/
7542 void reply_readbs(struct smb_request *req)
7544 START_PROFILE(SMBreadBs);
7545 reply_doserror(req, ERRSRV, ERRuseSTD);
7546 END_PROFILE(SMBreadBs);
7550 /****************************************************************************
7551 Reply to a SMBsetattrE.
7552 ****************************************************************************/
7554 void reply_setattrE(struct smb_request *req)
7556 connection_struct *conn = req->conn;
7557 struct smb_file_time ft;
7559 SMB_STRUCT_STAT sbuf;
7562 START_PROFILE(SMBsetattrE);
7566 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7567 END_PROFILE(SMBsetattrE);
7571 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7573 if(!fsp || (fsp->conn != conn)) {
7574 reply_doserror(req, ERRDOS, ERRbadfid);
7575 END_PROFILE(SMBsetattrE);
7581 * Convert the DOS times into unix times.
7584 ft.atime = convert_time_t_to_timespec(
7585 srv_make_unix_date2(req->vwv+3));
7586 ft.mtime = convert_time_t_to_timespec(
7587 srv_make_unix_date2(req->vwv+5));
7588 ft.create_time = convert_time_t_to_timespec(
7589 srv_make_unix_date2(req->vwv+1));
7591 reply_outbuf(req, 0, 0);
7594 * Patch from Ray Frush <frush@engr.colostate.edu>
7595 * Sometimes times are sent as zero - ignore them.
7598 /* Ensure we have a valid stat struct for the source. */
7599 if (fsp->fh->fd != -1) {
7600 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
7601 status = map_nt_error_from_unix(errno);
7602 reply_nterror(req, status);
7603 END_PROFILE(SMBsetattrE);
7609 if (fsp->posix_open) {
7610 ret = SMB_VFS_LSTAT(conn, fsp->fsp_name, &sbuf);
7612 ret = SMB_VFS_STAT(conn, fsp->fsp_name, &sbuf);
7615 status = map_nt_error_from_unix(errno);
7616 reply_nterror(req, status);
7617 END_PROFILE(SMBsetattrE);
7622 status = smb_set_file_time(conn, fsp, fsp->fsp_name,
7624 if (!NT_STATUS_IS_OK(status)) {
7625 reply_doserror(req, ERRDOS, ERRnoaccess);
7626 END_PROFILE(SMBsetattrE);
7630 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7633 (unsigned int)ft.atime.tv_sec,
7634 (unsigned int)ft.mtime.tv_sec,
7635 (unsigned int)ft.create_time.tv_sec
7638 END_PROFILE(SMBsetattrE);
7643 /* Back from the dead for OS/2..... JRA. */
7645 /****************************************************************************
7646 Reply to a SMBwritebmpx (write block multiplex primary) request.
7647 Always reply with an error, if someone has a platform really needs this,
7648 please contact vl@samba.org
7649 ****************************************************************************/
7651 void reply_writebmpx(struct smb_request *req)
7653 START_PROFILE(SMBwriteBmpx);
7654 reply_doserror(req, ERRSRV, ERRuseSTD);
7655 END_PROFILE(SMBwriteBmpx);
7659 /****************************************************************************
7660 Reply to a SMBwritebs (write block multiplex secondary) request.
7661 Always reply with an error, if someone has a platform really needs this,
7662 please contact vl@samba.org
7663 ****************************************************************************/
7665 void reply_writebs(struct smb_request *req)
7667 START_PROFILE(SMBwriteBs);
7668 reply_doserror(req, ERRSRV, ERRuseSTD);
7669 END_PROFILE(SMBwriteBs);
7673 /****************************************************************************
7674 Reply to a SMBgetattrE.
7675 ****************************************************************************/
7677 void reply_getattrE(struct smb_request *req)
7679 connection_struct *conn = req->conn;
7680 SMB_STRUCT_STAT sbuf;
7683 struct timespec create_ts;
7685 START_PROFILE(SMBgetattrE);
7688 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7689 END_PROFILE(SMBgetattrE);
7693 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7695 if(!fsp || (fsp->conn != conn)) {
7696 reply_doserror(req, ERRDOS, ERRbadfid);
7697 END_PROFILE(SMBgetattrE);
7701 /* Do an fstat on this file */
7702 if(fsp_stat(fsp, &sbuf)) {
7703 reply_unixerror(req, ERRDOS, ERRnoaccess);
7704 END_PROFILE(SMBgetattrE);
7708 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
7711 * Convert the times into dos times. Set create
7712 * date to be last modify date as UNIX doesn't save
7716 reply_outbuf(req, 11, 0);
7718 create_ts = sbuf.st_ex_btime;
7719 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7720 srv_put_dos_date2((char *)req->outbuf, smb_vwv2,
7721 convert_timespec_to_time_t(sbuf.st_ex_atime));
7722 /* Should we check pending modtime here ? JRA */
7723 srv_put_dos_date2((char *)req->outbuf, smb_vwv4,
7724 convert_timespec_to_time_t(sbuf.st_ex_mtime));
7727 SIVAL(req->outbuf, smb_vwv6, 0);
7728 SIVAL(req->outbuf, smb_vwv8, 0);
7730 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &sbuf);
7731 SIVAL(req->outbuf, smb_vwv6, (uint32)sbuf.st_ex_size);
7732 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7734 SSVAL(req->outbuf,smb_vwv10, mode);
7736 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7738 END_PROFILE(SMBgetattrE);
git.samba.org / samba.git / blob