From 0e8fd3398771da2f016d72830179507f3edda51b Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Sat, 4 May 1996 07:50:46 +0000 Subject: Initial version imported to CVS (This used to be commit 291551d80711daab7b7581720bcd9a08d6096517) --- source3/smbd/reply.c | 3210 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 3210 insertions(+) create mode 100644 source3/smbd/reply.c (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c new file mode 100644 index 0000000000..b7b51775bb --- /dev/null +++ b/source3/smbd/reply.c @@ -0,0 +1,3210 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + Main SMB reply routines + Copyright (C) Andrew Tridgell 1992-1995 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ +/* + This file handles most of the reply_ calls that the server + makes to handle specific protocols +*/ + + +#include "includes.h" +#include "loadparm.h" +#include "trans2.h" + +/* look in server.c for some explanation of these variables */ +extern int Protocol; +extern int DEBUGLEVEL; +extern int chain_size; +extern int maxxmit; +extern int chain_fnum; +extern char magic_char; +extern connection_struct Connections[]; +extern files_struct Files[]; +extern BOOL case_sensitive; +extern pstring sesssetup_user; +extern int Client; + +/* this macro should always be used to extract an fnum (smb_fid) from +a packet to ensure chaining works correctly */ +#define GETFNUM(buf,where) (chain_fnum!= -1?chain_fnum:SVAL(buf,where)) + + +/**************************************************************************** + reply to an special message +****************************************************************************/ +int reply_special(char *inbuf,char *outbuf) +{ + int outsize = 4; + int msg_type = CVAL(inbuf,0); + int msg_flags = CVAL(inbuf,1); + pstring name1,name2; + extern fstring remote_machine; + extern fstring local_machine; + char *p; + + *name1 = *name2 = 0; + + smb_setlen(outbuf,0); + + switch (msg_type) + { + case 0x81: /* session request */ + CVAL(outbuf,0) = 0x82; + CVAL(outbuf,3) = 0; + if (name_len(inbuf+4) > 50) + { + DEBUG(0,("Invalid name length in session request\n")); + return(0); + } + name_extract(inbuf,4,name1); + name_extract(inbuf,4 + name_len(inbuf + 4),name2); + DEBUG(2,("netbios connect: name1=%s name2=%s\n",name1,name2)); + + strcpy(remote_machine,name2); + trim_string(remote_machine," "," "); + p = strchr(remote_machine,' '); + strlower(remote_machine); + if (p) *p = 0; + + strcpy(local_machine,name1); + trim_string(local_machine," "," "); + p = strchr(local_machine,' '); + strlower(local_machine); + if (p) *p = 0; + + add_session_user(remote_machine); + + reload_services(True); + reopen_logs(); + + break; + case 0x85: /* session keepalive */ + default: + return(0); + } + + DEBUG(5,("%s init msg_type=0x%x msg_flags=0x%x\n",timestring(),msg_type,msg_flags)); + + return(outsize); +} + + +/******************************************************************* +work out what error to give to a failed connection +********************************************************************/ +static int connection_error(char *inbuf,char *outbuf,int connection_num) +{ + switch (connection_num) + { + case -8: + return(ERROR(ERRSRV,ERRnoresource)); + case -7: + return(ERROR(ERRSRV,ERRbaduid)); + case -6: + return(ERROR(ERRSRV,ERRinvdevice)); + case -5: + return(ERROR(ERRSRV,ERRinvnetname)); + case -4: + return(ERROR(ERRSRV,ERRaccess)); + case -3: + return(ERROR(ERRDOS,ERRnoipc)); + case -2: + return(ERROR(ERRSRV,ERRinvnetname)); + } + return(ERROR(ERRSRV,ERRbadpw)); +} + + +/**************************************************************************** + reply to a tcon +****************************************************************************/ +int reply_tcon(char *inbuf,char *outbuf) +{ + pstring service; + pstring user; + pstring password; + pstring dev; + int connection_num; + int outsize = 0; + int uid = SVAL(inbuf,smb_uid); + int vuid; + int pwlen; + + *service = *user = *password = *dev = 0; + + vuid = valid_uid(uid); + + parse_connect(inbuf,service,user,password,&pwlen,dev); + + connection_num = make_connection(service,user,password,pwlen,dev,vuid); + + if (connection_num < 0) + return(connection_error(inbuf,outbuf,connection_num)); + + outsize = set_message(outbuf,2,0,True); + SSVAL(outbuf,smb_vwv0,maxxmit); + SSVAL(outbuf,smb_vwv1,connection_num); + SSVAL(outbuf,smb_tid,connection_num); + + DEBUG(3,("%s tcon service=%s user=%s cnum=%d\n",timestring(),service,user,connection_num)); + + return(outsize); +} + + +/**************************************************************************** + reply to a tcon and X +****************************************************************************/ +int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) +{ + pstring service; + pstring user; + pstring password; + pstring devicename; + int connection_num; + int outsize = 0; + int uid = SVAL(inbuf,smb_uid); + int vuid; + int smb_com2 = SVAL(inbuf,smb_vwv0); + int smb_off2 = SVAL(inbuf,smb_vwv1); + int passlen = SVAL(inbuf,smb_vwv3); + + *service = *user = *password = *devicename = 0; + + /* we might have to close an old one */ + if ((SVAL(inbuf,smb_vwv2) & 0x1) != 0) + close_cnum(SVAL(inbuf,smb_tid),uid); + + vuid = valid_uid(uid); + + { + char *path; + char *p; + memcpy(password,smb_buf(inbuf),passlen); + password[passlen]=0; + path = smb_buf(inbuf) + passlen; + DEBUG(4,("parsing net-path %s, passlen=%d\n",path,passlen)); + strcpy(service,path+2); + p = strchr(service,'\\'); + if (!p) + return(ERROR(ERRSRV,ERRinvnetname)); + *p = 0; + strcpy(service,p+1); + p = strchr(service,'%'); + if (p) + { + *p++ = 0; + strcpy(user,p); + } + StrnCpy(devicename,path + strlen(path) + 1,6); + DEBUG(4,("Got device type %s\n",devicename)); + } + + connection_num = make_connection(service,user,password,passlen,devicename,vuid); + + if (connection_num < 0) + return(connection_error(inbuf,outbuf,connection_num)); + + outsize = set_message(outbuf,2,strlen(devicename)+1,True); + + DEBUG(3,("%s tconX service=%s user=%s cnum=%d\n",timestring(),service,user,connection_num)); + + /* set the incoming and outgoing tid to the just created one */ + SSVAL(inbuf,smb_tid,connection_num); + SSVAL(outbuf,smb_tid,connection_num); + + CVAL(outbuf,smb_vwv0) = smb_com2; + SSVAL(outbuf,smb_vwv1,(chain_size + outsize)-4); + + strcpy(smb_buf(outbuf),devicename); + + if (smb_com2 != 0xFF) + outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, + outbuf,outbuf+outsize, + length,bufsize); + + return(outsize); +} + + +/**************************************************************************** + reply to an unknown type +****************************************************************************/ +int reply_unknown(char *inbuf,char *outbuf) +{ + int cnum; + int type; + cnum = SVAL(inbuf,smb_tid); + type = CVAL(inbuf,smb_com); + + DEBUG(0,("%s unknown command type (%s): cnum=%d type=%d (0x%X)\n", + timestring(), + smb_fn_name(type), + cnum,type,type)); + + return(ERROR(ERRSRV,ERRunknownsmb)); +} + + +/**************************************************************************** + reply to an ioctl +****************************************************************************/ +int reply_ioctl(char *inbuf,char *outbuf) +{ + DEBUG(3,("ignoring ioctl\n")); + + return(ERROR(ERRSRV,ERRnosupport)); +} + + +/**************************************************************************** +reply to a session setup command +****************************************************************************/ +int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) +{ + int outsize = 0; + int sess_uid; + int gid; + int smb_com2; + int smb_off2; + int smb_bufsize; + int smb_mpxmax; + int smb_vc_num; + uint32 smb_sesskey; + int smb_apasslen; + pstring smb_apasswd; + int smb_ntpasslen = 0; + pstring smb_ntpasswd; + BOOL valid_nt_password = False; + pstring user; + BOOL guest=False; + + *smb_apasswd = 0; + + sess_uid = SVAL(inbuf,smb_uid); + smb_com2 = CVAL(inbuf,smb_vwv0); + smb_off2 = SVAL(inbuf,smb_vwv1); + smb_bufsize = SVAL(inbuf,smb_vwv2); + smb_mpxmax = SVAL(inbuf,smb_vwv3); + smb_vc_num = SVAL(inbuf,smb_vwv4); + smb_sesskey = IVAL(inbuf,smb_vwv5); + + if (Protocol < PROTOCOL_NT1) { + smb_apasslen = SVAL(inbuf,smb_vwv7); + memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); + StrnCpy(user,smb_buf(inbuf)+smb_apasslen,sizeof(user)-1); + } else { + uint16 passlen1 = SVAL(inbuf,smb_vwv7); + uint16 passlen2 = SVAL(inbuf,smb_vwv8); + BOOL doencrypt = SMBENCRYPT(); + char *p = smb_buf(inbuf); + if (passlen1 > 256) passlen1 = 0; + if (passlen2 > 256) passlen2 = 0; /* I don't know why NT gives weird + lengths sometimes */ + if(doencrypt) { + /* Save the lanman2 password and the NT md4 password. */ + smb_apasslen = passlen1; + memcpy(smb_apasswd,p,smb_apasslen); + smb_ntpasslen = passlen2; + memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen); + } else { + /* for Win95 */ + if (passlen1 > passlen2) { + smb_apasslen = passlen1; + StrnCpy(smb_apasswd,p,smb_apasslen); + } else { + smb_apasslen = passlen2; + StrnCpy(smb_apasswd,p + passlen1,smb_apasslen); + } + } + if (passlen2 == 1) { + /* apparently NT sometimes sets passlen2 to 1 when it means 0. This + tries to work around that problem */ + passlen2 = 0; + } + p += passlen1 + passlen2; + strcpy(user,p); p = skip_string(p,1); + DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", + p,skip_string(p,1),skip_string(p,2))); + } + + + DEBUG(3,("sesssetupX:name=[%s]\n",user)); + + if (!*user) + strcpy(user,lp_guestaccount(-1)); + + strlower(user); + + strcpy(sesssetup_user,user); + + reload_services(True); + + add_session_user(user); + + + if (!(lp_security() == SEC_SERVER && server_validate(inbuf)) && + !check_hosts_equiv(user)) + { + + if (strequal(user,lp_guestaccount(-1)) && (*smb_apasswd == 0)) + guest = True; + + /* now check if it's a valid username/password */ + /* If an NT password was supplied try and validate with that + first. This is superior as the passwords are mixed case 128 length unicode */ + if(smb_ntpasslen && !guest) + { + if(!password_ok(user,smb_ntpasswd,smb_ntpasslen,NULL,True)) + DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); + else + valid_nt_password = True; + } + if (!valid_nt_password && !guest && !password_ok(user,smb_apasswd,smb_apasslen,NULL,False)) + { + if (lp_security() >= SEC_USER) { +#if (GUEST_SESSSETUP == 0) + return(ERROR(ERRSRV,ERRbadpw)); +#endif +#if (GUEST_SESSSETUP == 1) + if (Get_Pwnam(user,True)) + return(ERROR(ERRSRV,ERRbadpw)); +#endif + } + if (*smb_apasswd || !Get_Pwnam(user,True)) + strcpy(user,lp_guestaccount(-1)); + DEBUG(3,("Registered username %s for guest access\n",user)); + guest = True; + } + } + + if (!Get_Pwnam(user,True)) { + DEBUG(3,("No such user %s - using guest account\n",user)); + strcpy(user,lp_guestaccount(-1)); + guest = True; + } + + if (!strequal(user,lp_guestaccount(-1)) && + lp_servicenumber(user) < 0) + { + int homes = lp_servicenumber(HOMES_NAME); + char *home = get_home_dir(user); + if (homes >= 0 && home) + lp_add_home(user,homes,home); + } + + + /* it's ok - setup a reply */ + if (Protocol < PROTOCOL_NT1) { + outsize = set_message(outbuf,3,0,True); + } else { + char *p; + outsize = set_message(outbuf,3,3,True); + p = smb_buf(outbuf); + strcpy(p,"Unix"); p = skip_string(p,1); + strcpy(p,"Samba "); strcat(p,VERSION); p = skip_string(p,1); + strcpy(p,my_workgroup()); p = skip_string(p,1); + outsize = set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); + /* perhaps grab OS version here?? */ + } + + /* Set the correct uid in the outgoing and incoming packets + We will use this on future requests to determine which + user we should become. + */ + { + struct passwd *pw = Get_Pwnam(user,False); + if (!pw) { + DEBUG(1,("Username %s is invalid on this system\n",user)); + return(ERROR(ERRSRV,ERRbadpw)); + } + gid = pw->pw_gid; + SSVAL(outbuf,smb_uid,(uint16)pw->pw_uid); + SSVAL(inbuf,smb_uid,(uint16)pw->pw_uid); + } + + CVAL(outbuf,smb_vwv0) = smb_com2; + SSVAL(outbuf,smb_vwv1,(chain_size+outsize)-4); + + if (guest) + SSVAL(outbuf,smb_vwv2,1); + + /* register the name and uid as being validated, so further connections + to a uid can get through without a password, on the same VC */ + register_uid(SVAL(inbuf,smb_uid),gid,user,guest); + + maxxmit = MIN(maxxmit,smb_bufsize); + + if (smb_com2 != 0xFF) + outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, + outbuf,outbuf+outsize, + length,bufsize); + + return(outsize); +} + + +/**************************************************************************** + reply to a chkpth +****************************************************************************/ +int reply_chkpth(char *inbuf,char *outbuf) +{ + int outsize = 0; + int cnum,mode; + pstring name; + BOOL ok = False; + + cnum = SVAL(inbuf,smb_tid); + + strcpy(name,smb_buf(inbuf) + 1); + unix_convert(name,cnum); + + mode = SVAL(inbuf,smb_vwv0); + + if (check_name(name,cnum)) + ok = directory_exist(name,NULL); + + if (!ok) + return(ERROR(ERRDOS,ERRbadpath)); + + outsize = set_message(outbuf,0,0,True); + + DEBUG(3,("%s chkpth %s cnum=%d mode=%d\n",timestring(),name,cnum,mode)); + + return(outsize); +} + + +/**************************************************************************** + reply to a getatr +****************************************************************************/ +int reply_getatr(char *inbuf,char *outbuf) +{ + pstring fname; + int cnum; + int outsize = 0; + struct stat sbuf; + BOOL ok = False; + int mode=0; + uint32 size=0; + time_t mtime=0; + + cnum = SVAL(inbuf,smb_tid); + + strcpy(fname,smb_buf(inbuf) + 1); + unix_convert(fname,cnum); + + /* dos smetimes asks for a stat of "" - it returns a "hidden directory" + under WfWg - weird! */ + if (! (*fname)) + { + mode = aHIDDEN | aDIR; + if (!CAN_WRITE(cnum)) mode |= aRONLY; + size = 0; + mtime = 0; + ok = True; + } + else + if (check_name(fname,cnum)) + { + if (sys_stat(fname,&sbuf) == 0) + { + mode = dos_mode(cnum,fname,&sbuf); + size = sbuf.st_size; + mtime = sbuf.st_mtime; + if (mode & aDIR) + size = 0; + ok = True; + } + else + DEBUG(3,("stat of %s failed (%s)\n",fname,strerror(errno))); + } + + if (!ok) + return(UNIXERROR(ERRDOS,ERRbadfile)); + + outsize = set_message(outbuf,10,0,True); + + SSVAL(outbuf,smb_vwv0,mode); + put_dos_date3(outbuf,smb_vwv1,mtime); + SIVAL(outbuf,smb_vwv3,size); + + if (Protocol >= PROTOCOL_NT1) { + char *p = strrchr(fname,'/'); + uint16 flg2 = SVAL(outbuf,smb_flg2); + if (!p) p = fname; + if (!is_8_3(fname)) + SSVAL(outbuf,smb_flg2,flg2 | 0x40); /* IS_LONG_NAME */ + } + + DEBUG(3,("%s getatr name=%s mode=%d size=%d\n",timestring(),fname,mode,size)); + + return(outsize); +} + + +/**************************************************************************** + reply to a setatr +****************************************************************************/ +int reply_setatr(char *inbuf,char *outbuf) +{ + pstring fname; + int cnum; + int outsize = 0; + BOOL ok=False; + int mode; + time_t mtime; + + cnum = SVAL(inbuf,smb_tid); + + strcpy(fname,smb_buf(inbuf) + 1); + unix_convert(fname,cnum); + + mode = SVAL(inbuf,smb_vwv0); + mtime = make_unix_date3(inbuf+smb_vwv1); + + if (directory_exist(fname,NULL)) + mode |= aDIR; + if (check_name(fname,cnum)) + ok = (dos_chmod(cnum,fname,mode,NULL) == 0); + if (ok) + ok = set_filetime(fname,mtime); + + if (!ok) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + outsize = set_message(outbuf,0,0,True); + + DEBUG(3,("%s setatr name=%s mode=%d\n",timestring(),fname,mode)); + + return(outsize); +} + + +/**************************************************************************** + reply to a dskattr +****************************************************************************/ +int reply_dskattr(char *inbuf,char *outbuf) +{ + int cnum; + int outsize = 0; + int dfree,dsize,bsize; + + cnum = SVAL(inbuf,smb_tid); + + sys_disk_free(".",&bsize,&dfree,&dsize); + + outsize = set_message(outbuf,5,0,True); + + SSVAL(outbuf,smb_vwv0,dsize); + SSVAL(outbuf,smb_vwv1,bsize/512); + SSVAL(outbuf,smb_vwv2,512); + SSVAL(outbuf,smb_vwv3,dfree); + + DEBUG(3,("%s dskattr cnum=%d dfree=%d\n",timestring(),cnum,dfree)); + + return(outsize); +} + + +/**************************************************************************** + reply to a search + Can be called from SMBsearch, SMBffirst or SMBfunique. +****************************************************************************/ +int reply_search(char *inbuf,char *outbuf) +{ + pstring mask; + pstring directory; + pstring fname; + int size,mode; + time_t date; + int dirtype; + int cnum; + int outsize = 0; + int numentries = 0; + BOOL finished = False; + int maxentries; + int i; + char *p; + BOOL ok = False; + int status_len; + char *path; + char status[21]; + int dptr_num= -1; + BOOL check_descend = False; + BOOL expect_close = False; + BOOL can_open = True; + + *mask = *directory = *fname = 0; + + /* If we were called as SMBffirst then we must expect close. */ + if(CVAL(inbuf,smb_com) == SMBffirst) + expect_close = True; + + cnum = SVAL(inbuf,smb_tid); + + outsize = set_message(outbuf,1,3,True); + maxentries = SVAL(inbuf,smb_vwv0); + dirtype = SVAL(inbuf,smb_vwv1); + path = smb_buf(inbuf) + 1; + status_len = SVAL(smb_buf(inbuf),3 + strlen(path)); + + + /* dirtype &= ~aDIR; */ + + DEBUG(5,("path=%s status_len=%d\n",path,status_len)); + + + if (status_len == 0) + { + pstring dir2; + + strcpy(directory,smb_buf(inbuf)+1); + strcpy(dir2,smb_buf(inbuf)+1); + unix_convert(directory,cnum); + unix_format(dir2); + + if (!check_name(directory,cnum)) + can_open = False; + + p = strrchr(dir2,'/'); + if (p == NULL) + {strcpy(mask,dir2);*dir2 = 0;} + else + {*p = 0;strcpy(mask,p+1);} + + p = strrchr(directory,'/'); + if (!p) + *directory = 0; + else + *p = 0; + + if (strlen(directory) == 0) + strcpy(directory,"./"); + bzero(status,21); + CVAL(status,0) = dirtype; + } + else + { + memcpy(status,smb_buf(inbuf) + 1 + strlen(path) + 4,21); + memcpy(mask,status+1,11); + mask[11] = 0; + dirtype = CVAL(status,0) & 0x1F; + Connections[cnum].dirptr = dptr_fetch(status+12,&dptr_num); + if (!Connections[cnum].dirptr) + goto SearchEmpty; + string_set(&Connections[cnum].dirpath,dptr_path(dptr_num)); + if (!case_sensitive) + strnorm(mask); + } + + /* turn strings of spaces into a . */ + { + trim_string(mask,NULL," "); + if ((p = strrchr(mask,' '))) + { + fstring ext; + strcpy(ext,p+1); + *p = 0; + trim_string(mask,NULL," "); + strcat(mask,"."); + strcat(mask,ext); + } + } + + { + for (p=mask; *p; p++) + { + if (*p != '?' && *p != '*' && !isdoschar(*p)) + { + DEBUG(5,("Invalid char [%c] in search mask?