Changeset 988 for vendor/current/source3/smbd/reply.c
- Timestamp:
- Nov 24, 2016, 1:14:11 PM (9 years ago)
- File:
-
- 1 edited
-
vendor/current/source3/smbd/reply.c (modified) (288 diffs)
Legend:
- Unmodified
- Added
- Removed
-
vendor/current/source3/smbd/reply.c
r860 r988 33 33 #include "rpc_client/rpc_client.h" 34 34 #include "../librpc/gen_ndr/ndr_spoolss_c.h" 35 #include "../librpc/gen_ndr/open_files.h" 35 36 #include "rpc_client/cli_spoolss.h" 36 37 #include "rpc_client/init_spoolss.h" … … 40 41 #include "auth.h" 41 42 #include "smbprofile.h" 43 #include "../lib/tsocket/tsocket.h" 44 #include "lib/tevent_wait.h" 45 #include "libcli/smb/smb_signing.h" 46 #include "lib/util/sys_rw_data.h" 42 47 43 48 /**************************************************************************** … … 249 254 /**************************************************************************** 250 255 Pull a string and check the path allowing a wilcard - provide for error return. 256 Passes in posix flag. 251 257 ****************************************************************************/ 252 258 253 s ize_t srvstr_get_path_wcard(TALLOC_CTX *ctx,259 static size_t srvstr_get_path_wcard_internal(TALLOC_CTX *ctx, 254 260 const char *base_ptr, 255 uint16 smb_flags2,261 uint16_t smb_flags2, 256 262 char **pp_dest, 257 263 const char *src, 258 264 size_t src_len, 259 265 int flags, 266 bool posix_pathnames, 260 267 NTSTATUS *err, 261 268 bool *contains_wcard) … … 284 291 } 285 292 286 if ( lp_posix_pathnames()) {293 if (posix_pathnames) { 287 294 *err = check_path_syntax_posix(*pp_dest); 288 295 } else { … … 294 301 295 302 /**************************************************************************** 303 Pull a string and check the path allowing a wilcard - provide for error return. 304 ****************************************************************************/ 305 306 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx, 307 const char *base_ptr, 308 uint16_t smb_flags2, 309 char **pp_dest, 310 const char *src, 311 size_t src_len, 312 int flags, 313 NTSTATUS *err, 314 bool *contains_wcard) 315 { 316 return srvstr_get_path_wcard_internal(ctx, 317 base_ptr, 318 smb_flags2, 319 pp_dest, 320 src, 321 src_len, 322 flags, 323 false, 324 err, 325 contains_wcard); 326 } 327 328 /**************************************************************************** 329 Pull a string and check the path allowing a wilcard - provide for error return. 330 posix_pathnames version. 331 ****************************************************************************/ 332 333 size_t srvstr_get_path_wcard_posix(TALLOC_CTX *ctx, 334 const char *base_ptr, 335 uint16_t smb_flags2, 336 char **pp_dest, 337 const char *src, 338 size_t src_len, 339 int flags, 340 NTSTATUS *err, 341 bool *contains_wcard) 342 { 343 return srvstr_get_path_wcard_internal(ctx, 344 base_ptr, 345 smb_flags2, 346 pp_dest, 347 src, 348 src_len, 349 flags, 350 true, 351 err, 352 contains_wcard); 353 } 354 355 /**************************************************************************** 296 356 Pull a string and check the path - provide for error return. 297 357 ****************************************************************************/ … … 299 359 size_t srvstr_get_path(TALLOC_CTX *ctx, 300 360 const char *base_ptr, 301 uint16 smb_flags2,361 uint16_t smb_flags2, 302 362 char **pp_dest, 303 363 const char *src, … … 307 367 { 308 368 bool ignore; 309 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src, 310 src_len, flags, err, &ignore); 311 } 369 return srvstr_get_path_wcard_internal(ctx, 370 base_ptr, 371 smb_flags2, 372 pp_dest, 373 src, 374 src_len, 375 flags, 376 false, 377 err, 378 &ignore); 379 } 380 381 /**************************************************************************** 382 Pull a string and check the path - provide for error return. 383 posix_pathnames version. 384 ****************************************************************************/ 385 386 size_t srvstr_get_path_posix(TALLOC_CTX *ctx, 387 const char *base_ptr, 388 uint16_t smb_flags2, 389 char **pp_dest, 390 const char *src, 391 size_t src_len, 392 int flags, 393 NTSTATUS *err) 394 { 395 bool ignore; 396 return srvstr_get_path_wcard_internal(ctx, 397 base_ptr, 398 smb_flags2, 399 pp_dest, 400 src, 401 src_len, 402 flags, 403 true, 404 err, 405 &ignore); 406 } 407 312 408 313 409 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req, … … 315 411 NTSTATUS *err, bool *contains_wcard) 316 412 { 317 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2, 318 pp_dest, src, smbreq_bufrem(req, src), 319 flags, err, contains_wcard); 413 ssize_t bufrem = smbreq_bufrem(req, src); 414 415 if (bufrem < 0) { 416 *err = NT_STATUS_INVALID_PARAMETER; 417 return 0; 418 } 419 420 if (req->posix_pathnames) { 421 return srvstr_get_path_wcard_internal(mem_ctx, 422 (const char *)req->inbuf, 423 req->flags2, 424 pp_dest, 425 src, 426 bufrem, 427 flags, 428 true, 429 err, 430 contains_wcard); 431 } else { 432 return srvstr_get_path_wcard_internal(mem_ctx, 433 (const char *)req->inbuf, 434 req->flags2, 435 pp_dest, 436 src, 437 bufrem, 438 flags, 439 false, 440 err, 441 contains_wcard); 442 } 320 443 } 321 444 … … 327 450 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src, 328 451 flags, err, &ignore); 452 } 453 454 /** 455 * pull a string from the smb_buf part of a packet. In this case the 456 * string can either be null terminated or it can be terminated by the 457 * end of the smbbuf area 458 */ 459 size_t srvstr_pull_req_talloc(TALLOC_CTX *ctx, struct smb_request *req, 460 char **dest, const uint8_t *src, int flags) 461 { 462 ssize_t bufrem = smbreq_bufrem(req, src); 463 464 if (bufrem < 0) { 465 return 0; 466 } 467 468 return pull_string_talloc(ctx, req->inbuf, req->flags2, dest, src, 469 bufrem, flags); 329 470 } 330 471 … … 400 541 } 401 542 402 static bool netbios_session_retarget(struct smb d_server_connection *sconn,543 static bool netbios_session_retarget(struct smbXsrv_connection *xconn, 403 544 const char *name, int name_type) 404 545 { … … 409 550 char *p; 410 551 int retarget_type = 0x20; 411 int retarget_port = 139;552 int retarget_port = NBT_SMB_PORT; 412 553 struct sockaddr_storage retarget_addr; 413 554 struct sockaddr_in *in_addr; … … 415 556 uint8_t outbuf[10]; 416 557 417 if (get_socket_port( sconn->sock) != 139) {558 if (get_socket_port(xconn->transport.sock) != NBT_SMB_PORT) { 418 559 return false; 419 560 } … … 480 621 *(uint16_t *)(outbuf+8) = htons(retarget_port); 481 622 482 if (!srv_send_smb( sconn, (char *)outbuf, false, 0, false,623 if (!srv_send_smb(xconn, (char *)outbuf, false, 0, false, 483 624 NULL)) { 484 exit_server_cleanly("netbios_session_re garget: srv_send_smb "625 exit_server_cleanly("netbios_session_retarget: srv_send_smb " 485 626 "failed."); 486 627 } … … 492 633 } 493 634 635 static void reply_called_name_not_present(char *outbuf) 636 { 637 smb_setlen(outbuf, 1); 638 SCVAL(outbuf, 0, 0x83); 639 SCVAL(outbuf, 4, 0x82); 640 } 641 494 642 /**************************************************************************** 495 643 Reply to a (netbios-level) special message. 496 644 ****************************************************************************/ 497 645 498 void reply_special(struct smbd_server_connection *sconn, char *inbuf, size_t inbuf_size) 499 { 646 void reply_special(struct smbXsrv_connection *xconn, char *inbuf, size_t inbuf_size) 647 { 648 struct smbd_server_connection *sconn = xconn->client->sconn; 500 649 int msg_type = CVAL(inbuf,0); 501 650 int msg_flags = CVAL(inbuf,1); … … 512 661 513 662 switch (msg_type) { 514 case 0x81: /* session request */663 case NBSSrequest: /* session request */ 515 664 { 516 665 /* inbuf_size is guarenteed to be at least 4. */ … … 521 670 *name1 = *name2 = 0; 522 671 523 if ( sconn->nbt.got_session) {672 if (xconn->transport.nbt.got_session) { 524 673 exit_server_cleanly("multiple session request not permitted"); 525 674 } 526 675 527 SCVAL(outbuf,0, 0x82);676 SCVAL(outbuf,0,NBSSpositive); 528 677 SCVAL(outbuf,3,0); 529 678 … … 532 681 if (name_len1 <= 0 || name_len1 > inbuf_size - 4) { 533 682 DEBUG(0,("Invalid name length in session request\n")); 683 reply_called_name_not_present(outbuf); 534 684 break; 535 685 } … … 537 687 if (name_len2 <= 0 || name_len2 > inbuf_size - 4 - name_len1) { 538 688 DEBUG(0,("Invalid name length in session request\n")); 689 reply_called_name_not_present(outbuf); 539 690 break; 540 691 } … … 547 698 if (name_type1 == -1 || name_type2 == -1) { 548 699 DEBUG(0,("Invalid name type in session request\n")); 700 reply_called_name_not_present(outbuf); 549 701 break; 550 702 } … … 553 705 name1, name_type1, name2, name_type2)); 554 706 555 if (netbios_session_retarget( sconn, name1, name_type1)) {707 if (netbios_session_retarget(xconn, name1, name_type1)) { 556 708 exit_server_cleanly("retargeted client"); 557 709 } … … 563 715 if (strequal(name1, "*SMBSERVER ") 564 716 || strequal(name1, "*SMBSERV ")) { 565 fstrcpy(name1, sconn->client_id.addr); 717 char *raddr; 718 719 raddr = tsocket_address_inet_addr_string(sconn->remote_address, 720 talloc_tos()); 721 if (raddr == NULL) { 722 exit_server_cleanly("could not allocate raddr"); 723 } 724 725 fstrcpy(name1, raddr); 566 726 } 567 727 568 728 set_local_machine_name(name1, True); 569 729 set_remote_machine_name(name2, True); 730 731 if (is_ipaddress(sconn->remote_hostname)) { 732 char *p = discard_const_p(char, sconn->remote_hostname); 733 734 talloc_free(p); 735 736 sconn->remote_hostname = talloc_strdup(sconn, 737 get_remote_machine_name()); 738 if (sconn->remote_hostname == NULL) { 739 exit_server_cleanly("could not copy remote name"); 740 } 741 xconn->remote_hostname = sconn->remote_hostname; 742 } 570 743 571 744 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n", … … 576 749 /* We are being asked for a pathworks session --- 577 750 no thanks! */ 578 SCVAL(outbuf, 0,0x83);751 reply_called_name_not_present(outbuf); 579 752 break; 580 753 } 581 754 582 /* only add the client's machine name to the list 583 of possibly valid usernames if we are operating 584 in share mode security */ 585 if (lp_security() == SEC_SHARE) { 586 add_session_user(sconn, get_remote_machine_name()); 587 } 588 589 reload_services(sconn->msg_ctx, sconn->sock, True); 755 reload_services(sconn, conn_snum_used, true); 590 756 reopen_logs(); 591 757 592 sconn->nbt.got_session = true;758 xconn->transport.nbt.got_session = true; 593 759 break; 594 760 } … … 596 762 case 0x89: /* session keepalive request 597 763 (some old clients produce this?) */ 598 SCVAL(outbuf,0, SMBkeepalive);764 SCVAL(outbuf,0,NBSSkeepalive); 599 765 SCVAL(outbuf,3,0); 600 766 break; 601 767 602 case 0x82: /* positive session response */603 case 0x83: /* negative session response */604 case 0x84: /* retarget session response */768 case NBSSpositive: /* positive session response */ 769 case NBSSnegative: /* negative session response */ 770 case NBSSretarget: /* retarget session response */ 605 771 DEBUG(0,("Unexpected session response\n")); 606 772 break; 607 773 608 case SMBkeepalive: /* session keepalive */774 case NBSSkeepalive: /* session keepalive */ 609 775 default: 610 776 return; … … 614 780 msg_type, msg_flags)); 615 781 616 srv_send_smb(sconn, outbuf, false, 0, false, NULL); 782 srv_send_smb(xconn, outbuf, false, 0, false, NULL); 783 784 if (CVAL(outbuf, 0) != 0x82) { 785 exit_server_cleanly("invalid netbios session"); 786 } 617 787 return; 618 788 } … … 632 802 int pwlen=0; 633 803 NTSTATUS nt_status; 634 const char*p;635 DATA_BLOB password_blob;804 const uint8_t *p; 805 const char *p2; 636 806 TALLOC_CTX *ctx = talloc_tos(); 637 struct smbd_server_connection *sconn = req->sconn; 807 struct smbXsrv_connection *xconn = req->xconn; 808 NTTIME now = timeval_to_nttime(&req->request_time); 638 809 639 810 START_PROFILE(SMBtcon); … … 645 816 } 646 817 647 p = (const char *)req->buf + 1;818 p = req->buf + 1; 648 819 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE); 649 820 p += 1; … … 658 829 return; 659 830 } 660 p = strrchr_m(service_buf,'\\');661 if (p ) {662 service = p +1;831 p2 = strrchr_m(service_buf,'\\'); 832 if (p2) { 833 service = p2+1; 663 834 } else { 664 835 service = service_buf; 665 836 } 666 837 667 password_blob = data_blob(password, pwlen+1); 668 669 conn = make_connection(sconn,service,password_blob,dev, 838 conn = make_connection(req, now, service, dev, 670 839 req->vuid,&nt_status); 671 840 req->conn = conn; 672 673 data_blob_clear_free(&password_blob);674 841 675 842 if (!conn) { … … 680 847 681 848 reply_outbuf(req, 2, 0); 682 SSVAL(req->outbuf,smb_vwv0, sconn->smb1.negprot.max_recv);849 SSVAL(req->outbuf,smb_vwv0,xconn->smb1.negprot.max_recv); 683 850 SSVAL(req->outbuf,smb_vwv1,conn->cnum); 684 851 SSVAL(req->outbuf,smb_tid,conn->cnum); … … 700 867 connection_struct *conn = req->conn; 701 868 const char *service = NULL; 702 DATA_BLOB password;703 869 TALLOC_CTX *ctx = talloc_tos(); 704 870 /* what the cleint thinks the device is */ … … 709 875 int passlen; 710 876 char *path = NULL; 711 const char *p, *q; 712 uint16 tcon_flags; 713 struct smbd_server_connection *sconn = req->sconn; 877 const uint8_t *p; 878 const char *q; 879 uint16_t tcon_flags; 880 struct smbXsrv_session *session = NULL; 881 NTTIME now = timeval_to_nttime(&req->request_time); 882 bool session_key_updated = false; 883 uint16_t optional_support = 0; 884 struct smbXsrv_connection *xconn = req->xconn; 714 885 715 886 START_PROFILE(SMBtconX); … … 725 896 726 897 /* we might have to close an old one */ 727 if ((tcon_flags & 0x1) && conn) { 728 close_cnum(conn,req->vuid); 898 if ((tcon_flags & TCONX_FLAG_DISCONNECT_TID) && conn) { 899 struct smbXsrv_tcon *tcon; 900 NTSTATUS status; 901 902 tcon = conn->tcon; 729 903 req->conn = NULL; 730 904 conn = NULL; 905 906 /* 907 * TODO: cancel all outstanding requests on the tcon 908 */ 909 status = smbXsrv_tcon_disconnect(tcon, req->vuid); 910 if (!NT_STATUS_IS_OK(status)) { 911 DEBUG(0, ("reply_tcon_and_X: " 912 "smbXsrv_tcon_disconnect() failed: %s\n", 913 nt_errstr(status))); 914 /* 915 * If we hit this case, there is something completely 916 * wrong, so we better disconnect the transport connection. 917 */ 918 END_PROFILE(SMBtconX); 919 exit_server(__location__ ": smbXsrv_tcon_disconnect failed"); 920 return; 921 } 922 923 TALLOC_FREE(tcon); 731 924 } 732 925 … … 737 930 } 738 931 739 if (sconn->smb1.negprot.encrypted_passwords) { 740 password = data_blob_talloc(talloc_tos(), req->buf, passlen); 741 if (lp_security() == SEC_SHARE) { 742 /* 743 * Security = share always has a pad byte 744 * after the password. 