2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 #include "smbd/globals.h"
30 #include "fake_file.h"
31 #include "../librpc/gen_ndr/cli_spoolss.h"
32 #include "rpc_client/cli_spoolss.h"
33 #include "rpc_client/init_spoolss.h"
34 #include "rpc_server/rpc_ncacn_np.h"
35 #include "libcli/security/security.h"
37 /****************************************************************************
38 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
39 path or anything including wildcards.
40 We're assuming here that '/' is not the second byte in any multibyte char
41 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
43 ****************************************************************************/
45 /* Custom version for processing POSIX paths. */
46 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
48 static NTSTATUS check_path_syntax_internal(char *path,
50 bool *p_last_component_contains_wcard)
54 NTSTATUS ret = NT_STATUS_OK;
55 bool start_of_name_component = True;
56 bool stream_started = false;
58 *p_last_component_contains_wcard = False;
65 return NT_STATUS_OBJECT_NAME_INVALID;
68 return NT_STATUS_OBJECT_NAME_INVALID;
70 if (strchr_m(&s[1], ':')) {
71 return NT_STATUS_OBJECT_NAME_INVALID;
77 if ((*s == ':') && !posix_path && !stream_started) {
78 if (*p_last_component_contains_wcard) {
79 return NT_STATUS_OBJECT_NAME_INVALID;
81 /* Stream names allow more characters than file names.
82 We're overloading posix_path here to allow a wider
83 range of characters. If stream_started is true this
84 is still a Windows path even if posix_path is true.
87 stream_started = true;
88 start_of_name_component = false;
92 return NT_STATUS_OBJECT_NAME_INVALID;
96 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
98 * Safe to assume is not the second part of a mb char
99 * as this is handled below.
101 /* Eat multiple '/' or '\\' */
102 while (IS_PATH_SEP(*s,posix_path)) {
105 if ((d != path) && (*s != '\0')) {
106 /* We only care about non-leading or trailing '/' or '\\' */
110 start_of_name_component = True;
112 *p_last_component_contains_wcard = False;
116 if (start_of_name_component) {
117 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
118 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
121 * No mb char starts with '.' so we're safe checking the directory separator here.
124 /* If we just added a '/' - delete it */
125 if ((d > path) && (*(d-1) == '/')) {
130 /* Are we at the start ? Can't go back further if so. */
132 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
135 /* Go back one level... */
136 /* We know this is safe as '/' cannot be part of a mb sequence. */
137 /* NOTE - if this assumption is invalid we are not in good shape... */
138 /* Decrement d first as d points to the *next* char to write into. */
139 for (d--; d > path; d--) {
143 s += 2; /* Else go past the .. */
144 /* We're still at the start of a name component, just the previous one. */
147 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
159 if (*s <= 0x1f || *s == '|') {
160 return NT_STATUS_OBJECT_NAME_INVALID;
168 *p_last_component_contains_wcard = True;
177 /* Get the size of the next MB character. */
178 next_codepoint(s,&siz);
196 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
198 return NT_STATUS_INVALID_PARAMETER;
201 start_of_name_component = False;
209 /****************************************************************************
210 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
211 No wildcards allowed.
212 ****************************************************************************/
214 NTSTATUS check_path_syntax(char *path)
217 return check_path_syntax_internal(path, False, &ignore);
220 /****************************************************************************
221 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
222 Wildcards allowed - p_contains_wcard returns true if the last component contained
224 ****************************************************************************/
226 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
228 return check_path_syntax_internal(path, False, p_contains_wcard);
231 /****************************************************************************
232 Check the path for a POSIX client.
233 We're assuming here that '/' is not the second byte in any multibyte char
234 set (a safe assumption).
235 ****************************************************************************/
237 NTSTATUS check_path_syntax_posix(char *path)
240 return check_path_syntax_internal(path, True, &ignore);
243 /****************************************************************************
244 Pull a string and check the path allowing a wilcard - provide for error return.
245 ****************************************************************************/
247 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
248 const char *base_ptr,
255 bool *contains_wcard)
261 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
265 *err = NT_STATUS_INVALID_PARAMETER;
269 *contains_wcard = False;
271 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
273 * For a DFS path the function parse_dfs_path()
274 * will do the path processing, just make a copy.
280 if (lp_posix_pathnames()) {
281 *err = check_path_syntax_posix(*pp_dest);
283 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
289 /****************************************************************************
290 Pull a string and check the path - provide for error return.
291 ****************************************************************************/
293 size_t srvstr_get_path(TALLOC_CTX *ctx,
294 const char *base_ptr,
303 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
304 src_len, flags, err, &ignore);
307 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
308 char **pp_dest, const char *src, int flags,
309 NTSTATUS *err, bool *contains_wcard)
311 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
312 pp_dest, src, smbreq_bufrem(req, src),
313 flags, err, contains_wcard);
316 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
317 char **pp_dest, const char *src, int flags,
321 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
322 flags, err, &ignore);
325 /****************************************************************************
326 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
327 ****************************************************************************/
329 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
332 if ((fsp == NULL) || (conn == NULL)) {
333 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
336 if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
337 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
343 /****************************************************************************
344 Check if we have a correct fsp pointing to a file.
345 ****************************************************************************/
347 bool check_fsp(connection_struct *conn, struct smb_request *req,
350 if (!check_fsp_open(conn, req, fsp)) {
353 if (fsp->is_directory) {
354 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
357 if (fsp->fh->fd == -1) {
358 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
361 fsp->num_smb_operations++;
365 /****************************************************************************
366 Check if we have a correct fsp pointing to a quota fake file. Replacement for
367 the CHECK_NTQUOTA_HANDLE_OK macro.
368 ****************************************************************************/
370 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
373 if (!check_fsp_open(conn, req, fsp)) {
377 if (fsp->is_directory) {
381 if (fsp->fake_file_handle == NULL) {
385 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
389 if (fsp->fake_file_handle->private_data == NULL) {
396 static bool netbios_session_retarget(struct smbd_server_connection *sconn,
397 const char *name, int name_type)
400 char *trim_name_type;
401 const char *retarget_parm;
404 int retarget_type = 0x20;
405 int retarget_port = 139;
406 struct sockaddr_storage retarget_addr;
407 struct sockaddr_in *in_addr;
411 if (get_socket_port(sconn->sock) != 139) {
415 trim_name = talloc_strdup(talloc_tos(), name);
416 if (trim_name == NULL) {
419 trim_char(trim_name, ' ', ' ');
421 trim_name_type = talloc_asprintf(trim_name, "%s#%2.2x", trim_name,
423 if (trim_name_type == NULL) {
427 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
428 trim_name_type, NULL);
429 if (retarget_parm == NULL) {
430 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
433 if (retarget_parm == NULL) {
437 retarget = talloc_strdup(trim_name, retarget_parm);
438 if (retarget == NULL) {
442 DEBUG(10, ("retargeting %s to %s\n", trim_name_type, retarget));
444 p = strchr(retarget, ':');
447 retarget_port = atoi(p);
450 p = strchr_m(retarget, '#');
453 sscanf(p, "%x", &retarget_type);
456 ret = resolve_name(retarget, &retarget_addr, retarget_type, false);
458 DEBUG(10, ("could not resolve %s\n", retarget));
462 if (retarget_addr.ss_family != AF_INET) {
463 DEBUG(10, ("Retarget target not an IPv4 addr\n"));
467 in_addr = (struct sockaddr_in *)(void *)&retarget_addr;
469 _smb_setlen(outbuf, 6);
470 SCVAL(outbuf, 0, 0x84);
471 *(uint32_t *)(outbuf+4) = in_addr->sin_addr.s_addr;
472 *(uint16_t *)(outbuf+8) = htons(retarget_port);
474 if (!srv_send_smb(sconn, (char *)outbuf, false, 0, false,
476 exit_server_cleanly("netbios_session_regarget: srv_send_smb "
482 TALLOC_FREE(trim_name);
486 /****************************************************************************
487 Reply to a (netbios-level) special message.
488 ****************************************************************************/
490 void reply_special(struct smbd_server_connection *sconn, char *inbuf, size_t inbuf_size)
492 int msg_type = CVAL(inbuf,0);
493 int msg_flags = CVAL(inbuf,1);
495 * We only really use 4 bytes of the outbuf, but for the smb_setlen
496 * calculation & friends (srv_send_smb uses that) we need the full smb
499 char outbuf[smb_size];
501 memset(outbuf, '\0', sizeof(outbuf));
503 smb_setlen(outbuf,0);
506 case 0x81: /* session request */
508 /* inbuf_size is guarenteed to be at least 4. */
510 int name_type1, name_type2;
511 int name_len1, name_len2;
515 if (sconn->nbt.got_session) {
516 exit_server_cleanly("multiple session request not permitted");
519 SCVAL(outbuf,0,0x82);
522 /* inbuf_size is guaranteed to be at least 4. */
523 name_len1 = name_len((unsigned char *)(inbuf+4),inbuf_size - 4);
524 if (name_len1 <= 0 || name_len1 > inbuf_size - 4) {
525 DEBUG(0,("Invalid name length in session request\n"));
528 name_len2 = name_len((unsigned char *)(inbuf+4+name_len1),inbuf_size - 4 - name_len1);
529 if (name_len2 <= 0 || name_len2 > inbuf_size - 4 - name_len1) {
530 DEBUG(0,("Invalid name length in session request\n"));
534 name_type1 = name_extract((unsigned char *)inbuf,
535 inbuf_size,(unsigned int)4,name1);
536 name_type2 = name_extract((unsigned char *)inbuf,
537 inbuf_size,(unsigned int)(4 + name_len1),name2);
539 if (name_type1 == -1 || name_type2 == -1) {
540 DEBUG(0,("Invalid name type in session request\n"));
544 DEBUG(2,("netbios connect: name1=%s0x%x name2=%s0x%x\n",
545 name1, name_type1, name2, name_type2));
547 if (netbios_session_retarget(sconn, name1, name_type1)) {
548 exit_server_cleanly("retargeted client");
552 * Windows NT/2k uses "*SMBSERVER" and XP uses
553 * "*SMBSERV" arrggg!!!
555 if (strequal(name1, "*SMBSERVER ")
556 || strequal(name1, "*SMBSERV ")) {
557 fstrcpy(name1, sconn->client_id.addr);
560 set_local_machine_name(name1, True);
561 set_remote_machine_name(name2, True);
563 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
564 get_local_machine_name(), get_remote_machine_name(),
567 if (name_type2 == 'R') {
568 /* We are being asked for a pathworks session ---
570 SCVAL(outbuf, 0,0x83);
574 /* only add the client's machine name to the list
575 of possibly valid usernames if we are operating
576 in share mode security */
577 if (lp_security() == SEC_SHARE) {
578 add_session_user(sconn, get_remote_machine_name());
581 reload_services(sconn->msg_ctx, sconn->sock, True);
584 sconn->nbt.got_session = true;
588 case 0x89: /* session keepalive request
589 (some old clients produce this?) */
590 SCVAL(outbuf,0,SMBkeepalive);
594 case 0x82: /* positive session response */
595 case 0x83: /* negative session response */
596 case 0x84: /* retarget session response */
597 DEBUG(0,("Unexpected session response\n"));
600 case SMBkeepalive: /* session keepalive */
605 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
606 msg_type, msg_flags));
608 srv_send_smb(sconn, outbuf, false, 0, false, NULL);
612 /****************************************************************************
614 conn POINTER CAN BE NULL HERE !
615 ****************************************************************************/
617 void reply_tcon(struct smb_request *req)
619 connection_struct *conn = req->conn;
621 char *service_buf = NULL;
622 char *password = NULL;
627 DATA_BLOB password_blob;
628 TALLOC_CTX *ctx = talloc_tos();
629 struct smbd_server_connection *sconn = req->sconn;
631 START_PROFILE(SMBtcon);
633 if (req->buflen < 4) {
634 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
635 END_PROFILE(SMBtcon);
639 p = (const char *)req->buf + 1;
640 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
642 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
644 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
647 if (service_buf == NULL || password == NULL || dev == NULL) {
648 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
649 END_PROFILE(SMBtcon);
652 p = strrchr_m(service_buf,'\\');
656 service = service_buf;
659 password_blob = data_blob(password, pwlen+1);
661 conn = make_connection(sconn,service,password_blob,dev,
662 req->vuid,&nt_status);
665 data_blob_clear_free(&password_blob);
668 reply_nterror(req, nt_status);
669 END_PROFILE(SMBtcon);
673 reply_outbuf(req, 2, 0);
674 SSVAL(req->outbuf,smb_vwv0,sconn->smb1.negprot.max_recv);
675 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
676 SSVAL(req->outbuf,smb_tid,conn->cnum);
678 DEBUG(3,("tcon service=%s cnum=%d\n",
679 service, conn->cnum));
681 END_PROFILE(SMBtcon);
685 /****************************************************************************
686 Reply to a tcon and X.
687 conn POINTER CAN BE NULL HERE !
688 ****************************************************************************/
690 void reply_tcon_and_X(struct smb_request *req)
692 connection_struct *conn = req->conn;
693 const char *service = NULL;
695 TALLOC_CTX *ctx = talloc_tos();
696 /* what the cleint thinks the device is */
697 char *client_devicetype = NULL;
698 /* what the server tells the client the share represents */
699 const char *server_devicetype;
705 struct smbd_server_connection *sconn = req->sconn;
707 START_PROFILE(SMBtconX);
710 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
711 END_PROFILE(SMBtconX);
715 passlen = SVAL(req->vwv+3, 0);
716 tcon_flags = SVAL(req->vwv+2, 0);
718 /* we might have to close an old one */
719 if ((tcon_flags & 0x1) && conn) {
720 close_cnum(conn,req->vuid);
725 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
726 reply_force_doserror(req, ERRDOS, ERRbuftoosmall);
727 END_PROFILE(SMBtconX);
731 if (sconn->smb1.negprot.encrypted_passwords) {
732 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
733 if (lp_security() == SEC_SHARE) {
735 * Security = share always has a pad byte
736 * after the password.
738 p = (const char *)req->buf + passlen + 1;
740 p = (const char *)req->buf + passlen;
743 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
744 /* Ensure correct termination */
745 password.data[passlen]=0;
746 p = (const char *)req->buf + passlen + 1;
749 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
752 data_blob_clear_free(&password);
753 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
754 END_PROFILE(SMBtconX);
759 * the service name can be either: \\server\share
760 * or share directly like on the DELL PowerVault 705
763 q = strchr_m(path+2,'\\');
765 data_blob_clear_free(&password);
766 reply_nterror(req, NT_STATUS_BAD_NETWORK_NAME);
767 END_PROFILE(SMBtconX);
775 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
776 &client_devicetype, p,
777 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
779 if (client_devicetype == NULL) {
780 data_blob_clear_free(&password);
781 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
782 END_PROFILE(SMBtconX);
786 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
788 conn = make_connection(sconn, service, password, client_devicetype,
789 req->vuid, &nt_status);
792 data_blob_clear_free(&password);
795 reply_nterror(req, nt_status);
796 END_PROFILE(SMBtconX);
801 server_devicetype = "IPC";
802 else if ( IS_PRINT(conn) )
803 server_devicetype = "LPT1:";
805 server_devicetype = "A:";
807 if (get_Protocol() < PROTOCOL_NT1) {
808 reply_outbuf(req, 2, 0);
809 if (message_push_string(&req->outbuf, server_devicetype,
810 STR_TERMINATE|STR_ASCII) == -1) {
811 reply_nterror(req, NT_STATUS_NO_MEMORY);
812 END_PROFILE(SMBtconX);
816 /* NT sets the fstype of IPC$ to the null string */
817 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
819 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
820 /* Return permissions. */
824 reply_outbuf(req, 7, 0);
827 perm1 = FILE_ALL_ACCESS;
828 perm2 = FILE_ALL_ACCESS;
830 perm1 = CAN_WRITE(conn) ?
835 SIVAL(req->outbuf, smb_vwv3, perm1);
836 SIVAL(req->outbuf, smb_vwv5, perm2);
838 reply_outbuf(req, 3, 0);
841 if ((message_push_string(&req->outbuf, server_devicetype,
842 STR_TERMINATE|STR_ASCII) == -1)
843 || (message_push_string(&req->outbuf, fstype,
844 STR_TERMINATE) == -1)) {
845 reply_nterror(req, NT_STATUS_NO_MEMORY);
846 END_PROFILE(SMBtconX);
850 /* what does setting this bit do? It is set by NT4 and
851 may affect the ability to autorun mounted cdroms */
852 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
853 (lp_csc_policy(SNUM(conn)) << 2));
855 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
856 DEBUG(2,("Serving %s as a Dfs root\n",
857 lp_servicename(SNUM(conn)) ));
858 SSVAL(req->outbuf, smb_vwv2,
859 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
864 DEBUG(3,("tconX service=%s \n",
867 /* set the incoming and outgoing tid to the just created one */
868 SSVAL(req->inbuf,smb_tid,conn->cnum);
869 SSVAL(req->outbuf,smb_tid,conn->cnum);
871 END_PROFILE(SMBtconX);
873 req->tid = conn->cnum;
878 /****************************************************************************
879 Reply to an unknown type.
880 ****************************************************************************/
882 void reply_unknown_new(struct smb_request *req, uint8 type)
884 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
885 smb_fn_name(type), type, type));
886 reply_force_doserror(req, ERRSRV, ERRunknownsmb);
890 /****************************************************************************
892 conn POINTER CAN BE NULL HERE !
893 ****************************************************************************/
895 void reply_ioctl(struct smb_request *req)
897 connection_struct *conn = req->conn;
904 START_PROFILE(SMBioctl);
907 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
908 END_PROFILE(SMBioctl);
912 device = SVAL(req->vwv+1, 0);
913 function = SVAL(req->vwv+2, 0);
914 ioctl_code = (device << 16) + function;
916 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
918 switch (ioctl_code) {
919 case IOCTL_QUERY_JOB_INFO:
923 reply_force_doserror(req, ERRSRV, ERRnosupport);
924 END_PROFILE(SMBioctl);
928 reply_outbuf(req, 8, replysize+1);
929 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
930 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
931 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
932 p = smb_buf(req->outbuf);
933 memset(p, '\0', replysize+1); /* valgrind-safe. */
934 p += 1; /* Allow for alignment */
936 switch (ioctl_code) {
937 case IOCTL_QUERY_JOB_INFO:
939 files_struct *fsp = file_fsp(
940 req, SVAL(req->vwv+0, 0));
942 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
943 END_PROFILE(SMBioctl);
947 if (fsp->print_file) {
948 SSVAL(p, 0, fsp->print_file->rap_jobid);
952 srvstr_push((char *)req->outbuf, req->flags2, p+2,
954 STR_TERMINATE|STR_ASCII);
956 srvstr_push((char *)req->outbuf, req->flags2,
957 p+18, lp_servicename(SNUM(conn)),
958 13, STR_TERMINATE|STR_ASCII);
966 END_PROFILE(SMBioctl);
970 /****************************************************************************
971 Strange checkpath NTSTATUS mapping.
972 ****************************************************************************/
974 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
976 /* Strange DOS error code semantics only for checkpath... */
977 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
978 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
979 /* We need to map to ERRbadpath */
980 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
986 /****************************************************************************
987 Reply to a checkpath.
988 ****************************************************************************/
990 void reply_checkpath(struct smb_request *req)
992 connection_struct *conn = req->conn;
993 struct smb_filename *smb_fname = NULL;
996 TALLOC_CTX *ctx = talloc_tos();
998 START_PROFILE(SMBcheckpath);
1000 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
1001 STR_TERMINATE, &status);
1003 if (!NT_STATUS_IS_OK(status)) {
1004 status = map_checkpath_error(req->flags2, status);
1005 reply_nterror(req, status);
1006 END_PROFILE(SMBcheckpath);
1010 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
1012 status = filename_convert(ctx,
1014 req->flags2 & FLAGS2_DFS_PATHNAMES,
1020 if (!NT_STATUS_IS_OK(status)) {
1021 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1022 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1023 ERRSRV, ERRbadpath);
1024 END_PROFILE(SMBcheckpath);
1030 if (!VALID_STAT(smb_fname->st) &&
1031 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1032 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",
1033 smb_fname_str_dbg(smb_fname), strerror(errno)));
1034 status = map_nt_error_from_unix(errno);
1038 if (!S_ISDIR(smb_fname->st.st_ex_mode)) {
1039 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
1040 ERRDOS, ERRbadpath);
1044 reply_outbuf(req, 0, 0);
1047 /* We special case this - as when a Windows machine
1048 is parsing a path is steps through the components
1049 one at a time - if a component fails it expects
1050 ERRbadpath, not ERRbadfile.
1052 status = map_checkpath_error(req->flags2, status);
1053 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1055 * Windows returns different error codes if
1056 * the parent directory is valid but not the
1057 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
1058 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
1059 * if the path is invalid.