\n",*p)); + *p = '?'; + } + } + } + + if (!strchr(mask,'.') && strlen(mask)>8) + { + fstring tmp; + strcpy(tmp,&mask[8]); + mask[8] = '.'; + mask[9] = 0; + strcat(mask,tmp); + } + + DEBUG(5,("mask=%s directory=%s\n",mask,directory)); + + if (can_open) + { + p = smb_buf(outbuf) + 3; + + ok = True; + + if (status_len == 0) + { + dptr_num = dptr_create(cnum,directory,expect_close,SVAL(inbuf,smb_pid)); + if (dptr_num < 0) + return(ERROR(ERRDOS,ERRnofids)); + } + + DEBUG(4,("dptr_num is %d\n",dptr_num)); + + if (ok) + { + if ((dirtype&0x1F) == aVOLID) + { + memcpy(p,status,21); + make_dir_struct(p,"???????????",volume_label(SNUM(cnum)),0,aVOLID,0); + dptr_fill(p+12,dptr_num); + if (dptr_zero(p+12) && (status_len==0)) + numentries = 1; + else + numentries = 0; + p += DIR_STRUCT_SIZE; + } + else + { + DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",Connections[cnum].dirpath,lp_dontdescend(SNUM(cnum)))); + if (in_list(Connections[cnum].dirpath, + lp_dontdescend(SNUM(cnum)),True)) + check_descend = True; + + for (i=numentries;(i= 0 && CVAL(inbuf,smb_com) == SMBfunique) + dptr_close(dptr_num); + + SSVAL(outbuf,smb_vwv0,numentries); + SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE); + CVAL(smb_buf(outbuf),0) = 5; + SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE); + + if (Protocol >= PROTOCOL_NT1) { + uint16 flg2 = SVAL(outbuf,smb_flg2); + SSVAL(outbuf,smb_flg2,flg2 | 0x40); /* IS_LONG_NAME */ + } + + outsize += DIR_STRUCT_SIZE*numentries; + smb_setlen(outbuf,outsize - 4); + + if ((! *directory) && dptr_path(dptr_num)) + sprintf(directory,"(%s)",dptr_path(dptr_num)); + + DEBUG(4,("%s %s mask=%s path=%s cnum=%d dtype=%d nument=%d of %d\n", + timestring(), + smb_fn_name(CVAL(inbuf,smb_com)), + mask,directory,cnum,dirtype,numentries,maxentries)); + + return(outsize); +} + + +/**************************************************************************** + reply to a fclose (stop directory search) +****************************************************************************/ +int reply_fclose(char *inbuf,char *outbuf) +{ + int cnum; + int outsize = 0; + int status_len; + char *path; + char status[21]; + int dptr_num= -1; + + cnum = SVAL(inbuf,smb_tid); + + outsize = set_message(outbuf,1,0,True); + path = smb_buf(inbuf) + 1; + status_len = SVAL(smb_buf(inbuf),3 + strlen(path)); + + + if (status_len == 0) + return(ERROR(ERRSRV,ERRsrverror)); + + memcpy(status,smb_buf(inbuf) + 1 + strlen(path) + 4,21); + + if(dptr_fetch(status+12,&dptr_num)) { + /* Close the dptr - we know it's gone */ + dptr_close(dptr_num); + } + + SSVAL(outbuf,smb_vwv0,0); + + DEBUG(3,("%s search close cnum=%d\n",timestring(),cnum)); + + return(outsize); +} + + +/**************************************************************************** + reply to an open +****************************************************************************/ +int reply_open(char *inbuf,char *outbuf) +{ + pstring fname; + int cnum; + int fnum = -1; + int outsize = 0; + int fmode=0; + int share_mode; + int size = 0; + time_t mtime=0; + int unixmode; + int rmode=0; + struct stat sbuf; + + cnum = SVAL(inbuf,smb_tid); + + share_mode = SVAL(inbuf,smb_vwv0); + + strcpy(fname,smb_buf(inbuf)+1); + unix_convert(fname,cnum); + + fnum = find_free_file(); + if (fnum < 0) + return(ERROR(ERRSRV,ERRnofids)); + + if (!check_name(fname,cnum)) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + unixmode = unix_mode(cnum,aARCH); + + open_file_shared(fnum,cnum,fname,share_mode,3,unixmode,&rmode,NULL); + + if (!Files[fnum].open) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + if (fstat(Files[fnum].fd,&sbuf) != 0) { + close_file(fnum); + return(ERROR(ERRDOS,ERRnoaccess)); + } + + size = sbuf.st_size; + fmode = dos_mode(cnum,fname,&sbuf); + mtime = sbuf.st_mtime; + + if (fmode & aDIR) { + DEBUG(3,("attempt to open a directory %s\n",fname)); + close_file(fnum); + return(ERROR(ERRDOS,ERRnoaccess)); + } + + outsize = set_message(outbuf,7,0,True); + SSVAL(outbuf,smb_vwv0,fnum); + SSVAL(outbuf,smb_vwv1,fmode); + put_dos_date3(outbuf,smb_vwv2,mtime); + SIVAL(outbuf,smb_vwv4,size); + SSVAL(outbuf,smb_vwv6,rmode); + + return(outsize); +} + + +/**************************************************************************** + reply to an open and X +****************************************************************************/ +int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) +{ + pstring fname; + int cnum = SVAL(inbuf,smb_tid); + int fnum = -1; + int outsize = 0; + int openmode = 0; + int smb_com2 = CVAL(inbuf,smb_vwv0); + int smb_off2 = SVAL(inbuf,smb_vwv1); + int smb_mode = SVAL(inbuf,smb_vwv3); + int smb_attr = SVAL(inbuf,smb_vwv5); +#if 0 + int open_flags = SVAL(inbuf,smb_vwv2); + int smb_sattr = SVAL(inbuf,smb_vwv4); + uint32 smb_time = make_unix_date3(inbuf+smb_vwv6); +#endif + int smb_ofun = SVAL(inbuf,smb_vwv8); + int unixmode; + int size=0,fmode=0,mtime=0,rmode=0; + struct stat sbuf; + int smb_action = 0; + + /* XXXX we need to handle passed times, sattr and flags */ + + strcpy(fname,smb_buf(inbuf)); + unix_convert(fname,cnum); + + /* now add create and trunc bits */ + if (smb_ofun & 0x10) + openmode |= O_CREAT; + if ((smb_ofun & 0x3) == 2) + openmode |= O_TRUNC; + + fnum = find_free_file(); + if (fnum < 0) + return(ERROR(ERRSRV,ERRnofids)); + + if (!check_name(fname,cnum)) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + unixmode = unix_mode(cnum,smb_attr | aARCH); + + open_file_shared(fnum,cnum,fname,smb_mode,smb_ofun,unixmode, + &rmode,&smb_action); + + if (!Files[fnum].open) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + if (fstat(Files[fnum].fd,&sbuf) != 0) { + close_file(fnum); + return(ERROR(ERRDOS,ERRnoaccess)); + } + + size = sbuf.st_size; + fmode = dos_mode(cnum,fname,&sbuf); + mtime = sbuf.st_mtime; + if (fmode & aDIR) { + close_file(fnum); + return(ERROR(ERRDOS,ERRnoaccess)); + } + + outsize = set_message(outbuf,15,0,True); + CVAL(outbuf,smb_vwv0) = smb_com2; + SSVAL(outbuf,smb_vwv1,(chain_size+outsize)-4); + SSVAL(outbuf,smb_vwv2,fnum); + SSVAL(outbuf,smb_vwv3,fmode); + put_dos_date3(outbuf,smb_vwv4,mtime); + SIVAL(outbuf,smb_vwv6,size); + SSVAL(outbuf,smb_vwv8,rmode); + SSVAL(outbuf,smb_vwv11,smb_action); + + chain_fnum = fnum; + + if (smb_com2 != 0xFF) + outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, + outbuf,outbuf+outsize, + length,bufsize); + + chain_fnum = -1; + + return(outsize); +} + + +/**************************************************************************** + reply to a SMBulogoffX +****************************************************************************/ +int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) +{ + int outsize = 0; + int smb_com2 = CVAL(inbuf,smb_vwv0); + int smb_off2 = SVAL(inbuf,smb_vwv1); + int uid = SVAL(inbuf,smb_uid); + + invalidate_uid(uid); + + outsize = set_message(outbuf,2,0,True); + CVAL(outbuf,smb_vwv0) = smb_com2; + SSVAL(outbuf,smb_vwv1,(chain_size+outsize)-4); + + DEBUG(3,("%s ulogoffX uid=%d\n",timestring(),uid)); + + if (smb_com2 != 0xFF) + outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, + outbuf,outbuf+outsize, + length,bufsize); + + + return(outsize); +} + + +/**************************************************************************** + reply to a mknew +****************************************************************************/ +int reply_mknew(char *inbuf,char *outbuf) +{ + pstring fname; + int cnum,com; + int fnum = -1; + int outsize = 0; + int createmode; + mode_t unixmode; + + com = SVAL(inbuf,smb_com); + cnum = SVAL(inbuf,smb_tid); + + createmode = SVAL(inbuf,smb_vwv0); + strcpy(fname,smb_buf(inbuf)+1); + unix_convert(fname,cnum); + + if (createmode & aVOLID) + { + DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname)); + } + + unixmode = unix_mode(cnum,createmode); + + if (com == SMBmknew && file_exist(fname,NULL)) + return(ERROR(ERRDOS,ERRfilexists)); + + fnum = find_free_file(); + if (fnum < 0) + return(ERROR(ERRSRV,ERRnofids)); + + if (!check_name(fname,cnum)) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + open_file(fnum,cnum,fname,O_RDWR | O_CREAT | O_TRUNC,unixmode); + + if (!Files[fnum].open) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + outsize = set_message(outbuf,1,0,True); + SSVAL(outbuf,smb_vwv0,fnum); + + DEBUG(2,("new file %s\n",fname)); + DEBUG(3,("%s mknew %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n",timestring(),fname,Files[fnum].fd,fnum,cnum,createmode,unixmode)); + + return(outsize); +} + + +/**************************************************************************** + reply to a create temporary file +****************************************************************************/ +int reply_ctemp(char *inbuf,char *outbuf) +{ + pstring fname; + pstring fname2; + int cnum; + int fnum = -1; + int outsize = 0; + int createmode; + mode_t unixmode; + + cnum = SVAL(inbuf,smb_tid); + createmode = SVAL(inbuf,smb_vwv0); + sprintf(fname,"%s/TMXXXXXX",smb_buf(inbuf)+1); + unix_convert(fname,cnum); + + unixmode = unix_mode(cnum,createmode); + + fnum = find_free_file(); + if (fnum < 0) + return(ERROR(ERRSRV,ERRnofids)); + + if (!check_name(fname,cnum)) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + strcpy(fname2,(char *)mktemp(fname)); + + open_file(fnum,cnum,fname2,O_RDWR | O_CREAT | O_TRUNC,unixmode); + + if (!Files[fnum].open) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + outsize = set_message(outbuf,1,2 + strlen(fname2),True); + SSVAL(outbuf,smb_vwv0,fnum); + CVAL(smb_buf(outbuf),0) = 4; + strcpy(smb_buf(outbuf) + 1,fname2); + + DEBUG(2,("created temp file %s\n",fname2)); + DEBUG(3,("%s ctemp %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n",timestring(),fname2,Files[fnum].fd,fnum,cnum,createmode,unixmode)); + + return(outsize); +} + + +/******************************************************************* +check if a user is allowed to delete a file +********************************************************************/ +static BOOL can_delete(char *fname,int cnum,int dirtype) +{ + struct stat sbuf; + int fmode; + + if (!CAN_WRITE(cnum)) return(False); + + if (sys_lstat(fname,&sbuf) != 0) return(False); + fmode = dos_mode(cnum,fname,&sbuf); + if (fmode & aDIR) return(False); + if (fmode & aRONLY) return(False); + if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) + return(False); + if (!check_file_sharing(cnum,fname)) return(False); + return(True); +} + +/**************************************************************************** + reply to a unlink +****************************************************************************/ +int reply_unlink(char *inbuf,char *outbuf) +{ + int outsize = 0; + pstring name; + int cnum; + int dirtype; + pstring directory; + pstring mask; + char *p; + int count=0; + int error = ERRnoaccess; + BOOL has_wild; + BOOL exists=False; + + *directory = *mask = 0; + + cnum = SVAL(inbuf,smb_tid); + dirtype = SVAL(inbuf,smb_vwv0); + + strcpy(name,smb_buf(inbuf) + 1); + + DEBUG(3,("reply_unlink : %s\n",name)); + + unix_convert(name,cnum); + + p = strrchr(name,'/'); + if (!p) { + strcpy(directory,"./"); + strcpy(mask,name); + } else { + *p = 0; + strcpy(directory,name); + strcpy(mask,p+1); + } + + if (is_mangled(mask)) + check_mangled_stack(mask); + + has_wild = strchr(mask,'*') || strchr(mask,'?'); + + if (!has_wild) { + strcat(directory,"/"); + strcat(directory,mask); + if (can_delete(directory,cnum,dirtype) && !sys_unlink(directory)) count++; + if (!count) exists = file_exist(directory,NULL); + } else { + void *dirptr = NULL; + char *dname; + + if (check_name(directory,cnum)) + dirptr = OpenDir(directory); + + if (dirptr) + { + error = ERRbadfile; + + if (strequal(mask,"????????.???")) + strcpy(mask,"*"); + + while ((dname = ReadDirName(dirptr))) + { + pstring fname; + strcpy(fname,dname); + + if(!mask_match(fname, mask, case_sensitive, False)) continue; + + error = ERRnoaccess; + sprintf(fname,"%s/%s",directory,dname); + if (!can_delete(fname,cnum,dirtype)) continue; + if (!sys_unlink(fname)) count++; + DEBUG(3,("reply_unlink : doing unlink on %s\n",fname)); + } + CloseDir(dirptr); + } + } + + if (count == 0) { + if (exists) + return(ERROR(ERRDOS,error)); + else + return(UNIXERROR(ERRDOS,error)); + } + + outsize = set_message(outbuf,0,0,True); + + return(outsize); +} + + +/**************************************************************************** + reply to a readbraw (core+ protocol) +****************************************************************************/ +int reply_readbraw(char *inbuf, char *outbuf) +{ + int cnum,maxcount,mincount,fnum; + int nread = 0; + int startpos; + char *header = outbuf; + int ret=0; + int fd; + char *fname; + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + startpos = IVAL(inbuf,smb_vwv1); + maxcount = SVAL(inbuf,smb_vwv3); + mincount = SVAL(inbuf,smb_vwv4); + + /* ensure we don't overrun the packet size */ + maxcount = MIN(65535,maxcount); + maxcount = MAX(mincount,maxcount); + + if (!FNUM_OK(fnum,cnum) || !Files[fnum].can_read) + { + DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",fnum)); + _smb_setlen(header,0); + transfer_file(0,Client,0,header,4,0); + return(-1); + } + else + { + fd = Files[fnum].fd; + fname = Files[fnum].name; + } + + + if (!is_locked(fnum,cnum,maxcount,startpos)) + { + int size = Files[fnum].size; + int sizeneeded = startpos + maxcount; + + if (size < sizeneeded) { + struct stat st; + if (fstat(Files[fnum].fd,&st) == 0) + size = st.st_size; + if (!Files[fnum].can_write) + Files[fnum].size = size; + } + + nread = MIN(maxcount,size - startpos); + } + + if (nread < mincount) + nread = 0; + + DEBUG(3,("%s readbraw fnum=%d cnum=%d start=%d max=%d min=%d nread=%d\n", + timestring(), + fnum,cnum,startpos, + maxcount,mincount,nread)); + +#if UNSAFE_READRAW + { + int predict=0; + _smb_setlen(header,nread); + + if (!Files[fnum].can_write) + predict = read_predict(fd,startpos,header+4,NULL,nread); + + if ((nread-predict) > 0) + seek_file(fnum,startpos + predict); + + ret = transfer_file(fd,Client,nread-predict,header,4+predict, + startpos+predict); + } + + if (ret != nread+4) + DEBUG(0,("ERROR: file read failure on %s at %d for %d bytes (%d)\n", + fname,startpos,nread,ret)); + +#else + ret = read_file(fnum,header+4,startpos,nread,nread,-1,False); + if (ret < mincount) ret = 0; + + _smb_setlen(header,ret); + transfer_file(0,Client,0,header,4+ret,0); +#endif + + DEBUG(5,("readbraw finished\n")); + return -1; +} + + +/**************************************************************************** + reply to a lockread (core+ protocol) +****************************************************************************/ +int reply_lockread(char *inbuf,char *outbuf) +{ + int cnum,fnum; + int nread = -1; + char *data; + int outsize = 0; + uint32 startpos, numtoread; + int eclass; + uint32 ecode; + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_READ(fnum); + CHECK_ERROR(fnum); + + numtoread = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv2); + + outsize = set_message(outbuf,5,3,True); + numtoread = MIN(BUFFER_SIZE-outsize,numtoread); + data = smb_buf(outbuf) + 3; + + if(!do_lock( fnum, cnum, numtoread, startpos, &eclass, &ecode)) + return (ERROR(eclass,ecode)); + + nread = read_file(fnum,data,startpos,numtoread,numtoread,-1,False); + + if (nread < 0) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + outsize += nread; + SSVAL(outbuf,smb_vwv0,nread); + SSVAL(outbuf,smb_vwv5,nread+3); + SSVAL(smb_buf(outbuf),1,nread); + + DEBUG(3,("%s lockread fnum=%d cnum=%d num=%d nread=%d\n",timestring(),fnum,cnum,numtoread,nread)); + + return(outsize); +} + + +/**************************************************************************** + reply to a read +****************************************************************************/ +int reply_read(char *inbuf,char *outbuf) +{ + int cnum,numtoread,fnum; + int nread = 0; + char *data; + int startpos; + int outsize = 0; + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_READ(fnum); + CHECK_ERROR(fnum); + + numtoread = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv2); + + outsize = set_message(outbuf,5,3,True); + numtoread = MIN(BUFFER_SIZE-outsize,numtoread); + data = smb_buf(outbuf) + 3; + + if (is_locked(fnum,cnum,numtoread,startpos)) + return(ERROR(ERRDOS,ERRlock)); + + if (numtoread > 0) + nread = read_file(fnum,data,startpos,numtoread,numtoread,-1,False); + + if (nread < 0) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + outsize += nread; + SSVAL(outbuf,smb_vwv0,nread); + SSVAL(outbuf,smb_vwv5,nread+3); + CVAL(smb_buf(outbuf),0) = 1; + SSVAL(smb_buf(outbuf),1,nread); + + DEBUG(3,("%s read fnum=%d cnum=%d num=%d nread=%d\n",timestring(),fnum,cnum,numtoread,nread)); + + return(outsize); +} + + +/**************************************************************************** + reply to a read and X +****************************************************************************/ +int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) +{ + int smb_com2 = CVAL(inbuf,smb_vwv0); + int smb_off2 = SVAL(inbuf,smb_vwv1); + int fnum = GETFNUM(inbuf,smb_vwv2); + uint32 smb_offs = IVAL(inbuf,smb_vwv3); + int smb_maxcnt = SVAL(inbuf,smb_vwv5); + int smb_mincnt = SVAL(inbuf,smb_vwv6); + int cnum; + int nread = -1; + char *data; + int outsize = 0; + BOOL ok = False; + + cnum = SVAL(inbuf,smb_tid); + + CHECK_FNUM(fnum,cnum); + CHECK_READ(fnum); + CHECK_ERROR(fnum); + + outsize = set_message(outbuf,12,0,True); + data = smb_buf(outbuf); + + if (is_locked(fnum,cnum,smb_maxcnt,smb_offs)) + return(ERROR(ERRDOS,ERRlock)); + nread = read_file(fnum,data,smb_offs,smb_maxcnt,smb_maxcnt,-1,False); + ok = True; + + if (nread < 0) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + outsize += nread; + CVAL(outbuf,smb_vwv0) = smb_com2; + SSVAL(outbuf,smb_vwv1,(outsize+chain_size)-4); + SSVAL(outbuf,smb_vwv5,nread); + SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf) + chain_size); + SSVAL(smb_buf(outbuf),-2,nread); + + DEBUG(3,("%s readX fnum=%d cnum=%d min=%d max=%d nread=%d com2=%d off2=%d\n", + timestring(),fnum,cnum, + smb_mincnt,smb_maxcnt,nread,smb_com2,smb_off2)); + + chain_fnum = fnum; + + if (smb_com2 != 0xFF) + outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, + outbuf,outbuf+outsize, + length,bufsize); + + chain_fnum = -1; + + return(outsize); +} + + +/**************************************************************************** + reply to a writebraw (core+ or LANMAN1.0 protocol) +****************************************************************************/ +int reply_writebraw(char *inbuf,char *outbuf) +{ + int nwritten=0; + int total_written=0; + int numtowrite=0; + int cnum,fnum; + int outsize = 0; + long startpos; + char *data=NULL; + BOOL write_through; + int tcount; + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_WRITE(fnum); + CHECK_ERROR(fnum); + + tcount = IVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv3); + write_through = BITSETW(inbuf+smb_vwv7,0); + + /* We have to deal with slightly different formats depending + on whether we are using the core+ or lanman1.0 protocol */ + if(Protocol <= PROTOCOL_COREPLUS) { + numtowrite = SVAL(smb_buf(inbuf),-2); + data = smb_buf(inbuf); + } else { + numtowrite = SVAL(inbuf,smb_vwv10); + data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11); + } + + /* force the error type */ + CVAL(inbuf,smb_com) = SMBwritec; + CVAL(outbuf,smb_com) = SMBwritec; + + if (is_locked(fnum,cnum,tcount,startpos)) + return(ERROR(ERRDOS,ERRlock)); + + if (seek_file(fnum,startpos) != startpos) + DEBUG(0,("couldn't seek to %d in writebraw\n",startpos)); + + if (numtowrite>0) + nwritten = write_file(fnum,data,numtowrite); + + DEBUG(3,("%s writebraw1 fnum=%d cnum=%d start=%d num=%d wrote=%d sync=%d\n", + timestring(),fnum,cnum,startpos,numtowrite,nwritten,write_through)); + + if (nwritten < numtowrite) + return(UNIXERROR(ERRHRD,ERRdiskfull)); + + total_written = nwritten; + + /* Return a message to the redirector to tell it + to send more bytes */ + CVAL(outbuf,smb_com) = SMBwritebraw; + SSVALS(outbuf,smb_vwv0,-1); + outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); + send_smb(Client,outbuf); + + /* Now read the raw data into the buffer and write it */ + if(read_smb_length(Client,inbuf,0) == -1) { + exit_server("secondary writebraw failed"); + } + + /* Even though this is not an smb message, smb_len + returns the generic length of an smb message */ + numtowrite = smb_len(inbuf); + + if (tcount > nwritten+numtowrite) { + DEBUG(3,("Client overestimated the write %d %d %d\n", + tcount,nwritten,numtowrite)); + } + + nwritten = transfer_file(Client,Files[fnum].fd,numtowrite,NULL,0, + startpos+nwritten); + total_written += nwritten; + + /* Set up outbuf to return the correct return */ + outsize = set_message(outbuf,1,0,True); + CVAL(outbuf,smb_com) = SMBwritec; + SSVAL(outbuf,smb_vwv0,total_written); + + if (nwritten < numtowrite) { + CVAL(outbuf,smb_rcls) = ERRHRD; + SSVAL(outbuf,smb_err,ERRdiskfull); + } + + if (lp_syncalways(SNUM(cnum)) || write_through) + sync_file(fnum); + + DEBUG(3,("%s writebraw2 fnum=%d cnum=%d start=%d num=%d wrote=%d\n", + timestring(),fnum,cnum,startpos,numtowrite,total_written)); + + /* we won't return a status if write through is not selected - this + follows what WfWg does */ + if (!write_through && total_written==tcount) + return(-1); + + return(outsize); +} + + +/**************************************************************************** + reply to a writeunlock (core+) +****************************************************************************/ +int reply_writeunlock(char *inbuf,char *outbuf) +{ + int cnum,fnum; + int nwritten = -1; + int outsize = 0; + char *data; + uint32 numtowrite,startpos; + int eclass; + uint32 ecode; + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_WRITE(fnum); + CHECK_ERROR(fnum); + + numtowrite = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv2); + data = smb_buf(inbuf) + 3; + + if (is_locked(fnum,cnum,numtowrite,startpos)) + return(ERROR(ERRDOS,ERRlock)); + + seek_file(fnum,startpos); + + /* The special X/Open SMB protocol handling of + zero length writes is *NOT* done for + this call */ + if(numtowrite == 0) + nwritten = 0; + else + nwritten = write_file(fnum,data,numtowrite); + + if (lp_syncalways(SNUM(cnum))) + sync_file(fnum); + + if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + if(!do_unlock(fnum, cnum, numtowrite, startpos, &eclass, &ecode)) + return(ERROR(eclass,ecode)); + + outsize = set_message(outbuf,1,0,True); + + SSVAL(outbuf,smb_vwv0,nwritten); + + DEBUG(3,("%s writeunlock fnum=%d cnum=%d num=%d wrote=%d\n", + timestring(),fnum,cnum,numtowrite,nwritten)); + + return(outsize); +} + + +/**************************************************************************** + reply to a write +****************************************************************************/ +int reply_write(char *inbuf,char *outbuf,int dum1,int dum2) +{ + int cnum,numtowrite,fnum; + int nwritten = -1; + int outsize = 0; + int startpos; + char *data; + + dum1 = dum2 = 0; + + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_WRITE(fnum); + CHECK_ERROR(fnum); + + numtowrite = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv2); + data = smb_buf(inbuf) + 3; + + if (is_locked(fnum,cnum,numtowrite,startpos)) + return(ERROR(ERRDOS,ERRlock)); + + seek_file(fnum,startpos); + + /* X/Open SMB protocol says that if smb_vwv1 is + zero then the file size should be extended or + truncated to the size given in smb_vwv[2-3] */ + if(numtowrite == 0) + nwritten = set_filelen(Files[fnum].fd, startpos); + else + nwritten = write_file(fnum,data,numtowrite); + + if (lp_syncalways(SNUM(cnum))) + sync_file(fnum); + + if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + outsize = set_message(outbuf,1,0,True); + + SSVAL(outbuf,smb_vwv0,nwritten); + + if (nwritten < numtowrite) { + CVAL(outbuf,smb_rcls) = ERRHRD; + SSVAL(outbuf,smb_err,ERRdiskfull); + } + + DEBUG(3,("%s write fnum=%d cnum=%d num=%d wrote=%d\n",timestring(),fnum,cnum,numtowrite,nwritten)); + + return(outsize); +} + + +/**************************************************************************** + reply to a write and X +****************************************************************************/ +int reply_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) +{ + int smb_com2 = CVAL(inbuf,smb_vwv0); + int smb_off2 = SVAL(inbuf,smb_vwv1); + int fnum = GETFNUM(inbuf,smb_vwv2); + uint32 smb_offs = IVAL(inbuf,smb_vwv3); + int smb_dsize = SVAL(inbuf,smb_vwv10); + int smb_doff = SVAL(inbuf,smb_vwv11); + BOOL write_through = BITSETW(inbuf+smb_vwv7,0); + int cnum; + int nwritten = -1; + int outsize = 0; + char *data; + + cnum = SVAL(inbuf,smb_tid); + + CHECK_FNUM(fnum,cnum); + CHECK_WRITE(fnum); + CHECK_ERROR(fnum); + + data = smb_base(inbuf) + smb_doff; + + if (is_locked(fnum,cnum,smb_dsize,smb_offs)) + return(ERROR(ERRDOS,ERRlock)); + + seek_file(fnum,smb_offs); + + /* X/Open SMB protocol says that, unlike SMBwrite + if the length is zero then NO truncation is + done, just a write of zero. To truncate a file, + use SMBwrite. */ + if(smb_dsize == 0) + nwritten = 0; + else + nwritten = write_file(fnum,data,smb_dsize); + + if(((nwritten == 0) && (smb_dsize != 0))||(nwritten < 0)) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + outsize = set_message(outbuf,6,0,True); + + CVAL(outbuf,smb_vwv0) = smb_com2; + SSVAL(outbuf,smb_vwv1,(outsize+chain_size)-4); + SSVAL(outbuf,smb_vwv2,nwritten); + + if (nwritten < smb_dsize) { + CVAL(outbuf,smb_rcls) = ERRHRD; + SSVAL(outbuf,smb_err,ERRdiskfull); + } + + DEBUG(3,("%s writeX fnum=%d cnum=%d num=%d wrote=%d\n",timestring(),fnum,cnum,smb_dsize,nwritten)); + + chain_fnum = fnum; + + if (lp_syncalways(SNUM(cnum)) || write_through) + sync_file(fnum); + + if (smb_com2 != 0xFF) + outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, + outbuf,outbuf+outsize, + length,bufsize); + + chain_fnum = -1; + + return(outsize); +} + + +/**************************************************************************** + reply to a lseek +****************************************************************************/ +int reply_lseek(char *inbuf,char *outbuf) +{ + int cnum,fnum; + uint32 startpos; + int32 res= -1; + int mode,umode; + int outsize = 0; + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_ERROR(fnum); + + mode = SVAL(inbuf,smb_vwv1) & 3; + startpos = IVAL(inbuf,smb_vwv2); + + switch (mode & 3) + { + case 0: umode = SEEK_SET; break; + case 1: umode = SEEK_CUR; break; + case 2: umode = SEEK_END; break; + default: + umode = SEEK_SET; break; + } + + res = lseek(Files[fnum].fd,startpos,umode); + Files[fnum].pos = res; + + outsize = set_message(outbuf,2,0,True); + SIVALS(outbuf,smb_vwv0,res); + + DEBUG(3,("%s lseek fnum=%d cnum=%d ofs=%d mode=%d\n",timestring(),fnum,cnum,startpos,mode)); + + return(outsize); +} + + +/**************************************************************************** + reply to a flush +****************************************************************************/ +int reply_flush(char *inbuf,char *outbuf) +{ + int cnum, fnum; + int outsize = set_message(outbuf,0,0,True); + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + if (fnum != 0xFFFF) { + CHECK_FNUM(fnum,cnum); + CHECK_ERROR(fnum); + } + + if (fnum == 0xFFFF) + { + int i; + for (i=0;iwr_errclass; + err = Files[fnum].wbmpx_ptr->wr_error; + } + + mtime = make_unix_date3(inbuf+smb_vwv1); + + close_file(fnum); + + /* try and set the date */ + set_filetime(Files[fnum].name,mtime); + + /* We have a cached error */ + if(eclass || err) + return(ERROR(eclass,err)); + + DEBUG(3,("%s close fd=%d fnum=%d cnum=%d (numopen=%d)\n", + timestring(),Files[fnum].fd,fnum,cnum, + Connections[cnum].num_files_open)); + + return(outsize); +} + + +/**************************************************************************** + reply to a writeclose (Core+ protocol) +****************************************************************************/ +int reply_writeclose(char *inbuf,char *outbuf) +{ + int cnum,numtowrite,fnum; + int nwritten = -1; + int outsize = 0; + int startpos; + char *data; + time_t mtime; + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_WRITE(fnum); + CHECK_ERROR(fnum); + + numtowrite = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv2); + mtime = make_unix_date3(inbuf+smb_vwv4); + data = smb_buf(inbuf) + 1; + + if (is_locked(fnum,cnum,numtowrite,startpos)) + return(ERROR(ERRDOS,ERRlock)); + + seek_file(fnum,startpos); + + nwritten = write_file(fnum,data,numtowrite); + + close_file(fnum); + + set_filetime(Files[fnum].name,mtime); + + DEBUG(3,("%s writeclose fnum=%d cnum=%d num=%d wrote=%d (numopen=%d)\n", + timestring(),fnum,cnum,numtowrite,nwritten, + Connections[cnum].num_files_open)); + + if (nwritten <= 0) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + outsize = set_message(outbuf,1,0,True); + + SSVAL(outbuf,smb_vwv0,nwritten); + return(outsize); +} + + +/**************************************************************************** + reply to a lock +****************************************************************************/ +int reply_lock(char *inbuf,char *outbuf) +{ + int fnum,cnum; + int outsize = set_message(outbuf,0,0,True); + uint32 count,offset; + int eclass; + uint32 ecode; + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_ERROR(fnum); + + count = IVAL(inbuf,smb_vwv1); + offset = IVAL(inbuf,smb_vwv3); + + DEBUG(3,("%s lock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n",timestring(),Files[fnum].fd,fnum,cnum,offset,count)); + + if(!do_lock( fnum, cnum, count, offset, &eclass, &ecode)) + return (ERROR(eclass,ecode)); + + return(outsize); +} + + +/**************************************************************************** + reply to a unlock +****************************************************************************/ +int reply_unlock(char *inbuf,char *outbuf) +{ + int fnum,cnum; + int outsize = set_message(outbuf,0,0,True); + uint32 count,offset; + int eclass; + uint32 ecode; + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_ERROR(fnum); + + count = IVAL(inbuf,smb_vwv1); + offset = IVAL(inbuf,smb_vwv3); + + if(!do_unlock(fnum, cnum, count, offset, &eclass, &ecode)) + return (ERROR(eclass,ecode)); + + DEBUG(3,("%s unlock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n",timestring(),Files[fnum].fd,fnum,cnum,offset,count)); + + return(outsize); +} + + +/**************************************************************************** + reply to a tdis +****************************************************************************/ +int reply_tdis(char *inbuf,char *outbuf) +{ + int cnum, uid; + int outsize = set_message(outbuf,0,0,True); + + cnum = SVAL(inbuf,smb_tid); + uid = SVAL(inbuf,smb_uid); + + Connections[cnum].used = False; + + close_cnum(cnum,uid); + + DEBUG(3,("%s tdis cnum=%d\n",timestring(),cnum)); + + return outsize; +} + + + +/**************************************************************************** + reply to a echo +****************************************************************************/ +int reply_echo(char *inbuf,char *outbuf) +{ + int cnum; + int smb_reverb = SVAL(inbuf,smb_vwv0); + int seq_num; + int data_len = smb_buflen(inbuf); + int outsize = set_message(outbuf,1,data_len,True); + + cnum = SVAL(inbuf,smb_tid); + + if (cnum != 0xFFFF && !OPEN_CNUM(cnum)) + { + DEBUG(4,("Invalid cnum in echo (%d)\n",cnum)); + return(ERROR(ERRSRV,ERRinvnid)); + } + + /* copy any incoming data back out */ + if (data_len > 0) + memcpy(smb_buf(outbuf),smb_buf(inbuf),data_len); + + if (smb_reverb > 100) + { + DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb)); + smb_reverb = 100; + } + + for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) + { + SSVAL(outbuf,smb_vwv0,seq_num); + + smb_setlen(outbuf,outsize - 4); + + send_smb(Client,outbuf); + } + + DEBUG(3,("%s echo %d times cnum=%d\n",timestring(),smb_reverb,cnum)); + + return -1; +} + + +/**************************************************************************** + reply to a printopen +****************************************************************************/ +int reply_printopen(char *inbuf,char *outbuf) +{ + pstring fname; + pstring fname2; + int cnum; + int fnum = -1; + int outsize = 0; + + *fname = *fname2 = 0; + + cnum = SVAL(inbuf,smb_tid); + + if (!CAN_PRINT(cnum)) + return(ERROR(ERRDOS,ERRnoaccess)); + + { + pstring s; + char *p; + StrnCpy(s,smb_buf(inbuf)+1,sizeof(pstring)-1); + p = s; + while (*p) + { + if (!