745 */ 746 p = (const char *)req->buf + passlen + 1; 747 } else { 748 p = (const char *)req->buf + passlen; 749 } 932 if (xconn->smb1.negprot.encrypted_passwords) { 933 p = req->buf + passlen; 750 934 } else { 751 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1); 752 /* Ensure correct termination */ 753 password.data[passlen]=0; 754 p = (const char *)req->buf + passlen + 1; 935 p = req->buf + passlen + 1; 755 936 } 756 937 … … 758 939 759 940 if (path == NULL) { 760 data_blob_clear_free(&password);761 941 reply_nterror(req, NT_STATUS_INVALID_PARAMETER); 762 942 END_PROFILE(SMBtconX); … … 771 951 q = strchr_m(path+2,'\\'); 772 952 if (!q) { 773 data_blob_clear_free(&password);774 953 reply_nterror(req, NT_STATUS_BAD_NETWORK_NAME); 775 954 END_PROFILE(SMBtconX); … … 786 965 787 966 if (client_devicetype == NULL) { 788 data_blob_clear_free(&password);789 967 reply_nterror(req, NT_STATUS_INVALID_PARAMETER); 790 968 END_PROFILE(SMBtconX); … … 794 972 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service)); 795 973 796 conn = make_connection(sconn, service, password, client_devicetype, 974 nt_status = smb1srv_session_lookup(xconn, 975 req->vuid, now, &session); 976 if (NT_STATUS_EQUAL(nt_status, NT_STATUS_USER_SESSION_DELETED)) { 977 reply_force_doserror(req, ERRSRV, ERRbaduid); 978 END_PROFILE(SMBtconX); 979 return; 980 } 981 if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NETWORK_SESSION_EXPIRED)) { 982 reply_nterror(req, nt_status); 983 END_PROFILE(SMBtconX); 984 return; 985 } 986 if (!NT_STATUS_IS_OK(nt_status)) { 987 reply_nterror(req, NT_STATUS_INVALID_HANDLE); 988 END_PROFILE(SMBtconX); 989 return; 990 } 991 992 if (session->global->auth_session_info == NULL) { 993 reply_nterror(req, NT_STATUS_INVALID_HANDLE); 994 END_PROFILE(SMBtconX); 995 return; 996 } 997 998 /* 999 * If there is no application key defined yet 1000 * we create one. 1001 * 1002 * This means we setup the application key on the 1003 * first tcon that happens via the given session. 1004 * 1005 * Once the application key is defined, it does not 1006 * change any more. 1007 */ 1008 if (session->global->application_key.length == 0 && 1009 session->global->signing_key.length > 0) 1010 { 1011 struct smbXsrv_session *x = session; 1012 struct auth_session_info *session_info = 1013 session->global->auth_session_info; 1014 uint8_t session_key[16]; 1015 1016 ZERO_STRUCT(session_key); 1017 memcpy(session_key, x->global->signing_key.data, 1018 MIN(x->global->signing_key.length, sizeof(session_key))); 1019 1020 /* 1021 * The application key is truncated/padded to 16 bytes 1022 */ 1023 x->global->application_key = data_blob_talloc(x->global, 1024 session_key, 1025 sizeof(session_key)); 1026 ZERO_STRUCT(session_key); 1027 if (x->global->application_key.data == NULL) { 1028 reply_nterror(req, NT_STATUS_NO_MEMORY); 1029 END_PROFILE(SMBtconX); 1030 return; 1031 } 1032 1033 if (tcon_flags & TCONX_FLAG_EXTENDED_SIGNATURES) { 1034 smb_key_derivation(x->global->application_key.data, 1035 x->global->application_key.length, 1036 x->global->application_key.data); 1037 optional_support |= SMB_EXTENDED_SIGNATURES; 1038 } 1039 1040 /* 1041 * Place the application key into the session_info 1042 */ 1043 data_blob_clear_free(&session_info->session_key); 1044 session_info->session_key = data_blob_dup_talloc(session_info, 1045 x->global->application_key); 1046 if (session_info->session_key.data == NULL) { 1047 data_blob_clear_free(&x->global->application_key); 1048 reply_nterror(req, NT_STATUS_NO_MEMORY); 1049 END_PROFILE(SMBtconX); 1050 return; 1051 } 1052 session_key_updated = true; 1053 } 1054 1055 conn = make_connection(req, now, service, client_devicetype, 797 1056 req->vuid, &nt_status); 798 1057 req->conn =conn; 799 1058 800 data_blob_clear_free(&password);801 802 1059 if (!conn) { 1060 if (session_key_updated) { 1061 struct smbXsrv_session *x = session; 1062 struct auth_session_info *session_info = 1063 session->global->auth_session_info; 1064 data_blob_clear_free(&x->global->application_key); 1065 data_blob_clear_free(&session_info->session_key); 1066 } 803 1067 reply_nterror(req, nt_status); 804 1068 END_PROFILE(SMBtconX); … … 827 1091 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) { 828 1092 /* Return permissions. */ 829 uint32 perm1 = 0;830 uint32 perm2 = 0;1093 uint32_t perm1 = 0; 1094 uint32_t perm2 = 0; 831 1095 832 1096 reply_outbuf(req, 7, 0); … … 856 1120 /* what does setting this bit do? It is set by NT4 and 857 1121 may affect the ability to autorun mounted cdroms */ 858 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS| 859 (lp_csc_policy(SNUM(conn)) << 2)); 1122 optional_support |= SMB_SUPPORT_SEARCH_BITS; 1123 optional_support |= 1124 (lp_csc_policy(SNUM(conn)) << SMB_CSC_POLICY_SHIFT); 860 1125 861 1126 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) { 862 1127 DEBUG(2,("Serving %s as a Dfs root\n", 863 lp_servicename(SNUM(conn)) )); 864 SSVAL(req->outbuf, smb_vwv2, 865 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2)); 866 } 867 } 868 1128 lp_servicename(ctx, SNUM(conn)) )); 1129 optional_support |= SMB_SHARE_IN_DFS; 1130 } 1131 1132 SSVAL(req->outbuf, smb_vwv2, optional_support); 1133 } 1134 1135 SSVAL(req->outbuf, smb_vwv0, 0xff); /* andx chain ends */ 1136 SSVAL(req->outbuf, smb_vwv1, 0); /* no andx offset */ 869 1137 870 1138 DEBUG(3,("tconX service=%s \n", … … 872 1140 873 1141 /* set the incoming and outgoing tid to the just created one */ 874 SSVAL( req->inbuf,smb_tid,conn->cnum);1142 SSVAL(discard_const_p(uint8_t, req->inbuf),smb_tid,conn->cnum); 875 1143 SSVAL(req->outbuf,smb_tid,conn->cnum); 876 1144 … … 878 1146 879 1147 req->tid = conn->cnum; 880 chain_reply(req);881 return;882 1148 } 883 1149 … … 886 1152 ****************************************************************************/ 887 1153 888 void reply_unknown_new(struct smb_request *req, uint8 type)1154 void reply_unknown_new(struct smb_request *req, uint8_t type) 889 1155 { 890 1156 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n", … … 902 1168 { 903 1169 connection_struct *conn = req->conn; 904 uint16 device;905 uint16 function;906 uint32 ioctl_code;1170 uint16_t device; 1171 uint16_t function; 1172 uint32_t ioctl_code; 907 1173 int replysize; 908 1174 char *p; … … 943 1209 case IOCTL_QUERY_JOB_INFO: 944 1210 { 1211 NTSTATUS status; 1212 size_t len = 0; 945 1213 files_struct *fsp = file_fsp( 946 1214 req, SVAL(req->vwv+0, 0)); … … 951 1219 } 952 1220 /* Job number */ 953 if (fsp->print_file) { 954 SSVAL(p, 0, fsp->print_file->rap_jobid); 955 } else { 956 SSVAL(p, 0, 0); 1221 SSVAL(p, 0, print_spool_rap_jobid(fsp->print_file)); 1222 1223 status = srvstr_push((char *)req->outbuf, req->flags2, p+2, 1224 lp_netbios_name(), 15, 1225 STR_TERMINATE|STR_ASCII, &len); 1226 if (!NT_STATUS_IS_OK(status)) { 1227 reply_nterror(req, status); 1228 END_PROFILE(SMBioctl); 1229 return; 957 1230 } 958 srvstr_push((char *)req->outbuf, req->flags2, p+2,959 global_myname(), 15,960 STR_TERMINATE|STR_ASCII);961 1231 if (conn) { 962 srvstr_push((char *)req->outbuf, req->flags2, 963 p+18, lp_servicename(SNUM(conn)), 964 13, STR_TERMINATE|STR_ASCII); 1232 status = srvstr_push((char *)req->outbuf, req->flags2, 1233 p+18, 1234 lp_servicename(talloc_tos(), 1235 SNUM(conn)), 1236 13, STR_TERMINATE|STR_ASCII, &len); 1237 if (!NT_STATUS_IS_OK(status)) { 1238 reply_nterror(req, status); 1239 END_PROFILE(SMBioctl); 1240 return; 1241 } 965 1242 } else { 966 1243 memset(p+18, 0, 13); … … 1000 1277 char *name = NULL; 1001 1278 NTSTATUS status; 1279 uint32_t ucf_flags = (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 0); 1002 1280 TALLOC_CTX *ctx = talloc_tos(); 1003 1281 … … 1020 1298 req->flags2 & FLAGS2_DFS_PATHNAMES, 1021 1299 name, 1022 0,1300 ucf_flags, 1023 1301 NULL, 1024 1302 &smb_fname); … … 1088 1366 char *fname = NULL; 1089 1367 int mode=0; 1090 SMB_OFF_Tsize=0;1368 off_t size=0; 1091 1369 time_t mtime=0; 1092 1370 const char *p; … … 1114 1392 mtime = 0; 1115 1393 } else { 1394 uint32_t ucf_flags = (req->posix_pathnames ? 1395 UCF_POSIX_PATHNAMES : 0); 1116 1396 status = filename_convert(ctx, 1117 1397 conn, 1118 1398 req->flags2 & FLAGS2_DFS_PATHNAMES, 1119 1399 fname, 1120 0,1400 ucf_flags, 1121 1401 NULL, 1122 1402 &smb_fname); … … 1168 1448 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime); 1169 1449 } 1170 SIVAL(req->outbuf,smb_vwv3,(uint32 )size);1450 SIVAL(req->outbuf,smb_vwv3,(uint32_t)size); 1171 1451 1172 1452 if (get_Protocol() >= PROTOCOL_NT1) { … … 1199 1479 const char *p; 1200 1480 NTSTATUS status; 1481 uint32_t ucf_flags = (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 0); 1201 1482 TALLOC_CTX *ctx = talloc_tos(); 1202 1483 … … 1221 1502 req->flags2 & FLAGS2_DFS_PATHNAMES, 1222 1503 fname, 1223 0,1504 ucf_flags, 1224 1505 NULL, 1225 1506 &smb_fname); … … 1247 1528 mtime = srv_make_unix_date3(req->vwv+1); 1248 1529 1249 ft.mtime = convert_time_t_to_timespec(mtime);1250 status = smb_set_file_time(conn, NULL, smb_fname, &ft, true);1251 if (!NT_STATUS_IS_OK(status)) {1252 reply_nterror(req, status);1253 goto out;1254 }1255 1256 1530 if (mode != FILE_ATTRIBUTE_NORMAL) { 1257 1531 if (VALID_STAT_OF_DIR(smb_fname->st)) … … 1260 1534 mode &= ~FILE_ATTRIBUTE_DIRECTORY; 1261 1535 1536 status = check_access(conn, NULL, smb_fname, 1537 FILE_WRITE_ATTRIBUTES); 1538 if (!NT_STATUS_IS_OK(status)) { 1539 reply_nterror(req, status); 1540 goto out; 1541 } 1542 1262 1543 if (file_set_dosmode(conn, smb_fname, mode, NULL, 1263 1544 false) != 0) { … … 1265 1546 goto out; 1266 1547 } 1548 } 1549 1550 ft.mtime = convert_time_t_to_timespec(mtime); 1551 status = smb_set_file_time(conn, NULL, smb_fname, &ft, true); 1552 if (!NT_STATUS_IS_OK(status)) { 1553 reply_nterror(req, status); 1554 goto out; 1267 1555 } 1268 1556 … … 1284 1572 { 1285 1573 connection_struct *conn = req->conn; 1574 uint64_t ret; 1286 1575 uint64_t dfree,dsize,bsize; 1287 1576 START_PROFILE(SMBdskattr); 1288 1577 1289 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) { 1578 ret = get_dfree_info(conn, ".", &bsize, &dfree, &dsize); 1579 if (ret == (uint64_t)-1) { 1290 1580 reply_nterror(req, map_nt_error_from_unix(errno)); 1291 1581 END_PROFILE(SMBdskattr); 1292 1582 return; 1583 } 1584 1585 /* 1586 * Force max to fit in 16 bit fields. 1587 */ 1588 while (dfree > WORDMAX || dsize > WORDMAX || bsize < 512) { 1589 dfree /= 2; 1590 dsize /= 2; 1591 bsize *= 2; 1592 if (bsize > (WORDMAX*512)) { 1593 bsize = (WORDMAX*512); 1594 if (dsize > WORDMAX) 1595 dsize = WORDMAX; 1596 if (dfree > WORDMAX) 1597 dfree = WORDMAX; 1598 break; 1599 } 1293 1600 } 1294 1601 … … 1362 1669 1363 1670 /**************************************************************************** 1671 Make a dir struct. 1672 ****************************************************************************/ 1673 1674 static bool make_dir_struct(TALLOC_CTX *ctx, 1675 char *buf, 1676 const char *mask, 1677 const char *fname, 1678 off_t size, 1679 uint32_t mode, 1680 time_t date, 1681 bool uc) 1682 { 1683 char *p; 1684 char *mask2 = talloc_strdup(ctx, mask); 1685 1686 if (!mask2) { 1687 return False; 1688 } 1689 1690 if ((mode & FILE_ATTRIBUTE_DIRECTORY) != 0) { 1691 size = 0; 1692 } 1693 1694 memset(buf+1,' ',11); 1695 if ((p = strchr_m(mask2,'.')) != NULL) { 1696 *p = 0; 1697 push_ascii(buf+1,mask2,8, 0); 1698 push_ascii(buf+9,p+1,3, 0); 1699 *p = '.'; 1700 } else { 1701 push_ascii(buf+1,mask2,11, 0); 1702 } 1703 1704 memset(buf+21,'\0',DIR_STRUCT_SIZE-21); 1705 SCVAL(buf,21,mode); 1706 srv_put_dos_date(buf,22,date); 1707 SSVAL(buf,26,size & 0xFFFF); 1708 SSVAL(buf,28,(size >> 16)&0xFFFF); 1709 /* We only uppercase if FLAGS2_LONG_PATH_COMPONENTS is zero in the input buf. 1710 Strange, but verified on W2K3. Needed for OS/2. JRA. */ 1711 push_ascii(buf+30,fname,12, uc ? STR_UPPER : 0); 1712 DEBUG(8,("put name [%s] from [%s] into dir struct\n",buf+30, fname)); 1713 return True; 1714 } 1715 1716 /**************************************************************************** 1364 1717 Reply to a search. 1365 1718 Can be called from SMBsearch, SMBffirst or SMBfunique. … … 1370 1723 connection_struct *conn = req->conn; 1371 1724 char *path = NULL; 1372 c onst char *mask = NULL;1725 char *mask = NULL; 1373 1726 char *directory = NULL; 1374 1727 struct smb_filename *smb_fname = NULL; 1375 1728 char *fname = NULL; 1376 SMB_OFF_Tsize;1377 uint32 mode;1729 off_t size; 1730 uint32_t mode; 1378 1731 struct timespec date; 1379 uint32 dirtype;1732 uint32_t dirtype; 1380 1733 unsigned int numentries = 0; 1381 1734 unsigned int maxentries = 0; … … 1393 1746 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true); 1394 1747 struct dptr_struct *dirptr = NULL; 1748 struct smbXsrv_connection *xconn = req->xconn; 1395 1749 struct smbd_server_connection *sconn = req->sconn; 1396 1750 … … 1402 1756 } 1403 1757 1404 if ( lp_posix_pathnames()) {1758 if (req->posix_pathnames) { 1405 1759 reply_unknown_new(req, req->cmd); 1406 1760 goto out; … … 1430 1784 1431 1785 if (status_len == 0) { 1786 uint32_t ucf_flags = UCF_ALWAYS_ALLOW_WCARD_LCOMP | 1787 (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 0); 1432 1788 nt_status = filename_convert(ctx, conn, 1433 1789 req->flags2 & FLAGS2_DFS_PATHNAMES, 1434 1790 path, 1435 UCF_ALWAYS_ALLOW_WCARD_LCOMP,1791 ucf_flags, 1436 1792 &mask_contains_wcard, 1437 1793 &smb_fname); … … 1450 1806 p = strrchr_m(directory,'/'); 1451 1807 if ((p != NULL) && (*directory != '/')) { 1452 mask = p + 1;1808 mask = talloc_strdup(ctx, p + 1); 1453 1809 directory = talloc_strndup(ctx, directory, 1454 1810 PTR_DIFF(p, directory)); 1455 1811 } else { 1456 mask = directory;1812 mask = talloc_strdup(ctx, directory); 1457 1813 directory = talloc_strdup(ctx,"."); 1458 1814 } … … 1467 1823 1468 1824 nt_status = dptr_create(conn, 1825 NULL, /* req */ 1469 1826 NULL, /* fsp */ 1470 1827 directory, … … 1502 1859 } 1503 1860 1504 mask = dptr_wcard(sconn, dptr_num);1861 mask = talloc_strdup(ctx, dptr_wcard(sconn, dptr_num)); 1505 1862 if (!mask) { 1506 1863 goto SearchEmpty; … … 1510 1867 * check from the initial saved string. 