1061 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
1062 ERRDOS, ERRbadpath);
1066 reply_nterror(req, status);
1069 TALLOC_FREE(smb_fname);
1070 END_PROFILE(SMBcheckpath);
1074 /****************************************************************************
1076 ****************************************************************************/
1078 void reply_getatr(struct smb_request *req)
1080 connection_struct *conn = req->conn;
1081 struct smb_filename *smb_fname = NULL;
1088 TALLOC_CTX *ctx = talloc_tos();
1089 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1091 START_PROFILE(SMBgetatr);
1093 p = (const char *)req->buf + 1;
1094 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1095 if (!NT_STATUS_IS_OK(status)) {
1096 reply_nterror(req, status);
1100 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1101 under WfWg - weird! */
1102 if (*fname == '\0') {
1103 mode = aHIDDEN | aDIR;
1104 if (!CAN_WRITE(conn)) {
1110 status = filename_convert(ctx,
1112 req->flags2 & FLAGS2_DFS_PATHNAMES,
1117 if (!NT_STATUS_IS_OK(status)) {
1118 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1119 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1120 ERRSRV, ERRbadpath);
1123 reply_nterror(req, status);
1126 if (!VALID_STAT(smb_fname->st) &&
1127 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1128 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",
1129 smb_fname_str_dbg(smb_fname),
1131 reply_nterror(req, map_nt_error_from_unix(errno));
1135 mode = dos_mode(conn, smb_fname);
1136 size = smb_fname->st.st_ex_size;
1138 if (ask_sharemode) {
1139 struct timespec write_time_ts;
1140 struct file_id fileid;
1142 ZERO_STRUCT(write_time_ts);
1143 fileid = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1144 get_file_infos(fileid, NULL, &write_time_ts);
1145 if (!null_timespec(write_time_ts)) {
1146 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1150 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1156 reply_outbuf(req, 10, 0);
1158 SSVAL(req->outbuf,smb_vwv0,mode);
1159 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1160 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1162 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1164 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1166 if (get_Protocol() >= PROTOCOL_NT1) {
1167 SSVAL(req->outbuf, smb_flg2,
1168 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1171 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n",
1172 smb_fname_str_dbg(smb_fname), mode, (unsigned int)size));
1175 TALLOC_FREE(smb_fname);
1177 END_PROFILE(SMBgetatr);
1181 /****************************************************************************
1183 ****************************************************************************/
1185 void reply_setatr(struct smb_request *req)
1187 struct smb_file_time ft;
1188 connection_struct *conn = req->conn;
1189 struct smb_filename *smb_fname = NULL;
1195 TALLOC_CTX *ctx = talloc_tos();
1197 START_PROFILE(SMBsetatr);
1202 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1206 p = (const char *)req->buf + 1;
1207 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1208 if (!NT_STATUS_IS_OK(status)) {
1209 reply_nterror(req, status);
1213 status = filename_convert(ctx,
1215 req->flags2 & FLAGS2_DFS_PATHNAMES,
1220 if (!NT_STATUS_IS_OK(status)) {
1221 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1222 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1223 ERRSRV, ERRbadpath);
1226 reply_nterror(req, status);
1230 if (smb_fname->base_name[0] == '.' &&
1231 smb_fname->base_name[1] == '\0') {
1233 * Not sure here is the right place to catch this
1234 * condition. Might be moved to somewhere else later -- vl
1236 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1240 mode = SVAL(req->vwv+0, 0);
1241 mtime = srv_make_unix_date3(req->vwv+1);
1243 ft.mtime = convert_time_t_to_timespec(mtime);
1244 status = smb_set_file_time(conn, NULL, smb_fname, &ft, true);
1245 if (!NT_STATUS_IS_OK(status)) {
1246 reply_nterror(req, status);
1250 if (mode != FILE_ATTRIBUTE_NORMAL) {
1251 if (VALID_STAT_OF_DIR(smb_fname->st))
1256 if (file_set_dosmode(conn, smb_fname, mode, NULL,
1258 reply_nterror(req, map_nt_error_from_unix(errno));
1263 reply_outbuf(req, 0, 0);
1265 DEBUG(3, ("setatr name=%s mode=%d\n", smb_fname_str_dbg(smb_fname),
1268 TALLOC_FREE(smb_fname);
1269 END_PROFILE(SMBsetatr);
1273 /****************************************************************************
1275 ****************************************************************************/
1277 void reply_dskattr(struct smb_request *req)
1279 connection_struct *conn = req->conn;
1280 uint64_t dfree,dsize,bsize;
1281 START_PROFILE(SMBdskattr);
1283 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1284 reply_nterror(req, map_nt_error_from_unix(errno));
1285 END_PROFILE(SMBdskattr);
1289 reply_outbuf(req, 5, 0);
1291 if (get_Protocol() <= PROTOCOL_LANMAN2) {
1292 double total_space, free_space;
1293 /* we need to scale this to a number that DOS6 can handle. We
1294 use floating point so we can handle large drives on systems
1295 that don't have 64 bit integers
1297 we end up displaying a maximum of 2G to DOS systems
1299 total_space = dsize * (double)bsize;
1300 free_space = dfree * (double)bsize;
1302 dsize = (uint64_t)((total_space+63*512) / (64*512));
1303 dfree = (uint64_t)((free_space+63*512) / (64*512));
1305 if (dsize > 0xFFFF) dsize = 0xFFFF;
1306 if (dfree > 0xFFFF) dfree = 0xFFFF;
1308 SSVAL(req->outbuf,smb_vwv0,dsize);
1309 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1310 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1311 SSVAL(req->outbuf,smb_vwv3,dfree);
1313 SSVAL(req->outbuf,smb_vwv0,dsize);
1314 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1315 SSVAL(req->outbuf,smb_vwv2,512);
1316 SSVAL(req->outbuf,smb_vwv3,dfree);
1319 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1321 END_PROFILE(SMBdskattr);
1326 * Utility function to split the filename from the directory.
1328 static NTSTATUS split_fname_dir_mask(TALLOC_CTX *ctx, const char *fname_in,
1329 char **fname_dir_out,
1330 char **fname_mask_out)
1332 const char *p = NULL;
1333 char *fname_dir = NULL;
1334 char *fname_mask = NULL;
1336 p = strrchr_m(fname_in, '/');
1338 fname_dir = talloc_strdup(ctx, ".");
1339 fname_mask = talloc_strdup(ctx, fname_in);
1341 fname_dir = talloc_strndup(ctx, fname_in,
1342 PTR_DIFF(p, fname_in));
1343 fname_mask = talloc_strdup(ctx, p+1);
1346 if (!fname_dir || !fname_mask) {
1347 TALLOC_FREE(fname_dir);
1348 TALLOC_FREE(fname_mask);
1349 return NT_STATUS_NO_MEMORY;
1352 *fname_dir_out = fname_dir;
1353 *fname_mask_out = fname_mask;
1354 return NT_STATUS_OK;
1357 /****************************************************************************
1359 Can be called from SMBsearch, SMBffirst or SMBfunique.
1360 ****************************************************************************/
1362 void reply_search(struct smb_request *req)
1364 connection_struct *conn = req->conn;
1366 const char *mask = NULL;
1367 char *directory = NULL;
1368 struct smb_filename *smb_fname = NULL;
1372 struct timespec date;
1374 unsigned int numentries = 0;
1375 unsigned int maxentries = 0;
1376 bool finished = False;
1381 bool check_descend = False;
1382 bool expect_close = False;
1384 bool mask_contains_wcard = False;
1385 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1386 TALLOC_CTX *ctx = talloc_tos();
1387 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1388 struct dptr_struct *dirptr = NULL;
1389 struct smbd_server_connection *sconn = req->sconn;
1391 START_PROFILE(SMBsearch);
1394 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1398 if (lp_posix_pathnames()) {
1399 reply_unknown_new(req, req->cmd);
1403 /* If we were called as SMBffirst then we must expect close. */
1404 if(req->cmd == SMBffirst) {
1405 expect_close = True;
1408 reply_outbuf(req, 1, 3);
1409 maxentries = SVAL(req->vwv+0, 0);
1410 dirtype = SVAL(req->vwv+1, 0);
1411 p = (const char *)req->buf + 1;
1412 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1413 &nt_status, &mask_contains_wcard);
1414 if (!NT_STATUS_IS_OK(nt_status)) {
1415 reply_nterror(req, nt_status);
1420 status_len = SVAL(p, 0);
1423 /* dirtype &= ~aDIR; */
1425 if (status_len == 0) {
1426 nt_status = filename_convert(ctx, conn,
1427 req->flags2 & FLAGS2_DFS_PATHNAMES,
1429 UCF_ALWAYS_ALLOW_WCARD_LCOMP,
1430 &mask_contains_wcard,
1432 if (!NT_STATUS_IS_OK(nt_status)) {
1433 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1434 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1435 ERRSRV, ERRbadpath);
1438 reply_nterror(req, nt_status);
1442 directory = smb_fname->base_name;
1444 p = strrchr_m(directory,'/');
1445 if ((p != NULL) && (*directory != '/')) {
1447 directory = talloc_strndup(ctx, directory,
1448 PTR_DIFF(p, directory));
1451 directory = talloc_strdup(ctx,".");
1455 reply_nterror(req, NT_STATUS_NO_MEMORY);
1459 memset((char *)status,'\0',21);
1460 SCVAL(status,0,(dirtype & 0x1F));
1462 nt_status = dptr_create(conn,
1468 mask_contains_wcard,
1471 if (!NT_STATUS_IS_OK(nt_status)) {
1472 reply_nterror(req, nt_status);
1475 dptr_num = dptr_dnum(dirptr);
1478 const char *dirpath;
1480 memcpy(status,p,21);
1481 status_dirtype = CVAL(status,0) & 0x1F;
1482 if (status_dirtype != (dirtype & 0x1F)) {
1483 dirtype = status_dirtype;
1486 dirptr = dptr_fetch(sconn, status+12,&dptr_num);
1490 dirpath = dptr_path(sconn, dptr_num);
1491 directory = talloc_strdup(ctx, dirpath);
1493 reply_nterror(req, NT_STATUS_NO_MEMORY);
1497 mask = dptr_wcard(sconn, dptr_num);
1502 * For a 'continue' search we have no string. So
1503 * check from the initial saved string.
1505 mask_contains_wcard = ms_has_wild(mask);
1506 dirtype = dptr_attr(sconn, dptr_num);
1509 DEBUG(4,("dptr_num is %d\n",dptr_num));
1511 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1512 dptr_init_search_op(dirptr);
1514 if ((dirtype&0x1F) == aVOLID) {
1515 char buf[DIR_STRUCT_SIZE];
1516 memcpy(buf,status,21);
1517 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1518 0,aVOLID,0,!allow_long_path_components)) {
1519 reply_nterror(req, NT_STATUS_NO_MEMORY);
1522 dptr_fill(sconn, buf+12,dptr_num);
1523 if (dptr_zero(buf+12) && (status_len==0)) {
1528 if (message_push_blob(&req->outbuf,
1529 data_blob_const(buf, sizeof(buf)))
1531 reply_nterror(req, NT_STATUS_NO_MEMORY);
1539 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1542 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1543 directory,lp_dontdescend(SNUM(conn))));
1544 if (in_list(directory, lp_dontdescend(SNUM(conn)),True)) {
1545 check_descend = True;
1548 for (i=numentries;(i<maxentries) && !finished;i++) {
1549 finished = !get_dir_entry(ctx,
1560 char buf[DIR_STRUCT_SIZE];
1561 memcpy(buf,status,21);
1562 if (!make_dir_struct(ctx,
1568 convert_timespec_to_time_t(date),
1569 !allow_long_path_components)) {
1570 reply_nterror(req, NT_STATUS_NO_MEMORY);
1573 if (!dptr_fill(sconn, buf+12,dptr_num)) {
1576 if (message_push_blob(&req->outbuf,
1577 data_blob_const(buf, sizeof(buf)))
1579 reply_nterror(req, NT_STATUS_NO_MEMORY);
1589 /* If we were called as SMBffirst with smb_search_id == NULL
1590 and no entries were found then return error and close dirptr
1593 if (numentries == 0) {
1594 dptr_close(sconn, &dptr_num);
1595 } else if(expect_close && status_len == 0) {
1596 /* Close the dptr - we know it's gone */
1597 dptr_close(sconn, &dptr_num);
1600 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1601 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1602 dptr_close(sconn, &dptr_num);
1605 if ((numentries == 0) && !mask_contains_wcard) {
1606 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1610 SSVAL(req->outbuf,smb_vwv0,numentries);
1611 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1612 SCVAL(smb_buf(req->outbuf),0,5);
1613 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1615 /* The replies here are never long name. */
1616 SSVAL(req->outbuf, smb_flg2,
1617 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1618 if (!allow_long_path_components) {
1619 SSVAL(req->outbuf, smb_flg2,
1620 SVAL(req->outbuf, smb_flg2)
1621 & (~FLAGS2_LONG_PATH_COMPONENTS));
1624 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1625 SSVAL(req->outbuf, smb_flg2,
1626 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1628 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1629 smb_fn_name(req->cmd),
1636 TALLOC_FREE(directory);
1637 TALLOC_FREE(smb_fname);
1638 END_PROFILE(SMBsearch);
1642 /****************************************************************************
1643 Reply to a fclose (stop directory search).
1644 ****************************************************************************/
1646 void reply_fclose(struct smb_request *req)
1654 bool path_contains_wcard = False;
1655 TALLOC_CTX *ctx = talloc_tos();
1656 struct smbd_server_connection *sconn = req->sconn;
1658 START_PROFILE(SMBfclose);
1660 if (lp_posix_pathnames()) {
1661 reply_unknown_new(req, req->cmd);
1662 END_PROFILE(SMBfclose);
1666 p = (const char *)req->buf + 1;
1667 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1668 &err, &path_contains_wcard);
1669 if (!NT_STATUS_IS_OK(err)) {
1670 reply_nterror(req, err);
1671 END_PROFILE(SMBfclose);
1675 status_len = SVAL(p,0);
1678 if (status_len == 0) {
1679 reply_force_doserror(req, ERRSRV, ERRsrverror);
1680 END_PROFILE(SMBfclose);
1684 memcpy(status,p,21);
1686 if(dptr_fetch(sconn, status+12,&dptr_num)) {
1687 /* Close the dptr - we know it's gone */
1688 dptr_close(sconn, &dptr_num);
1691 reply_outbuf(req, 1, 0);
1692 SSVAL(req->outbuf,smb_vwv0,0);
1694 DEBUG(3,("search close\n"));
1696 END_PROFILE(SMBfclose);
1700 /****************************************************************************
1702 ****************************************************************************/
1704 void reply_open(struct smb_request *req)
1706 connection_struct *conn = req->conn;
1707 struct smb_filename *smb_fname = NULL;
1719 uint32 create_disposition;
1720 uint32 create_options = 0;
1721 uint32_t private_flags = 0;
1723 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1724 TALLOC_CTX *ctx = talloc_tos();
1726 START_PROFILE(SMBopen);
1729 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1733 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1734 deny_mode = SVAL(req->vwv+0, 0);
1735 dos_attr = SVAL(req->vwv+1, 0);
1737 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1738 STR_TERMINATE, &status);
1739 if (!NT_STATUS_IS_OK(status)) {
1740 reply_nterror(req, status);
1744 status = filename_convert(ctx,
1746 req->flags2 & FLAGS2_DFS_PATHNAMES,
1751 if (!NT_STATUS_IS_OK(status)) {
1752 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1753 reply_botherror(req,
1754 NT_STATUS_PATH_NOT_COVERED,
1755 ERRSRV, ERRbadpath);
1758 reply_nterror(req, status);
1762 if (!map_open_params_to_ntcreate(smb_fname, deny_mode,
1763 OPENX_FILE_EXISTS_OPEN, &access_mask,
1764 &share_mode, &create_disposition,
1765 &create_options, &private_flags)) {
1766 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1770 status = SMB_VFS_CREATE_FILE(
1773 0, /* root_dir_fid */
1774 smb_fname, /* fname */
1775 access_mask, /* access_mask */
1776 share_mode, /* share_access */
1777 create_disposition, /* create_disposition*/
1778 create_options, /* create_options */
1779 dos_attr, /* file_attributes */
1780 oplock_request, /* oplock_request */
1781 0, /* allocation_size */
1788 if (!NT_STATUS_IS_OK(status)) {
1789 if (open_was_deferred(req->mid)) {
1790 /* We have re-scheduled this call. */
1793 reply_openerror(req, status);
1797 size = smb_fname->st.st_ex_size;
1798 fattr = dos_mode(conn, smb_fname);
1800 /* Deal with other possible opens having a modified
1802 if (ask_sharemode) {
1803 struct timespec write_time_ts;
1805 ZERO_STRUCT(write_time_ts);
1806 get_file_infos(fsp->file_id, NULL, &write_time_ts);
1807 if (!null_timespec(write_time_ts)) {
1808 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1812 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1815 DEBUG(3,("attempt to open a directory %s\n",
1817 close_file(req, fsp, ERROR_CLOSE);
1818 reply_botherror(req, NT_STATUS_ACCESS_DENIED,
1819 ERRDOS, ERRnoaccess);
1823 reply_outbuf(req, 7, 0);
1824 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1825 SSVAL(req->outbuf,smb_vwv1,fattr);
1826 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1827 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1829 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1831 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1832 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1834 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1835 SCVAL(req->outbuf,smb_flg,
1836 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1839 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1840 SCVAL(req->outbuf,smb_flg,
1841 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1844 TALLOC_FREE(smb_fname);
1845 END_PROFILE(SMBopen);
1849 /****************************************************************************
1850 Reply to an open and X.
1851 ****************************************************************************/
1853 void reply_open_and_X(struct smb_request *req)
1855 connection_struct *conn = req->conn;
1856 struct smb_filename *smb_fname = NULL;
1861 /* Breakout the oplock request bits so we can set the
1862 reply bits separately. */
1863 int ex_oplock_request;
1864 int core_oplock_request;
1867 int smb_sattr = SVAL(req->vwv+4, 0);
1868 uint32 smb_time = make_unix_date3(req->vwv+6);
1876 uint64_t allocation_size;
1877 ssize_t retval = -1;
1880 uint32 create_disposition;
1881 uint32 create_options = 0;
1882 uint32_t private_flags = 0;
1883 TALLOC_CTX *ctx = talloc_tos();
1885 START_PROFILE(SMBopenX);
1887 if (req->wct < 15) {
1888 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1892 open_flags = SVAL(req->vwv+2, 0);
1893 deny_mode = SVAL(req->vwv+3, 0);
1894 smb_attr = SVAL(req->vwv+5, 0);
1895 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1896 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1897 oplock_request = ex_oplock_request | core_oplock_request;
1898 smb_ofun = SVAL(req->vwv+8, 0);
1899 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1901 /* If it's an IPC, pass off the pipe handler. */
1903 if (lp_nt_pipe_support()) {
1904 reply_open_pipe_and_X(conn, req);
1906 reply_nterror(req, NT_STATUS_NETWORK_ACCESS_DENIED);
1911 /* XXXX we need to handle passed times, sattr and flags */
1912 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1913 STR_TERMINATE, &status);
1914 if (!NT_STATUS_IS_OK(status)) {
1915 reply_nterror(req, status);
1919 status = filename_convert(ctx,
1921 req->flags2 & FLAGS2_DFS_PATHNAMES,
1926 if (!NT_STATUS_IS_OK(status)) {
1927 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1928 reply_botherror(req,
1929 NT_STATUS_PATH_NOT_COVERED,
1930 ERRSRV, ERRbadpath);
1933 reply_nterror(req, status);
1937 if (!map_open_params_to_ntcreate(smb_fname, deny_mode, smb_ofun,
1938 &access_mask, &share_mode,
1939 &create_disposition,
1942 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1946 status = SMB_VFS_CREATE_FILE(
1949 0, /* root_dir_fid */
1950 smb_fname, /* fname */
1951 access_mask, /* access_mask */
1952 share_mode, /* share_access */
1953 create_disposition, /* create_disposition*/
1954 create_options, /* create_options */
1955 smb_attr, /* file_attributes */
1956 oplock_request, /* oplock_request */
1957 0, /* allocation_size */
1962 &smb_action); /* pinfo */
1964 if (!NT_STATUS_IS_OK(status)) {
1965 if (open_was_deferred(req->mid)) {
1966 /* We have re-scheduled this call. */
1969 reply_openerror(req, status);
1973 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1974 if the file is truncated or created. */
1975 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1976 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1977 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1978 close_file(req, fsp, ERROR_CLOSE);
1979 reply_nterror(req, NT_STATUS_DISK_FULL);
1982 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1984 close_file(req, fsp, ERROR_CLOSE);
1985 reply_nterror(req, NT_STATUS_DISK_FULL);
1988 smb_fname->st.st_ex_size =
1989 SMB_VFS_GET_ALLOC_SIZE(conn, fsp, &smb_fname->st);
1992 fattr = dos_mode(conn, smb_fname);
1993 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1995 close_file(req, fsp, ERROR_CLOSE);
1996 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
2000 /* If the caller set the extended oplock request bit
2001 and we granted one (by whatever means) - set the
2002 correct bit for extended oplock reply.
2005 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2006 smb_action |= EXTENDED_OPLOCK_GRANTED;
2009 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2010 smb_action |= EXTENDED_OPLOCK_GRANTED;
2013 /* If the caller set the core oplock request bit
2014 and we granted one (by whatever means) - set the
2015 correct bit for core oplock reply.
