2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "smbd/globals.h"
30 extern enum protocol_types Protocol;
32 /****************************************************************************
33 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
34 path or anything including wildcards.
35 We're assuming here that '/' is not the second byte in any multibyte char
36 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
38 ****************************************************************************/
40 /* Custom version for processing POSIX paths. */
41 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
43 static NTSTATUS check_path_syntax_internal(char *path,
45 bool *p_last_component_contains_wcard)
49 NTSTATUS ret = NT_STATUS_OK;
50 bool start_of_name_component = True;
51 bool stream_started = false;
53 *p_last_component_contains_wcard = False;
60 return NT_STATUS_OBJECT_NAME_INVALID;
63 return NT_STATUS_OBJECT_NAME_INVALID;
65 if (strchr_m(&s[1], ':')) {
66 return NT_STATUS_OBJECT_NAME_INVALID;
68 if (StrCaseCmp(s, ":$DATA") != 0) {
69 return NT_STATUS_INVALID_PARAMETER;
75 if (!posix_path && !stream_started && *s == ':') {
76 if (*p_last_component_contains_wcard) {
77 return NT_STATUS_OBJECT_NAME_INVALID;
79 /* Stream names allow more characters than file names.
80 We're overloading posix_path here to allow a wider
81 range of characters. If stream_started is true this
82 is still a Windows path even if posix_path is true.
85 stream_started = true;
86 start_of_name_component = false;
90 return NT_STATUS_OBJECT_NAME_INVALID;
94 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
96 * Safe to assume is not the second part of a mb char
97 * as this is handled below.
99 /* Eat multiple '/' or '\\' */
100 while (IS_PATH_SEP(*s,posix_path)) {
103 if ((d != path) && (*s != '\0')) {
104 /* We only care about non-leading or trailing '/' or '\\' */
108 start_of_name_component = True;
110 *p_last_component_contains_wcard = False;
114 if (start_of_name_component) {
115 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
116 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
119 * No mb char starts with '.' so we're safe checking the directory separator here.
122 /* If we just added a '/' - delete it */
123 if ((d > path) && (*(d-1) == '/')) {
128 /* Are we at the start ? Can't go back further if so. */
130 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
133 /* Go back one level... */
134 /* We know this is safe as '/' cannot be part of a mb sequence. */
135 /* NOTE - if this assumption is invalid we are not in good shape... */
136 /* Decrement d first as d points to the *next* char to write into. */
137 for (d--; d > path; d--) {
141 s += 2; /* Else go past the .. */
142 /* We're still at the start of a name component, just the previous one. */
145 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
157 if (*s <= 0x1f || *s == '|') {
158 return NT_STATUS_OBJECT_NAME_INVALID;
166 *p_last_component_contains_wcard = True;
175 /* Get the size of the next MB character. */
176 next_codepoint(s,&siz);
194 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
196 return NT_STATUS_INVALID_PARAMETER;
199 start_of_name_component = False;
207 /****************************************************************************
208 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
209 No wildcards allowed.
210 ****************************************************************************/
212 NTSTATUS check_path_syntax(char *path)
215 return check_path_syntax_internal(path, False, &ignore);
218 /****************************************************************************
219 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
220 Wildcards allowed - p_contains_wcard returns true if the last component contained
222 ****************************************************************************/
224 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
226 return check_path_syntax_internal(path, False, p_contains_wcard);
229 /****************************************************************************
230 Check the path for a POSIX client.
231 We're assuming here that '/' is not the second byte in any multibyte char
232 set (a safe assumption).
233 ****************************************************************************/
235 NTSTATUS check_path_syntax_posix(char *path)
238 return check_path_syntax_internal(path, True, &ignore);
241 /****************************************************************************
242 Pull a string and check the path allowing a wilcard - provide for error return.
243 ****************************************************************************/
245 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
246 const char *base_ptr,
253 bool *contains_wcard)
259 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
263 *err = NT_STATUS_INVALID_PARAMETER;
267 *contains_wcard = False;
269 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err = check_path_syntax_posix(*pp_dest);
281 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
287 /****************************************************************************
288 Pull a string and check the path - provide for error return.
289 ****************************************************************************/
291 size_t srvstr_get_path(TALLOC_CTX *ctx,
292 const char *base_ptr,
301 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
302 src_len, flags, err, &ignore);
305 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
306 char **pp_dest, const char *src, int flags,
307 NTSTATUS *err, bool *contains_wcard)
309 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
310 pp_dest, src, smbreq_bufrem(req, src),
311 flags, err, contains_wcard);
314 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
315 char **pp_dest, const char *src, int flags,
319 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
320 flags, err, &ignore);
323 /****************************************************************************
324 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
325 ****************************************************************************/
327 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
330 if (!(fsp) || !(conn)) {
331 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
334 if (((conn) != (fsp)->conn) || req->vuid != (fsp)->vuid) {
335 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
341 /****************************************************************************
342 Check if we have a correct fsp pointing to a file.
343 ****************************************************************************/
345 bool check_fsp(connection_struct *conn, struct smb_request *req,
348 if (!check_fsp_open(conn, req, fsp)) {
351 if ((fsp)->is_directory) {
352 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
355 if ((fsp)->fh->fd == -1) {
356 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
359 (fsp)->num_smb_operations++;
363 /****************************************************************************
364 Check if we have a correct fsp pointing to a quota fake file. Replacement for
365 the CHECK_NTQUOTA_HANDLE_OK macro.
366 ****************************************************************************/
368 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
371 if (!check_fsp_open(conn, req, fsp)) {
375 if (fsp->is_directory) {
379 if (fsp->fake_file_handle == NULL) {
383 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
387 if (fsp->fake_file_handle->private_data == NULL) {
394 /****************************************************************************
395 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
396 ****************************************************************************/
398 bool fsp_belongs_conn(connection_struct *conn, struct smb_request *req,
401 if ((fsp) && (conn) && ((conn)==(fsp)->conn)
402 && (req->vuid == (fsp)->vuid)) {
406 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
410 static bool netbios_session_retarget(const char *name, int name_type)
413 char *trim_name_type;
414 const char *retarget_parm;
417 int retarget_type = 0x20;
418 int retarget_port = 139;
419 struct sockaddr_storage retarget_addr;
420 struct sockaddr_in *in_addr;
424 if (get_socket_port(smbd_server_fd()) != 139) {
428 trim_name = talloc_strdup(talloc_tos(), name);
429 if (trim_name == NULL) {
432 trim_char(trim_name, ' ', ' ');
434 trim_name_type = talloc_asprintf(trim_name, "%s#%2.2x", trim_name,
436 if (trim_name_type == NULL) {
440 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
441 trim_name_type, NULL);
442 if (retarget_parm == NULL) {
443 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
446 if (retarget_parm == NULL) {
450 retarget = talloc_strdup(trim_name, retarget_parm);
451 if (retarget == NULL) {
455 DEBUG(10, ("retargeting %s to %s\n", trim_name_type, retarget));
457 p = strchr(retarget, ':');
460 retarget_port = atoi(p);
463 p = strchr_m(retarget, '#');
466 sscanf(p, "%x", &retarget_type);
469 ret = resolve_name(retarget, &retarget_addr, retarget_type);
471 DEBUG(10, ("could not resolve %s\n", retarget));
475 if (retarget_addr.ss_family != AF_INET) {
476 DEBUG(10, ("Retarget target not an IPv4 addr\n"));
480 in_addr = (struct sockaddr_in *)(void *)&retarget_addr;
482 _smb_setlen(outbuf, 6);
483 SCVAL(outbuf, 0, 0x84);
484 *(uint32_t *)(outbuf+4) = in_addr->sin_addr.s_addr;
485 *(uint16_t *)(outbuf+8) = htons(retarget_port);
487 if (!srv_send_smb(smbd_server_fd(), (char *)outbuf, false, 0, false,
489 exit_server_cleanly("netbios_session_regarget: srv_send_smb "
495 TALLOC_FREE(trim_name);
499 /****************************************************************************
500 Reply to a (netbios-level) special message.
501 ****************************************************************************/
503 void reply_special(char *inbuf)
505 int msg_type = CVAL(inbuf,0);
506 int msg_flags = CVAL(inbuf,1);
508 char name_type1, name_type2;
509 struct smbd_server_connection *sconn = smbd_server_conn;
512 * We only really use 4 bytes of the outbuf, but for the smb_setlen
513 * calculation & friends (srv_send_smb uses that) we need the full smb
516 char outbuf[smb_size];
520 memset(outbuf, '\0', sizeof(outbuf));
522 smb_setlen(outbuf,0);
525 case 0x81: /* session request */
527 if (sconn->nbt.got_session) {
528 exit_server_cleanly("multiple session request not permitted");
531 SCVAL(outbuf,0,0x82);
533 if (name_len(inbuf+4) > 50 ||
534 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
535 DEBUG(0,("Invalid name length in session request\n"));
538 name_type1 = name_extract(inbuf,4,name1);
539 name_type2 = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
540 DEBUG(2,("netbios connect: name1=%s0x%x name2=%s0x%x\n",
541 name1, name_type1, name2, name_type2));
543 if (netbios_session_retarget(name1, name_type1)) {
544 exit_server_cleanly("retargeted client");
547 set_local_machine_name(name1, True);
548 set_remote_machine_name(name2, True);
550 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
551 get_local_machine_name(), get_remote_machine_name(),
554 if (name_type2 == 'R') {
555 /* We are being asked for a pathworks session ---
557 SCVAL(outbuf, 0,0x83);
561 /* only add the client's machine name to the list
562 of possibly valid usernames if we are operating
563 in share mode security */
564 if (lp_security() == SEC_SHARE) {
565 add_session_user(sconn, get_remote_machine_name());
568 reload_services(True);
571 sconn->nbt.got_session = true;
574 case 0x89: /* session keepalive request
575 (some old clients produce this?) */
576 SCVAL(outbuf,0,SMBkeepalive);
580 case 0x82: /* positive session response */
581 case 0x83: /* negative session response */
582 case 0x84: /* retarget session response */
583 DEBUG(0,("Unexpected session response\n"));
586 case SMBkeepalive: /* session keepalive */
591 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
592 msg_type, msg_flags));
594 srv_send_smb(smbd_server_fd(), outbuf, false, 0, false, NULL);
598 /****************************************************************************
600 conn POINTER CAN BE NULL HERE !
601 ****************************************************************************/
603 void reply_tcon(struct smb_request *req)
605 connection_struct *conn = req->conn;
607 char *service_buf = NULL;
608 char *password = NULL;
613 DATA_BLOB password_blob;
614 TALLOC_CTX *ctx = talloc_tos();
615 struct smbd_server_connection *sconn = smbd_server_conn;
617 START_PROFILE(SMBtcon);
619 if (req->buflen < 4) {
620 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
621 END_PROFILE(SMBtcon);
625 p = (const char *)req->buf + 1;
626 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
628 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
630 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
633 if (service_buf == NULL || password == NULL || dev == NULL) {
634 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
635 END_PROFILE(SMBtcon);
638 p = strrchr_m(service_buf,'\\');
642 service = service_buf;
645 password_blob = data_blob(password, pwlen+1);
647 conn = make_connection(sconn,service,password_blob,dev,
648 req->vuid,&nt_status);
651 data_blob_clear_free(&password_blob);
654 reply_nterror(req, nt_status);
655 END_PROFILE(SMBtcon);
659 reply_outbuf(req, 2, 0);
660 SSVAL(req->outbuf,smb_vwv0,sconn->smb1.negprot.max_recv);
661 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
662 SSVAL(req->outbuf,smb_tid,conn->cnum);
664 DEBUG(3,("tcon service=%s cnum=%d\n",
665 service, conn->cnum));
667 END_PROFILE(SMBtcon);
671 /****************************************************************************
672 Reply to a tcon and X.
673 conn POINTER CAN BE NULL HERE !
674 ****************************************************************************/
676 void reply_tcon_and_X(struct smb_request *req)
678 connection_struct *conn = req->conn;
679 const char *service = NULL;
681 TALLOC_CTX *ctx = talloc_tos();
682 /* what the cleint thinks the device is */
683 char *client_devicetype = NULL;
684 /* what the server tells the client the share represents */
685 const char *server_devicetype;
691 struct smbd_server_connection *sconn = smbd_server_conn;
693 START_PROFILE(SMBtconX);
696 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
697 END_PROFILE(SMBtconX);
701 passlen = SVAL(req->vwv+3, 0);
702 tcon_flags = SVAL(req->vwv+2, 0);
704 /* we might have to close an old one */
705 if ((tcon_flags & 0x1) && conn) {
706 close_cnum(sconn, conn,req->vuid);
711 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
712 reply_doserror(req, ERRDOS, ERRbuftoosmall);
713 END_PROFILE(SMBtconX);
717 if (sconn->smb1.negprot.encrypted_passwords) {
718 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
719 if (lp_security() == SEC_SHARE) {
721 * Security = share always has a pad byte
722 * after the password.
724 p = (const char *)req->buf + passlen + 1;
726 p = (const char *)req->buf + passlen;
729 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
730 /* Ensure correct termination */
731 password.data[passlen]=0;
732 p = (const char *)req->buf + passlen + 1;
735 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
738 data_blob_clear_free(&password);
739 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
740 END_PROFILE(SMBtconX);
745 * the service name can be either: \\server\share
746 * or share directly like on the DELL PowerVault 705
749 q = strchr_m(path+2,'\\');
751 data_blob_clear_free(&password);
752 reply_doserror(req, ERRDOS, ERRnosuchshare);
753 END_PROFILE(SMBtconX);
761 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
762 &client_devicetype, p,
763 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
765 if (client_devicetype == NULL) {
766 data_blob_clear_free(&password);
767 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
768 END_PROFILE(SMBtconX);
772 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
774 conn = make_connection(sconn, service, password, client_devicetype,
775 req->vuid, &nt_status);
778 data_blob_clear_free(&password);
781 reply_nterror(req, nt_status);
782 END_PROFILE(SMBtconX);
787 server_devicetype = "IPC";
788 else if ( IS_PRINT(conn) )
789 server_devicetype = "LPT1:";
791 server_devicetype = "A:";
793 if (Protocol < PROTOCOL_NT1) {
794 reply_outbuf(req, 2, 0);
795 if (message_push_string(&req->outbuf, server_devicetype,
796 STR_TERMINATE|STR_ASCII) == -1) {
797 reply_nterror(req, NT_STATUS_NO_MEMORY);
798 END_PROFILE(SMBtconX);
802 /* NT sets the fstype of IPC$ to the null string */
803 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
805 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
806 /* Return permissions. */
810 reply_outbuf(req, 7, 0);
813 perm1 = FILE_ALL_ACCESS;
814 perm2 = FILE_ALL_ACCESS;
816 perm1 = CAN_WRITE(conn) ?
821 SIVAL(req->outbuf, smb_vwv3, perm1);
822 SIVAL(req->outbuf, smb_vwv5, perm2);
824 reply_outbuf(req, 3, 0);
827 if ((message_push_string(&req->outbuf, server_devicetype,
828 STR_TERMINATE|STR_ASCII) == -1)
829 || (message_push_string(&req->outbuf, fstype,
830 STR_TERMINATE) == -1)) {
831 reply_nterror(req, NT_STATUS_NO_MEMORY);
832 END_PROFILE(SMBtconX);
836 /* what does setting this bit do? It is set by NT4 and
837 may affect the ability to autorun mounted cdroms */
838 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
839 (lp_csc_policy(SNUM(conn)) << 2));
841 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
842 DEBUG(2,("Serving %s as a Dfs root\n",
843 lp_servicename(SNUM(conn)) ));
844 SSVAL(req->outbuf, smb_vwv2,
845 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
850 DEBUG(3,("tconX service=%s \n",
853 /* set the incoming and outgoing tid to the just created one */
854 SSVAL(req->inbuf,smb_tid,conn->cnum);
855 SSVAL(req->outbuf,smb_tid,conn->cnum);
857 END_PROFILE(SMBtconX);
863 /****************************************************************************
864 Reply to an unknown type.
865 ****************************************************************************/
867 void reply_unknown_new(struct smb_request *req, uint8 type)
869 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
870 smb_fn_name(type), type, type));
871 reply_doserror(req, ERRSRV, ERRunknownsmb);
875 /****************************************************************************
877 conn POINTER CAN BE NULL HERE !
878 ****************************************************************************/
880 void reply_ioctl(struct smb_request *req)
882 connection_struct *conn = req->conn;
889 START_PROFILE(SMBioctl);
892 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
893 END_PROFILE(SMBioctl);
897 device = SVAL(req->vwv+1, 0);
898 function = SVAL(req->vwv+2, 0);
899 ioctl_code = (device << 16) + function;
901 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
903 switch (ioctl_code) {
904 case IOCTL_QUERY_JOB_INFO:
908 reply_doserror(req, ERRSRV, ERRnosupport);
909 END_PROFILE(SMBioctl);
913 reply_outbuf(req, 8, replysize+1);
914 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
915 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
916 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
917 p = smb_buf(req->outbuf);
918 memset(p, '\0', replysize+1); /* valgrind-safe. */
919 p += 1; /* Allow for alignment */
921 switch (ioctl_code) {
922 case IOCTL_QUERY_JOB_INFO:
924 files_struct *fsp = file_fsp(
925 req, SVAL(req->vwv+0, 0));
927 reply_doserror(req, ERRDOS, ERRbadfid);
928 END_PROFILE(SMBioctl);
931 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
932 srvstr_push((char *)req->outbuf, req->flags2, p+2,
934 STR_TERMINATE|STR_ASCII);
936 srvstr_push((char *)req->outbuf, req->flags2,
937 p+18, lp_servicename(SNUM(conn)),
938 13, STR_TERMINATE|STR_ASCII);
946 END_PROFILE(SMBioctl);
950 /****************************************************************************
951 Strange checkpath NTSTATUS mapping.
952 ****************************************************************************/
954 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
956 /* Strange DOS error code semantics only for checkpath... */
957 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
958 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
959 /* We need to map to ERRbadpath */
960 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
966 /****************************************************************************
967 Reply to a checkpath.
968 ****************************************************************************/
970 void reply_checkpath(struct smb_request *req)
972 connection_struct *conn = req->conn;
973 struct smb_filename *smb_fname = NULL;
976 TALLOC_CTX *ctx = talloc_tos();
978 START_PROFILE(SMBcheckpath);
980 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
981 STR_TERMINATE, &status);
983 if (!NT_STATUS_IS_OK(status)) {
984 status = map_checkpath_error(req->flags2, status);
985 reply_nterror(req, status);
986 END_PROFILE(SMBcheckpath);
990 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
992 status = filename_convert(ctx,
994 req->flags2 & FLAGS2_DFS_PATHNAMES,
999 if (!NT_STATUS_IS_OK(status)) {
1000 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1001 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1002 ERRSRV, ERRbadpath);
1003 END_PROFILE(SMBcheckpath);
1009 if (!VALID_STAT(smb_fname->st) &&
1010 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1011 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",
1012 smb_fname_str_dbg(smb_fname), strerror(errno)));
1013 status = map_nt_error_from_unix(errno);
1017 if (!S_ISDIR(smb_fname->st.st_ex_mode)) {
1018 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
1019 ERRDOS, ERRbadpath);
1023 reply_outbuf(req, 0, 0);
1026 /* We special case this - as when a Windows machine
1027 is parsing a path is steps through the components
1028 one at a time - if a component fails it expects
1029 ERRbadpath, not ERRbadfile.
1031 status = map_checkpath_error(req->flags2, status);
1032 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1034 * Windows returns different error codes if
1035 * the parent directory is valid but not the
1036 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
1037 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
1038 * if the path is invalid.