1511 1868 */ 1512 mask_contains_wcard = ms_has_wild(mask); 1869 if (!req->posix_pathnames) { 1870 mask_contains_wcard = ms_has_wild(mask); 1871 } 1513 1872 dirtype = dptr_attr(sconn, dptr_num); 1514 1873 } … … 1522 1881 char buf[DIR_STRUCT_SIZE]; 1523 1882 memcpy(buf,status,21); 1524 if (!make_dir_struct(ctx,buf,"???????????",volume_label( SNUM(conn)),1883 if (!make_dir_struct(ctx,buf,"???????????",volume_label(ctx, SNUM(conn)), 1525 1884 0,FILE_ATTRIBUTE_VOLUME,0,!allow_long_path_components)) { 1526 1885 reply_nterror(req, NT_STATUS_NO_MEMORY); … … 1541 1900 } else { 1542 1901 unsigned int i; 1543 maxentries = MIN( 1544 maxentries, 1545 ((BUFFER_SIZE - 1546 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf)) 1547 /DIR_STRUCT_SIZE)); 1902 size_t hdr_size = ((uint8_t *)smb_buf(req->outbuf) + 3 - req->outbuf); 1903 size_t available_space = xconn->smb1.sessions.max_send - hdr_size; 1904 1905 maxentries = MIN(maxentries, available_space/DIR_STRUCT_SIZE); 1548 1906 1549 1907 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n", 1550 directory,lp_dontdescend(SNUM(conn))));1551 if (in_list(directory, lp_dont descend(SNUM(conn)),True)) {1908 directory,lp_dont_descend(ctx, SNUM(conn)))); 1909 if (in_list(directory, lp_dont_descend(ctx, SNUM(conn)),True)) { 1552 1910 check_descend = True; 1553 1911 } … … 1642 2000 out: 1643 2001 TALLOC_FREE(directory); 2002 TALLOC_FREE(mask); 1644 2003 TALLOC_FREE(smb_fname); 1645 2004 END_PROFILE(SMBsearch); … … 1665 2024 START_PROFILE(SMBfclose); 1666 2025 1667 if ( lp_posix_pathnames()) {2026 if (req->posix_pathnames) { 1668 2027 reply_unknown_new(req, req->cmd); 1669 2028 END_PROFILE(SMBfclose); … … 1714 2073 struct smb_filename *smb_fname = NULL; 1715 2074 char *fname = NULL; 1716 uint32 fattr=0;1717 SMB_OFF_Tsize = 0;2075 uint32_t fattr=0; 2076 off_t size = 0; 1718 2077 time_t mtime=0; 1719 2078 int info; … … 1721 2080 int oplock_request; 1722 2081 int deny_mode; 1723 uint32 dos_attr;1724 uint32 access_mask;1725 uint32 share_mode;1726 uint32 create_disposition;1727 uint32 create_options = 0;2082 uint32_t dos_attr; 2083 uint32_t access_mask; 2084 uint32_t share_mode; 2085 uint32_t create_disposition; 2086 uint32_t create_options = 0; 1728 2087 uint32_t private_flags = 0; 1729 2088 NTSTATUS status; 1730 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true); 2089 uint32_t ucf_flags = UCF_PREP_CREATEFILE | 2090 (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 0); 1731 2091 TALLOC_CTX *ctx = talloc_tos(); 1732 2092 … … 1750 2110 1751 2111 if (!map_open_params_to_ntcreate(fname, deny_mode, 1752 OPENX_FILE_EXISTS_OPEN, &access_mask,1753 &share_mode, &create_disposition,1754 &create_options, &private_flags)) {2112 OPENX_FILE_EXISTS_OPEN, &access_mask, 2113 &share_mode, &create_disposition, 2114 &create_options, &private_flags)) { 1755 2115 reply_force_doserror(req, ERRDOS, ERRbadaccess); 1756 2116 goto out; … … 1761 2121 req->flags2 & FLAGS2_DFS_PATHNAMES, 1762 2122 fname, 1763 (create_disposition == FILE_CREATE) 1764 ? UCF_CREATING_FILE : 0, 2123 ucf_flags, 1765 2124 NULL, 1766 2125 &smb_fname); … … 1787 2146 dos_attr, /* file_attributes */ 1788 2147 oplock_request, /* oplock_request */ 2148 NULL, /* lease */ 1789 2149 0, /* allocation_size */ 1790 2150 private_flags, … … 1792 2152 NULL, /* ea_list */ 1793 2153 &fsp, /* result */ 1794 &info); /* pinfo */ 2154 &info, /* pinfo */ 2155 NULL, NULL); /* create context */ 1795 2156 1796 2157 if (!NT_STATUS_IS_OK(status)) { 1797 if (open_was_deferred(req-> mid)) {2158 if (open_was_deferred(req->xconn, req->mid)) { 1798 2159 /* We have re-scheduled this call. */ 1799 2160 goto out; … … 1803 2164 } 1804 2165 2166 /* Ensure we're pointing at the correct stat struct. */ 2167 TALLOC_FREE(smb_fname); 2168 smb_fname = fsp->fsp_name; 2169 1805 2170 size = smb_fname->st.st_ex_size; 1806 2171 fattr = dos_mode(conn, smb_fname); 1807 1808 /* Deal with other possible opens having a modified1809 write time. JRA. */1810 if (ask_sharemode) {1811 struct timespec write_time_ts;1812 1813 ZERO_STRUCT(write_time_ts);1814 get_file_infos(fsp->file_id, 0, NULL, &write_time_ts);1815 if (!null_timespec(write_time_ts)) {1816 update_stat_ex_mtime(&smb_fname->st, write_time_ts);1817 }1818 }1819 2172 1820 2173 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime); … … 1837 2190 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime); 1838 2191 } 1839 SIVAL(req->outbuf,smb_vwv4,(uint32 )size);2192 SIVAL(req->outbuf,smb_vwv4,(uint32_t)size); 1840 2193 SSVAL(req->outbuf,smb_vwv6,deny_mode); 1841 2194 … … 1850 2203 } 1851 2204 out: 1852 TALLOC_FREE(smb_fname);1853 2205 END_PROFILE(SMBopen); 1854 2206 return; … … 1864 2216 struct smb_filename *smb_fname = NULL; 1865 2217 char *fname = NULL; 1866 uint16 open_flags;2218 uint16_t open_flags; 1867 2219 int deny_mode; 1868 uint32 smb_attr;2220 uint32_t smb_attr; 1869 2221 /* Breakout the oplock request bits so we can set the 1870 2222 reply bits separately. */ … … 1874 2226 #if 0 1875 2227 int smb_sattr = SVAL(req->vwv+4, 0); 1876 uint32 smb_time = make_unix_date3(req->vwv+6);2228 uint32_t smb_time = make_unix_date3(req->vwv+6); 1877 2229 #endif 1878 2230 int smb_ofun; 1879 uint32 fattr=0;2231 uint32_t fattr=0; 1880 2232 int mtime=0; 1881 2233 int smb_action = 0; … … 1884 2236 uint64_t allocation_size; 1885 2237 ssize_t retval = -1; 1886 uint32 access_mask;1887 uint32 share_mode;1888 uint32 create_disposition;1889 uint32 create_options = 0;2238 uint32_t access_mask; 2239 uint32_t share_mode; 2240 uint32_t create_disposition; 2241 uint32_t create_options = 0; 1890 2242 uint32_t private_flags = 0; 2243 uint32_t ucf_flags = UCF_PREP_CREATEFILE | 2244 (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 0); 1891 2245 TALLOC_CTX *ctx = talloc_tos(); 1892 2246 … … 1926 2280 1927 2281 if (!map_open_params_to_ntcreate(fname, deny_mode, 1928 smb_ofun,1929 &access_mask, &share_mode,1930 &create_disposition,1931 &create_options,1932 &private_flags)) {2282 smb_ofun, 2283 &access_mask, &share_mode, 2284 &create_disposition, 2285 &create_options, 2286 &private_flags)) { 1933 2287 reply_force_doserror(req, ERRDOS, ERRbadaccess); 1934 2288 goto out; … … 1939 2293 req->flags2 & FLAGS2_DFS_PATHNAMES, 1940 2294 fname, 1941 (create_disposition == FILE_CREATE) 1942 ? UCF_CREATING_FILE : 0, 2295 ucf_flags, 1943 2296 NULL, 1944 2297 &smb_fname); … … 1965 2318 smb_attr, /* file_attributes */ 1966 2319 oplock_request, /* oplock_request */ 2320 NULL, /* lease */ 1967 2321 0, /* allocation_size */ 1968 2322 private_flags, … … 1970 2324 NULL, /* ea_list */ 1971 2325 &fsp, /* result */ 1972 &smb_action); /* pinfo */ 2326 &smb_action, /* pinfo */ 2327 NULL, NULL); /* create context */ 1973 2328 1974 2329 if (!NT_STATUS_IS_OK(status)) { 1975 if (open_was_deferred(req-> mid)) {2330 if (open_was_deferred(req->xconn, req->mid)) { 1976 2331 /* We have re-scheduled this call. */ 1977 2332 goto out; … … 1990 2345 goto out; 1991 2346 } 1992 retval = vfs_set_filelen(fsp, ( SMB_OFF_T)allocation_size);2347 retval = vfs_set_filelen(fsp, (off_t)allocation_size); 1993 2348 if (retval < 0) { 1994 2349 close_file(req, fsp, ERROR_CLOSE); … … 2035 2390 reply_outbuf(req, 15, 0); 2036 2391 } 2392 2393 SSVAL(req->outbuf, smb_vwv0, 0xff); /* andx chain ends */ 2394 SSVAL(req->outbuf, smb_vwv1, 0); /* no andx offset */ 2037 2395 2038 2396 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) { … … 2053 2411 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime); 2054 2412 } 2055 SIVAL(req->outbuf,smb_vwv6,(uint32 )fsp->fsp_name->st.st_ex_size);2413 SIVAL(req->outbuf,smb_vwv6,(uint32_t)fsp->fsp_name->st.st_ex_size); 2056 2414 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode)); 2057 2415 SSVAL(req->outbuf,smb_vwv11,smb_action); … … 2061 2419 } 2062 2420 2063 chain_reply(req);2064 2421 out: 2065 2422 TALLOC_FREE(smb_fname); … … 2075 2432 { 2076 2433 struct smbd_server_connection *sconn = req->sconn; 2077 user_struct *vuser; 2434 struct user_struct *vuser; 2435 struct smbXsrv_session *session = NULL; 2436 NTSTATUS status; 2078 2437 2079 2438 START_PROFILE(SMBulogoffX); … … 2082 2441 2083 2442 if(vuser == NULL) { 2084 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n", 2085 req->vuid)); 2086 } 2087 2088 /* in user level security we are supposed to close any files 2089 open by this user */ 2090 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) { 2091 file_close_user(sconn, req->vuid); 2092 } 2093 2094 invalidate_vuid(sconn, req->vuid); 2443 DEBUG(3,("ulogoff, vuser id %llu does not map to user.\n", 2444 (unsigned long long)req->vuid)); 2445 2446 req->vuid = UID_FIELD_INVALID; 2447 reply_force_doserror(req, ERRSRV, ERRbaduid); 2448 END_PROFILE(SMBulogoffX); 2449 return; 2450 } 2451 2452 session = vuser->session; 2453 vuser = NULL; 2454 2455 /* 2456 * TODO: cancel all outstanding requests on the session 2457 */ 2458 status = smbXsrv_session_logoff(session); 2459 if (!NT_STATUS_IS_OK(status)) { 2460 DEBUG(0, ("reply_ulogoff: " 2461 "smbXsrv_session_logoff() failed: %s\n", 2462 nt_errstr(status))); 2463 /* 2464 * If we hit this case, there is something completely 2465 * wrong, so we better disconnect the transport connection. 2466 */ 2467 END_PROFILE(SMBulogoffX); 2468 exit_server(__location__ ": smbXsrv_session_logoff failed"); 2469 return; 2470 } 2471 2472 TALLOC_FREE(session); 2095 2473 2096 2474 reply_outbuf(req, 2, 0); 2097 2098 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) ); 2475 SSVAL(req->outbuf, smb_vwv0, 0xff); /* andx chain ends */ 2476 SSVAL(req->outbuf, smb_vwv1, 0); /* no andx offset */ 2477 2478 DEBUG(3, ("ulogoffX vuid=%llu\n", 2479 (unsigned long long)req->vuid)); 2099 2480 2100 2481 END_PROFILE(SMBulogoffX); 2101 2482 req->vuid = UID_FIELD_INVALID; 2102 chain_reply(req);2103 2483 } 2104 2484 … … 2112 2492 struct smb_filename *smb_fname = NULL; 2113 2493 char *fname = NULL; 2114 uint32 fattr = 0;2494 uint32_t fattr = 0; 2115 2495 struct smb_file_time ft; 2116 2496 files_struct *fsp; 2117 2497 int oplock_request = 0; 2118 2498 NTSTATUS status; 2119 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE; 2120 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE; 2121 uint32 create_disposition; 2122 uint32 create_options = 0; 2499 uint32_t access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE; 2500 uint32_t share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE; 2501 uint32_t create_disposition; 2502 uint32_t create_options = 0; 2503 uint32_t ucf_flags = UCF_PREP_CREATEFILE | 2504 (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 0); 2123 2505 TALLOC_CTX *ctx = talloc_tos(); 2124 2506 … … 2148 2530 req->flags2 & FLAGS2_DFS_PATHNAMES, 2149 2531 fname, 2150 UCF_CREATING_FILE,2532 ucf_flags, 2151 2533 NULL, 2152 2534 &smb_fname); … … 2187 2569 fattr, /* file_attributes */ 2188 2570 oplock_request, /* oplock_request */ 2571 NULL, /* lease */ 2189 2572 0, /* allocation_size */ 2190 2573 0, /* private_flags */ … … 2192 2575 NULL, /* ea_list */ 2193 2576 &fsp, /* result */ 2194 NULL); /* pinfo */ 2577 NULL, /* pinfo */ 2578 NULL, NULL); /* create context */ 2195 2579 2196 2580 if (!NT_STATUS_IS_OK(status)) { 2197 if (open_was_deferred(req-> mid)) {2581 if (open_was_deferred(req->xconn, req->mid)) { 2198 2582 /* We have re-scheduled this call. */ 2199 2583 goto out; … … 2244 2628 char *wire_name = NULL; 2245 2629 char *fname = NULL; 2246 uint32 fattr;2630 uint32_t fattr; 2247 2631 files_struct *fsp; 2248 2632 int oplock_request; … … 2250 2634 NTSTATUS status; 2251 2635 int i; 2636 uint32_t ucf_flags = UCF_PREP_CREATEFILE | 2637 (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 0); 2252 2638 TALLOC_CTX *ctx = talloc_tos(); 2253 2639 … … 2289 2675 req->flags2 & FLAGS2_DFS_PATHNAMES, 2290 2676 fname, 2291 UCF_CREATING_FILE,2677 ucf_flags, 2292 2678 NULL, 2293 2679 &smb_fname); … … 2304 2690 /* Create the file. */ 2305 2691 status = SMB_VFS_CREATE_FILE( 2306 conn, 2307 req, 2308 0, 2309 smb_fname, 2692 conn, /* conn */ 2693 req, /* req */ 2694 0, /* root_dir_fid */ 2695 smb_fname, /* fname */ 2310 2696 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */ 2311 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ 2312 FILE_CREATE, /* create_disposition*/ 2313 0, /* create_options */ 2314 fattr, /* file_attributes */ 2315 oplock_request, /* oplock_request */ 2316 0, /* allocation_size */ 2317 0, /* private_flags */ 2318 NULL, /* sd */ 2319 NULL, /* ea_list */ 2320 &fsp, /* result */ 2321 NULL); /* pinfo */ 2697 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */ 2698 FILE_CREATE, /* create_disposition*/ 2699 0, /* create_options */ 2700 fattr, /* file_attributes */ 2701 oplock_request, /* oplock_request */ 2702 NULL, /* lease */ 2703 0, /* allocation_size */ 2704 0, /* private_flags */ 2705 NULL, /* sd */ 2706 NULL, /* ea_list */ 2707 &fsp, /* result */ 2708 NULL, /* pinfo */ 2709 NULL, NULL); /* create context */ 2322 2710 2323 2711 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) { … … 2328 2716 2329 2717 if (!NT_STATUS_IS_OK(status)) { 2330 if (open_was_deferred(req-> mid)) {2718 if (open_was_deferred(req->xconn, req->mid)) { 2331 2719 /* We have re-scheduled this call. */ 2332 2720 goto out; … … 2382 2770 out: 2383 2771 TALLOC_FREE(smb_fname); 2384 TALLOC_FREE(fname);2385 2772 TALLOC_FREE(wire_name); 2386 2773 END_PROFILE(SMBctemp); … … 2393 2780 2394 2781 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp, 2395 uint16 dirtype)2782 uint16_t dirtype) 2396 2783 { 2397 2784 if (!CAN_WRITE(conn)) { … … 2402 2789 (FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM)) { 2403 2790 /* Only bother to read the DOS attribute if we might deny the 2404 rename on the grounds of attribute mis smatch. */2791 rename on the grounds of attribute mismatch. */ 2405 2792 uint32_t fmode = dos_mode(conn, fsp->fsp_name); 2406 2793 if ((fmode & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM)) { … … 2410 2797 2411 2798 if (S_ISDIR(fsp->fsp_name->st.st_ex_mode)) { 2412 if (fsp->posix_ open) {2799 if (fsp->posix_flags & FSP_POSIX_FLAGS_RENAME) { 2413 2800 return NT_STATUS_OK; 2414 2801 } … … 2417 2804 directory, allow the rename. */ 2418 2805 2419 if (file_find_subpath(fsp)) { 2806 if (lp_strict_rename(SNUM(conn))) { 2807 /* 2808 * Strict rename, check open file db. 2809 */ 2810 if (have_file_open_below(fsp->conn, fsp->fsp_name)) { 2811 return NT_STATUS_ACCESS_DENIED; 2812 } 2813 } else if (file_find_subpath(fsp)) { 2814 /* 2815 * No strict rename, just look in local process. 