2018 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2019 reply_outbuf(req, 19, 0);
2021 reply_outbuf(req, 15, 0);
2024 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2025 SCVAL(req->outbuf, smb_flg,
2026 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2029 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2030 SCVAL(req->outbuf, smb_flg,
2031 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2034 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
2035 SSVAL(req->outbuf,smb_vwv3,fattr);
2036 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
2037 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
2039 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
2041 SIVAL(req->outbuf,smb_vwv6,(uint32)smb_fname->st.st_ex_size);
2042 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
2043 SSVAL(req->outbuf,smb_vwv11,smb_action);
2045 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2046 SIVAL(req->outbuf, smb_vwv15, SEC_STD_ALL);
2051 TALLOC_FREE(smb_fname);
2052 END_PROFILE(SMBopenX);
2056 /****************************************************************************
2057 Reply to a SMBulogoffX.
2058 ****************************************************************************/
2060 void reply_ulogoffX(struct smb_request *req)
2062 struct smbd_server_connection *sconn = req->sconn;
2065 START_PROFILE(SMBulogoffX);
2067 vuser = get_valid_user_struct(sconn, req->vuid);
2070 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
2074 /* in user level security we are supposed to close any files
2075 open by this user */
2076 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
2077 file_close_user(sconn, req->vuid);
2080 invalidate_vuid(sconn, req->vuid);
2082 reply_outbuf(req, 2, 0);
2084 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
2086 END_PROFILE(SMBulogoffX);
2087 req->vuid = UID_FIELD_INVALID;
2091 /****************************************************************************
2092 Reply to a mknew or a create.
2093 ****************************************************************************/
2095 void reply_mknew(struct smb_request *req)
2097 connection_struct *conn = req->conn;
2098 struct smb_filename *smb_fname = NULL;
2101 struct smb_file_time ft;
2103 int oplock_request = 0;
2105 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
2106 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
2107 uint32 create_disposition;
2108 uint32 create_options = 0;
2109 TALLOC_CTX *ctx = talloc_tos();
2111 START_PROFILE(SMBcreate);
2115 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2119 fattr = SVAL(req->vwv+0, 0);
2120 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2123 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
2125 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
2126 STR_TERMINATE, &status);
2127 if (!NT_STATUS_IS_OK(status)) {
2128 reply_nterror(req, status);
2132 status = filename_convert(ctx,
2134 req->flags2 & FLAGS2_DFS_PATHNAMES,
2139 if (!NT_STATUS_IS_OK(status)) {
2140 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2141 reply_botherror(req,
2142 NT_STATUS_PATH_NOT_COVERED,
2143 ERRSRV, ERRbadpath);
2146 reply_nterror(req, status);
2150 if (fattr & aVOLID) {
2151 DEBUG(0,("Attempt to create file (%s) with volid set - "
2152 "please report this\n",
2153 smb_fname_str_dbg(smb_fname)));
2156 if(req->cmd == SMBmknew) {
2157 /* We should fail if file exists. */
2158 create_disposition = FILE_CREATE;
2160 /* Create if file doesn't exist, truncate if it does. */
2161 create_disposition = FILE_OVERWRITE_IF;
2164 status = SMB_VFS_CREATE_FILE(
2167 0, /* root_dir_fid */
2168 smb_fname, /* fname */
2169 access_mask, /* access_mask */
2170 share_mode, /* share_access */
2171 create_disposition, /* create_disposition*/
2172 create_options, /* create_options */
2173 fattr, /* file_attributes */
2174 oplock_request, /* oplock_request */
2175 0, /* allocation_size */
2176 0, /* private_flags */
2182 if (!NT_STATUS_IS_OK(status)) {
2183 if (open_was_deferred(req->mid)) {
2184 /* We have re-scheduled this call. */
2187 reply_openerror(req, status);
2191 ft.atime = smb_fname->st.st_ex_atime; /* atime. */
2192 status = smb_set_file_time(conn, fsp, smb_fname, &ft, true);
2193 if (!NT_STATUS_IS_OK(status)) {
2194 END_PROFILE(SMBcreate);
2198 reply_outbuf(req, 1, 0);
2199 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2201 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2202 SCVAL(req->outbuf,smb_flg,
2203 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2206 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2207 SCVAL(req->outbuf,smb_flg,
2208 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2211 DEBUG(2, ("reply_mknew: file %s\n", smb_fname_str_dbg(smb_fname)));
2212 DEBUG(3, ("reply_mknew %s fd=%d dmode=0x%x\n",
2213 smb_fname_str_dbg(smb_fname), fsp->fh->fd,
2214 (unsigned int)fattr));
2217 TALLOC_FREE(smb_fname);
2218 END_PROFILE(SMBcreate);
2222 /****************************************************************************
2223 Reply to a create temporary file.
2224 ****************************************************************************/
2226 void reply_ctemp(struct smb_request *req)
2228 connection_struct *conn = req->conn;
2229 struct smb_filename *smb_fname = NULL;
2237 TALLOC_CTX *ctx = talloc_tos();
2239 START_PROFILE(SMBctemp);
2242 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2246 fattr = SVAL(req->vwv+0, 0);
2247 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2249 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2250 STR_TERMINATE, &status);
2251 if (!NT_STATUS_IS_OK(status)) {
2252 reply_nterror(req, status);
2256 fname = talloc_asprintf(ctx,
2260 fname = talloc_strdup(ctx, "TMXXXXXX");
2264 reply_nterror(req, NT_STATUS_NO_MEMORY);
2268 status = filename_convert(ctx, conn,
2269 req->flags2 & FLAGS2_DFS_PATHNAMES,
2274 if (!NT_STATUS_IS_OK(status)) {
2275 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2276 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2277 ERRSRV, ERRbadpath);
2280 reply_nterror(req, status);
2284 tmpfd = mkstemp(smb_fname->base_name);
2286 reply_nterror(req, map_nt_error_from_unix(errno));
2290 SMB_VFS_STAT(conn, smb_fname);
2292 /* We should fail if file does not exist. */
2293 status = SMB_VFS_CREATE_FILE(
2296 0, /* root_dir_fid */
2297 smb_fname, /* fname */
2298 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2299 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2300 FILE_OPEN, /* create_disposition*/
2301 0, /* create_options */
2302 fattr, /* file_attributes */
2303 oplock_request, /* oplock_request */
2304 0, /* allocation_size */
2305 0, /* private_flags */
2311 /* close fd from mkstemp() */
2314 if (!NT_STATUS_IS_OK(status)) {
2315 if (open_was_deferred(req->mid)) {
2316 /* We have re-scheduled this call. */
2319 reply_openerror(req, status);
2323 reply_outbuf(req, 1, 0);
2324 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2326 /* the returned filename is relative to the directory */
2327 s = strrchr_m(fsp->fsp_name->base_name, '/');
2329 s = fsp->fsp_name->base_name;
2335 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2336 thing in the byte section. JRA */
2337 SSVALS(p, 0, -1); /* what is this? not in spec */
2339 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2341 reply_nterror(req, NT_STATUS_NO_MEMORY);
2345 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2346 SCVAL(req->outbuf, smb_flg,
2347 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2350 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2351 SCVAL(req->outbuf, smb_flg,
2352 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2355 DEBUG(2, ("reply_ctemp: created temp file %s\n", fsp_str_dbg(fsp)));
2356 DEBUG(3, ("reply_ctemp %s fd=%d umode=0%o\n", fsp_str_dbg(fsp),
2357 fsp->fh->fd, (unsigned int)smb_fname->st.st_ex_mode));
2359 TALLOC_FREE(smb_fname);
2360 END_PROFILE(SMBctemp);
2364 /*******************************************************************
2365 Check if a user is allowed to rename a file.
2366 ********************************************************************/
2368 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2373 if (!CAN_WRITE(conn)) {
2374 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2377 fmode = dos_mode(conn, fsp->fsp_name);
2378 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2379 return NT_STATUS_NO_SUCH_FILE;
2382 if (S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
2383 if (fsp->posix_open) {
2384 return NT_STATUS_OK;
2387 /* If no pathnames are open below this
2388 directory, allow the rename. */
2390 if (file_find_subpath(fsp)) {
2391 return NT_STATUS_ACCESS_DENIED;
2393 return NT_STATUS_OK;
2396 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2397 return NT_STATUS_OK;
2400 return NT_STATUS_ACCESS_DENIED;
2403 /*******************************************************************
2404 * unlink a file with all relevant access checks
2405 *******************************************************************/
2407 static NTSTATUS do_unlink(connection_struct *conn,
2408 struct smb_request *req,
2409 struct smb_filename *smb_fname,
2414 uint32 dirtype_orig = dirtype;
2417 bool posix_paths = lp_posix_pathnames();
2419 DEBUG(10,("do_unlink: %s, dirtype = %d\n",
2420 smb_fname_str_dbg(smb_fname),
2423 if (!CAN_WRITE(conn)) {
2424 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2428 ret = SMB_VFS_LSTAT(conn, smb_fname);
2430 ret = SMB_VFS_STAT(conn, smb_fname);
2433 return map_nt_error_from_unix(errno);
2436 fattr = dos_mode(conn, smb_fname);
2438 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2439 dirtype = aDIR|aARCH|aRONLY;
2442 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2444 return NT_STATUS_NO_SUCH_FILE;
2447 if (!dir_check_ftype(conn, fattr, dirtype)) {
2449 return NT_STATUS_FILE_IS_A_DIRECTORY;
2451 return NT_STATUS_NO_SUCH_FILE;
2454 if (dirtype_orig & 0x8000) {
2455 /* These will never be set for POSIX. */
2456 return NT_STATUS_NO_SUCH_FILE;
2460 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2461 return NT_STATUS_FILE_IS_A_DIRECTORY;
2464 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2465 return NT_STATUS_NO_SUCH_FILE;
2468 if (dirtype & 0xFF00) {
2469 /* These will never be set for POSIX. */
2470 return NT_STATUS_NO_SUCH_FILE;
2475 return NT_STATUS_NO_SUCH_FILE;
2478 /* Can't delete a directory. */
2480 return NT_STATUS_FILE_IS_A_DIRECTORY;
2485 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2486 return NT_STATUS_OBJECT_NAME_INVALID;
2487 #endif /* JRATEST */
2489 /* On open checks the open itself will check the share mode, so
2490 don't do it here as we'll get it wrong. */
2492 status = SMB_VFS_CREATE_FILE
2495 0, /* root_dir_fid */
2496 smb_fname, /* fname */
2497 DELETE_ACCESS, /* access_mask */
2498 FILE_SHARE_NONE, /* share_access */
2499 FILE_OPEN, /* create_disposition*/
2500 FILE_NON_DIRECTORY_FILE, /* create_options */
2501 /* file_attributes */
2502 posix_paths ? FILE_FLAG_POSIX_SEMANTICS|0777 :
2503 FILE_ATTRIBUTE_NORMAL,
2504 0, /* oplock_request */
2505 0, /* allocation_size */
2506 0, /* private_flags */
2512 if (!NT_STATUS_IS_OK(status)) {
2513 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2514 nt_errstr(status)));
2518 status = can_set_delete_on_close(fsp, fattr);
2519 if (!NT_STATUS_IS_OK(status)) {
2520 DEBUG(10, ("do_unlink can_set_delete_on_close for file %s - "
2522 smb_fname_str_dbg(smb_fname),
2523 nt_errstr(status)));
2524 close_file(req, fsp, NORMAL_CLOSE);
2528 /* The set is across all open files on this dev/inode pair. */
2529 if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) {
2530 close_file(req, fsp, NORMAL_CLOSE);
2531 return NT_STATUS_ACCESS_DENIED;
2534 return close_file(req, fsp, NORMAL_CLOSE);
2537 /****************************************************************************
2538 The guts of the unlink command, split out so it may be called by the NT SMB
2540 ****************************************************************************/
2542 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2543 uint32 dirtype, struct smb_filename *smb_fname,
2546 char *fname_dir = NULL;
2547 char *fname_mask = NULL;
2549 NTSTATUS status = NT_STATUS_OK;
2550 TALLOC_CTX *ctx = talloc_tos();
2552 /* Split up the directory from the filename/mask. */
2553 status = split_fname_dir_mask(ctx, smb_fname->base_name,
2554 &fname_dir, &fname_mask);
2555 if (!NT_STATUS_IS_OK(status)) {
2560 * We should only check the mangled cache
2561 * here if unix_convert failed. This means
2562 * that the path in 'mask' doesn't exist
2563 * on the file system and so we need to look
2564 * for a possible mangle. This patch from
2565 * Tine Smukavec <valentin.smukavec@hermes.si>.
2568 if (!VALID_STAT(smb_fname->st) &&
2569 mangle_is_mangled(fname_mask, conn->params)) {
2570 char *new_mask = NULL;
2571 mangle_lookup_name_from_8_3(ctx, fname_mask,
2572 &new_mask, conn->params);
2574 TALLOC_FREE(fname_mask);
2575 fname_mask = new_mask;
2582 * Only one file needs to be unlinked. Append the mask back
2583 * onto the directory.
2585 TALLOC_FREE(smb_fname->base_name);
2586 smb_fname->base_name = talloc_asprintf(smb_fname,
2590 if (!smb_fname->base_name) {
2591 status = NT_STATUS_NO_MEMORY;
2595 dirtype = FILE_ATTRIBUTE_NORMAL;
2598 status = check_name(conn, smb_fname->base_name);
2599 if (!NT_STATUS_IS_OK(status)) {
2603 status = do_unlink(conn, req, smb_fname, dirtype);
2604 if (!NT_STATUS_IS_OK(status)) {
2610 struct smb_Dir *dir_hnd = NULL;
2612 const char *dname = NULL;
2613 char *talloced = NULL;
2615 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2616 status = NT_STATUS_OBJECT_NAME_INVALID;
2620 if (strequal(fname_mask,"????????.???")) {
2621 TALLOC_FREE(fname_mask);
2622 fname_mask = talloc_strdup(ctx, "*");
2624 status = NT_STATUS_NO_MEMORY;
2629 status = check_name(conn, fname_dir);
2630 if (!NT_STATUS_IS_OK(status)) {
2634 dir_hnd = OpenDir(talloc_tos(), conn, fname_dir, fname_mask,
2636 if (dir_hnd == NULL) {
2637 status = map_nt_error_from_unix(errno);
2641 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2642 the pattern matches against the long name, otherwise the short name
2643 We don't implement this yet XXXX
2646 status = NT_STATUS_NO_SUCH_FILE;
2648 while ((dname = ReadDirName(dir_hnd, &offset,
2649 &smb_fname->st, &talloced))) {
2650 TALLOC_CTX *frame = talloc_stackframe();
2652 if (!is_visible_file(conn, fname_dir, dname,
2653 &smb_fname->st, true)) {
2655 TALLOC_FREE(talloced);
2659 /* Quick check for "." and ".." */
2660 if (ISDOT(dname) || ISDOTDOT(dname)) {
2662 TALLOC_FREE(talloced);
2666 if(!mask_match(dname, fname_mask,
2667 conn->case_sensitive)) {
2669 TALLOC_FREE(talloced);
2673 TALLOC_FREE(smb_fname->base_name);
2674 smb_fname->base_name =
2675 talloc_asprintf(smb_fname, "%s/%s",
2678 if (!smb_fname->base_name) {
2679 TALLOC_FREE(dir_hnd);
2680 status = NT_STATUS_NO_MEMORY;
2682 TALLOC_FREE(talloced);
2686 status = check_name(conn, smb_fname->base_name);
2687 if (!NT_STATUS_IS_OK(status)) {
2688 TALLOC_FREE(dir_hnd);
2690 TALLOC_FREE(talloced);
2694 status = do_unlink(conn, req, smb_fname, dirtype);
2695 if (!NT_STATUS_IS_OK(status)) {
2697 TALLOC_FREE(talloced);
2702 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2703 smb_fname->base_name));
2706 TALLOC_FREE(talloced);
2708 TALLOC_FREE(dir_hnd);
2711 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2712 status = map_nt_error_from_unix(errno);
2716 TALLOC_FREE(fname_dir);
2717 TALLOC_FREE(fname_mask);
2721 /****************************************************************************
2723 ****************************************************************************/
2725 void reply_unlink(struct smb_request *req)
2727 connection_struct *conn = req->conn;
2729 struct smb_filename *smb_fname = NULL;
2732 bool path_contains_wcard = False;
2733 TALLOC_CTX *ctx = talloc_tos();
2735 START_PROFILE(SMBunlink);
2738 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2742 dirtype = SVAL(req->vwv+0, 0);
2744 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2745 STR_TERMINATE, &status,
2746 &path_contains_wcard);
2747 if (!NT_STATUS_IS_OK(status)) {
2748 reply_nterror(req, status);
2752 status = filename_convert(ctx, conn,
2753 req->flags2 & FLAGS2_DFS_PATHNAMES,
2755 UCF_COND_ALLOW_WCARD_LCOMP,
2756 &path_contains_wcard,
2758 if (!NT_STATUS_IS_OK(status)) {
2759 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2760 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2761 ERRSRV, ERRbadpath);
2764 reply_nterror(req, status);
2768 DEBUG(3,("reply_unlink : %s\n", smb_fname_str_dbg(smb_fname)));
2770 status = unlink_internals(conn, req, dirtype, smb_fname,
2771 path_contains_wcard);
2772 if (!NT_STATUS_IS_OK(status)) {
2773 if (open_was_deferred(req->mid)) {
2774 /* We have re-scheduled this call. */
2777 reply_nterror(req, status);
2781 reply_outbuf(req, 0, 0);
2783 TALLOC_FREE(smb_fname);
2784 END_PROFILE(SMBunlink);
2788 /****************************************************************************
2790 ****************************************************************************/
2792 static void fail_readraw(void)
2794 const char *errstr = talloc_asprintf(talloc_tos(),
2795 "FAIL ! reply_readbraw: socket write fail (%s)",
2800 exit_server_cleanly(errstr);
2803 /****************************************************************************
2804 Fake (read/write) sendfile. Returns -1 on read or write fail.
2805 ****************************************************************************/
2807 ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread)
2810 size_t tosend = nread;
2817 bufsize = MIN(nread, 65536);
2819 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2823 while (tosend > 0) {
2827 if (tosend > bufsize) {
2832 ret = read_file(fsp,buf,startpos,cur_read);
2838 /* If we had a short read, fill with zeros. */
2839 if (ret < cur_read) {
2840 memset(buf + ret, '\0', cur_read - ret);
2843 if (write_data(fsp->conn->sconn->sock, buf, cur_read)
2845 char addr[INET6_ADDRSTRLEN];
2847 * Try and give an error message saying what
2850 DEBUG(0, ("write_data failed for client %s. "
2852 get_peer_addr(fsp->conn->sconn->sock, addr,
2859 startpos += cur_read;
2863 return (ssize_t)nread;
2866 /****************************************************************************
2867 Deal with the case of sendfile reading less bytes from the file than
2868 requested. Fill with zeros (all we can do).
2869 ****************************************************************************/
2871 void sendfile_short_send(files_struct *fsp,
2876 #define SHORT_SEND_BUFSIZE 1024
2877 if (nread < headersize) {
2878 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2879 "header for file %s (%s). Terminating\n",
2880 fsp_str_dbg(fsp), strerror(errno)));
2881 exit_server_cleanly("sendfile_short_send failed");
2884 nread -= headersize;
2886 if (nread < smb_maxcnt) {
2887 char *buf = SMB_CALLOC_ARRAY(char, SHORT_SEND_BUFSIZE);
2889 exit_server_cleanly("sendfile_short_send: "
2893 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2894 "with zeros !\n", fsp_str_dbg(fsp)));
2896 while (nread < smb_maxcnt) {
2898 * We asked for the real file size and told sendfile
2899 * to not go beyond the end of the file. But it can
2900 * happen that in between our fstat call and the
2901 * sendfile call the file was truncated. This is very
2902 * bad because we have already announced the larger
2903 * number of bytes to the client.
2905 * The best we can do now is to send 0-bytes, just as
2906 * a read from a hole in a sparse file would do.
2908 * This should happen rarely enough that I don't care
2909 * about efficiency here :-)
2913 to_write = MIN(SHORT_SEND_BUFSIZE, smb_maxcnt - nread);
2914 if (write_data(fsp->conn->sconn->sock, buf, to_write)
2916 char addr[INET6_ADDRSTRLEN];
2918 * Try and give an error message saying what
2921 DEBUG(0, ("write_data failed for client %s. "
2924 fsp->conn->sconn->sock, addr,
2927 exit_server_cleanly("sendfile_short_send: "
2928 "write_data failed");
2936 /****************************************************************************
2937 Return a readbraw error (4 bytes of zero).
2938 ****************************************************************************/
2940 static void reply_readbraw_error(struct smbd_server_connection *sconn)
2946 smbd_lock_socket(sconn);
2947 if (write_data(sconn->sock,header,4) != 4) {
2948 char addr[INET6_ADDRSTRLEN];
2950 * Try and give an error message saying what
2953 DEBUG(0, ("write_data failed for client %s. "
2955 get_peer_addr(sconn->sock, addr, sizeof(addr)),
2960 smbd_unlock_socket(sconn);
2963 /****************************************************************************
2964 Use sendfile in readbraw.
2965 ****************************************************************************/
2967 static void send_file_readbraw(connection_struct *conn,
2968 struct smb_request *req,
2974 struct smbd_server_connection *sconn = req->sconn;
2975 char *outbuf = NULL;
2979 * We can only use sendfile on a non-chained packet
2980 * but we can use on a non-oplocked file. tridge proved this
2981 * on a train in Germany :-). JRA.
2982 * reply_readbraw has already checked the length.
2985 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
2986 (fsp->wcp == NULL) &&
2987 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
2988 ssize_t sendfile_read = -1;
2990 DATA_BLOB header_blob;
2992 _smb_setlen(header,nread);
2993 header_blob = data_blob_const(header, 4);
2995 sendfile_read = SMB_VFS_SENDFILE(sconn->sock, fsp,
2996 &header_blob, startpos,
2998 if (sendfile_read == -1) {
2999 /* Returning ENOSYS means no data at all was sent.
3000 * Do this as a normal read. */
3001 if (errno == ENOSYS) {
3002 goto normal_readbraw;
3006 * Special hack for broken Linux with no working sendfile. If we
3007 * return EINTR we sent the header but not the rest of the data.
3008 * Fake this up by doing read/write calls.
3010 if (errno == EINTR) {
3011 /* Ensure we don't do this again. */
3012 set_use_sendfile(SNUM(conn), False);
3013 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
3015 if (fake_sendfile(fsp, startpos, nread) == -1) {
3016 DEBUG(0,("send_file_readbraw: "
3017 "fake_sendfile failed for "
3021 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
3026 DEBUG(0,("send_file_readbraw: sendfile failed for "
3027 "file %s (%s). Terminating\n",
3028 fsp_str_dbg(fsp), strerror(errno)));
3029 exit_server_cleanly("send_file_readbraw sendfile failed");
3030 } else if (sendfile_read == 0) {
3032 * Some sendfile implementations return 0 to indicate
3033 * that there was a short read, but nothing was
3034 * actually written to the socket. In this case,
3035 * fallback to the normal read path so the header gets
3036 * the correct byte count.
3038 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
3039 "bytes falling back to the normal read: "
3040 "%s\n", fsp_str_dbg(fsp)));
3041 goto normal_readbraw;
3044 /* Deal with possible short send. */
3045 if (sendfile_read != 4+nread) {
3046 sendfile_short_send(fsp, sendfile_read, 4, nread);
3053 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
3055 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
3056 (unsigned)(nread+4)));
3057 reply_readbraw_error(sconn);
3062 ret = read_file(fsp,outbuf+4,startpos,nread);
3063 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3072 _smb_setlen(outbuf,ret);
3073 if (write_data(sconn->sock, outbuf, 4+ret) != 4+ret) {
3074 char addr[INET6_ADDRSTRLEN];
3076 * Try and give an error message saying what
3079 DEBUG(0, ("write_data failed for client %s. "
3081 get_peer_addr(fsp->conn->sconn->sock, addr,
3088 TALLOC_FREE(outbuf);
3091 /****************************************************************************
3092 Reply to a readbraw (core+ protocol).
3093 ****************************************************************************/
3095 void reply_readbraw(struct smb_request *req)
3097 connection_struct *conn = req->conn;
3098 struct smbd_server_connection *sconn = req->sconn;
3099 ssize_t maxcount,mincount;
3103 struct lock_struct lock;
3106 START_PROFILE(SMBreadbraw);
3108 if (srv_is_signing_active(sconn) ||
3109 is_encrypted_packet(req->inbuf)) {
3110 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
3111 "raw reads/writes are disallowed.");
3115 reply_readbraw_error(sconn);
3116 END_PROFILE(SMBreadbraw);
3120 if (sconn->smb1.echo_handler.trusted_fde) {
3121 DEBUG(2,("SMBreadbraw rejected with NOT_SUPPORTED because of "
3122 "'async smb echo handler = yes'\n"));
3123 reply_readbraw_error(sconn);
3124 END_PROFILE(SMBreadbraw);
3129 * Special check if an oplock break has been issued
3130 * and the readraw request croses on the wire, we must
3131 * return a zero length response here.
