2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 #include "smbd/globals.h"
30 #include "fake_file.h"
31 #include "../librpc/gen_ndr/cli_spoolss.h"
32 #include "rpc_client/cli_spoolss.h"
33 #include "rpc_client/init_spoolss.h"
34 #include "rpc_server/rpc_ncacn_np.h"
35 #include "libcli/security/security.h"
37 /****************************************************************************
38 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
39 path or anything including wildcards.
40 We're assuming here that '/' is not the second byte in any multibyte char
41 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
43 ****************************************************************************/
45 /* Custom version for processing POSIX paths. */
46 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
48 static NTSTATUS check_path_syntax_internal(char *path,
50 bool *p_last_component_contains_wcard)
54 NTSTATUS ret = NT_STATUS_OK;
55 bool start_of_name_component = True;
56 bool stream_started = false;
58 *p_last_component_contains_wcard = False;
65 return NT_STATUS_OBJECT_NAME_INVALID;
68 return NT_STATUS_OBJECT_NAME_INVALID;
70 if (strchr_m(&s[1], ':')) {
71 return NT_STATUS_OBJECT_NAME_INVALID;
77 if ((*s == ':') && !posix_path && !stream_started) {
78 if (*p_last_component_contains_wcard) {
79 return NT_STATUS_OBJECT_NAME_INVALID;
81 /* Stream names allow more characters than file names.
82 We're overloading posix_path here to allow a wider
83 range of characters. If stream_started is true this
84 is still a Windows path even if posix_path is true.
87 stream_started = true;
88 start_of_name_component = false;
92 return NT_STATUS_OBJECT_NAME_INVALID;
96 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
98 * Safe to assume is not the second part of a mb char
99 * as this is handled below.
101 /* Eat multiple '/' or '\\' */
102 while (IS_PATH_SEP(*s,posix_path)) {
105 if ((d != path) && (*s != '\0')) {
106 /* We only care about non-leading or trailing '/' or '\\' */
110 start_of_name_component = True;
112 *p_last_component_contains_wcard = False;
116 if (start_of_name_component) {
117 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
118 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
121 * No mb char starts with '.' so we're safe checking the directory separator here.
124 /* If we just added a '/' - delete it */
125 if ((d > path) && (*(d-1) == '/')) {
130 /* Are we at the start ? Can't go back further if so. */
132 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
135 /* Go back one level... */
136 /* We know this is safe as '/' cannot be part of a mb sequence. */
137 /* NOTE - if this assumption is invalid we are not in good shape... */
138 /* Decrement d first as d points to the *next* char to write into. */
139 for (d--; d > path; d--) {
143 s += 2; /* Else go past the .. */
144 /* We're still at the start of a name component, just the previous one. */
147 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
159 if (*s <= 0x1f || *s == '|') {
160 return NT_STATUS_OBJECT_NAME_INVALID;
168 *p_last_component_contains_wcard = True;
177 /* Get the size of the next MB character. */
178 next_codepoint(s,&siz);
196 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
198 return NT_STATUS_INVALID_PARAMETER;
201 start_of_name_component = False;
209 /****************************************************************************
210 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
211 No wildcards allowed.
212 ****************************************************************************/
214 NTSTATUS check_path_syntax(char *path)
217 return check_path_syntax_internal(path, False, &ignore);
220 /****************************************************************************
221 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
222 Wildcards allowed - p_contains_wcard returns true if the last component contained
224 ****************************************************************************/
226 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
228 return check_path_syntax_internal(path, False, p_contains_wcard);
231 /****************************************************************************
232 Check the path for a POSIX client.
233 We're assuming here that '/' is not the second byte in any multibyte char
234 set (a safe assumption).
235 ****************************************************************************/
237 NTSTATUS check_path_syntax_posix(char *path)
240 return check_path_syntax_internal(path, True, &ignore);
243 /****************************************************************************
244 Pull a string and check the path allowing a wilcard - provide for error return.
245 ****************************************************************************/
247 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
248 const char *base_ptr,
255 bool *contains_wcard)
261 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
265 *err = NT_STATUS_INVALID_PARAMETER;
269 *contains_wcard = False;
271 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
273 * For a DFS path the function parse_dfs_path()
274 * will do the path processing, just make a copy.
280 if (lp_posix_pathnames()) {
281 *err = check_path_syntax_posix(*pp_dest);
283 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
289 /****************************************************************************
290 Pull a string and check the path - provide for error return.
291 ****************************************************************************/
293 size_t srvstr_get_path(TALLOC_CTX *ctx,
294 const char *base_ptr,
303 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
304 src_len, flags, err, &ignore);
307 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
308 char **pp_dest, const char *src, int flags,
309 NTSTATUS *err, bool *contains_wcard)
311 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
312 pp_dest, src, smbreq_bufrem(req, src),
313 flags, err, contains_wcard);
316 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
317 char **pp_dest, const char *src, int flags,
321 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
322 flags, err, &ignore);
325 /****************************************************************************
326 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
327 ****************************************************************************/
329 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
332 if ((fsp == NULL) || (conn == NULL)) {
333 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
336 if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
337 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
343 /****************************************************************************
344 Check if we have a correct fsp pointing to a file.
345 ****************************************************************************/
347 bool check_fsp(connection_struct *conn, struct smb_request *req,
350 if (!check_fsp_open(conn, req, fsp)) {
353 if (fsp->is_directory) {
354 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
357 if (fsp->fh->fd == -1) {
358 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
361 fsp->num_smb_operations++;
365 /****************************************************************************
366 Check if we have a correct fsp pointing to a quota fake file. Replacement for
367 the CHECK_NTQUOTA_HANDLE_OK macro.
368 ****************************************************************************/
370 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
373 if (!check_fsp_open(conn, req, fsp)) {
377 if (fsp->is_directory) {
381 if (fsp->fake_file_handle == NULL) {
385 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
389 if (fsp->fake_file_handle->private_data == NULL) {
396 static bool netbios_session_retarget(struct smbd_server_connection *sconn,
397 const char *name, int name_type)
400 char *trim_name_type;
401 const char *retarget_parm;
404 int retarget_type = 0x20;
405 int retarget_port = 139;
406 struct sockaddr_storage retarget_addr;
407 struct sockaddr_in *in_addr;
411 if (get_socket_port(sconn->sock) != 139) {
415 trim_name = talloc_strdup(talloc_tos(), name);
416 if (trim_name == NULL) {
419 trim_char(trim_name, ' ', ' ');
421 trim_name_type = talloc_asprintf(trim_name, "%s#%2.2x", trim_name,
423 if (trim_name_type == NULL) {
427 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
428 trim_name_type, NULL);
429 if (retarget_parm == NULL) {
430 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
433 if (retarget_parm == NULL) {
437 retarget = talloc_strdup(trim_name, retarget_parm);
438 if (retarget == NULL) {
442 DEBUG(10, ("retargeting %s to %s\n", trim_name_type, retarget));
444 p = strchr(retarget, ':');
447 retarget_port = atoi(p);
450 p = strchr_m(retarget, '#');
453 sscanf(p, "%x", &retarget_type);
456 ret = resolve_name(retarget, &retarget_addr, retarget_type, false);
458 DEBUG(10, ("could not resolve %s\n", retarget));
462 if (retarget_addr.ss_family != AF_INET) {
463 DEBUG(10, ("Retarget target not an IPv4 addr\n"));
467 in_addr = (struct sockaddr_in *)(void *)&retarget_addr;
469 _smb_setlen(outbuf, 6);
470 SCVAL(outbuf, 0, 0x84);
471 *(uint32_t *)(outbuf+4) = in_addr->sin_addr.s_addr;
472 *(uint16_t *)(outbuf+8) = htons(retarget_port);
474 if (!srv_send_smb(sconn, (char *)outbuf, false, 0, false,
476 exit_server_cleanly("netbios_session_regarget: srv_send_smb "
482 TALLOC_FREE(trim_name);
486 /****************************************************************************
487 Reply to a (netbios-level) special message.
488 ****************************************************************************/
490 void reply_special(struct smbd_server_connection *sconn, char *inbuf, size_t inbuf_size)
492 int msg_type = CVAL(inbuf,0);
493 int msg_flags = CVAL(inbuf,1);
495 * We only really use 4 bytes of the outbuf, but for the smb_setlen
496 * calculation & friends (srv_send_smb uses that) we need the full smb
499 char outbuf[smb_size];
501 memset(outbuf, '\0', sizeof(outbuf));
503 smb_setlen(outbuf,0);
506 case 0x81: /* session request */
508 /* inbuf_size is guarenteed to be at least 4. */
510 int name_type1, name_type2;
511 int name_len1, name_len2;
515 if (sconn->nbt.got_session) {
516 exit_server_cleanly("multiple session request not permitted");
519 SCVAL(outbuf,0,0x82);
522 /* inbuf_size is guaranteed to be at least 4. */
523 name_len1 = name_len((unsigned char *)(inbuf+4),inbuf_size - 4);
524 if (name_len1 <= 0 || name_len1 > inbuf_size - 4) {
525 DEBUG(0,("Invalid name length in session request\n"));
528 name_len2 = name_len((unsigned char *)(inbuf+4+name_len1),inbuf_size - 4 - name_len1);
529 if (name_len2 <= 0 || name_len2 > inbuf_size - 4 - name_len1) {
530 DEBUG(0,("Invalid name length in session request\n"));
534 name_type1 = name_extract((unsigned char *)inbuf,
535 inbuf_size,(unsigned int)4,name1);
536 name_type2 = name_extract((unsigned char *)inbuf,
537 inbuf_size,(unsigned int)(4 + name_len1),name2);
539 if (name_type1 == -1 || name_type2 == -1) {
540 DEBUG(0,("Invalid name type in session request\n"));
544 DEBUG(2,("netbios connect: name1=%s0x%x name2=%s0x%x\n",
545 name1, name_type1, name2, name_type2));
547 if (netbios_session_retarget(sconn, name1, name_type1)) {
548 exit_server_cleanly("retargeted client");
552 * Windows NT/2k uses "*SMBSERVER" and XP uses
553 * "*SMBSERV" arrggg!!!
555 if (strequal(name1, "*SMBSERVER ")
556 || strequal(name1, "*SMBSERV ")) {
557 fstrcpy(name1, sconn->client_id.addr);
560 set_local_machine_name(name1, True);
561 set_remote_machine_name(name2, True);
563 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
564 get_local_machine_name(), get_remote_machine_name(),
567 if (name_type2 == 'R') {
568 /* We are being asked for a pathworks session ---
570 SCVAL(outbuf, 0,0x83);
574 /* only add the client's machine name to the list
575 of possibly valid usernames if we are operating
576 in share mode security */
577 if (lp_security() == SEC_SHARE) {
578 add_session_user(sconn, get_remote_machine_name());
581 reload_services(sconn->msg_ctx, sconn->sock, True);
584 sconn->nbt.got_session = true;
588 case 0x89: /* session keepalive request
589 (some old clients produce this?) */
590 SCVAL(outbuf,0,SMBkeepalive);
594 case 0x82: /* positive session response */
595 case 0x83: /* negative session response */
596 case 0x84: /* retarget session response */
597 DEBUG(0,("Unexpected session response\n"));
600 case SMBkeepalive: /* session keepalive */
605 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
606 msg_type, msg_flags));
608 srv_send_smb(sconn, outbuf, false, 0, false, NULL);
612 /****************************************************************************
614 conn POINTER CAN BE NULL HERE !
615 ****************************************************************************/
617 void reply_tcon(struct smb_request *req)
619 connection_struct *conn = req->conn;
621 char *service_buf = NULL;
622 char *password = NULL;
627 DATA_BLOB password_blob;
628 TALLOC_CTX *ctx = talloc_tos();
629 struct smbd_server_connection *sconn = req->sconn;
631 START_PROFILE(SMBtcon);
633 if (req->buflen < 4) {
634 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
635 END_PROFILE(SMBtcon);
639 p = (const char *)req->buf + 1;
640 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
642 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
644 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
647 if (service_buf == NULL || password == NULL || dev == NULL) {
648 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
649 END_PROFILE(SMBtcon);
652 p = strrchr_m(service_buf,'\\');
656 service = service_buf;
659 password_blob = data_blob(password, pwlen+1);
661 conn = make_connection(sconn,service,password_blob,dev,
662 req->vuid,&nt_status);
665 data_blob_clear_free(&password_blob);
668 reply_nterror(req, nt_status);
669 END_PROFILE(SMBtcon);
673 reply_outbuf(req, 2, 0);
674 SSVAL(req->outbuf,smb_vwv0,sconn->smb1.negprot.max_recv);
675 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
676 SSVAL(req->outbuf,smb_tid,conn->cnum);
678 DEBUG(3,("tcon service=%s cnum=%d\n",
679 service, conn->cnum));
681 END_PROFILE(SMBtcon);
685 /****************************************************************************
686 Reply to a tcon and X.
687 conn POINTER CAN BE NULL HERE !
688 ****************************************************************************/
690 void reply_tcon_and_X(struct smb_request *req)
692 connection_struct *conn = req->conn;
693 const char *service = NULL;
695 TALLOC_CTX *ctx = talloc_tos();
696 /* what the cleint thinks the device is */
697 char *client_devicetype = NULL;
698 /* what the server tells the client the share represents */
699 const char *server_devicetype;
705 struct smbd_server_connection *sconn = req->sconn;
707 START_PROFILE(SMBtconX);
710 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
711 END_PROFILE(SMBtconX);
715 passlen = SVAL(req->vwv+3, 0);
716 tcon_flags = SVAL(req->vwv+2, 0);
718 /* we might have to close an old one */
719 if ((tcon_flags & 0x1) && conn) {
720 close_cnum(conn,req->vuid);
725 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
726 reply_force_doserror(req, ERRDOS, ERRbuftoosmall);
727 END_PROFILE(SMBtconX);
731 if (sconn->smb1.negprot.encrypted_passwords) {
732 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
733 if (lp_security() == SEC_SHARE) {
735 * Security = share always has a pad byte
736 * after the password.
738 p = (const char *)req->buf + passlen + 1;
740 p = (const char *)req->buf + passlen;
743 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
744 /* Ensure correct termination */
745 password.data[passlen]=0;
746 p = (const char *)req->buf + passlen + 1;
749 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
752 data_blob_clear_free(&password);
753 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
754 END_PROFILE(SMBtconX);
759 * the service name can be either: \\server\share
760 * or share directly like on the DELL PowerVault 705
763 q = strchr_m(path+2,'\\');
765 data_blob_clear_free(&password);
766 reply_nterror(req, NT_STATUS_BAD_NETWORK_NAME);
767 END_PROFILE(SMBtconX);
775 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
776 &client_devicetype, p,
777 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
779 if (client_devicetype == NULL) {
780 data_blob_clear_free(&password);
781 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
782 END_PROFILE(SMBtconX);
786 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
788 conn = make_connection(sconn, service, password, client_devicetype,
789 req->vuid, &nt_status);
792 data_blob_clear_free(&password);
795 reply_nterror(req, nt_status);
796 END_PROFILE(SMBtconX);
801 server_devicetype = "IPC";
802 else if ( IS_PRINT(conn) )
803 server_devicetype = "LPT1:";
805 server_devicetype = "A:";
807 if (get_Protocol() < PROTOCOL_NT1) {
808 reply_outbuf(req, 2, 0);
809 if (message_push_string(&req->outbuf, server_devicetype,
810 STR_TERMINATE|STR_ASCII) == -1) {
811 reply_nterror(req, NT_STATUS_NO_MEMORY);
812 END_PROFILE(SMBtconX);
816 /* NT sets the fstype of IPC$ to the null string */
817 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
819 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
820 /* Return permissions. */
824 reply_outbuf(req, 7, 0);
827 perm1 = FILE_ALL_ACCESS;
828 perm2 = FILE_ALL_ACCESS;
830 perm1 = CAN_WRITE(conn) ?
835 SIVAL(req->outbuf, smb_vwv3, perm1);
836 SIVAL(req->outbuf, smb_vwv5, perm2);
838 reply_outbuf(req, 3, 0);
841 if ((message_push_string(&req->outbuf, server_devicetype,
842 STR_TERMINATE|STR_ASCII) == -1)
843 || (message_push_string(&req->outbuf, fstype,
844 STR_TERMINATE) == -1)) {
845 reply_nterror(req, NT_STATUS_NO_MEMORY);
846 END_PROFILE(SMBtconX);
850 /* what does setting this bit do? It is set by NT4 and
851 may affect the ability to autorun mounted cdroms */
852 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
853 (lp_csc_policy(SNUM(conn)) << 2));
855 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
856 DEBUG(2,("Serving %s as a Dfs root\n",
857 lp_servicename(SNUM(conn)) ));
858 SSVAL(req->outbuf, smb_vwv2,
859 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
864 DEBUG(3,("tconX service=%s \n",
867 /* set the incoming and outgoing tid to the just created one */
868 SSVAL(req->inbuf,smb_tid,conn->cnum);
869 SSVAL(req->outbuf,smb_tid,conn->cnum);
871 END_PROFILE(SMBtconX);
873 req->tid = conn->cnum;
878 /****************************************************************************
879 Reply to an unknown type.
880 ****************************************************************************/
882 void reply_unknown_new(struct smb_request *req, uint8 type)
884 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
885 smb_fn_name(type), type, type));
886 reply_force_doserror(req, ERRSRV, ERRunknownsmb);
890 /****************************************************************************
892 conn POINTER CAN BE NULL HERE !
893 ****************************************************************************/
895 void reply_ioctl(struct smb_request *req)
897 connection_struct *conn = req->conn;
904 START_PROFILE(SMBioctl);
907 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
908 END_PROFILE(SMBioctl);
912 device = SVAL(req->vwv+1, 0);
913 function = SVAL(req->vwv+2, 0);
914 ioctl_code = (device << 16) + function;
916 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
918 switch (ioctl_code) {
919 case IOCTL_QUERY_JOB_INFO:
923 reply_force_doserror(req, ERRSRV, ERRnosupport);
924 END_PROFILE(SMBioctl);
928 reply_outbuf(req, 8, replysize+1);
929 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
930 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
931 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
932 p = smb_buf(req->outbuf);
933 memset(p, '\0', replysize+1); /* valgrind-safe. */
934 p += 1; /* Allow for alignment */
936 switch (ioctl_code) {
937 case IOCTL_QUERY_JOB_INFO:
939 files_struct *fsp = file_fsp(
940 req, SVAL(req->vwv+0, 0));
942 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
943 END_PROFILE(SMBioctl);
947 if (fsp->print_file) {
948 SSVAL(p, 0, fsp->print_file->rap_jobid);
952 srvstr_push((char *)req->outbuf, req->flags2, p+2,
954 STR_TERMINATE|STR_ASCII);
956 srvstr_push((char *)req->outbuf, req->flags2,
957 p+18, lp_servicename(SNUM(conn)),
958 13, STR_TERMINATE|STR_ASCII);
966 END_PROFILE(SMBioctl);
970 /****************************************************************************
971 Strange checkpath NTSTATUS mapping.
972 ****************************************************************************/
974 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
976 /* Strange DOS error code semantics only for checkpath... */
977 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
978 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
979 /* We need to map to ERRbadpath */
980 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
986 /****************************************************************************
987 Reply to a checkpath.
988 ****************************************************************************/
990 void reply_checkpath(struct smb_request *req)
992 connection_struct *conn = req->conn;
993 struct smb_filename *smb_fname = NULL;
996 TALLOC_CTX *ctx = talloc_tos();
998 START_PROFILE(SMBcheckpath);
1000 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
1001 STR_TERMINATE, &status);
1003 if (!NT_STATUS_IS_OK(status)) {
1004 status = map_checkpath_error(req->flags2, status);
1005 reply_nterror(req, status);
1006 END_PROFILE(SMBcheckpath);
1010 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
1012 status = filename_convert(ctx,
1014 req->flags2 & FLAGS2_DFS_PATHNAMES,
1020 if (!NT_STATUS_IS_OK(status)) {
1021 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1022 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1023 ERRSRV, ERRbadpath);
1024 END_PROFILE(SMBcheckpath);
1030 if (!VALID_STAT(smb_fname->st) &&
1031 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1032 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",
1033 smb_fname_str_dbg(smb_fname), strerror(errno)));
1034 status = map_nt_error_from_unix(errno);
1038 if (!S_ISDIR(smb_fname->st.st_ex_mode)) {
1039 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
1040 ERRDOS, ERRbadpath);
1044 reply_outbuf(req, 0, 0);
1047 /* We special case this - as when a Windows machine
1048 is parsing a path is steps through the components
1049 one at a time - if a component fails it expects
1050 ERRbadpath, not ERRbadfile.
1052 status = map_checkpath_error(req->flags2, status);
1053 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1055 * Windows returns different error codes if
1056 * the parent directory is valid but not the
1057 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
1058 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
1059 * if the path is invalid.