1040 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
1041 ERRDOS, ERRbadpath);
1045 reply_nterror(req, status);
1048 TALLOC_FREE(smb_fname);
1049 END_PROFILE(SMBcheckpath);
1053 /****************************************************************************
1055 ****************************************************************************/
1057 void reply_getatr(struct smb_request *req)
1059 connection_struct *conn = req->conn;
1060 struct smb_filename *smb_fname = NULL;
1067 TALLOC_CTX *ctx = talloc_tos();
1068 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1070 START_PROFILE(SMBgetatr);
1072 p = (const char *)req->buf + 1;
1073 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1074 if (!NT_STATUS_IS_OK(status)) {
1075 reply_nterror(req, status);
1079 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1080 under WfWg - weird! */
1081 if (*fname == '\0') {
1082 mode = aHIDDEN | aDIR;
1083 if (!CAN_WRITE(conn)) {
1089 status = filename_convert(ctx,
1091 req->flags2 & FLAGS2_DFS_PATHNAMES,
1095 if (!NT_STATUS_IS_OK(status)) {
1096 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1097 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1098 ERRSRV, ERRbadpath);
1101 reply_nterror(req, status);
1104 if (!VALID_STAT(smb_fname->st) &&
1105 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1106 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",
1107 smb_fname_str_dbg(smb_fname),
1109 reply_nterror(req, map_nt_error_from_unix(errno));
1113 mode = dos_mode(conn, smb_fname);
1114 size = smb_fname->st.st_ex_size;
1116 if (ask_sharemode) {
1117 struct timespec write_time_ts;
1118 struct file_id fileid;
1120 ZERO_STRUCT(write_time_ts);
1121 fileid = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1122 get_file_infos(fileid, NULL, &write_time_ts);
1123 if (!null_timespec(write_time_ts)) {
1124 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1128 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1134 reply_outbuf(req, 10, 0);
1136 SSVAL(req->outbuf,smb_vwv0,mode);
1137 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1138 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1140 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1142 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1144 if (Protocol >= PROTOCOL_NT1) {
1145 SSVAL(req->outbuf, smb_flg2,
1146 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1149 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n",
1150 smb_fname_str_dbg(smb_fname), mode, (unsigned int)size));
1153 TALLOC_FREE(smb_fname);
1155 END_PROFILE(SMBgetatr);
1159 /****************************************************************************
1161 ****************************************************************************/
1163 void reply_setatr(struct smb_request *req)
1165 struct smb_file_time ft;
1166 connection_struct *conn = req->conn;
1167 struct smb_filename *smb_fname = NULL;
1173 TALLOC_CTX *ctx = talloc_tos();
1175 START_PROFILE(SMBsetatr);
1180 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1184 p = (const char *)req->buf + 1;
1185 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1186 if (!NT_STATUS_IS_OK(status)) {
1187 reply_nterror(req, status);
1191 status = filename_convert(ctx,
1193 req->flags2 & FLAGS2_DFS_PATHNAMES,
1197 if (!NT_STATUS_IS_OK(status)) {
1198 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1199 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1200 ERRSRV, ERRbadpath);
1203 reply_nterror(req, status);
1207 if (smb_fname->base_name[0] == '.' &&
1208 smb_fname->base_name[1] == '\0') {
1210 * Not sure here is the right place to catch this
1211 * condition. Might be moved to somewhere else later -- vl
1213 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1217 mode = SVAL(req->vwv+0, 0);
1218 mtime = srv_make_unix_date3(req->vwv+1);
1220 ft.mtime = convert_time_t_to_timespec(mtime);
1221 status = smb_set_file_time(conn, NULL, smb_fname, &ft, true);
1222 if (!NT_STATUS_IS_OK(status)) {
1223 reply_nterror(req, status);
1227 if (mode != FILE_ATTRIBUTE_NORMAL) {
1228 if (VALID_STAT_OF_DIR(smb_fname->st))
1233 if (file_set_dosmode(conn, smb_fname, mode, NULL,
1235 reply_nterror(req, map_nt_error_from_unix(errno));
1240 reply_outbuf(req, 0, 0);
1242 DEBUG(3, ("setatr name=%s mode=%d\n", smb_fname_str_dbg(smb_fname),
1245 TALLOC_FREE(smb_fname);
1246 END_PROFILE(SMBsetatr);
1250 /****************************************************************************
1252 ****************************************************************************/
1254 void reply_dskattr(struct smb_request *req)
1256 connection_struct *conn = req->conn;
1257 uint64_t dfree,dsize,bsize;
1258 START_PROFILE(SMBdskattr);
1260 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1261 reply_nterror(req, map_nt_error_from_unix(errno));
1262 END_PROFILE(SMBdskattr);
1266 reply_outbuf(req, 5, 0);
1268 if (Protocol <= PROTOCOL_LANMAN2) {
1269 double total_space, free_space;
1270 /* we need to scale this to a number that DOS6 can handle. We
1271 use floating point so we can handle large drives on systems
1272 that don't have 64 bit integers
1274 we end up displaying a maximum of 2G to DOS systems
1276 total_space = dsize * (double)bsize;
1277 free_space = dfree * (double)bsize;
1279 dsize = (uint64_t)((total_space+63*512) / (64*512));
1280 dfree = (uint64_t)((free_space+63*512) / (64*512));
1282 if (dsize > 0xFFFF) dsize = 0xFFFF;
1283 if (dfree > 0xFFFF) dfree = 0xFFFF;
1285 SSVAL(req->outbuf,smb_vwv0,dsize);
1286 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1287 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1288 SSVAL(req->outbuf,smb_vwv3,dfree);
1290 SSVAL(req->outbuf,smb_vwv0,dsize);
1291 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1292 SSVAL(req->outbuf,smb_vwv2,512);
1293 SSVAL(req->outbuf,smb_vwv3,dfree);
1296 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1298 END_PROFILE(SMBdskattr);
1303 * Utility function to split the filename from the directory.
1305 static NTSTATUS split_fname_dir_mask(TALLOC_CTX *ctx, const char *fname_in,
1306 char **fname_dir_out,
1307 char **fname_mask_out)
1309 const char *p = NULL;
1310 char *fname_dir = NULL;
1311 char *fname_mask = NULL;
1313 p = strrchr_m(fname_in, '/');
1315 fname_dir = talloc_strdup(ctx, ".");
1316 fname_mask = talloc_strdup(ctx, fname_in);
1318 fname_dir = talloc_strndup(ctx, fname_in,
1319 PTR_DIFF(p, fname_in));
1320 fname_mask = talloc_strdup(ctx, p+1);
1323 if (!fname_dir || !fname_mask) {
1324 TALLOC_FREE(fname_dir);
1325 TALLOC_FREE(fname_mask);
1326 return NT_STATUS_NO_MEMORY;
1329 *fname_dir_out = fname_dir;
1330 *fname_mask_out = fname_mask;
1331 return NT_STATUS_OK;
1334 /****************************************************************************
1336 Can be called from SMBsearch, SMBffirst or SMBfunique.
1337 ****************************************************************************/
1339 void reply_search(struct smb_request *req)
1341 connection_struct *conn = req->conn;
1343 const char *mask = NULL;
1344 char *directory = NULL;
1348 struct timespec date;
1350 unsigned int numentries = 0;
1351 unsigned int maxentries = 0;
1352 bool finished = False;
1357 bool check_descend = False;
1358 bool expect_close = False;
1360 bool mask_contains_wcard = False;
1361 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1362 TALLOC_CTX *ctx = talloc_tos();
1363 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1365 START_PROFILE(SMBsearch);
1368 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1369 END_PROFILE(SMBsearch);
1373 if (lp_posix_pathnames()) {
1374 reply_unknown_new(req, req->cmd);
1375 END_PROFILE(SMBsearch);
1379 /* If we were called as SMBffirst then we must expect close. */
1380 if(req->cmd == SMBffirst) {
1381 expect_close = True;
1384 reply_outbuf(req, 1, 3);
1385 maxentries = SVAL(req->vwv+0, 0);
1386 dirtype = SVAL(req->vwv+1, 0);
1387 p = (const char *)req->buf + 1;
1388 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1389 &nt_status, &mask_contains_wcard);
1390 if (!NT_STATUS_IS_OK(nt_status)) {
1391 reply_nterror(req, nt_status);
1392 END_PROFILE(SMBsearch);
1397 status_len = SVAL(p, 0);
1400 /* dirtype &= ~aDIR; */
1402 if (status_len == 0) {
1403 struct smb_filename *smb_fname = NULL;
1405 nt_status = resolve_dfspath_wcard(ctx, conn,
1406 req->flags2 & FLAGS2_DFS_PATHNAMES,
1409 &mask_contains_wcard);
1410 if (!NT_STATUS_IS_OK(nt_status)) {
1411 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1412 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1413 ERRSRV, ERRbadpath);
1414 END_PROFILE(SMBsearch);
1417 reply_nterror(req, nt_status);
1418 END_PROFILE(SMBsearch);
1422 nt_status = unix_convert(ctx, conn, path, &smb_fname,
1423 UCF_ALLOW_WCARD_LCOMP);
1424 if (!NT_STATUS_IS_OK(nt_status)) {
1425 reply_nterror(req, nt_status);
1426 END_PROFILE(SMBsearch);
1430 nt_status = get_full_smb_filename(ctx, smb_fname, &directory);
1431 TALLOC_FREE(smb_fname);
1432 if (!NT_STATUS_IS_OK(nt_status)) {
1433 reply_nterror(req, nt_status);
1434 END_PROFILE(SMBsearch);
1438 nt_status = check_name(conn, directory);
1439 if (!NT_STATUS_IS_OK(nt_status)) {
1440 reply_nterror(req, nt_status);
1441 END_PROFILE(SMBsearch);
1445 p = strrchr_m(directory,'/');
1446 if ((p != NULL) && (*directory != '/')) {
1448 directory = talloc_strndup(ctx, directory,
1449 PTR_DIFF(p, directory));
1452 directory = talloc_strdup(ctx,".");
1456 reply_nterror(req, NT_STATUS_NO_MEMORY);
1457 END_PROFILE(SMBsearch);
1461 memset((char *)status,'\0',21);
1462 SCVAL(status,0,(dirtype & 0x1F));
1464 nt_status = dptr_create(conn,
1470 mask_contains_wcard,
1473 if (!NT_STATUS_IS_OK(nt_status)) {
1474 reply_nterror(req, nt_status);
1475 END_PROFILE(SMBsearch);
1478 dptr_num = dptr_dnum(conn->dirptr);
1482 memcpy(status,p,21);
1483 status_dirtype = CVAL(status,0) & 0x1F;
1484 if (status_dirtype != (dirtype & 0x1F)) {
1485 dirtype = status_dirtype;
1488 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1489 if (!conn->dirptr) {
1492 string_set(&conn->dirpath,dptr_path(dptr_num));
1493 mask = dptr_wcard(dptr_num);
1498 * For a 'continue' search we have no string. So
1499 * check from the initial saved string.
1501 mask_contains_wcard = ms_has_wild(mask);
1502 dirtype = dptr_attr(dptr_num);
1505 DEBUG(4,("dptr_num is %d\n",dptr_num));
1507 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1508 dptr_init_search_op(conn->dirptr);
1510 if ((dirtype&0x1F) == aVOLID) {
1511 char buf[DIR_STRUCT_SIZE];
1512 memcpy(buf,status,21);
1513 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1514 0,aVOLID,0,!allow_long_path_components)) {
1515 reply_nterror(req, NT_STATUS_NO_MEMORY);
1516 END_PROFILE(SMBsearch);
1519 dptr_fill(buf+12,dptr_num);
1520 if (dptr_zero(buf+12) && (status_len==0)) {
1525 if (message_push_blob(&req->outbuf,
1526 data_blob_const(buf, sizeof(buf)))
1528 reply_nterror(req, NT_STATUS_NO_MEMORY);
1529 END_PROFILE(SMBsearch);
1537 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1540 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1541 conn->dirpath,lp_dontdescend(SNUM(conn))));
1542 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1543 check_descend = True;
1546 for (i=numentries;(i<maxentries) && !finished;i++) {
1547 finished = !get_dir_entry(ctx,
1558 char buf[DIR_STRUCT_SIZE];
1559 memcpy(buf,status,21);
1560 if (!make_dir_struct(ctx,
1566 convert_timespec_to_time_t(date),
1567 !allow_long_path_components)) {
1568 reply_nterror(req, NT_STATUS_NO_MEMORY);
1569 END_PROFILE(SMBsearch);
1572 if (!dptr_fill(buf+12,dptr_num)) {
1575 if (message_push_blob(&req->outbuf,
1576 data_blob_const(buf, sizeof(buf)))
1578 reply_nterror(req, NT_STATUS_NO_MEMORY);
1579 END_PROFILE(SMBsearch);
1589 /* If we were called as SMBffirst with smb_search_id == NULL
1590 and no entries were found then return error and close dirptr
1593 if (numentries == 0) {
1594 dptr_close(&dptr_num);
1595 } else if(expect_close && status_len == 0) {
1596 /* Close the dptr - we know it's gone */
1597 dptr_close(&dptr_num);
1600 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1601 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1602 dptr_close(&dptr_num);
1605 if ((numentries == 0) && !mask_contains_wcard) {
1606 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1607 END_PROFILE(SMBsearch);
1611 SSVAL(req->outbuf,smb_vwv0,numentries);
1612 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1613 SCVAL(smb_buf(req->outbuf),0,5);
1614 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1616 /* The replies here are never long name. */
1617 SSVAL(req->outbuf, smb_flg2,
1618 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1619 if (!allow_long_path_components) {
1620 SSVAL(req->outbuf, smb_flg2,
1621 SVAL(req->outbuf, smb_flg2)
1622 & (~FLAGS2_LONG_PATH_COMPONENTS));
1625 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1626 SSVAL(req->outbuf, smb_flg2,
1627 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1630 directory = dptr_path(dptr_num);
1633 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1634 smb_fn_name(req->cmd),
1636 directory ? directory : "./",
1641 END_PROFILE(SMBsearch);
1645 /****************************************************************************
1646 Reply to a fclose (stop directory search).
1647 ****************************************************************************/
1649 void reply_fclose(struct smb_request *req)
1657 bool path_contains_wcard = False;
1658 TALLOC_CTX *ctx = talloc_tos();
1660 START_PROFILE(SMBfclose);
1662 if (lp_posix_pathnames()) {
1663 reply_unknown_new(req, req->cmd);
1664 END_PROFILE(SMBfclose);
1668 p = (const char *)req->buf + 1;
1669 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1670 &err, &path_contains_wcard);
1671 if (!NT_STATUS_IS_OK(err)) {
1672 reply_nterror(req, err);
1673 END_PROFILE(SMBfclose);
1677 status_len = SVAL(p,0);
1680 if (status_len == 0) {
1681 reply_doserror(req, ERRSRV, ERRsrverror);
1682 END_PROFILE(SMBfclose);
1686 memcpy(status,p,21);
1688 if(dptr_fetch(status+12,&dptr_num)) {
1689 /* Close the dptr - we know it's gone */
1690 dptr_close(&dptr_num);
1693 reply_outbuf(req, 1, 0);
1694 SSVAL(req->outbuf,smb_vwv0,0);
1696 DEBUG(3,("search close\n"));
1698 END_PROFILE(SMBfclose);
1702 /****************************************************************************
1704 ****************************************************************************/
1706 void reply_open(struct smb_request *req)
1708 connection_struct *conn = req->conn;
1709 struct smb_filename *smb_fname = NULL;
1721 uint32 create_disposition;
1722 uint32 create_options = 0;
1724 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1725 TALLOC_CTX *ctx = talloc_tos();
1727 START_PROFILE(SMBopen);
1730 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1734 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1735 deny_mode = SVAL(req->vwv+0, 0);
1736 dos_attr = SVAL(req->vwv+1, 0);
1738 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1739 STR_TERMINATE, &status);
1740 if (!NT_STATUS_IS_OK(status)) {
1741 reply_nterror(req, status);
1745 status = filename_convert(ctx,
1747 req->flags2 & FLAGS2_DFS_PATHNAMES,
1751 if (!NT_STATUS_IS_OK(status)) {
1752 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1753 reply_botherror(req,
1754 NT_STATUS_PATH_NOT_COVERED,
1755 ERRSRV, ERRbadpath);
1758 reply_nterror(req, status);
1762 if (!map_open_params_to_ntcreate(
1763 smb_fname->base_name, deny_mode, OPENX_FILE_EXISTS_OPEN,
1764 &access_mask, &share_mode, &create_disposition,
1766 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1770 status = SMB_VFS_CREATE_FILE(
1773 0, /* root_dir_fid */
1774 smb_fname, /* fname */
1775 access_mask, /* access_mask */
1776 share_mode, /* share_access */
1777 create_disposition, /* create_disposition*/
1778 create_options, /* create_options */
1779 dos_attr, /* file_attributes */
1780 oplock_request, /* oplock_request */
1781 0, /* allocation_size */
1787 if (!NT_STATUS_IS_OK(status)) {
1788 if (open_was_deferred(req->mid)) {
1789 /* We have re-scheduled this call. */
1792 reply_openerror(req, status);
1796 size = smb_fname->st.st_ex_size;
1797 fattr = dos_mode(conn, smb_fname);
1799 /* Deal with other possible opens having a modified
1801 if (ask_sharemode) {
1802 struct timespec write_time_ts;
1804 ZERO_STRUCT(write_time_ts);
1805 get_file_infos(fsp->file_id, NULL, &write_time_ts);
1806 if (!null_timespec(write_time_ts)) {
1807 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1811 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1814 DEBUG(3,("attempt to open a directory %s\n",fsp->fsp_name));
1815 close_file(req, fsp, ERROR_CLOSE);
1816 reply_doserror(req, ERRDOS,ERRnoaccess);
1820 reply_outbuf(req, 7, 0);
1821 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1822 SSVAL(req->outbuf,smb_vwv1,fattr);
1823 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1824 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1826 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1828 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1829 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1831 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1832 SCVAL(req->outbuf,smb_flg,
1833 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1836 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1837 SCVAL(req->outbuf,smb_flg,
1838 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1841 TALLOC_FREE(smb_fname);
1842 END_PROFILE(SMBopen);
1846 /****************************************************************************
1847 Reply to an open and X.
1848 ****************************************************************************/
1850 void reply_open_and_X(struct smb_request *req)
1852 connection_struct *conn = req->conn;
1853 struct smb_filename *smb_fname = NULL;
1858 /* Breakout the oplock request bits so we can set the
1859 reply bits separately. */
1860 int ex_oplock_request;
1861 int core_oplock_request;
1864 int smb_sattr = SVAL(req->vwv+4, 0);
1865 uint32 smb_time = make_unix_date3(req->vwv+6);
1873 uint64_t allocation_size;
1874 ssize_t retval = -1;
1877 uint32 create_disposition;
1878 uint32 create_options = 0;
1879 TALLOC_CTX *ctx = talloc_tos();
1881 START_PROFILE(SMBopenX);
1883 if (req->wct < 15) {
1884 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1888 open_flags = SVAL(req->vwv+2, 0);
1889 deny_mode = SVAL(req->vwv+3, 0);
1890 smb_attr = SVAL(req->vwv+5, 0);
1891 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1892 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1893 oplock_request = ex_oplock_request | core_oplock_request;
1894 smb_ofun = SVAL(req->vwv+8, 0);
1895 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1897 /* If it's an IPC, pass off the pipe handler. */
1899 if (lp_nt_pipe_support()) {
1900 reply_open_pipe_and_X(conn, req);
1902 reply_doserror(req, ERRSRV, ERRaccess);
1907 /* XXXX we need to handle passed times, sattr and flags */
1908 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1909 STR_TERMINATE, &status);
1910 if (!NT_STATUS_IS_OK(status)) {
1911 reply_nterror(req, status);
1915 status = filename_convert(ctx,
1917 req->flags2 & FLAGS2_DFS_PATHNAMES,
1921 if (!NT_STATUS_IS_OK(status)) {
1922 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1923 reply_botherror(req,
1924 NT_STATUS_PATH_NOT_COVERED,
1925 ERRSRV, ERRbadpath);
1928 reply_nterror(req, status);
1932 if (!map_open_params_to_ntcreate(
1933 smb_fname->base_name, deny_mode, smb_ofun, &access_mask,
1934 &share_mode, &create_disposition, &create_options)) {
1935 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1939 status = SMB_VFS_CREATE_FILE(
1942 0, /* root_dir_fid */
1943 smb_fname, /* fname */
1944 access_mask, /* access_mask */
1945 share_mode, /* share_access */
1946 create_disposition, /* create_disposition*/
1947 create_options, /* create_options */
1948 smb_attr, /* file_attributes */
1949 oplock_request, /* oplock_request */
1950 0, /* allocation_size */
1954 &smb_action); /* pinfo */
1956 if (!NT_STATUS_IS_OK(status)) {
1957 if (open_was_deferred(req->mid)) {
1958 /* We have re-scheduled this call. */
1961 reply_openerror(req, status);
1965 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1966 if the file is truncated or created. */
1967 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1968 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1969 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1970 close_file(req, fsp, ERROR_CLOSE);
1971 reply_nterror(req, NT_STATUS_DISK_FULL);
1974 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1976 close_file(req, fsp, ERROR_CLOSE);
1977 reply_nterror(req, NT_STATUS_DISK_FULL);
1980 smb_fname->st.st_ex_size =
1981 SMB_VFS_GET_ALLOC_SIZE(conn, fsp, &smb_fname->st);
1984 fattr = dos_mode(conn, smb_fname);
1985 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1987 close_file(req, fsp, ERROR_CLOSE);
1988 reply_doserror(req, ERRDOS, ERRnoaccess);
1992 /* If the caller set the extended oplock request bit
1993 and we granted one (by whatever means) - set the
1994 correct bit for extended oplock reply.
1997 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1998 smb_action |= EXTENDED_OPLOCK_GRANTED;
2001 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2002 smb_action |= EXTENDED_OPLOCK_GRANTED;
2005 /* If the caller set the core oplock request bit
2006 and we granted one (by whatever means) - set the
2007 correct bit for core oplock reply.