2816 */ 2420 2817 return NT_STATUS_ACCESS_DENIED; 2421 2818 } … … 2437 2834 struct smb_request *req, 2438 2835 struct smb_filename *smb_fname, 2439 uint32 dirtype)2440 { 2441 uint32 fattr;2836 uint32_t dirtype) 2837 { 2838 uint32_t fattr; 2442 2839 files_struct *fsp; 2443 uint32 dirtype_orig = dirtype;2840 uint32_t dirtype_orig = dirtype; 2444 2841 NTSTATUS status; 2445 2842 int ret; 2446 bool posix_paths = lp_posix_pathnames();2843 bool posix_paths = (req != NULL && req->posix_pathnames); 2447 2844 2448 2845 DEBUG(10,("do_unlink: %s, dirtype = %d\n", … … 2474 2871 } 2475 2872 2476 if (!dir_check_ftype( conn,fattr, dirtype)) {2873 if (!dir_check_ftype(fattr, dirtype)) { 2477 2874 if (fattr & FILE_ATTRIBUTE_DIRECTORY) { 2478 2875 return NT_STATUS_FILE_IS_A_DIRECTORY; … … 2532 2929 FILE_ATTRIBUTE_NORMAL, 2533 2930 0, /* oplock_request */ 2931 NULL, /* lease */ 2534 2932 0, /* allocation_size */ 2535 2933 0, /* private_flags */ … … 2537 2935 NULL, /* ea_list */ 2538 2936 &fsp, /* result */ 2539 NULL); /* pinfo */ 2937 NULL, /* pinfo */ 2938 NULL, NULL); /* create context */ 2540 2939 2541 2940 if (!NT_STATUS_IS_OK(status)) { … … 2556 2955 2557 2956 /* The set is across all open files on this dev/inode pair. */ 2558 if (!set_delete_on_close(fsp, true,2957 if (!set_delete_on_close(fsp, True, 2559 2958 conn->session_info->security_token, 2560 &conn->session_info->utok)) {2959 conn->session_info->unix_token)) { 2561 2960 close_file(req, fsp, NORMAL_CLOSE); 2562 2961 return NT_STATUS_ACCESS_DENIED; … … 2572 2971 2573 2972 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, 2574 uint32 dirtype, struct smb_filename *smb_fname,2973 uint32_t dirtype, struct smb_filename *smb_fname, 2575 2974 bool has_wild) 2576 2975 { … … 2655 3054 goto out; 2656 3055 } 3056 if (dirtype == 0) { 3057 dirtype = FILE_ATTRIBUTE_NORMAL; 3058 } 2657 3059 2658 3060 if (strequal(fname_mask,"????????.???")) { … … 2739 3141 status = do_unlink(conn, req, smb_fname, dirtype); 2740 3142 if (!NT_STATUS_IS_OK(status)) { 3143 TALLOC_FREE(dir_hnd); 2741 3144 TALLOC_FREE(frame); 2742 3145 TALLOC_FREE(talloced); 2743 continue;3146 goto out; 2744 3147 } 2745 3148 … … 2773 3176 char *name = NULL; 2774 3177 struct smb_filename *smb_fname = NULL; 2775 uint32 dirtype;3178 uint32_t dirtype; 2776 3179 NTSTATUS status; 2777 3180 bool path_contains_wcard = False; 3181 uint32_t ucf_flags = UCF_COND_ALLOW_WCARD_LCOMP | 3182 (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 0); 2778 3183 TALLOC_CTX *ctx = talloc_tos(); 2779 3184 … … 2798 3203 req->flags2 & FLAGS2_DFS_PATHNAMES, 2799 3204 name, 2800 UCF_COND_ALLOW_WCARD_LCOMP,3205 ucf_flags, 2801 3206 &path_contains_wcard, 2802 3207 &smb_fname); … … 2816 3221 path_contains_wcard); 2817 3222 if (!NT_STATUS_IS_OK(status)) { 2818 if (open_was_deferred(req-> mid)) {3223 if (open_was_deferred(req->xconn, req->mid)) { 2819 3224 /* We have re-scheduled this call. */ 2820 3225 goto out; … … 2850 3255 ****************************************************************************/ 2851 3256 2852 ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread) 3257 ssize_t fake_sendfile(struct smbXsrv_connection *xconn, files_struct *fsp, 3258 off_t startpos, size_t nread) 2853 3259 { 2854 3260 size_t bufsize; … … 2870 3276 size_t cur_read; 2871 3277 2872 if (tosend > bufsize) { 2873 cur_read = bufsize; 2874 } else { 2875 cur_read = tosend; 2876 } 3278 cur_read = MIN(tosend, bufsize); 2877 3279 ret = read_file(fsp,buf,startpos,cur_read); 2878 3280 if (ret == -1) { … … 2886 3288 } 2887 3289 2888 if (write_data(fsp->conn->sconn->sock, buf, cur_read)2889 2890 char addr[INET6_ADDRSTRLEN];3290 ret = write_data(xconn->transport.sock, buf, cur_read); 3291 if (ret != cur_read) { 3292 int saved_errno = errno; 2891 3293 /* 2892 3294 * Try and give an error message saying what … … 2895 3297 DEBUG(0, ("write_data failed for client %s. " 2896 3298 "Error %s\n", 2897 get_peer_addr(fsp->conn->sconn->sock, addr, 2898 sizeof(addr)), 2899 strerror(errno))); 3299 smbXsrv_connection_dbg(xconn), 3300 strerror(saved_errno))); 2900 3301 SAFE_FREE(buf); 3302 errno = saved_errno; 2901 3303 return -1; 2902 3304 } … … 2911 3313 /**************************************************************************** 2912 3314 Deal with the case of sendfile reading less bytes from the file than 2913 requested. Fill with zeros (all we can do). 3315 requested. Fill with zeros (all we can do). Returns 0 on success 2914 3316 ****************************************************************************/ 2915 3317 2916 void sendfile_short_send(files_struct *fsp, 2917 ssize_t nread, 2918 size_t headersize, 2919 size_t smb_maxcnt) 3318 ssize_t sendfile_short_send(struct smbXsrv_connection *xconn, 3319 files_struct *fsp, 3320 ssize_t nread, 3321 size_t headersize, 3322 size_t smb_maxcnt) 2920 3323 { 2921 3324 #define SHORT_SEND_BUFSIZE 1024 … … 2924 3327 "header for file %s (%s). Terminating\n", 2925 3328 fsp_str_dbg(fsp), strerror(errno))); 2926 exit_server_cleanly("sendfile_short_send failed");3329 return -1; 2927 3330 } 2928 3331 … … 2932 3335 char *buf = SMB_CALLOC_ARRAY(char, SHORT_SEND_BUFSIZE); 2933 3336 if (!buf) { 2934 exit_server_cleanly("sendfile_short_send: " 2935 "malloc failed"); 3337 DEBUG(0,("sendfile_short_send: malloc failed " 3338 "for file %s (%s). Terminating\n", 3339 fsp_str_dbg(fsp), strerror(errno))); 3340 return -1; 2936 3341 } 2937 3342 … … 2955 3360 */ 2956 3361 size_t to_write; 3362 ssize_t ret; 2957 3363 2958 3364 to_write = MIN(SHORT_SEND_BUFSIZE, smb_maxcnt - nread); 2959 if (write_data(fsp->conn->sconn->sock, buf, to_write)2960 2961 char addr[INET6_ADDRSTRLEN];3365 ret = write_data(xconn->transport.sock, buf, to_write); 3366 if (ret != to_write) { 3367 int saved_errno = errno; 2962 3368 /* 2963 3369 * Try and give an error message saying what … … 2966 3372 DEBUG(0, ("write_data failed for client %s. " 2967 3373 "Error %s\n", 2968 get_peer_addr( 2969 fsp->conn->sconn->sock, addr, 2970 sizeof(addr)), 2971 strerror(errno))); 2972 exit_server_cleanly("sendfile_short_send: " 2973 "write_data failed"); 3374 smbXsrv_connection_dbg(xconn), 3375 strerror(saved_errno))); 3376 errno = saved_errno; 3377 return -1; 2974 3378 } 2975 3379 nread += to_write; … … 2977 3381 SAFE_FREE(buf); 2978 3382 } 3383 3384 return 0; 2979 3385 } 2980 3386 … … 2983 3389 ****************************************************************************/ 2984 3390 2985 static void reply_readbraw_error(struct smb d_server_connection *sconn)3391 static void reply_readbraw_error(struct smbXsrv_connection *xconn) 2986 3392 { 2987 3393 char header[4]; … … 2989 3395 SIVAL(header,0,0); 2990 3396 2991 smbd_lock_socket( sconn);2992 if (write_data( sconn->sock,header,4) != 4) {2993 char addr[INET6_ADDRSTRLEN];3397 smbd_lock_socket(xconn); 3398 if (write_data(xconn->transport.sock,header,4) != 4) { 3399 int saved_errno = errno; 2994 3400 /* 2995 3401 * Try and give an error message saying what … … 2998 3404 DEBUG(0, ("write_data failed for client %s. " 2999 3405 "Error %s\n", 3000 get_peer_addr(sconn->sock, addr, sizeof(addr)), 3001 strerror(errno))); 3406 smbXsrv_connection_dbg(xconn), 3407 strerror(saved_errno))); 3408 errno = saved_errno; 3002 3409 3003 3410 fail_readraw(); 3004 3411 } 3005 smbd_unlock_socket( sconn);3412 smbd_unlock_socket(xconn); 3006 3413 } 3007 3414 … … 3013 3420 struct smb_request *req, 3014 3421 files_struct *fsp, 3015 SMB_OFF_Tstartpos,3422 off_t startpos, 3016 3423 size_t nread, 3017 3424 ssize_t mincount) 3018 3425 { 3019 struct smb d_server_connection *sconn = req->sconn;3426 struct smbXsrv_connection *xconn = req->xconn; 3020 3427 char *outbuf = NULL; 3021 3428 ssize_t ret=0; … … 3030 3437 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) && 3031 3438 (fsp->wcp == NULL) && 3032 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {3439 lp_use_sendfile(SNUM(conn), xconn->smb1.signing_state) ) { 3033 3440 ssize_t sendfile_read = -1; 3034 3441 char header[4]; … … 3038 3445 header_blob = data_blob_const(header, 4); 3039 3446 3040 sendfile_read = SMB_VFS_SENDFILE( sconn->sock, fsp,3447 sendfile_read = SMB_VFS_SENDFILE(xconn->transport.sock, fsp, 3041 3448 &header_blob, startpos, 3042 3449 nread); … … 3058 3465 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n")); 3059 3466 3060 if (fake_sendfile( fsp, startpos, nread) == -1) {3467 if (fake_sendfile(xconn, fsp, startpos, nread) == -1) { 3061 3468 DEBUG(0,("send_file_readbraw: " 3062 3469 "fake_sendfile failed for " … … 3089 3496 /* Deal with possible short send. */ 3090 3497 if (sendfile_read != 4+nread) { 3091 sendfile_short_send(fsp, sendfile_read, 4, nread); 3498 ret = sendfile_short_send(xconn, fsp, 3499 sendfile_read, 4, nread); 3500 if (ret == -1) { 3501 fail_readraw(); 3502 } 3092 3503 } 3093 3504 return; … … 3096 3507 normal_readbraw: 3097 3508 3098 outbuf = TALLOC_ARRAY(NULL, char, nread+4);3509 outbuf = talloc_array(NULL, char, nread+4); 3099 3510 if (!outbuf) { 3100 DEBUG(0,("send_file_readbraw: TALLOC_ARRAYfailed for size %u.\n",3511 DEBUG(0,("send_file_readbraw: talloc_array failed for size %u.\n", 3101 3512 (unsigned)(nread+4))); 3102 reply_readbraw_error( sconn);3513 reply_readbraw_error(xconn); 3103 3514 return; 3104 3515 } … … 3116 3527 3117 3528 _smb_setlen(outbuf,ret); 3118 if (write_data( sconn->sock, outbuf, 4+ret) != 4+ret) {3119 char addr[INET6_ADDRSTRLEN];3529 if (write_data(xconn->transport.sock, outbuf, 4+ret) != 4+ret) { 3530 int saved_errno = errno; 3120 3531 /* 3121 3532 * Try and give an error message saying what 3122 3533 * client failed. 3123 3534 */ 3124 DEBUG(0, ("write_data failed for client %s. " 3125 "Error %s\n", 3126 get_peer_addr(fsp->conn->sconn->sock, addr, 3127 sizeof(addr)), 3128 strerror(errno))); 3535 DEBUG(0, ("write_data failed for client %s. Error %s\n", 3536 smbXsrv_connection_dbg(xconn), 3537 strerror(saved_errno))); 3538 errno = saved_errno; 3129 3539 3130 3540 fail_readraw(); … … 3141 3551 { 3142 3552 connection_struct *conn = req->conn; 3143 struct smb d_server_connection *sconn = req->sconn;3553 struct smbXsrv_connection *xconn = req->xconn; 3144 3554 ssize_t maxcount,mincount; 3145 3555 size_t nread = 0; 3146 SMB_OFF_Tstartpos;3556 off_t startpos; 3147 3557 files_struct *fsp; 3148 3558 struct lock_struct lock; 3149 SMB_OFF_Tsize = 0;3559 off_t size = 0; 3150 3560 3151 3561 START_PROFILE(SMBreadbraw); 3152 3562 3153 if (srv_is_signing_active( sconn) || req->encrypted) {3563 if (srv_is_signing_active(xconn) || req->encrypted) { 3154 3564 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - " 3155 3565 "raw reads/writes are disallowed."); … … 3157 3567 3158 3568 if (req->wct < 8) { 3159 reply_readbraw_error( sconn);3569 reply_readbraw_error(xconn); 3160 3570 END_PROFILE(SMBreadbraw); 3161 3571 return; 3162 3572 } 3163 3573 3164 if ( sconn->smb1.echo_handler.trusted_fde) {3574 if (xconn->smb1.echo_handler.trusted_fde) { 3165 3575 DEBUG(2,("SMBreadbraw rejected with NOT_SUPPORTED because of " 3166 3576 "'async smb echo handler = yes'\n")); 3167 reply_readbraw_error( sconn);3577 reply_readbraw_error(xconn); 3168 3578 END_PROFILE(SMBreadbraw); 3169 3579 return; … … 3193 3603 "- cache prime?\n", 3194 3604 (int)SVAL(req->vwv+0, 0))); 3195 reply_readbraw_error( sconn);3605 reply_readbraw_error(xconn); 3196 3606 END_PROFILE(SMBreadbraw); 3197 3607 return; … … 3204 3614 DEBUG(3,("reply_readbraw: fnum %d not readable.\n", 3205 3615 (int)SVAL(req->vwv+0, 0))); 3206 reply_readbraw_error( sconn);3616 reply_readbraw_error(xconn); 3207 3617 END_PROFILE(SMBreadbraw); 3208 3618 return; 3209 3619 } 3210 3620 3211 flush_write_cache(fsp, READRAW_FLUSH);3621 flush_write_cache(fsp, SAMBA_READRAW_FLUSH); 3212 3622 3213 3623 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0); … … 3216 3626 * This is a large offset (64 bit) read. 3217 3627 */ 3218 #ifdef LARGE_SMB_OFF_T 3219 3220 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32); 3221 3222 #else /* !LARGE_SMB_OFF_T */ 3223 3224 /* 3225 * Ensure we haven't been sent a >32 bit offset. 3226 */ 3227 3228 if(IVAL(req->vwv+8, 0) != 0) { 3229 DEBUG(0,("reply_readbraw: large offset " 3230 "(%x << 32) used and we don't support " 3231 "64 bit offsets.\n", 3232 (unsigned int)IVAL(req->vwv+8, 0) )); 3233 reply_readbraw_error(sconn); 3234 END_PROFILE(SMBreadbraw); 3235 return; 3236 } 3237 3238 #endif /* LARGE_SMB_OFF_T */ 3628 3629 startpos |= (((off_t)IVAL(req->vwv+8, 0)) << 32); 3239 3630 3240 3631 if(startpos < 0) { … … 3242 3633 "readraw offset (%.0f) !\n", 3243 3634 (double)startpos )); 3244 reply_readbraw_error( sconn);3635 reply_readbraw_error(xconn); 3245 3636 END_PROFILE(SMBreadbraw); 3246 3637 return; … … 3259 3650 3260 3651 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) { 3261 reply_readbraw_error( sconn);3652 reply_readbraw_error(xconn); 3262 3653 END_PROFILE(SMBreadbraw); 3263 3654 return; … … 3279 3670 #endif 3280 3671 3281 DEBUG( 3, ( "reply_readbraw: fnum=%dstart=%.0f max=%lu "3672 DEBUG( 3, ( "reply_readbraw: %s start=%.0f max=%lu " 3282 3673 "min=%lu nread=%lu\n", 3283 fsp ->fnum, (double)startpos,3674 fsp_fnum_dbg(fsp), (double)startpos, 3284 3675 (unsigned long)maxcount, 3285 3676 (unsigned long)mincount, … … 3308 3699 ssize_t nread = -1; 3309 3700 char *data; 3310 SMB_OFF_Tstartpos;3701 off_t startpos; 3311 3702 size_t numtoread; 3703 size_t maxtoread; 3312 3704 NTSTATUS status; 3313 3705 files_struct *fsp; 3314 3706 struct byte_range_lock *br_lck = NULL; 3315 3707 char *p = NULL; 3316 struct smb d_server_connection *sconn = req->sconn;3708 struct smbXsrv_connection *xconn = req->xconn; 3317 3709 3318 3710 START_PROFILE(SMBlockread); … … 3339 3731 numtoread = SVAL(req->vwv+1, 0); 3340 3732 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0); 3341 3342 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);3343 3344 reply_outbuf(req, 5, numtoread + 3);3345 3346 data = smb_buf(req->outbuf) + 3;3347 3733 3348 3734 /* … … 3351 3737 * Thus instead of asking for a read lock here we need to ask 3352 3738 * for a write lock. JRA. 3353 * Note that the requested lock size is unaffected by max_ recv.3739 * Note that the requested lock size is unaffected by max_send. 3354 3740 */ 3355 3741 … … 3363 3749 False, /* Non-blocking lock. */ 3364 3750 &status, 3365 NULL,3366 3751 NULL); 3367 3752 TALLOC_FREE(br_lck); … … 3374 3759 3375 3760 /* 3376 * However the requested READ size IS affected by max_ recv. Insanity.... JRA.3761 * However the requested READ size IS affected by max_send. Insanity.... JRA. 3377 3762 */ 3378 3379 if (numtoread > sconn->smb1.negprot.max_recv) { 3380 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \ 3763 maxtoread = xconn->smb1.sessions.max_send - (smb_size + 5*2 + 3); 3764 3765 if (numtoread > maxtoread) { 3766 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u/%u). \ 3381 3767 Returning short read of maximum allowed for compatibility with Windows 2000.