1061 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
1062 ERRDOS, ERRbadpath);
1066 reply_nterror(req, status);
1069 TALLOC_FREE(smb_fname);
1070 END_PROFILE(SMBcheckpath);
1074 /****************************************************************************
1076 ****************************************************************************/
1078 void reply_getatr(struct smb_request *req)
1080 connection_struct *conn = req->conn;
1081 struct smb_filename *smb_fname = NULL;
1088 TALLOC_CTX *ctx = talloc_tos();
1089 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1091 START_PROFILE(SMBgetatr);
1093 p = (const char *)req->buf + 1;
1094 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1095 if (!NT_STATUS_IS_OK(status)) {
1096 reply_nterror(req, status);
1100 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1101 under WfWg - weird! */
1102 if (*fname == '\0') {
1103 mode = aHIDDEN | aDIR;
1104 if (!CAN_WRITE(conn)) {
1110 status = filename_convert(ctx,
1112 req->flags2 & FLAGS2_DFS_PATHNAMES,
1117 if (!NT_STATUS_IS_OK(status)) {
1118 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1119 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1120 ERRSRV, ERRbadpath);
1123 reply_nterror(req, status);
1126 if (!VALID_STAT(smb_fname->st) &&
1127 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1128 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",
1129 smb_fname_str_dbg(smb_fname),
1131 reply_nterror(req, map_nt_error_from_unix(errno));
1135 mode = dos_mode(conn, smb_fname);
1136 size = smb_fname->st.st_ex_size;
1138 if (ask_sharemode) {
1139 struct timespec write_time_ts;
1140 struct file_id fileid;
1142 ZERO_STRUCT(write_time_ts);
1143 fileid = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1144 get_file_infos(fileid, NULL, &write_time_ts);
1145 if (!null_timespec(write_time_ts)) {
1146 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1150 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1156 reply_outbuf(req, 10, 0);
1158 SSVAL(req->outbuf,smb_vwv0,mode);
1159 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1160 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1162 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1164 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1166 if (get_Protocol() >= PROTOCOL_NT1) {
1167 SSVAL(req->outbuf, smb_flg2,
1168 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1171 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n",
1172 smb_fname_str_dbg(smb_fname), mode, (unsigned int)size));
1175 TALLOC_FREE(smb_fname);
1177 END_PROFILE(SMBgetatr);
1181 /****************************************************************************
1183 ****************************************************************************/
1185 void reply_setatr(struct smb_request *req)
1187 struct smb_file_time ft;
1188 connection_struct *conn = req->conn;
1189 struct smb_filename *smb_fname = NULL;
1195 TALLOC_CTX *ctx = talloc_tos();
1197 START_PROFILE(SMBsetatr);
1202 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1206 p = (const char *)req->buf + 1;
1207 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1208 if (!NT_STATUS_IS_OK(status)) {
1209 reply_nterror(req, status);
1213 status = filename_convert(ctx,
1215 req->flags2 & FLAGS2_DFS_PATHNAMES,
1220 if (!NT_STATUS_IS_OK(status)) {
1221 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1222 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1223 ERRSRV, ERRbadpath);
1226 reply_nterror(req, status);
1230 if (smb_fname->base_name[0] == '.' &&
1231 smb_fname->base_name[1] == '\0') {
1233 * Not sure here is the right place to catch this
1234 * condition. Might be moved to somewhere else later -- vl
1236 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1240 mode = SVAL(req->vwv+0, 0);
1241 mtime = srv_make_unix_date3(req->vwv+1);
1243 ft.mtime = convert_time_t_to_timespec(mtime);
1244 status = smb_set_file_time(conn, NULL, smb_fname, &ft, true);
1245 if (!NT_STATUS_IS_OK(status)) {
1246 reply_nterror(req, status);
1250 if (mode != FILE_ATTRIBUTE_NORMAL) {
1251 if (VALID_STAT_OF_DIR(smb_fname->st))
1256 if (file_set_dosmode(conn, smb_fname, mode, NULL,
1258 reply_nterror(req, map_nt_error_from_unix(errno));
1263 reply_outbuf(req, 0, 0);
1265 DEBUG(3, ("setatr name=%s mode=%d\n", smb_fname_str_dbg(smb_fname),
1268 TALLOC_FREE(smb_fname);
1269 END_PROFILE(SMBsetatr);
1273 /****************************************************************************
1275 ****************************************************************************/
1277 void reply_dskattr(struct smb_request *req)
1279 connection_struct *conn = req->conn;
1280 uint64_t dfree,dsize,bsize;
1281 START_PROFILE(SMBdskattr);
1283 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1284 reply_nterror(req, map_nt_error_from_unix(errno));
1285 END_PROFILE(SMBdskattr);
1289 reply_outbuf(req, 5, 0);
1291 if (get_Protocol() <= PROTOCOL_LANMAN2) {
1292 double total_space, free_space;
1293 /* we need to scale this to a number that DOS6 can handle. We
1294 use floating point so we can handle large drives on systems
1295 that don't have 64 bit integers
1297 we end up displaying a maximum of 2G to DOS systems
1299 total_space = dsize * (double)bsize;
1300 free_space = dfree * (double)bsize;
1302 dsize = (uint64_t)((total_space+63*512) / (64*512));
1303 dfree = (uint64_t)((free_space+63*512) / (64*512));
1305 if (dsize > 0xFFFF) dsize = 0xFFFF;
1306 if (dfree > 0xFFFF) dfree = 0xFFFF;
1308 SSVAL(req->outbuf,smb_vwv0,dsize);
1309 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1310 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1311 SSVAL(req->outbuf,smb_vwv3,dfree);
1313 SSVAL(req->outbuf,smb_vwv0,dsize);
1314 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1315 SSVAL(req->outbuf,smb_vwv2,512);
1316 SSVAL(req->outbuf,smb_vwv3,dfree);
1319 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1321 END_PROFILE(SMBdskattr);
1326 * Utility function to split the filename from the directory.
1328 static NTSTATUS split_fname_dir_mask(TALLOC_CTX *ctx, const char *fname_in,
1329 char **fname_dir_out,
1330 char **fname_mask_out)
1332 const char *p = NULL;
1333 char *fname_dir = NULL;
1334 char *fname_mask = NULL;
1336 p = strrchr_m(fname_in, '/');
1338 fname_dir = talloc_strdup(ctx, ".");
1339 fname_mask = talloc_strdup(ctx, fname_in);
1341 fname_dir = talloc_strndup(ctx, fname_in,
1342 PTR_DIFF(p, fname_in));
1343 fname_mask = talloc_strdup(ctx, p+1);
1346 if (!fname_dir || !fname_mask) {
1347 TALLOC_FREE(fname_dir);
1348 TALLOC_FREE(fname_mask);
1349 return NT_STATUS_NO_MEMORY;
1352 *fname_dir_out = fname_dir;
1353 *fname_mask_out = fname_mask;
1354 return NT_STATUS_OK;
1357 /****************************************************************************
1359 Can be called from SMBsearch, SMBffirst or SMBfunique.
1360 ****************************************************************************/
1362 void reply_search(struct smb_request *req)
1364 connection_struct *conn = req->conn;
1366 const char *mask = NULL;
1367 char *directory = NULL;
1368 struct smb_filename *smb_fname = NULL;
1372 struct timespec date;
1374 unsigned int numentries = 0;
1375 unsigned int maxentries = 0;
1376 bool finished = False;
1381 bool check_descend = False;
1382 bool expect_close = False;
1384 bool mask_contains_wcard = False;
1385 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1386 TALLOC_CTX *ctx = talloc_tos();
1387 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1388 struct dptr_struct *dirptr = NULL;
1389 struct smbd_server_connection *sconn = req->sconn;
1391 START_PROFILE(SMBsearch);
1394 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1398 if (lp_posix_pathnames()) {
1399 reply_unknown_new(req, req->cmd);
1403 /* If we were called as SMBffirst then we must expect close. */
1404 if(req->cmd == SMBffirst) {
1405 expect_close = True;
1408 reply_outbuf(req, 1, 3);
1409 maxentries = SVAL(req->vwv+0, 0);
1410 dirtype = SVAL(req->vwv+1, 0);
1411 p = (const char *)req->buf + 1;
1412 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1413 &nt_status, &mask_contains_wcard);
1414 if (!NT_STATUS_IS_OK(nt_status)) {
1415 reply_nterror(req, nt_status);
1420 status_len = SVAL(p, 0);
1423 /* dirtype &= ~aDIR; */
1425 if (status_len == 0) {
1426 nt_status = filename_convert(ctx, conn,
1427 req->flags2 & FLAGS2_DFS_PATHNAMES,
1429 UCF_ALWAYS_ALLOW_WCARD_LCOMP,
1430 &mask_contains_wcard,
1432 if (!NT_STATUS_IS_OK(nt_status)) {
1433 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1434 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1435 ERRSRV, ERRbadpath);
1438 reply_nterror(req, nt_status);
1442 directory = smb_fname->base_name;
1444 p = strrchr_m(directory,'/');
1445 if ((p != NULL) && (*directory != '/')) {
1447 directory = talloc_strndup(ctx, directory,
1448 PTR_DIFF(p, directory));
1451 directory = talloc_strdup(ctx,".");
1455 reply_nterror(req, NT_STATUS_NO_MEMORY);
1459 memset((char *)status,'\0',21);
1460 SCVAL(status,0,(dirtype & 0x1F));
1462 nt_status = dptr_create(conn,
1468 mask_contains_wcard,
1471 if (!NT_STATUS_IS_OK(nt_status)) {
1472 reply_nterror(req, nt_status);
1475 dptr_num = dptr_dnum(dirptr);
1478 const char *dirpath;
1480 memcpy(status,p,21);
1481 status_dirtype = CVAL(status,0) & 0x1F;
1482 if (status_dirtype != (dirtype & 0x1F)) {
1483 dirtype = status_dirtype;
1486 dirptr = dptr_fetch(sconn, status+12,&dptr_num);
1490 dirpath = dptr_path(sconn, dptr_num);
1491 directory = talloc_strdup(ctx, dirpath);
1493 reply_nterror(req, NT_STATUS_NO_MEMORY);
1497 mask = dptr_wcard(sconn, dptr_num);
1502 * For a 'continue' search we have no string. So
1503 * check from the initial saved string.
1505 mask_contains_wcard = ms_has_wild(mask);
1506 dirtype = dptr_attr(sconn, dptr_num);
1509 DEBUG(4,("dptr_num is %d\n",dptr_num));
1511 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1512 dptr_init_search_op(dirptr);
1514 if ((dirtype&0x1F) == aVOLID) {
1515 char buf[DIR_STRUCT_SIZE];
1516 memcpy(buf,status,21);
1517 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1518 0,aVOLID,0,!allow_long_path_components)) {
1519 reply_nterror(req, NT_STATUS_NO_MEMORY);
1522 dptr_fill(sconn, buf+12,dptr_num);
1523 if (dptr_zero(buf+12) && (status_len==0)) {
1528 if (message_push_blob(&req->outbuf,
1529 data_blob_const(buf, sizeof(buf)))
1531 reply_nterror(req, NT_STATUS_NO_MEMORY);
1539 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1542 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1543 directory,lp_dontdescend(SNUM(conn))));
1544 if (in_list(directory, lp_dontdescend(SNUM(conn)),True)) {
1545 check_descend = True;
1548 for (i=numentries;(i<maxentries) && !finished;i++) {
1549 finished = !get_dir_entry(ctx,
1560 char buf[DIR_STRUCT_SIZE];
1561 memcpy(buf,status,21);
1562 if (!make_dir_struct(ctx,
1568 convert_timespec_to_time_t(date),
1569 !allow_long_path_components)) {
1570 reply_nterror(req, NT_STATUS_NO_MEMORY);
1573 if (!dptr_fill(sconn, buf+12,dptr_num)) {
1576 if (message_push_blob(&req->outbuf,
1577 data_blob_const(buf, sizeof(buf)))
1579 reply_nterror(req, NT_STATUS_NO_MEMORY);
1589 /* If we were called as SMBffirst with smb_search_id == NULL
1590 and no entries were found then return error and close dirptr
1593 if (numentries == 0) {
1594 dptr_close(sconn, &dptr_num);
1595 } else if(expect_close && status_len == 0) {
1596 /* Close the dptr - we know it's gone */
1597 dptr_close(sconn, &dptr_num);
1600 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1601 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1602 dptr_close(sconn, &dptr_num);
1605 if ((numentries == 0) && !mask_contains_wcard) {
1606 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1610 SSVAL(req->outbuf,smb_vwv0,numentries);
1611 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1612 SCVAL(smb_buf(req->outbuf),0,5);
1613 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1615 /* The replies here are never long name. */
1616 SSVAL(req->outbuf, smb_flg2,
1617 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1618 if (!allow_long_path_components) {
1619 SSVAL(req->outbuf, smb_flg2,
1620 SVAL(req->outbuf, smb_flg2)
1621 & (~FLAGS2_LONG_PATH_COMPONENTS));
1624 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1625 SSVAL(req->outbuf, smb_flg2,
1626 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1628 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1629 smb_fn_name(req->cmd),
1636 TALLOC_FREE(directory);
1637 TALLOC_FREE(smb_fname);
1638 END_PROFILE(SMBsearch);
1642 /****************************************************************************
1643 Reply to a fclose (stop directory search).
1644 ****************************************************************************/
1646 void reply_fclose(struct smb_request *req)
1654 bool path_contains_wcard = False;
1655 TALLOC_CTX *ctx = talloc_tos();
1656 struct smbd_server_connection *sconn = req->sconn;
1658 START_PROFILE(SMBfclose);
1660 if (lp_posix_pathnames()) {
1661 reply_unknown_new(req, req->cmd);
1662 END_PROFILE(SMBfclose);
1666 p = (const char *)req->buf + 1;
1667 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1668 &err, &path_contains_wcard);
1669 if (!NT_STATUS_IS_OK(err)) {
1670 reply_nterror(req, err);
1671 END_PROFILE(SMBfclose);
1675 status_len = SVAL(p,0);
1678 if (status_len == 0) {
1679 reply_force_doserror(req, ERRSRV, ERRsrverror);
1680 END_PROFILE(SMBfclose);
1684 memcpy(status,p,21);
1686 if(dptr_fetch(sconn, status+12,&dptr_num)) {
1687 /* Close the dptr - we know it's gone */
1688 dptr_close(sconn, &dptr_num);
1691 reply_outbuf(req, 1, 0);
1692 SSVAL(req->outbuf,smb_vwv0,0);
1694 DEBUG(3,("search close\n"));
1696 END_PROFILE(SMBfclose);
1700 /****************************************************************************
1702 ****************************************************************************/
1704 void reply_open(struct smb_request *req)
1706 connection_struct *conn = req->conn;
1707 struct smb_filename *smb_fname = NULL;
1719 uint32 create_disposition;
1720 uint32 create_options = 0;
1721 uint32_t private_flags = 0;
1723 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1724 TALLOC_CTX *ctx = talloc_tos();
1726 START_PROFILE(SMBopen);
1729 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1733 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1734 deny_mode = SVAL(req->vwv+0, 0);
1735 dos_attr = SVAL(req->vwv+1, 0);
1737 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1738 STR_TERMINATE, &status);
1739 if (!NT_STATUS_IS_OK(status)) {
1740 reply_nterror(req, status);
1744 status = filename_convert(ctx,
1746 req->flags2 & FLAGS2_DFS_PATHNAMES,
1751 if (!NT_STATUS_IS_OK(status)) {
1752 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1753 reply_botherror(req,
1754 NT_STATUS_PATH_NOT_COVERED,
1755 ERRSRV, ERRbadpath);
1758 reply_nterror(req, status);
1762 if (!map_open_params_to_ntcreate(smb_fname, deny_mode,
1763 OPENX_FILE_EXISTS_OPEN, &access_mask,
1764 &share_mode, &create_disposition,
1765 &create_options, &private_flags)) {
1766 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1770 status = SMB_VFS_CREATE_FILE(
1773 0, /* root_dir_fid */
1774 smb_fname, /* fname */
1775 access_mask, /* access_mask */
1776 share_mode, /* share_access */
1777 create_disposition, /* create_disposition*/
1778 create_options, /* create_options */
1779 dos_attr, /* file_attributes */
1780 oplock_request, /* oplock_request */
1781 0, /* allocation_size */
1788 if (!NT_STATUS_IS_OK(status)) {
1789 if (open_was_deferred(req->mid)) {
1790 /* We have re-scheduled this call. */
1793 reply_openerror(req, status);
1797 size = smb_fname->st.st_ex_size;
1798 fattr = dos_mode(conn, smb_fname);
1800 /* Deal with other possible opens having a modified
1802 if (ask_sharemode) {
1803 struct timespec write_time_ts;
1805 ZERO_STRUCT(write_time_ts);
1806 get_file_infos(fsp->file_id, NULL, &write_time_ts);
1807 if (!null_timespec(write_time_ts)) {
1808 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1812 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1815 DEBUG(3,("attempt to open a directory %s\n",
1817 close_file(req, fsp, ERROR_CLOSE);
1818 reply_botherror(req, NT_STATUS_ACCESS_DENIED,
1819 ERRDOS, ERRnoaccess);
1823 reply_outbuf(req, 7, 0);
1824 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1825 SSVAL(req->outbuf,smb_vwv1,fattr);
1826 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1827 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1829 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1831 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1832 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1834 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1835 SCVAL(req->outbuf,smb_flg,
1836 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1839 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1840 SCVAL(req->outbuf,smb_flg,
1841 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1844 TALLOC_FREE(smb_fname);
1845 END_PROFILE(SMBopen);
1849 /****************************************************************************
1850 Reply to an open and X.
1851 ****************************************************************************/
1853 void reply_open_and_X(struct smb_request *req)
1855 connection_struct *conn = req->conn;
1856 struct smb_filename *smb_fname = NULL;
1861 /* Breakout the oplock request bits so we can set the
1862 reply bits separately. */
1863 int ex_oplock_request;
1864 int core_oplock_request;
1867 int smb_sattr = SVAL(req->vwv+4, 0);
1868 uint32 smb_time = make_unix_date3(req->vwv+6);
1876 uint64_t allocation_size;
1877 ssize_t retval = -1;
1880 uint32 create_disposition;
1881 uint32 create_options = 0;
1882 uint32_t private_flags = 0;
1883 TALLOC_CTX *ctx = talloc_tos();
1885 START_PROFILE(SMBopenX);
1887 if (req->wct < 15) {
1888 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1892 open_flags = SVAL(req->vwv+2, 0);
1893 deny_mode = SVAL(req->vwv+3, 0);
1894 smb_attr = SVAL(req->vwv+5, 0);
1895 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1896 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1897 oplock_request = ex_oplock_request | core_oplock_request;
1898 smb_ofun = SVAL(req->vwv+8, 0);
1899 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1901 /* If it's an IPC, pass off the pipe handler. */
1903 if (lp_nt_pipe_support()) {
1904 reply_open_pipe_and_X(conn, req);
1906 reply_nterror(req, NT_STATUS_NETWORK_ACCESS_DENIED);
1911 /* XXXX we need to handle passed times, sattr and flags */
1912 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1913 STR_TERMINATE, &status);
1914 if (!NT_STATUS_IS_OK(status)) {
1915 reply_nterror(req, status);
1919 status = filename_convert(ctx,
1921 req->flags2 & FLAGS2_DFS_PATHNAMES,
1926 if (!NT_STATUS_IS_OK(status)) {
1927 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1928 reply_botherror(req,
1929 NT_STATUS_PATH_NOT_COVERED,
1930 ERRSRV, ERRbadpath);
1933 reply_nterror(req, status);
1937 if (!map_open_params_to_ntcreate(smb_fname, deny_mode, smb_ofun,
1938 &access_mask, &share_mode,
1939 &create_disposition,
1942 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1946 status = SMB_VFS_CREATE_FILE(
1949 0, /* root_dir_fid */
1950 smb_fname, /* fname */
1951 access_mask, /* access_mask */
1952 share_mode, /* share_access */
1953 create_disposition, /* create_disposition*/
1954 create_options, /* create_options */
1955 smb_attr, /* file_attributes */
1956 oplock_request, /* oplock_request */
1957 0, /* allocation_size */
1962 &smb_action); /* pinfo */
1964 if (!NT_STATUS_IS_OK(status)) {
1965 if (open_was_deferred(req->mid)) {
1966 /* We have re-scheduled this call. */
1969 reply_openerror(req, status);
1973 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1974 if the file is truncated or created. */
1975 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1976 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1977 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1978 close_file(req, fsp, ERROR_CLOSE);
1979 reply_nterror(req, NT_STATUS_DISK_FULL);
1982 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1984 close_file(req, fsp, ERROR_CLOSE);
1985 reply_nterror(req, NT_STATUS_DISK_FULL);
1988 status = vfs_stat_fsp(fsp);
1989 if (!NT_STATUS_IS_OK(status)) {
1990 close_file(req, fsp, ERROR_CLOSE);
1991 reply_nterror(req, status);
1996 fattr = dos_mode(conn, fsp->fsp_name);
1997 mtime = convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_mtime);
1999 close_file(req, fsp, ERROR_CLOSE);
2000 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
2004 /* If the caller set the extended oplock request bit
2005 and we granted one (by whatever means) - set the
2006 correct bit for extended oplock reply.
2009 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2010 smb_action |= EXTENDED_OPLOCK_GRANTED;
2013 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2014 smb_action |= EXTENDED_OPLOCK_GRANTED;
2017 /* If the caller set the core oplock request bit
2018 and we granted one (by whatever means) - set the
2019 correct bit for core oplock reply.