3134 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3137 * We have to do a check_fsp by hand here, as
3138 * we must always return 4 zero bytes on error,
3142 if (!fsp || !conn || conn != fsp->conn ||
3143 req->vuid != fsp->vuid ||
3144 fsp->is_directory || fsp->fh->fd == -1) {
3146 * fsp could be NULL here so use the value from the packet. JRA.
3148 DEBUG(3,("reply_readbraw: fnum %d not valid "
3150 (int)SVAL(req->vwv+0, 0)));
3151 reply_readbraw_error(sconn);
3152 END_PROFILE(SMBreadbraw);
3156 /* Do a "by hand" version of CHECK_READ. */
3157 if (!(fsp->can_read ||
3158 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
3159 (fsp->access_mask & FILE_EXECUTE)))) {
3160 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
3161 (int)SVAL(req->vwv+0, 0)));
3162 reply_readbraw_error(sconn);
3163 END_PROFILE(SMBreadbraw);
3167 flush_write_cache(fsp, READRAW_FLUSH);
3169 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
3170 if(req->wct == 10) {
3172 * This is a large offset (64 bit) read.
3174 #ifdef LARGE_SMB_OFF_T
3176 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
3178 #else /* !LARGE_SMB_OFF_T */
3181 * Ensure we haven't been sent a >32 bit offset.
3184 if(IVAL(req->vwv+8, 0) != 0) {
3185 DEBUG(0,("reply_readbraw: large offset "
3186 "(%x << 32) used and we don't support "
3187 "64 bit offsets.\n",
3188 (unsigned int)IVAL(req->vwv+8, 0) ));
3189 reply_readbraw_error();
3190 END_PROFILE(SMBreadbraw);
3194 #endif /* LARGE_SMB_OFF_T */
3197 DEBUG(0,("reply_readbraw: negative 64 bit "
3198 "readraw offset (%.0f) !\n",
3199 (double)startpos ));
3200 reply_readbraw_error(sconn);
3201 END_PROFILE(SMBreadbraw);
3206 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
3207 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
3209 /* ensure we don't overrun the packet size */
3210 maxcount = MIN(65535,maxcount);
3212 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3213 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
3216 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3217 reply_readbraw_error(sconn);
3218 END_PROFILE(SMBreadbraw);
3222 if (fsp_stat(fsp) == 0) {
3223 size = fsp->fsp_name->st.st_ex_size;
3226 if (startpos >= size) {
3229 nread = MIN(maxcount,(size - startpos));
3232 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3233 if (nread < mincount)
3237 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3238 "min=%lu nread=%lu\n",
3239 fsp->fnum, (double)startpos,
3240 (unsigned long)maxcount,
3241 (unsigned long)mincount,
3242 (unsigned long)nread ) );
3244 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3246 DEBUG(5,("reply_readbraw finished\n"));
3248 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3250 END_PROFILE(SMBreadbraw);
3255 #define DBGC_CLASS DBGC_LOCKING
3257 /****************************************************************************
3258 Reply to a lockread (core+ protocol).
3259 ****************************************************************************/
3261 void reply_lockread(struct smb_request *req)
3263 connection_struct *conn = req->conn;
3270 struct byte_range_lock *br_lck = NULL;
3272 struct smbd_server_connection *sconn = req->sconn;
3274 START_PROFILE(SMBlockread);
3277 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3278 END_PROFILE(SMBlockread);
3282 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3284 if (!check_fsp(conn, req, fsp)) {
3285 END_PROFILE(SMBlockread);
3289 if (!CHECK_READ(fsp,req)) {
3290 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3291 END_PROFILE(SMBlockread);
3295 numtoread = SVAL(req->vwv+1, 0);
3296 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3298 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3300 reply_outbuf(req, 5, numtoread + 3);
3302 data = smb_buf(req->outbuf) + 3;
3305 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3306 * protocol request that predates the read/write lock concept.
3307 * Thus instead of asking for a read lock here we need to ask
3308 * for a write lock. JRA.
3309 * Note that the requested lock size is unaffected by max_recv.
3312 br_lck = do_lock(req->sconn->msg_ctx,
3314 (uint64_t)req->smbpid,
3315 (uint64_t)numtoread,
3319 False, /* Non-blocking lock. */
3323 TALLOC_FREE(br_lck);
3325 if (NT_STATUS_V(status)) {
3326 reply_nterror(req, status);
3327 END_PROFILE(SMBlockread);
3332 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3335 if (numtoread > sconn->smb1.negprot.max_recv) {
3336 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3337 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3338 (unsigned int)numtoread,
3339 (unsigned int)sconn->smb1.negprot.max_recv));
3340 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3342 nread = read_file(fsp,data,startpos,numtoread);
3345 reply_nterror(req, map_nt_error_from_unix(errno));
3346 END_PROFILE(SMBlockread);
3350 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3352 SSVAL(req->outbuf,smb_vwv0,nread);
3353 SSVAL(req->outbuf,smb_vwv5,nread+3);
3354 p = smb_buf(req->outbuf);
3355 SCVAL(p,0,0); /* pad byte. */
3358 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3359 fsp->fnum, (int)numtoread, (int)nread));
3361 END_PROFILE(SMBlockread);
3366 #define DBGC_CLASS DBGC_ALL
3368 /****************************************************************************
3370 ****************************************************************************/
3372 void reply_read(struct smb_request *req)
3374 connection_struct *conn = req->conn;
3381 struct lock_struct lock;
3382 struct smbd_server_connection *sconn = req->sconn;
3384 START_PROFILE(SMBread);
3387 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3388 END_PROFILE(SMBread);
3392 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3394 if (!check_fsp(conn, req, fsp)) {
3395 END_PROFILE(SMBread);
3399 if (!CHECK_READ(fsp,req)) {
3400 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3401 END_PROFILE(SMBread);
3405 numtoread = SVAL(req->vwv+1, 0);
3406 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3408 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3411 * The requested read size cannot be greater than max_recv. JRA.
3413 if (numtoread > sconn->smb1.negprot.max_recv) {
3414 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3415 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3416 (unsigned int)numtoread,
3417 (unsigned int)sconn->smb1.negprot.max_recv));
3418 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3421 reply_outbuf(req, 5, numtoread+3);
3423 data = smb_buf(req->outbuf) + 3;
3425 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3426 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3429 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3430 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3431 END_PROFILE(SMBread);
3436 nread = read_file(fsp,data,startpos,numtoread);
3439 reply_nterror(req, map_nt_error_from_unix(errno));
3443 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3445 SSVAL(req->outbuf,smb_vwv0,nread);
3446 SSVAL(req->outbuf,smb_vwv5,nread+3);
3447 SCVAL(smb_buf(req->outbuf),0,1);
3448 SSVAL(smb_buf(req->outbuf),1,nread);
3450 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3451 fsp->fnum, (int)numtoread, (int)nread ) );
3454 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3456 END_PROFILE(SMBread);
3460 /****************************************************************************
3462 ****************************************************************************/
3464 static int setup_readX_header(struct smb_request *req, char *outbuf,
3470 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3471 data = smb_buf(outbuf);
3473 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3475 SCVAL(outbuf,smb_vwv0,0xFF);
3476 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3477 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3478 SSVAL(outbuf,smb_vwv6,
3480 + 1 /* the wct field */
3481 + 12 * sizeof(uint16_t) /* vwv */
3482 + 2); /* the buflen field */
3483 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3484 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3485 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3486 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3490 /****************************************************************************
3491 Reply to a read and X - possibly using sendfile.
3492 ****************************************************************************/
3494 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3495 files_struct *fsp, SMB_OFF_T startpos,
3499 struct lock_struct lock;
3500 int saved_errno = 0;
3502 if(fsp_stat(fsp) == -1) {
3503 reply_nterror(req, map_nt_error_from_unix(errno));
3507 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3508 (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
3511 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3512 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3516 if (!S_ISREG(fsp->fsp_name->st.st_ex_mode) ||
3517 (startpos > fsp->fsp_name->st.st_ex_size)
3518 || (smb_maxcnt > (fsp->fsp_name->st.st_ex_size - startpos))) {
3520 * We already know that we would do a short read, so don't
3521 * try the sendfile() path.
3523 goto nosendfile_read;
3527 * We can only use sendfile on a non-chained packet
3528 * but we can use on a non-oplocked file. tridge proved this
3529 * on a train in Germany :-). JRA.
3532 if (!req_is_in_chain(req) &&
3533 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3534 (fsp->wcp == NULL) &&
3535 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
3536 uint8 headerbuf[smb_size + 12 * 2];
3540 * Set up the packet header before send. We
3541 * assume here the sendfile will work (get the
3542 * correct amount of data).
3545 header = data_blob_const(headerbuf, sizeof(headerbuf));
3547 construct_reply_common_req(req, (char *)headerbuf);
3548 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3550 nread = SMB_VFS_SENDFILE(req->sconn->sock, fsp, &header,
3551 startpos, smb_maxcnt);
3553 /* Returning ENOSYS means no data at all was sent.
3554 Do this as a normal read. */
3555 if (errno == ENOSYS) {
3560 * Special hack for broken Linux with no working sendfile. If we
3561 * return EINTR we sent the header but not the rest of the data.
3562 * Fake this up by doing read/write calls.
3565 if (errno == EINTR) {
3566 /* Ensure we don't do this again. */
3567 set_use_sendfile(SNUM(conn), False);
3568 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3569 nread = fake_sendfile(fsp, startpos,
3572 DEBUG(0,("send_file_readX: "
3573 "fake_sendfile failed for "
3577 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3579 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3580 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3581 /* No outbuf here means successful sendfile. */
3585 DEBUG(0,("send_file_readX: sendfile failed for file "
3586 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3588 exit_server_cleanly("send_file_readX sendfile failed");
3589 } else if (nread == 0) {
3591 * Some sendfile implementations return 0 to indicate
3592 * that there was a short read, but nothing was
3593 * actually written to the socket. In this case,
3594 * fallback to the normal read path so the header gets
3595 * the correct byte count.
3597 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3598 "falling back to the normal read: %s\n",
3603 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3604 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3606 /* Deal with possible short send. */
3607 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3608 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3610 /* No outbuf here means successful sendfile. */
3611 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req->pcd, nread);
3612 SMB_PERFCOUNT_END(&req->pcd);
3618 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3619 uint8 headerbuf[smb_size + 2*12];
3621 construct_reply_common_req(req, (char *)headerbuf);
3622 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3624 /* Send out the header. */
3625 if (write_data(req->sconn->sock, (char *)headerbuf,
3626 sizeof(headerbuf)) != sizeof(headerbuf)) {
3628 char addr[INET6_ADDRSTRLEN];
3630 * Try and give an error message saying what
3633 DEBUG(0, ("write_data failed for client %s. "
3635 get_peer_addr(req->sconn->sock, addr,
3639 DEBUG(0,("send_file_readX: write_data failed for file "
3640 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3642 exit_server_cleanly("send_file_readX sendfile failed");
3644 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3646 DEBUG(0,("send_file_readX: fake_sendfile failed for "
3647 "file %s (%s).\n", fsp_str_dbg(fsp),
3649 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3656 reply_outbuf(req, 12, smb_maxcnt);
3658 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3659 saved_errno = errno;
3661 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3664 reply_nterror(req, map_nt_error_from_unix(saved_errno));
3668 setup_readX_header(req, (char *)req->outbuf, nread);
3670 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3671 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3677 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3678 TALLOC_FREE(req->outbuf);
3682 /****************************************************************************
3683 Reply to a read and X.
3684 ****************************************************************************/
3686 void reply_read_and_X(struct smb_request *req)
3688 connection_struct *conn = req->conn;
3692 bool big_readX = False;
3694 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3697 START_PROFILE(SMBreadX);
3699 if ((req->wct != 10) && (req->wct != 12)) {
3700 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3704 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3705 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3706 smb_maxcnt = SVAL(req->vwv+5, 0);
3708 /* If it's an IPC, pass off the pipe handler. */
3710 reply_pipe_read_and_X(req);
3711 END_PROFILE(SMBreadX);
3715 if (!check_fsp(conn, req, fsp)) {
3716 END_PROFILE(SMBreadX);
3720 if (!CHECK_READ(fsp,req)) {
3721 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3722 END_PROFILE(SMBreadX);
3726 if (global_client_caps & CAP_LARGE_READX) {
3727 size_t upper_size = SVAL(req->vwv+7, 0);
3728 smb_maxcnt |= (upper_size<<16);
3729 if (upper_size > 1) {
3730 /* Can't do this on a chained packet. */
3731 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3732 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3733 END_PROFILE(SMBreadX);
3736 /* We currently don't do this on signed or sealed data. */
3737 if (srv_is_signing_active(req->sconn) ||
3738 is_encrypted_packet(req->inbuf)) {
3739 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3740 END_PROFILE(SMBreadX);
3743 /* Is there room in the reply for this data ? */
3744 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3746 NT_STATUS_INVALID_PARAMETER);
3747 END_PROFILE(SMBreadX);
3754 if (req->wct == 12) {
3755 #ifdef LARGE_SMB_OFF_T
3757 * This is a large offset (64 bit) read.
3759 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3761 #else /* !LARGE_SMB_OFF_T */
3764 * Ensure we haven't been sent a >32 bit offset.
3767 if(IVAL(req->vwv+10, 0) != 0) {
3768 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3769 "used and we don't support 64 bit offsets.\n",
3770 (unsigned int)IVAL(req->vwv+10, 0) ));
3771 END_PROFILE(SMBreadX);
3772 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3776 #endif /* LARGE_SMB_OFF_T */
3781 NTSTATUS status = schedule_aio_read_and_X(conn,
3786 if (NT_STATUS_IS_OK(status)) {
3787 /* Read scheduled - we're done. */
3790 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
3791 /* Real error - report to client. */
3792 END_PROFILE(SMBreadX);
3793 reply_nterror(req, status);
3796 /* NT_STATUS_RETRY - fall back to sync read. */
3799 smbd_lock_socket(req->sconn);
3800 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3801 smbd_unlock_socket(req->sconn);
3804 END_PROFILE(SMBreadX);
3808 /****************************************************************************
3809 Error replies to writebraw must have smb_wct == 1. Fix this up.
3810 ****************************************************************************/
3812 void error_to_writebrawerr(struct smb_request *req)
3814 uint8 *old_outbuf = req->outbuf;
3816 reply_outbuf(req, 1, 0);
3818 memcpy(req->outbuf, old_outbuf, smb_size);
3819 TALLOC_FREE(old_outbuf);
3822 /****************************************************************************
3823 Read 4 bytes of a smb packet and return the smb length of the packet.
3824 Store the result in the buffer. This version of the function will
3825 never return a session keepalive (length of zero).
3826 Timeout is in milliseconds.
3827 ****************************************************************************/
3829 static NTSTATUS read_smb_length(int fd, char *inbuf, unsigned int timeout,
3832 uint8_t msgtype = SMBkeepalive;
3834 while (msgtype == SMBkeepalive) {
3837 status = read_smb_length_return_keepalive(fd, inbuf, timeout,
3839 if (!NT_STATUS_IS_OK(status)) {
3840 char addr[INET6_ADDRSTRLEN];
3841 /* Try and give an error message
3842 * saying what client failed. */
3843 DEBUG(0, ("read_fd_with_timeout failed for "
3844 "client %s read error = %s.\n",
3845 get_peer_addr(fd,addr,sizeof(addr)),
3846 nt_errstr(status)));
3850 msgtype = CVAL(inbuf, 0);
3853 DEBUG(10,("read_smb_length: got smb length of %lu\n",
3854 (unsigned long)len));
3856 return NT_STATUS_OK;
3859 /****************************************************************************
3860 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3861 ****************************************************************************/
3863 void reply_writebraw(struct smb_request *req)
3865 connection_struct *conn = req->conn;
3868 ssize_t total_written=0;
3869 size_t numtowrite=0;
3875 struct lock_struct lock;
3878 START_PROFILE(SMBwritebraw);
3881 * If we ever reply with an error, it must have the SMB command
3882 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3885 SCVAL(req->inbuf,smb_com,SMBwritec);
3887 if (srv_is_signing_active(req->sconn)) {
3888 END_PROFILE(SMBwritebraw);
3889 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3890 "raw reads/writes are disallowed.");
3893 if (req->wct < 12) {
3894 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3895 error_to_writebrawerr(req);
3896 END_PROFILE(SMBwritebraw);
3900 if (req->sconn->smb1.echo_handler.trusted_fde) {
3901 DEBUG(2,("SMBwritebraw rejected with NOT_SUPPORTED because of "
3902 "'async smb echo handler = yes'\n"));
3903 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3904 error_to_writebrawerr(req);
3905 END_PROFILE(SMBwritebraw);
3909 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3910 if (!check_fsp(conn, req, fsp)) {
3911 error_to_writebrawerr(req);
3912 END_PROFILE(SMBwritebraw);
3916 if (!CHECK_WRITE(fsp)) {
3917 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3918 error_to_writebrawerr(req);
3919 END_PROFILE(SMBwritebraw);
3923 tcount = IVAL(req->vwv+1, 0);
3924 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3925 write_through = BITSETW(req->vwv+7,0);
3927 /* We have to deal with slightly different formats depending
3928 on whether we are using the core+ or lanman1.0 protocol */
3930 if(get_Protocol() <= PROTOCOL_COREPLUS) {
3931 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3932 data = smb_buf(req->inbuf);
3934 numtowrite = SVAL(req->vwv+10, 0);
3935 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3938 /* Ensure we don't write bytes past the end of this packet. */
3939 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3940 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3941 error_to_writebrawerr(req);
3942 END_PROFILE(SMBwritebraw);
3946 if (!fsp->print_file) {
3947 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3948 (uint64_t)startpos, (uint64_t)tcount, WRITE_LOCK,
3951 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3952 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3953 error_to_writebrawerr(req);
3954 END_PROFILE(SMBwritebraw);
3960 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3963 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3964 "wrote=%d sync=%d\n",
3965 fsp->fnum, (double)startpos, (int)numtowrite,
3966 (int)nwritten, (int)write_through));
3968 if (nwritten < (ssize_t)numtowrite) {
3969 reply_nterror(req, NT_STATUS_DISK_FULL);
3970 error_to_writebrawerr(req);
3974 total_written = nwritten;
3976 /* Allocate a buffer of 64k + length. */
3977 buf = TALLOC_ARRAY(NULL, char, 65540);
3979 reply_nterror(req, NT_STATUS_NO_MEMORY);
3980 error_to_writebrawerr(req);
3984 /* Return a SMBwritebraw message to the redirector to tell
3985 * it to send more bytes */
3987 memcpy(buf, req->inbuf, smb_size);
3988 srv_set_message(buf,get_Protocol()>PROTOCOL_COREPLUS?1:0,0,True);
3989 SCVAL(buf,smb_com,SMBwritebraw);
3990 SSVALS(buf,smb_vwv0,0xFFFF);
3992 if (!srv_send_smb(req->sconn,
3994 false, 0, /* no signing */
3995 IS_CONN_ENCRYPTED(conn),
3997 exit_server_cleanly("reply_writebraw: srv_send_smb "
4001 /* Now read the raw data into the buffer and write it */
4002 status = read_smb_length(req->sconn->sock, buf, SMB_SECONDARY_WAIT,
4004 if (!NT_STATUS_IS_OK(status)) {
4005 exit_server_cleanly("secondary writebraw failed");
4008 /* Set up outbuf to return the correct size */
4009 reply_outbuf(req, 1, 0);
4011 if (numtowrite != 0) {
4013 if (numtowrite > 0xFFFF) {
4014 DEBUG(0,("reply_writebraw: Oversize secondary write "
4015 "raw requested (%u). Terminating\n",
4016 (unsigned int)numtowrite ));
4017 exit_server_cleanly("secondary writebraw failed");
4020 if (tcount > nwritten+numtowrite) {
4021 DEBUG(3,("reply_writebraw: Client overestimated the "
4023 (int)tcount,(int)nwritten,(int)numtowrite));
4026 status = read_data(req->sconn->sock, buf+4, numtowrite);
4028 if (!NT_STATUS_IS_OK(status)) {
4029 char addr[INET6_ADDRSTRLEN];
4030 /* Try and give an error message
4031 * saying what client failed. */
4032 DEBUG(0, ("reply_writebraw: Oversize secondary write "
4033 "raw read failed (%s) for client %s. "
4034 "Terminating\n", nt_errstr(status),
4035 get_peer_addr(req->sconn->sock, addr,
4037 exit_server_cleanly("secondary writebraw failed");
4040 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
4041 if (nwritten == -1) {
4043 reply_nterror(req, map_nt_error_from_unix(errno));
4044 error_to_writebrawerr(req);
4048 if (nwritten < (ssize_t)numtowrite) {
4049 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4050 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4054 total_written += nwritten;
4059 SSVAL(req->outbuf,smb_vwv0,total_written);
4061 status = sync_file(conn, fsp, write_through);
4062 if (!NT_STATUS_IS_OK(status)) {
4063 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
4064 fsp_str_dbg(fsp), nt_errstr(status)));
4065 reply_nterror(req, status);
4066 error_to_writebrawerr(req);
4070 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
4072 fsp->fnum, (double)startpos, (int)numtowrite,
4073 (int)total_written));
4075 if (!fsp->print_file) {
4076 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4079 /* We won't return a status if write through is not selected - this
4080 * follows what WfWg does */
4081 END_PROFILE(SMBwritebraw);
4083 if (!write_through && total_written==tcount) {
4085 #if RABBIT_PELLET_FIX
4087 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
4088 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
4091 if (!send_keepalive(req->sconn->sock)) {
4092 exit_server_cleanly("reply_writebraw: send of "
4093 "keepalive failed");
4096 TALLOC_FREE(req->outbuf);
4101 if (!fsp->print_file) {
4102 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4105 END_PROFILE(SMBwritebraw);
4110 #define DBGC_CLASS DBGC_LOCKING
4112 /****************************************************************************