\n", 3382 (unsigned int)numtoread, 3383 (unsigned int)sconn->smb1.negprot.max_recv)); 3384 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv); 3385 } 3768 (unsigned int)numtoread, (unsigned int)maxtoread, 3769 (unsigned int)xconn->smb1.sessions.max_send)); 3770 numtoread = maxtoread; 3771 } 3772 3773 reply_outbuf(req, 5, numtoread + 3); 3774 3775 data = smb_buf(req->outbuf) + 3; 3776 3386 3777 nread = read_file(fsp,data,startpos,numtoread); 3387 3778 … … 3400 3791 SSVAL(p,1,nread); 3401 3792 3402 DEBUG(3,("lockread fnum=%dnum=%d nread=%d\n",3403 fsp ->fnum, (int)numtoread, (int)nread));3793 DEBUG(3,("lockread %s num=%d nread=%d\n", 3794 fsp_fnum_dbg(fsp), (int)numtoread, (int)nread)); 3404 3795 3405 3796 END_PROFILE(SMBlockread); … … 3418 3809 connection_struct *conn = req->conn; 3419 3810 size_t numtoread; 3811 size_t maxtoread; 3420 3812 ssize_t nread = 0; 3421 3813 char *data; 3422 SMB_OFF_T startpos; 3423 int outsize = 0; 3814 off_t startpos; 3424 3815 files_struct *fsp; 3425 3816 struct lock_struct lock; 3426 struct smb d_server_connection *sconn = req->sconn;3817 struct smbXsrv_connection *xconn = req->xconn; 3427 3818 3428 3819 START_PROFILE(SMBread); … … 3450 3841 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0); 3451 3842 3452 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);3453 3454 3843 /* 3455 * The requested read size cannot be greater than max_ recv. JRA.3844 * The requested read size cannot be greater than max_send. JRA. 3456 3845 */ 3457 if (numtoread > sconn->smb1.negprot.max_recv) { 3458 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \ 3846 maxtoread = xconn->smb1.sessions.max_send - (smb_size + 5*2 + 3); 3847 3848 if (numtoread > maxtoread) { 3849 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u/%u). \ 3459 3850 Returning short read of maximum allowed for compatibility with Windows 2000.\n", 3460 (unsigned int)numtoread, 3461 (unsigned int) sconn->smb1.negprot.max_recv));3462 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);3851 (unsigned int)numtoread, (unsigned int)maxtoread, 3852 (unsigned int)xconn->smb1.sessions.max_send)); 3853 numtoread = maxtoread; 3463 3854 } 3464 3855 … … 3492 3883 SSVAL(smb_buf(req->outbuf),1,nread); 3493 3884 3494 DEBUG( 3, ( "read fnum=%dnum=%d nread=%d\n",3495 fsp->fnum, (int)numtoread, (int)nread ));3885 DEBUG(3, ("read %s num=%d nread=%d\n", 3886 fsp_fnum_dbg(fsp), (int)numtoread, (int)nread)); 3496 3887 3497 3888 strict_unlock: … … 3510 3901 { 3511 3902 int outsize; 3512 char *data; 3513 3514 outsize = srv_set_message(outbuf,12,smb_maxcnt,False); 3515 data = smb_buf(outbuf); 3903 3904 outsize = srv_set_message(outbuf,12,smb_maxcnt + 1 /* padding byte */, 3905 False); 3516 3906 3517 3907 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */ … … 3521 3911 SSVAL(outbuf,smb_vwv5,smb_maxcnt); 3522 3912 SSVAL(outbuf,smb_vwv6, 3523 req_wct_ofs(req)3913 (smb_wct - 4) /* offset from smb header to wct */ 3524 3914 + 1 /* the wct field */ 3525 3915 + 12 * sizeof(uint16_t) /* vwv */ 3526 + 2); /* the buflen field */ 3916 + 2 /* the buflen field */ 3917 + 1); /* padding byte */ 3527 3918 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16)); 3528 3919 SSVAL(outbuf,smb_vwv11,smb_maxcnt); 3920 SCVAL(smb_buf(outbuf), 0, 0); /* padding byte */ 3529 3921 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */ 3530 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4)); 3922 _smb_setlen_large(outbuf, 3923 smb_size + 12*2 + smb_maxcnt - 4 + 1 /* pad */); 3531 3924 return outsize; 3532 3925 } … … 3537 3930 3538 3931 static void send_file_readX(connection_struct *conn, struct smb_request *req, 3539 files_struct *fsp, SMB_OFF_Tstartpos,3932 files_struct *fsp, off_t startpos, 3540 3933 size_t smb_maxcnt) 3541 3934 { 3935 struct smbXsrv_connection *xconn = req->xconn; 3542 3936 ssize_t nread = -1; 3543 3937 struct lock_struct lock; … … 3560 3954 3561 3955 if (!req_is_in_chain(req) && 3562 !req->encrypted && (fsp->base_fsp == NULL) && 3956 !req->encrypted && 3957 (fsp->base_fsp == NULL) && 3563 3958 (fsp->wcp == NULL) && 3564 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {3565 uint8 headerbuf[smb_size + 12 * 2];3959 lp_use_sendfile(SNUM(conn), xconn->smb1.signing_state) ) { 3960 uint8_t headerbuf[smb_size + 12 * 2 + 1 /* padding byte */]; 3566 3961 DATA_BLOB header; 3567 3962 … … 3592 3987 setup_readX_header(req, (char *)headerbuf, smb_maxcnt); 3593 3988 3594 nread = SMB_VFS_SENDFILE( req->sconn->sock, fsp, &header,3989 nread = SMB_VFS_SENDFILE(xconn->transport.sock, fsp, &header, 3595 3990 startpos, smb_maxcnt); 3596 3991 if (nread == -1) { 3992 saved_errno = errno; 3993 3597 3994 /* Returning ENOSYS means no data at all was sent. 3598 3995 Do this as a normal read. */ … … 3611 4008 set_use_sendfile(SNUM(conn), False); 3612 4009 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n")); 3613 nread = fake_sendfile( fsp, startpos,4010 nread = fake_sendfile(xconn, fsp, startpos, 3614 4011 smb_maxcnt); 3615 4012 if (nread == -1) { 4013 saved_errno = errno; 3616 4014 DEBUG(0,("send_file_readX: " 3617 4015 "fake_sendfile failed for " 3618 "file %s (%s).\n", 4016 "file %s (%s) for client %s. " 4017 "Terminating\n", 3619 4018 fsp_str_dbg(fsp), 3620 strerror(errno))); 4019 smbXsrv_connection_dbg(xconn), 4020 strerror(saved_errno))); 4021 errno = saved_errno; 3621 4022 exit_server_cleanly("send_file_readX: fake_sendfile failed"); 3622 4023 } 3623 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%dmax=%d nread=%d\n",3624 fsp->fnum, (int)smb_maxcnt, (int)nread ));4024 DEBUG(3, ("send_file_readX: fake_sendfile %s max=%d nread=%d\n", 4025 fsp_fnum_dbg(fsp), (int)smb_maxcnt, (int)nread)); 3625 4026 /* No outbuf here means successful sendfile. */ 3626 4027 goto strict_unlock; … … 3645 4046 } 3646 4047 3647 DEBUG( 3, ( "send_file_readX: sendfile fnum=%dmax=%d nread=%d\n",3648 fsp->fnum, (int)smb_maxcnt, (int)nread ));4048 DEBUG(3, ("send_file_readX: sendfile %s max=%d nread=%d\n", 4049 fsp_fnum_dbg(fsp), (int)smb_maxcnt, (int)nread)); 3649 4050 3650 4051 /* Deal with possible short send. */ 3651 4052 if (nread != smb_maxcnt + sizeof(headerbuf)) { 3652 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt); 4053 ssize_t ret; 4054 4055 ret = sendfile_short_send(xconn, fsp, nread, 4056 sizeof(headerbuf), smb_maxcnt); 4057 if (ret == -1) { 4058 const char *r; 4059 r = "send_file_readX: sendfile_short_send failed"; 4060 DEBUG(0,("%s for file %s (%s).\n", 4061 r, fsp_str_dbg(fsp), strerror(errno))); 4062 exit_server_cleanly(r); 4063 } 3653 4064 } 3654 4065 /* No outbuf here means successful sendfile. */ … … 3661 4072 3662 4073 if ((smb_maxcnt & 0xFF0000) > 0x10000) { 3663 uint8 headerbuf[smb_size + 2*12]; 4074 uint8_t headerbuf[smb_size + 2*12 + 1 /* padding byte */]; 4075 ssize_t ret; 4076 4077 if (!S_ISREG(fsp->fsp_name->st.st_ex_mode) || 4078 (startpos > fsp->fsp_name->st.st_ex_size) || 4079 (smb_maxcnt > (fsp->fsp_name->st.st_ex_size - startpos))) { 4080 /* 4081 * We already know that we would do a short 4082 * read, so don't try the sendfile() path. 4083 */ 4084 goto nosendfile_read; 4085 } 3664 4086 3665 4087 construct_reply_common_req(req, (char *)headerbuf); … … 3667 4089 3668 4090 /* Send out the header. */ 3669 if (write_data(req->sconn->sock, (char *)headerbuf,3670 sizeof(headerbuf)) != sizeof(headerbuf)) {3671 3672 char addr[INET6_ADDRSTRLEN];4091 ret = write_data(xconn->transport.sock, (char *)headerbuf, 4092 sizeof(headerbuf)); 4093 if (ret != sizeof(headerbuf)) { 4094 saved_errno = errno; 3673 4095 /* 3674 4096 * Try and give an error message saying what 3675 4097 * client failed. 3676 4098 */ 3677 DEBUG(0, ("write_data failed for client %s. "3678 "Error %s\n",3679 get_peer_addr(req->sconn->sock, addr,3680 sizeof(addr)),3681 strerror(errno)));3682 3683 4099 DEBUG(0,("send_file_readX: write_data failed for file " 3684 "%s (%s). Terminating\n", fsp_str_dbg(fsp), 3685 strerror(errno))); 4100 "%s (%s) for client %s. Terminating\n", 4101 fsp_str_dbg(fsp), 4102 smbXsrv_connection_dbg(xconn), 4103 strerror(saved_errno))); 4104 errno = saved_errno; 3686 4105 exit_server_cleanly("send_file_readX sendfile failed"); 3687 4106 } 3688 nread = fake_sendfile( fsp, startpos, smb_maxcnt);4107 nread = fake_sendfile(xconn, fsp, startpos, smb_maxcnt); 3689 4108 if (nread == -1) { 3690 DEBUG(0,("send_file_readX: fake_sendfile failed for " 3691 "file %s (%s).\n", fsp_str_dbg(fsp), 3692 strerror(errno))); 4109 saved_errno = errno; 4110 DEBUG(0,("send_file_readX: fake_sendfile failed for file " 4111 "%s (%s) for client %s. Terminating\n", 4112 fsp_str_dbg(fsp), 4113 smbXsrv_connection_dbg(xconn), 4114 strerror(saved_errno))); 4115 errno = saved_errno; 3693 4116 exit_server_cleanly("send_file_readX: fake_sendfile failed"); 3694 4117 } … … 3698 4121 nosendfile_read: 3699 4122 3700 reply_outbuf(req, 12, smb_maxcnt); 3701 3702 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt); 4123 reply_outbuf(req, 12, smb_maxcnt + 1 /* padding byte */); 4124 SSVAL(req->outbuf, smb_vwv0, 0xff); /* andx chain ends */ 4125 SSVAL(req->outbuf, smb_vwv1, 0); /* no andx offset */ 4126 4127 nread = read_file(fsp, smb_buf(req->outbuf) + 1 /* padding byte */, 4128 startpos, smb_maxcnt); 3703 4129 saved_errno = errno; 3704 4130 … … 3712 4138 setup_readX_header(req, (char *)req->outbuf, nread); 3713 4139 3714 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", 3715 fsp->fnum, (int)smb_maxcnt, (int)nread ) ); 3716 3717 chain_reply(req); 4140 DEBUG(3, ("send_file_readX %s max=%d nread=%d\n", 4141 fsp_fnum_dbg(fsp), (int)smb_maxcnt, (int)nread)); 3718 4142 return; 3719 4143 … … 3725 4149 3726 4150 /**************************************************************************** 4151 Work out how much space we have for a read return. 4152 ****************************************************************************/ 4153 4154 static size_t calc_max_read_pdu(const struct smb_request *req) 4155 { 4156 struct smbXsrv_connection *xconn = req->xconn; 4157 4158 if (xconn->protocol < PROTOCOL_NT1) { 4159 return xconn->smb1.sessions.max_send; 4160 } 4161 4162 if (!lp_large_readwrite()) { 4163 return xconn->smb1.sessions.max_send; 4164 } 4165 4166 if (req_is_in_chain(req)) { 4167 return xconn->smb1.sessions.max_send; 4168 } 4169 4170 if (req->encrypted) { 4171 /* 4172 * Don't take encrypted traffic up to the 4173 * limit. There are padding considerations 4174 * that make that tricky. 4175 */ 4176 return xconn->smb1.sessions.max_send; 4177 } 4178 4179 if (srv_is_signing_active(xconn)) { 4180 return 0x1FFFF; 4181 } 4182 4183 if (!lp_unix_extensions()) { 4184 return 0x1FFFF; 4185 } 4186 4187 /* 4188 * We can do ultra-large POSIX reads. 4189 */ 4190 return 0xFFFFFF; 4191 } 4192 4193 /**************************************************************************** 4194 Calculate how big a read can be. Copes with all clients. It's always 4195 safe to return a short read - Windows does this. 4196 ****************************************************************************/ 4197 4198 static size_t calc_read_size(const struct smb_request *req, 4199 size_t upper_size, 4200 size_t lower_size) 4201 { 4202 struct smbXsrv_connection *xconn = req->xconn; 4203 size_t max_pdu = calc_max_read_pdu(req); 4204 size_t total_size = 0; 4205 size_t hdr_len = MIN_SMB_SIZE + VWV(12); 4206 size_t max_len = max_pdu - hdr_len - 1 /* padding byte */; 4207 4208 /* 4209 * Windows explicitly ignores upper size of 0xFFFF. 4210 * See [MS-SMB].pdf <26> Section 2.2.4.2.1: 4211 * We must do the same as these will never fit even in 4212 * an extended size NetBIOS packet. 4213 */ 4214 if (upper_size == 0xFFFF) { 4215 upper_size = 0; 4216 } 4217 4218 if (xconn->protocol < PROTOCOL_NT1) { 4219 upper_size = 0; 4220 } 4221 4222 total_size = ((upper_size<<16) | lower_size); 4223 4224 /* 4225 * LARGE_READX test shows it's always safe to return 4226 * a short read. Windows does so. 4227 */ 4228 return MIN(total_size, max_len); 4229 } 4230 4231 /**************************************************************************** 3727 4232 Reply to a read and X. 3728 4233 ****************************************************************************/ … … 3732 4237 connection_struct *conn = req->conn; 3733 4238 files_struct *fsp; 3734 SMB_OFF_Tstartpos;4239 off_t startpos; 3735 4240 size_t smb_maxcnt; 4241 size_t upper_size; 3736 4242 bool big_readX = False; 3737 4243 #if 0 … … 3768 4274 } 3769 4275 3770 if (global_client_caps & CAP_LARGE_READX) { 3771 size_t upper_size = SVAL(req->vwv+7, 0); 3772 smb_maxcnt |= (upper_size<<16); 3773 if (upper_size > 1) { 3774 /* Can't do this on a chained packet. */ 3775 if ((CVAL(req->vwv+0, 0) != 0xFF)) { 3776 reply_nterror(req, NT_STATUS_NOT_SUPPORTED); 3777 END_PROFILE(SMBreadX); 3778 return; 3779 } 3780 /* We currently don't do this on signed or sealed data. */ 3781 if (srv_is_signing_active(req->sconn) || req->encrypted) { 3782 reply_nterror(req, NT_STATUS_NOT_SUPPORTED); 3783 END_PROFILE(SMBreadX); 3784 return; 3785 } 3786 /* Is there room in the reply for this data ? */ 3787 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) { 3788 reply_nterror(req, 3789 NT_STATUS_INVALID_PARAMETER); 3790 END_PROFILE(SMBreadX); 3791 return; 3792 } 3793 big_readX = True; 3794 } 4276 upper_size = SVAL(req->vwv+7, 0); 4277 smb_maxcnt = calc_read_size(req, upper_size, smb_maxcnt); 4278 if (smb_maxcnt > (0x1FFFF - (MIN_SMB_SIZE + VWV(12)))) { 4279 /* 4280 * This is a heuristic to avoid keeping large 4281 * outgoing buffers around over long-lived aio 4282 * requests. 4283 */ 4284 big_readX = True; 3795 4285 } 3796 4286 3797 4287 if (req->wct == 12) { 3798 #ifdef LARGE_SMB_OFF_T3799 4288 /* 3800 4289 * This is a large offset (64 bit) read. 3801 4290 */ 3802 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32); 3803 3804 #else /* !LARGE_SMB_OFF_T */ 3805 3806 /* 3807 * Ensure we haven't been sent a >32 bit offset. 3808 */ 3809 3810 if(IVAL(req->vwv+10, 0) != 0) { 3811 DEBUG(0,("reply_read_and_X - large offset (%x << 32) " 3812 "used and we don't support 64 bit offsets.\n", 3813 (unsigned int)IVAL(req->vwv+10, 0) )); 3814 END_PROFILE(SMBreadX); 3815 reply_nterror(req, NT_STATUS_ACCESS_DENIED); 3816 return; 3817 } 3818 3819 #endif /* LARGE_SMB_OFF_T */ 4291 startpos |= (((off_t)IVAL(req->vwv+10, 0)) << 32); 3820 4292 3821 4293 } … … 3840 4312 } 3841 4313 3842 smbd_lock_socket(req-> sconn);4314 smbd_lock_socket(req->xconn); 3843 4315 send_file_readX(conn, req, fsp, startpos, smb_maxcnt); 3844 smbd_unlock_socket(req-> sconn);4316 smbd_unlock_socket(req->xconn); 3845 4317 3846 4318 out: … … 3855 4327 void error_to_writebrawerr(struct smb_request *req) 3856 4328 { 3857 uint8 *old_outbuf = req->outbuf;4329 uint8_t *old_outbuf = req->outbuf; 3858 4330 3859 4331 reply_outbuf(req, 1, 0); … … 3873 4345 size_t *len) 3874 4346 { 3875 uint8_t msgtype = SMBkeepalive;3876 3877 while (msgtype == SMBkeepalive) {4347 uint8_t msgtype = NBSSkeepalive; 4348 4349 while (msgtype == NBSSkeepalive) { 3878 4350 NTSTATUS status; 3879 4351 … … 3907 4379 { 3908 4380 connection_struct *conn = req->conn; 4381 struct smbXsrv_connection *xconn = req->xconn; 3909 4382 char *buf = NULL; 3910 4383 ssize_t nwritten=0; … … 3912 4385 size_t numtowrite=0; 3913 4386 size_t tcount; 3914 SMB_OFF_Tstartpos;3915 c har *data=NULL;4387 off_t startpos; 4388 const char *data=NULL; 3916 4389 bool write_through; 3917 4390 files_struct *fsp; … … 3926 4399 * we're finished. 