2022 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2023 reply_outbuf(req, 19, 0);
2025 reply_outbuf(req, 15, 0);
2028 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2029 SCVAL(req->outbuf, smb_flg,
2030 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2033 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2034 SCVAL(req->outbuf, smb_flg,
2035 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2038 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
2039 SSVAL(req->outbuf,smb_vwv3,fattr);
2040 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
2041 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
2043 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
2045 SIVAL(req->outbuf,smb_vwv6,(uint32)fsp->fsp_name->st.st_ex_size);
2046 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
2047 SSVAL(req->outbuf,smb_vwv11,smb_action);
2049 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2050 SIVAL(req->outbuf, smb_vwv15, SEC_STD_ALL);
2055 TALLOC_FREE(smb_fname);
2056 END_PROFILE(SMBopenX);
2060 /****************************************************************************
2061 Reply to a SMBulogoffX.
2062 ****************************************************************************/
2064 void reply_ulogoffX(struct smb_request *req)
2066 struct smbd_server_connection *sconn = req->sconn;
2069 START_PROFILE(SMBulogoffX);
2071 vuser = get_valid_user_struct(sconn, req->vuid);
2074 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
2078 /* in user level security we are supposed to close any files
2079 open by this user */
2080 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
2081 file_close_user(sconn, req->vuid);
2084 invalidate_vuid(sconn, req->vuid);
2086 reply_outbuf(req, 2, 0);
2088 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
2090 END_PROFILE(SMBulogoffX);
2091 req->vuid = UID_FIELD_INVALID;
2095 /****************************************************************************
2096 Reply to a mknew or a create.
2097 ****************************************************************************/
2099 void reply_mknew(struct smb_request *req)
2101 connection_struct *conn = req->conn;
2102 struct smb_filename *smb_fname = NULL;
2105 struct smb_file_time ft;
2107 int oplock_request = 0;
2109 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
2110 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
2111 uint32 create_disposition;
2112 uint32 create_options = 0;
2113 TALLOC_CTX *ctx = talloc_tos();
2115 START_PROFILE(SMBcreate);
2119 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2123 fattr = SVAL(req->vwv+0, 0);
2124 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2127 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
2129 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
2130 STR_TERMINATE, &status);
2131 if (!NT_STATUS_IS_OK(status)) {
2132 reply_nterror(req, status);
2136 status = filename_convert(ctx,
2138 req->flags2 & FLAGS2_DFS_PATHNAMES,
2143 if (!NT_STATUS_IS_OK(status)) {
2144 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2145 reply_botherror(req,
2146 NT_STATUS_PATH_NOT_COVERED,
2147 ERRSRV, ERRbadpath);
2150 reply_nterror(req, status);
2154 if (fattr & aVOLID) {
2155 DEBUG(0,("Attempt to create file (%s) with volid set - "
2156 "please report this\n",
2157 smb_fname_str_dbg(smb_fname)));
2160 if(req->cmd == SMBmknew) {
2161 /* We should fail if file exists. */
2162 create_disposition = FILE_CREATE;
2164 /* Create if file doesn't exist, truncate if it does. */
2165 create_disposition = FILE_OVERWRITE_IF;
2168 status = SMB_VFS_CREATE_FILE(
2171 0, /* root_dir_fid */
2172 smb_fname, /* fname */
2173 access_mask, /* access_mask */
2174 share_mode, /* share_access */
2175 create_disposition, /* create_disposition*/
2176 create_options, /* create_options */
2177 fattr, /* file_attributes */
2178 oplock_request, /* oplock_request */
2179 0, /* allocation_size */
2180 0, /* private_flags */
2186 if (!NT_STATUS_IS_OK(status)) {
2187 if (open_was_deferred(req->mid)) {
2188 /* We have re-scheduled this call. */
2191 reply_openerror(req, status);
2195 ft.atime = smb_fname->st.st_ex_atime; /* atime. */
2196 status = smb_set_file_time(conn, fsp, smb_fname, &ft, true);
2197 if (!NT_STATUS_IS_OK(status)) {
2198 END_PROFILE(SMBcreate);
2202 reply_outbuf(req, 1, 0);
2203 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2205 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2206 SCVAL(req->outbuf,smb_flg,
2207 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2210 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2211 SCVAL(req->outbuf,smb_flg,
2212 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2215 DEBUG(2, ("reply_mknew: file %s\n", smb_fname_str_dbg(smb_fname)));
2216 DEBUG(3, ("reply_mknew %s fd=%d dmode=0x%x\n",
2217 smb_fname_str_dbg(smb_fname), fsp->fh->fd,
2218 (unsigned int)fattr));
2221 TALLOC_FREE(smb_fname);
2222 END_PROFILE(SMBcreate);
2226 /****************************************************************************
2227 Reply to a create temporary file.
2228 ****************************************************************************/
2230 void reply_ctemp(struct smb_request *req)
2232 connection_struct *conn = req->conn;
2233 struct smb_filename *smb_fname = NULL;
2241 TALLOC_CTX *ctx = talloc_tos();
2243 START_PROFILE(SMBctemp);
2246 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2250 fattr = SVAL(req->vwv+0, 0);
2251 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2253 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2254 STR_TERMINATE, &status);
2255 if (!NT_STATUS_IS_OK(status)) {
2256 reply_nterror(req, status);
2260 fname = talloc_asprintf(ctx,
2264 fname = talloc_strdup(ctx, "TMXXXXXX");
2268 reply_nterror(req, NT_STATUS_NO_MEMORY);
2272 status = filename_convert(ctx, conn,
2273 req->flags2 & FLAGS2_DFS_PATHNAMES,
2278 if (!NT_STATUS_IS_OK(status)) {
2279 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2280 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2281 ERRSRV, ERRbadpath);
2284 reply_nterror(req, status);
2288 tmpfd = mkstemp(smb_fname->base_name);
2290 reply_nterror(req, map_nt_error_from_unix(errno));
2294 SMB_VFS_STAT(conn, smb_fname);
2296 /* We should fail if file does not exist. */
2297 status = SMB_VFS_CREATE_FILE(
2300 0, /* root_dir_fid */
2301 smb_fname, /* fname */
2302 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2303 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2304 FILE_OPEN, /* create_disposition*/
2305 0, /* create_options */
2306 fattr, /* file_attributes */
2307 oplock_request, /* oplock_request */
2308 0, /* allocation_size */
2309 0, /* private_flags */
2315 /* close fd from mkstemp() */
2318 if (!NT_STATUS_IS_OK(status)) {
2319 if (open_was_deferred(req->mid)) {
2320 /* We have re-scheduled this call. */
2323 reply_openerror(req, status);
2327 reply_outbuf(req, 1, 0);
2328 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2330 /* the returned filename is relative to the directory */
2331 s = strrchr_m(fsp->fsp_name->base_name, '/');
2333 s = fsp->fsp_name->base_name;
2339 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2340 thing in the byte section. JRA */
2341 SSVALS(p, 0, -1); /* what is this? not in spec */
2343 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2345 reply_nterror(req, NT_STATUS_NO_MEMORY);
2349 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2350 SCVAL(req->outbuf, smb_flg,
2351 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2354 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2355 SCVAL(req->outbuf, smb_flg,
2356 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2359 DEBUG(2, ("reply_ctemp: created temp file %s\n", fsp_str_dbg(fsp)));
2360 DEBUG(3, ("reply_ctemp %s fd=%d umode=0%o\n", fsp_str_dbg(fsp),
2361 fsp->fh->fd, (unsigned int)smb_fname->st.st_ex_mode));
2363 TALLOC_FREE(smb_fname);
2364 END_PROFILE(SMBctemp);
2368 /*******************************************************************
2369 Check if a user is allowed to rename a file.
2370 ********************************************************************/
2372 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2377 if (!CAN_WRITE(conn)) {
2378 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2381 fmode = dos_mode(conn, fsp->fsp_name);
2382 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2383 return NT_STATUS_NO_SUCH_FILE;
2386 if (S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
2387 if (fsp->posix_open) {
2388 return NT_STATUS_OK;
2391 /* If no pathnames are open below this
2392 directory, allow the rename. */
2394 if (file_find_subpath(fsp)) {
2395 return NT_STATUS_ACCESS_DENIED;
2397 return NT_STATUS_OK;
2400 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2401 return NT_STATUS_OK;
2404 return NT_STATUS_ACCESS_DENIED;
2407 /*******************************************************************
2408 * unlink a file with all relevant access checks
2409 *******************************************************************/
2411 static NTSTATUS do_unlink(connection_struct *conn,
2412 struct smb_request *req,
2413 struct smb_filename *smb_fname,
2418 uint32 dirtype_orig = dirtype;
2421 bool posix_paths = lp_posix_pathnames();
2423 DEBUG(10,("do_unlink: %s, dirtype = %d\n",
2424 smb_fname_str_dbg(smb_fname),
2427 if (!CAN_WRITE(conn)) {
2428 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2432 ret = SMB_VFS_LSTAT(conn, smb_fname);
2434 ret = SMB_VFS_STAT(conn, smb_fname);
2437 return map_nt_error_from_unix(errno);
2440 fattr = dos_mode(conn, smb_fname);
2442 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2443 dirtype = aDIR|aARCH|aRONLY;
2446 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2448 return NT_STATUS_NO_SUCH_FILE;
2451 if (!dir_check_ftype(conn, fattr, dirtype)) {
2453 return NT_STATUS_FILE_IS_A_DIRECTORY;
2455 return NT_STATUS_NO_SUCH_FILE;
2458 if (dirtype_orig & 0x8000) {
2459 /* These will never be set for POSIX. */
2460 return NT_STATUS_NO_SUCH_FILE;
2464 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2465 return NT_STATUS_FILE_IS_A_DIRECTORY;
2468 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2469 return NT_STATUS_NO_SUCH_FILE;
2472 if (dirtype & 0xFF00) {
2473 /* These will never be set for POSIX. */
2474 return NT_STATUS_NO_SUCH_FILE;
2479 return NT_STATUS_NO_SUCH_FILE;
2482 /* Can't delete a directory. */
2484 return NT_STATUS_FILE_IS_A_DIRECTORY;
2489 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2490 return NT_STATUS_OBJECT_NAME_INVALID;
2491 #endif /* JRATEST */
2493 /* On open checks the open itself will check the share mode, so
2494 don't do it here as we'll get it wrong. */
2496 status = SMB_VFS_CREATE_FILE
2499 0, /* root_dir_fid */
2500 smb_fname, /* fname */
2501 DELETE_ACCESS, /* access_mask */
2502 FILE_SHARE_NONE, /* share_access */
2503 FILE_OPEN, /* create_disposition*/
2504 FILE_NON_DIRECTORY_FILE, /* create_options */
2505 /* file_attributes */
2506 posix_paths ? FILE_FLAG_POSIX_SEMANTICS|0777 :
2507 FILE_ATTRIBUTE_NORMAL,
2508 0, /* oplock_request */
2509 0, /* allocation_size */
2510 0, /* private_flags */
2516 if (!NT_STATUS_IS_OK(status)) {
2517 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2518 nt_errstr(status)));
2522 status = can_set_delete_on_close(fsp, fattr);
2523 if (!NT_STATUS_IS_OK(status)) {
2524 DEBUG(10, ("do_unlink can_set_delete_on_close for file %s - "
2526 smb_fname_str_dbg(smb_fname),
2527 nt_errstr(status)));
2528 close_file(req, fsp, NORMAL_CLOSE);
2532 /* The set is across all open files on this dev/inode pair. */
2533 if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) {
2534 close_file(req, fsp, NORMAL_CLOSE);
2535 return NT_STATUS_ACCESS_DENIED;
2538 return close_file(req, fsp, NORMAL_CLOSE);
2541 /****************************************************************************
2542 The guts of the unlink command, split out so it may be called by the NT SMB
2544 ****************************************************************************/
2546 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2547 uint32 dirtype, struct smb_filename *smb_fname,
2550 char *fname_dir = NULL;
2551 char *fname_mask = NULL;
2553 NTSTATUS status = NT_STATUS_OK;
2554 TALLOC_CTX *ctx = talloc_tos();
2556 /* Split up the directory from the filename/mask. */
2557 status = split_fname_dir_mask(ctx, smb_fname->base_name,
2558 &fname_dir, &fname_mask);
2559 if (!NT_STATUS_IS_OK(status)) {
2564 * We should only check the mangled cache
2565 * here if unix_convert failed. This means
2566 * that the path in 'mask' doesn't exist
2567 * on the file system and so we need to look
2568 * for a possible mangle. This patch from
2569 * Tine Smukavec <valentin.smukavec@hermes.si>.
2572 if (!VALID_STAT(smb_fname->st) &&
2573 mangle_is_mangled(fname_mask, conn->params)) {
2574 char *new_mask = NULL;
2575 mangle_lookup_name_from_8_3(ctx, fname_mask,
2576 &new_mask, conn->params);
2578 TALLOC_FREE(fname_mask);
2579 fname_mask = new_mask;
2586 * Only one file needs to be unlinked. Append the mask back
2587 * onto the directory.
2589 TALLOC_FREE(smb_fname->base_name);
2590 if (ISDOT(fname_dir)) {
2591 /* Ensure we use canonical names on open. */
2592 smb_fname->base_name = talloc_asprintf(smb_fname,
2596 smb_fname->base_name = talloc_asprintf(smb_fname,
2601 smb_fname->base_name = talloc_asprintf(smb_fname,
2605 if (!smb_fname->base_name) {
2606 status = NT_STATUS_NO_MEMORY;
2610 dirtype = FILE_ATTRIBUTE_NORMAL;
2613 status = check_name(conn, smb_fname->base_name);
2614 if (!NT_STATUS_IS_OK(status)) {
2618 status = do_unlink(conn, req, smb_fname, dirtype);
2619 if (!NT_STATUS_IS_OK(status)) {
2625 struct smb_Dir *dir_hnd = NULL;
2627 const char *dname = NULL;
2628 char *talloced = NULL;
2630 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2631 status = NT_STATUS_OBJECT_NAME_INVALID;
2635 if (strequal(fname_mask,"????????.???")) {
2636 TALLOC_FREE(fname_mask);
2637 fname_mask = talloc_strdup(ctx, "*");
2639 status = NT_STATUS_NO_MEMORY;
2644 status = check_name(conn, fname_dir);
2645 if (!NT_STATUS_IS_OK(status)) {
2649 dir_hnd = OpenDir(talloc_tos(), conn, fname_dir, fname_mask,
2651 if (dir_hnd == NULL) {
2652 status = map_nt_error_from_unix(errno);
2656 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2657 the pattern matches against the long name, otherwise the short name
2658 We don't implement this yet XXXX
2661 status = NT_STATUS_NO_SUCH_FILE;
2663 while ((dname = ReadDirName(dir_hnd, &offset,
2664 &smb_fname->st, &talloced))) {
2665 TALLOC_CTX *frame = talloc_stackframe();
2667 if (!is_visible_file(conn, fname_dir, dname,
2668 &smb_fname->st, true)) {
2670 TALLOC_FREE(talloced);
2674 /* Quick check for "." and ".." */
2675 if (ISDOT(dname) || ISDOTDOT(dname)) {
2677 TALLOC_FREE(talloced);
2681 if(!mask_match(dname, fname_mask,
2682 conn->case_sensitive)) {
2684 TALLOC_FREE(talloced);
2688 TALLOC_FREE(smb_fname->base_name);
2689 if (ISDOT(fname_dir)) {
2690 /* Ensure we use canonical names on open. */
2691 smb_fname->base_name =
2692 talloc_asprintf(smb_fname, "%s",
2695 smb_fname->base_name =
2696 talloc_asprintf(smb_fname, "%s/%s",
2700 if (!smb_fname->base_name) {
2701 TALLOC_FREE(dir_hnd);
2702 status = NT_STATUS_NO_MEMORY;
2704 TALLOC_FREE(talloced);
2708 status = check_name(conn, smb_fname->base_name);
2709 if (!NT_STATUS_IS_OK(status)) {
2710 TALLOC_FREE(dir_hnd);
2712 TALLOC_FREE(talloced);
2716 status = do_unlink(conn, req, smb_fname, dirtype);
2717 if (!NT_STATUS_IS_OK(status)) {
2719 TALLOC_FREE(talloced);
2724 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2725 smb_fname->base_name));
2728 TALLOC_FREE(talloced);
2730 TALLOC_FREE(dir_hnd);
2733 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2734 status = map_nt_error_from_unix(errno);
2738 TALLOC_FREE(fname_dir);
2739 TALLOC_FREE(fname_mask);
2743 /****************************************************************************
2745 ****************************************************************************/
2747 void reply_unlink(struct smb_request *req)
2749 connection_struct *conn = req->conn;
2751 struct smb_filename *smb_fname = NULL;
2754 bool path_contains_wcard = False;
2755 TALLOC_CTX *ctx = talloc_tos();
2757 START_PROFILE(SMBunlink);
2760 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2764 dirtype = SVAL(req->vwv+0, 0);
2766 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2767 STR_TERMINATE, &status,
2768 &path_contains_wcard);
2769 if (!NT_STATUS_IS_OK(status)) {
2770 reply_nterror(req, status);
2774 status = filename_convert(ctx, conn,
2775 req->flags2 & FLAGS2_DFS_PATHNAMES,
2777 UCF_COND_ALLOW_WCARD_LCOMP,
2778 &path_contains_wcard,
2780 if (!NT_STATUS_IS_OK(status)) {
2781 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2782 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2783 ERRSRV, ERRbadpath);
2786 reply_nterror(req, status);
2790 DEBUG(3,("reply_unlink : %s\n", smb_fname_str_dbg(smb_fname)));
2792 status = unlink_internals(conn, req, dirtype, smb_fname,
2793 path_contains_wcard);
2794 if (!NT_STATUS_IS_OK(status)) {
2795 if (open_was_deferred(req->mid)) {
2796 /* We have re-scheduled this call. */
2799 reply_nterror(req, status);
2803 reply_outbuf(req, 0, 0);
2805 TALLOC_FREE(smb_fname);
2806 END_PROFILE(SMBunlink);
2810 /****************************************************************************
2812 ****************************************************************************/
2814 static void fail_readraw(void)
2816 const char *errstr = talloc_asprintf(talloc_tos(),
2817 "FAIL ! reply_readbraw: socket write fail (%s)",
2822 exit_server_cleanly(errstr);
2825 /****************************************************************************
2826 Fake (read/write) sendfile. Returns -1 on read or write fail.
2827 ****************************************************************************/
2829 ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread)
2832 size_t tosend = nread;
2839 bufsize = MIN(nread, 65536);
2841 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2845 while (tosend > 0) {
2849 if (tosend > bufsize) {
2854 ret = read_file(fsp,buf,startpos,cur_read);
2860 /* If we had a short read, fill with zeros. */
2861 if (ret < cur_read) {
2862 memset(buf + ret, '\0', cur_read - ret);
2865 if (write_data(fsp->conn->sconn->sock, buf, cur_read)
2867 char addr[INET6_ADDRSTRLEN];
2869 * Try and give an error message saying what
2872 DEBUG(0, ("write_data failed for client %s. "
2874 get_peer_addr(fsp->conn->sconn->sock, addr,
2881 startpos += cur_read;
2885 return (ssize_t)nread;
2888 /****************************************************************************
2889 Deal with the case of sendfile reading less bytes from the file than
2890 requested. Fill with zeros (all we can do).
2891 ****************************************************************************/
2893 void sendfile_short_send(files_struct *fsp,
2898 #define SHORT_SEND_BUFSIZE 1024
2899 if (nread < headersize) {
2900 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2901 "header for file %s (%s). Terminating\n",
2902 fsp_str_dbg(fsp), strerror(errno)));
2903 exit_server_cleanly("sendfile_short_send failed");
2906 nread -= headersize;
2908 if (nread < smb_maxcnt) {
2909 char *buf = SMB_CALLOC_ARRAY(char, SHORT_SEND_BUFSIZE);
2911 exit_server_cleanly("sendfile_short_send: "
2915 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2916 "with zeros !\n", fsp_str_dbg(fsp)));
2918 while (nread < smb_maxcnt) {
2920 * We asked for the real file size and told sendfile
2921 * to not go beyond the end of the file. But it can
2922 * happen that in between our fstat call and the
2923 * sendfile call the file was truncated. This is very
2924 * bad because we have already announced the larger
2925 * number of bytes to the client.
2927 * The best we can do now is to send 0-bytes, just as
2928 * a read from a hole in a sparse file would do.
2930 * This should happen rarely enough that I don't care
2931 * about efficiency here :-)
2935 to_write = MIN(SHORT_SEND_BUFSIZE, smb_maxcnt - nread);
2936 if (write_data(fsp->conn->sconn->sock, buf, to_write)
2938 char addr[INET6_ADDRSTRLEN];
2940 * Try and give an error message saying what
2943 DEBUG(0, ("write_data failed for client %s. "
2946 fsp->conn->sconn->sock, addr,
2949 exit_server_cleanly("sendfile_short_send: "
2950 "write_data failed");
2958 /****************************************************************************
2959 Return a readbraw error (4 bytes of zero).
2960 ****************************************************************************/
2962 static void reply_readbraw_error(struct smbd_server_connection *sconn)
2968 smbd_lock_socket(sconn);
2969 if (write_data(sconn->sock,header,4) != 4) {
2970 char addr[INET6_ADDRSTRLEN];
2972 * Try and give an error message saying what
2975 DEBUG(0, ("write_data failed for client %s. "
2977 get_peer_addr(sconn->sock, addr, sizeof(addr)),
2982 smbd_unlock_socket(sconn);
2985 /****************************************************************************
2986 Use sendfile in readbraw.
2987 ****************************************************************************/
2989 static void send_file_readbraw(connection_struct *conn,
2990 struct smb_request *req,
2996 struct smbd_server_connection *sconn = req->sconn;
2997 char *outbuf = NULL;
3001 * We can only use sendfile on a non-chained packet
3002 * but we can use on a non-oplocked file. tridge proved this
3003 * on a train in Germany :-). JRA.
3004 * reply_readbraw has already checked the length.
3007 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
3008 (fsp->wcp == NULL) &&
3009 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
3010 ssize_t sendfile_read = -1;
3012 DATA_BLOB header_blob;
3014 _smb_setlen(header,nread);
3015 header_blob = data_blob_const(header, 4);
3017 sendfile_read = SMB_VFS_SENDFILE(sconn->sock, fsp,
3018 &header_blob, startpos,
3020 if (sendfile_read == -1) {
3021 /* Returning ENOSYS means no data at all was sent.
3022 * Do this as a normal read. */
3023 if (errno == ENOSYS) {
3024 goto normal_readbraw;
3028 * Special hack for broken Linux with no working sendfile. If we
3029 * return EINTR we sent the header but not the rest of the data.
3030 * Fake this up by doing read/write calls.
3032 if (errno == EINTR) {
3033 /* Ensure we don't do this again. */
3034 set_use_sendfile(SNUM(conn), False);
3035 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
3037 if (fake_sendfile(fsp, startpos, nread) == -1) {
3038 DEBUG(0,("send_file_readbraw: "
3039 "fake_sendfile failed for "
3043 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
3048 DEBUG(0,("send_file_readbraw: sendfile failed for "
3049 "file %s (%s). Terminating\n",
3050 fsp_str_dbg(fsp), strerror(errno)));
3051 exit_server_cleanly("send_file_readbraw sendfile failed");
3052 } else if (sendfile_read == 0) {
3054 * Some sendfile implementations return 0 to indicate
3055 * that there was a short read, but nothing was
3056 * actually written to the socket. In this case,
3057 * fallback to the normal read path so the header gets
3058 * the correct byte count.
3060 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
3061 "bytes falling back to the normal read: "
3062 "%s\n", fsp_str_dbg(fsp)));
3063 goto normal_readbraw;
3066 /* Deal with possible short send. */
3067 if (sendfile_read != 4+nread) {
3068 sendfile_short_send(fsp, sendfile_read, 4, nread);
3075 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
3077 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
3078 (unsigned)(nread+4)));
3079 reply_readbraw_error(sconn);
3084 ret = read_file(fsp,outbuf+4,startpos,nread);
3085 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3094 _smb_setlen(outbuf,ret);
3095 if (write_data(sconn->sock, outbuf, 4+ret) != 4+ret) {
3096 char addr[INET6_ADDRSTRLEN];
3098 * Try and give an error message saying what
3101 DEBUG(0, ("write_data failed for client %s. "
3103 get_peer_addr(fsp->conn->sconn->sock, addr,
3110 TALLOC_FREE(outbuf);
3113 /****************************************************************************
3114 Reply to a readbraw (core+ protocol).
3115 ****************************************************************************/
3117 void reply_readbraw(struct smb_request *req)
3119 connection_struct *conn = req->conn;
3120 struct smbd_server_connection *sconn = req->sconn;
3121 ssize_t maxcount,mincount;
3125 struct lock_struct lock;
3128 START_PROFILE(SMBreadbraw);
3130 if (srv_is_signing_active(sconn) ||
3131 is_encrypted_packet(req->inbuf)) {
3132 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
3133 "raw reads/writes are disallowed.");
3137 reply_readbraw_error(sconn);
3138 END_PROFILE(SMBreadbraw);
3142 if (sconn->smb1.echo_handler.trusted_fde) {
3143 DEBUG(2,("SMBreadbraw rejected with NOT_SUPPORTED because of "
3144 "'async smb echo handler = yes'\n"));
3145 reply_readbraw_error(sconn);
3146 END_PROFILE(SMBreadbraw);
3151 * Special check if an oplock break has been issued
3152 * and the readraw request croses on the wire, we must
3153 * return a zero length response here.