4113 Reply to a writeunlock (core+).
4114 ****************************************************************************/
4116 void reply_writeunlock(struct smb_request *req)
4118 connection_struct *conn = req->conn;
4119 ssize_t nwritten = -1;
4123 NTSTATUS status = NT_STATUS_OK;
4125 struct lock_struct lock;
4126 int saved_errno = 0;
4128 START_PROFILE(SMBwriteunlock);
4131 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4132 END_PROFILE(SMBwriteunlock);
4136 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4138 if (!check_fsp(conn, req, fsp)) {
4139 END_PROFILE(SMBwriteunlock);
4143 if (!CHECK_WRITE(fsp)) {
4144 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4145 END_PROFILE(SMBwriteunlock);
4149 numtowrite = SVAL(req->vwv+1, 0);
4150 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4151 data = (const char *)req->buf + 3;
4153 if (!fsp->print_file && numtowrite > 0) {
4154 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4155 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4158 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4159 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4160 END_PROFILE(SMBwriteunlock);
4165 /* The special X/Open SMB protocol handling of
4166 zero length writes is *NOT* done for
4168 if(numtowrite == 0) {
4171 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4172 saved_errno = errno;
4175 status = sync_file(conn, fsp, False /* write through */);
4176 if (!NT_STATUS_IS_OK(status)) {
4177 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
4178 fsp_str_dbg(fsp), nt_errstr(status)));
4179 reply_nterror(req, status);
4184 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4188 if((nwritten < numtowrite) && (numtowrite != 0)) {
4189 reply_nterror(req, NT_STATUS_DISK_FULL);
4193 if (numtowrite && !fsp->print_file) {
4194 status = do_unlock(req->sconn->msg_ctx,
4196 (uint64_t)req->smbpid,
4197 (uint64_t)numtowrite,
4201 if (NT_STATUS_V(status)) {
4202 reply_nterror(req, status);
4207 reply_outbuf(req, 1, 0);
4209 SSVAL(req->outbuf,smb_vwv0,nwritten);
4211 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
4212 fsp->fnum, (int)numtowrite, (int)nwritten));
4215 if (numtowrite && !fsp->print_file) {
4216 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4219 END_PROFILE(SMBwriteunlock);
4224 #define DBGC_CLASS DBGC_ALL
4226 /****************************************************************************
4228 ****************************************************************************/
4230 void reply_write(struct smb_request *req)
4232 connection_struct *conn = req->conn;
4234 ssize_t nwritten = -1;
4238 struct lock_struct lock;
4240 int saved_errno = 0;
4242 START_PROFILE(SMBwrite);
4245 END_PROFILE(SMBwrite);
4246 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4250 /* If it's an IPC, pass off the pipe handler. */
4252 reply_pipe_write(req);
4253 END_PROFILE(SMBwrite);
4257 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4259 if (!check_fsp(conn, req, fsp)) {
4260 END_PROFILE(SMBwrite);
4264 if (!CHECK_WRITE(fsp)) {
4265 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4266 END_PROFILE(SMBwrite);
4270 numtowrite = SVAL(req->vwv+1, 0);
4271 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4272 data = (const char *)req->buf + 3;
4274 if (!fsp->print_file) {
4275 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4276 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4279 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4280 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4281 END_PROFILE(SMBwrite);
4287 * X/Open SMB protocol says that if smb_vwv1 is
4288 * zero then the file size should be extended or
4289 * truncated to the size given in smb_vwv[2-3].
4292 if(numtowrite == 0) {
4294 * This is actually an allocate call, and set EOF. JRA.
4296 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
4298 reply_nterror(req, NT_STATUS_DISK_FULL);
4301 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
4303 reply_nterror(req, NT_STATUS_DISK_FULL);
4306 trigger_write_time_update_immediate(fsp);
4308 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4311 status = sync_file(conn, fsp, False);
4312 if (!NT_STATUS_IS_OK(status)) {
4313 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
4314 fsp_str_dbg(fsp), nt_errstr(status)));
4315 reply_nterror(req, status);
4320 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4324 if((nwritten == 0) && (numtowrite != 0)) {
4325 reply_nterror(req, NT_STATUS_DISK_FULL);
4329 reply_outbuf(req, 1, 0);
4331 SSVAL(req->outbuf,smb_vwv0,nwritten);
4333 if (nwritten < (ssize_t)numtowrite) {
4334 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4335 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4338 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
4341 if (!fsp->print_file) {
4342 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4345 END_PROFILE(SMBwrite);
4349 /****************************************************************************
4350 Ensure a buffer is a valid writeX for recvfile purposes.
4351 ****************************************************************************/
4353 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
4354 (2*14) + /* word count (including bcc) */ \
4357 bool is_valid_writeX_buffer(struct smbd_server_connection *sconn,
4358 const uint8_t *inbuf)
4361 connection_struct *conn = NULL;
4362 unsigned int doff = 0;
4363 size_t len = smb_len_large(inbuf);
4365 if (is_encrypted_packet(inbuf)) {
4366 /* Can't do this on encrypted
4371 if (CVAL(inbuf,smb_com) != SMBwriteX) {
4375 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
4376 CVAL(inbuf,smb_wct) != 14) {
4377 DEBUG(10,("is_valid_writeX_buffer: chained or "
4378 "invalid word length.\n"));
4382 conn = conn_find(sconn, SVAL(inbuf, smb_tid));
4384 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4388 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4391 if (IS_PRINT(conn)) {
4392 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4395 doff = SVAL(inbuf,smb_vwv11);
4397 numtowrite = SVAL(inbuf,smb_vwv10);
4399 if (len > doff && len - doff > 0xFFFF) {
4400 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
4403 if (numtowrite == 0) {
4404 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4408 /* Ensure the sizes match up. */
4409 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
4410 /* no pad byte...old smbclient :-( */
4411 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4413 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
4417 if (len - doff != numtowrite) {
4418 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4419 "len = %u, doff = %u, numtowrite = %u\n",
4422 (unsigned int)numtowrite ));
4426 DEBUG(10,("is_valid_writeX_buffer: true "
4427 "len = %u, doff = %u, numtowrite = %u\n",
4430 (unsigned int)numtowrite ));
4435 /****************************************************************************
4436 Reply to a write and X.
4437 ****************************************************************************/
4439 void reply_write_and_X(struct smb_request *req)
4441 connection_struct *conn = req->conn;
4443 struct lock_struct lock;
4448 unsigned int smb_doff;
4449 unsigned int smblen;
4452 int saved_errno = 0;
4454 START_PROFILE(SMBwriteX);
4456 if ((req->wct != 12) && (req->wct != 14)) {
4457 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4458 END_PROFILE(SMBwriteX);
4462 numtowrite = SVAL(req->vwv+10, 0);
4463 smb_doff = SVAL(req->vwv+11, 0);
4464 smblen = smb_len(req->inbuf);
4466 if (req->unread_bytes > 0xFFFF ||
4467 (smblen > smb_doff &&
4468 smblen - smb_doff > 0xFFFF)) {
4469 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4472 if (req->unread_bytes) {
4473 /* Can't do a recvfile write on IPC$ */
4475 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4476 END_PROFILE(SMBwriteX);
4479 if (numtowrite != req->unread_bytes) {
4480 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4481 END_PROFILE(SMBwriteX);
4485 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4486 smb_doff + numtowrite > smblen) {
4487 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4488 END_PROFILE(SMBwriteX);
4493 /* If it's an IPC, pass off the pipe handler. */
4495 if (req->unread_bytes) {
4496 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4497 END_PROFILE(SMBwriteX);
4500 reply_pipe_write_and_X(req);
4501 END_PROFILE(SMBwriteX);
4505 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4506 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4507 write_through = BITSETW(req->vwv+7,0);
4509 if (!check_fsp(conn, req, fsp)) {
4510 END_PROFILE(SMBwriteX);
4514 if (!CHECK_WRITE(fsp)) {
4515 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4516 END_PROFILE(SMBwriteX);
4520 data = smb_base(req->inbuf) + smb_doff;
4522 if(req->wct == 14) {
4523 #ifdef LARGE_SMB_OFF_T
4525 * This is a large offset (64 bit) write.
4527 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4529 #else /* !LARGE_SMB_OFF_T */
4532 * Ensure we haven't been sent a >32 bit offset.
4535 if(IVAL(req->vwv+12, 0) != 0) {
4536 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4537 "used and we don't support 64 bit offsets.\n",
4538 (unsigned int)IVAL(req->vwv+12, 0) ));
4539 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4540 END_PROFILE(SMBwriteX);
4544 #endif /* LARGE_SMB_OFF_T */
4547 /* X/Open SMB protocol says that, unlike SMBwrite
4548 if the length is zero then NO truncation is
4549 done, just a write of zero. To truncate a file,
4552 if(numtowrite == 0) {
4555 if (req->unread_bytes == 0) {
4556 status = schedule_aio_write_and_X(conn,
4563 if (NT_STATUS_IS_OK(status)) {
4564 /* write scheduled - we're done. */
4567 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
4568 /* Real error - report to client. */
4569 reply_nterror(req, status);
4572 /* NT_STATUS_RETRY - fall through to sync write. */
4575 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4576 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4579 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4580 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4584 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4585 saved_errno = errno;
4587 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4591 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4595 if((nwritten == 0) && (numtowrite != 0)) {
4596 reply_nterror(req, NT_STATUS_DISK_FULL);
4600 reply_outbuf(req, 6, 0);
4601 SSVAL(req->outbuf,smb_vwv2,nwritten);
4602 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4604 if (nwritten < (ssize_t)numtowrite) {
4605 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4606 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4609 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4610 fsp->fnum, (int)numtowrite, (int)nwritten));
4612 status = sync_file(conn, fsp, write_through);
4613 if (!NT_STATUS_IS_OK(status)) {
4614 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4615 fsp_str_dbg(fsp), nt_errstr(status)));
4616 reply_nterror(req, status);
4620 END_PROFILE(SMBwriteX);
4625 END_PROFILE(SMBwriteX);
4629 /****************************************************************************
4631 ****************************************************************************/
4633 void reply_lseek(struct smb_request *req)
4635 connection_struct *conn = req->conn;
4641 START_PROFILE(SMBlseek);
4644 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4645 END_PROFILE(SMBlseek);
4649 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4651 if (!check_fsp(conn, req, fsp)) {
4655 flush_write_cache(fsp, SEEK_FLUSH);
4657 mode = SVAL(req->vwv+1, 0) & 3;
4658 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4659 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4668 res = fsp->fh->pos + startpos;
4679 if (umode == SEEK_END) {
4680 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4681 if(errno == EINVAL) {
4682 SMB_OFF_T current_pos = startpos;
4684 if(fsp_stat(fsp) == -1) {
4686 map_nt_error_from_unix(errno));
4687 END_PROFILE(SMBlseek);
4691 current_pos += fsp->fsp_name->st.st_ex_size;
4693 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4698 reply_nterror(req, map_nt_error_from_unix(errno));
4699 END_PROFILE(SMBlseek);
4706 reply_outbuf(req, 2, 0);
4707 SIVAL(req->outbuf,smb_vwv0,res);
4709 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4710 fsp->fnum, (double)startpos, (double)res, mode));
4712 END_PROFILE(SMBlseek);
4716 /****************************************************************************
4718 ****************************************************************************/
4720 void reply_flush(struct smb_request *req)
4722 connection_struct *conn = req->conn;
4726 START_PROFILE(SMBflush);
4729 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4733 fnum = SVAL(req->vwv+0, 0);
4734 fsp = file_fsp(req, fnum);
4736 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4741 file_sync_all(conn);
4743 NTSTATUS status = sync_file(conn, fsp, True);
4744 if (!NT_STATUS_IS_OK(status)) {
4745 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4746 fsp_str_dbg(fsp), nt_errstr(status)));
4747 reply_nterror(req, status);
4748 END_PROFILE(SMBflush);
4753 reply_outbuf(req, 0, 0);
4755 DEBUG(3,("flush\n"));
4756 END_PROFILE(SMBflush);
4760 /****************************************************************************
4762 conn POINTER CAN BE NULL HERE !
4763 ****************************************************************************/
4765 void reply_exit(struct smb_request *req)
4767 START_PROFILE(SMBexit);
4769 file_close_pid(req->sconn, req->smbpid, req->vuid);
4771 reply_outbuf(req, 0, 0);
4773 DEBUG(3,("exit\n"));
4775 END_PROFILE(SMBexit);
4779 /****************************************************************************
4780 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4781 ****************************************************************************/
4783 void reply_close(struct smb_request *req)
4785 connection_struct *conn = req->conn;
4786 NTSTATUS status = NT_STATUS_OK;
4787 files_struct *fsp = NULL;
4788 START_PROFILE(SMBclose);
4791 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4792 END_PROFILE(SMBclose);
4796 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4799 * We can only use check_fsp if we know it's not a directory.
4802 if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) {
4803 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
4804 END_PROFILE(SMBclose);
4808 if(fsp->is_directory) {
4810 * Special case - close NT SMB directory handle.
4812 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4813 status = close_file(req, fsp, NORMAL_CLOSE);
4817 * Close ordinary file.
4820 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4821 fsp->fh->fd, fsp->fnum,
4822 conn->num_files_open));
4825 * Take care of any time sent in the close.
4828 t = srv_make_unix_date3(req->vwv+1);
4829 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4832 * close_file() returns the unix errno if an error
4833 * was detected on close - normally this is due to
4834 * a disk full error. If not then it was probably an I/O error.
4837 status = close_file(req, fsp, NORMAL_CLOSE);
4840 if (!NT_STATUS_IS_OK(status)) {
4841 reply_nterror(req, status);
4842 END_PROFILE(SMBclose);
4846 reply_outbuf(req, 0, 0);
4847 END_PROFILE(SMBclose);
4851 /****************************************************************************
4852 Reply to a writeclose (Core+ protocol).
4853 ****************************************************************************/
4855 void reply_writeclose(struct smb_request *req)
4857 connection_struct *conn = req->conn;
4859 ssize_t nwritten = -1;
4860 NTSTATUS close_status = NT_STATUS_OK;
4863 struct timespec mtime;
4865 struct lock_struct lock;
4867 START_PROFILE(SMBwriteclose);
4870 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4871 END_PROFILE(SMBwriteclose);
4875 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4877 if (!check_fsp(conn, req, fsp)) {
4878 END_PROFILE(SMBwriteclose);
4881 if (!CHECK_WRITE(fsp)) {
4882 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4883 END_PROFILE(SMBwriteclose);
4887 numtowrite = SVAL(req->vwv+1, 0);
4888 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4889 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4890 data = (const char *)req->buf + 1;
4892 if (!fsp->print_file) {
4893 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4894 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4897 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4898 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4899 END_PROFILE(SMBwriteclose);
4904 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4906 set_close_write_time(fsp, mtime);
4909 * More insanity. W2K only closes the file if writelen > 0.
4914 DEBUG(3,("reply_writeclose: zero length write doesn't close "
4915 "file %s\n", fsp_str_dbg(fsp)));
4916 close_status = close_file(req, fsp, NORMAL_CLOSE);
4919 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4920 fsp->fnum, (int)numtowrite, (int)nwritten,
4921 conn->num_files_open));
4923 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4924 reply_nterror(req, NT_STATUS_DISK_FULL);
4928 if(!NT_STATUS_IS_OK(close_status)) {
4929 reply_nterror(req, close_status);
4933 reply_outbuf(req, 1, 0);
4935 SSVAL(req->outbuf,smb_vwv0,nwritten);
4938 if (numtowrite && !fsp->print_file) {
4939 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4942 END_PROFILE(SMBwriteclose);
4947 #define DBGC_CLASS DBGC_LOCKING
4949 /****************************************************************************
4951 ****************************************************************************/
4953 void reply_lock(struct smb_request *req)
4955 connection_struct *conn = req->conn;
4956 uint64_t count,offset;
4959 struct byte_range_lock *br_lck = NULL;
4961 START_PROFILE(SMBlock);
4964 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4965 END_PROFILE(SMBlock);
4969 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4971 if (!check_fsp(conn, req, fsp)) {
4972 END_PROFILE(SMBlock);
4976 count = (uint64_t)IVAL(req->vwv+1, 0);
4977 offset = (uint64_t)IVAL(req->vwv+3, 0);
4979 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4980 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
4982 br_lck = do_lock(req->sconn->msg_ctx,
4984 (uint64_t)req->smbpid,
4989 False, /* Non-blocking lock. */
4994 TALLOC_FREE(br_lck);
4996 if (NT_STATUS_V(status)) {
4997 reply_nterror(req, status);
4998 END_PROFILE(SMBlock);
5002 reply_outbuf(req, 0, 0);
5004 END_PROFILE(SMBlock);
5008 /****************************************************************************
5010 ****************************************************************************/
5012 void reply_unlock(struct smb_request *req)
5014 connection_struct *conn = req->conn;
5015 uint64_t count,offset;
5019 START_PROFILE(SMBunlock);
5022 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5023 END_PROFILE(SMBunlock);
5027 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5029 if (!check_fsp(conn, req, fsp)) {
5030 END_PROFILE(SMBunlock);
5034 count = (uint64_t)IVAL(req->vwv+1, 0);
5035 offset = (uint64_t)IVAL(req->vwv+3, 0);
5037 status = do_unlock(req->sconn->msg_ctx,
5039 (uint64_t)req->smbpid,
5044 if (NT_STATUS_V(status)) {
5045 reply_nterror(req, status);
5046 END_PROFILE(SMBunlock);
5050 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
5051 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
5053 reply_outbuf(req, 0, 0);
5055 END_PROFILE(SMBunlock);
5060 #define DBGC_CLASS DBGC_ALL
5062 /****************************************************************************
5064 conn POINTER CAN BE NULL HERE !
5065 ****************************************************************************/
5067 void reply_tdis(struct smb_request *req)
5069 connection_struct *conn = req->conn;
5070 START_PROFILE(SMBtdis);
5073 DEBUG(4,("Invalid connection in tdis\n"));
5074 reply_nterror(req, NT_STATUS_NETWORK_NAME_DELETED);
5075 END_PROFILE(SMBtdis);
5081 close_cnum(conn,req->vuid);
5084 reply_outbuf(req, 0, 0);
5085 END_PROFILE(SMBtdis);
5089 /****************************************************************************
5091 conn POINTER CAN BE NULL HERE !
5092 ****************************************************************************/
5094 void reply_echo(struct smb_request *req)
5096 connection_struct *conn = req->conn;
5097 struct smb_perfcount_data local_pcd;
5098 struct smb_perfcount_data *cur_pcd;
5102 START_PROFILE(SMBecho);
5104 smb_init_perfcount_data(&local_pcd);
5107 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5108 END_PROFILE(SMBecho);
5112 smb_reverb = SVAL(req->vwv+0, 0);
5114 reply_outbuf(req, 1, req->buflen);
5116 /* copy any incoming data back out */
5117 if (req->buflen > 0) {
5118 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
5121 if (smb_reverb > 100) {
5122 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
5126 for (seq_num = 1 ; seq_num <= smb_reverb ; seq_num++) {
5128 /* this makes sure we catch the request pcd */
5129 if (seq_num == smb_reverb) {
5130 cur_pcd = &req->pcd;
5132 SMB_PERFCOUNT_COPY_CONTEXT(&req->pcd, &local_pcd);
5133 cur_pcd = &local_pcd;
5136 SSVAL(req->outbuf,smb_vwv0,seq_num);
5138 show_msg((char *)req->outbuf);
5139 if (!srv_send_smb(req->sconn,
5140 (char *)req->outbuf,
5141 true, req->seqnum+1,
5142 IS_CONN_ENCRYPTED(conn)||req->encrypted,
5144 exit_server_cleanly("reply_echo: srv_send_smb failed.");
5147 DEBUG(3,("echo %d times\n", smb_reverb));
5149 TALLOC_FREE(req->outbuf);
5151 END_PROFILE(SMBecho);
5155 /****************************************************************************
5156 Reply to a printopen.
5157 ****************************************************************************/
5159 void reply_printopen(struct smb_request *req)
5161 connection_struct *conn = req->conn;
5165 START_PROFILE(SMBsplopen);
5168 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5169 END_PROFILE(SMBsplopen);
5173 if (!CAN_PRINT(conn)) {
5174 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5175 END_PROFILE(SMBsplopen);
5179 status = file_new(req, conn, &fsp);
5180 if(!NT_STATUS_IS_OK(status)) {
5181 reply_nterror(req, status);
5182 END_PROFILE(SMBsplopen);
5186 /* Open for exclusive use, write only. */
5187 status = print_spool_open(fsp, NULL, req->vuid);
5189 if (!NT_STATUS_IS_OK(status)) {
5190 file_free(req, fsp);
5191 reply_nterror(req, status);
5192 END_PROFILE(SMBsplopen);
5196 reply_outbuf(req, 1, 0);
5197 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
5199 DEBUG(3,("openprint fd=%d fnum=%d\n",
5200 fsp->fh->fd, fsp->fnum));
5202 END_PROFILE(SMBsplopen);
5206 /****************************************************************************
5207 Reply to a printclose.
5208 ****************************************************************************/
5210 void reply_printclose(struct smb_request *req)
5212 connection_struct *conn = req->conn;
5216 START_PROFILE(SMBsplclose);
5219 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5220 END_PROFILE(SMBsplclose);
5224 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5226 if (!check_fsp(conn, req, fsp)) {
5227 END_PROFILE(SMBsplclose);
5231 if (!CAN_PRINT(conn)) {
5232 reply_force_doserror(req, ERRSRV, ERRerror);
5233 END_PROFILE(SMBsplclose);
5237 DEBUG(3,("printclose fd=%d fnum=%d\n",
5238 fsp->fh->fd,fsp->fnum));
5240 status = close_file(req, fsp, NORMAL_CLOSE);
5242 if(!NT_STATUS_IS_OK(status)) {
5243 reply_nterror(req, status);
5244 END_PROFILE(SMBsplclose);
5248 reply_outbuf(req, 0, 0);
5250 END_PROFILE(SMBsplclose);
5254 /****************************************************************************