2010 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2011 reply_outbuf(req, 19, 0);
2013 reply_outbuf(req, 15, 0);
2016 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2017 SCVAL(req->outbuf, smb_flg,
2018 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2021 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2022 SCVAL(req->outbuf, smb_flg,
2023 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2026 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
2027 SSVAL(req->outbuf,smb_vwv3,fattr);
2028 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
2029 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
2031 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
2033 SIVAL(req->outbuf,smb_vwv6,(uint32)smb_fname->st.st_ex_size);
2034 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
2035 SSVAL(req->outbuf,smb_vwv11,smb_action);
2037 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2038 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
2043 TALLOC_FREE(smb_fname);
2044 END_PROFILE(SMBopenX);
2048 /****************************************************************************
2049 Reply to a SMBulogoffX.
2050 ****************************************************************************/
2052 void reply_ulogoffX(struct smb_request *req)
2054 struct smbd_server_connection *sconn = smbd_server_conn;
2057 START_PROFILE(SMBulogoffX);
2059 vuser = get_valid_user_struct(sconn, req->vuid);
2062 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
2066 /* in user level security we are supposed to close any files
2067 open by this user */
2068 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
2069 file_close_user(req->vuid);
2072 invalidate_vuid(sconn, req->vuid);
2074 reply_outbuf(req, 2, 0);
2076 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
2078 END_PROFILE(SMBulogoffX);
2082 /****************************************************************************
2083 Reply to a mknew or a create.
2084 ****************************************************************************/
2086 void reply_mknew(struct smb_request *req)
2088 connection_struct *conn = req->conn;
2089 struct smb_filename *smb_fname = NULL;
2092 struct smb_file_time ft;
2094 int oplock_request = 0;
2096 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
2097 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
2098 uint32 create_disposition;
2099 uint32 create_options = 0;
2100 TALLOC_CTX *ctx = talloc_tos();
2102 START_PROFILE(SMBcreate);
2106 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2110 fattr = SVAL(req->vwv+0, 0);
2111 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2114 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
2116 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
2117 STR_TERMINATE, &status);
2118 if (!NT_STATUS_IS_OK(status)) {
2119 reply_nterror(req, status);
2123 status = filename_convert(ctx,
2125 req->flags2 & FLAGS2_DFS_PATHNAMES,
2129 if (!NT_STATUS_IS_OK(status)) {
2130 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2131 reply_botherror(req,
2132 NT_STATUS_PATH_NOT_COVERED,
2133 ERRSRV, ERRbadpath);
2136 reply_nterror(req, status);
2140 if (fattr & aVOLID) {
2141 DEBUG(0,("Attempt to create file (%s) with volid set - "
2142 "please report this\n",
2143 smb_fname_str_dbg(smb_fname)));
2146 if(req->cmd == SMBmknew) {
2147 /* We should fail if file exists. */
2148 create_disposition = FILE_CREATE;
2150 /* Create if file doesn't exist, truncate if it does. */
2151 create_disposition = FILE_OVERWRITE_IF;
2154 status = SMB_VFS_CREATE_FILE(
2157 0, /* root_dir_fid */
2158 smb_fname, /* fname */
2159 access_mask, /* access_mask */
2160 share_mode, /* share_access */
2161 create_disposition, /* create_disposition*/
2162 create_options, /* create_options */
2163 fattr, /* file_attributes */
2164 oplock_request, /* oplock_request */
2165 0, /* allocation_size */
2171 if (!NT_STATUS_IS_OK(status)) {
2172 if (open_was_deferred(req->mid)) {
2173 /* We have re-scheduled this call. */
2176 reply_openerror(req, status);
2180 ft.atime = smb_fname->st.st_ex_atime; /* atime. */
2181 status = smb_set_file_time(conn, fsp, smb_fname, &ft, true);
2182 if (!NT_STATUS_IS_OK(status)) {
2183 END_PROFILE(SMBcreate);
2187 reply_outbuf(req, 1, 0);
2188 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2190 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2191 SCVAL(req->outbuf,smb_flg,
2192 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2195 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2196 SCVAL(req->outbuf,smb_flg,
2197 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2200 DEBUG(2, ("reply_mknew: file %s\n", smb_fname_str_dbg(smb_fname)));
2201 DEBUG(3, ("reply_mknew %s fd=%d dmode=0x%x\n",
2202 smb_fname_str_dbg(smb_fname), fsp->fh->fd,
2203 (unsigned int)fattr));
2206 TALLOC_FREE(smb_fname);
2207 END_PROFILE(SMBcreate);
2211 /****************************************************************************
2212 Reply to a create temporary file.
2213 ****************************************************************************/
2215 void reply_ctemp(struct smb_request *req)
2217 connection_struct *conn = req->conn;
2218 struct smb_filename *smb_fname = NULL;
2226 TALLOC_CTX *ctx = talloc_tos();
2228 START_PROFILE(SMBctemp);
2231 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2235 fattr = SVAL(req->vwv+0, 0);
2236 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2238 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2239 STR_TERMINATE, &status);
2240 if (!NT_STATUS_IS_OK(status)) {
2241 reply_nterror(req, status);
2245 fname = talloc_asprintf(ctx,
2249 fname = talloc_strdup(ctx, "TMXXXXXX");
2253 reply_nterror(req, NT_STATUS_NO_MEMORY);
2257 status = filename_convert(ctx, conn,
2258 req->flags2 & FLAGS2_DFS_PATHNAMES,
2262 if (!NT_STATUS_IS_OK(status)) {
2263 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2264 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2265 ERRSRV, ERRbadpath);
2268 reply_nterror(req, status);
2272 tmpfd = mkstemp(smb_fname->base_name);
2274 reply_nterror(req, map_nt_error_from_unix(errno));
2278 SMB_VFS_STAT(conn, smb_fname);
2280 /* We should fail if file does not exist. */
2281 status = SMB_VFS_CREATE_FILE(
2284 0, /* root_dir_fid */
2285 smb_fname, /* fname */
2286 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2287 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2288 FILE_OPEN, /* create_disposition*/
2289 0, /* create_options */
2290 fattr, /* file_attributes */
2291 oplock_request, /* oplock_request */
2292 0, /* allocation_size */
2298 /* close fd from mkstemp() */
2301 if (!NT_STATUS_IS_OK(status)) {
2302 if (open_was_deferred(req->mid)) {
2303 /* We have re-scheduled this call. */
2306 reply_openerror(req, status);
2310 reply_outbuf(req, 1, 0);
2311 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2313 /* the returned filename is relative to the directory */
2314 s = strrchr_m(fsp->fsp_name, '/');
2322 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2323 thing in the byte section. JRA */
2324 SSVALS(p, 0, -1); /* what is this? not in spec */
2326 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2328 reply_nterror(req, NT_STATUS_NO_MEMORY);
2332 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2333 SCVAL(req->outbuf, smb_flg,
2334 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2337 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2338 SCVAL(req->outbuf, smb_flg,
2339 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2342 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp->fsp_name ) );
2343 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp->fsp_name,
2344 fsp->fh->fd, (unsigned int)smb_fname->st.st_ex_mode));
2346 TALLOC_FREE(smb_fname);
2347 END_PROFILE(SMBctemp);
2351 /*******************************************************************
2352 Check if a user is allowed to rename a file.
2353 ********************************************************************/
2355 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2356 uint16 dirtype, SMB_STRUCT_STAT *pst)
2358 struct smb_filename *smb_fname = NULL;
2362 if (!CAN_WRITE(conn)) {
2363 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2366 status = create_synthetic_smb_fname_split(talloc_tos(), fsp->fsp_name,
2368 if (!NT_STATUS_IS_OK(status)) {
2372 fmode = dos_mode(conn, smb_fname);
2373 TALLOC_FREE(smb_fname);
2374 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2375 return NT_STATUS_NO_SUCH_FILE;
2378 if (S_ISDIR(pst->st_ex_mode)) {
2379 if (fsp->posix_open) {
2380 return NT_STATUS_OK;
2383 /* If no pathnames are open below this
2384 directory, allow the rename. */
2386 if (file_find_subpath(fsp)) {
2387 return NT_STATUS_ACCESS_DENIED;
2389 return NT_STATUS_OK;
2392 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2393 return NT_STATUS_OK;
2396 return NT_STATUS_ACCESS_DENIED;
2399 /*******************************************************************
2400 * unlink a file with all relevant access checks
2401 *******************************************************************/
2403 static NTSTATUS do_unlink(connection_struct *conn,
2404 struct smb_request *req,
2405 struct smb_filename *smb_fname,
2410 uint32 dirtype_orig = dirtype;
2413 DEBUG(10,("do_unlink: %s, dirtype = %d\n",
2414 smb_fname_str_dbg(smb_fname),
2417 if (!CAN_WRITE(conn)) {
2418 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2421 if (SMB_VFS_LSTAT(conn, smb_fname) != 0) {
2422 return map_nt_error_from_unix(errno);
2425 fattr = dos_mode(conn, smb_fname);
2427 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2428 dirtype = aDIR|aARCH|aRONLY;
2431 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2433 return NT_STATUS_NO_SUCH_FILE;
2436 if (!dir_check_ftype(conn, fattr, dirtype)) {
2438 return NT_STATUS_FILE_IS_A_DIRECTORY;
2440 return NT_STATUS_NO_SUCH_FILE;
2443 if (dirtype_orig & 0x8000) {
2444 /* These will never be set for POSIX. */
2445 return NT_STATUS_NO_SUCH_FILE;
2449 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2450 return NT_STATUS_FILE_IS_A_DIRECTORY;
2453 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2454 return NT_STATUS_NO_SUCH_FILE;
2457 if (dirtype & 0xFF00) {
2458 /* These will never be set for POSIX. */
2459 return NT_STATUS_NO_SUCH_FILE;
2464 return NT_STATUS_NO_SUCH_FILE;
2467 /* Can't delete a directory. */
2469 return NT_STATUS_FILE_IS_A_DIRECTORY;
2474 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2475 return NT_STATUS_OBJECT_NAME_INVALID;
2476 #endif /* JRATEST */
2478 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2480 On a Windows share, a file with read-only dosmode can be opened with
2481 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2482 fails with NT_STATUS_CANNOT_DELETE error.
2484 This semantic causes a problem that a user can not
2485 rename a file with read-only dosmode on a Samba share
2486 from a Windows command prompt (i.e. cmd.exe, but can rename
2487 from Windows Explorer).
2490 if (!lp_delete_readonly(SNUM(conn))) {
2491 if (fattr & aRONLY) {
2492 return NT_STATUS_CANNOT_DELETE;
2496 /* On open checks the open itself will check the share mode, so
2497 don't do it here as we'll get it wrong. */
2499 status = SMB_VFS_CREATE_FILE
2502 0, /* root_dir_fid */
2503 smb_fname, /* fname */
2504 DELETE_ACCESS, /* access_mask */
2505 FILE_SHARE_NONE, /* share_access */
2506 FILE_OPEN, /* create_disposition*/
2507 FILE_NON_DIRECTORY_FILE, /* create_options */
2508 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2509 0, /* oplock_request */
2510 0, /* allocation_size */
2516 if (!NT_STATUS_IS_OK(status)) {
2517 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2518 nt_errstr(status)));
2522 /* The set is across all open files on this dev/inode pair. */
2523 if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) {
2524 close_file(req, fsp, NORMAL_CLOSE);
2525 return NT_STATUS_ACCESS_DENIED;
2528 return close_file(req, fsp, NORMAL_CLOSE);
2531 /****************************************************************************
2532 The guts of the unlink command, split out so it may be called by the NT SMB
2534 ****************************************************************************/
2536 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2537 uint32 dirtype, const char *name_in, bool has_wild)
2539 struct smb_filename *smb_fname = NULL;
2540 char *fname_dir = NULL;
2541 char *fname_mask = NULL;
2543 NTSTATUS status = NT_STATUS_OK;
2544 TALLOC_CTX *ctx = talloc_tos();
2546 status = unix_convert(ctx, conn, name_in, &smb_fname,
2547 has_wild ? UCF_ALLOW_WCARD_LCOMP : 0);
2548 if (!NT_STATUS_IS_OK(status)) {
2552 /* Split up the directory from the filename/mask. */
2553 status = split_fname_dir_mask(ctx, smb_fname->base_name,
2554 &fname_dir, &fname_mask);
2555 if (!NT_STATUS_IS_OK(status)) {
2560 * We should only check the mangled cache
2561 * here if unix_convert failed. This means
2562 * that the path in 'mask' doesn't exist
2563 * on the file system and so we need to look
2564 * for a possible mangle. This patch from
2565 * Tine Smukavec <valentin.smukavec@hermes.si>.
2568 if (!VALID_STAT(smb_fname->st) &&
2569 mangle_is_mangled(fname_mask, conn->params)) {
2570 char *new_mask = NULL;
2571 mangle_lookup_name_from_8_3(ctx, fname_mask,
2572 &new_mask, conn->params);
2574 TALLOC_FREE(fname_mask);
2575 fname_mask = new_mask;
2582 * Only one file needs to be unlinked. Append the mask back
2583 * onto the directory.
2585 TALLOC_FREE(smb_fname->base_name);
2586 smb_fname->base_name = talloc_asprintf(smb_fname,
2590 if (!smb_fname->base_name) {
2591 status = NT_STATUS_NO_MEMORY;
2595 dirtype = FILE_ATTRIBUTE_NORMAL;
2598 status = check_name(conn, smb_fname->base_name);
2599 if (!NT_STATUS_IS_OK(status)) {
2603 status = do_unlink(conn, req, smb_fname, dirtype);
2604 if (!NT_STATUS_IS_OK(status)) {
2610 struct smb_Dir *dir_hnd = NULL;
2614 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2615 status = NT_STATUS_OBJECT_NAME_INVALID;
2619 if (strequal(fname_mask,"????????.???")) {
2620 TALLOC_FREE(fname_mask);
2621 fname_mask = talloc_strdup(ctx, "*");
2623 status = NT_STATUS_NO_MEMORY;
2628 status = check_name(conn, fname_dir);
2629 if (!NT_STATUS_IS_OK(status)) {
2633 dir_hnd = OpenDir(talloc_tos(), conn, fname_dir, fname_mask,
2635 if (dir_hnd == NULL) {
2636 status = map_nt_error_from_unix(errno);
2640 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2641 the pattern matches against the long name, otherwise the short name
2642 We don't implement this yet XXXX
2645 status = NT_STATUS_NO_SUCH_FILE;
2647 while ((dname = ReadDirName(dir_hnd, &offset,
2649 if (!is_visible_file(conn, fname_dir, dname,
2650 &smb_fname->st, true)) {
2654 /* Quick check for "." and ".." */
2655 if (ISDOT(dname) || ISDOTDOT(dname)) {
2659 if(!mask_match(dname, fname_mask,
2660 conn->case_sensitive)) {
2664 TALLOC_FREE(smb_fname->base_name);
2665 smb_fname->base_name =
2666 talloc_asprintf(smb_fname, "%s/%s",
2669 if (!smb_fname->base_name) {
2670 TALLOC_FREE(dir_hnd);
2671 status = NT_STATUS_NO_MEMORY;
2675 status = check_name(conn, smb_fname->base_name);
2676 if (!NT_STATUS_IS_OK(status)) {
2677 TALLOC_FREE(dir_hnd);
2681 status = do_unlink(conn, req, smb_fname, dirtype);
2682 if (!NT_STATUS_IS_OK(status)) {
2687 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2688 smb_fname->base_name));
2690 TALLOC_FREE(dir_hnd);
2693 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2694 status = map_nt_error_from_unix(errno);
2698 TALLOC_FREE(smb_fname);
2699 TALLOC_FREE(fname_dir);
2700 TALLOC_FREE(fname_mask);
2704 /****************************************************************************
2706 ****************************************************************************/
2708 void reply_unlink(struct smb_request *req)
2710 connection_struct *conn = req->conn;
2714 bool path_contains_wcard = False;
2715 TALLOC_CTX *ctx = talloc_tos();
2717 START_PROFILE(SMBunlink);
2720 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2721 END_PROFILE(SMBunlink);
2725 dirtype = SVAL(req->vwv+0, 0);
2727 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2728 STR_TERMINATE, &status,
2729 &path_contains_wcard);
2730 if (!NT_STATUS_IS_OK(status)) {
2731 reply_nterror(req, status);
2732 END_PROFILE(SMBunlink);
2736 status = resolve_dfspath_wcard(ctx, conn,
2737 req->flags2 & FLAGS2_DFS_PATHNAMES,
2740 &path_contains_wcard);
2741 if (!NT_STATUS_IS_OK(status)) {
2742 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2743 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2744 ERRSRV, ERRbadpath);
2745 END_PROFILE(SMBunlink);
2748 reply_nterror(req, status);
2749 END_PROFILE(SMBunlink);
2753 DEBUG(3,("reply_unlink : %s\n",name));
2755 status = unlink_internals(conn, req, dirtype, name,
2756 path_contains_wcard);
2757 if (!NT_STATUS_IS_OK(status)) {
2758 if (open_was_deferred(req->mid)) {
2759 /* We have re-scheduled this call. */
2760 END_PROFILE(SMBunlink);
2763 reply_nterror(req, status);
2764 END_PROFILE(SMBunlink);
2768 reply_outbuf(req, 0, 0);
2769 END_PROFILE(SMBunlink);
2774 /****************************************************************************
2776 ****************************************************************************/
2778 static void fail_readraw(void)
2780 const char *errstr = talloc_asprintf(talloc_tos(),
2781 "FAIL ! reply_readbraw: socket write fail (%s)",
2786 exit_server_cleanly(errstr);
2789 /****************************************************************************
2790 Fake (read/write) sendfile. Returns -1 on read or write fail.
2791 ****************************************************************************/
2793 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2797 size_t tosend = nread;
2804 bufsize = MIN(nread, 65536);
2806 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2810 while (tosend > 0) {
2814 if (tosend > bufsize) {
2819 ret = read_file(fsp,buf,startpos,cur_read);
2825 /* If we had a short read, fill with zeros. */
2826 if (ret < cur_read) {
2827 memset(buf + ret, '\0', cur_read - ret);
2830 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2835 startpos += cur_read;
2839 return (ssize_t)nread;
2842 #if defined(WITH_SENDFILE)
2843 /****************************************************************************
2844 Deal with the case of sendfile reading less bytes from the file than
2845 requested. Fill with zeros (all we can do).
2846 ****************************************************************************/
2848 static void sendfile_short_send(files_struct *fsp,
2853 #define SHORT_SEND_BUFSIZE 1024
2854 if (nread < headersize) {
2855 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2856 "header for file %s (%s). Terminating\n",
2857 fsp->fsp_name, strerror(errno) ));
2858 exit_server_cleanly("sendfile_short_send failed");
2861 nread -= headersize;
2863 if (nread < smb_maxcnt) {
2864 char *buf = SMB_CALLOC_ARRAY(char, SHORT_SEND_BUFSIZE);
2866 exit_server_cleanly("sendfile_short_send: "
2870 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2871 "with zeros !\n", fsp->fsp_name));
2873 while (nread < smb_maxcnt) {
2875 * We asked for the real file size and told sendfile
2876 * to not go beyond the end of the file. But it can
2877 * happen that in between our fstat call and the
2878 * sendfile call the file was truncated. This is very
2879 * bad because we have already announced the larger
2880 * number of bytes to the client.
2882 * The best we can do now is to send 0-bytes, just as
2883 * a read from a hole in a sparse file would do.
2885 * This should happen rarely enough that I don't care
2886 * about efficiency here :-)
2890 to_write = MIN(SHORT_SEND_BUFSIZE, smb_maxcnt - nread);
2891 if (write_data(smbd_server_fd(), buf, to_write) != to_write) {
2892 exit_server_cleanly("sendfile_short_send: "
2893 "write_data failed");
2900 #endif /* defined WITH_SENDFILE */
2902 /****************************************************************************
2903 Return a readbraw error (4 bytes of zero).
2904 ****************************************************************************/
2906 static void reply_readbraw_error(void)
2910 if (write_data(smbd_server_fd(),header,4) != 4) {
2915 /****************************************************************************
2916 Use sendfile in readbraw.
2917 ****************************************************************************/
2919 static void send_file_readbraw(connection_struct *conn,
2920 struct smb_request *req,
2926 char *outbuf = NULL;
2929 #if defined(WITH_SENDFILE)
2931 * We can only use sendfile on a non-chained packet
2932 * but we can use on a non-oplocked file. tridge proved this
2933 * on a train in Germany :-). JRA.
2934 * reply_readbraw has already checked the length.
2937 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
2938 (fsp->wcp == NULL) &&
2939 lp_use_sendfile(SNUM(conn), smbd_server_conn->smb1.signing_state) ) {
2940 ssize_t sendfile_read = -1;
2942 DATA_BLOB header_blob;
2944 _smb_setlen(header,nread);
2945 header_blob = data_blob_const(header, 4);
2947 if ((sendfile_read = SMB_VFS_SENDFILE(smbd_server_fd(), fsp,
2948 &header_blob, startpos, nread)) == -1) {
2949 /* Returning ENOSYS means no data at all was sent.
2950 * Do this as a normal read. */
2951 if (errno == ENOSYS) {
2952 goto normal_readbraw;
2956 * Special hack for broken Linux with no working sendfile. If we
2957 * return EINTR we sent the header but not the rest of the data.
2958 * Fake this up by doing read/write calls.
2960 if (errno == EINTR) {
2961 /* Ensure we don't do this again. */
2962 set_use_sendfile(SNUM(conn), False);
2963 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2965 if (fake_sendfile(fsp, startpos, nread) == -1) {
2966 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2967 fsp->fsp_name, strerror(errno) ));
2968 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2973 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2974 fsp->fsp_name, strerror(errno) ));
2975 exit_server_cleanly("send_file_readbraw sendfile failed");
2976 } else if (sendfile_read == 0) {
2978 * Some sendfile implementations return 0 to indicate
2979 * that there was a short read, but nothing was
2980 * actually written to the socket. In this case,
2981 * fallback to the normal read path so the header gets
2982 * the correct byte count.
2984 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
2985 "bytes falling back to the normal read: "
2986 "%s\n", fsp->fsp_name));
2987 goto normal_readbraw;
2990 /* Deal with possible short send. */
2991 if (sendfile_read != 4+nread) {
2992 sendfile_short_send(fsp, sendfile_read, 4, nread);
3000 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
3002 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
3003 (unsigned)(nread+4)));
3004 reply_readbraw_error();
3009 ret = read_file(fsp,outbuf+4,startpos,nread);
3010 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3019 _smb_setlen(outbuf,ret);
3020 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
3023 TALLOC_FREE(outbuf);
3026 /****************************************************************************
3027 Reply to a readbraw (core+ protocol).
3028 ****************************************************************************/
3030 void reply_readbraw(struct smb_request *req)
3032 connection_struct *conn = req->conn;
3033 ssize_t maxcount,mincount;
3037 struct lock_struct lock;
3041 START_PROFILE(SMBreadbraw);
3043 if (srv_is_signing_active(smbd_server_conn) ||
3044 is_encrypted_packet(req->inbuf)) {
3045 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
3046 "raw reads/writes are disallowed.");
3050 reply_readbraw_error();
3051 END_PROFILE(SMBreadbraw);
3056 * Special check if an oplock break has been issued
3057 * and the readraw request croses on the wire, we must
3058 * return a zero length response here.
3061 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3064 * We have to do a check_fsp by hand here, as
3065 * we must always return 4 zero bytes on error,
3069 if (!fsp || !conn || conn != fsp->conn ||
3070 req->vuid != fsp->vuid ||
3071 fsp->is_directory || fsp->fh->fd == -1) {
3073 * fsp could be NULL here so use the value from the packet. JRA.
3075 DEBUG(3,("reply_readbraw: fnum %d not valid "
3077 (int)SVAL(req->vwv+0, 0)));
3078 reply_readbraw_error();
3079 END_PROFILE(SMBreadbraw);
3083 /* Do a "by hand" version of CHECK_READ. */
3084 if (!(fsp->can_read ||
3085 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
3086 (fsp->access_mask & FILE_EXECUTE)))) {
3087 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
3088 (int)SVAL(req->vwv+0, 0)));
3089 reply_readbraw_error();
3090 END_PROFILE(SMBreadbraw);
3094 flush_write_cache(fsp, READRAW_FLUSH);
3096 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
3097 if(req->wct == 10) {
3099 * This is a large offset (64 bit) read.
3101 #ifdef LARGE_SMB_OFF_T
3103 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
3105 #else /* !LARGE_SMB_OFF_T */
3108 * Ensure we haven't been sent a >32 bit offset.