3156 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3159 * We have to do a check_fsp by hand here, as
3160 * we must always return 4 zero bytes on error,
3164 if (!fsp || !conn || conn != fsp->conn ||
3165 req->vuid != fsp->vuid ||
3166 fsp->is_directory || fsp->fh->fd == -1) {
3168 * fsp could be NULL here so use the value from the packet. JRA.
3170 DEBUG(3,("reply_readbraw: fnum %d not valid "
3172 (int)SVAL(req->vwv+0, 0)));
3173 reply_readbraw_error(sconn);
3174 END_PROFILE(SMBreadbraw);
3178 /* Do a "by hand" version of CHECK_READ. */
3179 if (!(fsp->can_read ||
3180 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
3181 (fsp->access_mask & FILE_EXECUTE)))) {
3182 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
3183 (int)SVAL(req->vwv+0, 0)));
3184 reply_readbraw_error(sconn);
3185 END_PROFILE(SMBreadbraw);
3189 flush_write_cache(fsp, READRAW_FLUSH);
3191 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
3192 if(req->wct == 10) {
3194 * This is a large offset (64 bit) read.
3196 #ifdef LARGE_SMB_OFF_T
3198 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
3200 #else /* !LARGE_SMB_OFF_T */
3203 * Ensure we haven't been sent a >32 bit offset.
3206 if(IVAL(req->vwv+8, 0) != 0) {
3207 DEBUG(0,("reply_readbraw: large offset "
3208 "(%x << 32) used and we don't support "
3209 "64 bit offsets.\n",
3210 (unsigned int)IVAL(req->vwv+8, 0) ));
3211 reply_readbraw_error();
3212 END_PROFILE(SMBreadbraw);
3216 #endif /* LARGE_SMB_OFF_T */
3219 DEBUG(0,("reply_readbraw: negative 64 bit "
3220 "readraw offset (%.0f) !\n",
3221 (double)startpos ));
3222 reply_readbraw_error(sconn);
3223 END_PROFILE(SMBreadbraw);
3228 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
3229 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
3231 /* ensure we don't overrun the packet size */
3232 maxcount = MIN(65535,maxcount);
3234 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3235 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
3238 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3239 reply_readbraw_error(sconn);
3240 END_PROFILE(SMBreadbraw);
3244 if (fsp_stat(fsp) == 0) {
3245 size = fsp->fsp_name->st.st_ex_size;
3248 if (startpos >= size) {
3251 nread = MIN(maxcount,(size - startpos));
3254 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3255 if (nread < mincount)
3259 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3260 "min=%lu nread=%lu\n",
3261 fsp->fnum, (double)startpos,
3262 (unsigned long)maxcount,
3263 (unsigned long)mincount,
3264 (unsigned long)nread ) );
3266 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3268 DEBUG(5,("reply_readbraw finished\n"));
3270 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3272 END_PROFILE(SMBreadbraw);
3277 #define DBGC_CLASS DBGC_LOCKING
3279 /****************************************************************************
3280 Reply to a lockread (core+ protocol).
3281 ****************************************************************************/
3283 void reply_lockread(struct smb_request *req)
3285 connection_struct *conn = req->conn;
3292 struct byte_range_lock *br_lck = NULL;
3294 struct smbd_server_connection *sconn = req->sconn;
3296 START_PROFILE(SMBlockread);
3299 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3300 END_PROFILE(SMBlockread);
3304 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3306 if (!check_fsp(conn, req, fsp)) {
3307 END_PROFILE(SMBlockread);
3311 if (!CHECK_READ(fsp,req)) {
3312 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3313 END_PROFILE(SMBlockread);
3317 numtoread = SVAL(req->vwv+1, 0);
3318 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3320 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3322 reply_outbuf(req, 5, numtoread + 3);
3324 data = smb_buf(req->outbuf) + 3;
3327 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3328 * protocol request that predates the read/write lock concept.
3329 * Thus instead of asking for a read lock here we need to ask
3330 * for a write lock. JRA.
3331 * Note that the requested lock size is unaffected by max_recv.
3334 br_lck = do_lock(req->sconn->msg_ctx,
3336 (uint64_t)req->smbpid,
3337 (uint64_t)numtoread,
3341 False, /* Non-blocking lock. */
3345 TALLOC_FREE(br_lck);
3347 if (NT_STATUS_V(status)) {
3348 reply_nterror(req, status);
3349 END_PROFILE(SMBlockread);
3354 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3357 if (numtoread > sconn->smb1.negprot.max_recv) {
3358 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3359 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3360 (unsigned int)numtoread,
3361 (unsigned int)sconn->smb1.negprot.max_recv));
3362 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3364 nread = read_file(fsp,data,startpos,numtoread);
3367 reply_nterror(req, map_nt_error_from_unix(errno));
3368 END_PROFILE(SMBlockread);
3372 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3374 SSVAL(req->outbuf,smb_vwv0,nread);
3375 SSVAL(req->outbuf,smb_vwv5,nread+3);
3376 p = smb_buf(req->outbuf);
3377 SCVAL(p,0,0); /* pad byte. */
3380 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3381 fsp->fnum, (int)numtoread, (int)nread));
3383 END_PROFILE(SMBlockread);
3388 #define DBGC_CLASS DBGC_ALL
3390 /****************************************************************************
3392 ****************************************************************************/
3394 void reply_read(struct smb_request *req)
3396 connection_struct *conn = req->conn;
3403 struct lock_struct lock;
3404 struct smbd_server_connection *sconn = req->sconn;
3406 START_PROFILE(SMBread);
3409 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3410 END_PROFILE(SMBread);
3414 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3416 if (!check_fsp(conn, req, fsp)) {
3417 END_PROFILE(SMBread);
3421 if (!CHECK_READ(fsp,req)) {
3422 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3423 END_PROFILE(SMBread);
3427 numtoread = SVAL(req->vwv+1, 0);
3428 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3430 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3433 * The requested read size cannot be greater than max_recv. JRA.
3435 if (numtoread > sconn->smb1.negprot.max_recv) {
3436 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3437 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3438 (unsigned int)numtoread,
3439 (unsigned int)sconn->smb1.negprot.max_recv));
3440 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3443 reply_outbuf(req, 5, numtoread+3);
3445 data = smb_buf(req->outbuf) + 3;
3447 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3448 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3451 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3452 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3453 END_PROFILE(SMBread);
3458 nread = read_file(fsp,data,startpos,numtoread);
3461 reply_nterror(req, map_nt_error_from_unix(errno));
3465 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3467 SSVAL(req->outbuf,smb_vwv0,nread);
3468 SSVAL(req->outbuf,smb_vwv5,nread+3);
3469 SCVAL(smb_buf(req->outbuf),0,1);
3470 SSVAL(smb_buf(req->outbuf),1,nread);
3472 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3473 fsp->fnum, (int)numtoread, (int)nread ) );
3476 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3478 END_PROFILE(SMBread);
3482 /****************************************************************************
3484 ****************************************************************************/
3486 static int setup_readX_header(struct smb_request *req, char *outbuf,
3492 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3493 data = smb_buf(outbuf);
3495 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3497 SCVAL(outbuf,smb_vwv0,0xFF);
3498 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3499 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3500 SSVAL(outbuf,smb_vwv6,
3502 + 1 /* the wct field */
3503 + 12 * sizeof(uint16_t) /* vwv */
3504 + 2); /* the buflen field */
3505 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3506 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3507 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3508 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3512 /****************************************************************************
3513 Reply to a read and X - possibly using sendfile.
3514 ****************************************************************************/
3516 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3517 files_struct *fsp, SMB_OFF_T startpos,
3521 struct lock_struct lock;
3522 int saved_errno = 0;
3524 if(fsp_stat(fsp) == -1) {
3525 reply_nterror(req, map_nt_error_from_unix(errno));
3529 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3530 (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
3533 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3534 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3538 if (!S_ISREG(fsp->fsp_name->st.st_ex_mode) ||
3539 (startpos > fsp->fsp_name->st.st_ex_size)
3540 || (smb_maxcnt > (fsp->fsp_name->st.st_ex_size - startpos))) {
3542 * We already know that we would do a short read, so don't
3543 * try the sendfile() path.
3545 goto nosendfile_read;
3549 * We can only use sendfile on a non-chained packet
3550 * but we can use on a non-oplocked file. tridge proved this
3551 * on a train in Germany :-). JRA.
3554 if (!req_is_in_chain(req) &&
3555 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3556 (fsp->wcp == NULL) &&
3557 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
3558 uint8 headerbuf[smb_size + 12 * 2];
3562 * Set up the packet header before send. We
3563 * assume here the sendfile will work (get the
3564 * correct amount of data).
3567 header = data_blob_const(headerbuf, sizeof(headerbuf));
3569 construct_reply_common_req(req, (char *)headerbuf);
3570 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3572 nread = SMB_VFS_SENDFILE(req->sconn->sock, fsp, &header,
3573 startpos, smb_maxcnt);
3575 /* Returning ENOSYS means no data at all was sent.
3576 Do this as a normal read. */
3577 if (errno == ENOSYS) {
3582 * Special hack for broken Linux with no working sendfile. If we
3583 * return EINTR we sent the header but not the rest of the data.
3584 * Fake this up by doing read/write calls.
3587 if (errno == EINTR) {
3588 /* Ensure we don't do this again. */
3589 set_use_sendfile(SNUM(conn), False);
3590 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3591 nread = fake_sendfile(fsp, startpos,
3594 DEBUG(0,("send_file_readX: "
3595 "fake_sendfile failed for "
3599 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3601 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3602 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3603 /* No outbuf here means successful sendfile. */
3607 DEBUG(0,("send_file_readX: sendfile failed for file "
3608 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3610 exit_server_cleanly("send_file_readX sendfile failed");
3611 } else if (nread == 0) {
3613 * Some sendfile implementations return 0 to indicate
3614 * that there was a short read, but nothing was
3615 * actually written to the socket. In this case,
3616 * fallback to the normal read path so the header gets
3617 * the correct byte count.
3619 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3620 "falling back to the normal read: %s\n",
3625 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3626 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3628 /* Deal with possible short send. */
3629 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3630 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3632 /* No outbuf here means successful sendfile. */
3633 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req->pcd, nread);
3634 SMB_PERFCOUNT_END(&req->pcd);
3640 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3641 uint8 headerbuf[smb_size + 2*12];
3643 construct_reply_common_req(req, (char *)headerbuf);
3644 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3646 /* Send out the header. */
3647 if (write_data(req->sconn->sock, (char *)headerbuf,
3648 sizeof(headerbuf)) != sizeof(headerbuf)) {
3650 char addr[INET6_ADDRSTRLEN];
3652 * Try and give an error message saying what
3655 DEBUG(0, ("write_data failed for client %s. "
3657 get_peer_addr(req->sconn->sock, addr,
3661 DEBUG(0,("send_file_readX: write_data failed for file "
3662 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3664 exit_server_cleanly("send_file_readX sendfile failed");
3666 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3668 DEBUG(0,("send_file_readX: fake_sendfile failed for "
3669 "file %s (%s).\n", fsp_str_dbg(fsp),
3671 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3678 reply_outbuf(req, 12, smb_maxcnt);
3680 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3681 saved_errno = errno;
3683 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3686 reply_nterror(req, map_nt_error_from_unix(saved_errno));
3690 setup_readX_header(req, (char *)req->outbuf, nread);
3692 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3693 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3699 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3700 TALLOC_FREE(req->outbuf);
3704 /****************************************************************************
3705 Reply to a read and X.
3706 ****************************************************************************/
3708 void reply_read_and_X(struct smb_request *req)
3710 connection_struct *conn = req->conn;
3714 bool big_readX = False;
3716 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3719 START_PROFILE(SMBreadX);
3721 if ((req->wct != 10) && (req->wct != 12)) {
3722 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3726 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3727 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3728 smb_maxcnt = SVAL(req->vwv+5, 0);
3730 /* If it's an IPC, pass off the pipe handler. */
3732 reply_pipe_read_and_X(req);
3733 END_PROFILE(SMBreadX);
3737 if (!check_fsp(conn, req, fsp)) {
3738 END_PROFILE(SMBreadX);
3742 if (!CHECK_READ(fsp,req)) {
3743 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3744 END_PROFILE(SMBreadX);
3748 if (global_client_caps & CAP_LARGE_READX) {
3749 size_t upper_size = SVAL(req->vwv+7, 0);
3750 smb_maxcnt |= (upper_size<<16);
3751 if (upper_size > 1) {
3752 /* Can't do this on a chained packet. */
3753 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3754 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3755 END_PROFILE(SMBreadX);
3758 /* We currently don't do this on signed or sealed data. */
3759 if (srv_is_signing_active(req->sconn) ||
3760 is_encrypted_packet(req->inbuf)) {
3761 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3762 END_PROFILE(SMBreadX);
3765 /* Is there room in the reply for this data ? */
3766 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3768 NT_STATUS_INVALID_PARAMETER);
3769 END_PROFILE(SMBreadX);
3776 if (req->wct == 12) {
3777 #ifdef LARGE_SMB_OFF_T
3779 * This is a large offset (64 bit) read.
3781 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3783 #else /* !LARGE_SMB_OFF_T */
3786 * Ensure we haven't been sent a >32 bit offset.
3789 if(IVAL(req->vwv+10, 0) != 0) {
3790 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3791 "used and we don't support 64 bit offsets.\n",
3792 (unsigned int)IVAL(req->vwv+10, 0) ));
3793 END_PROFILE(SMBreadX);
3794 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3798 #endif /* LARGE_SMB_OFF_T */
3803 NTSTATUS status = schedule_aio_read_and_X(conn,
3808 if (NT_STATUS_IS_OK(status)) {
3809 /* Read scheduled - we're done. */
3812 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
3813 /* Real error - report to client. */
3814 END_PROFILE(SMBreadX);
3815 reply_nterror(req, status);
3818 /* NT_STATUS_RETRY - fall back to sync read. */
3821 smbd_lock_socket(req->sconn);
3822 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3823 smbd_unlock_socket(req->sconn);
3826 END_PROFILE(SMBreadX);
3830 /****************************************************************************
3831 Error replies to writebraw must have smb_wct == 1. Fix this up.
3832 ****************************************************************************/
3834 void error_to_writebrawerr(struct smb_request *req)
3836 uint8 *old_outbuf = req->outbuf;
3838 reply_outbuf(req, 1, 0);
3840 memcpy(req->outbuf, old_outbuf, smb_size);
3841 TALLOC_FREE(old_outbuf);
3844 /****************************************************************************
3845 Read 4 bytes of a smb packet and return the smb length of the packet.
3846 Store the result in the buffer. This version of the function will
3847 never return a session keepalive (length of zero).
3848 Timeout is in milliseconds.
3849 ****************************************************************************/
3851 static NTSTATUS read_smb_length(int fd, char *inbuf, unsigned int timeout,
3854 uint8_t msgtype = SMBkeepalive;
3856 while (msgtype == SMBkeepalive) {
3859 status = read_smb_length_return_keepalive(fd, inbuf, timeout,
3861 if (!NT_STATUS_IS_OK(status)) {
3862 char addr[INET6_ADDRSTRLEN];
3863 /* Try and give an error message
3864 * saying what client failed. */
3865 DEBUG(0, ("read_fd_with_timeout failed for "
3866 "client %s read error = %s.\n",
3867 get_peer_addr(fd,addr,sizeof(addr)),
3868 nt_errstr(status)));
3872 msgtype = CVAL(inbuf, 0);
3875 DEBUG(10,("read_smb_length: got smb length of %lu\n",
3876 (unsigned long)len));
3878 return NT_STATUS_OK;
3881 /****************************************************************************
3882 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3883 ****************************************************************************/
3885 void reply_writebraw(struct smb_request *req)
3887 connection_struct *conn = req->conn;
3890 ssize_t total_written=0;
3891 size_t numtowrite=0;
3897 struct lock_struct lock;
3900 START_PROFILE(SMBwritebraw);
3903 * If we ever reply with an error, it must have the SMB command
3904 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3907 SCVAL(req->inbuf,smb_com,SMBwritec);
3909 if (srv_is_signing_active(req->sconn)) {
3910 END_PROFILE(SMBwritebraw);
3911 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3912 "raw reads/writes are disallowed.");
3915 if (req->wct < 12) {
3916 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3917 error_to_writebrawerr(req);
3918 END_PROFILE(SMBwritebraw);
3922 if (req->sconn->smb1.echo_handler.trusted_fde) {
3923 DEBUG(2,("SMBwritebraw rejected with NOT_SUPPORTED because of "
3924 "'async smb echo handler = yes'\n"));
3925 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3926 error_to_writebrawerr(req);
3927 END_PROFILE(SMBwritebraw);
3931 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3932 if (!check_fsp(conn, req, fsp)) {
3933 error_to_writebrawerr(req);
3934 END_PROFILE(SMBwritebraw);
3938 if (!CHECK_WRITE(fsp)) {
3939 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3940 error_to_writebrawerr(req);
3941 END_PROFILE(SMBwritebraw);
3945 tcount = IVAL(req->vwv+1, 0);
3946 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3947 write_through = BITSETW(req->vwv+7,0);
3949 /* We have to deal with slightly different formats depending
3950 on whether we are using the core+ or lanman1.0 protocol */
3952 if(get_Protocol() <= PROTOCOL_COREPLUS) {
3953 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3954 data = smb_buf(req->inbuf);
3956 numtowrite = SVAL(req->vwv+10, 0);
3957 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3960 /* Ensure we don't write bytes past the end of this packet. */
3961 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3962 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3963 error_to_writebrawerr(req);
3964 END_PROFILE(SMBwritebraw);
3968 if (!fsp->print_file) {
3969 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3970 (uint64_t)startpos, (uint64_t)tcount, WRITE_LOCK,
3973 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3974 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3975 error_to_writebrawerr(req);
3976 END_PROFILE(SMBwritebraw);
3982 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3985 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3986 "wrote=%d sync=%d\n",
3987 fsp->fnum, (double)startpos, (int)numtowrite,
3988 (int)nwritten, (int)write_through));
3990 if (nwritten < (ssize_t)numtowrite) {
3991 reply_nterror(req, NT_STATUS_DISK_FULL);
3992 error_to_writebrawerr(req);
3996 total_written = nwritten;
3998 /* Allocate a buffer of 64k + length. */
3999 buf = TALLOC_ARRAY(NULL, char, 65540);
4001 reply_nterror(req, NT_STATUS_NO_MEMORY);
4002 error_to_writebrawerr(req);
4006 /* Return a SMBwritebraw message to the redirector to tell
4007 * it to send more bytes */
4009 memcpy(buf, req->inbuf, smb_size);
4010 srv_set_message(buf,get_Protocol()>PROTOCOL_COREPLUS?1:0,0,True);
4011 SCVAL(buf,smb_com,SMBwritebraw);
4012 SSVALS(buf,smb_vwv0,0xFFFF);
4014 if (!srv_send_smb(req->sconn,
4016 false, 0, /* no signing */
4017 IS_CONN_ENCRYPTED(conn),
4019 exit_server_cleanly("reply_writebraw: srv_send_smb "
4023 /* Now read the raw data into the buffer and write it */
4024 status = read_smb_length(req->sconn->sock, buf, SMB_SECONDARY_WAIT,
4026 if (!NT_STATUS_IS_OK(status)) {
4027 exit_server_cleanly("secondary writebraw failed");
4030 /* Set up outbuf to return the correct size */
4031 reply_outbuf(req, 1, 0);
4033 if (numtowrite != 0) {
4035 if (numtowrite > 0xFFFF) {
4036 DEBUG(0,("reply_writebraw: Oversize secondary write "
4037 "raw requested (%u). Terminating\n",
4038 (unsigned int)numtowrite ));
4039 exit_server_cleanly("secondary writebraw failed");
4042 if (tcount > nwritten+numtowrite) {
4043 DEBUG(3,("reply_writebraw: Client overestimated the "
4045 (int)tcount,(int)nwritten,(int)numtowrite));
4048 status = read_data(req->sconn->sock, buf+4, numtowrite);
4050 if (!NT_STATUS_IS_OK(status)) {
4051 char addr[INET6_ADDRSTRLEN];
4052 /* Try and give an error message
4053 * saying what client failed. */
4054 DEBUG(0, ("reply_writebraw: Oversize secondary write "
4055 "raw read failed (%s) for client %s. "
4056 "Terminating\n", nt_errstr(status),
4057 get_peer_addr(req->sconn->sock, addr,
4059 exit_server_cleanly("secondary writebraw failed");
4062 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
4063 if (nwritten == -1) {
4065 reply_nterror(req, map_nt_error_from_unix(errno));
4066 error_to_writebrawerr(req);
4070 if (nwritten < (ssize_t)numtowrite) {
4071 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4072 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4076 total_written += nwritten;
4081 SSVAL(req->outbuf,smb_vwv0,total_written);
4083 status = sync_file(conn, fsp, write_through);
4084 if (!NT_STATUS_IS_OK(status)) {
4085 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
4086 fsp_str_dbg(fsp), nt_errstr(status)));
4087 reply_nterror(req, status);
4088 error_to_writebrawerr(req);
4092 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
4094 fsp->fnum, (double)startpos, (int)numtowrite,
4095 (int)total_written));
4097 if (!fsp->print_file) {
4098 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4101 /* We won't return a status if write through is not selected - this
4102 * follows what WfWg does */
4103 END_PROFILE(SMBwritebraw);
4105 if (!write_through && total_written==tcount) {
4107 #if RABBIT_PELLET_FIX
4109 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
4110 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
4113 if (!send_keepalive(req->sconn->sock)) {
4114 exit_server_cleanly("reply_writebraw: send of "
4115 "keepalive failed");
4118 TALLOC_FREE(req->outbuf);
4123 if (!fsp->print_file) {
4124 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4127 END_PROFILE(SMBwritebraw);
4132 #define DBGC_CLASS DBGC_LOCKING
4134 /****************************************************************************