(isalnum(*p) || strchr("._-",*p))) + *p = 'X'; + p++; + } + + if (strlen(s) > 10) s[10] = 0; + + sprintf(fname,"%s.XXXXXX",s); + } + + fnum = find_free_file(); + if (fnum < 0) + return(ERROR(ERRSRV,ERRnofids)); + + strcpy(fname2,(char *)mktemp(fname)); + + if (!check_name(fname2,cnum)) + return(ERROR(ERRDOS,ERRnoaccess)); + + open_file(fnum,cnum,fname2,O_WRONLY | O_CREAT | O_TRUNC, + unix_mode(cnum,0)); + + if (!Files[fnum].open) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + /* force it to be a print file */ + Files[fnum].print_file = True; + + outsize = set_message(outbuf,1,0,True); + SSVAL(outbuf,smb_vwv0,fnum); + + DEBUG(3,("%s openprint %s fd=%d fnum=%d cnum=%d\n",timestring(),fname2,Files[fnum].fd,fnum,cnum)); + + return(outsize); +} + + +/**************************************************************************** + reply to a printclose +****************************************************************************/ +int reply_printclose(char *inbuf,char *outbuf) +{ + int fnum,cnum; + int outsize = set_message(outbuf,0,0,True); + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_ERROR(fnum); + + if (!CAN_PRINT(cnum)) + return(ERROR(ERRDOS,ERRnoaccess)); + + close_file(fnum); + + DEBUG(3,("%s printclose fd=%d fnum=%d cnum=%d\n",timestring(),Files[fnum].fd,fnum,cnum)); + + return(outsize); +} + + +/**************************************************************************** + reply to a printqueue +****************************************************************************/ +int reply_printqueue(char *inbuf,char *outbuf) +{ + int cnum, uid; + int outsize = set_message(outbuf,2,3,True); + int max_count = SVAL(inbuf,smb_vwv0); + int start_index = SVAL(inbuf,smb_vwv1); + + cnum = SVAL(inbuf,smb_tid); + uid = SVAL(inbuf,smb_uid); + +/* allow checking the queue for anyone */ +#if 0 + if (!CAN_PRINT(cnum)) + return(ERROR(ERRDOS,ERRnoaccess)); +#endif + + SSVAL(outbuf,smb_vwv0,0); + SSVAL(outbuf,smb_vwv1,0); + CVAL(smb_buf(outbuf),0) = 1; + SSVAL(smb_buf(outbuf),1,0); + + DEBUG(3,("%s printqueue cnum=%d start_index=%d max_count=%d\n", + timestring(),cnum,start_index,max_count)); + + if (!OPEN_CNUM(cnum) || !Connections[cnum].printer) + { + int i; + cnum = -1; + + for (i=0;i0?start_index:start_index+max_count+1); + int i; + + if (first >= count) + num_to_get = 0; + else + num_to_get = MIN(num_to_get,count-first); + + + for (i=first;i 0) + { + outsize = set_message(outbuf,2,28*count+3,False); + SSVAL(outbuf,smb_vwv0,count); + SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1)); + CVAL(smb_buf(outbuf),0) = 1; + SSVAL(smb_buf(outbuf),1,28*count); + } + + if (queue) free(queue); + + DEBUG(3,("%d entries returned in queue\n",count)); + } + + return(outsize); +} + + +/**************************************************************************** + reply to a printwrite +****************************************************************************/ +int reply_printwrite(char *inbuf,char *outbuf) +{ + int cnum,numtowrite,fnum; + int outsize = set_message(outbuf,0,0,True); + char *data; + + cnum = SVAL(inbuf,smb_tid); + + if (!CAN_PRINT(cnum)) + return(ERROR(ERRDOS,ERRnoaccess)); + + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_WRITE(fnum); + CHECK_ERROR(fnum); + + numtowrite = SVAL(smb_buf(inbuf),1); + data = smb_buf(inbuf) + 3; + + if (write_file(fnum,data,numtowrite) != numtowrite) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + DEBUG(3,("%s printwrite fnum=%d cnum=%d num=%d\n",timestring(),fnum,cnum,numtowrite)); + + return(outsize); +} + + +/**************************************************************************** + reply to a mkdir +****************************************************************************/ +int reply_mkdir(char *inbuf,char *outbuf) +{ + pstring directory; + int cnum; + int outsize,ret= -1; + + strcpy(directory,smb_buf(inbuf) + 1); + cnum = SVAL(inbuf,smb_tid); + unix_convert(directory,cnum); + + if (check_name(directory,cnum)) + ret = sys_mkdir(directory,unix_mode(cnum,aDIR)); + + if (ret < 0) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + outsize = set_message(outbuf,0,0,True); + + DEBUG(3,("%s mkdir %s cnum=%d ret=%d\n",timestring(),directory,cnum,ret)); + + return(outsize); +} + + +/**************************************************************************** + reply to a rmdir +****************************************************************************/ +int reply_rmdir(char *inbuf,char *outbuf) +{ + pstring directory; + int cnum; + int outsize = 0; + BOOL ok = False; + + cnum = SVAL(inbuf,smb_tid); + strcpy(directory,smb_buf(inbuf) + 1); + unix_convert(directory,cnum); + + if (check_name(directory,cnum)) + { + dptr_closepath(directory,SVAL(inbuf,smb_pid)); + ok = (sys_rmdir(directory) == 0); + if (!ok) + DEBUG(3,("couldn't remove directory %s : %s\n", + directory,strerror(errno))); + } + + if (!ok) + return(UNIXERROR(ERRDOS,ERRbadpath)); + + outsize = set_message(outbuf,0,0,True); + + DEBUG(3,("%s rmdir %s\n",timestring(),directory)); + + return(outsize); +} + + +/******************************************************************* +resolve wildcards in a filename rename +********************************************************************/ +static BOOL resolve_wildcards(char *name1,char *name2) +{ + fstring root1,root2; + fstring ext1,ext2; + char *p,*p2; + + name1 = strrchr(name1,'/'); + name2 = strrchr(name2,'/'); + + if (!name1 || !name2) return(False); + + strcpy(root1,name1); + strcpy(root2,name2); + p = strrchr(root1,'.'); + if (p) { + *p = 0; + strcpy(ext1,p+1); + } else { + strcpy(ext1,""); + } + p = strrchr(root2,'.'); + if (p) { + *p = 0; + strcpy(ext2,p+1); + } else { + strcpy(ext2,""); + } + + p = root1; + p2 = root2; + while (*p2) { + if (*p2 == '?') { + *p2 = *p; + p2++; + } else { + p2++; + } + if (*p) p++; + } + + p = ext1; + p2 = ext2; + while (*p2) { + if (*p2 == '?') { + *p2 = *p; + p2++; + } else { + p2++; + } + if (*p) p++; + } + + strcpy(name2,root2); + if (ext2[0]) { + strcat(name2,"."); + strcat(name2,ext2); + } + + return(True); +} + +/******************************************************************* +check if a user is allowed to rename a file +********************************************************************/ +static BOOL can_rename(char *fname,int cnum) +{ + struct stat sbuf; + + if (!CAN_WRITE(cnum)) return(False); + + if (sys_lstat(fname,&sbuf) != 0) return(False); + if (!check_file_sharing(cnum,fname)) return(False); + + return(True); +} + +/**************************************************************************** + reply to a mv +****************************************************************************/ +int reply_mv(char *inbuf,char *outbuf) +{ + int outsize = 0; + pstring name; + int cnum; + pstring directory; + pstring mask,newname; + char *p; + int count=0; + int error = ERRnoaccess; + BOOL has_wild; + BOOL exists=False; + + *directory = *mask = 0; + + cnum = SVAL(inbuf,smb_tid); + + strcpy(name,smb_buf(inbuf) + 1); + strcpy(newname,smb_buf(inbuf) + 3 + strlen(name)); + + DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); + + unix_convert(name,cnum); + unix_convert(newname,cnum); + + p = strrchr(name,'/'); + if (!p) { + strcpy(directory,"./"); + strcpy(mask,name); + } else { + *p = 0; + strcpy(directory,name); + strcpy(mask,p+1); + } + + if (is_mangled(mask)) + check_mangled_stack(mask); + + has_wild = strchr(mask,'*') || strchr(mask,'?'); + + if (!has_wild) { + strcat(directory,"/"); + strcat(directory,mask); + if (resolve_wildcards(directory,newname) && + can_rename(directory,cnum) && + !file_exist(newname,NULL) && + !sys_rename(directory,newname)) count++; + if (!count) exists = file_exist(directory,NULL); + if (!count && exists && file_exist(newname,NULL)) { + exists = True; + error = 183; + } + } else { + void *dirptr = NULL; + char *dname; + pstring destname; + + if (check_name(directory,cnum)) + dirptr = OpenDir(directory); + + if (dirptr) + { + error = ERRbadfile; + + if (strequal(mask,"????????.???")) + strcpy(mask,"*"); + + while ((dname = ReadDirName(dirptr))) + { + pstring fname; + strcpy(fname,dname); + + if(!mask_match(fname, mask, case_sensitive, False)) continue; + + error = ERRnoaccess; + sprintf(fname,"%s/%s",directory,dname); + if (!can_rename(fname,cnum)) continue; + strcpy(destname,newname); + + if (!resolve_wildcards(fname,destname)) continue; + + if (file_exist(destname,NULL)) { + error = 183; + continue; + } + if (!sys_rename(fname,destname)) count++; + DEBUG(3,("reply_mv : doing rename on %s -> %s\n",fname,destname)); + } + CloseDir(dirptr); + } + } + + if (count == 0) { + if (exists) + return(ERROR(ERRDOS,error)); + else + return(UNIXERROR(ERRDOS,error)); + } + + outsize = set_message(outbuf,0,0,True); + + return(outsize); +} + +/******************************************************************* + copy a file as part of a reply_copy + ******************************************************************/ +static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, + int count,BOOL target_is_directory) +{ + int Access,action; + struct stat st; + int ret=0; + int fnum1,fnum2; + pstring dest; + + strcpy(dest,dest1); + if (target_is_directory) { + char *p = strrchr(src,'/'); + if (p) + p++; + else + p = src; + strcat(dest,"/"); + strcat(dest,p); + } + + if (!file_exist(src,&st)) return(False); + + fnum1 = find_free_file(); + if (fnum1<0) return(False); + open_file_shared(fnum1,cnum,src,(DENY_NONE<<4), + 1,0,&Access,&action); + + if (!Files[fnum1].open) return(False); + + if (!target_is_directory && count) + ofun = 1; + + fnum2 = find_free_file(); + if (fnum2<0) { + close_file(fnum1); + return(False); + } + open_file_shared(fnum2,cnum,dest,(DENY_NONE<<4)|1, + ofun,st.st_mode,&Access,&action); + + if (!Files[fnum2].open) { + close_file(fnum1); + return(False); + } + + if ((ofun&3) == 1) { + lseek(Files[fnum2].fd,0,SEEK_END); + } + + if (st.st_size) + ret = transfer_file(Files[fnum1].fd,Files[fnum2].fd,st.st_size,NULL,0,0); + + close_file(fnum1); + close_file(fnum2); + + return(ret == st.st_size); +} + + + +/**************************************************************************** + reply to a file copy. + ****************************************************************************/ +int reply_copy(char *inbuf,char *outbuf) +{ + int outsize = 0; + pstring name; + int cnum; + pstring directory; + pstring mask,newname; + char *p; + int count=0; + int error = ERRnoaccess; + BOOL has_wild; + BOOL exists=False; + int tid2 = SVAL(inbuf,smb_vwv0); + int ofun = SVAL(inbuf,smb_vwv1); + int flags = SVAL(inbuf,smb_vwv2); + BOOL target_is_directory=False; + + *directory = *mask = 0; + + cnum = SVAL(inbuf,smb_tid); + + strcpy(name,smb_buf(inbuf)); + strcpy(newname,smb_buf(inbuf) + 1 + strlen(name)); + + DEBUG(3,("reply_copy : %s -> %s\n",name,newname)); + + if (tid2 != cnum) { + /* can't currently handle inter share copies XXXX */ + DEBUG(3,("Rejecting inter-share copy\n")); + return(ERROR(ERRSRV,ERRinvdevice)); + } + + unix_convert(name,cnum); + unix_convert(newname,cnum); + + target_is_directory = directory_exist(newname,NULL); + + if ((flags&1) && target_is_directory) { + return(ERROR(ERRDOS,ERRbadfile)); + } + + if ((flags&2) && !target_is_directory) { + return(ERROR(ERRDOS,ERRbadpath)); + } + + if ((flags&(1<<5)) && directory_exist(name,NULL)) { + /* wants a tree copy! XXXX */ + DEBUG(3,("Rejecting tree copy\n")); + return(ERROR(ERRSRV,ERRerror)); + } + + p = strrchr(name,'/'); + if (!p) { + strcpy(directory,"./"); + strcpy(mask,name); + } else { + *p = 0; + strcpy(directory,name); + strcpy(mask,p+1); + } + + if (is_mangled(mask)) + check_mangled_stack(mask); + + has_wild = strchr(mask,'*') || strchr(mask,'?'); + + if (!has_wild) { + strcat(directory,"/"); + strcat(directory,mask); + if (resolve_wildcards(directory,newname) && + copy_file(directory,newname,cnum,ofun, + count,target_is_directory)) count++; + if (!count) exists = file_exist(directory,NULL); + } else { + void *dirptr = NULL; + char *dname; + pstring destname; + + if (check_name(directory,cnum)) + dirptr = OpenDir(directory); + + if (dirptr) + { + error = ERRbadfile; + + if (strequal(mask,"????????.???")) + strcpy(mask,"*"); + + while ((dname = ReadDirName(dirptr))) + { + pstring fname; + strcpy(fname,dname); + + if(!mask_match(fname, mask, case_sensitive, False)) continue; + + error = ERRnoaccess; + sprintf(fname,"%s/%s",directory,dname); + strcpy(destname,newname); + if (resolve_wildcards(fname,destname) && + copy_file(directory,newname,cnum,ofun, + count,target_is_directory)) count++; + DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname)); + } + CloseDir(dirptr); + } + } + + if (count == 0) { + if (exists) + return(ERROR(ERRDOS,error)); + else + return(UNIXERROR(ERRDOS,error)); + } + + outsize = set_message(outbuf,1,0,True); + SSVAL(outbuf,smb_vwv0,count); + + return(outsize); +} + + + +/**************************************************************************** + reply to a setdir +****************************************************************************/ +int reply_setdir(char *inbuf,char *outbuf) +{ + int cnum,snum; + int outsize = 0; + BOOL ok = False; + pstring newdir; + + cnum = SVAL(inbuf,smb_tid); + + snum = Connections[cnum].service; + if (!CAN_SETDIR(snum)) + return(ERROR(ERRDOS,ERRnoaccess)); + + strcpy(newdir,smb_buf(inbuf) + 1); + strlower(newdir); + + if (strlen(newdir) == 0) + ok = True; + else + { + ok = directory_exist(newdir,NULL); + if (ok) + string_set(&Connections[cnum].connectpath,newdir); + } + + if (!ok) + return(ERROR(ERRDOS,ERRbadpath)); + + outsize = set_message(outbuf,0,0,True); + CVAL(outbuf,smb_reh) = CVAL(inbuf,smb_reh); + + DEBUG(3,("%s setdir %s cnum=%d\n",timestring(),newdir,cnum)); + + return(outsize); +} + + +/**************************************************************************** + reply to a lockingX request +****************************************************************************/ +int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) +{ + int smb_com2 = CVAL(inbuf,smb_vwv0); + int smb_off2 = SVAL(inbuf,smb_vwv1); + int fnum = GETFNUM(inbuf,smb_vwv2); + uint16 locktype = SVAL(inbuf,smb_vwv3); + uint16 num_ulocks = SVAL(inbuf,smb_vwv6); + uint16 num_locks = SVAL(inbuf,smb_vwv7); + uint32 count, offset; + + int cnum; + int i; + char *data; + uint32 ecode=0, dummy2; + int outsize, eclass=0, dummy1; + + cnum = SVAL(inbuf,smb_tid); + + CHECK_FNUM(fnum,cnum); + CHECK_ERROR(fnum); + + data = smb_buf(inbuf); + /* Data now points at the beginning of the list + of smb_unlkrng structs */ + for(i = 0; i < (int)num_ulocks; i++) { + count = IVAL(data,SMB_LKLEN_OFFSET(i)); + offset = IVAL(data,SMB_LKOFF_OFFSET(i)); + if(!do_unlock(fnum,cnum,count,offset,&eclass, &ecode)) + return ERROR(eclass,ecode); + } + + /* Now do any requested locks */ + data += 10*num_ulocks; + /* Data now points at the beginning of the list + of smb_lkrng structs */ + for(i = 0; i < (int)num_locks; i++) { + count = IVAL(data,SMB_LKLEN_OFFSET(i)); + offset = IVAL(data,SMB_LKOFF_OFFSET(i)); + if(!do_lock(fnum,cnum,count,offset, &eclass, &ecode)) + break; + } + + /* If any of the above locks failed, then we must unlock + all of the previous locks (X/Open spec). */ + if(i != num_locks && num_locks != 0) { + for(; i >= 0; i--) { + count = IVAL(data,SMB_LKLEN_OFFSET(i)); + offset = IVAL(data,SMB_LKOFF_OFFSET(i)); + do_unlock(fnum,cnum,count,offset,&dummy1,&dummy2); + } + return ERROR(eclass,ecode); + } + + outsize = set_message(outbuf,2,0,True); + + CVAL(outbuf,smb_vwv0) = smb_com2; + SSVAL(outbuf,smb_vwv1,(outsize+chain_size)-4); + + DEBUG(3,("%s lockingX fnum=%d cnum=%d type=%d num_locks=%d num_ulocks=%d\n", + timestring(),fnum,cnum,locktype,num_locks,num_ulocks)); + + chain_fnum = fnum; + + if (smb_com2 != 0xFF) + outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, + outbuf,outbuf+outsize, + length,bufsize); + + chain_fnum = -1; + + return(outsize); +} + + +/**************************************************************************** + reply to a SMBreadbmpx (read block multiplex) request +****************************************************************************/ +int reply_readbmpx(char *inbuf,char *outbuf,int length,int bufsize) +{ + int cnum,fnum; + int nread = -1; + int total_read; + char *data; + int32 startpos; + int outsize, mincount, maxcount; + int max_per_packet; + int tcount; + int pad; + + /* this function doesn't seem to work - disable by default */ + if (!lp_readbmpx()) + return(ERROR(ERRSRV,ERRuseSTD)); + + outsize = set_message(outbuf,8,0,True); + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_READ(fnum); + CHECK_ERROR(fnum); + + startpos = IVAL(inbuf,smb_vwv1); + maxcount = SVAL(inbuf,smb_vwv3); + mincount = SVAL(inbuf,smb_vwv4); + + data = smb_buf(outbuf); + pad = ((int)data)%4; + if (pad) pad = 4 - pad; + data += pad; + + max_per_packet = bufsize-(outsize+pad); + tcount = maxcount; + total_read = 0; + + if (is_locked(fnum,cnum,maxcount,startpos)) + return(ERROR(ERRDOS,ERRlock)); + + do + { + int N = MIN(max_per_packet,tcount-total_read); + + nread = read_file(fnum,data,startpos,N,N,-1,False); + + if (nread <= 0) nread = 0; + + if (nread < N) + tcount = total_read + nread; + + set_message(outbuf,8,nread,False); + SIVAL(outbuf,smb_vwv0,startpos); + SSVAL(outbuf,smb_vwv2,tcount); + SSVAL(outbuf,smb_vwv6,nread); + SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf)); + + send_smb(Client,outbuf); + + total_read += nread; + startpos += nread; + } + while (total_read < tcount); + + return(-1); +} + + +/**************************************************************************** + reply to a SMBwritebmpx (write block multiplex primary) request +****************************************************************************/ +int reply_writebmpx(char *inbuf,char *outbuf) +{ + int cnum,numtowrite,fnum; + int nwritten = -1; + int outsize = 0; + int32 startpos; + int tcount, write_through, smb_doff; + char *data; + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_WRITE(fnum); + CHECK_ERROR(fnum); + + tcount = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv3); + write_through = BITSETW(inbuf+smb_vwv7,0); + numtowrite = SVAL(inbuf,smb_vwv10); + smb_doff = SVAL(inbuf,smb_vwv11); + + data = smb_base(inbuf) + smb_doff; + + /* If this fails we need to send an SMBwriteC response, + not an SMBwritebmpx - set this up now so we don't forget */ + CVAL(outbuf,smb_com) = SMBwritec; + + if (is_locked(fnum,cnum,tcount,startpos)) + return(ERROR(ERRDOS,ERRlock)); + + seek_file(fnum,startpos); + nwritten = write_file(fnum,data,numtowrite); + + if(lp_syncalways(SNUM(cnum)) || write_through) + sync_file(fnum); + + if(nwritten < numtowrite) + return(UNIXERROR(ERRHRD,ERRdiskfull)); + + /* If the maximum to be written to this file + is greater than what we just wrote then set + up a secondary struct to be attached to this + fd, we will use this to cache error messages etc. */ + if(tcount > nwritten) + { + write_bmpx_struct *wbms; + if(Files[fnum].wbmpx_ptr != NULL) + wbms = Files[fnum].wbmpx_ptr; /* Use an existing struct */ + else + wbms = (write_bmpx_struct *)malloc(sizeof(write_bmpx_struct)); + if(!wbms) + { + DEBUG(0,("Out of memory in reply_readmpx\n")); + return(ERROR(ERRSRV,ERRnoresource)); + } + wbms->wr_mode = write_through; + wbms->wr_discard = False; /* No errors yet */ + wbms->wr_total_written = nwritten; + wbms->wr_errclass = 0; + wbms->wr_error = 0; + Files[fnum].wbmpx_ptr = wbms; + } + + /* We are returning successfully, set the message type back to + SMBwritebmpx */ + CVAL(outbuf,smb_com) = SMBwriteBmpx; + + outsize = set_message(outbuf,1,0,True); + + SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */ + + DEBUG(3,("%s writebmpx fnum=%d cnum=%d num=%d wrote=%d\n", + timestring(),fnum,cnum,numtowrite,nwritten)); + + if (write_through && tcount==nwritten) { + /* we need to send both a primary and a secondary response */ + smb_setlen(outbuf,outsize - 4); + send_smb(Client,outbuf); + + /* now the secondary */ + outsize = set_message(outbuf,1,0,True); + CVAL(outbuf,smb_com) = SMBwritec; + SSVAL(outbuf,smb_vwv0,nwritten); + } + + return(outsize); +} + + +/**************************************************************************** + reply to a SMBwritebs (write block multiplex secondary) request +****************************************************************************/ +int reply_writebs(char *inbuf,char *outbuf) +{ + int cnum,numtowrite,fnum; + int nwritten = -1; + int outsize = 0; + int32 startpos; + int tcount, write_through, smb_doff; + char *data; + write_bmpx_struct *wbms; + BOOL send_response = False; + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + CHECK_FNUM(fnum,cnum); + CHECK_WRITE(fnum); + + tcount = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv2); + numtowrite = SVAL(inbuf,smb_vwv6); + smb_doff = SVAL(inbuf,smb_vwv7); + + data = smb_base(inbuf) + smb_doff; + + /* We need to send an SMBwriteC response, not an SMBwritebs */ + CVAL(outbuf,smb_com) = SMBwritec; + + /* This fd should have an auxiliary struct attached, + check that it does */ + wbms = Files[fnum].wbmpx_ptr; + if(!wbms) return(-1); + + /* If write through is set we can return errors, else we must + cache them */ + write_through = wbms->wr_mode; + + /* Check for an earlier error */ + if(wbms->wr_discard) + return -1; /* Just discard the packet */ + + seek_file(fnum,startpos); + nwritten = write_file(fnum,data,numtowrite); + + if(lp_syncalways(SNUM(cnum)) || write_through) + sync_file(fnum); + + if (nwritten < numtowrite) + { + if(write_through) { + /* We are returning an error - we can delete the aux struct */ + if (wbms) free((char *)wbms); + Files[fnum].wbmpx_ptr = NULL; + return(ERROR(ERRHRD,ERRdiskfull)); + } + return(CACHE_ERROR(wbms,ERRHRD,ERRdiskfull)); + } + + /* Increment the total written, if this matches tcount + we can discard the auxiliary struct (hurrah !) and return a writeC */ + wbms->wr_total_written += nwritten; + if(wbms->wr_total_written >= tcount) + { + if (write_through) { + outsize = set_message(outbuf,1,0,True); + SSVAL(outbuf,smb_vwv0,wbms->wr_total_written); + send_response = True; + } + + free((char *)wbms); + Files[fnum].wbmpx_ptr = NULL; + } + + if(send_response) + return(outsize); + + return(-1); +} + + +/**************************************************************************** + reply to a SMBsetattrE +****************************************************************************/ +int reply_setattrE(char *inbuf,char *outbuf) +{ + int cnum,fnum; + struct utimbuf unix_times; + int outsize = 0; + + outsize = set_message(outbuf,0,0,True); + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_ERROR(fnum); + + /* Convert the DOS times into unix times. Ignore create + time as UNIX can't set this. + */ + unix_times.actime = make_unix_date2(inbuf+smb_vwv3); + unix_times.modtime = make_unix_date2(inbuf+smb_vwv5); + + /* Set the date on this file */ + if(sys_utime(Files[fnum].name, &unix_times)) + return(ERROR(ERRDOS,ERRnoaccess)); + + DEBUG(3,("%s reply_setattrE fnum=%d cnum=%d\n",timestring(),fnum,cnum)); + + return(outsize); +} + + +/**************************************************************************** + reply to a SMBgetattrE +****************************************************************************/ +int reply_getattrE(char *inbuf,char *outbuf) +{ + int cnum,fnum; + struct stat sbuf; + int outsize = 0; + int mode; + + outsize = set_message(outbuf,11,0,True); + + cnum = SVAL(inbuf,smb_tid); + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,cnum); + CHECK_ERROR(fnum); + + /* Do an fstat on this file */ + if(fstat(Files[fnum].fd, &sbuf)) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + mode = dos_mode(cnum,Files[fnum].name,&sbuf); + + /* Convert the times into dos times. Set create + date to be last modify date as UNIX doesn't save + this */ + put_dos_date2(outbuf,smb_vwv0,sbuf.st_mtime); + put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime); + put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime); + if (mode & aDIR) + { + SIVAL(outbuf,smb_vwv6,0); + SIVAL(outbuf,smb_vwv8,0); + } + else + { + SIVAL(outbuf,smb_vwv6,sbuf.st_size); + SIVAL(outbuf,smb_vwv8,ROUNDUP(sbuf.st_size,1024)); + } + SSVAL(outbuf,smb_vwv10, mode); + + DEBUG(3,("%s reply_getattrE fnum=%d cnum=%d\n",timestring(),fnum,cnum)); + + return(outsize); +} + + + + + -- cgit From d8cf90d37f751f0614609bdf67aab875533b97de Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 31 May 1996 06:09:42 +0000 Subject: comment out the code that tries to handle the NT bug where the 2nd passlen is wrong. The fix is worse than the problem :-) (This used to be commit 51e22c931078e0b612dbc9e20dc143c3aebf7eb5) --- source3/smbd/reply.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b7b51775bb..b5fa86a8d7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -334,11 +334,13 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) StrnCpy(smb_apasswd,p + passlen1,smb_apasslen); } } +#if NT_WORKAROUND if (passlen2 == 1) { /* apparently NT sometimes sets passlen2 to 1 when it means 0. This tries to work around that problem */ passlen2 = 0; } +#endif p += passlen1 + passlen2; strcpy(user,p); p = skip_string(p,1); DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", -- cgit From 58734631b4233ec08b7a262587e400792f31f185 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 31 May 1996 15:13:29 +0000 Subject: Lots of changes! - add faq info on NT printer handling - add "delete readonly" option to help rcs users - add stuff to man pages on new printer options - add "proxy name resolution" option - add "command string" -c option to smbclient (thanks Ken) - split time functions into time.c - rearrange the quotas stuff a bit and fix some bugs - complete rehash of the time handling code thanks to Paul Eggert - fix nmblookup output a bit - add plp print queue parsing from Bertrand Wallrich (This used to be commit 635b56f19c817527c52e9bbde31faa6a8a47777b) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b5fa86a8d7..68376baaf3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1181,7 +1181,9 @@ static BOOL can_delete(char *fname,int cnum,int dirtype) if (sys_lstat(fname,&sbuf) != 0) return(False); fmode = dos_mode(cnum,fname,&sbuf); if (fmode & aDIR) return(False); - if (fmode & aRONLY) return(False); + if (!lp_delete_readonly(SNUM(cnum))) { + if (fmode & aRONLY) return(False); + } if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) return(False); if (!check_file_sharing(cnum,fname)) return(False); -- cgit From a2c1623827406667a4f2f058c24f1d971f6627f8 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 4 Jun 1996 06:42:03 +0000 Subject: a huge pile of changes :-) The biggest thing is the integration of Lukes new nmbd. Its still largely untested, so we will really need some feedback I've also added auto prototype generation and cleaned up a lot of minor things as a result (This used to be commit 0d8dcfa13c527ec2c8aca39ba49c09e4e694b26c) --- source3/smbd/reply.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 68376baaf3..4472e120aa 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1928,11 +1928,11 @@ int reply_close(char *inbuf,char *outbuf) mtime = make_unix_date3(inbuf+smb_vwv1); - close_file(fnum); - /* try and set the date */ set_filetime(Files[fnum].name,mtime); + close_file(fnum); + /* We have a cached error */ if(eclass || err) return(ERROR(eclass,err)); @@ -1976,10 +1976,10 @@ int reply_writeclose(char *inbuf,char *outbuf) nwritten = write_file(fnum,data,numtowrite); - close_file(fnum); - set_filetime(Files[fnum].name,mtime); + close_file(fnum); + DEBUG(3,("%s writeclose fnum=%d cnum=%d num=%d wrote=%d (numopen=%d)\n", timestring(),fnum,cnum,numtowrite,nwritten, Connections[cnum].num_files_open)); -- cgit From 7e3b4a1c0df1434eb3d02f93c736ce065f9898d8 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 10 Jun 1996 04:38:24 +0000 Subject: got rid of a lot of redundent header files as we now globally generate prototypes automatically using "make proto". This is much less prone to error than the old method of manually adding prototypes (This used to be commit b551dc98f7cc194a5fc2e67a4ebae7fd67a01bbc) --- source3/smbd/reply.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4472e120aa..43703982ec 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -25,7 +25,6 @@ #include "includes.h" -#include "loadparm.h" #include "trans2.h" /* look in server.c for some explanation of these variables */ -- cgit From a521fe8a274c8a043cf77641dd4160fdef803533 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 10 Jun 1996 05:16:19 +0000 Subject: a cleanup of the receive_smb() usage, adding timeouts in some places also added paranoid code in the main process() loop of smbd to detect when smbd is looping uselessly. This should stop the "smbd is chewing lots of cpu" reports (This used to be commit 8e9dce34d50d673cb50531f0c4c7672ce2522cef) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 43703982ec..4cfa001ec2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1590,7 +1590,7 @@ int reply_writebraw(char *inbuf,char *outbuf) send_smb(Client,outbuf); /* Now read the raw data into the buffer and write it */ - if(read_smb_length(Client,inbuf,0) == -1) { + if (read_smb_length(Client,inbuf,SMB_SECONDARY_WAIT) == -1) { exit_server("secondary writebraw failed"); } -- cgit From 07fcf2df0349d5e1294c92de8d982b62d11175a4 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 3 Jul 1996 01:58:27 +0000 Subject: - moved the protocol defs in the client to keep sill C compilers happy - added change for cnum range in reply_tdis() (This used to be commit 609c3a5e1e3a8d9ba380a802ab3ecf6f47093846) --- source3/smbd/reply.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4cfa001ec2..13cc8efe5d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2062,6 +2062,11 @@ int reply_tdis(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); uid = SVAL(inbuf,smb_uid); + if (!OPEN_CNUM(cnum)) { + DEBUG(4,("Invalid cnum in tdis (%d)\n",cnum)); + return(ERROR(ERRSRV,ERRinvnid)); + } + Connections[cnum].used = False; close_cnum(cnum,uid); -- cgit From 2b4b7b4e1adbd2aac9aab89b28df82fc145a6d87 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 30 Jul 1996 15:47:30 +0000 Subject: fix a bug that we've had for a long time where we don't handle EOF properly from clients, and end up looping like mad. At least I _hope_ this is fixed. (This used to be commit a7c7d7afe2ef81f4a74584ce9b71e54442f7e484) --- source3/smbd/reply.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 13cc8efe5d..d463b305c9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1363,7 +1363,7 @@ int reply_readbraw(char *inbuf, char *outbuf) fname,startpos,nread,ret)); #else - ret = read_file(fnum,header+4,startpos,nread,nread,-1,False); + ret = read_file(fnum,header+4,startpos,nread); if (ret < mincount) ret = 0; _smb_setlen(header,ret); @@ -1405,7 +1405,7 @@ int reply_lockread(char *inbuf,char *outbuf) if(!do_lock( fnum, cnum, numtoread, startpos, &eclass, &ecode)) return (ERROR(eclass,ecode)); - nread = read_file(fnum,data,startpos,numtoread,numtoread,-1,False); + nread = read_file(fnum,data,startpos,numtoread); if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -1450,7 +1450,7 @@ int reply_read(char *inbuf,char *outbuf) return(ERROR(ERRDOS,ERRlock)); if (numtoread > 0) - nread = read_file(fnum,data,startpos,numtoread,numtoread,-1,False); + nread = read_file(fnum,data,startpos,numtoread); if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -1495,7 +1495,7 @@ int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (is_locked(fnum,cnum,smb_maxcnt,smb_offs)) return(ERROR(ERRDOS,ERRlock)); - nread = read_file(fnum,data,smb_offs,smb_maxcnt,smb_maxcnt,-1,False); + nread = read_file(fnum,data,smb_offs,smb_maxcnt); ok = True; if (nread < 0) @@ -2934,7 +2934,7 @@ int reply_readbmpx(char *inbuf,char *outbuf,int length,int bufsize) { int N = MIN(max_per_packet,tcount-total_read); - nread = read_file(fnum,data,startpos,N,N,-1,False); + nread = read_file(fnum,data,startpos,N); if (nread <= 0) nread = 0; -- cgit From 47673b32ed4a907b380b70d5f4f366ba8be301d2 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 15 Aug 1996 15:11:34 +0000 Subject: - added FAST_SHARE_MODES code - added some named pipe code from Jim (This used to be commit c94866e9e44ea1eb72da06bc65ef1c032ae8e0c9) --- source3/smbd/reply.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d463b305c9..a97c8c9c9c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -294,6 +294,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) BOOL valid_nt_password = False; pstring user; BOOL guest=False; + BOOL computer_id=False; *smb_apasswd = 0; @@ -349,6 +350,15 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) DEBUG(3,("sesssetupX:name=[%s]\n",user)); + /* If name ends in $ then I think it's asking about whether a */ + /* computer with that name (minus the $) has access. For now */ + /* say yes to everything ending in $. */ + if (user[strlen(user) - 1] == '$') { + computer_id = True; + user[strlen(user) - 1] = '\0'; + } + + if (!*user) strcpy(user,lp_guestaccount(-1)); @@ -380,7 +390,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) } if (!valid_nt_password && !guest && !password_ok(user,smb_apasswd,smb_apasslen,NULL,False)) { - if (lp_security() >= SEC_USER) { + if (!computer_id && lp_security() >= SEC_USER) { #if (GUEST_SESSSETUP == 0) return(ERROR(ERRSRV,ERRbadpw)); #endif @@ -444,7 +454,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) CVAL(outbuf,smb_vwv0) = smb_com2; SSVAL(outbuf,smb_vwv1,(chain_size+outsize)-4); - if (guest) + if (guest && !computer_id) SSVAL(outbuf,smb_vwv2,1); /* register the name and uid as being validated, so further connections @@ -980,6 +990,10 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) struct stat sbuf; int smb_action = 0; + /* If it's an IPC, pass off the pipe handler. */ + if (IS_IPC(cnum)) + return reply_open_pipe_and_X(inbuf,outbuf,length,bufsize); + /* XXXX we need to handle passed times, sattr and flags */ strcpy(fname,smb_buf(inbuf)); -- cgit From 28177ca73bdbe3f8fb17a608db3df1a39e0e37a4 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 17 Aug 1996 11:37:44 +0000 Subject: - added support for Amiga-unix (based on BSD I think) - changed the order of PROGS and SPROGS in Makefile (SPROGS first) - another 64 bit cleanup (for INADDR_NONE) - added paranoia code in DirCacheAdd() to detect looping - fixed important DirCache flush bug - rewrote the NetServerEnum code after I found it could return servers from multiple workgroups at once, and this could cause browsing havoc. Now a null workgroup query is equivalent to a query for the servers primary workgroup - got rid of my_workgroup() - got rid of "workgroup = *" comment in Makefile. We no longer support a workgroup of *, users must set the workgroup explicitly - the wins.dat file was being stored in a different format to what it was being loaded in - this could cause havoc. fixed. - uppercase our netbios name and the workgroup name at startup - if accept fails in main loop when running as a daemon then continue, don't just exit! - don't use ./ on smbclient in smbtar - better code to detect if a process exists (This used to be commit ec3d53963064b50ff33e8eff47812aac82f164ba) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a97c8c9c9c..3c2e91d5f5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -431,7 +431,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) p = smb_buf(outbuf); strcpy(p,"Unix"); p = skip_string(p,1); strcpy(p,"Samba "); strcat(p,VERSION); p = skip_string(p,1); - strcpy(p,my_workgroup()); p = skip_string(p,1); + strcpy(p,lp_workgroup()); p = skip_string(p,1); outsize = set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); /* perhaps grab OS version here?? */ } -- cgit From 0c33046a0aa0461a5e932dd7b0b6e38ab9708867 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 19 Aug 1996 11:17:29 +0000 Subject: - added "netbios name" option in smb.conf to make controlling the name that samba uses possible - added "socket address" option to allow virtual SMB servers (on systems with IP aliasing line Linux) - disabled FAST_SHARE_MODES by default in Linux as older Linux boxes can't do shared writeable mappings. We really need autoconf ... - added new option types in loadparm so a string type can be specified ot be uppercase only, this is used for the workgroup and netbios name options - auto-create the lock directory if it doesn't exist in shared mem startup - get rid of announce_backup() - change a few comments in nmbd code - rewrote the chaining code completely. Hopefully it will handle any depth chains now. - added LPRng support (This used to be commit e9eac6cd49c352349580ddb13d720cb201aecc48) --- source3/smbd/reply.c | 125 +++++++++------------------------------------------ 1 file changed, 20 insertions(+), 105 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3c2e91d5f5..a84a9af0c1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -30,7 +30,6 @@ /* look in server.c for some explanation of these variables */ extern int Protocol; extern int DEBUGLEVEL; -extern int chain_size; extern int maxxmit; extern int chain_fnum; extern char magic_char; @@ -178,11 +177,8 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) pstring password; pstring devicename; int connection_num; - int outsize = 0; int uid = SVAL(inbuf,smb_uid); int vuid; - int smb_com2 = SVAL(inbuf,smb_vwv0); - int smb_off2 = SVAL(inbuf,smb_vwv1); int passlen = SVAL(inbuf,smb_vwv3); *service = *user = *password = *devicename = 0; @@ -221,7 +217,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (connection_num < 0) return(connection_error(inbuf,outbuf,connection_num)); - outsize = set_message(outbuf,2,strlen(devicename)+1,True); + set_message(outbuf,2,strlen(devicename)+1,True); DEBUG(3,("%s