5255 Reply to a printqueue.
5256 ****************************************************************************/
5258 void reply_printqueue(struct smb_request *req)
5260 connection_struct *conn = req->conn;
5264 START_PROFILE(SMBsplretq);
5267 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5268 END_PROFILE(SMBsplretq);
5272 max_count = SVAL(req->vwv+0, 0);
5273 start_index = SVAL(req->vwv+1, 0);
5275 /* we used to allow the client to get the cnum wrong, but that
5276 is really quite gross and only worked when there was only
5277 one printer - I think we should now only accept it if they
5278 get it right (tridge) */
5279 if (!CAN_PRINT(conn)) {
5280 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5281 END_PROFILE(SMBsplretq);
5285 reply_outbuf(req, 2, 3);
5286 SSVAL(req->outbuf,smb_vwv0,0);
5287 SSVAL(req->outbuf,smb_vwv1,0);
5288 SCVAL(smb_buf(req->outbuf),0,1);
5289 SSVAL(smb_buf(req->outbuf),1,0);
5291 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
5292 start_index, max_count));
5295 TALLOC_CTX *mem_ctx = talloc_tos();
5298 const char *sharename = lp_servicename(SNUM(conn));
5299 struct rpc_pipe_client *cli = NULL;
5300 struct policy_handle handle;
5301 struct spoolss_DevmodeContainer devmode_ctr;
5302 union spoolss_JobInfo *info;
5304 uint32_t num_to_get;
5308 ZERO_STRUCT(handle);
5310 status = rpc_pipe_open_interface(conn,
5311 &ndr_table_spoolss.syntax_id,
5313 &conn->sconn->client_id,
5314 conn->sconn->msg_ctx,
5316 if (!NT_STATUS_IS_OK(status)) {
5317 DEBUG(0, ("reply_printqueue: "
5318 "could not connect to spoolss: %s\n",
5319 nt_errstr(status)));
5320 reply_nterror(req, status);
5324 ZERO_STRUCT(devmode_ctr);
5326 status = rpccli_spoolss_OpenPrinter(cli, mem_ctx,
5329 SEC_FLAG_MAXIMUM_ALLOWED,
5332 if (!NT_STATUS_IS_OK(status)) {
5333 reply_nterror(req, status);
5336 if (!W_ERROR_IS_OK(werr)) {
5337 reply_nterror(req, werror_to_ntstatus(werr));
5341 werr = rpccli_spoolss_enumjobs(cli, mem_ctx,
5349 if (!W_ERROR_IS_OK(werr)) {
5350 reply_nterror(req, werror_to_ntstatus(werr));
5354 if (max_count > 0) {
5355 first = start_index;
5357 first = start_index + max_count + 1;
5360 if (first >= count) {
5363 num_to_get = first + MIN(ABS(max_count), count - first);
5366 for (i = first; i < num_to_get; i++) {
5369 time_t qtime = spoolss_Time_to_time_t(&info[i].info2.submitted);
5371 uint16_t qrapjobid = pjobid_to_rap(sharename,
5372 info[i].info2.job_id);
5374 if (info[i].info2.status == JOB_STATUS_PRINTING) {
5380 srv_put_dos_date2(p, 0, qtime);
5381 SCVAL(p, 4, qstatus);
5382 SSVAL(p, 5, qrapjobid);
5383 SIVAL(p, 7, info[i].info2.size);
5385 srvstr_push(blob, req->flags2, p+12,
5386 info[i].info2.notify_name, 16, STR_ASCII);
5388 if (message_push_blob(
5391 blob, sizeof(blob))) == -1) {
5392 reply_nterror(req, NT_STATUS_NO_MEMORY);
5398 SSVAL(req->outbuf,smb_vwv0,count);
5399 SSVAL(req->outbuf,smb_vwv1,
5400 (max_count>0?first+count:first-1));
5401 SCVAL(smb_buf(req->outbuf),0,1);
5402 SSVAL(smb_buf(req->outbuf),1,28*count);
5406 DEBUG(3, ("%u entries returned in queue\n",
5410 if (cli && is_valid_policy_hnd(&handle)) {
5411 rpccli_spoolss_ClosePrinter(cli, mem_ctx, &handle, NULL);
5416 END_PROFILE(SMBsplretq);
5420 /****************************************************************************
5421 Reply to a printwrite.
5422 ****************************************************************************/
5424 void reply_printwrite(struct smb_request *req)
5426 connection_struct *conn = req->conn;
5431 START_PROFILE(SMBsplwr);
5434 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5435 END_PROFILE(SMBsplwr);
5439 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5441 if (!check_fsp(conn, req, fsp)) {
5442 END_PROFILE(SMBsplwr);
5446 if (!fsp->print_file) {
5447 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5448 END_PROFILE(SMBsplwr);
5452 if (!CHECK_WRITE(fsp)) {
5453 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5454 END_PROFILE(SMBsplwr);
5458 numtowrite = SVAL(req->buf, 1);
5460 if (req->buflen < numtowrite + 3) {
5461 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5462 END_PROFILE(SMBsplwr);
5466 data = (const char *)req->buf + 3;
5468 if (write_file(req,fsp,data,(SMB_OFF_T)-1,numtowrite) != numtowrite) {
5469 reply_nterror(req, map_nt_error_from_unix(errno));
5470 END_PROFILE(SMBsplwr);
5474 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
5476 END_PROFILE(SMBsplwr);
5480 /****************************************************************************
5482 ****************************************************************************/
5484 void reply_mkdir(struct smb_request *req)
5486 connection_struct *conn = req->conn;
5487 struct smb_filename *smb_dname = NULL;
5488 char *directory = NULL;
5490 TALLOC_CTX *ctx = talloc_tos();
5492 START_PROFILE(SMBmkdir);
5494 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5495 STR_TERMINATE, &status);
5496 if (!NT_STATUS_IS_OK(status)) {
5497 reply_nterror(req, status);
5501 status = filename_convert(ctx, conn,
5502 req->flags2 & FLAGS2_DFS_PATHNAMES,
5507 if (!NT_STATUS_IS_OK(status)) {
5508 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5509 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5510 ERRSRV, ERRbadpath);
5513 reply_nterror(req, status);
5517 status = create_directory(conn, req, smb_dname);
5519 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
5521 if (!NT_STATUS_IS_OK(status)) {
5523 if (!use_nt_status()
5524 && NT_STATUS_EQUAL(status,
5525 NT_STATUS_OBJECT_NAME_COLLISION)) {
5527 * Yes, in the DOS error code case we get a
5528 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5529 * samba4 torture test.
5531 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
5534 reply_nterror(req, status);
5538 reply_outbuf(req, 0, 0);
5540 DEBUG(3, ("mkdir %s\n", smb_dname->base_name));
5542 TALLOC_FREE(smb_dname);
5543 END_PROFILE(SMBmkdir);
5547 /****************************************************************************
5549 ****************************************************************************/
5551 void reply_rmdir(struct smb_request *req)
5553 connection_struct *conn = req->conn;
5554 struct smb_filename *smb_dname = NULL;
5555 char *directory = NULL;
5557 TALLOC_CTX *ctx = talloc_tos();
5558 files_struct *fsp = NULL;
5560 struct smbd_server_connection *sconn = req->sconn;
5562 START_PROFILE(SMBrmdir);
5564 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5565 STR_TERMINATE, &status);
5566 if (!NT_STATUS_IS_OK(status)) {
5567 reply_nterror(req, status);
5571 status = filename_convert(ctx, conn,
5572 req->flags2 & FLAGS2_DFS_PATHNAMES,
5577 if (!NT_STATUS_IS_OK(status)) {
5578 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5579 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5580 ERRSRV, ERRbadpath);
5583 reply_nterror(req, status);
5587 if (is_ntfs_stream_smb_fname(smb_dname)) {
5588 reply_nterror(req, NT_STATUS_NOT_A_DIRECTORY);
5592 status = SMB_VFS_CREATE_FILE(
5595 0, /* root_dir_fid */
5596 smb_dname, /* fname */
5597 DELETE_ACCESS, /* access_mask */
5598 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
5600 FILE_OPEN, /* create_disposition*/
5601 FILE_DIRECTORY_FILE, /* create_options */
5602 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
5603 0, /* oplock_request */
5604 0, /* allocation_size */
5605 0, /* private_flags */
5611 if (!NT_STATUS_IS_OK(status)) {
5612 if (open_was_deferred(req->mid)) {
5613 /* We have re-scheduled this call. */
5616 reply_nterror(req, status);
5620 status = can_set_delete_on_close(fsp, FILE_ATTRIBUTE_DIRECTORY);
5621 if (!NT_STATUS_IS_OK(status)) {
5622 close_file(req, fsp, ERROR_CLOSE);
5623 reply_nterror(req, status);
5627 if (!set_delete_on_close(fsp, true, &conn->server_info->utok)) {
5628 close_file(req, fsp, ERROR_CLOSE);
5629 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5633 status = close_file(req, fsp, NORMAL_CLOSE);
5634 if (!NT_STATUS_IS_OK(status)) {
5635 reply_nterror(req, status);
5637 reply_outbuf(req, 0, 0);
5640 dptr_closepath(sconn, smb_dname->base_name, req->smbpid);
5642 DEBUG(3, ("rmdir %s\n", smb_fname_str_dbg(smb_dname)));
5644 TALLOC_FREE(smb_dname);
5645 END_PROFILE(SMBrmdir);
5649 /*******************************************************************
5650 Resolve wildcards in a filename rename.
5651 ********************************************************************/
5653 static bool resolve_wildcards(TALLOC_CTX *ctx,
5658 char *name2_copy = NULL;
5663 char *p,*p2, *pname1, *pname2;
5665 name2_copy = talloc_strdup(ctx, name2);
5670 pname1 = strrchr_m(name1,'/');
5671 pname2 = strrchr_m(name2_copy,'/');
5673 if (!pname1 || !pname2) {
5677 /* Truncate the copy of name2 at the last '/' */
5680 /* Now go past the '/' */
5684 root1 = talloc_strdup(ctx, pname1);
5685 root2 = talloc_strdup(ctx, pname2);
5687 if (!root1 || !root2) {
5691 p = strrchr_m(root1,'.');
5694 ext1 = talloc_strdup(ctx, p+1);
5696 ext1 = talloc_strdup(ctx, "");
5698 p = strrchr_m(root2,'.');
5701 ext2 = talloc_strdup(ctx, p+1);
5703 ext2 = talloc_strdup(ctx, "");
5706 if (!ext1 || !ext2) {
5714 /* Hmmm. Should this be mb-aware ? */
5717 } else if (*p2 == '*') {
5719 root2 = talloc_asprintf(ctx, "%s%s",
5738 /* Hmmm. Should this be mb-aware ? */
5741 } else if (*p2 == '*') {
5743 ext2 = talloc_asprintf(ctx, "%s%s",
5759 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5764 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5776 /****************************************************************************
5777 Ensure open files have their names updated. Updated to notify other smbd's
5779 ****************************************************************************/
5781 static void rename_open_files(connection_struct *conn,
5782 struct share_mode_lock *lck,
5783 const struct smb_filename *smb_fname_dst)
5786 bool did_rename = False;
5789 for(fsp = file_find_di_first(conn->sconn, lck->id); fsp;
5790 fsp = file_find_di_next(fsp)) {
5791 /* fsp_name is a relative path under the fsp. To change this for other
5792 sharepaths we need to manipulate relative paths. */
5793 /* TODO - create the absolute path and manipulate the newname
5794 relative to the sharepath. */
5795 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5798 DEBUG(10, ("rename_open_files: renaming file fnum %d "
5799 "(file_id %s) from %s -> %s\n", fsp->fnum,
5800 file_id_string_tos(&fsp->file_id), fsp_str_dbg(fsp),
5801 smb_fname_str_dbg(smb_fname_dst)));
5803 status = fsp_set_smb_fname(fsp, smb_fname_dst);
5804 if (NT_STATUS_IS_OK(status)) {
5810 DEBUG(10, ("rename_open_files: no open files on file_id %s "
5811 "for %s\n", file_id_string_tos(&lck->id),
5812 smb_fname_str_dbg(smb_fname_dst)));
5815 /* Send messages to all smbd's (not ourself) that the name has changed. */
5816 rename_share_filename(conn->sconn->msg_ctx, lck, conn->connectpath,
5821 /****************************************************************************
5822 We need to check if the source path is a parent directory of the destination
5823 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5824 refuse the rename with a sharing violation. Under UNIX the above call can
5825 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5826 probably need to check that the client is a Windows one before disallowing
5827 this as a UNIX client (one with UNIX extensions) can know the source is a
5828 symlink and make this decision intelligently. Found by an excellent bug
5829 report from <AndyLiebman@aol.com>.
5830 ****************************************************************************/
5832 static bool rename_path_prefix_equal(const struct smb_filename *smb_fname_src,
5833 const struct smb_filename *smb_fname_dst)
5835 const char *psrc = smb_fname_src->base_name;
5836 const char *pdst = smb_fname_dst->base_name;
5839 if (psrc[0] == '.' && psrc[1] == '/') {
5842 if (pdst[0] == '.' && pdst[1] == '/') {
5845 if ((slen = strlen(psrc)) > strlen(pdst)) {
5848 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5852 * Do the notify calls from a rename
5855 static void notify_rename(connection_struct *conn, bool is_dir,
5856 const struct smb_filename *smb_fname_src,
5857 const struct smb_filename *smb_fname_dst)
5859 char *parent_dir_src = NULL;
5860 char *parent_dir_dst = NULL;
5863 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5864 : FILE_NOTIFY_CHANGE_FILE_NAME;
5866 if (!parent_dirname(talloc_tos(), smb_fname_src->base_name,
5867 &parent_dir_src, NULL) ||
5868 !parent_dirname(talloc_tos(), smb_fname_dst->base_name,
5869 &parent_dir_dst, NULL)) {
5873 if (strcmp(parent_dir_src, parent_dir_dst) == 0) {
5874 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask,
5875 smb_fname_src->base_name);
5876 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask,
5877 smb_fname_dst->base_name);
5880 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask,
5881 smb_fname_src->base_name);
5882 notify_fname(conn, NOTIFY_ACTION_ADDED, mask,
5883 smb_fname_dst->base_name);
5886 /* this is a strange one. w2k3 gives an additional event for
5887 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5888 files, but not directories */
5890 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5891 FILE_NOTIFY_CHANGE_ATTRIBUTES
5892 |FILE_NOTIFY_CHANGE_CREATION,
5893 smb_fname_dst->base_name);
5896 TALLOC_FREE(parent_dir_src);
5897 TALLOC_FREE(parent_dir_dst);
5900 /****************************************************************************
5901 Rename an open file - given an fsp.
5902 ****************************************************************************/
5904 NTSTATUS rename_internals_fsp(connection_struct *conn,
5906 const struct smb_filename *smb_fname_dst_in,
5908 bool replace_if_exists)
5910 TALLOC_CTX *ctx = talloc_tos();
5911 struct smb_filename *smb_fname_dst = NULL;
5912 NTSTATUS status = NT_STATUS_OK;
5913 struct share_mode_lock *lck = NULL;
5914 bool dst_exists, old_is_stream, new_is_stream;
5916 status = check_name(conn, smb_fname_dst_in->base_name);
5917 if (!NT_STATUS_IS_OK(status)) {
5921 /* Make a copy of the dst smb_fname structs */
5923 status = copy_smb_filename(ctx, smb_fname_dst_in, &smb_fname_dst);
5924 if (!NT_STATUS_IS_OK(status)) {
5928 /* Ensure the dst smb_fname contains a '/' */
5929 if(strrchr_m(smb_fname_dst->base_name,'/') == 0) {
5931 tmp = talloc_asprintf(smb_fname_dst, "./%s",
5932 smb_fname_dst->base_name);
5934 status = NT_STATUS_NO_MEMORY;
5937 TALLOC_FREE(smb_fname_dst->base_name);
5938 smb_fname_dst->base_name = tmp;
5942 * Check for special case with case preserving and not
5943 * case sensitive. If the old last component differs from the original
5944 * last component only by case, then we should allow
5945 * the rename (user is trying to change the case of the
5948 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5949 strequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
5950 strequal(fsp->fsp_name->stream_name, smb_fname_dst->stream_name)) {
5952 char *fname_dst_lcomp_base_mod = NULL;
5953 struct smb_filename *smb_fname_orig_lcomp = NULL;
5956 * Get the last component of the destination name. Note that
5957 * we guarantee that destination name contains a '/' character
5960 last_slash = strrchr_m(smb_fname_dst->base_name, '/');
5961 fname_dst_lcomp_base_mod = talloc_strdup(ctx, last_slash + 1);
5962 if (!fname_dst_lcomp_base_mod) {
5963 status = NT_STATUS_NO_MEMORY;
5968 * Create an smb_filename struct using the original last
5969 * component of the destination.
5971 status = create_synthetic_smb_fname_split(ctx,
5972 smb_fname_dst->original_lcomp, NULL,
5973 &smb_fname_orig_lcomp);
5974 if (!NT_STATUS_IS_OK(status)) {
5975 TALLOC_FREE(fname_dst_lcomp_base_mod);
5979 /* If the base names only differ by case, use original. */
5980 if(!strcsequal(fname_dst_lcomp_base_mod,
5981 smb_fname_orig_lcomp->base_name)) {
5984 * Replace the modified last component with the
5987 *last_slash = '\0'; /* Truncate at the '/' */
5988 tmp = talloc_asprintf(smb_fname_dst,
5990 smb_fname_dst->base_name,
5991 smb_fname_orig_lcomp->base_name);
5993 status = NT_STATUS_NO_MEMORY;
5994 TALLOC_FREE(fname_dst_lcomp_base_mod);
5995 TALLOC_FREE(smb_fname_orig_lcomp);
5998 TALLOC_FREE(smb_fname_dst->base_name);
5999 smb_fname_dst->base_name = tmp;
6002 /* If the stream_names only differ by case, use original. */
6003 if(!strcsequal(smb_fname_dst->stream_name,
6004 smb_fname_orig_lcomp->stream_name)) {
6006 /* Use the original stream. */
6007 tmp = talloc_strdup(smb_fname_dst,
6008 smb_fname_orig_lcomp->stream_name);
6010 status = NT_STATUS_NO_MEMORY;
6011 TALLOC_FREE(fname_dst_lcomp_base_mod);
6012 TALLOC_FREE(smb_fname_orig_lcomp);
6015 TALLOC_FREE(smb_fname_dst->stream_name);
6016 smb_fname_dst->stream_name = tmp;
6018 TALLOC_FREE(fname_dst_lcomp_base_mod);
6019 TALLOC_FREE(smb_fname_orig_lcomp);
6023 * If the src and dest names are identical - including case,
6024 * don't do the rename, just return success.
6027 if (strcsequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
6028 strcsequal(fsp->fsp_name->stream_name,
6029 smb_fname_dst->stream_name)) {
6030 DEBUG(3, ("rename_internals_fsp: identical names in rename %s "
6031 "- returning success\n",
6032 smb_fname_str_dbg(smb_fname_dst)));
6033 status = NT_STATUS_OK;
6037 old_is_stream = is_ntfs_stream_smb_fname(fsp->fsp_name);
6038 new_is_stream = is_ntfs_stream_smb_fname(smb_fname_dst);
6040 /* Return the correct error code if both names aren't streams. */
6041 if (!old_is_stream && new_is_stream) {
6042 status = NT_STATUS_OBJECT_NAME_INVALID;
6046 if (old_is_stream && !new_is_stream) {
6047 status = NT_STATUS_INVALID_PARAMETER;
6051 dst_exists = SMB_VFS_STAT(conn, smb_fname_dst) == 0;
6053 if(!replace_if_exists && dst_exists) {
6054 DEBUG(3, ("rename_internals_fsp: dest exists doing rename "
6055 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6056 smb_fname_str_dbg(smb_fname_dst)));
6057 status = NT_STATUS_OBJECT_NAME_COLLISION;
6062 struct file_id fileid = vfs_file_id_from_sbuf(conn,
6063 &smb_fname_dst->st);
6064 files_struct *dst_fsp = file_find_di_first(conn->sconn,
6066 /* The file can be open when renaming a stream */
6067 if (dst_fsp && !new_is_stream) {
6068 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
6069 status = NT_STATUS_ACCESS_DENIED;
6074 /* Ensure we have a valid stat struct for the source. */
6075 status = vfs_stat_fsp(fsp);
6076 if (!NT_STATUS_IS_OK(status)) {
6080 status = can_rename(conn, fsp, attrs);
6082 if (!NT_STATUS_IS_OK(status)) {
6083 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6084 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6085 smb_fname_str_dbg(smb_fname_dst)));
6086 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
6087 status = NT_STATUS_ACCESS_DENIED;
6091 if (rename_path_prefix_equal(fsp->fsp_name, smb_fname_dst)) {
6092 status = NT_STATUS_ACCESS_DENIED;
6095 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
6099 * We have the file open ourselves, so not being able to get the
6100 * corresponding share mode lock is a fatal error.
6103 SMB_ASSERT(lck != NULL);
6105 if(SMB_VFS_RENAME(conn, fsp->fsp_name, smb_fname_dst) == 0) {
6106 uint32 create_options = fsp->fh->private_options;
6108 DEBUG(3, ("rename_internals_fsp: succeeded doing rename on "
6109 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6110 smb_fname_str_dbg(smb_fname_dst)));
6112 if (!lp_posix_pathnames() &&
6113 (lp_map_archive(SNUM(conn)) ||
6114 lp_store_dos_attributes(SNUM(conn)))) {
6115 /* We must set the archive bit on the newly
6117 if (SMB_VFS_STAT(conn, smb_fname_dst) == 0) {
6118 uint32_t old_dosmode = dos_mode(conn,
6120 file_set_dosmode(conn,
6122 old_dosmode | FILE_ATTRIBUTE_ARCHIVE,
6128 notify_rename(conn, fsp->is_directory, fsp->fsp_name,
6131 rename_open_files(conn, lck, smb_fname_dst);
6134 * A rename acts as a new file create w.r.t. allowing an initial delete
6135 * on close, probably because in Windows there is a new handle to the
6136 * new file. If initial delete on close was requested but not
6137 * originally set, we need to set it here. This is probably not 100% correct,
6138 * but will work for the CIFSFS client which in non-posix mode
6139 * depends on these semantics. JRA.