4135 Reply to a writeunlock (core+).
4136 ****************************************************************************/
4138 void reply_writeunlock(struct smb_request *req)
4140 connection_struct *conn = req->conn;
4141 ssize_t nwritten = -1;
4145 NTSTATUS status = NT_STATUS_OK;
4147 struct lock_struct lock;
4148 int saved_errno = 0;
4150 START_PROFILE(SMBwriteunlock);
4153 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4154 END_PROFILE(SMBwriteunlock);
4158 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4160 if (!check_fsp(conn, req, fsp)) {
4161 END_PROFILE(SMBwriteunlock);
4165 if (!CHECK_WRITE(fsp)) {
4166 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4167 END_PROFILE(SMBwriteunlock);
4171 numtowrite = SVAL(req->vwv+1, 0);
4172 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4173 data = (const char *)req->buf + 3;
4175 if (!fsp->print_file && numtowrite > 0) {
4176 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4177 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4180 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4181 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4182 END_PROFILE(SMBwriteunlock);
4187 /* The special X/Open SMB protocol handling of
4188 zero length writes is *NOT* done for
4190 if(numtowrite == 0) {
4193 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4194 saved_errno = errno;
4197 status = sync_file(conn, fsp, False /* write through */);
4198 if (!NT_STATUS_IS_OK(status)) {
4199 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
4200 fsp_str_dbg(fsp), nt_errstr(status)));
4201 reply_nterror(req, status);
4206 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4210 if((nwritten < numtowrite) && (numtowrite != 0)) {
4211 reply_nterror(req, NT_STATUS_DISK_FULL);
4215 if (numtowrite && !fsp->print_file) {
4216 status = do_unlock(req->sconn->msg_ctx,
4218 (uint64_t)req->smbpid,
4219 (uint64_t)numtowrite,
4223 if (NT_STATUS_V(status)) {
4224 reply_nterror(req, status);
4229 reply_outbuf(req, 1, 0);
4231 SSVAL(req->outbuf,smb_vwv0,nwritten);
4233 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
4234 fsp->fnum, (int)numtowrite, (int)nwritten));
4237 if (numtowrite && !fsp->print_file) {
4238 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4241 END_PROFILE(SMBwriteunlock);
4246 #define DBGC_CLASS DBGC_ALL
4248 /****************************************************************************
4250 ****************************************************************************/
4252 void reply_write(struct smb_request *req)
4254 connection_struct *conn = req->conn;
4256 ssize_t nwritten = -1;
4260 struct lock_struct lock;
4262 int saved_errno = 0;
4264 START_PROFILE(SMBwrite);
4267 END_PROFILE(SMBwrite);
4268 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4272 /* If it's an IPC, pass off the pipe handler. */
4274 reply_pipe_write(req);
4275 END_PROFILE(SMBwrite);
4279 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4281 if (!check_fsp(conn, req, fsp)) {
4282 END_PROFILE(SMBwrite);
4286 if (!CHECK_WRITE(fsp)) {
4287 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4288 END_PROFILE(SMBwrite);
4292 numtowrite = SVAL(req->vwv+1, 0);
4293 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4294 data = (const char *)req->buf + 3;
4296 if (!fsp->print_file) {
4297 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4298 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4301 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4302 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4303 END_PROFILE(SMBwrite);
4309 * X/Open SMB protocol says that if smb_vwv1 is
4310 * zero then the file size should be extended or
4311 * truncated to the size given in smb_vwv[2-3].
4314 if(numtowrite == 0) {
4316 * This is actually an allocate call, and set EOF. JRA.
4318 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
4320 reply_nterror(req, NT_STATUS_DISK_FULL);
4323 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
4325 reply_nterror(req, NT_STATUS_DISK_FULL);
4328 trigger_write_time_update_immediate(fsp);
4330 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4333 status = sync_file(conn, fsp, False);
4334 if (!NT_STATUS_IS_OK(status)) {
4335 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
4336 fsp_str_dbg(fsp), nt_errstr(status)));
4337 reply_nterror(req, status);
4342 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4346 if((nwritten == 0) && (numtowrite != 0)) {
4347 reply_nterror(req, NT_STATUS_DISK_FULL);
4351 reply_outbuf(req, 1, 0);
4353 SSVAL(req->outbuf,smb_vwv0,nwritten);
4355 if (nwritten < (ssize_t)numtowrite) {
4356 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4357 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4360 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
4363 if (!fsp->print_file) {
4364 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4367 END_PROFILE(SMBwrite);
4371 /****************************************************************************
4372 Ensure a buffer is a valid writeX for recvfile purposes.
4373 ****************************************************************************/
4375 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
4376 (2*14) + /* word count (including bcc) */ \
4379 bool is_valid_writeX_buffer(struct smbd_server_connection *sconn,
4380 const uint8_t *inbuf)
4383 connection_struct *conn = NULL;
4384 unsigned int doff = 0;
4385 size_t len = smb_len_large(inbuf);
4387 if (is_encrypted_packet(inbuf)) {
4388 /* Can't do this on encrypted
4393 if (CVAL(inbuf,smb_com) != SMBwriteX) {
4397 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
4398 CVAL(inbuf,smb_wct) != 14) {
4399 DEBUG(10,("is_valid_writeX_buffer: chained or "
4400 "invalid word length.\n"));
4404 conn = conn_find(sconn, SVAL(inbuf, smb_tid));
4406 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4410 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4413 if (IS_PRINT(conn)) {
4414 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4417 doff = SVAL(inbuf,smb_vwv11);
4419 numtowrite = SVAL(inbuf,smb_vwv10);
4421 if (len > doff && len - doff > 0xFFFF) {
4422 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
4425 if (numtowrite == 0) {
4426 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4430 /* Ensure the sizes match up. */
4431 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
4432 /* no pad byte...old smbclient :-( */
4433 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4435 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
4439 if (len - doff != numtowrite) {
4440 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4441 "len = %u, doff = %u, numtowrite = %u\n",
4444 (unsigned int)numtowrite ));
4448 DEBUG(10,("is_valid_writeX_buffer: true "
4449 "len = %u, doff = %u, numtowrite = %u\n",
4452 (unsigned int)numtowrite ));
4457 /****************************************************************************
4458 Reply to a write and X.
4459 ****************************************************************************/
4461 void reply_write_and_X(struct smb_request *req)
4463 connection_struct *conn = req->conn;
4465 struct lock_struct lock;
4470 unsigned int smb_doff;
4471 unsigned int smblen;
4474 int saved_errno = 0;
4476 START_PROFILE(SMBwriteX);
4478 if ((req->wct != 12) && (req->wct != 14)) {
4479 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4480 END_PROFILE(SMBwriteX);
4484 numtowrite = SVAL(req->vwv+10, 0);
4485 smb_doff = SVAL(req->vwv+11, 0);
4486 smblen = smb_len(req->inbuf);
4488 if (req->unread_bytes > 0xFFFF ||
4489 (smblen > smb_doff &&
4490 smblen - smb_doff > 0xFFFF)) {
4491 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4494 if (req->unread_bytes) {
4495 /* Can't do a recvfile write on IPC$ */
4497 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4498 END_PROFILE(SMBwriteX);
4501 if (numtowrite != req->unread_bytes) {
4502 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4503 END_PROFILE(SMBwriteX);
4507 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4508 smb_doff + numtowrite > smblen) {
4509 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4510 END_PROFILE(SMBwriteX);
4515 /* If it's an IPC, pass off the pipe handler. */
4517 if (req->unread_bytes) {
4518 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4519 END_PROFILE(SMBwriteX);
4522 reply_pipe_write_and_X(req);
4523 END_PROFILE(SMBwriteX);
4527 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4528 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4529 write_through = BITSETW(req->vwv+7,0);
4531 if (!check_fsp(conn, req, fsp)) {
4532 END_PROFILE(SMBwriteX);
4536 if (!CHECK_WRITE(fsp)) {
4537 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4538 END_PROFILE(SMBwriteX);
4542 data = smb_base(req->inbuf) + smb_doff;
4544 if(req->wct == 14) {
4545 #ifdef LARGE_SMB_OFF_T
4547 * This is a large offset (64 bit) write.
4549 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4551 #else /* !LARGE_SMB_OFF_T */
4554 * Ensure we haven't been sent a >32 bit offset.
4557 if(IVAL(req->vwv+12, 0) != 0) {
4558 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4559 "used and we don't support 64 bit offsets.\n",
4560 (unsigned int)IVAL(req->vwv+12, 0) ));
4561 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4562 END_PROFILE(SMBwriteX);
4566 #endif /* LARGE_SMB_OFF_T */
4569 /* X/Open SMB protocol says that, unlike SMBwrite
4570 if the length is zero then NO truncation is
4571 done, just a write of zero. To truncate a file,
4574 if(numtowrite == 0) {
4577 if (req->unread_bytes == 0) {
4578 status = schedule_aio_write_and_X(conn,
4585 if (NT_STATUS_IS_OK(status)) {
4586 /* write scheduled - we're done. */
4589 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
4590 /* Real error - report to client. */
4591 reply_nterror(req, status);
4594 /* NT_STATUS_RETRY - fall through to sync write. */
4597 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4598 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4601 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4602 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4606 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4607 saved_errno = errno;
4609 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4613 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4617 if((nwritten == 0) && (numtowrite != 0)) {
4618 reply_nterror(req, NT_STATUS_DISK_FULL);
4622 reply_outbuf(req, 6, 0);
4623 SSVAL(req->outbuf,smb_vwv2,nwritten);
4624 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4626 if (nwritten < (ssize_t)numtowrite) {
4627 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4628 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4631 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4632 fsp->fnum, (int)numtowrite, (int)nwritten));
4634 status = sync_file(conn, fsp, write_through);
4635 if (!NT_STATUS_IS_OK(status)) {
4636 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4637 fsp_str_dbg(fsp), nt_errstr(status)));
4638 reply_nterror(req, status);
4642 END_PROFILE(SMBwriteX);
4647 END_PROFILE(SMBwriteX);
4651 /****************************************************************************
4653 ****************************************************************************/
4655 void reply_lseek(struct smb_request *req)
4657 connection_struct *conn = req->conn;
4663 START_PROFILE(SMBlseek);
4666 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4667 END_PROFILE(SMBlseek);
4671 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4673 if (!check_fsp(conn, req, fsp)) {
4677 flush_write_cache(fsp, SEEK_FLUSH);
4679 mode = SVAL(req->vwv+1, 0) & 3;
4680 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4681 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4690 res = fsp->fh->pos + startpos;
4701 if (umode == SEEK_END) {
4702 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4703 if(errno == EINVAL) {
4704 SMB_OFF_T current_pos = startpos;
4706 if(fsp_stat(fsp) == -1) {
4708 map_nt_error_from_unix(errno));
4709 END_PROFILE(SMBlseek);
4713 current_pos += fsp->fsp_name->st.st_ex_size;
4715 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4720 reply_nterror(req, map_nt_error_from_unix(errno));
4721 END_PROFILE(SMBlseek);
4728 reply_outbuf(req, 2, 0);
4729 SIVAL(req->outbuf,smb_vwv0,res);
4731 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4732 fsp->fnum, (double)startpos, (double)res, mode));
4734 END_PROFILE(SMBlseek);
4738 /****************************************************************************
4740 ****************************************************************************/
4742 void reply_flush(struct smb_request *req)
4744 connection_struct *conn = req->conn;
4748 START_PROFILE(SMBflush);
4751 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4755 fnum = SVAL(req->vwv+0, 0);
4756 fsp = file_fsp(req, fnum);
4758 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4763 file_sync_all(conn);
4765 NTSTATUS status = sync_file(conn, fsp, True);
4766 if (!NT_STATUS_IS_OK(status)) {
4767 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4768 fsp_str_dbg(fsp), nt_errstr(status)));
4769 reply_nterror(req, status);
4770 END_PROFILE(SMBflush);
4775 reply_outbuf(req, 0, 0);
4777 DEBUG(3,("flush\n"));
4778 END_PROFILE(SMBflush);
4782 /****************************************************************************
4784 conn POINTER CAN BE NULL HERE !
4785 ****************************************************************************/
4787 void reply_exit(struct smb_request *req)
4789 START_PROFILE(SMBexit);
4791 file_close_pid(req->sconn, req->smbpid, req->vuid);
4793 reply_outbuf(req, 0, 0);
4795 DEBUG(3,("exit\n"));
4797 END_PROFILE(SMBexit);
4801 /****************************************************************************
4802 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4803 ****************************************************************************/
4805 void reply_close(struct smb_request *req)
4807 connection_struct *conn = req->conn;
4808 NTSTATUS status = NT_STATUS_OK;
4809 files_struct *fsp = NULL;
4810 START_PROFILE(SMBclose);
4813 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4814 END_PROFILE(SMBclose);
4818 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4821 * We can only use check_fsp if we know it's not a directory.
4824 if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) {
4825 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
4826 END_PROFILE(SMBclose);
4830 if(fsp->is_directory) {
4832 * Special case - close NT SMB directory handle.
4834 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4835 status = close_file(req, fsp, NORMAL_CLOSE);
4839 * Close ordinary file.
4842 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4843 fsp->fh->fd, fsp->fnum,
4844 conn->num_files_open));
4847 * Take care of any time sent in the close.
4850 t = srv_make_unix_date3(req->vwv+1);
4851 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4854 * close_file() returns the unix errno if an error
4855 * was detected on close - normally this is due to
4856 * a disk full error. If not then it was probably an I/O error.
4859 status = close_file(req, fsp, NORMAL_CLOSE);
4862 if (!NT_STATUS_IS_OK(status)) {
4863 reply_nterror(req, status);
4864 END_PROFILE(SMBclose);
4868 reply_outbuf(req, 0, 0);
4869 END_PROFILE(SMBclose);
4873 /****************************************************************************
4874 Reply to a writeclose (Core+ protocol).
4875 ****************************************************************************/
4877 void reply_writeclose(struct smb_request *req)
4879 connection_struct *conn = req->conn;
4881 ssize_t nwritten = -1;
4882 NTSTATUS close_status = NT_STATUS_OK;
4885 struct timespec mtime;
4887 struct lock_struct lock;
4889 START_PROFILE(SMBwriteclose);
4892 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4893 END_PROFILE(SMBwriteclose);
4897 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4899 if (!check_fsp(conn, req, fsp)) {
4900 END_PROFILE(SMBwriteclose);
4903 if (!CHECK_WRITE(fsp)) {
4904 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4905 END_PROFILE(SMBwriteclose);
4909 numtowrite = SVAL(req->vwv+1, 0);
4910 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4911 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4912 data = (const char *)req->buf + 1;
4914 if (!fsp->print_file) {
4915 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4916 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4919 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4920 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4921 END_PROFILE(SMBwriteclose);
4926 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4928 set_close_write_time(fsp, mtime);
4931 * More insanity. W2K only closes the file if writelen > 0.
4936 DEBUG(3,("reply_writeclose: zero length write doesn't close "
4937 "file %s\n", fsp_str_dbg(fsp)));
4938 close_status = close_file(req, fsp, NORMAL_CLOSE);
4941 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4942 fsp->fnum, (int)numtowrite, (int)nwritten,
4943 conn->num_files_open));
4945 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4946 reply_nterror(req, NT_STATUS_DISK_FULL);
4950 if(!NT_STATUS_IS_OK(close_status)) {
4951 reply_nterror(req, close_status);
4955 reply_outbuf(req, 1, 0);
4957 SSVAL(req->outbuf,smb_vwv0,nwritten);
4960 if (numtowrite && !fsp->print_file) {
4961 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4964 END_PROFILE(SMBwriteclose);
4969 #define DBGC_CLASS DBGC_LOCKING
4971 /****************************************************************************
4973 ****************************************************************************/
4975 void reply_lock(struct smb_request *req)
4977 connection_struct *conn = req->conn;
4978 uint64_t count,offset;
4981 struct byte_range_lock *br_lck = NULL;
4983 START_PROFILE(SMBlock);
4986 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4987 END_PROFILE(SMBlock);
4991 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4993 if (!check_fsp(conn, req, fsp)) {
4994 END_PROFILE(SMBlock);
4998 count = (uint64_t)IVAL(req->vwv+1, 0);
4999 offset = (uint64_t)IVAL(req->vwv+3, 0);
5001 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
5002 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
5004 br_lck = do_lock(req->sconn->msg_ctx,
5006 (uint64_t)req->smbpid,
5011 False, /* Non-blocking lock. */
5016 TALLOC_FREE(br_lck);
5018 if (NT_STATUS_V(status)) {
5019 reply_nterror(req, status);
5020 END_PROFILE(SMBlock);
5024 reply_outbuf(req, 0, 0);
5026 END_PROFILE(SMBlock);
5030 /****************************************************************************
5032 ****************************************************************************/
5034 void reply_unlock(struct smb_request *req)
5036 connection_struct *conn = req->conn;
5037 uint64_t count,offset;
5041 START_PROFILE(SMBunlock);
5044 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5045 END_PROFILE(SMBunlock);
5049 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5051 if (!check_fsp(conn, req, fsp)) {
5052 END_PROFILE(SMBunlock);
5056 count = (uint64_t)IVAL(req->vwv+1, 0);
5057 offset = (uint64_t)IVAL(req->vwv+3, 0);
5059 status = do_unlock(req->sconn->msg_ctx,
5061 (uint64_t)req->smbpid,
5066 if (NT_STATUS_V(status)) {
5067 reply_nterror(req, status);
5068 END_PROFILE(SMBunlock);
5072 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
5073 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
5075 reply_outbuf(req, 0, 0);
5077 END_PROFILE(SMBunlock);
5082 #define DBGC_CLASS DBGC_ALL
5084 /****************************************************************************
5086 conn POINTER CAN BE NULL HERE !
5087 ****************************************************************************/
5089 void reply_tdis(struct smb_request *req)
5091 connection_struct *conn = req->conn;
5092 START_PROFILE(SMBtdis);
5095 DEBUG(4,("Invalid connection in tdis\n"));
5096 reply_nterror(req, NT_STATUS_NETWORK_NAME_DELETED);
5097 END_PROFILE(SMBtdis);
5103 close_cnum(conn,req->vuid);
5106 reply_outbuf(req, 0, 0);
5107 END_PROFILE(SMBtdis);
5111 /****************************************************************************
5113 conn POINTER CAN BE NULL HERE !
5114 ****************************************************************************/
5116 void reply_echo(struct smb_request *req)
5118 connection_struct *conn = req->conn;
5119 struct smb_perfcount_data local_pcd;
5120 struct smb_perfcount_data *cur_pcd;
5124 START_PROFILE(SMBecho);
5126 smb_init_perfcount_data(&local_pcd);
5129 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5130 END_PROFILE(SMBecho);
5134 smb_reverb = SVAL(req->vwv+0, 0);
5136 reply_outbuf(req, 1, req->buflen);
5138 /* copy any incoming data back out */
5139 if (req->buflen > 0) {
5140 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
5143 if (smb_reverb > 100) {
5144 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
5148 for (seq_num = 1 ; seq_num <= smb_reverb ; seq_num++) {
5150 /* this makes sure we catch the request pcd */
5151 if (seq_num == smb_reverb) {
5152 cur_pcd = &req->pcd;
5154 SMB_PERFCOUNT_COPY_CONTEXT(&req->pcd, &local_pcd);
5155 cur_pcd = &local_pcd;
5158 SSVAL(req->outbuf,smb_vwv0,seq_num);
5160 show_msg((char *)req->outbuf);
5161 if (!srv_send_smb(req->sconn,
5162 (char *)req->outbuf,
5163 true, req->seqnum+1,
5164 IS_CONN_ENCRYPTED(conn)||req->encrypted,
5166 exit_server_cleanly("reply_echo: srv_send_smb failed.");
5169 DEBUG(3,("echo %d times\n", smb_reverb));
5171 TALLOC_FREE(req->outbuf);
5173 END_PROFILE(SMBecho);
5177 /****************************************************************************
5178 Reply to a printopen.
5179 ****************************************************************************/
5181 void reply_printopen(struct smb_request *req)
5183 connection_struct *conn = req->conn;
5187 START_PROFILE(SMBsplopen);
5190 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5191 END_PROFILE(SMBsplopen);
5195 if (!CAN_PRINT(conn)) {
5196 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5197 END_PROFILE(SMBsplopen);
5201 status = file_new(req, conn, &fsp);
5202 if(!NT_STATUS_IS_OK(status)) {
5203 reply_nterror(req, status);
5204 END_PROFILE(SMBsplopen);
5208 /* Open for exclusive use, write only. */
5209 status = print_spool_open(fsp, NULL, req->vuid);
5211 if (!NT_STATUS_IS_OK(status)) {
5212 file_free(req, fsp);
5213 reply_nterror(req, status);
5214 END_PROFILE(SMBsplopen);
5218 reply_outbuf(req, 1, 0);
5219 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
5221 DEBUG(3,("openprint fd=%d fnum=%d\n",
5222 fsp->fh->fd, fsp->fnum));
5224 END_PROFILE(SMBsplopen);
5228 /****************************************************************************
5229 Reply to a printclose.
5230 ****************************************************************************/
5232 void reply_printclose(struct smb_request *req)
5234 connection_struct *conn = req->conn;
5238 START_PROFILE(SMBsplclose);
5241 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5242 END_PROFILE(SMBsplclose);
5246 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5248 if (!check_fsp(conn, req, fsp)) {
5249 END_PROFILE(SMBsplclose);
5253 if (!CAN_PRINT(conn)) {
5254 reply_force_doserror(req, ERRSRV, ERRerror);
5255 END_PROFILE(SMBsplclose);
5259 DEBUG(3,("printclose fd=%d fnum=%d\n",
5260 fsp->fh->fd,fsp->fnum));
5262 status = close_file(req, fsp, NORMAL_CLOSE);
5264 if(!NT_STATUS_IS_OK(status)) {
5265 reply_nterror(req, status);
5266 END_PROFILE(SMBsplclose);
5270 reply_outbuf(req, 0, 0);
5272 END_PROFILE(SMBsplclose);
5276 /****************************************************************************