3111 if(IVAL(req->vwv+8, 0) != 0) {
3112 DEBUG(0,("reply_readbraw: large offset "
3113 "(%x << 32) used and we don't support "
3114 "64 bit offsets.\n",
3115 (unsigned int)IVAL(req->vwv+8, 0) ));
3116 reply_readbraw_error();
3117 END_PROFILE(SMBreadbraw);
3121 #endif /* LARGE_SMB_OFF_T */
3124 DEBUG(0,("reply_readbraw: negative 64 bit "
3125 "readraw offset (%.0f) !\n",
3126 (double)startpos ));
3127 reply_readbraw_error();
3128 END_PROFILE(SMBreadbraw);
3133 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
3134 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
3136 /* ensure we don't overrun the packet size */
3137 maxcount = MIN(65535,maxcount);
3139 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3140 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
3143 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3144 reply_readbraw_error();
3145 END_PROFILE(SMBreadbraw);
3149 if (SMB_VFS_FSTAT(fsp, &st) == 0) {
3150 size = st.st_ex_size;
3153 if (startpos >= size) {
3156 nread = MIN(maxcount,(size - startpos));
3159 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3160 if (nread < mincount)
3164 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3165 "min=%lu nread=%lu\n",
3166 fsp->fnum, (double)startpos,
3167 (unsigned long)maxcount,
3168 (unsigned long)mincount,
3169 (unsigned long)nread ) );
3171 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3173 DEBUG(5,("reply_readbraw finished\n"));
3175 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3177 END_PROFILE(SMBreadbraw);
3182 #define DBGC_CLASS DBGC_LOCKING
3184 /****************************************************************************
3185 Reply to a lockread (core+ protocol).
3186 ****************************************************************************/
3188 void reply_lockread(struct smb_request *req)
3190 connection_struct *conn = req->conn;
3197 struct byte_range_lock *br_lck = NULL;
3199 struct smbd_server_connection *sconn = smbd_server_conn;
3201 START_PROFILE(SMBlockread);
3204 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3205 END_PROFILE(SMBlockread);
3209 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3211 if (!check_fsp(conn, req, fsp)) {
3212 END_PROFILE(SMBlockread);
3216 if (!CHECK_READ(fsp,req)) {
3217 reply_doserror(req, ERRDOS, ERRbadaccess);
3218 END_PROFILE(SMBlockread);
3222 numtoread = SVAL(req->vwv+1, 0);
3223 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3225 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3227 reply_outbuf(req, 5, numtoread + 3);
3229 data = smb_buf(req->outbuf) + 3;
3232 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3233 * protocol request that predates the read/write lock concept.
3234 * Thus instead of asking for a read lock here we need to ask
3235 * for a write lock. JRA.
3236 * Note that the requested lock size is unaffected by max_recv.
3239 br_lck = do_lock(smbd_messaging_context(),
3242 (uint64_t)numtoread,
3246 False, /* Non-blocking lock. */
3250 TALLOC_FREE(br_lck);
3252 if (NT_STATUS_V(status)) {
3253 reply_nterror(req, status);
3254 END_PROFILE(SMBlockread);
3259 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3262 if (numtoread > sconn->smb1.negprot.max_recv) {
3263 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3264 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3265 (unsigned int)numtoread,
3266 (unsigned int)sconn->smb1.negprot.max_recv));
3267 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3269 nread = read_file(fsp,data,startpos,numtoread);
3272 reply_nterror(req, map_nt_error_from_unix(errno));
3273 END_PROFILE(SMBlockread);
3277 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3279 SSVAL(req->outbuf,smb_vwv0,nread);
3280 SSVAL(req->outbuf,smb_vwv5,nread+3);
3281 p = smb_buf(req->outbuf);
3282 SCVAL(p,0,0); /* pad byte. */
3285 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3286 fsp->fnum, (int)numtoread, (int)nread));
3288 END_PROFILE(SMBlockread);
3293 #define DBGC_CLASS DBGC_ALL
3295 /****************************************************************************
3297 ****************************************************************************/
3299 void reply_read(struct smb_request *req)
3301 connection_struct *conn = req->conn;
3308 struct lock_struct lock;
3309 struct smbd_server_connection *sconn = smbd_server_conn;
3311 START_PROFILE(SMBread);
3314 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3315 END_PROFILE(SMBread);
3319 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3321 if (!check_fsp(conn, req, fsp)) {
3322 END_PROFILE(SMBread);
3326 if (!CHECK_READ(fsp,req)) {
3327 reply_doserror(req, ERRDOS, ERRbadaccess);
3328 END_PROFILE(SMBread);
3332 numtoread = SVAL(req->vwv+1, 0);
3333 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3335 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3338 * The requested read size cannot be greater than max_recv. JRA.
3340 if (numtoread > sconn->smb1.negprot.max_recv) {
3341 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3342 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3343 (unsigned int)numtoread,
3344 (unsigned int)sconn->smb1.negprot.max_recv));
3345 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3348 reply_outbuf(req, 5, numtoread+3);
3350 data = smb_buf(req->outbuf) + 3;
3352 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3353 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3356 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3357 reply_doserror(req, ERRDOS,ERRlock);
3358 END_PROFILE(SMBread);
3363 nread = read_file(fsp,data,startpos,numtoread);
3366 reply_nterror(req, map_nt_error_from_unix(errno));
3370 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3372 SSVAL(req->outbuf,smb_vwv0,nread);
3373 SSVAL(req->outbuf,smb_vwv5,nread+3);
3374 SCVAL(smb_buf(req->outbuf),0,1);
3375 SSVAL(smb_buf(req->outbuf),1,nread);
3377 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3378 fsp->fnum, (int)numtoread, (int)nread ) );
3381 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3383 END_PROFILE(SMBread);
3387 /****************************************************************************
3389 ****************************************************************************/
3391 static int setup_readX_header(struct smb_request *req, char *outbuf,
3397 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3398 data = smb_buf(outbuf);
3400 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3402 SCVAL(outbuf,smb_vwv0,0xFF);
3403 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3404 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3405 SSVAL(outbuf,smb_vwv6,
3407 + 1 /* the wct field */
3408 + 12 * sizeof(uint16_t) /* vwv */
3409 + 2); /* the buflen field */
3410 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3411 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3412 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3413 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3417 /****************************************************************************
3418 Reply to a read and X - possibly using sendfile.
3419 ****************************************************************************/
3421 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3422 files_struct *fsp, SMB_OFF_T startpos,
3425 SMB_STRUCT_STAT sbuf;
3427 struct lock_struct lock;
3428 int saved_errno = 0;
3430 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
3431 reply_nterror(req, map_nt_error_from_unix(errno));
3435 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3436 (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
3439 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3440 reply_doserror(req, ERRDOS, ERRlock);
3444 if (!S_ISREG(sbuf.st_ex_mode) || (startpos > sbuf.st_ex_size)
3445 || (smb_maxcnt > (sbuf.st_ex_size - startpos))) {
3447 * We already know that we would do a short read, so don't
3448 * try the sendfile() path.
3450 goto nosendfile_read;
3453 #if defined(WITH_SENDFILE)
3455 * We can only use sendfile on a non-chained packet
3456 * but we can use on a non-oplocked file. tridge proved this
3457 * on a train in Germany :-). JRA.
3460 if (!req_is_in_chain(req) &&
3461 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3462 (fsp->wcp == NULL) &&
3463 lp_use_sendfile(SNUM(conn), smbd_server_conn->smb1.signing_state) ) {
3464 uint8 headerbuf[smb_size + 12 * 2];
3468 * Set up the packet header before send. We
3469 * assume here the sendfile will work (get the
3470 * correct amount of data).
3473 header = data_blob_const(headerbuf, sizeof(headerbuf));
3475 construct_reply_common_req(req, (char *)headerbuf);
3476 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3478 if ((nread = SMB_VFS_SENDFILE(smbd_server_fd(), fsp, &header, startpos, smb_maxcnt)) == -1) {
3479 /* Returning ENOSYS means no data at all was sent.
3480 Do this as a normal read. */
3481 if (errno == ENOSYS) {
3486 * Special hack for broken Linux with no working sendfile. If we
3487 * return EINTR we sent the header but not the rest of the data.
3488 * Fake this up by doing read/write calls.
3491 if (errno == EINTR) {
3492 /* Ensure we don't do this again. */
3493 set_use_sendfile(SNUM(conn), False);
3494 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3495 nread = fake_sendfile(fsp, startpos,
3498 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3499 fsp->fsp_name, strerror(errno) ));
3500 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3502 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3503 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3504 /* No outbuf here means successful sendfile. */
3508 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3509 fsp->fsp_name, strerror(errno) ));
3510 exit_server_cleanly("send_file_readX sendfile failed");
3511 } else if (nread == 0) {
3513 * Some sendfile implementations return 0 to indicate
3514 * that there was a short read, but nothing was
3515 * actually written to the socket. In this case,
3516 * fallback to the normal read path so the header gets
3517 * the correct byte count.
3519 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3520 "falling back to the normal read: %s\n",
3525 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3526 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3528 /* Deal with possible short send. */
3529 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3530 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3532 /* No outbuf here means successful sendfile. */
3533 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req->pcd, nread);
3534 SMB_PERFCOUNT_END(&req->pcd);
3542 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3543 uint8 headerbuf[smb_size + 2*12];
3545 construct_reply_common_req(req, (char *)headerbuf);
3546 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3548 /* Send out the header. */
3549 if (write_data(smbd_server_fd(), (char *)headerbuf,
3550 sizeof(headerbuf)) != sizeof(headerbuf)) {
3551 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3552 fsp->fsp_name, strerror(errno) ));
3553 exit_server_cleanly("send_file_readX sendfile failed");
3555 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3557 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3558 fsp->fsp_name, strerror(errno) ));
3559 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3566 reply_outbuf(req, 12, smb_maxcnt);
3568 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3569 saved_errno = errno;
3571 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3574 reply_nterror(req, map_nt_error_from_unix(saved_errno));
3578 setup_readX_header(req, (char *)req->outbuf, nread);
3580 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3581 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3587 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3588 TALLOC_FREE(req->outbuf);
3592 /****************************************************************************
3593 Reply to a read and X.
3594 ****************************************************************************/
3596 void reply_read_and_X(struct smb_request *req)
3598 connection_struct *conn = req->conn;
3602 bool big_readX = False;
3604 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3607 START_PROFILE(SMBreadX);
3609 if ((req->wct != 10) && (req->wct != 12)) {
3610 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3614 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3615 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3616 smb_maxcnt = SVAL(req->vwv+5, 0);
3618 /* If it's an IPC, pass off the pipe handler. */
3620 reply_pipe_read_and_X(req);
3621 END_PROFILE(SMBreadX);
3625 if (!check_fsp(conn, req, fsp)) {
3626 END_PROFILE(SMBreadX);
3630 if (!CHECK_READ(fsp,req)) {
3631 reply_doserror(req, ERRDOS,ERRbadaccess);
3632 END_PROFILE(SMBreadX);
3636 if (global_client_caps & CAP_LARGE_READX) {
3637 size_t upper_size = SVAL(req->vwv+7, 0);
3638 smb_maxcnt |= (upper_size<<16);
3639 if (upper_size > 1) {
3640 /* Can't do this on a chained packet. */
3641 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3642 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3643 END_PROFILE(SMBreadX);
3646 /* We currently don't do this on signed or sealed data. */
3647 if (srv_is_signing_active(smbd_server_conn) ||
3648 is_encrypted_packet(req->inbuf)) {
3649 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3650 END_PROFILE(SMBreadX);
3653 /* Is there room in the reply for this data ? */
3654 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3656 NT_STATUS_INVALID_PARAMETER);
3657 END_PROFILE(SMBreadX);
3664 if (req->wct == 12) {
3665 #ifdef LARGE_SMB_OFF_T
3667 * This is a large offset (64 bit) read.
3669 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3671 #else /* !LARGE_SMB_OFF_T */
3674 * Ensure we haven't been sent a >32 bit offset.
3677 if(IVAL(req->vwv+10, 0) != 0) {
3678 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3679 "used and we don't support 64 bit offsets.\n",
3680 (unsigned int)IVAL(req->vwv+10, 0) ));
3681 END_PROFILE(SMBreadX);
3682 reply_doserror(req, ERRDOS, ERRbadaccess);
3686 #endif /* LARGE_SMB_OFF_T */
3691 schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
3695 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3698 END_PROFILE(SMBreadX);
3702 /****************************************************************************
3703 Error replies to writebraw must have smb_wct == 1. Fix this up.
3704 ****************************************************************************/
3706 void error_to_writebrawerr(struct smb_request *req)
3708 uint8 *old_outbuf = req->outbuf;
3710 reply_outbuf(req, 1, 0);
3712 memcpy(req->outbuf, old_outbuf, smb_size);
3713 TALLOC_FREE(old_outbuf);
3716 /****************************************************************************
3717 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3718 ****************************************************************************/
3720 void reply_writebraw(struct smb_request *req)
3722 connection_struct *conn = req->conn;
3725 ssize_t total_written=0;
3726 size_t numtowrite=0;
3732 struct lock_struct lock;
3735 START_PROFILE(SMBwritebraw);
3738 * If we ever reply with an error, it must have the SMB command
3739 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3742 SCVAL(req->inbuf,smb_com,SMBwritec);
3744 if (srv_is_signing_active(smbd_server_conn)) {
3745 END_PROFILE(SMBwritebraw);
3746 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3747 "raw reads/writes are disallowed.");
3750 if (req->wct < 12) {
3751 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3752 error_to_writebrawerr(req);
3753 END_PROFILE(SMBwritebraw);
3757 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3758 if (!check_fsp(conn, req, fsp)) {
3759 error_to_writebrawerr(req);
3760 END_PROFILE(SMBwritebraw);
3764 if (!CHECK_WRITE(fsp)) {
3765 reply_doserror(req, ERRDOS, ERRbadaccess);
3766 error_to_writebrawerr(req);
3767 END_PROFILE(SMBwritebraw);
3771 tcount = IVAL(req->vwv+1, 0);
3772 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3773 write_through = BITSETW(req->vwv+7,0);
3775 /* We have to deal with slightly different formats depending
3776 on whether we are using the core+ or lanman1.0 protocol */
3778 if(Protocol <= PROTOCOL_COREPLUS) {
3779 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3780 data = smb_buf(req->inbuf);
3782 numtowrite = SVAL(req->vwv+10, 0);
3783 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3786 /* Ensure we don't write bytes past the end of this packet. */
3787 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3788 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3789 error_to_writebrawerr(req);
3790 END_PROFILE(SMBwritebraw);
3794 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3795 (uint64_t)startpos, (uint64_t)tcount, WRITE_LOCK,
3798 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3799 reply_doserror(req, ERRDOS, ERRlock);
3800 error_to_writebrawerr(req);
3801 END_PROFILE(SMBwritebraw);
3806 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3809 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3810 "wrote=%d sync=%d\n",
3811 fsp->fnum, (double)startpos, (int)numtowrite,
3812 (int)nwritten, (int)write_through));
3814 if (nwritten < (ssize_t)numtowrite) {
3815 reply_doserror(req, ERRHRD, ERRdiskfull);
3816 error_to_writebrawerr(req);
3820 total_written = nwritten;
3822 /* Allocate a buffer of 64k + length. */
3823 buf = TALLOC_ARRAY(NULL, char, 65540);
3825 reply_doserror(req, ERRDOS, ERRnomem);
3826 error_to_writebrawerr(req);
3830 /* Return a SMBwritebraw message to the redirector to tell
3831 * it to send more bytes */
3833 memcpy(buf, req->inbuf, smb_size);
3834 srv_set_message(buf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3835 SCVAL(buf,smb_com,SMBwritebraw);
3836 SSVALS(buf,smb_vwv0,0xFFFF);
3838 if (!srv_send_smb(smbd_server_fd(),
3840 false, 0, /* no signing */
3841 IS_CONN_ENCRYPTED(conn),
3843 exit_server_cleanly("reply_writebraw: srv_send_smb "
3847 /* Now read the raw data into the buffer and write it */
3848 status = read_smb_length(smbd_server_fd(), buf, SMB_SECONDARY_WAIT,
3850 if (!NT_STATUS_IS_OK(status)) {
3851 exit_server_cleanly("secondary writebraw failed");
3854 /* Set up outbuf to return the correct size */
3855 reply_outbuf(req, 1, 0);
3857 if (numtowrite != 0) {
3859 if (numtowrite > 0xFFFF) {
3860 DEBUG(0,("reply_writebraw: Oversize secondary write "
3861 "raw requested (%u). Terminating\n",
3862 (unsigned int)numtowrite ));
3863 exit_server_cleanly("secondary writebraw failed");
3866 if (tcount > nwritten+numtowrite) {
3867 DEBUG(3,("reply_writebraw: Client overestimated the "
3869 (int)tcount,(int)nwritten,(int)numtowrite));
3872 status = read_data(smbd_server_fd(), buf+4, numtowrite);
3874 if (!NT_STATUS_IS_OK(status)) {
3875 DEBUG(0,("reply_writebraw: Oversize secondary write "
3876 "raw read failed (%s). Terminating\n",
3877 nt_errstr(status)));
3878 exit_server_cleanly("secondary writebraw failed");
3881 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
3882 if (nwritten == -1) {
3884 reply_nterror(req, map_nt_error_from_unix(errno));
3885 error_to_writebrawerr(req);
3889 if (nwritten < (ssize_t)numtowrite) {
3890 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3891 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3895 total_written += nwritten;
3900 SSVAL(req->outbuf,smb_vwv0,total_written);
3902 status = sync_file(conn, fsp, write_through);
3903 if (!NT_STATUS_IS_OK(status)) {
3904 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3905 fsp->fsp_name, nt_errstr(status) ));
3906 reply_nterror(req, status);
3907 error_to_writebrawerr(req);
3911 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3913 fsp->fnum, (double)startpos, (int)numtowrite,
3914 (int)total_written));
3916 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3918 /* We won't return a status if write through is not selected - this
3919 * follows what WfWg does */
3920 END_PROFILE(SMBwritebraw);
3922 if (!write_through && total_written==tcount) {
3924 #if RABBIT_PELLET_FIX
3926 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3927 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3930 if (!send_keepalive(smbd_server_fd())) {
3931 exit_server_cleanly("reply_writebraw: send of "
3932 "keepalive failed");
3935 TALLOC_FREE(req->outbuf);
3940 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3942 END_PROFILE(SMBwritebraw);
3947 #define DBGC_CLASS DBGC_LOCKING
3949 /****************************************************************************
3950 Reply to a writeunlock (core+).
3951 ****************************************************************************/
3953 void reply_writeunlock(struct smb_request *req)
3955 connection_struct *conn = req->conn;
3956 ssize_t nwritten = -1;
3960 NTSTATUS status = NT_STATUS_OK;
3962 struct lock_struct lock;
3963 int saved_errno = 0;
3965 START_PROFILE(SMBwriteunlock);
3968 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3969 END_PROFILE(SMBwriteunlock);
3973 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3975 if (!check_fsp(conn, req, fsp)) {
3976 END_PROFILE(SMBwriteunlock);
3980 if (!CHECK_WRITE(fsp)) {
3981 reply_doserror(req, ERRDOS,ERRbadaccess);
3982 END_PROFILE(SMBwriteunlock);
3986 numtowrite = SVAL(req->vwv+1, 0);
3987 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3988 data = (const char *)req->buf + 3;
3991 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3992 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
3995 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3996 reply_doserror(req, ERRDOS, ERRlock);
3997 END_PROFILE(SMBwriteunlock);
4002 /* The special X/Open SMB protocol handling of
4003 zero length writes is *NOT* done for
4005 if(numtowrite == 0) {
4008 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4009 saved_errno = errno;
4012 status = sync_file(conn, fsp, False /* write through */);
4013 if (!NT_STATUS_IS_OK(status)) {
4014 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
4015 fsp->fsp_name, nt_errstr(status) ));
4016 reply_nterror(req, status);
4021 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4025 if((nwritten < numtowrite) && (numtowrite != 0)) {
4026 reply_doserror(req, ERRHRD, ERRdiskfull);
4031 status = do_unlock(smbd_messaging_context(),
4034 (uint64_t)numtowrite,
4038 if (NT_STATUS_V(status)) {
4039 reply_nterror(req, status);
4044 reply_outbuf(req, 1, 0);
4046 SSVAL(req->outbuf,smb_vwv0,nwritten);
4048 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
4049 fsp->fnum, (int)numtowrite, (int)nwritten));
4053 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4056 END_PROFILE(SMBwriteunlock);
4061 #define DBGC_CLASS DBGC_ALL
4063 /****************************************************************************
4065 ****************************************************************************/
4067 void reply_write(struct smb_request *req)
4069 connection_struct *conn = req->conn;
4071 ssize_t nwritten = -1;
4075 struct lock_struct lock;
4077 int saved_errno = 0;
4079 START_PROFILE(SMBwrite);
4082 END_PROFILE(SMBwrite);
4083 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4087 /* If it's an IPC, pass off the pipe handler. */
4089 reply_pipe_write(req);
4090 END_PROFILE(SMBwrite);
4094 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4096 if (!check_fsp(conn, req, fsp)) {
4097 END_PROFILE(SMBwrite);
4101 if (!CHECK_WRITE(fsp)) {
4102 reply_doserror(req, ERRDOS, ERRbadaccess);
4103 END_PROFILE(SMBwrite);
4107 numtowrite = SVAL(req->vwv+1, 0);
4108 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4109 data = (const char *)req->buf + 3;
4111 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4112 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4115 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4116 reply_doserror(req, ERRDOS, ERRlock);
4117 END_PROFILE(SMBwrite);
4122 * X/Open SMB protocol says that if smb_vwv1 is
4123 * zero then the file size should be extended or
4124 * truncated to the size given in smb_vwv[2-3].
4127 if(numtowrite == 0) {
4129 * This is actually an allocate call, and set EOF. JRA.