3927 4400 */ 3928 SCVAL( req->inbuf,smb_com,SMBwritec);3929 3930 if (srv_is_signing_active( req->sconn)) {4401 SCVAL(discard_const_p(uint8_t, req->inbuf),smb_com,SMBwritec); 4402 4403 if (srv_is_signing_active(xconn)) { 3931 4404 END_PROFILE(SMBwritebraw); 3932 4405 exit_server_cleanly("reply_writebraw: SMB signing is active - " … … 3941 4414 } 3942 4415 3943 if ( req->sconn->smb1.echo_handler.trusted_fde) {4416 if (xconn->smb1.echo_handler.trusted_fde) { 3944 4417 DEBUG(2,("SMBwritebraw rejected with NOT_SUPPORTED because of " 3945 4418 "'async smb echo handler = yes'\n")); … … 3972 4445 3973 4446 if(get_Protocol() <= PROTOCOL_COREPLUS) { 3974 numtowrite = SVAL(smb_buf (req->inbuf),-2);3975 data = smb_buf (req->inbuf);4447 numtowrite = SVAL(smb_buf_const(req->inbuf),-2); 4448 data = smb_buf_const(req->inbuf); 3976 4449 } else { 3977 4450 numtowrite = SVAL(req->vwv+10, 0); … … 4004 4477 } 4005 4478 4006 DEBUG(3, ("reply_writebraw: initial write fnum=%dstart=%.0f num=%d "4479 DEBUG(3, ("reply_writebraw: initial write %s start=%.0f num=%d " 4007 4480 "wrote=%d sync=%d\n", 4008 fsp ->fnum, (double)startpos, (int)numtowrite,4481 fsp_fnum_dbg(fsp), (double)startpos, (int)numtowrite, 4009 4482 (int)nwritten, (int)write_through)); 4010 4483 … … 4018 4491 4019 4492 /* Allocate a buffer of 64k + length. */ 4020 buf = TALLOC_ARRAY(NULL, char, 65540);4493 buf = talloc_array(NULL, char, 65540); 4021 4494 if (!buf) { 4022 4495 reply_nterror(req, NT_STATUS_NO_MEMORY); … … 4033 4506 SSVALS(buf,smb_vwv0,0xFFFF); 4034 4507 show_msg(buf); 4035 if (!srv_send_smb(req-> sconn,4508 if (!srv_send_smb(req->xconn, 4036 4509 buf, 4037 4510 false, 0, /* no signing */ … … 4043 4516 4044 4517 /* Now read the raw data into the buffer and write it */ 4045 status = read_smb_length( req->sconn->sock, buf, SMB_SECONDARY_WAIT,4518 status = read_smb_length(xconn->transport.sock, buf, SMB_SECONDARY_WAIT, 4046 4519 &numtowrite); 4047 4520 if (!NT_STATUS_IS_OK(status)) { … … 4067 4540 } 4068 4541 4069 status = read_data(req->sconn->sock, buf+4, numtowrite); 4542 status = read_data_ntstatus(xconn->transport.sock, buf+4, 4543 numtowrite); 4070 4544 4071 4545 if (!NT_STATUS_IS_OK(status)) { 4072 char addr[INET6_ADDRSTRLEN];4073 4546 /* Try and give an error message 4074 4547 * saying what client failed. */ … … 4076 4549 "raw read failed (%s) for client %s. " 4077 4550 "Terminating\n", nt_errstr(status), 4078 get_peer_addr(req->sconn->sock, addr, 4079 sizeof(addr)))); 4551 smbXsrv_connection_dbg(xconn))); 4080 4552 exit_server_cleanly("secondary writebraw failed"); 4081 4553 } … … 4111 4583 } 4112 4584 4113 DEBUG(3,("reply_writebraw: secondart write fnum=%dstart=%.0f num=%d "4585 DEBUG(3,("reply_writebraw: secondart write %s start=%.0f num=%d " 4114 4586 "wrote=%d\n", 4115 fsp ->fnum, (double)startpos, (int)numtowrite,4587 fsp_fnum_dbg(fsp), (double)startpos, (int)numtowrite, 4116 4588 (int)total_written)); 4117 4589 … … 4129 4601 /* 4130 4602 * Fix for "rabbit pellet" mode, trigger an early TCP ack by 4131 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.4603 * sending a NBSSkeepalive. Thanks to DaveCB at Sun for this. 4132 4604 * JRA. 4133 4605 */ 4134 if (!send_keepalive( req->sconn->sock)) {4606 if (!send_keepalive(xconn->transport.sock)) { 4135 4607 exit_server_cleanly("reply_writebraw: send of " 4136 4608 "keepalive failed"); … … 4162 4634 ssize_t nwritten = -1; 4163 4635 size_t numtowrite; 4164 SMB_OFF_Tstartpos;4636 off_t startpos; 4165 4637 const char *data; 4166 4638 NTSTATUS status = NT_STATUS_OK; … … 4252 4724 SSVAL(req->outbuf,smb_vwv0,nwritten); 4253 4725 4254 DEBUG(3, ("writeunlock fnum=%dnum=%d wrote=%d\n",4255 fsp->fnum, (int)numtowrite, (int)nwritten));4726 DEBUG(3, ("writeunlock %s num=%d wrote=%d\n", 4727 fsp_fnum_dbg(fsp), (int)numtowrite, (int)nwritten)); 4256 4728 4257 4729 strict_unlock: … … 4276 4748 size_t numtowrite; 4277 4749 ssize_t nwritten = -1; 4278 SMB_OFF_Tstartpos;4750 off_t startpos; 4279 4751 const char *data; 4280 4752 files_struct *fsp; … … 4337 4809 * This is actually an allocate call, and set EOF. JRA. 4338 4810 */ 4339 nwritten = vfs_allocate_file_space(fsp, ( SMB_OFF_T)startpos);4811 nwritten = vfs_allocate_file_space(fsp, (off_t)startpos); 4340 4812 if (nwritten < 0) { 4341 4813 reply_nterror(req, NT_STATUS_DISK_FULL); 4342 4814 goto strict_unlock; 4343 4815 } 4344 nwritten = vfs_set_filelen(fsp, ( SMB_OFF_T)startpos);4816 nwritten = vfs_set_filelen(fsp, (off_t)startpos); 4345 4817 if (nwritten < 0) { 4346 4818 reply_nterror(req, NT_STATUS_DISK_FULL); … … 4379 4851 } 4380 4852 4381 DEBUG(3, ("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));4853 DEBUG(3, ("write %s num=%d wrote=%d\n", fsp_fnum_dbg(fsp), (int)numtowrite, (int)nwritten)); 4382 4854 4383 4855 strict_unlock: … … 4398 4870 1 /* pad byte */) 4399 4871 4400 bool is_valid_writeX_buffer(struct smb d_server_connection *sconn,4872 bool is_valid_writeX_buffer(struct smbXsrv_connection *xconn, 4401 4873 const uint8_t *inbuf) 4402 4874 { 4403 4875 size_t numtowrite; 4404 connection_struct *conn = NULL;4405 4876 unsigned int doff = 0; 4406 4877 size_t len = smb_len_large(inbuf); 4878 uint16_t fnum; 4879 struct smbXsrv_open *op = NULL; 4880 struct files_struct *fsp = NULL; 4881 NTSTATUS status; 4407 4882 4408 4883 if (is_encrypted_packet(inbuf)) { … … 4423 4898 } 4424 4899 4425 conn = conn_find(sconn, SVAL(inbuf, smb_tid)); 4426 if (conn == NULL) { 4427 DEBUG(10,("is_valid_writeX_buffer: bad tid\n")); 4900 fnum = SVAL(inbuf, smb_vwv2); 4901 status = smb1srv_open_lookup(xconn, 4902 fnum, 4903 0, /* now */ 4904 &op); 4905 if (!NT_STATUS_IS_OK(status)) { 4906 DEBUG(10,("is_valid_writeX_buffer: bad fnum\n")); 4428 4907 return false; 4429 4908 } 4430 if (IS_IPC(conn)) { 4909 fsp = op->compat; 4910 if (fsp == NULL) { 4911 DEBUG(10,("is_valid_writeX_buffer: bad fsp\n")); 4912 return false; 4913 } 4914 if (fsp->conn == NULL) { 4915 DEBUG(10,("is_valid_writeX_buffer: bad fsp->conn\n")); 4916 return false; 4917 } 4918 4919 if (IS_IPC(fsp->conn)) { 4431 4920 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n")); 4432 4921 return false; 4433 4922 } 4434 if (IS_PRINT( conn)) {4923 if (IS_PRINT(fsp->conn)) { 4435 4924 DEBUG(10,("is_valid_writeX_buffer: printing tid\n")); 4436 4925 return false; … … 4483 4972 { 4484 4973 connection_struct *conn = req->conn; 4974 struct smbXsrv_connection *xconn = req->xconn; 4485 4975 files_struct *fsp; 4486 4976 struct lock_struct lock; 4487 SMB_OFF_Tstartpos;4977 off_t startpos; 4488 4978 size_t numtowrite; 4489 4979 bool write_through; … … 4491 4981 unsigned int smb_doff; 4492 4982 unsigned int smblen; 4493 c har *data;4983 const char *data; 4494 4984 NTSTATUS status; 4495 4985 int saved_errno = 0; … … 4499 4989 if ((req->wct != 12) && (req->wct != 14)) { 4500 4990 reply_nterror(req, NT_STATUS_INVALID_PARAMETER); 4501 END_PROFILE(SMBwriteX); 4502 return; 4991 goto out; 4503 4992 } 4504 4993 … … 4517 5006 if (IS_IPC(conn)) { 4518 5007 reply_nterror(req, NT_STATUS_INVALID_PARAMETER); 4519 END_PROFILE(SMBwriteX); 4520 return; 5008 goto out; 4521 5009 } 4522 5010 if (numtowrite != req->unread_bytes) { 4523 5011 reply_nterror(req, NT_STATUS_INVALID_PARAMETER); 4524 END_PROFILE(SMBwriteX); 4525 return; 5012 goto out; 4526 5013 } 4527 5014 } else { … … 4529 5016 smb_doff + numtowrite > smblen) { 4530 5017 reply_nterror(req, NT_STATUS_INVALID_PARAMETER); 4531 END_PROFILE(SMBwriteX); 4532 return; 5018 goto out; 4533 5019 } 4534 5020 } … … 4538 5024 if (req->unread_bytes) { 4539 5025 reply_nterror(req, NT_STATUS_INVALID_PARAMETER); 4540 END_PROFILE(SMBwriteX); 4541 return; 5026 goto out; 4542 5027 } 4543 5028 reply_pipe_write_and_X(req); 4544 END_PROFILE(SMBwriteX); 4545 return; 5029 goto out; 4546 5030 } 4547 5031 … … 4551 5035 4552 5036 if (!check_fsp(conn, req, fsp)) { 4553 END_PROFILE(SMBwriteX); 4554 return; 5037 goto out; 4555 5038 } 4556 5039 4557 5040 if (!CHECK_WRITE(fsp)) { 4558 5041 reply_nterror(req, NT_STATUS_ACCESS_DENIED); 4559 END_PROFILE(SMBwriteX); 4560 return; 5042 goto out; 4561 5043 } 4562 5044 … … 4564 5046 4565 5047 if(req->wct == 14) { 4566 #ifdef LARGE_SMB_OFF_T4567 5048 /* 4568 5049 * This is a large offset (64 bit) write. 4569 5050 */ 4570 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32); 4571 4572 #else /* !LARGE_SMB_OFF_T */ 4573 4574 /* 4575 * Ensure we haven't been sent a >32 bit offset. 4576 */ 4577 4578 if(IVAL(req->vwv+12, 0) != 0) { 4579 DEBUG(0,("reply_write_and_X - large offset (%x << 32) " 4580 "used and we don't support 64 bit offsets.\n", 4581 (unsigned int)IVAL(req->vwv+12, 0) )); 4582 reply_nterror(req, NT_STATUS_ACCESS_DENIED); 4583 END_PROFILE(SMBwriteX); 4584 return; 4585 } 4586 4587 #endif /* LARGE_SMB_OFF_T */ 5051 startpos |= (((off_t)IVAL(req->vwv+12, 0)) << 32); 5052 4588 5053 } 4589 5054 … … 4642 5107 4643 5108 reply_outbuf(req, 6, 0); 5109 SSVAL(req->outbuf, smb_vwv0, 0xff); /* andx chain ends */ 5110 SSVAL(req->outbuf, smb_vwv1, 0); /* no andx offset */ 4644 5111 SSVAL(req->outbuf,smb_vwv2,nwritten); 4645 5112 SSVAL(req->outbuf,smb_vwv4,nwritten>>16); 4646 5113 4647 DEBUG(3,("writeX fnum=%dnum=%d wrote=%d\n",4648 fsp ->fnum, (int)numtowrite, (int)nwritten));5114 DEBUG(3,("writeX %s num=%d wrote=%d\n", 5115 fsp_fnum_dbg(fsp), (int)numtowrite, (int)nwritten)); 4649 5116 4650 5117 status = sync_file(conn, fsp, write_through); … … 4657 5124 4658 5125 END_PROFILE(SMBwriteX); 4659 chain_reply(req);4660 5126 return; 4661 5127 4662 5128 out: 5129 if (req->unread_bytes) { 5130 /* writeX failed. drain socket. */ 5131 if (drain_socket(xconn->transport.sock, req->unread_bytes) != 5132 req->unread_bytes) { 5133 smb_panic("failed to drain pending bytes"); 5134 } 5135 req->unread_bytes = 0; 5136 } 5137 4663 5138 END_PROFILE(SMBwriteX); 4664 5139 return; … … 4672 5147 { 4673 5148 connection_struct *conn = req->conn; 4674 SMB_OFF_Tstartpos;4675 SMB_OFF_Tres= -1;5149 off_t startpos; 5150 off_t res= -1; 4676 5151 int mode,umode; 4677 5152 files_struct *fsp; … … 4691 5166 } 4692 5167 4693 flush_write_cache(fsp, S EEK_FLUSH);5168 flush_write_cache(fsp, SAMBA_SEEK_FLUSH); 4694 5169 4695 5170 mode = SVAL(req->vwv+1, 0) & 3; 4696 5171 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */ 4697 startpos = ( SMB_OFF_T)IVALS(req->vwv+2, 0);5172 startpos = (off_t)IVALS(req->vwv+2, 0); 4698 5173 4699 5174 switch (mode) { … … 4718 5193 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) { 4719 5194 if(errno == EINVAL) { 4720 SMB_OFF_Tcurrent_pos = startpos;5195 off_t current_pos = startpos; 4721 5196 4722 5197 if(fsp_stat(fsp) == -1) { … … 4745 5220 SIVAL(req->outbuf,smb_vwv0,res); 4746 5221 4747 DEBUG(3,("lseek fnum=%dofs=%.0f newpos = %.0f mode=%d\n",4748 fsp ->fnum, (double)startpos, (double)res, mode));5222 DEBUG(3,("lseek %s ofs=%.0f newpos = %.0f mode=%d\n", 5223 fsp_fnum_dbg(fsp), (double)startpos, (double)res, mode)); 4749 5224 4750 5225 END_PROFILE(SMBlseek); … … 4759 5234 { 4760 5235 connection_struct *conn = req->conn; 4761 uint16 fnum;5236 uint16_t fnum; 4762 5237 files_struct *fsp; 4763 5238 … … 4815 5290 } 4816 5291 4817 /**************************************************************************** 4818 Reply to a close - has to deal with closing a directory opened by NT SMB's. 4819 ****************************************************************************/ 5292 struct reply_close_state { 5293 files_struct *fsp; 5294 struct smb_request *smbreq; 5295 }; 5296 5297 static void do_smb1_close(struct tevent_req *req); 4820 5298 4821 5299 void reply_close(struct smb_request *req) … … 4844 5322 } 4845 5323 4846 if(fsp->is_directory) { 4847 /* 4848 * Special case - close NT SMB directory handle. 4849 */ 4850 DEBUG(3,("close directory fnum=%d\n", fsp->fnum)); 4851 status = close_file(req, fsp, NORMAL_CLOSE); 4852 } else { 5324 DEBUG(3, ("Close %s fd=%d %s (numopen=%d)\n", 5325 fsp->is_directory ? "directory" : "file", 5326 fsp->fh->fd, fsp_fnum_dbg(fsp), 5327 conn->num_files_open)); 5328 5329 if (!fsp->is_directory) { 4853 5330 time_t t; 4854 /*4855 * Close ordinary file.4856 */4857 4858 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",4859 fsp->fh->fd, fsp->fnum,4860 conn->num_files_open));4861 5331 4862 5332 /* … … 4866 5336 t = srv_make_unix_date3(req->vwv+1); 4867 5337 set_close_write_time(fsp, convert_time_t_to_timespec(t)); 5338 } 5339 5340 if (fsp->num_aio_requests != 0) { 5341 5342 struct reply_close_state *state; 5343 5344 DEBUG(10, ("closing with aio %u requests pending\n", 5345 fsp->num_aio_requests)); 4868 5346 4869 5347 /* 4870 * close_file() returns the unix errno if an error 4871 * was detected on close - normally this is due to 4872 * a disk full error. If not then it was probably an I/O error. 5348 * We depend on the aio_extra destructor to take care of this 5349 * close request once fsp->num_aio_request drops to 0. 4873 5350 */ 4874 5351 4875 status = close_file(req, fsp, NORMAL_CLOSE); 4876 } 4877 5352 fsp->deferred_close = tevent_wait_send( 5353 fsp, fsp->conn->sconn->ev_ctx); 5354 if (fsp->deferred_close == NULL) { 5355 status = NT_STATUS_NO_MEMORY; 5356 goto done; 5357 } 5358 5359 state = talloc(fsp, struct reply_close_state); 5360 if (state == NULL) { 5361 TALLOC_FREE(fsp->deferred_close); 5362 status = NT_STATUS_NO_MEMORY; 5363 goto done; 5364 } 5365 state->fsp = fsp; 5366 state->smbreq = talloc_move(fsp, &req); 5367 tevent_req_set_callback(fsp->deferred_close, do_smb1_close, 5368 state); 5369 END_PROFILE(SMBclose); 5370 return; 5371 } 5372 5373 /* 5374 * close_file() returns the unix errno if an error was detected on 5375 * close - normally this is due to a disk full error. If not then it 5376 * was probably an I/O error. 5377 */ 5378 5379 status = close_file(req, fsp, NORMAL_CLOSE); 5380 done: 4878 5381 if (!NT_STATUS_IS_OK(status)) { 4879 5382 reply_nterror(req, status); … … 4885 5388 END_PROFILE(SMBclose); 4886 5389 return; 5390 } 5391 5392 static void do_smb1_close(struct tevent_req *req) 5393 { 5394 struct reply_close_state *state = tevent_req_callback_data( 5395 req, struct reply_close_state); 5396 struct smb_request *smbreq; 5397 NTSTATUS status; 5398 int ret; 5399 5400 ret = tevent_wait_recv(req); 5401 TALLOC_FREE(req); 5402 if (ret != 0) { 5403 DEBUG(10, ("tevent_wait_recv returned %s\n", 5404 strerror(ret))); 5405 /* 5406 * Continue anyway, this should never happen 5407 */ 5408 } 5409 5410 /* 5411 * fsp->smb2_close_request right now is a talloc grandchild of 5412 * fsp. When we close_file(fsp), it would go with it. No chance to 5413 * reply... 