tconX service=%s user=%s cnum=%d\n",timestring(),service,user,connection_num)); @@ -229,17 +225,9 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) SSVAL(inbuf,smb_tid,connection_num); SSVAL(outbuf,smb_tid,connection_num); - CVAL(outbuf,smb_vwv0) = smb_com2; - SSVAL(outbuf,smb_vwv1,(chain_size + outsize)-4); - strcpy(smb_buf(outbuf),devicename); - if (smb_com2 != 0xFF) - outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, - outbuf,outbuf+outsize, - length,bufsize); - - return(outsize); + return chain_reply(inbuf,outbuf,length,bufsize); } @@ -278,11 +266,8 @@ reply to a session setup command ****************************************************************************/ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) { - int outsize = 0; int sess_uid; int gid; - int smb_com2; - int smb_off2; int smb_bufsize; int smb_mpxmax; int smb_vc_num; @@ -299,8 +284,6 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) *smb_apasswd = 0; sess_uid = SVAL(inbuf,smb_uid); - smb_com2 = CVAL(inbuf,smb_vwv0); - smb_off2 = SVAL(inbuf,smb_vwv1); smb_bufsize = SVAL(inbuf,smb_vwv2); smb_mpxmax = SVAL(inbuf,smb_vwv3); smb_vc_num = SVAL(inbuf,smb_vwv4); @@ -424,15 +407,15 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* it's ok - setup a reply */ if (Protocol < PROTOCOL_NT1) { - outsize = set_message(outbuf,3,0,True); + set_message(outbuf,3,0,True); } else { char *p; - outsize = set_message(outbuf,3,3,True); + set_message(outbuf,3,3,True); p = smb_buf(outbuf); strcpy(p,"Unix"); p = skip_string(p,1); strcpy(p,"Samba "); strcat(p,VERSION); p = skip_string(p,1); strcpy(p,lp_workgroup()); p = skip_string(p,1); - outsize = set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); + set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); /* perhaps grab OS version here?? */ } @@ -451,9 +434,6 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) SSVAL(inbuf,smb_uid,(uint16)pw->pw_uid); } - CVAL(outbuf,smb_vwv0) = smb_com2; - SSVAL(outbuf,smb_vwv1,(chain_size+outsize)-4); - if (guest && !computer_id) SSVAL(outbuf,smb_vwv2,1); @@ -463,12 +443,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) maxxmit = MIN(maxxmit,smb_bufsize); - if (smb_com2 != 0xFF) - outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, - outbuf,outbuf+outsize, - length,bufsize); - - return(outsize); + return chain_reply(inbuf,outbuf,length,bufsize); } @@ -973,10 +948,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) pstring fname; int cnum = SVAL(inbuf,smb_tid); int fnum = -1; - int outsize = 0; int openmode = 0; - int smb_com2 = CVAL(inbuf,smb_vwv0); - int smb_off2 = SVAL(inbuf,smb_vwv1); int smb_mode = SVAL(inbuf,smb_vwv3); int smb_attr = SVAL(inbuf,smb_vwv5); #if 0 @@ -1033,9 +1005,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) return(ERROR(ERRDOS,ERRnoaccess)); } - outsize = set_message(outbuf,15,0,True); - CVAL(outbuf,smb_vwv0) = smb_com2; - SSVAL(outbuf,smb_vwv1,(chain_size+outsize)-4); + set_message(outbuf,15,0,True); SSVAL(outbuf,smb_vwv2,fnum); SSVAL(outbuf,smb_vwv3,fmode); put_dos_date3(outbuf,smb_vwv4,mtime); @@ -1045,14 +1015,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) chain_fnum = fnum; - if (smb_com2 != 0xFF) - outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, - outbuf,outbuf+outsize, - length,bufsize); - - chain_fnum = -1; - - return(outsize); + return chain_reply(inbuf,outbuf,length,bufsize); } @@ -1061,26 +1024,15 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) ****************************************************************************/ int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) { - int outsize = 0; - int smb_com2 = CVAL(inbuf,smb_vwv0); - int smb_off2 = SVAL(inbuf,smb_vwv1); int uid = SVAL(inbuf,smb_uid); invalidate_uid(uid); - outsize = set_message(outbuf,2,0,True); - CVAL(outbuf,smb_vwv0) = smb_com2; - SSVAL(outbuf,smb_vwv1,(chain_size+outsize)-4); + set_message(outbuf,2,0,True); DEBUG(3,("%s ulogoffX uid=%d\n",timestring(),uid)); - if (smb_com2 != 0xFF) - outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, - outbuf,outbuf+outsize, - length,bufsize); - - - return(outsize); + return chain_reply(inbuf,outbuf,length,bufsize); } @@ -1486,8 +1438,6 @@ int reply_read(char *inbuf,char *outbuf) ****************************************************************************/ int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) { - int smb_com2 = CVAL(inbuf,smb_vwv0); - int smb_off2 = SVAL(inbuf,smb_vwv1); int fnum = GETFNUM(inbuf,smb_vwv2); uint32 smb_offs = IVAL(inbuf,smb_vwv3); int smb_maxcnt = SVAL(inbuf,smb_vwv5); @@ -1495,7 +1445,6 @@ int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) int cnum; int nread = -1; char *data; - int outsize = 0; BOOL ok = False; cnum = SVAL(inbuf,smb_tid); @@ -1504,7 +1453,7 @@ int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) CHECK_READ(fnum); CHECK_ERROR(fnum); - outsize = set_message(outbuf,12,0,True); + set_message(outbuf,12,0,True); data = smb_buf(outbuf); if (is_locked(fnum,cnum,smb_maxcnt,smb_offs)) @@ -1515,27 +1464,17 @@ int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); - outsize += nread; - CVAL(outbuf,smb_vwv0) = smb_com2; - SSVAL(outbuf,smb_vwv1,(outsize+chain_size)-4); SSVAL(outbuf,smb_vwv5,nread); - SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf) + chain_size); + SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); SSVAL(smb_buf(outbuf),-2,nread); - DEBUG(3,("%s readX fnum=%d cnum=%d min=%d max=%d nread=%d com2=%d off2=%d\n", + DEBUG(3,("%s readX fnum=%d cnum=%d min=%d max=%d nread=%d\n", timestring(),fnum,cnum, - smb_mincnt,smb_maxcnt,nread,smb_com2,smb_off2)); + smb_mincnt,smb_maxcnt,nread)); chain_fnum = fnum; - if (smb_com2 != 0xFF) - outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, - outbuf,outbuf+outsize, - length,bufsize); - - chain_fnum = -1; - - return(outsize); + return chain_reply(inbuf,outbuf,length,bufsize); } @@ -1767,8 +1706,6 @@ int reply_write(char *inbuf,char *outbuf,int dum1,int dum2) ****************************************************************************/ int reply_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) { - int smb_com2 = CVAL(inbuf,smb_vwv0); - int smb_off2 = SVAL(inbuf,smb_vwv1); int fnum = GETFNUM(inbuf,smb_vwv2); uint32 smb_offs = IVAL(inbuf,smb_vwv3); int smb_dsize = SVAL(inbuf,smb_vwv10); @@ -1776,7 +1713,6 @@ int reply_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) BOOL write_through = BITSETW(inbuf+smb_vwv7,0); int cnum; int nwritten = -1; - int outsize = 0; char *data; cnum = SVAL(inbuf,smb_tid); @@ -1804,10 +1740,8 @@ int reply_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) if(((nwritten == 0) && (smb_dsize != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); - outsize = set_message(outbuf,6,0,True); + set_message(outbuf,6,0,True); - CVAL(outbuf,smb_vwv0) = smb_com2; - SSVAL(outbuf,smb_vwv1,(outsize+chain_size)-4); SSVAL(outbuf,smb_vwv2,nwritten); if (nwritten < smb_dsize) { @@ -1822,14 +1756,7 @@ int reply_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (lp_syncalways(SNUM(cnum)) || write_through) sync_file(fnum); - if (smb_com2 != 0xFF) - outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, - outbuf,outbuf+outsize, - length,bufsize); - - chain_fnum = -1; - - return(outsize); + return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2828,8 +2755,6 @@ int reply_setdir(char *inbuf,char *outbuf) ****************************************************************************/ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) { - int smb_com2 = CVAL(inbuf,smb_vwv0); - int smb_off2 = SVAL(inbuf,smb_vwv1); int fnum = GETFNUM(inbuf,smb_vwv2); uint16 locktype = SVAL(inbuf,smb_vwv3); uint16 num_ulocks = SVAL(inbuf,smb_vwv6); @@ -2840,7 +2765,7 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) int i; char *data; uint32 ecode=0, dummy2; - int outsize, eclass=0, dummy1; + int eclass=0, dummy1; cnum = SVAL(inbuf,smb_tid); @@ -2879,24 +2804,14 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) return ERROR(eclass,ecode); } - outsize = set_message(outbuf,2,0,True); - - CVAL(outbuf,smb_vwv0) = smb_com2; - SSVAL(outbuf,smb_vwv1,(outsize+chain_size)-4); + set_message(outbuf,2,0,True); DEBUG(3,("%s lockingX fnum=%d cnum=%d type=%d num_locks=%d num_ulocks=%d\n", timestring(),fnum,cnum,locktype,num_locks,num_ulocks)); chain_fnum = fnum; - if (smb_com2 != 0xFF) - outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4, - outbuf,outbuf+outsize, - length,bufsize); - - chain_fnum = -1; - - return(outsize); + return chain_reply(inbuf,outbuf,length,bufsize); } -- cgit From 748d65a4ac898708dc7d2fd6f2bdee41489fee86 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 20 Aug 1996 15:45:16 +0000 Subject: - fix a bug in NetServerEnum where counted and total were not counted correctly if there were multiple instances of a name. This led to the infamous "not enough memory" error when browsing (but this isn't the only cause of that message) - fix a triple-chaining bug which affected OpenX following a TconX - fix a serious nmbd bug that meant nmdb would answer packets that it wasn't supposed to, causing havoc with browse lists. - never time out SELF packets. This is an interim fix until I find out why nmbd thought they should be timed out. (This used to be commit 2960c3908c2c3b01a1f2b77def60350018d298e1) --- source3/smbd/reply.c | 45 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a84a9af0c1..7241aadac0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -130,6 +130,44 @@ static int connection_error(char *inbuf,char *outbuf,int connection_num) } + +/**************************************************************************** + parse a share descriptor string +****************************************************************************/ +static void parse_connect(char *p,char *service,char *user, + char *password,int *pwlen,char *dev) +{ + char *p2; + + DEBUG(4,("parsing connect string %s\n",p)); + + p2 = strrchr(p,'\\'); + if (p2 == NULL) + strcpy(service,p); + else + strcpy(service,p2+1); + + p += strlen(p) + 2; + + strcpy(password,p); + *pwlen = strlen(password); + + p += strlen(p) + 2; + + strcpy(dev,p); + + *user = 0; + p = strchr(service,'%'); + if (p != NULL) + { + *p = 0; + strcpy(user,p+1); + } +} + + + + /**************************************************************************** reply to a tcon ****************************************************************************/ @@ -149,7 +187,7 @@ int reply_tcon(char *inbuf,char *outbuf) vuid = valid_uid(uid); - parse_connect(inbuf,service,user,password,&pwlen,dev); + parse_connect(smb_buf(inbuf)+1,service,user,password,&pwlen,dev); connection_num = make_connection(service,user,password,pwlen,dev,vuid); @@ -1210,6 +1248,11 @@ int reply_unlink(char *inbuf,char *outbuf) if (check_name(directory,cnum)) dirptr = OpenDir(directory); + /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then + the pattern matches against the long name, otherwise the short name + We don't implement this yet XXXX + */ + if (dirptr) { error = ERRbadfile; -- cgit From 5a2f52b79e28530c454cb488a44588147640f061 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 2 Oct 1996 14:09:22 +0000 Subject: - a huge pile of changes from Luke which implement the browse.conf stuff and also fix a pile of nmbd bugs. Unfortunately I found it very hard to disentangle the new features from the bug fixes so I am putting in the new code. I hope this is the last big pile of changes to the 1.9.16 series! (This used to be commit 20b6203dac4bbb43e4e7bea0b214496d76d679d9) --- source3/smbd/reply.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7241aadac0..b99aef7528 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -37,6 +37,7 @@ extern connection_struct Connections[]; extern files_struct Files[]; extern BOOL case_sensitive; extern pstring sesssetup_user; +extern fstring local_machine; extern int Client; /* this macro should always be used to extract an fnum (smb_fid) from @@ -54,7 +55,6 @@ int reply_special(char *inbuf,char *outbuf) int msg_flags = CVAL(inbuf,1); pstring name1,name2; extern fstring remote_machine; - extern fstring local_machine; char *p; *name1 = *name2 = 0; @@ -319,6 +319,14 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) BOOL guest=False; BOOL computer_id=False; + char domain[17]; + + char *work_alias = conf_alias_to_workgroup(local_machine); /* look-up */ + + if (work_alias) + StrnCpy(domain, work_alias, 16); + else + StrnCpy(domain, lp_workgroup(), 16); *smb_apasswd = 0; sess_uid = SVAL(inbuf,smb_uid); @@ -404,12 +412,12 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) first. This is superior as the passwords are mixed case 128 length unicode */ if(smb_ntpasslen && !guest) { - if(!password_ok(user,smb_ntpasswd,smb_ntpasslen,NULL,True)) + if(!password_ok(user,smb_ntpasswd,smb_ntpasslen,NULL)) DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); else valid_nt_password = True; } - if (!valid_nt_password && !guest && !password_ok(user,smb_apasswd,smb_apasslen,NULL,False)) + if (!valid_nt_password && !guest && !password_ok(user,smb_apasswd,smb_apasslen,NULL)) { if (!computer_id && lp_security() >= SEC_USER) { #if (GUEST_SESSSETUP == 0) @@ -452,7 +460,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) p = smb_buf(outbuf); strcpy(p,"Unix"); p = skip_string(p,1); strcpy(p,"Samba "); strcat(p,VERSION); p = skip_string(p,1); - strcpy(p,lp_workgroup()); p = skip_string(p,1); + strcpy(p,domain); p = skip_string(p,1); set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); /* perhaps grab OS version here?? */ } -- cgit From afd08462ad5ff6b3c4bf621e39c55853a608175e Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 2 Oct 1996 15:41:30 +0000 Subject: backout all the changes to nmbd. The 1.9.16 tree is now back to 1.9.16p2 as far as nmbd is concerned apart from a small change that fixes the announce type in two places. (This used to be commit 45e66a69d320024877c8b13f12b21bf895e04410) --- source3/smbd/reply.c | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b99aef7528..b6c2313bf4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -37,7 +37,6 @@ extern connection_struct Connections[]; extern files_struct Files[]; extern BOOL case_sensitive; extern pstring sesssetup_user; -extern fstring local_machine; extern int Client; /* this macro should always be used to extract an fnum (smb_fid) from @@ -55,6 +54,7 @@ int reply_special(char *inbuf,char *outbuf) int msg_flags = CVAL(inbuf,1); pstring name1,name2; extern fstring remote_machine; + extern fstring local_machine; char *p; *name1 = *name2 = 0; @@ -319,14 +319,6 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) BOOL guest=False; BOOL computer_id=False; - char domain[17]; - - char *work_alias = conf_alias_to_workgroup(local_machine); /* look-up */ - - if (work_alias) - StrnCpy(domain, work_alias, 16); - else - StrnCpy(domain, lp_workgroup(), 16); *smb_apasswd = 0; sess_uid = SVAL(inbuf,smb_uid); @@ -460,7 +452,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) p = smb_buf(outbuf); strcpy(p,"Unix"); p = skip_string(p,1); strcpy(p,"Samba "); strcat(p,VERSION); p = skip_string(p,1); - strcpy(p,domain); p = skip_string(p,1); + strcpy(p,lp_workgroup()); p = skip_string(p,1); set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); /* perhaps grab OS version here?? */ } -- cgit From 986edc0146c97e5720733015dce8b413c51ba909 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 2 Oct 1996 16:16:16 +0000 Subject: - fix the EALREADY bug so connections to slow hosts with smbclient get through - add workarounds to handle the win95 and WinNT bugs in handling password lengths in sessionsetup (This used to be commit 671b3a3a770c824ae77fcb83dc551054a880edad) --- source3/smbd/reply.c | 41 +++++++++++++++++++++++------------------ 1 file changed, 23 insertions(+), 18 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b6c2313bf4..6cf1b031e8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -335,10 +335,8 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) uint16 passlen1 = SVAL(inbuf,smb_vwv7); uint16 passlen2 = SVAL(inbuf,smb_vwv8); BOOL doencrypt = SMBENCRYPT(); - char *p = smb_buf(inbuf); - if (passlen1 > 256) passlen1 = 0; - if (passlen2 > 256) passlen2 = 0; /* I don't know why NT gives weird - lengths sometimes */ + char *p = smb_buf(inbuf); + if(doencrypt) { /* Save the lanman2 password and the NT md4 password. */ smb_apasslen = passlen1; @@ -346,26 +344,33 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) smb_ntpasslen = passlen2; memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen); } else { - /* for Win95 */ - if (passlen1 > passlen2) { - smb_apasslen = passlen1; - StrnCpy(smb_apasswd,p,smb_apasslen); - } else { - smb_apasslen = passlen2; - StrnCpy(smb_apasswd,p + passlen1,smb_apasslen); + /* both Win95 and WinNT stuff up the password lengths for + non-encrypting systems. Uggh. + + if passlen1==24 its a win95 system, and its setting the + password length incorrectly. Luckily it still works with the + default code because Win95 will null terminate the password + anyway + + if passlen1>0 and passlen2>0 then its a NT box and its + setting passlen2 to some random value which really stuffs + things up. we need to fix that one. */ + if (passlen1 > 0 && passlen2 > 0) { + passlen2 = 0; } + /* we use the first password that they gave */ + smb_apasslen = passlen1; + StrnCpy(smb_apasswd,p,smb_apasslen); } -#if NT_WORKAROUND - if (passlen2 == 1) { - /* apparently NT sometimes sets passlen2 to 1 when it means 0. This - tries to work around that problem */ - passlen2 = 0; - } -#endif + p += passlen1 + passlen2; strcpy(user,p); p = skip_string(p,1); DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", p,skip_string(p,1),skip_string(p,2))); + + /* now work around the Win95 bug */ + if(!doencrypt && smb_apasslen==24) + smb_apasslen = strlen(smb_apasswd); } -- cgit From 38087ccb4071bfff29801026e2bf5c47565305b4 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 5 Oct 1996 02:54:37 +0000 Subject: - use workgroup from smb.conf in smbclient - change debug level on clitar stuff - define MAP_FILE if not defined - ensure we never set authoritative on queries in nmbd - fake a positive response to SMBioctl, apparently this is needed for some WfWg printer drivers - deny file access for non-fcbopen queries when (access_allowed == AREAD && flags == O_RDWR) - add sys_waitpid() (This used to be commit 61e3116e573637d6b5a878eeb8db72831e3c5bd1) --- source3/smbd/reply.