4131 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
4133 reply_nterror(req, NT_STATUS_DISK_FULL);
4136 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
4138 reply_nterror(req, NT_STATUS_DISK_FULL);
4141 trigger_write_time_update_immediate(fsp);
4143 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4146 status = sync_file(conn, fsp, False);
4147 if (!NT_STATUS_IS_OK(status)) {
4148 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
4149 fsp->fsp_name, nt_errstr(status) ));
4150 reply_nterror(req, status);
4155 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4159 if((nwritten == 0) && (numtowrite != 0)) {
4160 reply_doserror(req, ERRHRD, ERRdiskfull);
4164 reply_outbuf(req, 1, 0);
4166 SSVAL(req->outbuf,smb_vwv0,nwritten);
4168 if (nwritten < (ssize_t)numtowrite) {
4169 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4170 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4173 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
4176 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4178 END_PROFILE(SMBwrite);
4182 /****************************************************************************
4183 Ensure a buffer is a valid writeX for recvfile purposes.
4184 ****************************************************************************/
4186 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
4187 (2*14) + /* word count (including bcc) */ \
4190 bool is_valid_writeX_buffer(const uint8_t *inbuf)
4193 connection_struct *conn = NULL;
4194 unsigned int doff = 0;
4195 size_t len = smb_len_large(inbuf);
4196 struct smbd_server_connection *sconn = smbd_server_conn;
4198 if (is_encrypted_packet(inbuf)) {
4199 /* Can't do this on encrypted
4204 if (CVAL(inbuf,smb_com) != SMBwriteX) {
4208 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
4209 CVAL(inbuf,smb_wct) != 14) {
4210 DEBUG(10,("is_valid_writeX_buffer: chained or "
4211 "invalid word length.\n"));
4215 conn = conn_find(sconn, SVAL(inbuf, smb_tid));
4217 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4221 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4224 if (IS_PRINT(conn)) {
4225 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4228 doff = SVAL(inbuf,smb_vwv11);
4230 numtowrite = SVAL(inbuf,smb_vwv10);
4232 if (len > doff && len - doff > 0xFFFF) {
4233 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
4236 if (numtowrite == 0) {
4237 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4241 /* Ensure the sizes match up. */
4242 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
4243 /* no pad byte...old smbclient :-( */
4244 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4246 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
4250 if (len - doff != numtowrite) {
4251 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4252 "len = %u, doff = %u, numtowrite = %u\n",
4255 (unsigned int)numtowrite ));
4259 DEBUG(10,("is_valid_writeX_buffer: true "
4260 "len = %u, doff = %u, numtowrite = %u\n",
4263 (unsigned int)numtowrite ));
4268 /****************************************************************************
4269 Reply to a write and X.
4270 ****************************************************************************/
4272 void reply_write_and_X(struct smb_request *req)
4274 connection_struct *conn = req->conn;
4276 struct lock_struct lock;
4281 unsigned int smb_doff;
4282 unsigned int smblen;
4286 START_PROFILE(SMBwriteX);
4288 if ((req->wct != 12) && (req->wct != 14)) {
4289 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4290 END_PROFILE(SMBwriteX);
4294 numtowrite = SVAL(req->vwv+10, 0);
4295 smb_doff = SVAL(req->vwv+11, 0);
4296 smblen = smb_len(req->inbuf);
4298 if (req->unread_bytes > 0xFFFF ||
4299 (smblen > smb_doff &&
4300 smblen - smb_doff > 0xFFFF)) {
4301 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4304 if (req->unread_bytes) {
4305 /* Can't do a recvfile write on IPC$ */
4307 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4308 END_PROFILE(SMBwriteX);
4311 if (numtowrite != req->unread_bytes) {
4312 reply_doserror(req, ERRDOS, ERRbadmem);
4313 END_PROFILE(SMBwriteX);
4317 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4318 smb_doff + numtowrite > smblen) {
4319 reply_doserror(req, ERRDOS, ERRbadmem);
4320 END_PROFILE(SMBwriteX);
4325 /* If it's an IPC, pass off the pipe handler. */
4327 if (req->unread_bytes) {
4328 reply_doserror(req, ERRDOS, ERRbadmem);
4329 END_PROFILE(SMBwriteX);
4332 reply_pipe_write_and_X(req);
4333 END_PROFILE(SMBwriteX);
4337 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4338 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4339 write_through = BITSETW(req->vwv+7,0);
4341 if (!check_fsp(conn, req, fsp)) {
4342 END_PROFILE(SMBwriteX);
4346 if (!CHECK_WRITE(fsp)) {
4347 reply_doserror(req, ERRDOS, ERRbadaccess);
4348 END_PROFILE(SMBwriteX);
4352 data = smb_base(req->inbuf) + smb_doff;
4354 if(req->wct == 14) {
4355 #ifdef LARGE_SMB_OFF_T
4357 * This is a large offset (64 bit) write.
4359 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4361 #else /* !LARGE_SMB_OFF_T */
4364 * Ensure we haven't been sent a >32 bit offset.
4367 if(IVAL(req->vwv+12, 0) != 0) {
4368 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4369 "used and we don't support 64 bit offsets.\n",
4370 (unsigned int)IVAL(req->vwv+12, 0) ));
4371 reply_doserror(req, ERRDOS, ERRbadaccess);
4372 END_PROFILE(SMBwriteX);
4376 #endif /* LARGE_SMB_OFF_T */
4379 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4380 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4383 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4384 reply_doserror(req, ERRDOS, ERRlock);
4385 END_PROFILE(SMBwriteX);
4389 /* X/Open SMB protocol says that, unlike SMBwrite
4390 if the length is zero then NO truncation is
4391 done, just a write of zero. To truncate a file,
4394 if(numtowrite == 0) {
4398 if ((req->unread_bytes == 0) &&
4399 schedule_aio_write_and_X(conn, req, fsp, data, startpos,
4404 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4408 reply_nterror(req, map_nt_error_from_unix(errno));
4412 if((nwritten == 0) && (numtowrite != 0)) {
4413 reply_doserror(req, ERRHRD, ERRdiskfull);
4417 reply_outbuf(req, 6, 0);
4418 SSVAL(req->outbuf,smb_vwv2,nwritten);
4419 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4421 if (nwritten < (ssize_t)numtowrite) {
4422 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4423 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4426 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4427 fsp->fnum, (int)numtowrite, (int)nwritten));
4429 status = sync_file(conn, fsp, write_through);
4430 if (!NT_STATUS_IS_OK(status)) {
4431 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4432 fsp->fsp_name, nt_errstr(status) ));
4433 reply_nterror(req, status);
4437 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4439 END_PROFILE(SMBwriteX);
4444 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4446 END_PROFILE(SMBwriteX);
4450 /****************************************************************************
4452 ****************************************************************************/
4454 void reply_lseek(struct smb_request *req)
4456 connection_struct *conn = req->conn;
4462 START_PROFILE(SMBlseek);
4465 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4466 END_PROFILE(SMBlseek);
4470 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4472 if (!check_fsp(conn, req, fsp)) {
4476 flush_write_cache(fsp, SEEK_FLUSH);
4478 mode = SVAL(req->vwv+1, 0) & 3;
4479 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4480 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4489 res = fsp->fh->pos + startpos;
4500 if (umode == SEEK_END) {
4501 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4502 if(errno == EINVAL) {
4503 SMB_OFF_T current_pos = startpos;
4504 SMB_STRUCT_STAT sbuf;
4506 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
4508 map_nt_error_from_unix(errno));
4509 END_PROFILE(SMBlseek);
4513 current_pos += sbuf.st_ex_size;
4515 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4520 reply_nterror(req, map_nt_error_from_unix(errno));
4521 END_PROFILE(SMBlseek);
4528 reply_outbuf(req, 2, 0);
4529 SIVAL(req->outbuf,smb_vwv0,res);
4531 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4532 fsp->fnum, (double)startpos, (double)res, mode));
4534 END_PROFILE(SMBlseek);
4538 /****************************************************************************
4540 ****************************************************************************/
4542 void reply_flush(struct smb_request *req)
4544 connection_struct *conn = req->conn;
4548 START_PROFILE(SMBflush);
4551 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4555 fnum = SVAL(req->vwv+0, 0);
4556 fsp = file_fsp(req, fnum);
4558 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4563 file_sync_all(conn);
4565 NTSTATUS status = sync_file(conn, fsp, True);
4566 if (!NT_STATUS_IS_OK(status)) {
4567 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4568 fsp->fsp_name, nt_errstr(status) ));
4569 reply_nterror(req, status);
4570 END_PROFILE(SMBflush);
4575 reply_outbuf(req, 0, 0);
4577 DEBUG(3,("flush\n"));
4578 END_PROFILE(SMBflush);
4582 /****************************************************************************
4584 conn POINTER CAN BE NULL HERE !
4585 ****************************************************************************/
4587 void reply_exit(struct smb_request *req)
4589 START_PROFILE(SMBexit);
4591 file_close_pid(req->smbpid, req->vuid);
4593 reply_outbuf(req, 0, 0);
4595 DEBUG(3,("exit\n"));
4597 END_PROFILE(SMBexit);
4601 /****************************************************************************
4602 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4603 ****************************************************************************/
4605 void reply_close(struct smb_request *req)
4607 connection_struct *conn = req->conn;
4608 NTSTATUS status = NT_STATUS_OK;
4609 files_struct *fsp = NULL;
4610 START_PROFILE(SMBclose);
4613 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4614 END_PROFILE(SMBclose);
4618 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4621 * We can only use check_fsp if we know it's not a directory.
4624 if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) {
4625 reply_doserror(req, ERRDOS, ERRbadfid);
4626 END_PROFILE(SMBclose);
4630 if(fsp->is_directory) {
4632 * Special case - close NT SMB directory handle.
4634 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4635 status = close_file(req, fsp, NORMAL_CLOSE);
4639 * Close ordinary file.
4642 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4643 fsp->fh->fd, fsp->fnum,
4644 conn->num_files_open));
4647 * Take care of any time sent in the close.
4650 t = srv_make_unix_date3(req->vwv+1);
4651 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4654 * close_file() returns the unix errno if an error
4655 * was detected on close - normally this is due to
4656 * a disk full error. If not then it was probably an I/O error.
4659 status = close_file(req, fsp, NORMAL_CLOSE);
4662 if (!NT_STATUS_IS_OK(status)) {
4663 reply_nterror(req, status);
4664 END_PROFILE(SMBclose);
4668 reply_outbuf(req, 0, 0);
4669 END_PROFILE(SMBclose);
4673 /****************************************************************************
4674 Reply to a writeclose (Core+ protocol).
4675 ****************************************************************************/
4677 void reply_writeclose(struct smb_request *req)
4679 connection_struct *conn = req->conn;
4681 ssize_t nwritten = -1;
4682 NTSTATUS close_status = NT_STATUS_OK;
4685 struct timespec mtime;
4687 struct lock_struct lock;
4689 START_PROFILE(SMBwriteclose);
4692 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4693 END_PROFILE(SMBwriteclose);
4697 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4699 if (!check_fsp(conn, req, fsp)) {
4700 END_PROFILE(SMBwriteclose);
4703 if (!CHECK_WRITE(fsp)) {
4704 reply_doserror(req, ERRDOS,ERRbadaccess);
4705 END_PROFILE(SMBwriteclose);
4709 numtowrite = SVAL(req->vwv+1, 0);
4710 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4711 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4712 data = (const char *)req->buf + 1;
4715 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4716 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4719 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4720 reply_doserror(req, ERRDOS,ERRlock);
4721 END_PROFILE(SMBwriteclose);
4726 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4728 set_close_write_time(fsp, mtime);
4731 * More insanity. W2K only closes the file if writelen > 0.
4736 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4738 close_status = close_file(req, fsp, NORMAL_CLOSE);
4741 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4742 fsp->fnum, (int)numtowrite, (int)nwritten,
4743 conn->num_files_open));
4745 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4746 reply_doserror(req, ERRHRD, ERRdiskfull);
4750 if(!NT_STATUS_IS_OK(close_status)) {
4751 reply_nterror(req, close_status);
4755 reply_outbuf(req, 1, 0);
4757 SSVAL(req->outbuf,smb_vwv0,nwritten);
4761 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4764 END_PROFILE(SMBwriteclose);
4769 #define DBGC_CLASS DBGC_LOCKING
4771 /****************************************************************************
4773 ****************************************************************************/
4775 void reply_lock(struct smb_request *req)
4777 connection_struct *conn = req->conn;
4778 uint64_t count,offset;
4781 struct byte_range_lock *br_lck = NULL;
4783 START_PROFILE(SMBlock);
4786 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4787 END_PROFILE(SMBlock);
4791 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4793 if (!check_fsp(conn, req, fsp)) {
4794 END_PROFILE(SMBlock);
4798 count = (uint64_t)IVAL(req->vwv+1, 0);
4799 offset = (uint64_t)IVAL(req->vwv+3, 0);
4801 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4802 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
4804 br_lck = do_lock(smbd_messaging_context(),
4811 False, /* Non-blocking lock. */
4816 TALLOC_FREE(br_lck);
4818 if (NT_STATUS_V(status)) {
4819 reply_nterror(req, status);
4820 END_PROFILE(SMBlock);
4824 reply_outbuf(req, 0, 0);
4826 END_PROFILE(SMBlock);
4830 /****************************************************************************
4832 ****************************************************************************/
4834 void reply_unlock(struct smb_request *req)
4836 connection_struct *conn = req->conn;
4837 uint64_t count,offset;
4841 START_PROFILE(SMBunlock);
4844 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4845 END_PROFILE(SMBunlock);
4849 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4851 if (!check_fsp(conn, req, fsp)) {
4852 END_PROFILE(SMBunlock);
4856 count = (uint64_t)IVAL(req->vwv+1, 0);
4857 offset = (uint64_t)IVAL(req->vwv+3, 0);
4859 status = do_unlock(smbd_messaging_context(),
4866 if (NT_STATUS_V(status)) {
4867 reply_nterror(req, status);
4868 END_PROFILE(SMBunlock);
4872 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4873 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
4875 reply_outbuf(req, 0, 0);
4877 END_PROFILE(SMBunlock);
4882 #define DBGC_CLASS DBGC_ALL
4884 /****************************************************************************
4886 conn POINTER CAN BE NULL HERE !
4887 ****************************************************************************/
4889 void reply_tdis(struct smb_request *req)
4891 struct smbd_server_connection *sconn = smbd_server_conn;
4892 connection_struct *conn = req->conn;
4893 START_PROFILE(SMBtdis);
4896 DEBUG(4,("Invalid connection in tdis\n"));
4897 reply_doserror(req, ERRSRV, ERRinvnid);
4898 END_PROFILE(SMBtdis);
4904 close_cnum(sconn, conn,req->vuid);
4907 reply_outbuf(req, 0, 0);
4908 END_PROFILE(SMBtdis);
4912 /****************************************************************************
4914 conn POINTER CAN BE NULL HERE !
4915 ****************************************************************************/
4917 void reply_echo(struct smb_request *req)
4919 connection_struct *conn = req->conn;
4920 struct smb_perfcount_data local_pcd;
4921 struct smb_perfcount_data *cur_pcd;
4925 START_PROFILE(SMBecho);
4927 smb_init_perfcount_data(&local_pcd);
4930 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4931 END_PROFILE(SMBecho);
4935 smb_reverb = SVAL(req->vwv+0, 0);
4937 reply_outbuf(req, 1, req->buflen);
4939 /* copy any incoming data back out */
4940 if (req->buflen > 0) {
4941 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
4944 if (smb_reverb > 100) {
4945 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
4949 for (seq_num = 1 ; seq_num <= smb_reverb ; seq_num++) {
4951 /* this makes sure we catch the request pcd */
4952 if (seq_num == smb_reverb) {
4953 cur_pcd = &req->pcd;
4955 SMB_PERFCOUNT_COPY_CONTEXT(&req->pcd, &local_pcd);
4956 cur_pcd = &local_pcd;
4959 SSVAL(req->outbuf,smb_vwv0,seq_num);
4961 show_msg((char *)req->outbuf);
4962 if (!srv_send_smb(smbd_server_fd(),
4963 (char *)req->outbuf,
4964 true, req->seqnum+1,
4965 IS_CONN_ENCRYPTED(conn)||req->encrypted,
4967 exit_server_cleanly("reply_echo: srv_send_smb failed.");
4970 DEBUG(3,("echo %d times\n", smb_reverb));
4972 TALLOC_FREE(req->outbuf);
4974 END_PROFILE(SMBecho);
4978 /****************************************************************************
4979 Reply to a printopen.
4980 ****************************************************************************/
4982 void reply_printopen(struct smb_request *req)
4984 connection_struct *conn = req->conn;
4986 SMB_STRUCT_STAT sbuf;
4989 START_PROFILE(SMBsplopen);
4992 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4993 END_PROFILE(SMBsplopen);
4997 if (!CAN_PRINT(conn)) {
4998 reply_doserror(req, ERRDOS, ERRnoaccess);
4999 END_PROFILE(SMBsplopen);
5003 status = file_new(req, conn, &fsp);
5004 if(!NT_STATUS_IS_OK(status)) {
5005 reply_nterror(req, status);
5006 END_PROFILE(SMBsplopen);
5010 /* Open for exclusive use, write only. */
5011 status = print_fsp_open(req, conn, NULL, req->vuid, fsp, &sbuf);
5013 if (!NT_STATUS_IS_OK(status)) {
5014 file_free(req, fsp);
5015 reply_nterror(req, status);
5016 END_PROFILE(SMBsplopen);
5020 reply_outbuf(req, 1, 0);
5021 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
5023 DEBUG(3,("openprint fd=%d fnum=%d\n",
5024 fsp->fh->fd, fsp->fnum));
5026 END_PROFILE(SMBsplopen);
5030 /****************************************************************************
5031 Reply to a printclose.
5032 ****************************************************************************/
5034 void reply_printclose(struct smb_request *req)
5036 connection_struct *conn = req->conn;
5040 START_PROFILE(SMBsplclose);
5043 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5044 END_PROFILE(SMBsplclose);
5048 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5050 if (!check_fsp(conn, req, fsp)) {
5051 END_PROFILE(SMBsplclose);
5055 if (!CAN_PRINT(conn)) {
5056 reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRerror));
5057 END_PROFILE(SMBsplclose);
5061 DEBUG(3,("printclose fd=%d fnum=%d\n",
5062 fsp->fh->fd,fsp->fnum));
5064 status = close_file(req, fsp, NORMAL_CLOSE);
5066 if(!NT_STATUS_IS_OK(status)) {
5067 reply_nterror(req, status);
5068 END_PROFILE(SMBsplclose);
5072 reply_outbuf(req, 0, 0);
5074 END_PROFILE(SMBsplclose);
5078 /****************************************************************************
5079 Reply to a printqueue.
5080 ****************************************************************************/
5082 void reply_printqueue(struct smb_request *req)
5084 connection_struct *conn = req->conn;
5088 START_PROFILE(SMBsplretq);
5091 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5092 END_PROFILE(SMBsplretq);
5096 max_count = SVAL(req->vwv+0, 0);
5097 start_index = SVAL(req->vwv+1, 0);
5099 /* we used to allow the client to get the cnum wrong, but that
5100 is really quite gross and only worked when there was only
5101 one printer - I think we should now only accept it if they
5102 get it right (tridge) */
5103 if (!CAN_PRINT(conn)) {
5104 reply_doserror(req, ERRDOS, ERRnoaccess);
5105 END_PROFILE(SMBsplretq);
5109 reply_outbuf(req, 2, 3);
5110 SSVAL(req->outbuf,smb_vwv0,0);
5111 SSVAL(req->outbuf,smb_vwv1,0);
5112 SCVAL(smb_buf(req->outbuf),0,1);
5113 SSVAL(smb_buf(req->outbuf),1,0);
5115 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
5116 start_index, max_count));
5119 print_queue_struct *queue = NULL;
5120 print_status_struct status;
5121 int count = print_queue_status(SNUM(conn), &queue, &status);
5122 int num_to_get = ABS(max_count);
5123 int first = (max_count>0?start_index:start_index+max_count+1);
5129 num_to_get = MIN(num_to_get,count-first);
5132 for (i=first;i<first+num_to_get;i++) {
5136 srv_put_dos_date2(p,0,queue[i].time);
5137 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
5138 SSVAL(p,5, queue[i].job);
5139 SIVAL(p,7,queue[i].size);
5141 srvstr_push(blob, req->flags2, p+12,
5142 queue[i].fs_user, 16, STR_ASCII);
5144 if (message_push_blob(
5147 blob, sizeof(blob))) == -1) {
5148 reply_nterror(req, NT_STATUS_NO_MEMORY);
5149 END_PROFILE(SMBsplretq);
5155 SSVAL(req->outbuf,smb_vwv0,count);
5156 SSVAL(req->outbuf,smb_vwv1,
5157 (max_count>0?first+count:first-1));
5158 SCVAL(smb_buf(req->outbuf),0,1);
5159 SSVAL(smb_buf(req->outbuf),1,28*count);
5164 DEBUG(3,("%d entries returned in queue\n",count));
5167 END_PROFILE(SMBsplretq);
5171 /****************************************************************************
5172 Reply to a printwrite.
5173 ****************************************************************************/
5175 void reply_printwrite(struct smb_request *req)
5177 connection_struct *conn = req->conn;
5182 START_PROFILE(SMBsplwr);
5185 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5186 END_PROFILE(SMBsplwr);
5190 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5192 if (!check_fsp(conn, req, fsp)) {
5193 END_PROFILE(SMBsplwr);
5197 if (!CAN_PRINT(conn)) {
5198 reply_doserror(req, ERRDOS, ERRnoaccess);
5199 END_PROFILE(SMBsplwr);
5203 if (!CHECK_WRITE(fsp)) {
5204 reply_doserror(req, ERRDOS, ERRbadaccess);
5205 END_PROFILE(SMBsplwr);
5209 numtowrite = SVAL(req->buf, 1);
5211 if (req->buflen < numtowrite + 3) {
5212 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5213 END_PROFILE(SMBsplwr);
5217 data = (const char *)req->buf + 3;
5219 if (write_file(req,fsp,data,-1,numtowrite) != numtowrite) {
5220 reply_nterror(req, map_nt_error_from_unix(errno));
5221 END_PROFILE(SMBsplwr);
5225 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
5227 END_PROFILE(SMBsplwr);
5231 /****************************************************************************
5233 ****************************************************************************/
5235 void reply_mkdir(struct smb_request *req)
5237 connection_struct *conn = req->conn;
5238 struct smb_filename *smb_dname = NULL;
5239 char *directory = NULL;
5241 TALLOC_CTX *ctx = talloc_tos();
5243 START_PROFILE(SMBmkdir);
5245 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5246 STR_TERMINATE, &status);
5247 if (!NT_STATUS_IS_OK(status)) {
5248 reply_nterror(req, status);
5252 status = filename_convert(ctx, conn,
5253 req->flags2 & FLAGS2_DFS_PATHNAMES,
5257 if (!NT_STATUS_IS_OK(status)) {
5258 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5259 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5260 ERRSRV, ERRbadpath);
5263 reply_nterror(req, status);
5267 status = create_directory(conn, req, smb_dname);
5269 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
5271 if (!NT_STATUS_IS_OK(status)) {
5273 if (!use_nt_status()
5274 && NT_STATUS_EQUAL(status,
5275 NT_STATUS_OBJECT_NAME_COLLISION)) {
5277 * Yes, in the DOS error code case we get a
5278 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5279 * samba4 torture test.