5414 */ 5415 smbreq = talloc_move(talloc_tos(), &state->smbreq); 5416 5417 status = close_file(smbreq, state->fsp, NORMAL_CLOSE); 5418 if (NT_STATUS_IS_OK(status)) { 5419 reply_outbuf(smbreq, 0, 0); 5420 } else { 5421 reply_nterror(smbreq, status); 5422 } 5423 if (!srv_send_smb(smbreq->xconn, 5424 (char *)smbreq->outbuf, 5425 true, 5426 smbreq->seqnum+1, 5427 IS_CONN_ENCRYPTED(smbreq->conn)||smbreq->encrypted, 5428 NULL)) { 5429 exit_server_cleanly("handle_aio_read_complete: srv_send_smb " 5430 "failed."); 5431 } 5432 TALLOC_FREE(smbreq); 4887 5433 } 4888 5434 … … 4897 5443 ssize_t nwritten = -1; 4898 5444 NTSTATUS close_status = NT_STATUS_OK; 4899 SMB_OFF_Tstartpos;5445 off_t startpos; 4900 5446 const char *data; 4901 5447 struct timespec mtime; … … 4928 5474 data = (const char *)req->buf + 1; 4929 5475 4930 if ( !fsp->print_file) {5476 if (fsp->print_file == NULL) { 4931 5477 init_strict_lock_struct(fsp, (uint64_t)req->smbpid, 4932 5478 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK, … … 4942 5488 nwritten = write_file(req,fsp,data,startpos,numtowrite); 4943 5489 5490 if (fsp->print_file == NULL) { 5491 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock); 5492 } 5493 4944 5494 set_close_write_time(fsp, mtime); 4945 5495 … … 4949 5499 */ 4950 5500 5501 DEBUG(3,("writeclose %s num=%d wrote=%d (numopen=%d)\n", 5502 fsp_fnum_dbg(fsp), (int)numtowrite, (int)nwritten, 5503 (numtowrite) ? conn->num_files_open - 1 : conn->num_files_open)); 5504 4951 5505 if (numtowrite) { 4952 5506 DEBUG(3,("reply_writeclose: zero length write doesn't close " 4953 5507 "file %s\n", fsp_str_dbg(fsp))); 4954 5508 close_status = close_file(req, fsp, NORMAL_CLOSE); 4955 } 4956 4957 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n", 4958 fsp->fnum, (int)numtowrite, (int)nwritten, 4959 conn->num_files_open)); 5509 fsp = NULL; 5510 } 4960 5511 4961 5512 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { 4962 5513 reply_nterror(req, NT_STATUS_DISK_FULL); 4963 goto strict_unlock;5514 goto out; 4964 5515 } 4965 5516 4966 5517 if(!NT_STATUS_IS_OK(close_status)) { 4967 5518 reply_nterror(req, close_status); 4968 goto strict_unlock;5519 goto out; 4969 5520 } 4970 5521 … … 4973 5524 SSVAL(req->outbuf,smb_vwv0,nwritten); 4974 5525 4975 strict_unlock: 4976 if (numtowrite && !fsp->print_file) { 4977 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock); 4978 } 5526 out: 4979 5527 4980 5528 END_PROFILE(SMBwriteclose); … … 5015 5563 offset = (uint64_t)IVAL(req->vwv+3, 0); 5016 5564 5017 DEBUG(3,("lock fd=%d fnum=%doffset=%.0f count=%.0f\n",5018 fsp->fh->fd, fsp ->fnum, (double)offset, (double)count));5565 DEBUG(3,("lock fd=%d %s offset=%.0f count=%.0f\n", 5566 fsp->fh->fd, fsp_fnum_dbg(fsp), (double)offset, (double)count)); 5019 5567 5020 5568 br_lck = do_lock(req->sconn->msg_ctx, … … 5027 5575 False, /* Non-blocking lock. */ 5028 5576 &status, 5029 NULL,5030 5577 NULL); 5031 5578 … … 5086 5633 } 5087 5634 5088 DEBUG( 3, ( "unlock fd=%d fnum=%doffset=%.0f count=%.0f\n",5089 fsp->fh->fd, fsp ->fnum, (double)offset, (double)count ) );5635 DEBUG( 3, ( "unlock fd=%d %s offset=%.0f count=%.0f\n", 5636 fsp->fh->fd, fsp_fnum_dbg(fsp), (double)offset, (double)count ) ); 5090 5637 5091 5638 reply_outbuf(req, 0, 0); … … 5105 5652 void reply_tdis(struct smb_request *req) 5106 5653 { 5654 NTSTATUS status; 5107 5655 connection_struct *conn = req->conn; 5656 struct smbXsrv_tcon *tcon; 5657 5108 5658 START_PROFILE(SMBtdis); 5109 5659 5110 5660 if (!conn) { 5111 5661 DEBUG(4,("Invalid connection in tdis\n")); 5112 reply_ nterror(req, NT_STATUS_NETWORK_NAME_DELETED);5662 reply_force_doserror(req, ERRSRV, ERRinvnid); 5113 5663 END_PROFILE(SMBtdis); 5114 5664 return; 5115 5665 } 5116 5666 5117 conn->used = False; 5118 5119 close_cnum(conn,req->vuid); 5667 tcon = conn->tcon; 5120 5668 req->conn = NULL; 5669 5670 /* 5671 * TODO: cancel all outstanding requests on the tcon 5672 */ 5673 status = smbXsrv_tcon_disconnect(tcon, req->vuid); 5674 if (!NT_STATUS_IS_OK(status)) { 5675 DEBUG(0, ("reply_tdis: " 5676 "smbXsrv_tcon_disconnect() failed: %s\n", 5677 nt_errstr(status))); 5678 /* 5679 * If we hit this case, there is something completely 5680 * wrong, so we better disconnect the transport connection. 5681 */ 5682 END_PROFILE(SMBtdis); 5683 exit_server(__location__ ": smbXsrv_tcon_disconnect failed"); 5684 return; 5685 } 5686 5687 TALLOC_FREE(tcon); 5121 5688 5122 5689 reply_outbuf(req, 0, 0); … … 5175 5742 5176 5743 show_msg((char *)req->outbuf); 5177 if (!srv_send_smb(req-> sconn,5744 if (!srv_send_smb(req->xconn, 5178 5745 (char *)req->outbuf, 5179 5746 true, req->seqnum+1, … … 5235 5802 SSVAL(req->outbuf,smb_vwv0,fsp->fnum); 5236 5803 5237 DEBUG(3,("openprint fd=%d fnum=%d\n",5238 fsp->fh->fd, fsp ->fnum));5804 DEBUG(3,("openprint fd=%d %s\n", 5805 fsp->fh->fd, fsp_fnum_dbg(fsp))); 5239 5806 5240 5807 END_PROFILE(SMBsplopen); … … 5273 5840 } 5274 5841 5275 DEBUG(3,("printclose fd=%d fnum=%d\n",5276 fsp->fh->fd, fsp->fnum));5842 DEBUG(3,("printclose fd=%d %s\n", 5843 fsp->fh->fd, fsp_fnum_dbg(fsp))); 5277 5844 5278 5845 status = close_file(req, fsp, NORMAL_CLOSE); … … 5334 5901 NTSTATUS status; 5335 5902 WERROR werr; 5336 const char *sharename = lp_servicename( SNUM(conn));5903 const char *sharename = lp_servicename(mem_ctx, SNUM(conn)); 5337 5904 struct rpc_pipe_client *cli = NULL; 5338 5905 struct dcerpc_binding_handle *b = NULL; … … 5348 5915 5349 5916 status = rpc_pipe_open_interface(conn, 5350 &ndr_table_spoolss .syntax_id,5917 &ndr_table_spoolss, 5351 5918 conn->session_info, 5352 &conn->sconn->client_id,5919 conn->sconn->remote_address, 5353 5920 conn->sconn->msg_ctx, 5354 5921 &cli); … … 5409 5976 time_t qtime = spoolss_Time_to_time_t(&info[i].info2.submitted); 5410 5977 int qstatus; 5978 size_t len = 0; 5411 5979 uint16_t qrapjobid = pjobid_to_rap(sharename, 5412 5980 info[i].info2.job_id); … … 5423 5991 SIVAL(p, 7, info[i].info2.size); 5424 5992 SCVAL(p, 11, 0); 5425 srvstr_push(blob, req->flags2, p+12, 5426 info[i].info2.notify_name, 16, STR_ASCII); 5427 5993 status = srvstr_push(blob, req->flags2, p+12, 5994 info[i].info2.notify_name, 16, STR_ASCII, &len); 5995 if (!NT_STATUS_IS_OK(status)) { 5996 reply_nterror(req, status); 5997 goto out; 5998 } 5428 5999 if (message_push_blob( 5429 6000 &req->outbuf, … … 5506 6077 data = (const char *)req->buf + 3; 5507 6078 5508 if (write_file(req,fsp,data,( SMB_OFF_T)-1,numtowrite) != numtowrite) {6079 if (write_file(req,fsp,data,(off_t)-1,numtowrite) != numtowrite) { 5509 6080 reply_nterror(req, map_nt_error_from_unix(errno)); 5510 6081 END_PROFILE(SMBsplwr); … … 5512 6083 } 5513 6084 5514 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ));6085 DEBUG(3, ("printwrite %s num=%d\n", fsp_fnum_dbg(fsp), numtowrite)); 5515 6086 5516 6087 END_PROFILE(SMBsplwr); … … 5528 6099 char *directory = NULL; 5529 6100 NTSTATUS status; 6101 uint32_t ucf_flags = UCF_PREP_CREATEFILE | 6102 (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 0); 5530 6103 TALLOC_CTX *ctx = talloc_tos(); 5531 6104 … … 5542 6115 req->flags2 & FLAGS2_DFS_PATHNAMES, 5543 6116 directory, 5544 UCF_CREATING_FILE,6117 ucf_flags, 5545 6118 NULL, 5546 6119 &smb_dname); … … 5598 6171 files_struct *fsp = NULL; 5599 6172 int info = 0; 6173 uint32_t ucf_flags = (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 0); 5600 6174 struct smbd_server_connection *sconn = req->sconn; 5601 6175 … … 5612 6186 req->flags2 & FLAGS2_DFS_PATHNAMES, 5613 6187 directory, 5614 0,6188 ucf_flags, 5615 6189 NULL, 5616 6190 &smb_dname); … … 5642 6216 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */ 5643 6217 0, /* oplock_request */ 6218 NULL, /* lease */ 5644 6219 0, /* allocation_size */ 5645 6220 0, /* private_flags */ … … 5647 6222 NULL, /* ea_list */ 5648 6223 &fsp, /* result */ 5649 &info); /* pinfo */ 6224 &info, /* pinfo */ 6225 NULL, NULL); /* create context */ 5650 6226 5651 6227 if (!NT_STATUS_IS_OK(status)) { 5652 if (open_was_deferred(req-> mid)) {6228 if (open_was_deferred(req->xconn, req->mid)) { 5653 6229 /* We have re-scheduled this call. */ 5654 6230 goto out; … … 5667 6243 if (!set_delete_on_close(fsp, true, 5668 6244 conn->session_info->security_token, 5669 &conn->session_info->utok)) {6245 conn->session_info->unix_token)) { 5670 6246 close_file(req, fsp, ERROR_CLOSE); 5671 6247 reply_nterror(req, NT_STATUS_ACCESS_DENIED); … … 5823 6399 static void rename_open_files(connection_struct *conn, 5824 6400 struct share_mode_lock *lck, 6401 struct file_id id, 5825 6402 uint32_t orig_name_hash, 5826 6403 const struct smb_filename *smb_fname_dst) … … 5829 6406 bool did_rename = False; 5830 6407 NTSTATUS status; 5831 uint32_t new_name_hash ;5832 5833 for(fsp = file_find_di_first(conn->sconn, lck->id); fsp;6408 uint32_t new_name_hash = 0; 6409 6410 for(fsp = file_find_di_first(conn->sconn, id); fsp; 5834 6411 fsp = file_find_di_next(fsp)) { 5835 6412 /* fsp_name is a relative path under the fsp. To change this for other … … 5843 6420 continue; 5844 6421 } 5845 DEBUG(10, ("rename_open_files: renaming file fnum %d"5846 "(file_id %s) from %s -> %s\n", fsp ->fnum,6422 DEBUG(10, ("rename_open_files: renaming file %s " 6423 "(file_id %s) from %s -> %s\n", fsp_fnum_dbg(fsp), 5847 6424 file_id_string_tos(&fsp->file_id), fsp_str_dbg(fsp), 5848 6425 smb_fname_str_dbg(smb_fname_dst))); … … 5857 6434 if (!did_rename) { 5858 6435 DEBUG(10, ("rename_open_files: no open files on file_id %s " 5859 "for %s\n", file_id_string_tos(& lck->id),6436 "for %s\n", file_id_string_tos(&id), 5860 6437 smb_fname_str_dbg(smb_fname_dst))); 5861 6438 } 5862 6439 5863 6440 /* Send messages to all smbd's (not ourself) that the name has changed. */ 5864 rename_share_filename(conn->sconn->msg_ctx, lck, conn->connectpath,6441 rename_share_filename(conn->sconn->msg_ctx, lck, id, conn->connectpath, 5865 6442 orig_name_hash, new_name_hash, 5866 6443 smb_fname_dst); … … 5908 6485 char *parent_dir_src = NULL; 5909 6486 char *parent_dir_dst = NULL; 5910 uint32 mask;6487 uint32_t mask; 5911 6488 5912 6489 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME … … 5995 6572 files_struct *fsp, 5996 6573 const struct smb_filename *smb_fname_dst_in, 5997 uint32 attrs,6574 uint32_t attrs, 5998 6575 bool replace_if_exists) 5999 6576 { … … 6016 6593 /* Make a copy of the dst smb_fname structs */ 6017 6594 6018 status = copy_smb_filename(ctx, smb_fname_dst_in, &smb_fname_dst); 6019 if (!NT_STATUS_IS_OK(status)) { 6595 smb_fname_dst = cp_smb_filename(ctx, smb_fname_dst_in); 6596 if (smb_fname_dst == NULL) { 6597 status = NT_STATUS_NO_MEMORY; 6020 6598 goto out; 6021 6599 } … … 6023 6601 /* 6024 6602 * Check for special case with case preserving and not 6025 * case sensitive. If the oldlast component differs from the original6603 * case sensitive. If the new last component differs from the original 6026 6604 * last component only by case, then we should allow 6027 6605 * the rename (user is trying to change the case of the 6028 6606 * filename). 6029 6607 */ 6030 if ((conn->case_sensitive == False) && (conn->case_preserve == True)&&6608 if (!conn->case_sensitive && conn->case_preserve && 6031 6609 strequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) && 6032 6610 strequal(fsp->fsp_name->stream_name, smb_fname_dst->stream_name)) { … … 6053 6631 * component of the destination. 6054 6632 */ 6055 s tatus = create_synthetic_smb_fname_split(ctx,6056 smb_fname_dst->original_lcomp, NULL,6057 &smb_fname_orig_lcomp);6058 if (!NT_STATUS_IS_OK(status)) {6633 smb_fname_orig_lcomp = synthetic_smb_fname_split( 6634 ctx, smb_fname_dst->original_lcomp, NULL); 6635 if (smb_fname_orig_lcomp == NULL) { 6636 status = NT_STATUS_NO_MEMORY; 6059 6637 TALLOC_FREE(fname_dst_lcomp_base_mod); 6060 6638 goto out; … … 6183 6761 } 6184 6762 6185 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL, 6186 NULL); 6763 lck = get_existing_share_mode_lock(talloc_tos(), fsp->file_id); 6187 6764 6188 6765 /* … … 6194 6771 6195 6772 if(SMB_VFS_RENAME(conn, fsp->fsp_name, smb_fname_dst) == 0) { 6196 uint32 create_options = fsp->fh->private_options;6773 uint32_t create_options = fsp->fh->private_options; 6197 6774 6198 6775 DEBUG(3, ("rename_internals_fsp: succeeded doing rename on " … … 6220 6797 smb_fname_dst); 6221 6798 6222 rename_open_files(conn, lck, fsp->name_hash, smb_fname_dst); 6799 rename_open_files(conn, lck, fsp->file_id, fsp->name_hash, 6800 smb_fname_dst); 6223 6801 6224 6802 /* … … 6273 6851 struct smb_filename *smb_fname_src, 6274 6852 struct smb_filename *smb_fname_dst, 6275 uint32 attrs,6853 uint32_t attrs, 6276 6854 bool replace_if_exists, 6277 6855 bool src_has_wild, … … 6288 6866 long offset = 0; 6289 6867 int create_options = 0; 6290 bool posix_pathnames = lp_posix_pathnames(); 6868 bool posix_pathnames = (req != NULL && req->posix_pathnames); 6869 int rc; 6291 6870 6292 6871 /* … … 6381 6960 ZERO_STRUCT(smb_fname_src->st); 6382 6961 if (posix_pathnames) { 6383 SMB_VFS_LSTAT(conn, smb_fname_src);6962 rc = SMB_VFS_LSTAT(conn, smb_fname_src); 6384 6963 } else { 6385 SMB_VFS_STAT(conn, smb_fname_src); 6964 rc = SMB_VFS_STAT(conn, smb_fname_src); 6965 } 6966 if (rc == -1) { 6967 status = map_nt_error_from_unix_common(errno); 6968 goto out; 6386 6969 } 6387 6970 … … 6402 6985 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */ 6403 6986 0, /* oplock_request */ 6987 NULL, /* lease */ 6404 6988 0, /* allocation_size */ 6405 6989 0, /* private_flags */ … … 6407 6991 NULL, /* ea_list */ 6408 6992 &fsp, /* result */ 6409 NULL); /* pinfo */ 6993 NULL, /* pinfo */ 6994 NULL, NULL); /* create context */ 6410 6995 6411 6996 if (!NT_STATUS_IS_OK(status)) { … … 6548 7133 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */ 6549 7134 0, /* oplock_request */ 7135 NULL, /* lease */ 6550 7136 0, /* allocation_size */ 6551 7137 0, /* private_flags */ … … 6553 7139 NULL, /* ea_list */ 6554 7140 &fsp, /* result */ 6555 NULL); /* pinfo */ 7141 NULL, /* pinfo */ 7142 NULL, NULL); /* create context */ 6556 7143 6557 7144 if (!NT_STATUS_IS_OK(status)) { … … 6614 7201 char *newname = NULL; 6615 7202 const char *p; 6616 uint32 attrs;7203 uint32_t attrs; 6617 7204 NTSTATUS status; 6618 7205 bool src_has_wcard = False; … … 6621 7208 struct smb_filename *smb_fname_src = NULL; 6622 7209 struct smb_filename *smb_fname_dst = NULL; 6623 uint32_t src_ucf_flags = lp_posix_pathnames() ? UCF_UNIX_NAME_LOOKUP : UCF_COND_ALLOW_WCARD_LCOMP; 6624 uint32_t dst_ucf_flags = UCF_SAVE_LCOMP | (lp_posix_pathnames() ? 0 : UCF_COND_ALLOW_WCARD_LCOMP); 7210 uint32_t src_ucf_flags = (req->posix_pathnames ? 