6142 if (create_options & FILE_DELETE_ON_CLOSE) {
6143 status = can_set_delete_on_close(fsp, 0);
6145 if (NT_STATUS_IS_OK(status)) {
6146 /* Note that here we set the *inital* delete on close flag,
6147 * not the regular one. The magic gets handled in close. */
6148 fsp->initial_delete_on_close = True;
6152 status = NT_STATUS_OK;
6158 if (errno == ENOTDIR || errno == EISDIR) {
6159 status = NT_STATUS_OBJECT_NAME_COLLISION;
6161 status = map_nt_error_from_unix(errno);
6164 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6165 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6166 smb_fname_str_dbg(smb_fname_dst)));
6169 TALLOC_FREE(smb_fname_dst);
6174 /****************************************************************************
6175 The guts of the rename command, split out so it may be called by the NT SMB
6177 ****************************************************************************/
6179 NTSTATUS rename_internals(TALLOC_CTX *ctx,
6180 connection_struct *conn,
6181 struct smb_request *req,
6182 struct smb_filename *smb_fname_src,
6183 struct smb_filename *smb_fname_dst,
6185 bool replace_if_exists,
6188 uint32_t access_mask)
6190 char *fname_src_dir = NULL;
6191 char *fname_src_mask = NULL;
6193 NTSTATUS status = NT_STATUS_OK;
6194 struct smb_Dir *dir_hnd = NULL;
6195 const char *dname = NULL;
6196 char *talloced = NULL;
6198 int create_options = 0;
6199 bool posix_pathnames = lp_posix_pathnames();
6202 * Split the old name into directory and last component
6203 * strings. Note that unix_convert may have stripped off a
6204 * leading ./ from both name and newname if the rename is
6205 * at the root of the share. We need to make sure either both
6206 * name and newname contain a / character or neither of them do
6207 * as this is checked in resolve_wildcards().
6210 /* Split up the directory from the filename/mask. */
6211 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6212 &fname_src_dir, &fname_src_mask);
6213 if (!NT_STATUS_IS_OK(status)) {
6214 status = NT_STATUS_NO_MEMORY;
6219 * We should only check the mangled cache
6220 * here if unix_convert failed. This means
6221 * that the path in 'mask' doesn't exist
6222 * on the file system and so we need to look
6223 * for a possible mangle. This patch from
6224 * Tine Smukavec <valentin.smukavec@hermes.si>.
6227 if (!VALID_STAT(smb_fname_src->st) &&
6228 mangle_is_mangled(fname_src_mask, conn->params)) {
6229 char *new_mask = NULL;
6230 mangle_lookup_name_from_8_3(ctx, fname_src_mask, &new_mask,
6233 TALLOC_FREE(fname_src_mask);
6234 fname_src_mask = new_mask;
6238 if (!src_has_wild) {
6242 * Only one file needs to be renamed. Append the mask back
6243 * onto the directory.
6245 TALLOC_FREE(smb_fname_src->base_name);
6246 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6250 if (!smb_fname_src->base_name) {
6251 status = NT_STATUS_NO_MEMORY;
6255 /* Ensure dst fname contains a '/' also */
6256 if(strrchr_m(smb_fname_dst->base_name, '/') == 0) {
6258 tmp = talloc_asprintf(smb_fname_dst, "./%s",
6259 smb_fname_dst->base_name);
6261 status = NT_STATUS_NO_MEMORY;
6264 TALLOC_FREE(smb_fname_dst->base_name);
6265 smb_fname_dst->base_name = tmp;
6268 DEBUG(3, ("rename_internals: case_sensitive = %d, "
6269 "case_preserve = %d, short case preserve = %d, "
6270 "directory = %s, newname = %s, "
6271 "last_component_dest = %s\n",
6272 conn->case_sensitive, conn->case_preserve,
6273 conn->short_case_preserve,
6274 smb_fname_str_dbg(smb_fname_src),
6275 smb_fname_str_dbg(smb_fname_dst),
6276 smb_fname_dst->original_lcomp));
6278 /* The dest name still may have wildcards. */
6279 if (dest_has_wild) {
6280 char *fname_dst_mod = NULL;
6281 if (!resolve_wildcards(smb_fname_dst,
6282 smb_fname_src->base_name,
6283 smb_fname_dst->base_name,
6285 DEBUG(6, ("rename_internals: resolve_wildcards "
6287 smb_fname_src->base_name,
6288 smb_fname_dst->base_name));
6289 status = NT_STATUS_NO_MEMORY;
6292 TALLOC_FREE(smb_fname_dst->base_name);
6293 smb_fname_dst->base_name = fname_dst_mod;
6296 ZERO_STRUCT(smb_fname_src->st);
6297 if (posix_pathnames) {
6298 SMB_VFS_LSTAT(conn, smb_fname_src);
6300 SMB_VFS_STAT(conn, smb_fname_src);
6303 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6304 create_options |= FILE_DIRECTORY_FILE;
6307 status = SMB_VFS_CREATE_FILE(
6310 0, /* root_dir_fid */
6311 smb_fname_src, /* fname */
6312 access_mask, /* access_mask */
6313 (FILE_SHARE_READ | /* share_access */
6315 FILE_OPEN, /* create_disposition*/
6316 create_options, /* create_options */
6317 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6318 0, /* oplock_request */
6319 0, /* allocation_size */
6320 0, /* private_flags */
6326 if (!NT_STATUS_IS_OK(status)) {
6327 DEBUG(3, ("Could not open rename source %s: %s\n",
6328 smb_fname_str_dbg(smb_fname_src),
6329 nt_errstr(status)));
6333 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6334 attrs, replace_if_exists);
6336 close_file(req, fsp, NORMAL_CLOSE);
6338 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6339 nt_errstr(status), smb_fname_str_dbg(smb_fname_src),
6340 smb_fname_str_dbg(smb_fname_dst)));
6346 * Wildcards - process each file that matches.
6348 if (strequal(fname_src_mask, "????????.???")) {
6349 TALLOC_FREE(fname_src_mask);
6350 fname_src_mask = talloc_strdup(ctx, "*");
6351 if (!fname_src_mask) {
6352 status = NT_STATUS_NO_MEMORY;
6357 status = check_name(conn, fname_src_dir);
6358 if (!NT_STATUS_IS_OK(status)) {
6362 dir_hnd = OpenDir(talloc_tos(), conn, fname_src_dir, fname_src_mask,
6364 if (dir_hnd == NULL) {
6365 status = map_nt_error_from_unix(errno);
6369 status = NT_STATUS_NO_SUCH_FILE;
6371 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6372 * - gentest fix. JRA
6375 while ((dname = ReadDirName(dir_hnd, &offset, &smb_fname_src->st,
6377 files_struct *fsp = NULL;
6378 char *destname = NULL;
6379 bool sysdir_entry = False;
6381 /* Quick check for "." and ".." */
6382 if (ISDOT(dname) || ISDOTDOT(dname)) {
6384 sysdir_entry = True;
6386 TALLOC_FREE(talloced);
6391 if (!is_visible_file(conn, fname_src_dir, dname,
6392 &smb_fname_src->st, false)) {
6393 TALLOC_FREE(talloced);
6397 if(!mask_match(dname, fname_src_mask, conn->case_sensitive)) {
6398 TALLOC_FREE(talloced);
6403 status = NT_STATUS_OBJECT_NAME_INVALID;
6407 TALLOC_FREE(smb_fname_src->base_name);
6408 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6412 if (!smb_fname_src->base_name) {
6413 status = NT_STATUS_NO_MEMORY;
6417 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
6418 smb_fname_dst->base_name,
6420 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6421 smb_fname_src->base_name, destname));
6422 TALLOC_FREE(talloced);
6426 status = NT_STATUS_NO_MEMORY;
6430 TALLOC_FREE(smb_fname_dst->base_name);
6431 smb_fname_dst->base_name = destname;
6433 ZERO_STRUCT(smb_fname_src->st);
6434 if (posix_pathnames) {
6435 SMB_VFS_LSTAT(conn, smb_fname_src);
6437 SMB_VFS_STAT(conn, smb_fname_src);
6442 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6443 create_options |= FILE_DIRECTORY_FILE;
6446 status = SMB_VFS_CREATE_FILE(
6449 0, /* root_dir_fid */
6450 smb_fname_src, /* fname */
6451 access_mask, /* access_mask */
6452 (FILE_SHARE_READ | /* share_access */
6454 FILE_OPEN, /* create_disposition*/
6455 create_options, /* create_options */
6456 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6457 0, /* oplock_request */
6458 0, /* allocation_size */
6459 0, /* private_flags */
6465 if (!NT_STATUS_IS_OK(status)) {
6466 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6467 "returned %s rename %s -> %s\n",
6469 smb_fname_str_dbg(smb_fname_src),
6470 smb_fname_str_dbg(smb_fname_dst)));
6474 smb_fname_dst->original_lcomp = talloc_strdup(smb_fname_dst,
6476 if (!smb_fname_dst->original_lcomp) {
6477 status = NT_STATUS_NO_MEMORY;
6481 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6482 attrs, replace_if_exists);
6484 close_file(req, fsp, NORMAL_CLOSE);
6486 if (!NT_STATUS_IS_OK(status)) {
6487 DEBUG(3, ("rename_internals_fsp returned %s for "
6488 "rename %s -> %s\n", nt_errstr(status),
6489 smb_fname_str_dbg(smb_fname_src),
6490 smb_fname_str_dbg(smb_fname_dst)));
6496 DEBUG(3,("rename_internals: doing rename on %s -> "
6497 "%s\n", smb_fname_str_dbg(smb_fname_src),
6498 smb_fname_str_dbg(smb_fname_src)));
6499 TALLOC_FREE(talloced);
6501 TALLOC_FREE(dir_hnd);
6503 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6504 status = map_nt_error_from_unix(errno);
6508 TALLOC_FREE(talloced);
6509 TALLOC_FREE(fname_src_dir);
6510 TALLOC_FREE(fname_src_mask);
6514 /****************************************************************************
6516 ****************************************************************************/
6518 void reply_mv(struct smb_request *req)
6520 connection_struct *conn = req->conn;
6522 char *newname = NULL;
6526 bool src_has_wcard = False;
6527 bool dest_has_wcard = False;
6528 TALLOC_CTX *ctx = talloc_tos();
6529 struct smb_filename *smb_fname_src = NULL;
6530 struct smb_filename *smb_fname_dst = NULL;
6532 START_PROFILE(SMBmv);
6535 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6539 attrs = SVAL(req->vwv+0, 0);
6541 p = (const char *)req->buf + 1;
6542 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6543 &status, &src_has_wcard);
6544 if (!NT_STATUS_IS_OK(status)) {
6545 reply_nterror(req, status);
6549 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6550 &status, &dest_has_wcard);
6551 if (!NT_STATUS_IS_OK(status)) {
6552 reply_nterror(req, status);
6556 status = filename_convert(ctx,
6558 req->flags2 & FLAGS2_DFS_PATHNAMES,
6560 UCF_COND_ALLOW_WCARD_LCOMP,
6564 if (!NT_STATUS_IS_OK(status)) {
6565 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6566 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6567 ERRSRV, ERRbadpath);
6570 reply_nterror(req, status);
6574 status = filename_convert(ctx,
6576 req->flags2 & FLAGS2_DFS_PATHNAMES,
6578 UCF_COND_ALLOW_WCARD_LCOMP | UCF_SAVE_LCOMP,
6582 if (!NT_STATUS_IS_OK(status)) {
6583 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6584 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6585 ERRSRV, ERRbadpath);
6588 reply_nterror(req, status);
6592 DEBUG(3,("reply_mv : %s -> %s\n", smb_fname_str_dbg(smb_fname_src),
6593 smb_fname_str_dbg(smb_fname_dst)));
6595 status = rename_internals(ctx, conn, req, smb_fname_src, smb_fname_dst,
6596 attrs, False, src_has_wcard, dest_has_wcard,
6598 if (!NT_STATUS_IS_OK(status)) {
6599 if (open_was_deferred(req->mid)) {
6600 /* We have re-scheduled this call. */
6603 reply_nterror(req, status);
6607 reply_outbuf(req, 0, 0);
6609 TALLOC_FREE(smb_fname_src);
6610 TALLOC_FREE(smb_fname_dst);
6615 /*******************************************************************
6616 Copy a file as part of a reply_copy.
6617 ******************************************************************/
6620 * TODO: check error codes on all callers
6623 NTSTATUS copy_file(TALLOC_CTX *ctx,
6624 connection_struct *conn,
6625 struct smb_filename *smb_fname_src,
6626 struct smb_filename *smb_fname_dst,
6629 bool target_is_directory)
6631 struct smb_filename *smb_fname_dst_tmp = NULL;
6633 files_struct *fsp1,*fsp2;
6635 uint32 new_create_disposition;
6639 status = copy_smb_filename(ctx, smb_fname_dst, &smb_fname_dst_tmp);
6640 if (!NT_STATUS_IS_OK(status)) {
6645 * If the target is a directory, extract the last component from the
6646 * src filename and append it to the dst filename
6648 if (target_is_directory) {
6651 /* dest/target can't be a stream if it's a directory. */
6652 SMB_ASSERT(smb_fname_dst->stream_name == NULL);
6654 p = strrchr_m(smb_fname_src->base_name,'/');
6658 p = smb_fname_src->base_name;
6660 smb_fname_dst_tmp->base_name =
6661 talloc_asprintf_append(smb_fname_dst_tmp->base_name, "/%s",
6663 if (!smb_fname_dst_tmp->base_name) {
6664 status = NT_STATUS_NO_MEMORY;
6669 status = vfs_file_exist(conn, smb_fname_src);
6670 if (!NT_STATUS_IS_OK(status)) {
6674 if (!target_is_directory && count) {
6675 new_create_disposition = FILE_OPEN;
6677 if (!map_open_params_to_ntcreate(smb_fname_dst_tmp, 0, ofun,
6679 &new_create_disposition,
6682 status = NT_STATUS_INVALID_PARAMETER;
6687 /* Open the src file for reading. */
6688 status = SMB_VFS_CREATE_FILE(
6691 0, /* root_dir_fid */
6692 smb_fname_src, /* fname */
6693 FILE_GENERIC_READ, /* access_mask */
6694 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6695 FILE_OPEN, /* create_disposition*/
6696 0, /* create_options */
6697 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6698 INTERNAL_OPEN_ONLY, /* oplock_request */
6699 0, /* allocation_size */
6700 0, /* private_flags */
6706 if (!NT_STATUS_IS_OK(status)) {
6710 dosattrs = dos_mode(conn, smb_fname_src);
6712 if (SMB_VFS_STAT(conn, smb_fname_dst_tmp) == -1) {
6713 ZERO_STRUCTP(&smb_fname_dst_tmp->st);
6716 /* Open the dst file for writing. */
6717 status = SMB_VFS_CREATE_FILE(
6720 0, /* root_dir_fid */
6721 smb_fname_dst, /* fname */
6722 FILE_GENERIC_WRITE, /* access_mask */
6723 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6724 new_create_disposition, /* create_disposition*/
6725 0, /* create_options */
6726 dosattrs, /* file_attributes */
6727 INTERNAL_OPEN_ONLY, /* oplock_request */
6728 0, /* allocation_size */
6729 0, /* private_flags */
6735 if (!NT_STATUS_IS_OK(status)) {
6736 close_file(NULL, fsp1, ERROR_CLOSE);
6740 if ((ofun&3) == 1) {
6741 if(SMB_VFS_LSEEK(fsp2,0,SEEK_END) == -1) {
6742 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
6744 * Stop the copy from occurring.
6747 smb_fname_src->st.st_ex_size = 0;
6751 /* Do the actual copy. */
6752 if (smb_fname_src->st.st_ex_size) {
6753 ret = vfs_transfer_file(fsp1, fsp2, smb_fname_src->st.st_ex_size);
6756 close_file(NULL, fsp1, NORMAL_CLOSE);
6758 /* Ensure the modtime is set correctly on the destination file. */
6759 set_close_write_time(fsp2, smb_fname_src->st.st_ex_mtime);
6762 * As we are opening fsp1 read-only we only expect
6763 * an error on close on fsp2 if we are out of space.
6764 * Thus we don't look at the error return from the
6767 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6769 if (!NT_STATUS_IS_OK(status)) {
6773 if (ret != (SMB_OFF_T)smb_fname_src->st.st_ex_size) {
6774 status = NT_STATUS_DISK_FULL;
6778 status = NT_STATUS_OK;
6781 TALLOC_FREE(smb_fname_dst_tmp);
6785 /****************************************************************************
6786 Reply to a file copy.
6787 ****************************************************************************/
6789 void reply_copy(struct smb_request *req)
6791 connection_struct *conn = req->conn;
6792 struct smb_filename *smb_fname_src = NULL;
6793 struct smb_filename *smb_fname_dst = NULL;
6794 char *fname_src = NULL;
6795 char *fname_dst = NULL;
6796 char *fname_src_mask = NULL;
6797 char *fname_src_dir = NULL;
6800 int error = ERRnoaccess;
6804 bool target_is_directory=False;
6805 bool source_has_wild = False;
6806 bool dest_has_wild = False;
6808 TALLOC_CTX *ctx = talloc_tos();
6810 START_PROFILE(SMBcopy);
6813 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6817 tid2 = SVAL(req->vwv+0, 0);
6818 ofun = SVAL(req->vwv+1, 0);
6819 flags = SVAL(req->vwv+2, 0);
6821 p = (const char *)req->buf;
6822 p += srvstr_get_path_req_wcard(ctx, req, &fname_src, p, STR_TERMINATE,
6823 &status, &source_has_wild);
6824 if (!NT_STATUS_IS_OK(status)) {
6825 reply_nterror(req, status);
6828 p += srvstr_get_path_req_wcard(ctx, req, &fname_dst, p, STR_TERMINATE,
6829 &status, &dest_has_wild);
6830 if (!NT_STATUS_IS_OK(status)) {
6831 reply_nterror(req, status);
6835 DEBUG(3,("reply_copy : %s -> %s\n", fname_src, fname_dst));
6837 if (tid2 != conn->cnum) {
6838 /* can't currently handle inter share copies XXXX */
6839 DEBUG(3,("Rejecting inter-share copy\n"));
6840 reply_nterror(req, NT_STATUS_BAD_DEVICE_TYPE);
6844 status = filename_convert(ctx, conn,
6845 req->flags2 & FLAGS2_DFS_PATHNAMES,
6847 UCF_COND_ALLOW_WCARD_LCOMP,
6850 if (!NT_STATUS_IS_OK(status)) {
6851 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6852 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6853 ERRSRV, ERRbadpath);
6856 reply_nterror(req, status);
6860 status = filename_convert(ctx, conn,
6861 req->flags2 & FLAGS2_DFS_PATHNAMES,
6863 UCF_COND_ALLOW_WCARD_LCOMP,
6866 if (!NT_STATUS_IS_OK(status)) {
6867 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6868 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6869 ERRSRV, ERRbadpath);
6872 reply_nterror(req, status);
6876 target_is_directory = VALID_STAT_OF_DIR(smb_fname_dst->st);
6878 if ((flags&1) && target_is_directory) {
6879 reply_nterror(req, NT_STATUS_NO_SUCH_FILE);
6883 if ((flags&2) && !target_is_directory) {
6884 reply_nterror(req, NT_STATUS_OBJECT_PATH_NOT_FOUND);
6888 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(smb_fname_src->st)) {
6889 /* wants a tree copy! XXXX */
6890 DEBUG(3,("Rejecting tree copy\n"));
6891 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6895 /* Split up the directory from the filename/mask. */
6896 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6897 &fname_src_dir, &fname_src_mask);
6898 if (!NT_STATUS_IS_OK(status)) {
6899 reply_nterror(req, NT_STATUS_NO_MEMORY);
6904 * We should only check the mangled cache
6905 * here if unix_convert failed. This means
6906 * that the path in 'mask' doesn't exist
6907 * on the file system and so we need to look
6908 * for a possible mangle. This patch from
6909 * Tine Smukavec <valentin.smukavec@hermes.si>.
6911 if (!VALID_STAT(smb_fname_src->st) &&
6912 mangle_is_mangled(fname_src_mask, conn->params)) {
6913 char *new_mask = NULL;
6914 mangle_lookup_name_from_8_3(ctx, fname_src_mask,
6915 &new_mask, conn->params);
6917 /* Use demangled name if one was successfully found. */
6919 TALLOC_FREE(fname_src_mask);
6920 fname_src_mask = new_mask;
6924 if (!source_has_wild) {
6927 * Only one file needs to be copied. Append the mask back onto
6930 TALLOC_FREE(smb_fname_src->base_name);
6931 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6935 if (!smb_fname_src->base_name) {
6936 reply_nterror(req, NT_STATUS_NO_MEMORY);
6940 if (dest_has_wild) {
6941 char *fname_dst_mod = NULL;
6942 if (!resolve_wildcards(smb_fname_dst,
6943 smb_fname_src->base_name,
6944 smb_fname_dst->base_name,
6946 reply_nterror(req, NT_STATUS_NO_MEMORY);
6949 TALLOC_FREE(smb_fname_dst->base_name);
6950 smb_fname_dst->base_name = fname_dst_mod;
6953 status = check_name(conn, smb_fname_src->base_name);
6954 if (!NT_STATUS_IS_OK(status)) {
6955 reply_nterror(req, status);
6959 status = check_name(conn, smb_fname_dst->base_name);
6960 if (!NT_STATUS_IS_OK(status)) {
6961 reply_nterror(req, status);
6965 status = copy_file(ctx, conn, smb_fname_src, smb_fname_dst,
6966 ofun, count, target_is_directory);
6968 if(!NT_STATUS_IS_OK(status)) {
6969 reply_nterror(req, status);
6975 struct smb_Dir *dir_hnd = NULL;
6976 const char *dname = NULL;
6977 char *talloced = NULL;
6981 * There is a wildcard that requires us to actually read the
6982 * src dir and copy each file matching the mask to the dst.