5281 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
5284 reply_nterror(req, status);
5288 reply_outbuf(req, 0, 0);
5290 DEBUG(3, ("mkdir %s\n", smb_dname->base_name));
5292 TALLOC_FREE(smb_dname);
5293 END_PROFILE(SMBmkdir);
5297 /****************************************************************************
5298 Static function used by reply_rmdir to delete an entire directory
5299 tree recursively. Return True on ok, False on fail.
5300 ****************************************************************************/
5302 static bool recursive_rmdir(TALLOC_CTX *ctx,
5303 connection_struct *conn,
5304 struct smb_filename *smb_dname)
5306 const char *dname = NULL;
5310 struct smb_Dir *dir_hnd;
5312 SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
5314 dir_hnd = OpenDir(talloc_tos(), conn, smb_dname->base_name, NULL, 0);
5318 while((dname = ReadDirName(dir_hnd, &offset, &st))) {
5319 struct smb_filename *smb_dname_full = NULL;
5320 char *fullname = NULL;
5321 bool do_break = true;
5324 if (ISDOT(dname) || ISDOTDOT(dname)) {
5328 if (!is_visible_file(conn, smb_dname->base_name, dname, &st,
5333 /* Construct the full name. */
5334 fullname = talloc_asprintf(ctx,
5336 smb_dname->base_name,
5343 status = create_synthetic_smb_fname(talloc_tos(), fullname,
5346 if (!NT_STATUS_IS_OK(status)) {
5350 if(SMB_VFS_LSTAT(conn, smb_dname_full) != 0) {
5354 if(smb_dname_full->st.st_ex_mode & S_IFDIR) {
5355 if(!recursive_rmdir(ctx, conn, smb_dname_full)) {
5358 if(SMB_VFS_RMDIR(conn,
5359 smb_dname_full->base_name) != 0) {
5362 } else if(SMB_VFS_UNLINK(conn, smb_dname_full) != 0) {
5366 /* Successful iteration. */
5370 TALLOC_FREE(smb_dname_full);
5371 TALLOC_FREE(fullname);
5377 TALLOC_FREE(dir_hnd);
5381 /****************************************************************************
5382 The internals of the rmdir code - called elsewhere.
5383 ****************************************************************************/
5385 NTSTATUS rmdir_internals(TALLOC_CTX *ctx,
5386 connection_struct *conn,
5387 struct smb_filename *smb_dname)
5392 SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
5394 /* Might be a symlink. */
5395 if(SMB_VFS_LSTAT(conn, smb_dname) != 0) {
5396 return map_nt_error_from_unix(errno);
5399 if (S_ISLNK(smb_dname->st.st_ex_mode)) {
5400 /* Is what it points to a directory ? */
5401 if(SMB_VFS_STAT(conn, smb_dname) != 0) {
5402 return map_nt_error_from_unix(errno);
5404 if (!(S_ISDIR(smb_dname->st.st_ex_mode))) {
5405 return NT_STATUS_NOT_A_DIRECTORY;
5407 ret = SMB_VFS_UNLINK(conn, smb_dname);
5409 ret = SMB_VFS_RMDIR(conn, smb_dname->base_name);
5412 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5413 FILE_NOTIFY_CHANGE_DIR_NAME,
5414 smb_dname->base_name);
5415 return NT_STATUS_OK;
5418 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
5420 * Check to see if the only thing in this directory are
5421 * vetoed files/directories. If so then delete them and
5422 * retry. If we fail to delete any of them (and we *don't*
5423 * do a recursive delete) then fail the rmdir.
5427 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn,
5428 smb_dname->base_name, NULL,
5431 if(dir_hnd == NULL) {
5436 while ((dname = ReadDirName(dir_hnd, &dirpos, &st))) {
5437 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
5439 if (!is_visible_file(conn, smb_dname->base_name, dname,
5442 if(!IS_VETO_PATH(conn, dname)) {
5443 TALLOC_FREE(dir_hnd);
5449 /* We only have veto files/directories.
5450 * Are we allowed to delete them ? */
5452 if(!lp_recursive_veto_delete(SNUM(conn))) {
5453 TALLOC_FREE(dir_hnd);
5458 /* Do a recursive delete. */
5459 RewindDir(dir_hnd,&dirpos);
5460 while ((dname = ReadDirName(dir_hnd, &dirpos, &st))) {
5461 struct smb_filename *smb_dname_full = NULL;
5462 char *fullname = NULL;
5463 bool do_break = true;
5466 if (ISDOT(dname) || ISDOTDOT(dname)) {
5469 if (!is_visible_file(conn, smb_dname->base_name, dname,
5474 fullname = talloc_asprintf(ctx,
5476 smb_dname->base_name,
5484 status = create_synthetic_smb_fname(talloc_tos(),
5488 if (!NT_STATUS_IS_OK(status)) {
5489 errno = map_errno_from_nt_status(status);
5493 if(SMB_VFS_LSTAT(conn, smb_dname_full) != 0) {
5496 if(smb_dname_full->st.st_ex_mode & S_IFDIR) {
5497 if(!recursive_rmdir(ctx, conn,
5501 if(SMB_VFS_RMDIR(conn,
5502 smb_dname_full->base_name) != 0) {
5505 } else if(SMB_VFS_UNLINK(conn, smb_dname_full) != 0) {
5509 /* Successful iteration. */
5513 TALLOC_FREE(fullname);
5514 TALLOC_FREE(smb_dname_full);
5518 TALLOC_FREE(dir_hnd);
5519 /* Retry the rmdir */
5520 ret = SMB_VFS_RMDIR(conn, smb_dname->base_name);
5526 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
5527 "%s\n", smb_fname_str_dbg(smb_dname),
5529 return map_nt_error_from_unix(errno);
5532 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5533 FILE_NOTIFY_CHANGE_DIR_NAME,
5534 smb_dname->base_name);
5536 return NT_STATUS_OK;
5539 /****************************************************************************
5541 ****************************************************************************/
5543 void reply_rmdir(struct smb_request *req)
5545 connection_struct *conn = req->conn;
5546 struct smb_filename *smb_dname = NULL;
5547 char *directory = NULL;
5549 TALLOC_CTX *ctx = talloc_tos();
5551 START_PROFILE(SMBrmdir);
5553 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5554 STR_TERMINATE, &status);
5555 if (!NT_STATUS_IS_OK(status)) {
5556 reply_nterror(req, status);
5560 status = filename_convert(ctx, conn,
5561 req->flags2 & FLAGS2_DFS_PATHNAMES,
5565 if (!NT_STATUS_IS_OK(status)) {
5566 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5567 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5568 ERRSRV, ERRbadpath);
5571 reply_nterror(req, status);
5575 if (is_ntfs_stream_smb_fname(smb_dname)) {
5576 reply_nterror(req, NT_STATUS_NOT_A_DIRECTORY);
5580 dptr_closepath(smb_dname->base_name, req->smbpid);
5581 status = rmdir_internals(ctx, conn, smb_dname);
5582 if (!NT_STATUS_IS_OK(status)) {
5583 reply_nterror(req, status);
5587 reply_outbuf(req, 0, 0);
5589 DEBUG(3, ("rmdir %s\n", smb_fname_str_dbg(smb_dname)));
5591 TALLOC_FREE(smb_dname);
5592 END_PROFILE(SMBrmdir);
5596 /*******************************************************************
5597 Resolve wildcards in a filename rename.
5598 ********************************************************************/
5600 static bool resolve_wildcards(TALLOC_CTX *ctx,
5605 char *name2_copy = NULL;
5610 char *p,*p2, *pname1, *pname2;
5612 name2_copy = talloc_strdup(ctx, name2);
5617 pname1 = strrchr_m(name1,'/');
5618 pname2 = strrchr_m(name2_copy,'/');
5620 if (!pname1 || !pname2) {
5624 /* Truncate the copy of name2 at the last '/' */
5627 /* Now go past the '/' */
5631 root1 = talloc_strdup(ctx, pname1);
5632 root2 = talloc_strdup(ctx, pname2);
5634 if (!root1 || !root2) {
5638 p = strrchr_m(root1,'.');
5641 ext1 = talloc_strdup(ctx, p+1);
5643 ext1 = talloc_strdup(ctx, "");
5645 p = strrchr_m(root2,'.');
5648 ext2 = talloc_strdup(ctx, p+1);
5650 ext2 = talloc_strdup(ctx, "");
5653 if (!ext1 || !ext2) {
5661 /* Hmmm. Should this be mb-aware ? */
5664 } else if (*p2 == '*') {
5666 root2 = talloc_asprintf(ctx, "%s%s",
5685 /* Hmmm. Should this be mb-aware ? */
5688 } else if (*p2 == '*') {
5690 ext2 = talloc_asprintf(ctx, "%s%s",
5706 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5711 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5723 /****************************************************************************
5724 Ensure open files have their names updated. Updated to notify other smbd's
5726 ****************************************************************************/
5728 static void rename_open_files(connection_struct *conn,
5729 struct share_mode_lock *lck,
5730 const struct smb_filename *smb_fname_dst)
5733 bool did_rename = False;
5734 char *fname_dst = NULL;
5737 for(fsp = file_find_di_first(lck->id); fsp;
5738 fsp = file_find_di_next(fsp)) {
5739 /* fsp_name is a relative path under the fsp. To change this for other
5740 sharepaths we need to manipulate relative paths. */
5741 /* TODO - create the absolute path and manipulate the newname
5742 relative to the sharepath. */
5743 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5746 DEBUG(10, ("rename_open_files: renaming file fnum %d "
5747 "(file_id %s) from %s -> %s\n", fsp->fnum,
5748 file_id_string_tos(&fsp->file_id), fsp->fsp_name,
5749 smb_fname_str_dbg(smb_fname_dst)));
5751 status = get_full_smb_filename(talloc_tos(), smb_fname_dst,
5753 if (!NT_STATUS_IS_OK(status)) {
5756 string_set(&fsp->fsp_name, fname_dst);
5758 TALLOC_FREE(fname_dst);
5762 DEBUG(10, ("rename_open_files: no open files on file_id %s "
5763 "for %s\n", file_id_string_tos(&lck->id),
5764 smb_fname_str_dbg(smb_fname_dst)));
5767 /* Send messages to all smbd's (not ourself) that the name has changed. */
5768 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
5773 /****************************************************************************
5774 We need to check if the source path is a parent directory of the destination
5775 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5776 refuse the rename with a sharing violation. Under UNIX the above call can
5777 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5778 probably need to check that the client is a Windows one before disallowing
5779 this as a UNIX client (one with UNIX extensions) can know the source is a
5780 symlink and make this decision intelligently. Found by an excellent bug
5781 report from <AndyLiebman@aol.com>.
5782 ****************************************************************************/
5784 static bool rename_path_prefix_equal(const struct smb_filename *smb_fname_src,
5785 const struct smb_filename *smb_fname_dst)
5787 const char *psrc = smb_fname_src->base_name;
5788 const char *pdst = smb_fname_dst->base_name;
5791 if (psrc[0] == '.' && psrc[1] == '/') {
5794 if (pdst[0] == '.' && pdst[1] == '/') {
5797 if ((slen = strlen(psrc)) > strlen(pdst)) {
5800 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5804 * Do the notify calls from a rename
5807 static void notify_rename(connection_struct *conn, bool is_dir,
5808 const struct smb_filename *smb_fname_src,
5809 const struct smb_filename *smb_fname_dst)
5811 char *parent_dir_src = NULL;
5812 char *parent_dir_dst = NULL;
5813 char *fname_src = NULL;
5814 char *fname_dst = NULL;
5818 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5819 : FILE_NOTIFY_CHANGE_FILE_NAME;
5821 if (!parent_dirname(talloc_tos(), smb_fname_src->base_name,
5822 &parent_dir_src, NULL) ||
5823 !parent_dirname(talloc_tos(), smb_fname_dst->base_name,
5824 &parent_dir_dst, NULL)) {
5828 status = get_full_smb_filename(talloc_tos(), smb_fname_src,
5830 if (!NT_STATUS_IS_OK(status)) {
5833 status = get_full_smb_filename(talloc_tos(), smb_fname_dst,
5835 if (!NT_STATUS_IS_OK(status)) {
5839 if (strcmp(parent_dir_src, parent_dir_dst) == 0) {
5840 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, fname_src);
5841 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, fname_dst);
5844 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, fname_src);
5845 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, fname_dst);
5848 /* this is a strange one. w2k3 gives an additional event for
5849 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5850 files, but not directories */
5852 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5853 FILE_NOTIFY_CHANGE_ATTRIBUTES
5854 |FILE_NOTIFY_CHANGE_CREATION,
5858 TALLOC_FREE(parent_dir_src);
5859 TALLOC_FREE(parent_dir_dst);
5860 TALLOC_FREE(fname_src);
5861 TALLOC_FREE(fname_dst);
5864 /****************************************************************************
5865 Rename an open file - given an fsp.
5866 ****************************************************************************/
5868 NTSTATUS rename_internals_fsp(connection_struct *conn,
5870 const struct smb_filename *smb_fname_dst_in,
5872 bool replace_if_exists)
5874 TALLOC_CTX *ctx = talloc_tos();
5875 struct smb_filename *smb_fname_src = NULL;
5876 struct smb_filename *smb_fname_dst = NULL;
5877 SMB_STRUCT_STAT sbuf;
5878 NTSTATUS status = NT_STATUS_OK;
5879 struct share_mode_lock *lck = NULL;
5880 bool dst_exists, old_is_stream, new_is_stream;
5884 status = check_name(conn, smb_fname_dst_in->base_name);
5885 if (!NT_STATUS_IS_OK(status)) {
5889 /* Make a copy of the src and dst smb_fname structs */
5890 status = copy_smb_filename(ctx, smb_fname_dst_in, &smb_fname_dst);
5891 if (!NT_STATUS_IS_OK(status)) {
5896 * This will be replaced with copy_smb_filename() when fsp->fsp_name
5897 * is converted to store an smb_filename struct.
5899 status = create_synthetic_smb_fname_split(ctx, fsp->fsp_name, NULL,
5901 if (!NT_STATUS_IS_OK(status)) {
5905 /* Ensure the dst smb_fname contains a '/' */
5906 if(strrchr_m(smb_fname_dst->base_name,'/') == 0) {
5908 tmp = talloc_asprintf(smb_fname_dst, "./%s",
5909 smb_fname_dst->base_name);
5911 status = NT_STATUS_NO_MEMORY;
5914 TALLOC_FREE(smb_fname_dst->base_name);
5915 smb_fname_dst->base_name = tmp;
5919 * Check for special case with case preserving and not
5920 * case sensitive. If the old last component differs from the original
5921 * last component only by case, then we should allow
5922 * the rename (user is trying to change the case of the
5925 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5926 strequal(smb_fname_src->base_name, smb_fname_dst->base_name) &&
5927 strequal(smb_fname_src->stream_name, smb_fname_dst->stream_name)) {
5929 char *fname_dst_lcomp_base_mod = NULL;
5930 struct smb_filename *smb_fname_orig_lcomp = NULL;
5933 * Get the last component of the destination name. Note that
5934 * we guarantee that destination name contains a '/' character
5937 last_slash = strrchr_m(smb_fname_dst->base_name, '/');
5938 fname_dst_lcomp_base_mod = talloc_strdup(ctx, last_slash + 1);
5939 if (!fname_dst_lcomp_base_mod) {
5940 status = NT_STATUS_NO_MEMORY;
5945 * Create an smb_filename struct using the original last
5946 * component of the destination.
5948 status = create_synthetic_smb_fname_split(ctx,
5949 smb_fname_dst->original_lcomp, NULL,
5950 &smb_fname_orig_lcomp);
5951 if (!NT_STATUS_IS_OK(status)) {
5952 TALLOC_FREE(fname_dst_lcomp_base_mod);
5956 /* If the base names only differ by case, use original. */
5957 if(!strcsequal(fname_dst_lcomp_base_mod,
5958 smb_fname_orig_lcomp->base_name)) {
5961 * Replace the modified last component with the
5964 *last_slash = '\0'; /* Truncate at the '/' */
5965 tmp = talloc_asprintf(smb_fname_dst,
5967 smb_fname_dst->base_name,
5968 smb_fname_orig_lcomp->base_name);
5970 status = NT_STATUS_NO_MEMORY;
5971 TALLOC_FREE(fname_dst_lcomp_base_mod);
5972 TALLOC_FREE(smb_fname_orig_lcomp);
5975 TALLOC_FREE(smb_fname_dst->base_name);
5976 smb_fname_dst->base_name = tmp;
5979 /* If the stream_names only differ by case, use original. */
5980 if(!strcsequal(smb_fname_dst->stream_name,
5981 smb_fname_orig_lcomp->stream_name)) {
5983 /* Use the original stream. */
5984 tmp = talloc_strdup(smb_fname_dst,
5985 smb_fname_orig_lcomp->stream_name);
5987 status = NT_STATUS_NO_MEMORY;
5988 TALLOC_FREE(fname_dst_lcomp_base_mod);
5989 TALLOC_FREE(smb_fname_orig_lcomp);
5992 TALLOC_FREE(smb_fname_dst->stream_name);
5993 smb_fname_dst->stream_name = tmp;
5995 TALLOC_FREE(fname_dst_lcomp_base_mod);
5996 TALLOC_FREE(smb_fname_orig_lcomp);
6000 * If the src and dest names are identical - including case,
6001 * don't do the rename, just return success.
6004 if (strcsequal(smb_fname_src->base_name, smb_fname_dst->base_name) &&
6005 strcsequal(smb_fname_src->stream_name,
6006 smb_fname_dst->stream_name)) {
6007 DEBUG(3, ("rename_internals_fsp: identical names in rename %s "
6008 "- returning success\n",
6009 smb_fname_str_dbg(smb_fname_dst)));
6010 status = NT_STATUS_OK;
6014 old_is_stream = is_ntfs_stream_smb_fname(smb_fname_src);
6015 new_is_stream = is_ntfs_stream_smb_fname(smb_fname_dst);
6017 /* Return the correct error code if both names aren't streams. */
6018 if (!old_is_stream && new_is_stream) {
6019 status = NT_STATUS_OBJECT_NAME_INVALID;
6023 if (old_is_stream && !new_is_stream) {
6024 status = NT_STATUS_INVALID_PARAMETER;
6028 dst_exists = SMB_VFS_STAT(conn, smb_fname_dst) == 0;
6030 if(!replace_if_exists && dst_exists) {
6031 DEBUG(3, ("rename_internals_fsp: dest exists doing rename "
6032 "%s -> %s\n", smb_fname_str_dbg(smb_fname_src),
6033 smb_fname_str_dbg(smb_fname_dst)));
6034 status = NT_STATUS_OBJECT_NAME_COLLISION;
6039 struct file_id fileid = vfs_file_id_from_sbuf(conn,
6040 &smb_fname_dst->st);
6041 files_struct *dst_fsp = file_find_di_first(fileid);
6042 /* The file can be open when renaming a stream */
6043 if (dst_fsp && !new_is_stream) {
6044 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
6045 status = NT_STATUS_ACCESS_DENIED;
6050 /* Ensure we have a valid stat struct for the source. */
6051 if (fsp->fh->fd != -1) {
6052 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
6053 status = map_nt_error_from_unix(errno);
6058 if (fsp->posix_open) {
6059 ret = SMB_VFS_LSTAT(conn, smb_fname_src);
6062 ret = SMB_VFS_STAT(conn, smb_fname_src);
6065 status = map_nt_error_from_unix(errno);
6068 sbuf = smb_fname_src->st;
6071 status = can_rename(conn, fsp, attrs, &sbuf);
6073 if (!NT_STATUS_IS_OK(status)) {
6074 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6075 nt_errstr(status), smb_fname_str_dbg(smb_fname_src),
6076 smb_fname_str_dbg(smb_fname_dst)));
6077 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
6078 status = NT_STATUS_ACCESS_DENIED;
6082 if (rename_path_prefix_equal(smb_fname_src, smb_fname_dst)) {
6083 status = NT_STATUS_ACCESS_DENIED;
6086 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
6090 * We have the file open ourselves, so not being able to get the
6091 * corresponding share mode lock is a fatal error.
6094 SMB_ASSERT(lck != NULL);
6096 if(SMB_VFS_RENAME(conn, smb_fname_src, smb_fname_dst) == 0) {
6097 uint32 create_options = fsp->fh->private_options;
6099 DEBUG(3, ("rename_internals_fsp: succeeded doing rename on "
6100 "%s -> %s\n", smb_fname_str_dbg(smb_fname_src),
6101 smb_fname_str_dbg(smb_fname_dst)));
6103 notify_rename(conn, fsp->is_directory, smb_fname_src,
6106 rename_open_files(conn, lck, smb_fname_dst);
6109 * A rename acts as a new file create w.r.t. allowing an initial delete
6110 * on close, probably because in Windows there is a new handle to the
6111 * new file. If initial delete on close was requested but not
6112 * originally set, we need to set it here. This is probably not 100% correct,
6113 * but will work for the CIFSFS client which in non-posix mode
6114 * depends on these semantics. JRA.