5277 Reply to a printqueue.
5278 ****************************************************************************/
5280 void reply_printqueue(struct smb_request *req)
5282 connection_struct *conn = req->conn;
5286 START_PROFILE(SMBsplretq);
5289 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5290 END_PROFILE(SMBsplretq);
5294 max_count = SVAL(req->vwv+0, 0);
5295 start_index = SVAL(req->vwv+1, 0);
5297 /* we used to allow the client to get the cnum wrong, but that
5298 is really quite gross and only worked when there was only
5299 one printer - I think we should now only accept it if they
5300 get it right (tridge) */
5301 if (!CAN_PRINT(conn)) {
5302 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5303 END_PROFILE(SMBsplretq);
5307 reply_outbuf(req, 2, 3);
5308 SSVAL(req->outbuf,smb_vwv0,0);
5309 SSVAL(req->outbuf,smb_vwv1,0);
5310 SCVAL(smb_buf(req->outbuf),0,1);
5311 SSVAL(smb_buf(req->outbuf),1,0);
5313 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
5314 start_index, max_count));
5317 TALLOC_CTX *mem_ctx = talloc_tos();
5320 const char *sharename = lp_servicename(SNUM(conn));
5321 struct rpc_pipe_client *cli = NULL;
5322 struct policy_handle handle;
5323 struct spoolss_DevmodeContainer devmode_ctr;
5324 union spoolss_JobInfo *info;
5326 uint32_t num_to_get;
5330 ZERO_STRUCT(handle);
5332 status = rpc_pipe_open_interface(conn,
5333 &ndr_table_spoolss.syntax_id,
5335 &conn->sconn->client_id,
5336 conn->sconn->msg_ctx,
5338 if (!NT_STATUS_IS_OK(status)) {
5339 DEBUG(0, ("reply_printqueue: "
5340 "could not connect to spoolss: %s\n",
5341 nt_errstr(status)));
5342 reply_nterror(req, status);
5346 ZERO_STRUCT(devmode_ctr);
5348 status = rpccli_spoolss_OpenPrinter(cli, mem_ctx,
5351 SEC_FLAG_MAXIMUM_ALLOWED,
5354 if (!NT_STATUS_IS_OK(status)) {
5355 reply_nterror(req, status);
5358 if (!W_ERROR_IS_OK(werr)) {
5359 reply_nterror(req, werror_to_ntstatus(werr));
5363 werr = rpccli_spoolss_enumjobs(cli, mem_ctx,
5371 if (!W_ERROR_IS_OK(werr)) {
5372 reply_nterror(req, werror_to_ntstatus(werr));
5376 if (max_count > 0) {
5377 first = start_index;
5379 first = start_index + max_count + 1;
5382 if (first >= count) {
5385 num_to_get = first + MIN(ABS(max_count), count - first);
5388 for (i = first; i < num_to_get; i++) {
5391 time_t qtime = spoolss_Time_to_time_t(&info[i].info2.submitted);
5393 uint16_t qrapjobid = pjobid_to_rap(sharename,
5394 info[i].info2.job_id);
5396 if (info[i].info2.status == JOB_STATUS_PRINTING) {
5402 srv_put_dos_date2(p, 0, qtime);
5403 SCVAL(p, 4, qstatus);
5404 SSVAL(p, 5, qrapjobid);
5405 SIVAL(p, 7, info[i].info2.size);
5407 srvstr_push(blob, req->flags2, p+12,
5408 info[i].info2.notify_name, 16, STR_ASCII);
5410 if (message_push_blob(
5413 blob, sizeof(blob))) == -1) {
5414 reply_nterror(req, NT_STATUS_NO_MEMORY);
5420 SSVAL(req->outbuf,smb_vwv0,count);
5421 SSVAL(req->outbuf,smb_vwv1,
5422 (max_count>0?first+count:first-1));
5423 SCVAL(smb_buf(req->outbuf),0,1);
5424 SSVAL(smb_buf(req->outbuf),1,28*count);
5428 DEBUG(3, ("%u entries returned in queue\n",
5432 if (cli && is_valid_policy_hnd(&handle)) {
5433 rpccli_spoolss_ClosePrinter(cli, mem_ctx, &handle, NULL);
5438 END_PROFILE(SMBsplretq);
5442 /****************************************************************************
5443 Reply to a printwrite.
5444 ****************************************************************************/
5446 void reply_printwrite(struct smb_request *req)
5448 connection_struct *conn = req->conn;
5453 START_PROFILE(SMBsplwr);
5456 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5457 END_PROFILE(SMBsplwr);
5461 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5463 if (!check_fsp(conn, req, fsp)) {
5464 END_PROFILE(SMBsplwr);
5468 if (!fsp->print_file) {
5469 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5470 END_PROFILE(SMBsplwr);
5474 if (!CHECK_WRITE(fsp)) {
5475 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5476 END_PROFILE(SMBsplwr);
5480 numtowrite = SVAL(req->buf, 1);
5482 if (req->buflen < numtowrite + 3) {
5483 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5484 END_PROFILE(SMBsplwr);
5488 data = (const char *)req->buf + 3;
5490 if (write_file(req,fsp,data,(SMB_OFF_T)-1,numtowrite) != numtowrite) {
5491 reply_nterror(req, map_nt_error_from_unix(errno));
5492 END_PROFILE(SMBsplwr);
5496 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
5498 END_PROFILE(SMBsplwr);
5502 /****************************************************************************
5504 ****************************************************************************/
5506 void reply_mkdir(struct smb_request *req)
5508 connection_struct *conn = req->conn;
5509 struct smb_filename *smb_dname = NULL;
5510 char *directory = NULL;
5512 TALLOC_CTX *ctx = talloc_tos();
5514 START_PROFILE(SMBmkdir);
5516 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5517 STR_TERMINATE, &status);
5518 if (!NT_STATUS_IS_OK(status)) {
5519 reply_nterror(req, status);
5523 status = filename_convert(ctx, conn,
5524 req->flags2 & FLAGS2_DFS_PATHNAMES,
5529 if (!NT_STATUS_IS_OK(status)) {
5530 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5531 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5532 ERRSRV, ERRbadpath);
5535 reply_nterror(req, status);
5539 status = create_directory(conn, req, smb_dname);
5541 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
5543 if (!NT_STATUS_IS_OK(status)) {
5545 if (!use_nt_status()
5546 && NT_STATUS_EQUAL(status,
5547 NT_STATUS_OBJECT_NAME_COLLISION)) {
5549 * Yes, in the DOS error code case we get a
5550 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5551 * samba4 torture test.
5553 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
5556 reply_nterror(req, status);
5560 reply_outbuf(req, 0, 0);
5562 DEBUG(3, ("mkdir %s\n", smb_dname->base_name));
5564 TALLOC_FREE(smb_dname);
5565 END_PROFILE(SMBmkdir);
5569 /****************************************************************************
5571 ****************************************************************************/
5573 void reply_rmdir(struct smb_request *req)
5575 connection_struct *conn = req->conn;
5576 struct smb_filename *smb_dname = NULL;
5577 char *directory = NULL;
5579 TALLOC_CTX *ctx = talloc_tos();
5580 files_struct *fsp = NULL;
5582 struct smbd_server_connection *sconn = req->sconn;
5584 START_PROFILE(SMBrmdir);
5586 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5587 STR_TERMINATE, &status);
5588 if (!NT_STATUS_IS_OK(status)) {
5589 reply_nterror(req, status);
5593 status = filename_convert(ctx, conn,
5594 req->flags2 & FLAGS2_DFS_PATHNAMES,
5599 if (!NT_STATUS_IS_OK(status)) {
5600 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5601 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5602 ERRSRV, ERRbadpath);
5605 reply_nterror(req, status);
5609 if (is_ntfs_stream_smb_fname(smb_dname)) {
5610 reply_nterror(req, NT_STATUS_NOT_A_DIRECTORY);
5614 status = SMB_VFS_CREATE_FILE(
5617 0, /* root_dir_fid */
5618 smb_dname, /* fname */
5619 DELETE_ACCESS, /* access_mask */
5620 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
5622 FILE_OPEN, /* create_disposition*/
5623 FILE_DIRECTORY_FILE, /* create_options */
5624 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
5625 0, /* oplock_request */
5626 0, /* allocation_size */
5627 0, /* private_flags */
5633 if (!NT_STATUS_IS_OK(status)) {
5634 if (open_was_deferred(req->mid)) {
5635 /* We have re-scheduled this call. */
5638 reply_nterror(req, status);
5642 status = can_set_delete_on_close(fsp, FILE_ATTRIBUTE_DIRECTORY);
5643 if (!NT_STATUS_IS_OK(status)) {
5644 close_file(req, fsp, ERROR_CLOSE);
5645 reply_nterror(req, status);
5649 if (!set_delete_on_close(fsp, true, &conn->server_info->utok)) {
5650 close_file(req, fsp, ERROR_CLOSE);
5651 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5655 status = close_file(req, fsp, NORMAL_CLOSE);
5656 if (!NT_STATUS_IS_OK(status)) {
5657 reply_nterror(req, status);
5659 reply_outbuf(req, 0, 0);
5662 dptr_closepath(sconn, smb_dname->base_name, req->smbpid);
5664 DEBUG(3, ("rmdir %s\n", smb_fname_str_dbg(smb_dname)));
5666 TALLOC_FREE(smb_dname);
5667 END_PROFILE(SMBrmdir);
5671 /*******************************************************************
5672 Resolve wildcards in a filename rename.
5673 ********************************************************************/
5675 static bool resolve_wildcards(TALLOC_CTX *ctx,
5680 char *name2_copy = NULL;
5685 char *p,*p2, *pname1, *pname2;
5687 name2_copy = talloc_strdup(ctx, name2);
5692 pname1 = strrchr_m(name1,'/');
5693 pname2 = strrchr_m(name2_copy,'/');
5695 if (!pname1 || !pname2) {
5699 /* Truncate the copy of name2 at the last '/' */
5702 /* Now go past the '/' */
5706 root1 = talloc_strdup(ctx, pname1);
5707 root2 = talloc_strdup(ctx, pname2);
5709 if (!root1 || !root2) {
5713 p = strrchr_m(root1,'.');
5716 ext1 = talloc_strdup(ctx, p+1);
5718 ext1 = talloc_strdup(ctx, "");
5720 p = strrchr_m(root2,'.');
5723 ext2 = talloc_strdup(ctx, p+1);
5725 ext2 = talloc_strdup(ctx, "");
5728 if (!ext1 || !ext2) {
5736 /* Hmmm. Should this be mb-aware ? */
5739 } else if (*p2 == '*') {
5741 root2 = talloc_asprintf(ctx, "%s%s",
5760 /* Hmmm. Should this be mb-aware ? */
5763 } else if (*p2 == '*') {
5765 ext2 = talloc_asprintf(ctx, "%s%s",
5781 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5786 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5798 /****************************************************************************
5799 Ensure open files have their names updated. Updated to notify other smbd's
5801 ****************************************************************************/
5803 static void rename_open_files(connection_struct *conn,
5804 struct share_mode_lock *lck,
5805 const struct smb_filename *smb_fname_dst)
5808 bool did_rename = False;
5811 for(fsp = file_find_di_first(conn->sconn, lck->id); fsp;
5812 fsp = file_find_di_next(fsp)) {
5813 /* fsp_name is a relative path under the fsp. To change this for other
5814 sharepaths we need to manipulate relative paths. */
5815 /* TODO - create the absolute path and manipulate the newname
5816 relative to the sharepath. */
5817 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5820 DEBUG(10, ("rename_open_files: renaming file fnum %d "
5821 "(file_id %s) from %s -> %s\n", fsp->fnum,
5822 file_id_string_tos(&fsp->file_id), fsp_str_dbg(fsp),
5823 smb_fname_str_dbg(smb_fname_dst)));
5825 status = fsp_set_smb_fname(fsp, smb_fname_dst);
5826 if (NT_STATUS_IS_OK(status)) {
5832 DEBUG(10, ("rename_open_files: no open files on file_id %s "
5833 "for %s\n", file_id_string_tos(&lck->id),
5834 smb_fname_str_dbg(smb_fname_dst)));
5837 /* Send messages to all smbd's (not ourself) that the name has changed. */
5838 rename_share_filename(conn->sconn->msg_ctx, lck, conn->connectpath,
5843 /****************************************************************************
5844 We need to check if the source path is a parent directory of the destination
5845 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5846 refuse the rename with a sharing violation. Under UNIX the above call can
5847 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5848 probably need to check that the client is a Windows one before disallowing
5849 this as a UNIX client (one with UNIX extensions) can know the source is a
5850 symlink and make this decision intelligently. Found by an excellent bug
5851 report from <AndyLiebman@aol.com>.
5852 ****************************************************************************/
5854 static bool rename_path_prefix_equal(const struct smb_filename *smb_fname_src,
5855 const struct smb_filename *smb_fname_dst)
5857 const char *psrc = smb_fname_src->base_name;
5858 const char *pdst = smb_fname_dst->base_name;
5861 if (psrc[0] == '.' && psrc[1] == '/') {
5864 if (pdst[0] == '.' && pdst[1] == '/') {
5867 if ((slen = strlen(psrc)) > strlen(pdst)) {
5870 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5874 * Do the notify calls from a rename
5877 static void notify_rename(connection_struct *conn, bool is_dir,
5878 const struct smb_filename *smb_fname_src,
5879 const struct smb_filename *smb_fname_dst)
5881 char *parent_dir_src = NULL;
5882 char *parent_dir_dst = NULL;
5885 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5886 : FILE_NOTIFY_CHANGE_FILE_NAME;
5888 if (!parent_dirname(talloc_tos(), smb_fname_src->base_name,
5889 &parent_dir_src, NULL) ||
5890 !parent_dirname(talloc_tos(), smb_fname_dst->base_name,
5891 &parent_dir_dst, NULL)) {
5895 if (strcmp(parent_dir_src, parent_dir_dst) == 0) {
5896 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask,
5897 smb_fname_src->base_name);
5898 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask,
5899 smb_fname_dst->base_name);
5902 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask,
5903 smb_fname_src->base_name);
5904 notify_fname(conn, NOTIFY_ACTION_ADDED, mask,
5905 smb_fname_dst->base_name);
5908 /* this is a strange one. w2k3 gives an additional event for
5909 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5910 files, but not directories */
5912 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5913 FILE_NOTIFY_CHANGE_ATTRIBUTES
5914 |FILE_NOTIFY_CHANGE_CREATION,
5915 smb_fname_dst->base_name);
5918 TALLOC_FREE(parent_dir_src);
5919 TALLOC_FREE(parent_dir_dst);
5922 /****************************************************************************
5923 Rename an open file - given an fsp.
5924 ****************************************************************************/
5926 NTSTATUS rename_internals_fsp(connection_struct *conn,
5928 const struct smb_filename *smb_fname_dst_in,
5930 bool replace_if_exists)
5932 TALLOC_CTX *ctx = talloc_tos();
5933 struct smb_filename *smb_fname_dst = NULL;
5934 NTSTATUS status = NT_STATUS_OK;
5935 struct share_mode_lock *lck = NULL;
5936 bool dst_exists, old_is_stream, new_is_stream;
5938 status = check_name(conn, smb_fname_dst_in->base_name);
5939 if (!NT_STATUS_IS_OK(status)) {
5943 /* Make a copy of the dst smb_fname structs */
5945 status = copy_smb_filename(ctx, smb_fname_dst_in, &smb_fname_dst);
5946 if (!NT_STATUS_IS_OK(status)) {
5951 * Check for special case with case preserving and not
5952 * case sensitive. If the old last component differs from the original
5953 * last component only by case, then we should allow
5954 * the rename (user is trying to change the case of the
5957 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5958 strequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
5959 strequal(fsp->fsp_name->stream_name, smb_fname_dst->stream_name)) {
5961 char *fname_dst_lcomp_base_mod = NULL;
5962 struct smb_filename *smb_fname_orig_lcomp = NULL;
5965 * Get the last component of the destination name.
5967 last_slash = strrchr_m(smb_fname_dst->base_name, '/');
5969 fname_dst_lcomp_base_mod = talloc_strdup(ctx, last_slash + 1);
5971 fname_dst_lcomp_base_mod = talloc_strdup(ctx, smb_fname_dst->base_name);
5973 if (!fname_dst_lcomp_base_mod) {
5974 status = NT_STATUS_NO_MEMORY;
5979 * Create an smb_filename struct using the original last
5980 * component of the destination.
5982 status = create_synthetic_smb_fname_split(ctx,
5983 smb_fname_dst->original_lcomp, NULL,
5984 &smb_fname_orig_lcomp);
5985 if (!NT_STATUS_IS_OK(status)) {
5986 TALLOC_FREE(fname_dst_lcomp_base_mod);
5990 /* If the base names only differ by case, use original. */
5991 if(!strcsequal(fname_dst_lcomp_base_mod,
5992 smb_fname_orig_lcomp->base_name)) {
5995 * Replace the modified last component with the
5999 *last_slash = '\0'; /* Truncate at the '/' */
6000 tmp = talloc_asprintf(smb_fname_dst,
6002 smb_fname_dst->base_name,
6003 smb_fname_orig_lcomp->base_name);
6005 tmp = talloc_asprintf(smb_fname_dst,
6007 smb_fname_orig_lcomp->base_name);
6010 status = NT_STATUS_NO_MEMORY;
6011 TALLOC_FREE(fname_dst_lcomp_base_mod);
6012 TALLOC_FREE(smb_fname_orig_lcomp);
6015 TALLOC_FREE(smb_fname_dst->base_name);
6016 smb_fname_dst->base_name = tmp;
6019 /* If the stream_names only differ by case, use original. */
6020 if(!strcsequal(smb_fname_dst->stream_name,
6021 smb_fname_orig_lcomp->stream_name)) {
6023 /* Use the original stream. */
6024 tmp = talloc_strdup(smb_fname_dst,
6025 smb_fname_orig_lcomp->stream_name);
6027 status = NT_STATUS_NO_MEMORY;
6028 TALLOC_FREE(fname_dst_lcomp_base_mod);
6029 TALLOC_FREE(smb_fname_orig_lcomp);
6032 TALLOC_FREE(smb_fname_dst->stream_name);
6033 smb_fname_dst->stream_name = tmp;
6035 TALLOC_FREE(fname_dst_lcomp_base_mod);
6036 TALLOC_FREE(smb_fname_orig_lcomp);
6040 * If the src and dest names are identical - including case,
6041 * don't do the rename, just return success.
6044 if (strcsequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
6045 strcsequal(fsp->fsp_name->stream_name,
6046 smb_fname_dst->stream_name)) {
6047 DEBUG(3, ("rename_internals_fsp: identical names in rename %s "
6048 "- returning success\n",
6049 smb_fname_str_dbg(smb_fname_dst)));
6050 status = NT_STATUS_OK;
6054 old_is_stream = is_ntfs_stream_smb_fname(fsp->fsp_name);
6055 new_is_stream = is_ntfs_stream_smb_fname(smb_fname_dst);
6057 /* Return the correct error code if both names aren't streams. */
6058 if (!old_is_stream && new_is_stream) {
6059 status = NT_STATUS_OBJECT_NAME_INVALID;
6063 if (old_is_stream && !new_is_stream) {
6064 status = NT_STATUS_INVALID_PARAMETER;
6068 dst_exists = SMB_VFS_STAT(conn, smb_fname_dst) == 0;
6070 if(!replace_if_exists && dst_exists) {
6071 DEBUG(3, ("rename_internals_fsp: dest exists doing rename "
6072 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6073 smb_fname_str_dbg(smb_fname_dst)));
6074 status = NT_STATUS_OBJECT_NAME_COLLISION;
6079 struct file_id fileid = vfs_file_id_from_sbuf(conn,
6080 &smb_fname_dst->st);
6081 files_struct *dst_fsp = file_find_di_first(conn->sconn,
6083 /* The file can be open when renaming a stream */
6084 if (dst_fsp && !new_is_stream) {
6085 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
6086 status = NT_STATUS_ACCESS_DENIED;
6091 /* Ensure we have a valid stat struct for the source. */
6092 status = vfs_stat_fsp(fsp);
6093 if (!NT_STATUS_IS_OK(status)) {
6097 status = can_rename(conn, fsp, attrs);
6099 if (!NT_STATUS_IS_OK(status)) {
6100 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6101 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6102 smb_fname_str_dbg(smb_fname_dst)));
6103 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
6104 status = NT_STATUS_ACCESS_DENIED;
6108 if (rename_path_prefix_equal(fsp->fsp_name, smb_fname_dst)) {
6109 status = NT_STATUS_ACCESS_DENIED;
6112 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
6116 * We have the file open ourselves, so not being able to get the
6117 * corresponding share mode lock is a fatal error.
6120 SMB_ASSERT(lck != NULL);
6122 if(SMB_VFS_RENAME(conn, fsp->fsp_name, smb_fname_dst) == 0) {
6123 uint32 create_options = fsp->fh->private_options;
6125 DEBUG(3, ("rename_internals_fsp: succeeded doing rename on "
6126 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6127 smb_fname_str_dbg(smb_fname_dst)));
6129 if (!lp_posix_pathnames() &&
6130 (lp_map_archive(SNUM(conn)) ||
6131 lp_store_dos_attributes(SNUM(conn)))) {
6132 /* We must set the archive bit on the newly
6134 if (SMB_VFS_STAT(conn, smb_fname_dst) == 0) {
6135 uint32_t old_dosmode = dos_mode(conn,
6137 file_set_dosmode(conn,
6139 old_dosmode | FILE_ATTRIBUTE_ARCHIVE,
6145 notify_rename(conn, fsp->is_directory, fsp->fsp_name,
6148 rename_open_files(conn, lck, smb_fname_dst);
6151 * A rename acts as a new file create w.r.t. allowing an initial delete
6152 * on close, probably because in Windows there is a new handle to the
6153 * new file. If initial delete on close was requested but not
6154 * originally set, we need to set it here. This is probably not 100% correct,
6155 * but will work for the CIFSFS client which in non-posix mode
6156 * depends on these semantics. JRA.