7211 (UCF_UNIX_NAME_LOOKUP|UCF_POSIX_PATHNAMES) : 7212 UCF_COND_ALLOW_WCARD_LCOMP); 7213 uint32_t dst_ucf_flags = UCF_SAVE_LCOMP | 7214 (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 7215 UCF_COND_ALLOW_WCARD_LCOMP); 6625 7216 bool stream_rename = false; 6626 7217 … … 6649 7240 } 6650 7241 6651 if (! lp_posix_pathnames()) {7242 if (!req->posix_pathnames) { 6652 7243 /* The newname must begin with a ':' if the 6653 7244 name contains a ':'. */ … … 6716 7307 DELETE_ACCESS); 6717 7308 if (!NT_STATUS_IS_OK(status)) { 6718 if (open_was_deferred(req-> mid)) {7309 if (open_was_deferred(req->xconn, req->mid)) { 6719 7310 /* We have re-scheduled this call. */ 6720 7311 goto out; … … 6749 7340 { 6750 7341 struct smb_filename *smb_fname_dst_tmp = NULL; 6751 SMB_OFF_Tret=-1;7342 off_t ret=-1; 6752 7343 files_struct *fsp1,*fsp2; 6753 uint32dosattrs;6754 uint32 new_create_disposition;7344 uint32_t dosattrs; 7345 uint32_t new_create_disposition; 6755 7346 NTSTATUS status; 6756 7347 6757 7348 6758 s tatus = copy_smb_filename(ctx, smb_fname_dst, &smb_fname_dst_tmp);6759 if ( !NT_STATUS_IS_OK(status)) {6760 return status;7349 smb_fname_dst_tmp = cp_smb_filename(ctx, smb_fname_dst); 7350 if (smb_fname_dst_tmp == NULL) { 7351 return NT_STATUS_NO_MEMORY; 6761 7352 } 6762 7353 … … 6817 7408 FILE_ATTRIBUTE_NORMAL, /* file_attributes */ 6818 7409 INTERNAL_OPEN_ONLY, /* oplock_request */ 7410 NULL, /* lease */ 6819 7411 0, /* allocation_size */ 6820 7412 0, /* private_flags */ … … 6822 7414 NULL, /* ea_list */ 6823 7415 &fsp1, /* result */ 6824 NULL); /* psbuf */ 7416 NULL, /* psbuf */ 7417 NULL, NULL); /* create context */ 6825 7418 6826 7419 if (!NT_STATUS_IS_OK(status)) { … … 6846 7439 dosattrs, /* file_attributes */ 6847 7440 INTERNAL_OPEN_ONLY, /* oplock_request */ 7441 NULL, /* lease */ 6848 7442 0, /* allocation_size */ 6849 7443 0, /* private_flags */ … … 6851 7445 NULL, /* ea_list */ 6852 7446 &fsp2, /* result */ 6853 NULL); /* psbuf */ 7447 NULL, /* psbuf */ 7448 NULL, NULL); /* create context */ 6854 7449 6855 7450 if (!NT_STATUS_IS_OK(status)) { … … 6894 7489 } 6895 7490 6896 if (ret != ( SMB_OFF_T)smb_fname_src->st.st_ex_size) {7491 if (ret != (off_t)smb_fname_src->st.st_ex_size) { 6897 7492 status = NT_STATUS_DISK_FULL; 6898 7493 goto out; … … 6929 7524 bool dest_has_wild = False; 6930 7525 NTSTATUS status; 7526 uint32_t ucf_flags_src = UCF_COND_ALLOW_WCARD_LCOMP | 7527 (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 0); 7528 uint32_t ucf_flags_dst = UCF_COND_ALLOW_WCARD_LCOMP | 7529 (req->posix_pathnames ? UCF_POSIX_PATHNAMES : 0); 6931 7530 TALLOC_CTX *ctx = talloc_tos(); 6932 7531 … … 6968 7567 req->flags2 & FLAGS2_DFS_PATHNAMES, 6969 7568 fname_src, 6970 UCF_COND_ALLOW_WCARD_LCOMP,7569 ucf_flags_src, 6971 7570 &source_has_wild, 6972 7571 &smb_fname_src); … … 6984 7583 req->flags2 & FLAGS2_DFS_PATHNAMES, 6985 7584 fname_dst, 6986 UCF_COND_ALLOW_WCARD_LCOMP,7585 ucf_flags_dst, 6987 7586 &dest_has_wild, 6988 7587 &smb_fname_dst); … … 7283 7882 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset)); 7284 7883 } else { 7285 7286 #if defined(HAVE_LONGLONG) 7884 /* 7885 * No BVAL, this is reversed! 7886 */ 7287 7887 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) | 7288 7888 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset))); 7289 #else /* HAVE_LONGLONG */7290 7291 /*7292 * NT4.x seems to be broken in that it sends large file (64 bit)7293 * lockingX calls even if the CAP_LARGE_FILES was *not*7294 * negotiated. For boxes without large unsigned ints truncate the7295 * lock count by dropping the top 32 bits.7296 */7297 7298 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {7299 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",7300 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),7301 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));7302 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);7303 }7304 7305 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));7306 #endif /* HAVE_LONGLONG */7307 7889 } 7308 7890 7309 7891 return count; 7310 7892 } 7311 7312 #if !defined(HAVE_LONGLONG)7313 /****************************************************************************7314 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).7315 ****************************************************************************/7316 7317 static uint32 map_lock_offset(uint32 high, uint32 low)7318 {7319 unsigned int i;7320 uint32 mask = 0;7321 uint32 highcopy = high;7322 7323 /*7324 * Try and find out how many significant bits there are in high.7325 */7326 7327 for(i = 0; highcopy; i++)7328 highcopy >>= 1;7329 7330 /*7331 * We use 31 bits not 32 here as POSIX7332 * lock offsets may not be negative.7333 */7334 7335 mask = (~0) << (31 - i);7336 7337 if(low & mask)7338 return 0; /* Fail. */7339 7340 high <<= (31 - i);7341 7342 return (high|low);7343 }7344 #endif /* !defined(HAVE_LONGLONG) */7345 7893 7346 7894 /**************************************************************************** … … 7349 7897 7350 7898 uint64_t get_lock_offset(const uint8_t *data, int data_offset, 7351 bool large_file_format , bool *err)7899 bool large_file_format) 7352 7900 { 7353 7901 uint64_t offset = 0; 7354 7355 *err = False;7356 7902 7357 7903 if(!large_file_format) { 7358 7904 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset)); 7359 7905 } else { 7360 7361 #if defined(HAVE_LONGLONG) 7906 /* 7907 * No BVAL, this is reversed! 7908 */ 7362 7909 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) | 7363 7910 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset))); 7364 #else /* HAVE_LONGLONG */7365 7366 /*7367 * NT4.x seems to be broken in that it sends large file (64 bit)7368 * lockingX calls even if the CAP_LARGE_FILES was *not*7369 * negotiated. For boxes without large unsigned ints mangle the7370 * lock offset by mapping the top 32 bits onto the lower 32.7371 */7372 7373 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {7374 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));7375 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));7376 uint32 new_low = 0;7377 7378 if((new_low = map_lock_offset(high, low)) == 0) {7379 *err = True;7380 return (uint64_t)-1;7381 }7382 7383 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",7384 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));7385 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);7386 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);7387 }7388 7389 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));7390 #endif /* HAVE_LONGLONG */7391 7911 } 7392 7912 … … 7398 7918 uint8_t type, 7399 7919 int32_t timeout, 7400 uint16_t num_ulocks,7401 struct smbd_lock_element *ulocks,7402 7920 uint16_t num_locks, 7403 7921 struct smbd_lock_element *locks, … … 7410 7928 *async = false; 7411 7929 7412 /* Data now points at the beginning of the list7413 of smb_unlkrng structs */7414 for(i = 0; i < (int)num_ulocks; i++) {7415 struct smbd_lock_element *e = &ulocks[i];7416 7417 DEBUG(10,("smbd_do_locking: unlock start=%.0f, len=%.0f for "7418 "pid %u, file %s\n",7419 (double)e->offset,7420 (double)e->count,7421 (unsigned int)e->smblctx,7422 fsp_str_dbg(fsp)));7423 7424 if (e->brltype != UNLOCK_LOCK) {7425 /* this can only happen with SMB2 */7426 return NT_STATUS_INVALID_PARAMETER;7427 }7428 7429 status = do_unlock(req->sconn->msg_ctx,7430 fsp,7431 e->smblctx,7432 e->count,7433 e->offset,7434 WINDOWS_LOCK);7435 7436 DEBUG(10, ("smbd_do_locking: unlock returned %s\n",7437 nt_errstr(status)));7438 7439 if (!NT_STATUS_IS_OK(status)) {7440 return status;7441 }7442 }7443 7444 7930 /* Setup the timeout in seconds. */ 7445 7931 … … 7447 7933 timeout = 0; 7448 7934 } 7449 7450 /* Data now points at the beginning of the list7451 of smb_lkrng structs */7452 7935 7453 7936 for(i = 0; i < (int)num_locks; i++) { … … 7468 7951 /* 7469 7952 * MS-CIFS (2.2.4.32.1) states that a cancel is honored if and only 7470 * if the lock vector contains one entry. When given mu tliple cancel7953 * if the lock vector contains one entry. When given multiple cancel 7471 7954 * requests in a single PDU we expect the server to return an 7472 7955 * error. Windows servers seem to accept the request but only … … 7513 7996 e->count, 7514 7997 e->offset, 7515 WINDOWS_LOCK, 7516 blr); 7998 WINDOWS_LOCK); 7517 7999 } else { 7518 8000 bool blocking_lock = timeout ? true : false; … … 7530 8012 blocking_lock, 7531 8013 &status, 7532 &block_smblctx, 7533 NULL); 8014 &block_smblctx); 7534 8015 7535 8016 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) { … … 7621 8102 } 7622 8103 7623 DEBUG(3, ("smbd_do_locking: fnum=%d type=%d num_locks=%d num_ulocks=%d\n", 7624 fsp->fnum, (unsigned int)type, num_locks, num_ulocks)); 8104 DEBUG(3, ("smbd_do_locking: %s type=%d num_locks=%d\n", 8105 fsp_fnum_dbg(fsp), (unsigned int)type, num_locks)); 8106 8107 return NT_STATUS_OK; 8108 } 8109 8110 NTSTATUS smbd_do_unlocking(struct smb_request *req, 8111 files_struct *fsp, 8112 uint16_t num_ulocks, 8113 struct smbd_lock_element *ulocks) 8114 { 8115 int i; 8116 8117 for(i = 0; i < (int)num_ulocks; i++) { 8118 struct smbd_lock_element *e = &ulocks[i]; 8119 NTSTATUS status; 8120 8121 DEBUG(10,("%s: unlock start=%.0f, len=%.0f for " 8122 "pid %u, file %s\n", __func__, 8123 (double)e->offset, 8124 (double)e->count, 8125 (unsigned int)e->smblctx, 8126 fsp_str_dbg(fsp))); 8127 8128 if (e->brltype != UNLOCK_LOCK) { 8129 /* this can only happen with SMB2 */ 8130 return NT_STATUS_INVALID_PARAMETER; 8131 } 8132 8133 status = do_unlock(req->sconn->msg_ctx, 8134 fsp, 8135 e->smblctx, 8136 e->count, 8137 e->offset, 8138 WINDOWS_LOCK); 8139 8140 DEBUG(10, ("%s: unlock returned %s\n", __func__, 8141 nt_errstr(status))); 8142 8143 if (!NT_STATUS_IS_OK(status)) { 8144 return status; 8145 } 8146 } 8147 8148 DEBUG(3, ("%s: %s num_ulocks=%d\n", __func__, fsp_fnum_dbg(fsp), 8149 num_ulocks)); 7625 8150 7626 8151 return NT_STATUS_OK; … … 7637 8162 unsigned char locktype; 7638 8163 unsigned char oplocklevel; 7639 uint16 num_ulocks;7640 uint16 num_locks;7641 int32 lock_timeout;8164 uint16_t num_ulocks; 8165 uint16_t num_locks; 8166 int32_t lock_timeout; 7642 8167 int i; 7643 8168 const uint8_t *data; 7644 8169 bool large_file_format; 7645 bool err;7646 8170 NTSTATUS status = NT_STATUS_UNSUCCESSFUL; 7647 8171 struct smbd_lock_element *ulocks; … … 7663 8187 num_locks = SVAL(req->vwv+7, 0); 7664 8188 lock_timeout = IVAL(req->vwv+4, 0); 7665 large_file_format = ( locktype & LOCKING_ANDX_LARGE_FILES)?True:False;8189 large_file_format = ((locktype & LOCKING_ANDX_LARGE_FILES) != 0); 7666 8190 7667 8191 if (!check_fsp(conn, req, fsp)) { … … 7684 8208 we have granted an oplock on. 7685 8209 */ 7686 if ( (locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {8210 if (locktype & LOCKING_ANDX_OPLOCK_RELEASE) { 7687 8211 /* Client can insist on breaking to none. */ 7688 8212 bool break_to_none = (oplocklevel == 0); … … 7690 8214 7691 8215 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client " 7692 "for fnum = %d\n", (unsigned int)oplocklevel,7693 fsp ->fnum));8216 "for %s\n", (unsigned int)oplocklevel, 8217 fsp_fnum_dbg(fsp))); 7694 8218 7695 8219 /* … … 7707 8231 7708 8232 DEBUG(5,("reply_lockingX: Error : oplock break from " 7709 "client for fnum = %d(oplock=%d) and no "8233 "client for %s (oplock=%d) and no " 7710 8234 "oplock granted on this file (%s).\n", 7711 fsp ->fnum, fsp->oplock_type,8235 fsp_fnum_dbg(fsp), fsp->oplock_type, 7712 8236 fsp_str_dbg(fsp))); 7713 8237 … … 7738 8262 } 7739 8263 7740 reply_to_oplock_break_requests(fsp);7741 7742 8264 /* if this is a pure oplock break request then don't send a 7743 8265 * reply */ … … 7745 8267 /* Sanity check - ensure a pure oplock break is not a 7746 8268 chained request. */ 7747 if (CVAL(req->vwv+0, 0) != 0xff)8269 if (CVAL(req->vwv+0, 0) != 0xff) { 7748 8270 DEBUG(0,("reply_lockingX: Error : pure oplock " 7749 8271 "break is a chained %d request !\n", 7750 8272 (unsigned int)CVAL(req->vwv+0, 0))); 8273 } 7751 8274 END_PROFILE(SMBlockingX); 7752 8275 return; … … 7780 8303 ulocks[i].smblctx = get_lock_pid(data, i, large_file_format); 7781 8304 ulocks[i].count = get_lock_count(data, i, large_file_format); 7782 ulocks[i].offset = get_lock_offset(data, i, large_file_format , &err);8305 ulocks[i].offset = get_lock_offset(data, i, large_file_format); 7783 8306 ulocks[i].brltype = UNLOCK_LOCK; 7784 7785 /*7786 * There is no error code marked "stupid client bug".... :-).7787 */7788 if(err) {7789 reply_nterror(req, NT_STATUS_ACCESS_DENIED);7790 END_PROFILE(SMBlockingX);7791 return;7792 }7793 8307 } 7794 8308 … … 7802 8316 locks[i].smblctx = get_lock_pid(data, i, large_file_format); 7803 8317 locks[i].count = get_lock_count(data, i, large_file_format); 7804 locks[i].offset = get_lock_offset(data, i, large_file_format , &err);8318 locks[i].offset = get_lock_offset(data, i, large_file_format); 7805 8319 7806 8320 if (locktype & LOCKING_ANDX_SHARED_LOCK) { … … 7817 8331 } 7818 8332 } 7819 7820 /* 7821 * There is no error code marked "stupid client bug".... :-). 7822 */ 7823 if(err) { 7824 reply_nterror(req, NT_STATUS_ACCESS_DENIED); 7825 END_PROFILE(SMBlockingX); 7826 return; 7827 } 8333 } 8334 8335 status = smbd_do_unlocking(req, fsp, num_ulocks, ulocks); 8336 if (!NT_STATUS_IS_OK(status)) { 8337 END_PROFILE(SMBlockingX); 8338 reply_nterror(req, status); 8339 return; 7828 8340 } 7829 8341 7830 8342 status = smbd_do_locking(req, fsp, 7831 8343 locktype, lock_timeout, 7832 num_ulocks, ulocks,7833 8344 num_locks, locks, 7834 8345 &async); … … 7844 8355 7845 8356 reply_outbuf(req, 2, 0); 7846 7847 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", 7848 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks)); 8357 SSVAL(req->outbuf, smb_vwv0, 0xff); /* andx chain ends */ 8358 SSVAL(req->outbuf, smb_vwv1, 0); /* no andx offset */ 8359 8360 DEBUG(3, ("lockingX %s type=%d num_locks=%d num_ulocks=%d\n", 8361 fsp_fnum_dbg(fsp), (unsigned int)locktype, num_locks, num_ulocks)); 7849 8362 7850 8363 END_PROFILE(SMBlockingX); 7851 chain_reply(req);7852 8364 } 7853 8365 … … 7934 8446 } 7935 8447 8448 if (!(fsp->access_mask & FILE_WRITE_ATTRIBUTES)) { 8449 reply_nterror(req, NT_STATUS_ACCESS_DENIED); 8450 goto out; 8451 } 8452 7936 8453 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &ft, true); 7937 8454 if (!NT_STATUS_IS_OK(status)) { … … 7940 8457 } 7941 8458 7942 DEBUG( 3, ( "reply_setattrE fnum=%dactime=%u modtime=%u "8459 DEBUG( 3, ( "reply_setattrE %s actime=%u modtime=%u " 7943 8460 " createtime=%u\n", 7944 fsp ->fnum,8461 fsp_fnum_dbg(fsp), 7945 8462 (unsigned int)ft.atime.tv_sec, 7946 8463 (unsigned int)ft.mtime.tv_sec, … … 8039 8556 SIVAL(req->outbuf, smb_vwv8, 0); 8040 8557 } else { 8041 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &fsp->fsp_name->st);8042 SIVAL(req->outbuf, smb_vwv6, (uint32 )fsp->fsp_name->st.st_ex_size);8558 uint32_t allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &fsp->fsp_name->st); 8559 SIVAL(req->outbuf, smb_vwv6, (uint32_t)fsp->fsp_name->st.st_ex_size); 8043 8560 SIVAL(req->outbuf, smb_vwv8, allocation_size); 8044 8561 } 8045 8562 SSVAL(req->outbuf,smb_vwv10, mode); 8046 8563 8047 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));8564 DEBUG( 3, ( "reply_getattrE %s\n", fsp_fnum_dbg(fsp))); 8048 8565 8049 8566 END_PROFILE(SMBgetattrE);
Note:
See TracChangeset
for help on using the changeset viewer.