6117 if (create_options & FILE_DELETE_ON_CLOSE) {
6118 status = can_set_delete_on_close(fsp, True, 0);
6120 if (NT_STATUS_IS_OK(status)) {
6121 /* Note that here we set the *inital* delete on close flag,
6122 * not the regular one. The magic gets handled in close. */
6123 fsp->initial_delete_on_close = True;
6127 status = NT_STATUS_OK;
6133 if (errno == ENOTDIR || errno == EISDIR) {
6134 status = NT_STATUS_OBJECT_NAME_COLLISION;
6136 status = map_nt_error_from_unix(errno);
6139 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6140 nt_errstr(status), smb_fname_str_dbg(smb_fname_src),
6141 smb_fname_str_dbg(smb_fname_dst)));
6144 TALLOC_FREE(smb_fname_src);
6145 TALLOC_FREE(smb_fname_dst);
6150 /****************************************************************************
6151 The guts of the rename command, split out so it may be called by the NT SMB
6153 ****************************************************************************/
6155 NTSTATUS rename_internals(TALLOC_CTX *ctx,
6156 connection_struct *conn,
6157 struct smb_request *req,
6158 const char *name_in,
6159 const char *newname_in,
6161 bool replace_if_exists,
6164 uint32_t access_mask)
6166 struct smb_filename *smb_fname_src = NULL;
6167 struct smb_filename *smb_fname_dst = NULL;
6168 char *fname_src_dir = NULL;
6169 char *fname_src_mask = NULL;
6171 NTSTATUS status = NT_STATUS_OK;
6172 struct smb_Dir *dir_hnd = NULL;
6175 int create_options = 0;
6176 bool posix_pathnames = lp_posix_pathnames();
6178 status = unix_convert(ctx, conn, name_in, &smb_fname_src,
6179 src_has_wild ? UCF_ALLOW_WCARD_LCOMP : 0);
6180 if (!NT_STATUS_IS_OK(status)) {
6184 status = unix_convert(ctx, conn, newname_in, &smb_fname_dst,
6186 (dest_has_wild ? UCF_ALLOW_WCARD_LCOMP : 0)));
6187 if (!NT_STATUS_IS_OK(status)) {
6192 * Split the old name into directory and last component
6193 * strings. Note that unix_convert may have stripped off a
6194 * leading ./ from both name and newname if the rename is
6195 * at the root of the share. We need to make sure either both
6196 * name and newname contain a / character or neither of them do
6197 * as this is checked in resolve_wildcards().
6200 /* Split up the directory from the filename/mask. */
6201 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6202 &fname_src_dir, &fname_src_mask);
6203 if (!NT_STATUS_IS_OK(status)) {
6204 status = NT_STATUS_NO_MEMORY;
6209 * We should only check the mangled cache
6210 * here if unix_convert failed. This means
6211 * that the path in 'mask' doesn't exist
6212 * on the file system and so we need to look
6213 * for a possible mangle. This patch from
6214 * Tine Smukavec <valentin.smukavec@hermes.si>.
6217 if (!VALID_STAT(smb_fname_src->st) &&
6218 mangle_is_mangled(fname_src_mask, conn->params)) {
6219 char *new_mask = NULL;
6220 mangle_lookup_name_from_8_3(ctx, fname_src_mask, &new_mask,
6223 TALLOC_FREE(fname_src_mask);
6224 fname_src_mask = new_mask;
6228 if (!src_has_wild) {
6232 * Only one file needs to be renamed. Append the mask back
6233 * onto the directory.
6235 TALLOC_FREE(smb_fname_src->base_name);
6236 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6240 if (!smb_fname_src->base_name) {
6241 status = NT_STATUS_NO_MEMORY;
6245 /* Ensure dst fname contains a '/' also */
6246 if(strrchr_m(smb_fname_dst->base_name, '/') == 0) {
6248 tmp = talloc_asprintf(smb_fname_dst, "./%s",
6249 smb_fname_dst->base_name);
6251 status = NT_STATUS_NO_MEMORY;
6254 TALLOC_FREE(smb_fname_dst->base_name);
6255 smb_fname_dst->base_name = tmp;
6258 DEBUG(3, ("rename_internals: case_sensitive = %d, "
6259 "case_preserve = %d, short case preserve = %d, "
6260 "directory = %s, newname = %s, "
6261 "last_component_dest = %s\n",
6262 conn->case_sensitive, conn->case_preserve,
6263 conn->short_case_preserve,
6264 smb_fname_str_dbg(smb_fname_src),
6265 smb_fname_str_dbg(smb_fname_dst),
6266 smb_fname_dst->original_lcomp));
6268 /* The dest name still may have wildcards. */
6269 if (dest_has_wild) {
6270 char *fname_dst_mod = NULL;
6271 if (!resolve_wildcards(smb_fname_dst,
6272 smb_fname_src->base_name,
6273 smb_fname_dst->base_name,
6275 DEBUG(6, ("rename_internals: resolve_wildcards "
6277 smb_fname_src->base_name,
6278 smb_fname_dst->base_name));
6279 status = NT_STATUS_NO_MEMORY;
6282 TALLOC_FREE(smb_fname_dst->base_name);
6283 smb_fname_dst->base_name = fname_dst_mod;
6286 ZERO_STRUCT(smb_fname_src->st);
6287 if (posix_pathnames) {
6288 SMB_VFS_LSTAT(conn, smb_fname_src);
6290 SMB_VFS_STAT(conn, smb_fname_src);
6293 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6294 create_options |= FILE_DIRECTORY_FILE;
6297 status = SMB_VFS_CREATE_FILE(
6300 0, /* root_dir_fid */
6301 smb_fname_src, /* fname */
6302 access_mask, /* access_mask */
6303 (FILE_SHARE_READ | /* share_access */
6305 FILE_OPEN, /* create_disposition*/
6306 create_options, /* create_options */
6307 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6308 0, /* oplock_request */
6309 0, /* allocation_size */
6315 if (!NT_STATUS_IS_OK(status)) {
6316 DEBUG(3, ("Could not open rename source %s: %s\n",
6317 smb_fname_str_dbg(smb_fname_src),
6318 nt_errstr(status)));
6322 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6323 attrs, replace_if_exists);
6325 close_file(req, fsp, NORMAL_CLOSE);
6327 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6328 nt_errstr(status), smb_fname_str_dbg(smb_fname_src),
6329 smb_fname_str_dbg(smb_fname_dst)));
6335 * Wildcards - process each file that matches.
6337 if (strequal(fname_src_mask, "????????.???")) {
6338 TALLOC_FREE(fname_src_mask);
6339 fname_src_mask = talloc_strdup(ctx, "*");
6340 if (!fname_src_mask) {
6341 status = NT_STATUS_NO_MEMORY;
6346 status = check_name(conn, fname_src_dir);
6347 if (!NT_STATUS_IS_OK(status)) {
6351 dir_hnd = OpenDir(talloc_tos(), conn, fname_src_dir, fname_src_mask,
6353 if (dir_hnd == NULL) {
6354 status = map_nt_error_from_unix(errno);
6358 status = NT_STATUS_NO_SUCH_FILE;
6360 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6361 * - gentest fix. JRA
6364 while ((dname = ReadDirName(dir_hnd, &offset, &smb_fname_src->st))) {
6365 files_struct *fsp = NULL;
6366 char *destname = NULL;
6367 bool sysdir_entry = False;
6369 /* Quick check for "." and ".." */
6370 if (ISDOT(dname) || ISDOTDOT(dname)) {
6372 sysdir_entry = True;
6378 if (!is_visible_file(conn, fname_src_dir, dname,
6379 &smb_fname_src->st, false)) {
6383 if(!mask_match(dname, fname_src_mask, conn->case_sensitive)) {
6388 status = NT_STATUS_OBJECT_NAME_INVALID;
6392 TALLOC_FREE(smb_fname_src->base_name);
6393 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6397 if (!smb_fname_src->base_name) {
6398 status = NT_STATUS_NO_MEMORY;
6402 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
6403 smb_fname_dst->base_name,
6405 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6406 smb_fname_src->base_name, destname));
6410 status = NT_STATUS_NO_MEMORY;
6414 TALLOC_FREE(smb_fname_dst->base_name);
6415 smb_fname_dst->base_name = destname;
6417 ZERO_STRUCT(smb_fname_src->st);
6418 if (posix_pathnames) {
6419 SMB_VFS_LSTAT(conn, smb_fname_src);
6421 SMB_VFS_STAT(conn, smb_fname_src);
6426 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6427 create_options |= FILE_DIRECTORY_FILE;
6430 status = SMB_VFS_CREATE_FILE(
6433 0, /* root_dir_fid */
6434 smb_fname_src, /* fname */
6435 access_mask, /* access_mask */
6436 (FILE_SHARE_READ | /* share_access */
6438 FILE_OPEN, /* create_disposition*/
6439 create_options, /* create_options */
6440 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6441 0, /* oplock_request */
6442 0, /* allocation_size */
6448 if (!NT_STATUS_IS_OK(status)) {
6449 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6450 "returned %s rename %s -> %s\n",
6452 smb_fname_str_dbg(smb_fname_src),
6453 smb_fname_str_dbg(smb_fname_dst)));
6457 smb_fname_dst->original_lcomp = talloc_strdup(smb_fname_dst,
6459 if (!smb_fname_dst->original_lcomp) {
6460 status = NT_STATUS_NO_MEMORY;
6464 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6465 attrs, replace_if_exists);
6467 close_file(req, fsp, NORMAL_CLOSE);
6469 if (!NT_STATUS_IS_OK(status)) {
6470 DEBUG(3, ("rename_internals_fsp returned %s for "
6471 "rename %s -> %s\n", nt_errstr(status),
6472 smb_fname_str_dbg(smb_fname_src),
6473 smb_fname_str_dbg(smb_fname_dst)));
6479 DEBUG(3,("rename_internals: doing rename on %s -> "
6480 "%s\n", smb_fname_str_dbg(smb_fname_src),
6481 smb_fname_str_dbg(smb_fname_src)));
6484 TALLOC_FREE(dir_hnd);
6486 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6487 status = map_nt_error_from_unix(errno);
6491 TALLOC_FREE(smb_fname_src);
6492 TALLOC_FREE(smb_fname_dst);
6493 TALLOC_FREE(fname_src_dir);
6494 TALLOC_FREE(fname_src_mask);
6498 /****************************************************************************
6500 ****************************************************************************/
6502 void reply_mv(struct smb_request *req)
6504 connection_struct *conn = req->conn;
6506 char *newname = NULL;
6510 bool src_has_wcard = False;
6511 bool dest_has_wcard = False;
6512 TALLOC_CTX *ctx = talloc_tos();
6514 START_PROFILE(SMBmv);
6517 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6522 attrs = SVAL(req->vwv+0, 0);
6524 p = (const char *)req->buf + 1;
6525 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6526 &status, &src_has_wcard);
6527 if (!NT_STATUS_IS_OK(status)) {
6528 reply_nterror(req, status);
6533 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6534 &status, &dest_has_wcard);
6535 if (!NT_STATUS_IS_OK(status)) {
6536 reply_nterror(req, status);
6541 status = resolve_dfspath_wcard(ctx, conn,
6542 req->flags2 & FLAGS2_DFS_PATHNAMES,
6546 if (!NT_STATUS_IS_OK(status)) {
6547 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6548 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6549 ERRSRV, ERRbadpath);
6553 reply_nterror(req, status);
6558 status = resolve_dfspath_wcard(ctx, conn,
6559 req->flags2 & FLAGS2_DFS_PATHNAMES,
6563 if (!NT_STATUS_IS_OK(status)) {
6564 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6565 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6566 ERRSRV, ERRbadpath);
6570 reply_nterror(req, status);
6575 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
6577 status = rename_internals(ctx, conn, req, name, newname, attrs, False,
6578 src_has_wcard, dest_has_wcard, DELETE_ACCESS);
6579 if (!NT_STATUS_IS_OK(status)) {
6580 if (open_was_deferred(req->mid)) {
6581 /* We have re-scheduled this call. */
6585 reply_nterror(req, status);
6590 reply_outbuf(req, 0, 0);
6596 /*******************************************************************
6597 Copy a file as part of a reply_copy.
6598 ******************************************************************/
6601 * TODO: check error codes on all callers
6604 NTSTATUS copy_file(TALLOC_CTX *ctx,
6605 connection_struct *conn,
6606 struct smb_filename *smb_fname_src,
6607 struct smb_filename *smb_fname_dst,
6610 bool target_is_directory)
6612 struct smb_filename *smb_fname_dst_tmp = NULL;
6614 files_struct *fsp1,*fsp2;
6616 uint32 new_create_disposition;
6620 status = copy_smb_filename(ctx, smb_fname_dst, &smb_fname_dst_tmp);
6621 if (!NT_STATUS_IS_OK(status)) {
6626 * If the target is a directory, extract the last component from the
6627 * src filename and append it to the dst filename
6629 if (target_is_directory) {
6632 /* dest/target can't be a stream if it's a directory. */
6633 SMB_ASSERT(smb_fname_dst->stream_name == NULL);
6635 p = strrchr_m(smb_fname_src->base_name,'/');
6639 p = smb_fname_src->base_name;
6641 smb_fname_dst_tmp->base_name =
6642 talloc_asprintf_append(smb_fname_dst_tmp->base_name, "/%s",
6644 if (!smb_fname_dst_tmp->base_name) {
6645 status = NT_STATUS_NO_MEMORY;
6650 status = vfs_file_exist(conn, smb_fname_src);
6651 if (!NT_STATUS_IS_OK(status)) {
6655 if (!target_is_directory && count) {
6656 new_create_disposition = FILE_OPEN;
6658 if (!map_open_params_to_ntcreate(smb_fname_dst_tmp->base_name,
6659 0, ofun, NULL, NULL,
6660 &new_create_disposition,
6662 status = NT_STATUS_INVALID_PARAMETER;
6667 /* Open the src file for reading. */
6668 status = SMB_VFS_CREATE_FILE(
6671 0, /* root_dir_fid */
6672 smb_fname_src, /* fname */
6673 FILE_GENERIC_READ, /* access_mask */
6674 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6675 FILE_OPEN, /* create_disposition*/
6676 0, /* create_options */
6677 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6678 INTERNAL_OPEN_ONLY, /* oplock_request */
6679 0, /* allocation_size */
6685 if (!NT_STATUS_IS_OK(status)) {
6689 dosattrs = dos_mode(conn, smb_fname_src);
6691 if (SMB_VFS_STAT(conn, smb_fname_dst_tmp) == -1) {
6692 ZERO_STRUCTP(&smb_fname_dst_tmp->st);
6695 /* Open the dst file for writing. */
6696 status = SMB_VFS_CREATE_FILE(
6699 0, /* root_dir_fid */
6700 smb_fname_dst, /* fname */
6701 FILE_GENERIC_WRITE, /* access_mask */
6702 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6703 new_create_disposition, /* create_disposition*/
6704 0, /* create_options */
6705 dosattrs, /* file_attributes */
6706 INTERNAL_OPEN_ONLY, /* oplock_request */
6707 0, /* allocation_size */
6713 if (!NT_STATUS_IS_OK(status)) {
6714 close_file(NULL, fsp1, ERROR_CLOSE);
6718 if ((ofun&3) == 1) {
6719 if(SMB_VFS_LSEEK(fsp2,0,SEEK_END) == -1) {
6720 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
6722 * Stop the copy from occurring.
6725 smb_fname_src->st.st_ex_size = 0;
6729 /* Do the actual copy. */
6730 if (smb_fname_src->st.st_ex_size) {
6731 ret = vfs_transfer_file(fsp1, fsp2, smb_fname_src->st.st_ex_size);
6734 close_file(NULL, fsp1, NORMAL_CLOSE);
6736 /* Ensure the modtime is set correctly on the destination file. */
6737 set_close_write_time(fsp2, smb_fname_src->st.st_ex_mtime);
6740 * As we are opening fsp1 read-only we only expect
6741 * an error on close on fsp2 if we are out of space.
6742 * Thus we don't look at the error return from the
6745 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6747 if (!NT_STATUS_IS_OK(status)) {
6751 if (ret != (SMB_OFF_T)smb_fname_src->st.st_ex_size) {
6752 status = NT_STATUS_DISK_FULL;
6756 status = NT_STATUS_OK;
6759 TALLOC_FREE(smb_fname_dst_tmp);
6763 /****************************************************************************
6764 Reply to a file copy.
6765 ****************************************************************************/
6767 void reply_copy(struct smb_request *req)
6769 connection_struct *conn = req->conn;
6770 struct smb_filename *smb_fname_src = NULL;
6771 struct smb_filename *smb_fname_dst = NULL;
6772 char *fname_src = NULL;
6773 char *fname_dst = NULL;
6774 char *fname_src_mask = NULL;
6775 char *fname_src_dir = NULL;
6778 int error = ERRnoaccess;
6782 bool target_is_directory=False;
6783 bool source_has_wild = False;
6784 bool dest_has_wild = False;
6786 TALLOC_CTX *ctx = talloc_tos();
6788 START_PROFILE(SMBcopy);
6791 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6795 tid2 = SVAL(req->vwv+0, 0);
6796 ofun = SVAL(req->vwv+1, 0);
6797 flags = SVAL(req->vwv+2, 0);
6799 p = (const char *)req->buf;
6800 p += srvstr_get_path_req_wcard(ctx, req, &fname_src, p, STR_TERMINATE,
6801 &status, &source_has_wild);
6802 if (!NT_STATUS_IS_OK(status)) {
6803 reply_nterror(req, status);
6806 p += srvstr_get_path_req_wcard(ctx, req, &fname_dst, p, STR_TERMINATE,
6807 &status, &dest_has_wild);
6808 if (!NT_STATUS_IS_OK(status)) {
6809 reply_nterror(req, status);
6813 DEBUG(3,("reply_copy : %s -> %s\n", fname_src, fname_dst));
6815 if (tid2 != conn->cnum) {
6816 /* can't currently handle inter share copies XXXX */
6817 DEBUG(3,("Rejecting inter-share copy\n"));
6818 reply_doserror(req, ERRSRV, ERRinvdevice);
6822 status = resolve_dfspath_wcard(ctx, conn,
6823 req->flags2 & FLAGS2_DFS_PATHNAMES,
6827 if (!NT_STATUS_IS_OK(status)) {
6828 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6829 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6830 ERRSRV, ERRbadpath);
6833 reply_nterror(req, status);
6837 status = resolve_dfspath_wcard(ctx, conn,
6838 req->flags2 & FLAGS2_DFS_PATHNAMES,
6842 if (!NT_STATUS_IS_OK(status)) {
6843 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6844 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6845 ERRSRV, ERRbadpath);
6848 reply_nterror(req, status);
6852 status = unix_convert(ctx, conn, fname_src, &smb_fname_src,
6853 source_has_wild ? UCF_ALLOW_WCARD_LCOMP : 0);
6854 if (!NT_STATUS_IS_OK(status)) {
6855 reply_nterror(req, status);
6859 status = unix_convert(ctx, conn, fname_dst, &smb_fname_dst,
6860 dest_has_wild ? UCF_ALLOW_WCARD_LCOMP : 0);
6861 if (!NT_STATUS_IS_OK(status)) {
6862 reply_nterror(req, status);
6866 target_is_directory = VALID_STAT_OF_DIR(smb_fname_dst->st);
6868 if ((flags&1) && target_is_directory) {
6869 reply_doserror(req, ERRDOS, ERRbadfile);
6873 if ((flags&2) && !target_is_directory) {
6874 reply_doserror(req, ERRDOS, ERRbadpath);
6878 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(smb_fname_src->st)) {
6879 /* wants a tree copy! XXXX */
6880 DEBUG(3,("Rejecting tree copy\n"));
6881 reply_doserror(req, ERRSRV, ERRerror);
6885 /* Split up the directory from the filename/mask. */
6886 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6887 &fname_src_dir, &fname_src_mask);
6888 if (!NT_STATUS_IS_OK(status)) {
6889 reply_nterror(req, NT_STATUS_NO_MEMORY);
6894 * We should only check the mangled cache
6895 * here if unix_convert failed. This means
6896 * that the path in 'mask' doesn't exist
6897 * on the file system and so we need to look
6898 * for a possible mangle. This patch from
6899 * Tine Smukavec <valentin.smukavec@hermes.si>.
6901 if (!VALID_STAT(smb_fname_src->st) &&
6902 mangle_is_mangled(fname_src_mask, conn->params)) {
6903 char *new_mask = NULL;
6904 mangle_lookup_name_from_8_3(ctx, fname_src_mask,
6905 &new_mask, conn->params);
6907 /* Use demangled name if one was successfully found. */
6909 TALLOC_FREE(fname_src_mask);
6910 fname_src_mask = new_mask;
6914 if (!source_has_wild) {
6917 * Only one file needs to be copied. Append the mask back onto
6920 TALLOC_FREE(smb_fname_src->base_name);
6921 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6925 if (!smb_fname_src->base_name) {
6926 reply_nterror(req, NT_STATUS_NO_MEMORY);
6930 if (dest_has_wild) {
6931 char *fname_dst_mod = NULL;
6932 if (!resolve_wildcards(smb_fname_dst,
6933 smb_fname_src->base_name,
6934 smb_fname_dst->base_name,
6936 reply_nterror(req, NT_STATUS_NO_MEMORY);
6939 TALLOC_FREE(smb_fname_dst->base_name);
6940 smb_fname_dst->base_name = fname_dst_mod;
6943 status = check_name(conn, smb_fname_src->base_name);
6944 if (!NT_STATUS_IS_OK(status)) {
6945 reply_nterror(req, status);
6949 status = check_name(conn, smb_fname_dst->base_name);
6950 if (!NT_STATUS_IS_OK(status)) {
6951 reply_nterror(req, status);
6955 status = copy_file(ctx, conn, smb_fname_src, smb_fname_dst,
6956 ofun, count, target_is_directory);
6958 if(!NT_STATUS_IS_OK(status)) {
6959 reply_nterror(req, status);
6965 struct smb_Dir *dir_hnd = NULL;
6966 const char *dname = NULL;
6970 * There is a wildcard that requires us to actually read the
6971 * src dir and copy each file matching the mask to the dst.