6159 if (create_options & FILE_DELETE_ON_CLOSE) {
6160 status = can_set_delete_on_close(fsp, 0);
6162 if (NT_STATUS_IS_OK(status)) {
6163 /* Note that here we set the *inital* delete on close flag,
6164 * not the regular one. The magic gets handled in close. */
6165 fsp->initial_delete_on_close = True;
6169 status = NT_STATUS_OK;
6175 if (errno == ENOTDIR || errno == EISDIR) {
6176 status = NT_STATUS_OBJECT_NAME_COLLISION;
6178 status = map_nt_error_from_unix(errno);
6181 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6182 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6183 smb_fname_str_dbg(smb_fname_dst)));
6186 TALLOC_FREE(smb_fname_dst);
6191 /****************************************************************************
6192 The guts of the rename command, split out so it may be called by the NT SMB
6194 ****************************************************************************/
6196 NTSTATUS rename_internals(TALLOC_CTX *ctx,
6197 connection_struct *conn,
6198 struct smb_request *req,
6199 struct smb_filename *smb_fname_src,
6200 struct smb_filename *smb_fname_dst,
6202 bool replace_if_exists,
6205 uint32_t access_mask)
6207 char *fname_src_dir = NULL;
6208 char *fname_src_mask = NULL;
6210 NTSTATUS status = NT_STATUS_OK;
6211 struct smb_Dir *dir_hnd = NULL;
6212 const char *dname = NULL;
6213 char *talloced = NULL;
6215 int create_options = 0;
6216 bool posix_pathnames = lp_posix_pathnames();
6219 * Split the old name into directory and last component
6220 * strings. Note that unix_convert may have stripped off a
6221 * leading ./ from both name and newname if the rename is
6222 * at the root of the share. We need to make sure either both
6223 * name and newname contain a / character or neither of them do
6224 * as this is checked in resolve_wildcards().
6227 /* Split up the directory from the filename/mask. */
6228 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6229 &fname_src_dir, &fname_src_mask);
6230 if (!NT_STATUS_IS_OK(status)) {
6231 status = NT_STATUS_NO_MEMORY;
6236 * We should only check the mangled cache
6237 * here if unix_convert failed. This means
6238 * that the path in 'mask' doesn't exist
6239 * on the file system and so we need to look
6240 * for a possible mangle. This patch from
6241 * Tine Smukavec <valentin.smukavec@hermes.si>.
6244 if (!VALID_STAT(smb_fname_src->st) &&
6245 mangle_is_mangled(fname_src_mask, conn->params)) {
6246 char *new_mask = NULL;
6247 mangle_lookup_name_from_8_3(ctx, fname_src_mask, &new_mask,
6250 TALLOC_FREE(fname_src_mask);
6251 fname_src_mask = new_mask;
6255 if (!src_has_wild) {
6259 * Only one file needs to be renamed. Append the mask back
6260 * onto the directory.
6262 TALLOC_FREE(smb_fname_src->base_name);
6263 if (ISDOT(fname_src_dir)) {
6264 /* Ensure we use canonical names on open. */
6265 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6269 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6274 if (!smb_fname_src->base_name) {
6275 status = NT_STATUS_NO_MEMORY;
6279 DEBUG(3, ("rename_internals: case_sensitive = %d, "
6280 "case_preserve = %d, short case preserve = %d, "
6281 "directory = %s, newname = %s, "
6282 "last_component_dest = %s\n",
6283 conn->case_sensitive, conn->case_preserve,
6284 conn->short_case_preserve,
6285 smb_fname_str_dbg(smb_fname_src),
6286 smb_fname_str_dbg(smb_fname_dst),
6287 smb_fname_dst->original_lcomp));
6289 /* The dest name still may have wildcards. */
6290 if (dest_has_wild) {
6291 char *fname_dst_mod = NULL;
6292 if (!resolve_wildcards(smb_fname_dst,
6293 smb_fname_src->base_name,
6294 smb_fname_dst->base_name,
6296 DEBUG(6, ("rename_internals: resolve_wildcards "
6298 smb_fname_src->base_name,
6299 smb_fname_dst->base_name));
6300 status = NT_STATUS_NO_MEMORY;
6303 TALLOC_FREE(smb_fname_dst->base_name);
6304 smb_fname_dst->base_name = fname_dst_mod;
6307 ZERO_STRUCT(smb_fname_src->st);
6308 if (posix_pathnames) {
6309 SMB_VFS_LSTAT(conn, smb_fname_src);
6311 SMB_VFS_STAT(conn, smb_fname_src);
6314 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6315 create_options |= FILE_DIRECTORY_FILE;
6318 status = SMB_VFS_CREATE_FILE(
6321 0, /* root_dir_fid */
6322 smb_fname_src, /* fname */
6323 access_mask, /* access_mask */
6324 (FILE_SHARE_READ | /* share_access */
6326 FILE_OPEN, /* create_disposition*/
6327 create_options, /* create_options */
6328 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6329 0, /* oplock_request */
6330 0, /* allocation_size */
6331 0, /* private_flags */
6337 if (!NT_STATUS_IS_OK(status)) {
6338 DEBUG(3, ("Could not open rename source %s: %s\n",
6339 smb_fname_str_dbg(smb_fname_src),
6340 nt_errstr(status)));
6344 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6345 attrs, replace_if_exists);
6347 close_file(req, fsp, NORMAL_CLOSE);
6349 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6350 nt_errstr(status), smb_fname_str_dbg(smb_fname_src),
6351 smb_fname_str_dbg(smb_fname_dst)));
6357 * Wildcards - process each file that matches.
6359 if (strequal(fname_src_mask, "????????.???")) {
6360 TALLOC_FREE(fname_src_mask);
6361 fname_src_mask = talloc_strdup(ctx, "*");
6362 if (!fname_src_mask) {
6363 status = NT_STATUS_NO_MEMORY;
6368 status = check_name(conn, fname_src_dir);
6369 if (!NT_STATUS_IS_OK(status)) {
6373 dir_hnd = OpenDir(talloc_tos(), conn, fname_src_dir, fname_src_mask,
6375 if (dir_hnd == NULL) {
6376 status = map_nt_error_from_unix(errno);
6380 status = NT_STATUS_NO_SUCH_FILE;
6382 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6383 * - gentest fix. JRA
6386 while ((dname = ReadDirName(dir_hnd, &offset, &smb_fname_src->st,
6388 files_struct *fsp = NULL;
6389 char *destname = NULL;
6390 bool sysdir_entry = False;
6392 /* Quick check for "." and ".." */
6393 if (ISDOT(dname) || ISDOTDOT(dname)) {
6395 sysdir_entry = True;
6397 TALLOC_FREE(talloced);
6402 if (!is_visible_file(conn, fname_src_dir, dname,
6403 &smb_fname_src->st, false)) {
6404 TALLOC_FREE(talloced);
6408 if(!mask_match(dname, fname_src_mask, conn->case_sensitive)) {
6409 TALLOC_FREE(talloced);
6414 status = NT_STATUS_OBJECT_NAME_INVALID;
6418 TALLOC_FREE(smb_fname_src->base_name);
6419 if (ISDOT(fname_src_dir)) {
6420 /* Ensure we use canonical names on open. */
6421 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6425 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6430 if (!smb_fname_src->base_name) {
6431 status = NT_STATUS_NO_MEMORY;
6435 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
6436 smb_fname_dst->base_name,
6438 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6439 smb_fname_src->base_name, destname));
6440 TALLOC_FREE(talloced);
6444 status = NT_STATUS_NO_MEMORY;
6448 TALLOC_FREE(smb_fname_dst->base_name);
6449 smb_fname_dst->base_name = destname;
6451 ZERO_STRUCT(smb_fname_src->st);
6452 if (posix_pathnames) {
6453 SMB_VFS_LSTAT(conn, smb_fname_src);
6455 SMB_VFS_STAT(conn, smb_fname_src);
6460 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6461 create_options |= FILE_DIRECTORY_FILE;
6464 status = SMB_VFS_CREATE_FILE(
6467 0, /* root_dir_fid */
6468 smb_fname_src, /* fname */
6469 access_mask, /* access_mask */
6470 (FILE_SHARE_READ | /* share_access */
6472 FILE_OPEN, /* create_disposition*/
6473 create_options, /* create_options */
6474 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6475 0, /* oplock_request */
6476 0, /* allocation_size */
6477 0, /* private_flags */
6483 if (!NT_STATUS_IS_OK(status)) {
6484 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6485 "returned %s rename %s -> %s\n",
6487 smb_fname_str_dbg(smb_fname_src),
6488 smb_fname_str_dbg(smb_fname_dst)));
6492 smb_fname_dst->original_lcomp = talloc_strdup(smb_fname_dst,
6494 if (!smb_fname_dst->original_lcomp) {
6495 status = NT_STATUS_NO_MEMORY;
6499 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6500 attrs, replace_if_exists);
6502 close_file(req, fsp, NORMAL_CLOSE);
6504 if (!NT_STATUS_IS_OK(status)) {
6505 DEBUG(3, ("rename_internals_fsp returned %s for "
6506 "rename %s -> %s\n", nt_errstr(status),
6507 smb_fname_str_dbg(smb_fname_src),
6508 smb_fname_str_dbg(smb_fname_dst)));
6514 DEBUG(3,("rename_internals: doing rename on %s -> "
6515 "%s\n", smb_fname_str_dbg(smb_fname_src),
6516 smb_fname_str_dbg(smb_fname_src)));
6517 TALLOC_FREE(talloced);
6519 TALLOC_FREE(dir_hnd);
6521 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6522 status = map_nt_error_from_unix(errno);
6526 TALLOC_FREE(talloced);
6527 TALLOC_FREE(fname_src_dir);
6528 TALLOC_FREE(fname_src_mask);
6532 /****************************************************************************
6534 ****************************************************************************/
6536 void reply_mv(struct smb_request *req)
6538 connection_struct *conn = req->conn;
6540 char *newname = NULL;
6544 bool src_has_wcard = False;
6545 bool dest_has_wcard = False;
6546 TALLOC_CTX *ctx = talloc_tos();
6547 struct smb_filename *smb_fname_src = NULL;
6548 struct smb_filename *smb_fname_dst = NULL;
6549 bool stream_rename = false;
6551 START_PROFILE(SMBmv);
6554 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6558 attrs = SVAL(req->vwv+0, 0);
6560 p = (const char *)req->buf + 1;
6561 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6562 &status, &src_has_wcard);
6563 if (!NT_STATUS_IS_OK(status)) {
6564 reply_nterror(req, status);
6568 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6569 &status, &dest_has_wcard);
6570 if (!NT_STATUS_IS_OK(status)) {
6571 reply_nterror(req, status);
6575 if (!lp_posix_pathnames()) {
6576 /* The newname must begin with a ':' if the
6577 name contains a ':'. */
6578 if (strchr_m(name, ':')) {
6579 if (newname[0] != ':') {
6580 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6583 stream_rename = true;
6587 status = filename_convert(ctx,
6589 req->flags2 & FLAGS2_DFS_PATHNAMES,
6591 UCF_COND_ALLOW_WCARD_LCOMP,
6595 if (!NT_STATUS_IS_OK(status)) {
6596 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6597 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6598 ERRSRV, ERRbadpath);
6601 reply_nterror(req, status);
6605 status = filename_convert(ctx,
6607 req->flags2 & FLAGS2_DFS_PATHNAMES,
6609 UCF_COND_ALLOW_WCARD_LCOMP | UCF_SAVE_LCOMP,
6613 if (!NT_STATUS_IS_OK(status)) {
6614 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6615 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6616 ERRSRV, ERRbadpath);
6619 reply_nterror(req, status);
6623 if (stream_rename) {
6624 /* smb_fname_dst->base_name must be the same as
6625 smb_fname_src->base_name. */
6626 TALLOC_FREE(smb_fname_dst->base_name);
6627 smb_fname_dst->base_name = talloc_strdup(smb_fname_dst,
6628 smb_fname_src->base_name);
6629 if (!smb_fname_dst->base_name) {
6630 reply_nterror(req, NT_STATUS_NO_MEMORY);
6635 DEBUG(3,("reply_mv : %s -> %s\n", smb_fname_str_dbg(smb_fname_src),
6636 smb_fname_str_dbg(smb_fname_dst)));
6638 status = rename_internals(ctx, conn, req, smb_fname_src, smb_fname_dst,
6639 attrs, False, src_has_wcard, dest_has_wcard,
6641 if (!NT_STATUS_IS_OK(status)) {
6642 if (open_was_deferred(req->mid)) {
6643 /* We have re-scheduled this call. */
6646 reply_nterror(req, status);
6650 reply_outbuf(req, 0, 0);
6652 TALLOC_FREE(smb_fname_src);
6653 TALLOC_FREE(smb_fname_dst);
6658 /*******************************************************************
6659 Copy a file as part of a reply_copy.
6660 ******************************************************************/
6663 * TODO: check error codes on all callers
6666 NTSTATUS copy_file(TALLOC_CTX *ctx,
6667 connection_struct *conn,
6668 struct smb_filename *smb_fname_src,
6669 struct smb_filename *smb_fname_dst,
6672 bool target_is_directory)
6674 struct smb_filename *smb_fname_dst_tmp = NULL;
6676 files_struct *fsp1,*fsp2;
6678 uint32 new_create_disposition;
6682 status = copy_smb_filename(ctx, smb_fname_dst, &smb_fname_dst_tmp);
6683 if (!NT_STATUS_IS_OK(status)) {
6688 * If the target is a directory, extract the last component from the
6689 * src filename and append it to the dst filename
6691 if (target_is_directory) {
6694 /* dest/target can't be a stream if it's a directory. */
6695 SMB_ASSERT(smb_fname_dst->stream_name == NULL);
6697 p = strrchr_m(smb_fname_src->base_name,'/');
6701 p = smb_fname_src->base_name;
6703 smb_fname_dst_tmp->base_name =
6704 talloc_asprintf_append(smb_fname_dst_tmp->base_name, "/%s",
6706 if (!smb_fname_dst_tmp->base_name) {
6707 status = NT_STATUS_NO_MEMORY;
6712 status = vfs_file_exist(conn, smb_fname_src);
6713 if (!NT_STATUS_IS_OK(status)) {
6717 if (!target_is_directory && count) {
6718 new_create_disposition = FILE_OPEN;
6720 if (!map_open_params_to_ntcreate(smb_fname_dst_tmp, 0, ofun,
6722 &new_create_disposition,
6725 status = NT_STATUS_INVALID_PARAMETER;
6730 /* Open the src file for reading. */
6731 status = SMB_VFS_CREATE_FILE(
6734 0, /* root_dir_fid */
6735 smb_fname_src, /* fname */
6736 FILE_GENERIC_READ, /* access_mask */
6737 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6738 FILE_OPEN, /* create_disposition*/
6739 0, /* create_options */
6740 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6741 INTERNAL_OPEN_ONLY, /* oplock_request */
6742 0, /* allocation_size */
6743 0, /* private_flags */
6749 if (!NT_STATUS_IS_OK(status)) {
6753 dosattrs = dos_mode(conn, smb_fname_src);
6755 if (SMB_VFS_STAT(conn, smb_fname_dst_tmp) == -1) {
6756 ZERO_STRUCTP(&smb_fname_dst_tmp->st);
6759 /* Open the dst file for writing. */
6760 status = SMB_VFS_CREATE_FILE(
6763 0, /* root_dir_fid */
6764 smb_fname_dst, /* fname */
6765 FILE_GENERIC_WRITE, /* access_mask */
6766 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6767 new_create_disposition, /* create_disposition*/
6768 0, /* create_options */
6769 dosattrs, /* file_attributes */
6770 INTERNAL_OPEN_ONLY, /* oplock_request */
6771 0, /* allocation_size */
6772 0, /* private_flags */
6778 if (!NT_STATUS_IS_OK(status)) {
6779 close_file(NULL, fsp1, ERROR_CLOSE);
6783 if ((ofun&3) == 1) {
6784 if(SMB_VFS_LSEEK(fsp2,0,SEEK_END) == -1) {
6785 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
6787 * Stop the copy from occurring.
6790 smb_fname_src->st.st_ex_size = 0;
6794 /* Do the actual copy. */
6795 if (smb_fname_src->st.st_ex_size) {
6796 ret = vfs_transfer_file(fsp1, fsp2, smb_fname_src->st.st_ex_size);
6799 close_file(NULL, fsp1, NORMAL_CLOSE);
6801 /* Ensure the modtime is set correctly on the destination file. */
6802 set_close_write_time(fsp2, smb_fname_src->st.st_ex_mtime);
6805 * As we are opening fsp1 read-only we only expect
6806 * an error on close on fsp2 if we are out of space.
6807 * Thus we don't look at the error return from the
6810 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6812 if (!NT_STATUS_IS_OK(status)) {
6816 if (ret != (SMB_OFF_T)smb_fname_src->st.st_ex_size) {
6817 status = NT_STATUS_DISK_FULL;
6821 status = NT_STATUS_OK;
6824 TALLOC_FREE(smb_fname_dst_tmp);
6828 /****************************************************************************
6829 Reply to a file copy.
6830 ****************************************************************************/
6832 void reply_copy(struct smb_request *req)
6834 connection_struct *conn = req->conn;
6835 struct smb_filename *smb_fname_src = NULL;
6836 struct smb_filename *smb_fname_dst = NULL;
6837 char *fname_src = NULL;
6838 char *fname_dst = NULL;
6839 char *fname_src_mask = NULL;
6840 char *fname_src_dir = NULL;
6843 int error = ERRnoaccess;
6847 bool target_is_directory=False;
6848 bool source_has_wild = False;
6849 bool dest_has_wild = False;
6851 TALLOC_CTX *ctx = talloc_tos();
6853 START_PROFILE(SMBcopy);
6856 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6860 tid2 = SVAL(req->vwv+0, 0);
6861 ofun = SVAL(req->vwv+1, 0);
6862 flags = SVAL(req->vwv+2, 0);
6864 p = (const char *)req->buf;
6865 p += srvstr_get_path_req_wcard(ctx, req, &fname_src, p, STR_TERMINATE,
6866 &status, &source_has_wild);
6867 if (!NT_STATUS_IS_OK(status)) {
6868 reply_nterror(req, status);
6871 p += srvstr_get_path_req_wcard(ctx, req, &fname_dst, p, STR_TERMINATE,
6872 &status, &dest_has_wild);
6873 if (!NT_STATUS_IS_OK(status)) {
6874 reply_nterror(req, status);
6878 DEBUG(3,("reply_copy : %s -> %s\n", fname_src, fname_dst));
6880 if (tid2 != conn->cnum) {
6881 /* can't currently handle inter share copies XXXX */
6882 DEBUG(3,("Rejecting inter-share copy\n"));
6883 reply_nterror(req, NT_STATUS_BAD_DEVICE_TYPE);
6887 status = filename_convert(ctx, conn,
6888 req->flags2 & FLAGS2_DFS_PATHNAMES,
6890 UCF_COND_ALLOW_WCARD_LCOMP,
6893 if (!NT_STATUS_IS_OK(status)) {
6894 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6895 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6896 ERRSRV, ERRbadpath);
6899 reply_nterror(req, status);
6903 status = filename_convert(ctx, conn,
6904 req->flags2 & FLAGS2_DFS_PATHNAMES,
6906 UCF_COND_ALLOW_WCARD_LCOMP,
6909 if (!NT_STATUS_IS_OK(status)) {
6910 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6911 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6912 ERRSRV, ERRbadpath);
6915 reply_nterror(req, status);
6919 target_is_directory = VALID_STAT_OF_DIR(smb_fname_dst->st);
6921 if ((flags&1) && target_is_directory) {
6922 reply_nterror(req, NT_STATUS_NO_SUCH_FILE);
6926 if ((flags&2) && !target_is_directory) {
6927 reply_nterror(req, NT_STATUS_OBJECT_PATH_NOT_FOUND);
6931 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(smb_fname_src->st)) {
6932 /* wants a tree copy! XXXX */
6933 DEBUG(3,("Rejecting tree copy\n"));
6934 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6938 /* Split up the directory from the filename/mask. */
6939 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6940 &fname_src_dir, &fname_src_mask);
6941 if (!NT_STATUS_IS_OK(status)) {
6942 reply_nterror(req, NT_STATUS_NO_MEMORY);
6947 * We should only check the mangled cache
6948 * here if unix_convert failed. This means
6949 * that the path in 'mask' doesn't exist
6950 * on the file system and so we need to look
6951 * for a possible mangle. This patch from
6952 * Tine Smukavec <valentin.smukavec@hermes.si>.
6954 if (!VALID_STAT(smb_fname_src->st) &&
6955 mangle_is_mangled(fname_src_mask, conn->params)) {
6956 char *new_mask = NULL;
6957 mangle_lookup_name_from_8_3(ctx, fname_src_mask,
6958 &new_mask, conn->params);
6960 /* Use demangled name if one was successfully found. */
6962 TALLOC_FREE(fname_src_mask);
6963 fname_src_mask = new_mask;
6967 if (!source_has_wild) {
6970 * Only one file needs to be copied. Append the mask back onto
6973 TALLOC_FREE(smb_fname_src->base_name);
6974 if (ISDOT(fname_src_dir)) {
6975 /* Ensure we use canonical names on open. */
6976 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6980 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6985 if (!smb_fname_src->base_name) {
6986 reply_nterror(req, NT_STATUS_NO_MEMORY);
6990 if (dest_has_wild) {
6991 char *fname_dst_mod = NULL;
6992 if (!resolve_wildcards(smb_fname_dst,
6993 smb_fname_src->base_name,
6994 smb_fname_dst->base_name,
6996 reply_nterror(req, NT_STATUS_NO_MEMORY);
6999 TALLOC_FREE(smb_fname_dst->base_name);
7000 smb_fname_dst->base_name = fname_dst_mod;
7003 status = check_name(conn, smb_fname_src->base_name);
7004 if (!NT_STATUS_IS_OK(status)) {
7005 reply_nterror(req, status);
7009 status = check_name(conn, smb_fname_dst->base_name);
7010 if (!NT_STATUS_IS_OK(status)) {
7011 reply_nterror(req, status);
7015 status = copy_file(ctx, conn, smb_fname_src, smb_fname_dst,
7016 ofun, count, target_is_directory);
7018 if(!NT_STATUS_IS_OK(status)) {
7019 reply_nterror(req, status);
7025 struct smb_Dir *dir_hnd = NULL;
7026 const char *dname = NULL;
7027 char *talloced = NULL;
7031 * There is a wildcard that requires us to actually read the
7032 * src dir and copy each file matching the mask to the dst.
7033 * Right now streams won't be copied, but this could
7034 * presumably be added with a nested loop for reach dir entry.