6983 * Right now streams won't be copied, but this could
6984 * presumably be added with a nested loop for reach dir entry.
6986 SMB_ASSERT(!smb_fname_src->stream_name);
6987 SMB_ASSERT(!smb_fname_dst->stream_name);
6989 smb_fname_src->stream_name = NULL;
6990 smb_fname_dst->stream_name = NULL;
6992 if (strequal(fname_src_mask,"????????.???")) {
6993 TALLOC_FREE(fname_src_mask);
6994 fname_src_mask = talloc_strdup(ctx, "*");
6995 if (!fname_src_mask) {
6996 reply_nterror(req, NT_STATUS_NO_MEMORY);
7001 status = check_name(conn, fname_src_dir);
7002 if (!NT_STATUS_IS_OK(status)) {
7003 reply_nterror(req, status);
7007 dir_hnd = OpenDir(ctx, conn, fname_src_dir, fname_src_mask, 0);
7008 if (dir_hnd == NULL) {
7009 status = map_nt_error_from_unix(errno);
7010 reply_nterror(req, status);
7016 /* Iterate over the src dir copying each entry to the dst. */
7017 while ((dname = ReadDirName(dir_hnd, &offset,
7018 &smb_fname_src->st, &talloced))) {
7019 char *destname = NULL;
7021 if (ISDOT(dname) || ISDOTDOT(dname)) {
7022 TALLOC_FREE(talloced);
7026 if (!is_visible_file(conn, fname_src_dir, dname,
7027 &smb_fname_src->st, false)) {
7028 TALLOC_FREE(talloced);
7032 if(!mask_match(dname, fname_src_mask,
7033 conn->case_sensitive)) {
7034 TALLOC_FREE(talloced);
7038 error = ERRnoaccess;
7040 /* Get the src smb_fname struct setup. */
7041 TALLOC_FREE(smb_fname_src->base_name);
7042 smb_fname_src->base_name =
7043 talloc_asprintf(smb_fname_src, "%s/%s",
7044 fname_src_dir, dname);
7046 if (!smb_fname_src->base_name) {
7047 TALLOC_FREE(dir_hnd);
7048 TALLOC_FREE(talloced);
7049 reply_nterror(req, NT_STATUS_NO_MEMORY);
7053 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
7054 smb_fname_dst->base_name,
7056 TALLOC_FREE(talloced);
7060 TALLOC_FREE(dir_hnd);
7061 TALLOC_FREE(talloced);
7062 reply_nterror(req, NT_STATUS_NO_MEMORY);
7066 TALLOC_FREE(smb_fname_dst->base_name);
7067 smb_fname_dst->base_name = destname;
7069 status = check_name(conn, smb_fname_src->base_name);
7070 if (!NT_STATUS_IS_OK(status)) {
7071 TALLOC_FREE(dir_hnd);
7072 TALLOC_FREE(talloced);
7073 reply_nterror(req, status);
7077 status = check_name(conn, smb_fname_dst->base_name);
7078 if (!NT_STATUS_IS_OK(status)) {
7079 TALLOC_FREE(dir_hnd);
7080 TALLOC_FREE(talloced);
7081 reply_nterror(req, status);
7085 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",
7086 smb_fname_src->base_name,
7087 smb_fname_dst->base_name));
7089 status = copy_file(ctx, conn, smb_fname_src,
7090 smb_fname_dst, ofun, count,
7091 target_is_directory);
7092 if (NT_STATUS_IS_OK(status)) {
7096 TALLOC_FREE(talloced);
7098 TALLOC_FREE(dir_hnd);
7102 reply_nterror(req, dos_to_ntstatus(ERRDOS, error));
7106 reply_outbuf(req, 1, 0);
7107 SSVAL(req->outbuf,smb_vwv0,count);
7109 TALLOC_FREE(smb_fname_src);
7110 TALLOC_FREE(smb_fname_dst);
7111 TALLOC_FREE(fname_src);
7112 TALLOC_FREE(fname_dst);
7113 TALLOC_FREE(fname_src_mask);
7114 TALLOC_FREE(fname_src_dir);
7116 END_PROFILE(SMBcopy);
7121 #define DBGC_CLASS DBGC_LOCKING
7123 /****************************************************************************
7124 Get a lock pid, dealing with large count requests.
7125 ****************************************************************************/
7127 uint64_t get_lock_pid(const uint8_t *data, int data_offset,
7128 bool large_file_format)
7130 if(!large_file_format)
7131 return (uint64_t)SVAL(data,SMB_LPID_OFFSET(data_offset));
7133 return (uint64_t)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
7136 /****************************************************************************
7137 Get a lock count, dealing with large count requests.
7138 ****************************************************************************/
7140 uint64_t get_lock_count(const uint8_t *data, int data_offset,
7141 bool large_file_format)
7145 if(!large_file_format) {
7146 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
7149 #if defined(HAVE_LONGLONG)
7150 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
7151 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
7152 #else /* HAVE_LONGLONG */
7155 * NT4.x seems to be broken in that it sends large file (64 bit)
7156 * lockingX calls even if the CAP_LARGE_FILES was *not*
7157 * negotiated. For boxes without large unsigned ints truncate the
7158 * lock count by dropping the top 32 bits.
7161 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
7162 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
7163 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
7164 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
7165 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
7168 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
7169 #endif /* HAVE_LONGLONG */
7175 #if !defined(HAVE_LONGLONG)
7176 /****************************************************************************
7177 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
7178 ****************************************************************************/
7180 static uint32 map_lock_offset(uint32 high, uint32 low)
7184 uint32 highcopy = high;
7187 * Try and find out how many significant bits there are in high.
7190 for(i = 0; highcopy; i++)
7194 * We use 31 bits not 32 here as POSIX
7195 * lock offsets may not be negative.
7198 mask = (~0) << (31 - i);
7201 return 0; /* Fail. */
7207 #endif /* !defined(HAVE_LONGLONG) */
7209 /****************************************************************************
7210 Get a lock offset, dealing with large offset requests.
7211 ****************************************************************************/
7213 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
7214 bool large_file_format, bool *err)
7216 uint64_t offset = 0;
7220 if(!large_file_format) {
7221 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
7224 #if defined(HAVE_LONGLONG)
7225 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
7226 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
7227 #else /* HAVE_LONGLONG */
7230 * NT4.x seems to be broken in that it sends large file (64 bit)
7231 * lockingX calls even if the CAP_LARGE_FILES was *not*
7232 * negotiated. For boxes without large unsigned ints mangle the
7233 * lock offset by mapping the top 32 bits onto the lower 32.
7236 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
7237 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7238 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
7241 if((new_low = map_lock_offset(high, low)) == 0) {
7243 return (uint64_t)-1;
7246 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
7247 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
7248 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
7249 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
7252 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7253 #endif /* HAVE_LONGLONG */
7259 NTSTATUS smbd_do_locking(struct smb_request *req,
7263 uint16_t num_ulocks,
7264 struct smbd_lock_element *ulocks,
7266 struct smbd_lock_element *locks,
7269 connection_struct *conn = req->conn;
7271 NTSTATUS status = NT_STATUS_OK;
7275 /* Data now points at the beginning of the list
7276 of smb_unlkrng structs */
7277 for(i = 0; i < (int)num_ulocks; i++) {
7278 struct smbd_lock_element *e = &ulocks[i];
7280 DEBUG(10,("smbd_do_locking: unlock start=%.0f, len=%.0f for "
7281 "pid %u, file %s\n",
7284 (unsigned int)e->smblctx,
7287 if (e->brltype != UNLOCK_LOCK) {
7288 /* this can only happen with SMB2 */
7289 return NT_STATUS_INVALID_PARAMETER;
7292 status = do_unlock(req->sconn->msg_ctx,
7299 DEBUG(10, ("smbd_do_locking: unlock returned %s\n",
7300 nt_errstr(status)));
7302 if (!NT_STATUS_IS_OK(status)) {
7307 /* Setup the timeout in seconds. */
7309 if (!lp_blocking_locks(SNUM(conn))) {
7313 /* Data now points at the beginning of the list
7314 of smb_lkrng structs */
7316 for(i = 0; i < (int)num_locks; i++) {
7317 struct smbd_lock_element *e = &locks[i];
7319 DEBUG(10,("smbd_do_locking: lock start=%.0f, len=%.0f for smblctx "
7320 "%llu, file %s timeout = %d\n",
7323 (unsigned long long)e->smblctx,
7327 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7328 struct blocking_lock_record *blr = NULL;
7330 if (num_locks > 1) {
7332 * MS-CIFS (2.2.4.32.1) states that a cancel is honored if and only
7333 * if the lock vector contains one entry. When given mutliple cancel
7334 * requests in a single PDU we expect the server to return an
7335 * error. Windows servers seem to accept the request but only
7336 * cancel the first lock.
7337 * JRA - Do what Windows does (tm) :-).
7341 /* MS-CIFS (2.2.4.32.1) behavior. */
7342 return NT_STATUS_DOS(ERRDOS,
7343 ERRcancelviolation);
7345 /* Windows behavior. */
7347 DEBUG(10,("smbd_do_locking: ignoring subsequent "
7348 "cancel request\n"));
7354 if (lp_blocking_locks(SNUM(conn))) {
7356 /* Schedule a message to ourselves to
7357 remove the blocking lock record and
7358 return the right error. */
7360 blr = blocking_lock_cancel_smb1(fsp,
7366 NT_STATUS_FILE_LOCK_CONFLICT);
7368 return NT_STATUS_DOS(
7370 ERRcancelviolation);
7373 /* Remove a matching pending lock. */
7374 status = do_lock_cancel(fsp,
7381 bool blocking_lock = timeout ? true : false;
7382 bool defer_lock = false;
7383 struct byte_range_lock *br_lck;
7384 uint64_t block_smblctx;
7386 br_lck = do_lock(req->sconn->msg_ctx,
7398 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
7399 /* Windows internal resolution for blocking locks seems
7400 to be about 200ms... Don't wait for less than that. JRA. */
7401 if (timeout != -1 && timeout < lp_lock_spin_time()) {
7402 timeout = lp_lock_spin_time();
7407 /* If a lock sent with timeout of zero would fail, and
7408 * this lock has been requested multiple times,
7409 * according to brl_lock_failed() we convert this
7410 * request to a blocking lock with a timeout of between
7411 * 150 - 300 milliseconds.
7413 * If lp_lock_spin_time() has been set to 0, we skip
7414 * this blocking retry and fail immediately.
7416 * Replacement for do_lock_spin(). JRA. */
7418 if (!req->sconn->using_smb2 &&
7419 br_lck && lp_blocking_locks(SNUM(conn)) &&
7420 lp_lock_spin_time() && !blocking_lock &&
7421 NT_STATUS_EQUAL((status),
7422 NT_STATUS_FILE_LOCK_CONFLICT))
7425 timeout = lp_lock_spin_time();
7428 if (br_lck && defer_lock) {
7430 * A blocking lock was requested. Package up
7431 * this smb into a queued request and push it
7432 * onto the blocking lock queue.
7434 if(push_blocking_lock_request(br_lck,
7445 TALLOC_FREE(br_lck);
7447 return NT_STATUS_OK;
7451 TALLOC_FREE(br_lck);
7454 if (!NT_STATUS_IS_OK(status)) {
7459 /* If any of the above locks failed, then we must unlock
7460 all of the previous locks (X/Open spec). */
7462 if (num_locks != 0 && !NT_STATUS_IS_OK(status)) {
7464 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7465 i = -1; /* we want to skip the for loop */
7469 * Ensure we don't do a remove on the lock that just failed,
7470 * as under POSIX rules, if we have a lock already there, we
7471 * will delete it (and we shouldn't) .....
7473 for(i--; i >= 0; i--) {
7474 struct smbd_lock_element *e = &locks[i];
7476 do_unlock(req->sconn->msg_ctx,
7486 DEBUG(3, ("smbd_do_locking: fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7487 fsp->fnum, (unsigned int)type, num_locks, num_ulocks));
7489 return NT_STATUS_OK;
7492 /****************************************************************************
7493 Reply to a lockingX request.
7494 ****************************************************************************/
7496 void reply_lockingX(struct smb_request *req)
7498 connection_struct *conn = req->conn;
7500 unsigned char locktype;
7501 unsigned char oplocklevel;
7506 const uint8_t *data;
7507 bool large_file_format;
7509 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
7510 struct smbd_lock_element *ulocks;
7511 struct smbd_lock_element *locks;
7514 START_PROFILE(SMBlockingX);
7517 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7518 END_PROFILE(SMBlockingX);
7522 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
7523 locktype = CVAL(req->vwv+3, 0);
7524 oplocklevel = CVAL(req->vwv+3, 1);
7525 num_ulocks = SVAL(req->vwv+6, 0);
7526 num_locks = SVAL(req->vwv+7, 0);
7527 lock_timeout = IVAL(req->vwv+4, 0);
7528 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
7530 if (!check_fsp(conn, req, fsp)) {
7531 END_PROFILE(SMBlockingX);
7537 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
7538 /* we don't support these - and CANCEL_LOCK makes w2k
7539 and XP reboot so I don't really want to be
7540 compatible! (tridge) */
7541 reply_force_doserror(req, ERRDOS, ERRnoatomiclocks);
7542 END_PROFILE(SMBlockingX);
7546 /* Check if this is an oplock break on a file
7547 we have granted an oplock on.
7549 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
7550 /* Client can insist on breaking to none. */
7551 bool break_to_none = (oplocklevel == 0);
7554 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
7555 "for fnum = %d\n", (unsigned int)oplocklevel,
7559 * Make sure we have granted an exclusive or batch oplock on
7563 if (fsp->oplock_type == 0) {
7565 /* The Samba4 nbench simulator doesn't understand
7566 the difference between break to level2 and break
7567 to none from level2 - it sends oplock break
7568 replies in both cases. Don't keep logging an error
7569 message here - just ignore it. JRA. */
7571 DEBUG(5,("reply_lockingX: Error : oplock break from "
7572 "client for fnum = %d (oplock=%d) and no "
7573 "oplock granted on this file (%s).\n",
7574 fsp->fnum, fsp->oplock_type,
7577 /* if this is a pure oplock break request then don't
7579 if (num_locks == 0 && num_ulocks == 0) {
7580 END_PROFILE(SMBlockingX);
7583 END_PROFILE(SMBlockingX);
7584 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
7589 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
7591 result = remove_oplock(fsp);
7593 result = downgrade_oplock(fsp);
7597 DEBUG(0, ("reply_lockingX: error in removing "
7598 "oplock on file %s\n", fsp_str_dbg(fsp)));
7599 /* Hmmm. Is this panic justified? */
7600 smb_panic("internal tdb error");
7603 reply_to_oplock_break_requests(fsp);
7605 /* if this is a pure oplock break request then don't send a
7607 if (num_locks == 0 && num_ulocks == 0) {
7608 /* Sanity check - ensure a pure oplock break is not a
7610 if(CVAL(req->vwv+0, 0) != 0xff)
7611 DEBUG(0,("reply_lockingX: Error : pure oplock "
7612 "break is a chained %d request !\n",
7613 (unsigned int)CVAL(req->vwv+0, 0)));
7614 END_PROFILE(SMBlockingX);
7620 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
7621 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7622 END_PROFILE(SMBlockingX);
7626 ulocks = talloc_array(req, struct smbd_lock_element, num_ulocks);
7627 if (ulocks == NULL) {
7628 reply_nterror(req, NT_STATUS_NO_MEMORY);
7629 END_PROFILE(SMBlockingX);
7633 locks = talloc_array(req, struct smbd_lock_element, num_locks);
7634 if (locks == NULL) {
7635 reply_nterror(req, NT_STATUS_NO_MEMORY);
7636 END_PROFILE(SMBlockingX);
7640 /* Data now points at the beginning of the list
7641 of smb_unlkrng structs */
7642 for(i = 0; i < (int)num_ulocks; i++) {
7643 ulocks[i].smblctx = get_lock_pid(data, i, large_file_format);
7644 ulocks[i].count = get_lock_count(data, i, large_file_format);
7645 ulocks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7646 ulocks[i].brltype = UNLOCK_LOCK;
7649 * There is no error code marked "stupid client bug".... :-).
7652 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7653 END_PROFILE(SMBlockingX);
7658 /* Now do any requested locks */
7659 data += ((large_file_format ? 20 : 10)*num_ulocks);
7661 /* Data now points at the beginning of the list
7662 of smb_lkrng structs */
7664 for(i = 0; i < (int)num_locks; i++) {
7665 locks[i].smblctx = get_lock_pid(data, i, large_file_format);
7666 locks[i].count = get_lock_count(data, i, large_file_format);
7667 locks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7669 if (locktype & LOCKING_ANDX_SHARED_LOCK) {
7670 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7671 locks[i].brltype = PENDING_READ_LOCK;
7673 locks[i].brltype = READ_LOCK;
7676 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7677 locks[i].brltype = PENDING_WRITE_LOCK;
7679 locks[i].brltype = WRITE_LOCK;
7684 * There is no error code marked "stupid client bug".... :-).
7687 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7688 END_PROFILE(SMBlockingX);
7693 status = smbd_do_locking(req, fsp,
7694 locktype, lock_timeout,
7698 if (!NT_STATUS_IS_OK(status)) {
7699 END_PROFILE(SMBlockingX);
7700 reply_nterror(req, status);
7704 END_PROFILE(SMBlockingX);
7708 reply_outbuf(req, 2, 0);
7710 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7711 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7713 END_PROFILE(SMBlockingX);
7718 #define DBGC_CLASS DBGC_ALL
7720 /****************************************************************************
7721 Reply to a SMBreadbmpx (read block multiplex) request.
7722 Always reply with an error, if someone has a platform really needs this,
7723 please contact vl@samba.org
7724 ****************************************************************************/
7726 void reply_readbmpx(struct smb_request *req)
7728 START_PROFILE(SMBreadBmpx);
7729 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7730 END_PROFILE(SMBreadBmpx);
7734 /****************************************************************************
7735 Reply to a SMBreadbs (read block multiplex secondary) request.
7736 Always reply with an error, if someone has a platform really needs this,
7737 please contact vl@samba.org
7738 ****************************************************************************/
7740 void reply_readbs(struct smb_request *req)
7742 START_PROFILE(SMBreadBs);
7743 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7744 END_PROFILE(SMBreadBs);
7748 /****************************************************************************
7749 Reply to a SMBsetattrE.
7750 ****************************************************************************/
7752 void reply_setattrE(struct smb_request *req)
7754 connection_struct *conn = req->conn;
7755 struct smb_file_time ft;
7759 START_PROFILE(SMBsetattrE);
7763 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7767 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7769 if(!fsp || (fsp->conn != conn)) {
7770 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7775 * Convert the DOS times into unix times.
7778 ft.atime = convert_time_t_to_timespec(
7779 srv_make_unix_date2(req->vwv+3));
7780 ft.mtime = convert_time_t_to_timespec(
7781 srv_make_unix_date2(req->vwv+5));
7782 ft.create_time = convert_time_t_to_timespec(
7783 srv_make_unix_date2(req->vwv+1));
7785 reply_outbuf(req, 0, 0);
7788 * Patch from Ray Frush <frush@engr.colostate.edu>
7789 * Sometimes times are sent as zero - ignore them.
7792 /* Ensure we have a valid stat struct for the source. */
7793 status = vfs_stat_fsp(fsp);
7794 if (!NT_STATUS_IS_OK(status)) {
7795 reply_nterror(req, status);
7799 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &ft, true);
7800 if (!NT_STATUS_IS_OK(status)) {
7801 reply_nterror(req, status);
7805 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7808 (unsigned int)ft.atime.tv_sec,
7809 (unsigned int)ft.mtime.tv_sec,
7810 (unsigned int)ft.create_time.tv_sec
7813 END_PROFILE(SMBsetattrE);
7818 /* Back from the dead for OS/2..... JRA. */
7820 /****************************************************************************
7821 Reply to a SMBwritebmpx (write block multiplex primary) request.
7822 Always reply with an error, if someone has a platform really needs this,
7823 please contact vl@samba.org
7824 ****************************************************************************/
7826 void reply_writebmpx(struct smb_request *req)
7828 START_PROFILE(SMBwriteBmpx);
7829 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7830 END_PROFILE(SMBwriteBmpx);
7834 /****************************************************************************
7835 Reply to a SMBwritebs (write block multiplex secondary) request.
7836 Always reply with an error, if someone has a platform really needs this,
7837 please contact vl@samba.org
7838 ****************************************************************************/
7840 void reply_writebs(struct smb_request *req)
7842 START_PROFILE(SMBwriteBs);
7843 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7844 END_PROFILE(SMBwriteBs);
7848 /****************************************************************************
7849 Reply to a SMBgetattrE.
7850 ****************************************************************************/
7852 void reply_getattrE(struct smb_request *req)
7854 connection_struct *conn = req->conn;
7857 struct timespec create_ts;
7859 START_PROFILE(SMBgetattrE);
7862 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7863 END_PROFILE(SMBgetattrE);
7867 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7869 if(!fsp || (fsp->conn != conn)) {
7870 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7871 END_PROFILE(SMBgetattrE);
7875 /* Do an fstat on this file */
7877 reply_nterror(req, map_nt_error_from_unix(errno));
7878 END_PROFILE(SMBgetattrE);
7882 mode = dos_mode(conn, fsp->fsp_name);
7885 * Convert the times into dos times. Set create
7886 * date to be last modify date as UNIX doesn't save
7890 reply_outbuf(req, 11, 0);
7892 create_ts = get_create_timespec(conn, fsp, fsp->fsp_name);
7893 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7894 srv_put_dos_date2((char *)req->outbuf, smb_vwv2,
7895 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_atime));
7896 /* Should we check pending modtime here ? JRA */
7897 srv_put_dos_date2((char *)req->outbuf, smb_vwv4,
7898 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_mtime));
7901 SIVAL(req->outbuf, smb_vwv6, 0);
7902 SIVAL(req->outbuf, smb_vwv8, 0);
7904 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &fsp->fsp_name->st);
7905 SIVAL(req->outbuf, smb_vwv6, (uint32)fsp->fsp_name->st.st_ex_size);
7906 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7908 SSVAL(req->outbuf,smb_vwv10, mode);
7910 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7912 END_PROFILE(SMBgetattrE);