6972 * Right now streams won't be copied, but this could
6973 * presumably be added with a nested loop for reach dir entry.
6975 SMB_ASSERT(!smb_fname_src->stream_name);
6976 SMB_ASSERT(!smb_fname_dst->stream_name);
6978 smb_fname_src->stream_name = NULL;
6979 smb_fname_dst->stream_name = NULL;
6981 if (strequal(fname_src_mask,"????????.???")) {
6982 TALLOC_FREE(fname_src_mask);
6983 fname_src_mask = talloc_strdup(ctx, "*");
6984 if (!fname_src_mask) {
6985 reply_nterror(req, NT_STATUS_NO_MEMORY);
6990 status = check_name(conn, fname_src_dir);
6991 if (!NT_STATUS_IS_OK(status)) {
6992 reply_nterror(req, status);
6996 dir_hnd = OpenDir(ctx, conn, fname_src_dir, fname_src_mask, 0);
6997 if (dir_hnd == NULL) {
6998 status = map_nt_error_from_unix(errno);
6999 reply_nterror(req, status);
7005 /* Iterate over the src dir copying each entry to the dst. */
7006 while ((dname = ReadDirName(dir_hnd, &offset,
7007 &smb_fname_src->st))) {
7008 char *destname = NULL;
7010 if (ISDOT(dname) || ISDOTDOT(dname)) {
7014 if (!is_visible_file(conn, fname_src_dir, dname,
7015 &smb_fname_src->st, false)) {
7019 if(!mask_match(dname, fname_src_mask,
7020 conn->case_sensitive)) {
7024 error = ERRnoaccess;
7026 /* Get the src smb_fname struct setup. */
7027 TALLOC_FREE(smb_fname_src->base_name);
7028 smb_fname_src->base_name =
7029 talloc_asprintf(smb_fname_src, "%s/%s",
7030 fname_src_dir, dname);
7032 if (!smb_fname_src->base_name) {
7033 TALLOC_FREE(dir_hnd);
7034 reply_nterror(req, NT_STATUS_NO_MEMORY);
7038 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
7039 smb_fname_dst->base_name,
7044 TALLOC_FREE(dir_hnd);
7045 reply_nterror(req, NT_STATUS_NO_MEMORY);
7049 TALLOC_FREE(smb_fname_dst->base_name);
7050 smb_fname_dst->base_name = destname;
7052 status = check_name(conn, smb_fname_src->base_name);
7053 if (!NT_STATUS_IS_OK(status)) {
7054 TALLOC_FREE(dir_hnd);
7055 reply_nterror(req, status);
7059 status = check_name(conn, smb_fname_dst->base_name);
7060 if (!NT_STATUS_IS_OK(status)) {
7061 TALLOC_FREE(dir_hnd);
7062 reply_nterror(req, status);
7066 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",
7067 smb_fname_src->base_name,
7068 smb_fname_dst->base_name));
7070 status = copy_file(ctx, conn, smb_fname_src,
7071 smb_fname_dst, ofun, count,
7072 target_is_directory);
7073 if (NT_STATUS_IS_OK(status)) {
7077 TALLOC_FREE(dir_hnd);
7081 reply_doserror(req, ERRDOS, error);
7085 reply_outbuf(req, 1, 0);
7086 SSVAL(req->outbuf,smb_vwv0,count);
7088 TALLOC_FREE(smb_fname_src);
7089 TALLOC_FREE(smb_fname_dst);
7090 TALLOC_FREE(fname_src);
7091 TALLOC_FREE(fname_dst);
7092 TALLOC_FREE(fname_src_mask);
7093 TALLOC_FREE(fname_src_dir);
7095 END_PROFILE(SMBcopy);
7100 #define DBGC_CLASS DBGC_LOCKING
7102 /****************************************************************************
7103 Get a lock pid, dealing with large count requests.
7104 ****************************************************************************/
7106 uint32 get_lock_pid(const uint8_t *data, int data_offset,
7107 bool large_file_format)
7109 if(!large_file_format)
7110 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
7112 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
7115 /****************************************************************************
7116 Get a lock count, dealing with large count requests.
7117 ****************************************************************************/
7119 uint64_t get_lock_count(const uint8_t *data, int data_offset,
7120 bool large_file_format)
7124 if(!large_file_format) {
7125 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
7128 #if defined(HAVE_LONGLONG)
7129 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
7130 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
7131 #else /* HAVE_LONGLONG */
7134 * NT4.x seems to be broken in that it sends large file (64 bit)
7135 * lockingX calls even if the CAP_LARGE_FILES was *not*
7136 * negotiated. For boxes without large unsigned ints truncate the
7137 * lock count by dropping the top 32 bits.
7140 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
7141 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
7142 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
7143 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
7144 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
7147 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
7148 #endif /* HAVE_LONGLONG */
7154 #if !defined(HAVE_LONGLONG)
7155 /****************************************************************************
7156 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
7157 ****************************************************************************/
7159 static uint32 map_lock_offset(uint32 high, uint32 low)
7163 uint32 highcopy = high;
7166 * Try and find out how many significant bits there are in high.
7169 for(i = 0; highcopy; i++)
7173 * We use 31 bits not 32 here as POSIX
7174 * lock offsets may not be negative.
7177 mask = (~0) << (31 - i);
7180 return 0; /* Fail. */
7186 #endif /* !defined(HAVE_LONGLONG) */
7188 /****************************************************************************
7189 Get a lock offset, dealing with large offset requests.
7190 ****************************************************************************/
7192 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
7193 bool large_file_format, bool *err)
7195 uint64_t offset = 0;
7199 if(!large_file_format) {
7200 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
7203 #if defined(HAVE_LONGLONG)
7204 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
7205 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
7206 #else /* HAVE_LONGLONG */
7209 * NT4.x seems to be broken in that it sends large file (64 bit)
7210 * lockingX calls even if the CAP_LARGE_FILES was *not*
7211 * negotiated. For boxes without large unsigned ints mangle the
7212 * lock offset by mapping the top 32 bits onto the lower 32.
7215 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
7216 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7217 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
7220 if((new_low = map_lock_offset(high, low)) == 0) {
7222 return (uint64_t)-1;
7225 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
7226 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
7227 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
7228 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
7231 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7232 #endif /* HAVE_LONGLONG */
7238 NTSTATUS smbd_do_locking(struct smb_request *req,
7242 uint16_t num_ulocks,
7243 struct smbd_lock_element *ulocks,
7245 struct smbd_lock_element *locks,
7248 connection_struct *conn = req->conn;
7250 NTSTATUS status = NT_STATUS_OK;
7254 /* Data now points at the beginning of the list
7255 of smb_unlkrng structs */
7256 for(i = 0; i < (int)num_ulocks; i++) {
7257 struct smbd_lock_element *e = &ulocks[i];
7259 DEBUG(10,("smbd_do_locking: unlock start=%.0f, len=%.0f for "
7260 "pid %u, file %s\n",
7263 (unsigned int)e->smbpid,
7266 if (e->brltype != UNLOCK_LOCK) {
7267 /* this can only happen with SMB2 */
7268 return NT_STATUS_INVALID_PARAMETER;
7271 status = do_unlock(smbd_messaging_context(),
7278 DEBUG(10, ("smbd_do_locking: unlock returned %s\n",
7279 nt_errstr(status)));
7281 if (!NT_STATUS_IS_OK(status)) {
7286 /* Setup the timeout in seconds. */
7288 if (!lp_blocking_locks(SNUM(conn))) {
7292 /* Data now points at the beginning of the list
7293 of smb_lkrng structs */
7295 for(i = 0; i < (int)num_locks; i++) {
7296 struct smbd_lock_element *e = &locks[i];
7298 DEBUG(10,("smbd_do_locking: lock start=%.0f, len=%.0f for pid "
7299 "%u, file %s timeout = %d\n",
7302 (unsigned int)e->smbpid,
7306 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7307 struct blocking_lock_record *blr = NULL;
7309 if (lp_blocking_locks(SNUM(conn))) {
7311 /* Schedule a message to ourselves to
7312 remove the blocking lock record and
7313 return the right error. */
7315 blr = blocking_lock_cancel(fsp,
7321 NT_STATUS_FILE_LOCK_CONFLICT);
7323 return NT_STATUS_DOS(
7325 ERRcancelviolation);
7328 /* Remove a matching pending lock. */
7329 status = do_lock_cancel(fsp,
7336 bool blocking_lock = timeout ? true : false;
7337 bool defer_lock = false;
7338 struct byte_range_lock *br_lck;
7339 uint32_t block_smbpid;
7341 br_lck = do_lock(smbd_messaging_context(),
7353 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
7354 /* Windows internal resolution for blocking locks seems
7355 to be about 200ms... Don't wait for less than that. JRA. */
7356 if (timeout != -1 && timeout < lp_lock_spin_time()) {
7357 timeout = lp_lock_spin_time();
7362 /* This heuristic seems to match W2K3 very well. If a
7363 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
7364 it pretends we asked for a timeout of between 150 - 300 milliseconds as
7365 far as I can tell. Replacement for do_lock_spin(). JRA. */
7367 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
7368 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
7370 timeout = lp_lock_spin_time();
7373 if (br_lck && defer_lock) {
7375 * A blocking lock was requested. Package up
7376 * this smb into a queued request and push it
7377 * onto the blocking lock queue.
7379 if(push_blocking_lock_request(br_lck,
7390 TALLOC_FREE(br_lck);
7392 return NT_STATUS_OK;
7396 TALLOC_FREE(br_lck);
7399 if (!NT_STATUS_IS_OK(status)) {
7404 /* If any of the above locks failed, then we must unlock
7405 all of the previous locks (X/Open spec). */
7407 if (num_locks != 0 && !NT_STATUS_IS_OK(status)) {
7409 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7410 i = -1; /* we want to skip the for loop */
7414 * Ensure we don't do a remove on the lock that just failed,
7415 * as under POSIX rules, if we have a lock already there, we
7416 * will delete it (and we shouldn't) .....
7418 for(i--; i >= 0; i--) {
7419 struct smbd_lock_element *e = &locks[i];
7421 do_unlock(smbd_messaging_context(),
7431 DEBUG(3, ("smbd_do_locking: fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7432 fsp->fnum, (unsigned int)type, num_locks, num_ulocks));
7434 return NT_STATUS_OK;
7437 /****************************************************************************
7438 Reply to a lockingX request.
7439 ****************************************************************************/
7441 void reply_lockingX(struct smb_request *req)
7443 connection_struct *conn = req->conn;
7445 unsigned char locktype;
7446 unsigned char oplocklevel;
7451 const uint8_t *data;
7452 bool large_file_format;
7454 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
7455 struct smbd_lock_element *ulocks;
7456 struct smbd_lock_element *locks;
7459 START_PROFILE(SMBlockingX);
7462 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7463 END_PROFILE(SMBlockingX);
7467 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
7468 locktype = CVAL(req->vwv+3, 0);
7469 oplocklevel = CVAL(req->vwv+3, 1);
7470 num_ulocks = SVAL(req->vwv+6, 0);
7471 num_locks = SVAL(req->vwv+7, 0);
7472 lock_timeout = IVAL(req->vwv+4, 0);
7473 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
7475 if (!check_fsp(conn, req, fsp)) {
7476 END_PROFILE(SMBlockingX);
7482 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
7483 /* we don't support these - and CANCEL_LOCK makes w2k
7484 and XP reboot so I don't really want to be
7485 compatible! (tridge) */
7486 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
7487 END_PROFILE(SMBlockingX);
7491 /* Check if this is an oplock break on a file
7492 we have granted an oplock on.
7494 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
7495 /* Client can insist on breaking to none. */
7496 bool break_to_none = (oplocklevel == 0);
7499 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
7500 "for fnum = %d\n", (unsigned int)oplocklevel,
7504 * Make sure we have granted an exclusive or batch oplock on
7508 if (fsp->oplock_type == 0) {
7510 /* The Samba4 nbench simulator doesn't understand
7511 the difference between break to level2 and break
7512 to none from level2 - it sends oplock break
7513 replies in both cases. Don't keep logging an error
7514 message here - just ignore it. JRA. */
7516 DEBUG(5,("reply_lockingX: Error : oplock break from "
7517 "client for fnum = %d (oplock=%d) and no "
7518 "oplock granted on this file (%s).\n",
7519 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
7521 /* if this is a pure oplock break request then don't
7523 if (num_locks == 0 && num_ulocks == 0) {
7524 END_PROFILE(SMBlockingX);
7527 END_PROFILE(SMBlockingX);
7528 reply_doserror(req, ERRDOS, ERRlock);
7533 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
7535 result = remove_oplock(fsp);
7537 result = downgrade_oplock(fsp);
7541 DEBUG(0, ("reply_lockingX: error in removing "
7542 "oplock on file %s\n", fsp->fsp_name));
7543 /* Hmmm. Is this panic justified? */
7544 smb_panic("internal tdb error");
7547 reply_to_oplock_break_requests(fsp);
7549 /* if this is a pure oplock break request then don't send a
7551 if (num_locks == 0 && num_ulocks == 0) {
7552 /* Sanity check - ensure a pure oplock break is not a
7554 if(CVAL(req->vwv+0, 0) != 0xff)
7555 DEBUG(0,("reply_lockingX: Error : pure oplock "
7556 "break is a chained %d request !\n",
7557 (unsigned int)CVAL(req->vwv+0, 0)));
7558 END_PROFILE(SMBlockingX);
7564 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
7565 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7566 END_PROFILE(SMBlockingX);
7570 ulocks = talloc_array(req, struct smbd_lock_element, num_ulocks);
7571 if (ulocks == NULL) {
7572 reply_nterror(req, NT_STATUS_NO_MEMORY);
7573 END_PROFILE(SMBlockingX);
7577 locks = talloc_array(req, struct smbd_lock_element, num_locks);
7578 if (locks == NULL) {
7579 reply_nterror(req, NT_STATUS_NO_MEMORY);
7580 END_PROFILE(SMBlockingX);
7584 /* Data now points at the beginning of the list
7585 of smb_unlkrng structs */
7586 for(i = 0; i < (int)num_ulocks; i++) {
7587 ulocks[i].smbpid = get_lock_pid(data, i, large_file_format);
7588 ulocks[i].count = get_lock_count(data, i, large_file_format);
7589 ulocks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7590 ulocks[i].brltype = UNLOCK_LOCK;
7593 * There is no error code marked "stupid client bug".... :-).
7596 END_PROFILE(SMBlockingX);
7597 reply_doserror(req, ERRDOS, ERRnoaccess);
7602 /* Now do any requested locks */
7603 data += ((large_file_format ? 20 : 10)*num_ulocks);
7605 /* Data now points at the beginning of the list
7606 of smb_lkrng structs */
7608 for(i = 0; i < (int)num_locks; i++) {
7609 locks[i].smbpid = get_lock_pid(data, i, large_file_format);
7610 locks[i].count = get_lock_count(data, i, large_file_format);
7611 locks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7613 if (locktype & LOCKING_ANDX_SHARED_LOCK) {
7614 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7615 locks[i].brltype = PENDING_READ_LOCK;
7617 locks[i].brltype = READ_LOCK;
7620 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7621 locks[i].brltype = PENDING_WRITE_LOCK;
7623 locks[i].brltype = WRITE_LOCK;
7628 * There is no error code marked "stupid client bug".... :-).
7631 END_PROFILE(SMBlockingX);
7632 reply_doserror(req, ERRDOS, ERRnoaccess);
7637 status = smbd_do_locking(req, fsp,
7638 locktype, lock_timeout,
7642 if (!NT_STATUS_IS_OK(status)) {
7643 END_PROFILE(SMBlockingX);
7644 reply_nterror(req, status);
7648 END_PROFILE(SMBlockingX);
7652 reply_outbuf(req, 2, 0);
7654 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7655 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7657 END_PROFILE(SMBlockingX);
7662 #define DBGC_CLASS DBGC_ALL
7664 /****************************************************************************
7665 Reply to a SMBreadbmpx (read block multiplex) request.
7666 Always reply with an error, if someone has a platform really needs this,
7667 please contact vl@samba.org
7668 ****************************************************************************/
7670 void reply_readbmpx(struct smb_request *req)
7672 START_PROFILE(SMBreadBmpx);
7673 reply_doserror(req, ERRSRV, ERRuseSTD);
7674 END_PROFILE(SMBreadBmpx);
7678 /****************************************************************************
7679 Reply to a SMBreadbs (read block multiplex secondary) request.
7680 Always reply with an error, if someone has a platform really needs this,
7681 please contact vl@samba.org
7682 ****************************************************************************/
7684 void reply_readbs(struct smb_request *req)
7686 START_PROFILE(SMBreadBs);
7687 reply_doserror(req, ERRSRV, ERRuseSTD);
7688 END_PROFILE(SMBreadBs);
7692 /****************************************************************************
7693 Reply to a SMBsetattrE.
7694 ****************************************************************************/
7696 void reply_setattrE(struct smb_request *req)
7698 connection_struct *conn = req->conn;
7699 struct smb_filename *smb_fname = NULL;
7700 struct smb_file_time ft;
7704 START_PROFILE(SMBsetattrE);
7708 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7712 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7714 if(!fsp || (fsp->conn != conn)) {
7715 reply_doserror(req, ERRDOS, ERRbadfid);
7719 /* XXX: Remove when fsp->fsp_name is converted to smb_filename. */
7720 status = create_synthetic_smb_fname_split(talloc_tos(), fsp->fsp_name,
7722 if (!NT_STATUS_IS_OK(status)) {
7723 reply_nterror(req, status);
7728 * Convert the DOS times into unix times.
7731 ft.atime = convert_time_t_to_timespec(
7732 srv_make_unix_date2(req->vwv+3));
7733 ft.mtime = convert_time_t_to_timespec(
7734 srv_make_unix_date2(req->vwv+5));
7735 ft.create_time = convert_time_t_to_timespec(
7736 srv_make_unix_date2(req->vwv+1));
7738 reply_outbuf(req, 0, 0);
7741 * Patch from Ray Frush <frush@engr.colostate.edu>
7742 * Sometimes times are sent as zero - ignore them.
7745 /* Ensure we have a valid stat struct for the source. */
7746 if (fsp->fh->fd != -1) {
7747 if (SMB_VFS_FSTAT(fsp, &smb_fname->st) == -1) {
7748 status = map_nt_error_from_unix(errno);
7749 reply_nterror(req, status);
7755 if (fsp->posix_open) {
7756 ret = SMB_VFS_LSTAT(conn, smb_fname);
7758 ret = SMB_VFS_STAT(conn, smb_fname);
7761 status = map_nt_error_from_unix(errno);
7762 reply_nterror(req, status);
7767 status = smb_set_file_time(conn, fsp, smb_fname, &ft, true);
7768 if (!NT_STATUS_IS_OK(status)) {
7769 reply_doserror(req, ERRDOS, ERRnoaccess);
7773 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7776 (unsigned int)ft.atime.tv_sec,
7777 (unsigned int)ft.mtime.tv_sec,
7778 (unsigned int)ft.create_time.tv_sec
7781 END_PROFILE(SMBsetattrE);
7786 /* Back from the dead for OS/2..... JRA. */
7788 /****************************************************************************
7789 Reply to a SMBwritebmpx (write block multiplex primary) request.
7790 Always reply with an error, if someone has a platform really needs this,
7791 please contact vl@samba.org
7792 ****************************************************************************/
7794 void reply_writebmpx(struct smb_request *req)
7796 START_PROFILE(SMBwriteBmpx);
7797 reply_doserror(req, ERRSRV, ERRuseSTD);
7798 END_PROFILE(SMBwriteBmpx);
7802 /****************************************************************************
7803 Reply to a SMBwritebs (write block multiplex secondary) request.
7804 Always reply with an error, if someone has a platform really needs this,
7805 please contact vl@samba.org
7806 ****************************************************************************/
7808 void reply_writebs(struct smb_request *req)
7810 START_PROFILE(SMBwriteBs);
7811 reply_doserror(req, ERRSRV, ERRuseSTD);
7812 END_PROFILE(SMBwriteBs);
7816 /****************************************************************************
7817 Reply to a SMBgetattrE.
7818 ****************************************************************************/
7820 void reply_getattrE(struct smb_request *req)
7822 connection_struct *conn = req->conn;
7823 SMB_STRUCT_STAT sbuf;
7826 struct timespec create_ts;
7827 struct smb_filename *smb_fname = NULL;
7830 START_PROFILE(SMBgetattrE);
7833 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7834 END_PROFILE(SMBgetattrE);
7838 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7840 if(!fsp || (fsp->conn != conn)) {
7841 reply_doserror(req, ERRDOS, ERRbadfid);
7842 END_PROFILE(SMBgetattrE);
7846 /* Do an fstat on this file */
7847 if(fsp_stat(fsp, &sbuf)) {
7848 reply_nterror(req, map_nt_error_from_unix(errno));
7849 END_PROFILE(SMBgetattrE);
7853 status = create_synthetic_smb_fname_split(talloc_tos(), fsp->fsp_name,
7855 if (!NT_STATUS_IS_OK(status)) {
7856 reply_nterror(req, status);
7857 END_PROFILE(SMBgetattrE);
7861 mode = dos_mode(conn, smb_fname);
7862 TALLOC_FREE(smb_fname);
7865 * Convert the times into dos times. Set create
7866 * date to be last modify date as UNIX doesn't save
7870 reply_outbuf(req, 11, 0);
7872 create_ts = sbuf.st_ex_btime;
7873 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7874 srv_put_dos_date2((char *)req->outbuf, smb_vwv2,
7875 convert_timespec_to_time_t(sbuf.st_ex_atime));
7876 /* Should we check pending modtime here ? JRA */
7877 srv_put_dos_date2((char *)req->outbuf, smb_vwv4,
7878 convert_timespec_to_time_t(sbuf.st_ex_mtime));
7881 SIVAL(req->outbuf, smb_vwv6, 0);
7882 SIVAL(req->outbuf, smb_vwv8, 0);
7884 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &sbuf);
7885 SIVAL(req->outbuf, smb_vwv6, (uint32)sbuf.st_ex_size);
7886 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7888 SSVAL(req->outbuf,smb_vwv10, mode);
7890 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7892 END_PROFILE(SMBgetattrE);