7036 SMB_ASSERT(!smb_fname_src->stream_name);
7037 SMB_ASSERT(!smb_fname_dst->stream_name);
7039 smb_fname_src->stream_name = NULL;
7040 smb_fname_dst->stream_name = NULL;
7042 if (strequal(fname_src_mask,"????????.???")) {
7043 TALLOC_FREE(fname_src_mask);
7044 fname_src_mask = talloc_strdup(ctx, "*");
7045 if (!fname_src_mask) {
7046 reply_nterror(req, NT_STATUS_NO_MEMORY);
7051 status = check_name(conn, fname_src_dir);
7052 if (!NT_STATUS_IS_OK(status)) {
7053 reply_nterror(req, status);
7057 dir_hnd = OpenDir(ctx, conn, fname_src_dir, fname_src_mask, 0);
7058 if (dir_hnd == NULL) {
7059 status = map_nt_error_from_unix(errno);
7060 reply_nterror(req, status);
7066 /* Iterate over the src dir copying each entry to the dst. */
7067 while ((dname = ReadDirName(dir_hnd, &offset,
7068 &smb_fname_src->st, &talloced))) {
7069 char *destname = NULL;
7071 if (ISDOT(dname) || ISDOTDOT(dname)) {
7072 TALLOC_FREE(talloced);
7076 if (!is_visible_file(conn, fname_src_dir, dname,
7077 &smb_fname_src->st, false)) {
7078 TALLOC_FREE(talloced);
7082 if(!mask_match(dname, fname_src_mask,
7083 conn->case_sensitive)) {
7084 TALLOC_FREE(talloced);
7088 error = ERRnoaccess;
7090 /* Get the src smb_fname struct setup. */
7091 TALLOC_FREE(smb_fname_src->base_name);
7092 if (ISDOT(fname_src_dir)) {
7093 /* Ensure we use canonical names on open. */
7094 smb_fname_src->base_name =
7095 talloc_asprintf(smb_fname_src, "%s",
7098 smb_fname_src->base_name =
7099 talloc_asprintf(smb_fname_src, "%s/%s",
7100 fname_src_dir, dname);
7103 if (!smb_fname_src->base_name) {
7104 TALLOC_FREE(dir_hnd);
7105 TALLOC_FREE(talloced);
7106 reply_nterror(req, NT_STATUS_NO_MEMORY);
7110 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
7111 smb_fname_dst->base_name,
7113 TALLOC_FREE(talloced);
7117 TALLOC_FREE(dir_hnd);
7118 TALLOC_FREE(talloced);
7119 reply_nterror(req, NT_STATUS_NO_MEMORY);
7123 TALLOC_FREE(smb_fname_dst->base_name);
7124 smb_fname_dst->base_name = destname;
7126 status = check_name(conn, smb_fname_src->base_name);
7127 if (!NT_STATUS_IS_OK(status)) {
7128 TALLOC_FREE(dir_hnd);
7129 TALLOC_FREE(talloced);
7130 reply_nterror(req, status);
7134 status = check_name(conn, smb_fname_dst->base_name);
7135 if (!NT_STATUS_IS_OK(status)) {
7136 TALLOC_FREE(dir_hnd);
7137 TALLOC_FREE(talloced);
7138 reply_nterror(req, status);
7142 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",
7143 smb_fname_src->base_name,
7144 smb_fname_dst->base_name));
7146 status = copy_file(ctx, conn, smb_fname_src,
7147 smb_fname_dst, ofun, count,
7148 target_is_directory);
7149 if (NT_STATUS_IS_OK(status)) {
7153 TALLOC_FREE(talloced);
7155 TALLOC_FREE(dir_hnd);
7159 reply_nterror(req, dos_to_ntstatus(ERRDOS, error));
7163 reply_outbuf(req, 1, 0);
7164 SSVAL(req->outbuf,smb_vwv0,count);
7166 TALLOC_FREE(smb_fname_src);
7167 TALLOC_FREE(smb_fname_dst);
7168 TALLOC_FREE(fname_src);
7169 TALLOC_FREE(fname_dst);
7170 TALLOC_FREE(fname_src_mask);
7171 TALLOC_FREE(fname_src_dir);
7173 END_PROFILE(SMBcopy);
7178 #define DBGC_CLASS DBGC_LOCKING
7180 /****************************************************************************
7181 Get a lock pid, dealing with large count requests.
7182 ****************************************************************************/
7184 uint64_t get_lock_pid(const uint8_t *data, int data_offset,
7185 bool large_file_format)
7187 if(!large_file_format)
7188 return (uint64_t)SVAL(data,SMB_LPID_OFFSET(data_offset));
7190 return (uint64_t)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
7193 /****************************************************************************
7194 Get a lock count, dealing with large count requests.
7195 ****************************************************************************/
7197 uint64_t get_lock_count(const uint8_t *data, int data_offset,
7198 bool large_file_format)
7202 if(!large_file_format) {
7203 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
7206 #if defined(HAVE_LONGLONG)
7207 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
7208 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
7209 #else /* HAVE_LONGLONG */
7212 * NT4.x seems to be broken in that it sends large file (64 bit)
7213 * lockingX calls even if the CAP_LARGE_FILES was *not*
7214 * negotiated. For boxes without large unsigned ints truncate the
7215 * lock count by dropping the top 32 bits.
7218 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
7219 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
7220 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
7221 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
7222 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
7225 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
7226 #endif /* HAVE_LONGLONG */
7232 #if !defined(HAVE_LONGLONG)
7233 /****************************************************************************
7234 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
7235 ****************************************************************************/
7237 static uint32 map_lock_offset(uint32 high, uint32 low)
7241 uint32 highcopy = high;
7244 * Try and find out how many significant bits there are in high.
7247 for(i = 0; highcopy; i++)
7251 * We use 31 bits not 32 here as POSIX
7252 * lock offsets may not be negative.
7255 mask = (~0) << (31 - i);
7258 return 0; /* Fail. */
7264 #endif /* !defined(HAVE_LONGLONG) */
7266 /****************************************************************************
7267 Get a lock offset, dealing with large offset requests.
7268 ****************************************************************************/
7270 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
7271 bool large_file_format, bool *err)
7273 uint64_t offset = 0;
7277 if(!large_file_format) {
7278 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
7281 #if defined(HAVE_LONGLONG)
7282 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
7283 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
7284 #else /* HAVE_LONGLONG */
7287 * NT4.x seems to be broken in that it sends large file (64 bit)
7288 * lockingX calls even if the CAP_LARGE_FILES was *not*
7289 * negotiated. For boxes without large unsigned ints mangle the
7290 * lock offset by mapping the top 32 bits onto the lower 32.
7293 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
7294 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7295 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
7298 if((new_low = map_lock_offset(high, low)) == 0) {
7300 return (uint64_t)-1;
7303 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
7304 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
7305 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
7306 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
7309 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7310 #endif /* HAVE_LONGLONG */
7316 NTSTATUS smbd_do_locking(struct smb_request *req,
7320 uint16_t num_ulocks,
7321 struct smbd_lock_element *ulocks,
7323 struct smbd_lock_element *locks,
7326 connection_struct *conn = req->conn;
7328 NTSTATUS status = NT_STATUS_OK;
7332 /* Data now points at the beginning of the list
7333 of smb_unlkrng structs */
7334 for(i = 0; i < (int)num_ulocks; i++) {
7335 struct smbd_lock_element *e = &ulocks[i];
7337 DEBUG(10,("smbd_do_locking: unlock start=%.0f, len=%.0f for "
7338 "pid %u, file %s\n",
7341 (unsigned int)e->smblctx,
7344 if (e->brltype != UNLOCK_LOCK) {
7345 /* this can only happen with SMB2 */
7346 return NT_STATUS_INVALID_PARAMETER;
7349 status = do_unlock(req->sconn->msg_ctx,
7356 DEBUG(10, ("smbd_do_locking: unlock returned %s\n",
7357 nt_errstr(status)));
7359 if (!NT_STATUS_IS_OK(status)) {
7364 /* Setup the timeout in seconds. */
7366 if (!lp_blocking_locks(SNUM(conn))) {
7370 /* Data now points at the beginning of the list
7371 of smb_lkrng structs */
7373 for(i = 0; i < (int)num_locks; i++) {
7374 struct smbd_lock_element *e = &locks[i];
7376 DEBUG(10,("smbd_do_locking: lock start=%.0f, len=%.0f for smblctx "
7377 "%llu, file %s timeout = %d\n",
7380 (unsigned long long)e->smblctx,
7384 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7385 struct blocking_lock_record *blr = NULL;
7387 if (num_locks > 1) {
7389 * MS-CIFS (2.2.4.32.1) states that a cancel is honored if and only
7390 * if the lock vector contains one entry. When given mutliple cancel
7391 * requests in a single PDU we expect the server to return an
7392 * error. Windows servers seem to accept the request but only
7393 * cancel the first lock.
7394 * JRA - Do what Windows does (tm) :-).
7398 /* MS-CIFS (2.2.4.32.1) behavior. */
7399 return NT_STATUS_DOS(ERRDOS,
7400 ERRcancelviolation);
7402 /* Windows behavior. */
7404 DEBUG(10,("smbd_do_locking: ignoring subsequent "
7405 "cancel request\n"));
7411 if (lp_blocking_locks(SNUM(conn))) {
7413 /* Schedule a message to ourselves to
7414 remove the blocking lock record and
7415 return the right error. */
7417 blr = blocking_lock_cancel_smb1(fsp,
7423 NT_STATUS_FILE_LOCK_CONFLICT);
7425 return NT_STATUS_DOS(
7427 ERRcancelviolation);
7430 /* Remove a matching pending lock. */
7431 status = do_lock_cancel(fsp,
7438 bool blocking_lock = timeout ? true : false;
7439 bool defer_lock = false;
7440 struct byte_range_lock *br_lck;
7441 uint64_t block_smblctx;
7443 br_lck = do_lock(req->sconn->msg_ctx,
7455 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
7456 /* Windows internal resolution for blocking locks seems
7457 to be about 200ms... Don't wait for less than that. JRA. */
7458 if (timeout != -1 && timeout < lp_lock_spin_time()) {
7459 timeout = lp_lock_spin_time();
7464 /* If a lock sent with timeout of zero would fail, and
7465 * this lock has been requested multiple times,
7466 * according to brl_lock_failed() we convert this
7467 * request to a blocking lock with a timeout of between
7468 * 150 - 300 milliseconds.
7470 * If lp_lock_spin_time() has been set to 0, we skip
7471 * this blocking retry and fail immediately.
7473 * Replacement for do_lock_spin(). JRA. */
7475 if (!req->sconn->using_smb2 &&
7476 br_lck && lp_blocking_locks(SNUM(conn)) &&
7477 lp_lock_spin_time() && !blocking_lock &&
7478 NT_STATUS_EQUAL((status),
7479 NT_STATUS_FILE_LOCK_CONFLICT))
7482 timeout = lp_lock_spin_time();
7485 if (br_lck && defer_lock) {
7487 * A blocking lock was requested. Package up
7488 * this smb into a queued request and push it
7489 * onto the blocking lock queue.
7491 if(push_blocking_lock_request(br_lck,
7502 TALLOC_FREE(br_lck);
7504 return NT_STATUS_OK;
7508 TALLOC_FREE(br_lck);
7511 if (!NT_STATUS_IS_OK(status)) {
7516 /* If any of the above locks failed, then we must unlock
7517 all of the previous locks (X/Open spec). */
7519 if (num_locks != 0 && !NT_STATUS_IS_OK(status)) {
7521 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7522 i = -1; /* we want to skip the for loop */
7526 * Ensure we don't do a remove on the lock that just failed,
7527 * as under POSIX rules, if we have a lock already there, we
7528 * will delete it (and we shouldn't) .....
7530 for(i--; i >= 0; i--) {
7531 struct smbd_lock_element *e = &locks[i];
7533 do_unlock(req->sconn->msg_ctx,
7543 DEBUG(3, ("smbd_do_locking: fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7544 fsp->fnum, (unsigned int)type, num_locks, num_ulocks));
7546 return NT_STATUS_OK;
7549 /****************************************************************************
7550 Reply to a lockingX request.
7551 ****************************************************************************/
7553 void reply_lockingX(struct smb_request *req)
7555 connection_struct *conn = req->conn;
7557 unsigned char locktype;
7558 unsigned char oplocklevel;
7563 const uint8_t *data;
7564 bool large_file_format;
7566 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
7567 struct smbd_lock_element *ulocks;
7568 struct smbd_lock_element *locks;
7571 START_PROFILE(SMBlockingX);
7574 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7575 END_PROFILE(SMBlockingX);
7579 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
7580 locktype = CVAL(req->vwv+3, 0);
7581 oplocklevel = CVAL(req->vwv+3, 1);
7582 num_ulocks = SVAL(req->vwv+6, 0);
7583 num_locks = SVAL(req->vwv+7, 0);
7584 lock_timeout = IVAL(req->vwv+4, 0);
7585 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
7587 if (!check_fsp(conn, req, fsp)) {
7588 END_PROFILE(SMBlockingX);
7594 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
7595 /* we don't support these - and CANCEL_LOCK makes w2k
7596 and XP reboot so I don't really want to be
7597 compatible! (tridge) */
7598 reply_force_doserror(req, ERRDOS, ERRnoatomiclocks);
7599 END_PROFILE(SMBlockingX);
7603 /* Check if this is an oplock break on a file
7604 we have granted an oplock on.
7606 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
7607 /* Client can insist on breaking to none. */
7608 bool break_to_none = (oplocklevel == 0);
7611 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
7612 "for fnum = %d\n", (unsigned int)oplocklevel,
7616 * Make sure we have granted an exclusive or batch oplock on
7620 if (fsp->oplock_type == 0) {
7622 /* The Samba4 nbench simulator doesn't understand
7623 the difference between break to level2 and break
7624 to none from level2 - it sends oplock break
7625 replies in both cases. Don't keep logging an error
7626 message here - just ignore it. JRA. */
7628 DEBUG(5,("reply_lockingX: Error : oplock break from "
7629 "client for fnum = %d (oplock=%d) and no "
7630 "oplock granted on this file (%s).\n",
7631 fsp->fnum, fsp->oplock_type,
7634 /* if this is a pure oplock break request then don't
7636 if (num_locks == 0 && num_ulocks == 0) {
7637 END_PROFILE(SMBlockingX);
7640 END_PROFILE(SMBlockingX);
7641 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
7646 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
7648 result = remove_oplock(fsp);
7650 result = downgrade_oplock(fsp);
7654 DEBUG(0, ("reply_lockingX: error in removing "
7655 "oplock on file %s\n", fsp_str_dbg(fsp)));
7656 /* Hmmm. Is this panic justified? */
7657 smb_panic("internal tdb error");
7660 reply_to_oplock_break_requests(fsp);
7662 /* if this is a pure oplock break request then don't send a
7664 if (num_locks == 0 && num_ulocks == 0) {
7665 /* Sanity check - ensure a pure oplock break is not a
7667 if(CVAL(req->vwv+0, 0) != 0xff)
7668 DEBUG(0,("reply_lockingX: Error : pure oplock "
7669 "break is a chained %d request !\n",
7670 (unsigned int)CVAL(req->vwv+0, 0)));
7671 END_PROFILE(SMBlockingX);
7677 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
7678 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7679 END_PROFILE(SMBlockingX);
7683 ulocks = talloc_array(req, struct smbd_lock_element, num_ulocks);
7684 if (ulocks == NULL) {
7685 reply_nterror(req, NT_STATUS_NO_MEMORY);
7686 END_PROFILE(SMBlockingX);
7690 locks = talloc_array(req, struct smbd_lock_element, num_locks);
7691 if (locks == NULL) {
7692 reply_nterror(req, NT_STATUS_NO_MEMORY);
7693 END_PROFILE(SMBlockingX);
7697 /* Data now points at the beginning of the list
7698 of smb_unlkrng structs */
7699 for(i = 0; i < (int)num_ulocks; i++) {
7700 ulocks[i].smblctx = get_lock_pid(data, i, large_file_format);
7701 ulocks[i].count = get_lock_count(data, i, large_file_format);
7702 ulocks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7703 ulocks[i].brltype = UNLOCK_LOCK;
7706 * There is no error code marked "stupid client bug".... :-).
7709 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7710 END_PROFILE(SMBlockingX);
7715 /* Now do any requested locks */
7716 data += ((large_file_format ? 20 : 10)*num_ulocks);
7718 /* Data now points at the beginning of the list
7719 of smb_lkrng structs */
7721 for(i = 0; i < (int)num_locks; i++) {
7722 locks[i].smblctx = get_lock_pid(data, i, large_file_format);
7723 locks[i].count = get_lock_count(data, i, large_file_format);
7724 locks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7726 if (locktype & LOCKING_ANDX_SHARED_LOCK) {
7727 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7728 locks[i].brltype = PENDING_READ_LOCK;
7730 locks[i].brltype = READ_LOCK;
7733 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7734 locks[i].brltype = PENDING_WRITE_LOCK;
7736 locks[i].brltype = WRITE_LOCK;
7741 * There is no error code marked "stupid client bug".... :-).
7744 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7745 END_PROFILE(SMBlockingX);
7750 status = smbd_do_locking(req, fsp,
7751 locktype, lock_timeout,
7755 if (!NT_STATUS_IS_OK(status)) {
7756 END_PROFILE(SMBlockingX);
7757 reply_nterror(req, status);
7761 END_PROFILE(SMBlockingX);
7765 reply_outbuf(req, 2, 0);
7767 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7768 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7770 END_PROFILE(SMBlockingX);
7775 #define DBGC_CLASS DBGC_ALL
7777 /****************************************************************************
7778 Reply to a SMBreadbmpx (read block multiplex) request.
7779 Always reply with an error, if someone has a platform really needs this,
7780 please contact vl@samba.org
7781 ****************************************************************************/
7783 void reply_readbmpx(struct smb_request *req)
7785 START_PROFILE(SMBreadBmpx);
7786 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7787 END_PROFILE(SMBreadBmpx);
7791 /****************************************************************************
7792 Reply to a SMBreadbs (read block multiplex secondary) request.
7793 Always reply with an error, if someone has a platform really needs this,
7794 please contact vl@samba.org
7795 ****************************************************************************/
7797 void reply_readbs(struct smb_request *req)
7799 START_PROFILE(SMBreadBs);
7800 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7801 END_PROFILE(SMBreadBs);
7805 /****************************************************************************
7806 Reply to a SMBsetattrE.
7807 ****************************************************************************/
7809 void reply_setattrE(struct smb_request *req)
7811 connection_struct *conn = req->conn;
7812 struct smb_file_time ft;
7816 START_PROFILE(SMBsetattrE);
7820 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7824 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7826 if(!fsp || (fsp->conn != conn)) {
7827 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7832 * Convert the DOS times into unix times.
7835 ft.atime = convert_time_t_to_timespec(
7836 srv_make_unix_date2(req->vwv+3));
7837 ft.mtime = convert_time_t_to_timespec(
7838 srv_make_unix_date2(req->vwv+5));
7839 ft.create_time = convert_time_t_to_timespec(
7840 srv_make_unix_date2(req->vwv+1));
7842 reply_outbuf(req, 0, 0);
7845 * Patch from Ray Frush <frush@engr.colostate.edu>
7846 * Sometimes times are sent as zero - ignore them.
7849 /* Ensure we have a valid stat struct for the source. */
7850 status = vfs_stat_fsp(fsp);
7851 if (!NT_STATUS_IS_OK(status)) {
7852 reply_nterror(req, status);
7856 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &ft, true);
7857 if (!NT_STATUS_IS_OK(status)) {
7858 reply_nterror(req, status);
7862 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7865 (unsigned int)ft.atime.tv_sec,
7866 (unsigned int)ft.mtime.tv_sec,
7867 (unsigned int)ft.create_time.tv_sec
7870 END_PROFILE(SMBsetattrE);
7875 /* Back from the dead for OS/2..... JRA. */
7877 /****************************************************************************
7878 Reply to a SMBwritebmpx (write block multiplex primary) request.
7879 Always reply with an error, if someone has a platform really needs this,
7880 please contact vl@samba.org
7881 ****************************************************************************/
7883 void reply_writebmpx(struct smb_request *req)
7885 START_PROFILE(SMBwriteBmpx);
7886 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7887 END_PROFILE(SMBwriteBmpx);
7891 /****************************************************************************
7892 Reply to a SMBwritebs (write block multiplex secondary) request.
7893 Always reply with an error, if someone has a platform really needs this,
7894 please contact vl@samba.org
7895 ****************************************************************************/
7897 void reply_writebs(struct smb_request *req)
7899 START_PROFILE(SMBwriteBs);
7900 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7901 END_PROFILE(SMBwriteBs);
7905 /****************************************************************************
7906 Reply to a SMBgetattrE.
7907 ****************************************************************************/
7909 void reply_getattrE(struct smb_request *req)
7911 connection_struct *conn = req->conn;
7914 struct timespec create_ts;
7916 START_PROFILE(SMBgetattrE);
7919 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7920 END_PROFILE(SMBgetattrE);
7924 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7926 if(!fsp || (fsp->conn != conn)) {
7927 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7928 END_PROFILE(SMBgetattrE);
7932 /* Do an fstat on this file */
7934 reply_nterror(req, map_nt_error_from_unix(errno));
7935 END_PROFILE(SMBgetattrE);
7939 mode = dos_mode(conn, fsp->fsp_name);
7942 * Convert the times into dos times. Set create
7943 * date to be last modify date as UNIX doesn't save
7947 reply_outbuf(req, 11, 0);
7949 create_ts = get_create_timespec(conn, fsp, fsp->fsp_name);
7950 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7951 srv_put_dos_date2((char *)req->outbuf, smb_vwv2,
7952 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_atime));
7953 /* Should we check pending modtime here ? JRA */
7954 srv_put_dos_date2((char *)req->outbuf, smb_vwv4,
7955 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_mtime));
7958 SIVAL(req->outbuf, smb_vwv6, 0);
7959 SIVAL(req->outbuf, smb_vwv8, 0);
7961 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &fsp->fsp_name->st);
7962 SIVAL(req->outbuf, smb_vwv6, (uint32)fsp->fsp_name->st.st_ex_size);
7963 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7965 SSVAL(req->outbuf,smb_vwv10, mode);
7967 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7969 END_PROFILE(SMBgetattrE);
git.samba.org / obnox / samba / samba-obnox.git / blob