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6cf1b031e8..63c0a7027e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -294,8 +294,13 @@ int reply_unknown(char *inbuf,char *outbuf) int reply_ioctl(char *inbuf,char *outbuf) { DEBUG(3,("ignoring ioctl\n")); - +#if 1 + /* we just say it succeeds and hope its all OK. + some day it would be nice to interpret them individually */ + return set_message(outbuf,1,0,True); +#else return(ERROR(ERRSRV,ERRnosupport)); +#endif } -- cgit From e5893bdfbef0ac16772199d7ec6fac7d3e4f8431 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 5 Oct 1996 10:41:13 +0000 Subject: I have fixed quite a few important bugs in this commit. Luke, can you take special note of the bug fixes to nmbd so you can propogate them to your new code. - rewrote the code that used to use fromhost(). We now call gethostbyaddr() only if necessary and a maximum of once per connection. Calling gethostbyaddr() causes problems on some systems so avoiding it if possible is a good thing :-) - added the "fake oplocks" option. See the docs in smb.conf(5) and Speed.txt - fixed a serious bug in nmbd where it would try a DNS lookup on FIND_SELF queries. This caused a lot of unnecessary (and incorrect) DNS lookups to happen. FIND_SELF queries should only go to the internal name tables. - don't set FIND_SELF for name queries if we are a wins proxy, as we are supposed to be answering queries for other hosts. - fixed a bug in nmbd which had "if (search | FIND_LOCAL)" instead of "if (search & FIND_LOCAL)". Luke, this was in nameservreply.c - the above 3 bugs together meant that DNS queries were being cached, but the cache wasn't being used, so every query was going to DNS, no wonder nmbd has been chewing so much CPU time! Another side effect was that queries on names in lmhosts weren't being answered for bcast queries with "wins proxy" set. - ignore the maxxmit for seconday session setups (see CIFS spec) - close user opened files in a uLogoffX for user level security (see CIFS spec) - added uid into the files struct to support the above change (This used to be commit ea472b7217b7693627a13a7b1e428a0a6a3d8755) --- source3/smbd/reply.c | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 63c0a7027e..7b8f4a502f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -323,6 +323,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) pstring user; BOOL guest=False; BOOL computer_id=False; + static BOOL done_sesssetup = False; *smb_apasswd = 0; @@ -489,7 +490,10 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) to a uid can get through without a password, on the same VC */ register_uid(SVAL(inbuf,smb_uid),gid,user,guest); - maxxmit = MIN(maxxmit,smb_bufsize); + if (!done_sesssetup) + maxxmit = MIN(maxxmit,smb_bufsize); + + done_sesssetup = True; return chain_reply(inbuf,outbuf,length,bufsize); } @@ -983,6 +987,10 @@ int reply_open(char *inbuf,char *outbuf) put_dos_date3(outbuf,smb_vwv2,mtime); SIVAL(outbuf,smb_vwv4,size); SSVAL(outbuf,smb_vwv6,rmode); + + if (lp_fake_oplocks(SNUM(cnum))) { + CVAL(outbuf,smb_flg) |= (CVAL(inbuf,smb_flg) & (1<<5)); + } return(outsize); } @@ -999,6 +1007,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) int openmode = 0; int smb_mode = SVAL(inbuf,smb_vwv3); int smb_attr = SVAL(inbuf,smb_vwv5); + BOOL oplock_request = BITSETW(inbuf+smb_vwv2,1); #if 0 int open_flags = SVAL(inbuf,smb_vwv2); int smb_sattr = SVAL(inbuf,smb_vwv4); @@ -1053,6 +1062,10 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) return(ERROR(ERRDOS,ERRnoaccess)); } + if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { + smb_action |= (1<<15); + } + set_message(outbuf,15,0,True); SSVAL(outbuf,smb_vwv2,fnum); SSVAL(outbuf,smb_vwv3,fmode); @@ -1076,6 +1089,16 @@ int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) invalidate_uid(uid); + /* in user level security we are supposed to close any files + open by this user */ + if (lp_security() != SEC_SHARE) { + int i; + for (i=0;i Date: Sat, 5 Oct 1996 13:13:31 +0000 Subject: - replace the base36 function with one that works on more systems (compiler bugs were the problem) - minor password cleanups (catch WfWG bug where it sets the password to a space instead of a NULL) - fix printing problem for kanji users - minor cleanups (This used to be commit 92566ecc315c29da6e9aaa67ddae33e64f5bcc67) --- source3/smbd/reply.c | 32 ++++++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7b8f4a502f..89b07f1b9e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -181,7 +181,7 @@ int reply_tcon(char *inbuf,char *outbuf) int outsize = 0; int uid = SVAL(inbuf,smb_uid); int vuid; - int pwlen; + int pwlen=0; *service = *user = *password = *dev = 0; @@ -218,6 +218,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) int uid = SVAL(inbuf,smb_uid); int vuid; int passlen = SVAL(inbuf,smb_vwv3); + BOOL doencrypt = SMBENCRYPT(); *service = *user = *password = *devicename = 0; @@ -231,8 +232,15 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) char *path; char *p; memcpy(password,smb_buf(inbuf),passlen); - password[passlen]=0; + password[passlen]=0; path = smb_buf(inbuf) + passlen; + + if (!doencrypt || passlen != 24) { + if (strequal(password," ")) + *password = 0; + passlen = strlen(password); + } + DEBUG(4,("parsing net-path %s, passlen=%d\n",path,passlen)); strcpy(service,path+2); p = strchr(service,'\\'); @@ -315,7 +323,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) int smb_mpxmax; int smb_vc_num; uint32 smb_sesskey; - int smb_apasslen; + int smb_apasslen = 0; pstring smb_apasswd; int smb_ntpasslen = 0; pstring smb_ntpasswd; @@ -343,6 +351,9 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) BOOL doencrypt = SMBENCRYPT(); char *p = smb_buf(inbuf); + if (passlen1 != 24 && passlen2 != 24) + doencrypt = False; + if(doencrypt) { /* Save the lanman2 password and the NT md4 password. */ smb_apasslen = passlen1; @@ -366,17 +377,22 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) } /* we use the first password that they gave */ smb_apasslen = passlen1; - StrnCpy(smb_apasswd,p,smb_apasslen); + StrnCpy(smb_apasswd,p,smb_apasslen); + + /* trim the password */ + smb_apasslen = strlen(smb_apasswd); + + /* wfwg sometimes uses a space instead of a null */ + if (strequal(smb_apasswd," ")) { + smb_apasslen = 0; + *smb_apasswd = 0; + } } p += passlen1 + passlen2; strcpy(user,p); p = skip_string(p,1); DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", p,skip_string(p,1),skip_string(p,2))); - - /* now work around the Win95 bug */ - if(!doencrypt && smb_apasslen==24) - smb_apasslen = strlen(smb_apasswd); } -- cgit From dfa2b456c743a643080d3a2eb0d9db62503141f5 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 7 Oct 1996 11:06:34 +0000 Subject: - continue when failing to load config file in nmblookup and smbclient - fix important bug in nmbd where it set the return code for a negative name response to 0 (which means success!) (This used to be commit bfa816cc8f30d9a629b4fe9f71bf0707aa6c4502) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 89b07f1b9e..48a0732617 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -302,7 +302,7 @@ int reply_unknown(char *inbuf,char *outbuf) int reply_ioctl(char *inbuf,char *outbuf) { DEBUG(3,("ignoring ioctl\n")); -#if 1 +#if 0 /* we just say it succeeds and hope its all OK. some day it would be nice to interpret them individually */ return set_message(outbuf,1,0,True); -- cgit From ec85f2e53d18a818440cf716ad6b6892594cae85 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 7 Oct 1996 15:04:48 +0000 Subject: - revert to old idle dir code (marty pointed out a problem with the new code) - handle server level security in the new "detect NT password length stuffups" code (This used to be commit 7c135d499409d4ddedb978f681559dae90ac4288) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 48a0732617..a37c1901be 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -372,7 +372,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if passlen1>0 and passlen2>0 then its a NT box and its setting passlen2 to some random value which really stuffs things up. we need to fix that one. */ - if (passlen1 > 0 && passlen2 > 0) { + if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24) { passlen2 = 0; } /* we use the first password that they gave */ -- cgit From 6dc1fe06c141ba7e32ee85caa3652f0b24896378 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 9 Oct 1996 15:08:29 +0000 Subject: - correctly handle non-encrypted share mode session-setup. We were losing the username due to the recent "handle broken password lengths" patch. (This used to be commit b006cd6f911c045488bcdab260b03fd98cb08145) --- source3/smbd/reply.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a37c1901be..3d125a1186 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -332,6 +332,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) BOOL guest=False; BOOL computer_id=False; static BOOL done_sesssetup = False; + BOOL doencrypt = SMBENCRYPT(); *smb_apasswd = 0; @@ -345,10 +346,12 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) smb_apasslen = SVAL(inbuf,smb_vwv7); memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); StrnCpy(user,smb_buf(inbuf)+smb_apasslen,sizeof(user)-1); + + if (lp_security() != SEC_SERVER && !doencrypt) + smb_apasslen = strlen(smb_apasswd); } else { uint16 passlen1 = SVAL(inbuf,smb_vwv7); uint16 passlen2 = SVAL(inbuf,smb_vwv8); - BOOL doencrypt = SMBENCRYPT(); char *p = smb_buf(inbuf); if (passlen1 != 24 && passlen2 != 24) @@ -369,10 +372,11 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) default code because Win95 will null terminate the password anyway - if passlen1>0 and passlen2>0 then its a NT box and its + if passlen1>0 and passlen2>0 then maybe its a NT box and its setting passlen2 to some random value which really stuffs things up. we need to fix that one. */ - if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24) { + if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24 && + passlen2 != 1) { passlen2 = 0; } /* we use the first password that they gave */ -- cgit From 2afda919632519da8ceaa39d114430638f3b6872 Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Fri, 25 Oct 1996 20:30:22 +0000 Subject: Modified all references to uid to vuid. jra@cygnus.com (This used to be commit a2b07e5562dda87b42d9447c0b29a7815bd3178d) --- source3/smbd/reply.c | 55 +++++++++++++++++++++++++++------------------------- 1 file changed, 29 insertions(+), 26 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3d125a1186..4ba438f190 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -179,14 +179,11 @@ int reply_tcon(char *inbuf,char *outbuf) pstring dev; int connection_num; int outsize = 0; - int uid = SVAL(inbuf,smb_uid); - int vuid; + uint16 vuid = SVAL(inbuf,smb_uid); int pwlen=0; *service = *user = *password = *dev = 0; - vuid = valid_uid(uid); - parse_connect(smb_buf(inbuf)+1,service,user,password,&pwlen,dev); connection_num = make_connection(service,user,password,pwlen,dev,vuid); @@ -215,8 +212,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) pstring password; pstring devicename; int connection_num; - int uid = SVAL(inbuf,smb_uid); - int vuid; + uint16 vuid = SVAL(inbuf,smb_uid); int passlen = SVAL(inbuf,smb_vwv3); BOOL doencrypt = SMBENCRYPT(); @@ -224,9 +220,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* we might have to close an old one */ if ((SVAL(inbuf,smb_vwv2) & 0x1) != 0) - close_cnum(SVAL(inbuf,smb_tid),uid); - - vuid = valid_uid(uid); + close_cnum(SVAL(inbuf,smb_tid),vuid); { char *path; @@ -317,8 +311,9 @@ reply to a session setup command ****************************************************************************/ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) { - int sess_uid; + uint16 sess_vuid; int gid; + int uid; int smb_bufsize; int smb_mpxmax; int smb_vc_num; @@ -336,7 +331,6 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) *smb_apasswd = 0; - sess_uid = SVAL(inbuf,smb_uid); smb_bufsize = SVAL(inbuf,smb_vwv2); smb_mpxmax = SVAL(inbuf,smb_vwv3); smb_vc_num = SVAL(inbuf,smb_vwv4); @@ -499,8 +493,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) return(ERROR(ERRSRV,ERRbadpw)); } gid = pw->pw_gid; - SSVAL(outbuf,smb_uid,(uint16)pw->pw_uid); - SSVAL(inbuf,smb_uid,(uint16)pw->pw_uid); + uid = pw->pw_uid; } if (guest && !computer_id) @@ -508,8 +501,11 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - register_uid(SVAL(inbuf,smb_uid),gid,user,guest); + sess_vuid = register_vuid(uid,gid,user,guest); + SSVAL(outbuf,smb_uid,sess_vuid); + SSVAL(inbuf,smb_uid,sess_vuid); + if (!done_sesssetup) maxxmit = MIN(maxxmit,smb_bufsize); @@ -1105,23 +1101,28 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) ****************************************************************************/ int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) { - int uid = SVAL(inbuf,smb_uid); + uint16 vuid = SVAL(inbuf,smb_uid); + user_struct *vuser = get_valid_user_struct(vuid); - invalidate_uid(uid); + if(vuser == 0) { + DEBUG(3,("ulogoff, vuser id %d does not map to user.\n", vuid)); + } /* in user level security we are supposed to close any files open by this user */ - if (lp_security() != SEC_SHARE) { + if ((vuser != 0) && (lp_security() != SEC_SHARE)) { int i; for (i=0;iuid && Files[i].open) { close_file(i); } } + invalidate_vuid(vuid); + set_message(outbuf,2,0,True); - DEBUG(3,("%s ulogoffX uid=%d\n",timestring(),uid)); + DEBUG(3,("%s ulogoffX vuid=%d\n",timestring(),vuid)); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2101,11 +2102,12 @@ int reply_unlock(char *inbuf,char *outbuf) ****************************************************************************/ int reply_tdis(char *inbuf,char *outbuf) { - int cnum, uid; + int cnum; int outsize = set_message(outbuf,0,0,True); - + uint16 vuid; + cnum = SVAL(inbuf,smb_tid); - uid = SVAL(inbuf,smb_uid); + vuid = SVAL(inbuf,smb_uid); if (!OPEN_CNUM(cnum)) { DEBUG(4,("Invalid cnum in tdis (%d)\n",cnum)); @@ -2114,7 +2116,7 @@ int reply_tdis(char *inbuf,char *outbuf) Connections[cnum].used = False; - close_cnum(cnum,uid); + close_cnum(cnum,vuid); DEBUG(3,("%s tdis cnum=%d\n",timestring(),cnum)); @@ -2259,13 +2261,14 @@ int reply_printclose(char *inbuf,char *outbuf) ****************************************************************************/ int reply_printqueue(char *inbuf,char *outbuf) { - int cnum, uid; + int cnum; int outsize = set_message(outbuf,2,3,True); int max_count = SVAL(inbuf,smb_vwv0); int start_index = SVAL(inbuf,smb_vwv1); + uint16 vuid; cnum = SVAL(inbuf,smb_tid); - uid = SVAL(inbuf,smb_uid); + vuid = SVAL(inbuf,smb_uid); /* allow checking the queue for anyone */ #if 0 @@ -2301,7 +2304,7 @@ int reply_printqueue(char *inbuf,char *outbuf) DEBUG(5,("connection not open or not a printer, using cnum %d\n",cnum)); } - if (!become_user(cnum,uid)) + if (!become_user(cnum,vuid)) return(ERROR(ERRSRV,ERRinvnid)); { -- cgit From 8bc7d6bebd4fcf8c95cb6d58da14404a5e46de91 Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Thu, 9 Jan 1997 18:02:17 +0000 Subject: Makefile: Changes to split Solaris into Solaris2.3 and previous, and 2.4 and after from Paul Eggert. Makefile: Added AMIGA changes from Rask Ingemann Lambertsen . charset.c: Patch for Western European Languages from Josef Hinteregger charset.h: Patch for Western European Languages from Josef Hinteregger clitar.c: Patch to re-sync after read fail from (lost contributor name, sorry). includes.h: Patch for AMIGA from Rask Ingemann Lambertsen includes.h: Patch for SunOS atexit by Jeremy (jra@cygnus.com) interface.c: Patch for AMIGA from Rask Ingemann Lambertsen kanji.h: Patch for Western European Languages from Josef Hinteregger locking.c: Patch to fix file locking from Jeremy (jra@cygnus.com) locking.c: Patch to add granularity of lock files to usec by Jeremy (jra@cygnus.com) pipes.c: Patch to fix file locking from Jeremy (jra@cygnus.com) proto.h: Patch to fix file locking from Jeremy (jra@cygnus.com) reply.c: Patch to fix file locking from Jeremy (jra@cygnus.com) server.c: Patch to fix file locking from Jeremy (jra@cygnus.com) server.c: Patch for FAST_SHARE_MODE fix from (lost contributor name, sorry). smb.h: Patch to fix file locking from Jeremy (jra@cygnus.com) smb.h: Patch to add granularity of lock files to usec by Jeremy (jra@cygnus.com) status.c: Patch to fix file locking from Jeremy (jra@cygnus.com) statuc.c: Patch to add granularity of lock files to usec by Jeremy (jra@cygnus.com) system.c: Patch for Western European Languages from Josef Hinteregger trans2.c: Patch to fix file locking from Jeremy (jra@cygnus.com) trans2.c: Patch to fix volume name reported to Win95 from Jeremy (jra@cygnus.com) util.c: Patch for Western European Languages from Josef Hinteregger util.c: Patch to fix client_name from continuously returning UNKNOWN (from various contributors). version.h: Update to 1.9.16p10. (This used to be commit 03d28fa32eb094affa33133ebe2602fdb70f6361) --- source3/smbd/reply.c | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4ba438f190..812618b2c7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -982,7 +982,7 @@ int reply_open(char *inbuf,char *outbuf) if (!Files[fnum].open) return(UNIXERROR(ERRDOS,ERRnoaccess)); - if (fstat(Files[fnum].fd,&sbuf) != 0) { + if (fstat(Files[fnum].fd_ptr->fd,&sbuf) != 0) { close_file(fnum); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1065,7 +1065,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (!Files[fnum].open) return(UNIXERROR(ERRDOS,ERRnoaccess)); - if (fstat(Files[fnum].fd,&sbuf) != 0) { + if (fstat(Files[fnum].fd_ptr->fd,&sbuf) != 0) { close_file(fnum); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1164,7 +1164,7 @@ int reply_mknew(char *inbuf,char *outbuf) if (!check_name(fname,cnum)) return(UNIXERROR(ERRDOS,ERRnoaccess)); - open_file(fnum,cnum,fname,O_RDWR | O_CREAT | O_TRUNC,unixmode); + open_file(fnum,cnum,fname,O_RDWR | O_CREAT | O_TRUNC,unixmode, 0); if (!Files[fnum].open) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -1177,7 +1177,7 @@ int reply_mknew(char *inbuf,char *outbuf) } DEBUG(2,("new file %s\n",fname)); - DEBUG(3,("%s mknew %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n",timestring(),fname,Files[fnum].fd,fnum,cnum,createmode,unixmode)); + DEBUG(3,("%s mknew %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n",timestring(),fname,Files[fnum].fd_ptr->fd,fnum,cnum,createmode,unixmode)); return(outsize); } @@ -1212,7 +1212,7 @@ int reply_ctemp(char *inbuf,char *outbuf) strcpy(fname2,(char *)mktemp(fname)); - open_file(fnum,cnum,fname2,O_RDWR | O_CREAT | O_TRUNC,unixmode); + open_file(fnum,cnum,fname2,O_RDWR | O_CREAT | O_TRUNC,unixmode, 0); if (!Files[fnum].open) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -1227,7 +1227,7 @@ int reply_ctemp(char *inbuf,char *outbuf) } DEBUG(2,("created temp file %s\n",fname2)); - DEBUG(3,("%s ctemp %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n",timestring(),fname2,Files[fnum].fd,fnum,cnum,createmode,unixmode)); + DEBUG(3,("%s ctemp %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n",timestring(),fname2,Files[fnum].fd_ptr->fd,fnum,cnum,createmode,unixmode)); return(outsize); } @@ -1385,7 +1385,7 @@ int reply_readbraw(char *inbuf, char *outbuf) } else { - fd = Files[fnum].fd; + fd = Files[fnum].fd_ptr->fd; fname = Files[fnum].name; } @@ -1397,7 +1397,7 @@ int reply_readbraw(char *inbuf, char *outbuf) if (size < sizeneeded) { struct stat st; - if (fstat(Files[fnum].fd,&st) == 0) + if (fstat(Files[fnum].fd_ptr->fd,&st) == 0) size = st.st_size; if (!Files[fnum].can_write) Files[fnum].size = size; @@ -1661,7 +1661,7 @@ int reply_writebraw(char *inbuf,char *outbuf) tcount,nwritten,numtowrite)); } - nwritten = transfer_file(Client,Files[fnum].fd,numtowrite,NULL,0, + nwritten = transfer_file(Client,Files[fnum].fd_ptr->fd,numtowrite,NULL,0, startpos+nwritten); total_written += nwritten; @@ -1781,7 +1781,7 @@ int reply_write(char *inbuf,char *outbuf,int dum1,int dum2) zero then the file size should be extended or truncated to the size given in smb_vwv[2-3] */ if(numtowrite == 0) - nwritten = set_filelen(Files[fnum].fd, startpos); + nwritten = set_filelen(Files[fnum].fd_ptr->fd, startpos); else nwritten = write_file(fnum,data,numtowrite); @@ -1894,7 +1894,7 @@ int reply_lseek(char *inbuf,char *outbuf) umode = SEEK_SET; break; } - res = lseek(Files[fnum].fd,startpos,umode); + res = lseek(Files[fnum].fd_ptr->fd,startpos,umode); Files[fnum].pos = res; outsize = set_message(outbuf,2,0,True); @@ -1983,7 +1983,7 @@ int reply_close(char *inbuf,char *outbuf) return(ERROR(eclass,err)); DEBUG(3,("%s close fd=%d fnum=%d cnum=%d (numopen=%d)\n", - timestring(),Files[fnum].fd,fnum,cnum, + timestring(),Files[fnum].fd_ptr->fd,fnum,cnum, Connections[cnum].num_files_open)); return(outsize); @@ -2059,7 +2059,7 @@ int reply_lock(char *inbuf,char *outbuf) count = IVAL(inbuf,smb_vwv1); offset = IVAL(inbuf,smb_vwv3); - DEBUG(3,("%s lock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n",timestring(),Files[fnum].fd,fnum,cnum,offset,count)); + DEBUG(3,("%s lock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n",timestring(),Files[fnum].fd_ptr->fd,fnum,cnum,offset,count)); if(!do_lock( fnum, cnum, count, offset, &eclass, &ecode)) return (ERROR(eclass,ecode)); @@ -2091,7 +2091,7 @@ int reply_unlock(char *inbuf,char *outbuf) if(!do_unlock(fnum, cnum, count, offset, &eclass, &ecode)) return (ERROR(eclass,ecode)); - DEBUG(3,("%s unlock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n",timestring(),Files[fnum].fd,fnum,cnum,offset,count)); + DEBUG(3,("%s unlock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n",timestring(),Files[fnum].fd_ptr->fd,fnum,cnum,offset,count)); return(outsize); } @@ -2214,7 +2214,7 @@ int reply_printopen(char *inbuf,char *outbuf) return(ERROR(ERRDOS,ERRnoaccess)); open_file(fnum,cnum,fname2,O_WRONLY | O_CREAT | O_TRUNC, - unix_mode(cnum,0)); + unix_mode(cnum,0), 0); if (!Files[fnum].open) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2225,7 +2225,7 @@ int reply_printopen(char *inbuf,char *outbuf) outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fnum); - DEBUG(3,("%s openprint %s fd=%d fnum=%d cnum=%d\n",timestring(),fname2,Files[fnum].fd,fnum,cnum)); + DEBUG(3,("%s openprint %s fd=%d fnum=%d cnum=%d\n",timestring(),fname2,Files[fnum].fd_ptr->fd,fnum,cnum)); return(outsize); } @@ -2250,7 +2250,7 @@ int reply_printclose(char *inbuf,char *outbuf) close_file(fnum); - DEBUG(3,("%s printclose fd=%d fnum=%d cnum=%d\n",timestring(),Files[fnum].fd,fnum,cnum)); + DEBUG(3,("%s printclose fd=%d fnum=%d cnum=%d\n",timestring(),Files[fnum].fd_ptr->fd,fnum,cnum)); return(outsize); } @@ -2678,11 +2678,11 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, } if ((ofun&3) == 1) { - lseek(Files[fnum2].fd,0,SEEK_END); + lseek(Files[fnum2].fd_ptr->fd,0,SEEK_END); } if (st.st_size) - ret = transfer_file(Files[fnum1].fd,Files[fnum2].fd,st.st_size,NULL,0,0); + ret = transfer_file(Files[fnum1].fd_ptr->fd,Files[fnum2].fd_ptr->fd,st.st_size,NULL,0,0); close_file(fnum1); close_file(fnum2); @@ -3220,7 +3220,7 @@ int reply_getattrE(char *inbuf,char *outbuf) CHECK_ERROR(fnum); /* Do an fstat on this file */ - if(fstat(Files[fnum].fd, &sbuf)) + if(fstat(Files[fnum].fd_ptr->fd, &sbuf)) return(UNIXERROR(ERRDOS,ERRnoaccess)); mode = dos_mode(cnum,Files[fnum].name,&sbuf); -- cgit From 586c6276ec78c9ee276e3d01ba017db14c30e0ce Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Mon, 13 Jan 1997 19:41:08 +0000 Subject: Added an extra parameter for unix_convert. If present this is the last component of the modified pathname before modification. This is needed due to an exceptional condition in reply_mv when the filesystem is case preserving, but not case sensitive and the user wants to change the case of a filename. Code for this is also added to reply.c Jeremy (jra@cygnus.com). (This used to be commit cdafa35f9dba6eb0073700e3a214348c432a3e84) --- source3/smbd/reply.c | 73 +++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 58 insertions(+), 15 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 812618b2c7..3698787ba4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -36,6 +36,7 @@ extern char magic_char; extern connection_struct Connections[]; extern files_struct Files[]; extern BOOL case_sensitive; +extern BOOL case_preserve; extern pstring sesssetup_user; extern int Client; @@ -528,7 +529,7 @@ int reply_chkpth(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); strcpy(name,smb_buf(inbuf) + 1); - unix_convert(name,cnum); + unix_convert(name,cnum,0); mode = SVAL(inbuf,smb_vwv0); @@ -563,7 +564,7 @@ int reply_getatr(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); strcpy(fname,smb_buf(inbuf) + 1); - unix_convert(fname,cnum); + unix_convert(fname,cnum,0); /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ @@ -629,7 +630,7 @@ int reply_setatr(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); strcpy(fname,smb_buf(inbuf) + 1); - unix_convert(fname,cnum); + unix_convert(fname,cnum,0); mode = SVAL(inbuf,smb_vwv0); mtime = make_unix_date3(inbuf+smb_vwv1); @@ -732,7 +733,7 @@ int reply_search(char *inbuf,char *outbuf) strcpy(directory,smb_buf(inbuf)+1); strcpy(dir2,smb_buf(inbuf)+1); - unix_convert(directory,cnum); + unix_convert(directory,cnum,0); unix_format(dir2); if (!check_name(directory,cnum)) @@ -966,7 +967,7 @@ int reply_open(char *inbuf,char *outbuf) share_mode = SVAL(inbuf,smb_vwv0); strcpy(fname,smb_buf(inbuf)+1); - unix_convert(fname,cnum); + unix_convert(fname,cnum,0); fnum = find_free_file(); if (fnum < 0) @@ -1042,7 +1043,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* XXXX we need to handle passed times, sattr and flags */ strcpy(fname,smb_buf(inbuf)); - unix_convert(fname,cnum); + unix_convert(fname,cnum,0); /* now add create and trunc bits */ if (smb_ofun & 0x10) @@ -1145,7 +1146,7 @@ int reply_mknew(char *inbuf,char *outbuf) createmode = SVAL(inbuf,smb_vwv0); strcpy(fname,smb_buf(inbuf)+1); - unix_convert(fname,cnum); + unix_convert(fname,cnum,0); if (createmode & aVOLID) { @@ -1199,7 +1200,7 @@ int reply_ctemp(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); createmode = SVAL(inbuf,smb_vwv0); sprintf(fname,"%s/TMXXXXXX",smb_buf(inbuf)+1); - unix_convert(fname,cnum); + unix_convert(fname,cnum,0); unixmode = unix_mode(cnum,createmode); @@ -1281,7 +1282,7 @@ int reply_unlink(char *inbuf,char *outbuf) DEBUG(3,("reply_unlink : %s\n",name)); - unix_convert(name,cnum); + unix_convert(name,cnum,0); p = strrchr(name,'/'); if (!p) { @@ -2393,7 +2394,7 @@ int reply_mkdir(char *inbuf,char *outbuf) strcpy(directory,smb_buf(inbuf) + 1); cnum = SVAL(inbuf,smb_tid); - unix_convert(directory,cnum); + unix_convert(directory,cnum,0); if (check_name(directory,cnum)) ret = sys_mkdir(directory,unix_mode(cnum,aDIR)); @@ -2421,7 +2422,7 @@ int reply_rmdir(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); strcpy(directory,smb_buf(inbuf) + 1); - unix_convert(directory,cnum); + unix_convert(directory,cnum,0); if (check_name(directory,cnum)) { @@ -2532,6 +2533,7 @@ int reply_mv(char *inbuf,char *outbuf) int cnum; pstring directory; pstring mask,newname; + pstring newname_last_component; char *p; int count=0; int error = ERRnoaccess; @@ -2547,8 +2549,8 @@ int reply_mv(char *inbuf,char *outbuf) DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - unix_convert(name,cnum); - unix_convert(newname,cnum); + unix_convert(name,cnum,0); + unix_convert(newname,cnum,newname_last_component); p = strrchr(name,'/'); if (!p) { @@ -2558,6 +2560,7 @@ int reply_mv(char *inbuf,char *outbuf) *p = 0; strcpy(directory,name); strcpy(mask,p+1); + *p = '/'; /* Replace needed for exceptional test below. */ } if (is_mangled(mask)) @@ -2568,10 +2571,50 @@ int reply_mv(char *inbuf,char *outbuf) if (!has_wild) { strcat(directory,"/"); strcat(directory,mask); + + DEBUG(3,("reply_mv : case_sensitive = %d, case_preserve = %d, name = %s, newname = %s, newname_last_component = %s\n", case_sensitive, case_preserve, name, newname, newname_last_component)); + + /* + * Check for special case with case preserving and not + * case sensitive, if name and newname are identical, + * and the old last component differs from the original + * last component only by case, then we should allow + * the rename (user is trying to change the case of the + * filename). + */ + if((case_sensitive == False) && (case_preserve == True) && + strcsequal(name, newname)) { + pstring newname_modified_last_component; + + /* + * Get the last component of the modified name. + */ + p = strrchr(newname,'/'); + if (!p) + strcpy(newname_modified_last_component,name); + else + strcpy(newname_modified_last_component,p+1); + + if(strcsequal(newname_modified_last_component, + newname_last_component) == False) { + /* + * Replace the modified last component with + * the original. + */ + if(p) + strcpy(p+1, newname_last_component); + else + strcpy(newname, newname_last_component); + } + } + if (resolve_wildcards(directory,newname) && can_rename(directory,cnum) && !file_exist(newname,NULL) && !sys_rename(directory,newname)) count++; + + DEBUG(3,("reply_mv : doing rename on %s -> %s\n",directory,newname)); + if (!count) exists = file_exist(directory,NULL); if (!count && exists && file_exist(newname,NULL)) { exists = True; @@ -2727,8 +2770,8 @@ int reply_copy(char *inbuf,char *outbuf) return(ERROR(ERRSRV,ERRinvdevice)); } - unix_convert(name,cnum); - unix_convert(newname,cnum); + unix_convert(name,cnum,0); + unix_convert(newname,cnum,0); target_is_directory = directory_exist(newname,NULL); -- cgit From 8bd0dbb1af535466018b7ae3e4f7f042d493e145 Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Tue, 11 Feb 1997 22:53:29 +0000 Subject: Replaced YOST code with more functionally equivalent code that changes a bit less. Also added fix to tricky reply_mv case. jra@cygnus.com (This used to be commit f22ac13b1423186d463c9fc5b3588a3dcbd7bc1c) --- source3/smbd/reply.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3698787ba4..46c385b85e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -37,6 +37,7 @@ extern connection_struct Connections[]; extern files_struct Files[]; extern BOOL case_sensitive; extern BOOL case_preserve; +extern BOOL short_case_preserve; extern pstring sesssetup_user; extern int Client; @@ -605,7 +606,7 @@ int reply_getatr(char *inbuf,char *outbuf) char *p = strrchr(fname,'/'); uint16 flg2 = SVAL(outbuf,smb_flg2); if (!p) p = fname; - if (!is_8_3(fname)) + if (!is_8_3(fname, True)) SSVAL(outbuf,smb_flg2,flg2 | 0x40); /* IS_LONG_NAME */ } @@ -2582,7 +2583,8 @@ int reply_mv(char *inbuf,char *outbuf) * the rename (user is trying to change the case of the * filename). */ - if((case_sensitive == False) && (case_preserve == True) && + if((case_sensitive == False) && ((case_preserve == True) || + ((short_case_preserve == True) && is_8_3(name, True))) && strcsequal(name, newname)) { pstring newname_modified_last_component; -- cgit From e9a4f896bda4e102630522024a371ad0eb10a6a7 Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Tue, 18 Feb 1997 17:20:14 +0000 Subject: Fixed problem with renaming folder on top level share. jra@cygnus.com (This used to be commit 7ba1cff9341b4094fddf1e2e529b1e5b79aea675) --- source3/smbd/reply.c | 50 +++++++++++++++++++++++++++++++++++--------------- 1 file changed, 35 insertions(+), 15 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 46c385b85e..5dbd39f746 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2553,9 +2553,18 @@ int reply_mv(char *inbuf,char *outbuf) unix_convert(name,cnum,0); unix_convert(newname,cnum,newname_last_component); + /* + * Split the old name into directory and last component + * strings. Note that unix_convert may have stripped off a + * leading ./ from both name and newname if the rename is + * at the root of the share. We need to make sure either both + * name and newname contain a / character or neither of them do + * as this is checked in resolve_wildcards(). + */ + p = strrchr(name,'/'); if (!p) { - strcpy(directory,"./"); + strcpy(directory,"."); strcpy(mask,name); } else { *p = 0; @@ -2570,32 +2579,45 @@ int reply_mv(char *inbuf,char *outbuf) has_wild = strchr(mask,'*') || strchr(mask,'?'); if (!has_wild) { + BOOL is_short_name = is_8_3(name, True); + + /* Add a terminating '/' to the directory name. */ strcat(directory,"/"); strcat(directory,mask); - DEBUG(3,("reply_mv : case_sensitive = %d, case_preserve = %d, name = %s, newname = %s, newname_last_component = %s\n", case_sensitive, case_preserve, name, newname, newname_last_component)); + /* Ensure newname contains a '/' also */ + if(strrchr(newname,'/') == 0) { + pstring tmpstr; + + strcpy(tmpstr, "./"); + strcat(tmpstr, newname); + strcpy(newname, tmpstr); + } + + DEBUG(3,("reply_mv : case_sensitive = %d, case_preserve = %d, short case preserve = %d, directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", + case_sensitive, case_preserve, short_case_preserve, directory, + newname, newname_last_component, is_short_name)); /* * Check for special case with case preserving and not - * case sensitive, if name and newname are identical, + * case sensitive, if directory and newname are identical, * and the old last component differs from the original * last component only by case, then we should allow * the rename (user is trying to change the case of the * filename). */ - if((case_sensitive == False) && ((case_preserve == True) || - ((short_case_preserve == True) && is_8_3(name, True))) && - strcsequal(name, newname)) { + if((case_sensitive == False) && ( ((case_preserve == True) && (is_short_name == False)) || + ((short_case_preserve == True) && (is_short_name == True))) && + strcsequal(directory, newname)) { pstring newname_modified_last_component; /* * Get the last component of the modified name. + * Note that we guarantee that newname contains a '/' + * character above. */ p = strrchr(newname,'/'); - if (!p) - strcpy(newname_modified_last_component,name); - else - strcpy(newname_modified_last_component,p+1); + strcpy(newname_modified_last_component,p+1); if(strcsequal(newname_modified_last_component, newname_last_component) == False) { @@ -2603,10 +2625,7 @@ int reply_mv(char *inbuf,char *outbuf) * Replace the modified last component with * the original. */ - if(p) - strcpy(p+1, newname_last_component); - else - strcpy(newname, newname_last_component); + strcpy(p+1, newname_last_component); } } @@ -2615,7 +2634,8 @@ int reply_mv(char *inbuf,char *outbuf) !file_exist(newname,NULL) && !sys_rename(directory,newname)) count++; - DEBUG(3,("reply_mv : doing rename on %s -> %s\n",directory,newname)); + DEBUG(3,("reply_mv : %s doing rename on %s -> %s\n",(count != 0) ? "succeeded" : "failed", + directory,newname)); if (!count) exists = file_exist(directory,NULL); if (!count && exists && file_exist(newname,NULL)) { -- cgit From da0a56a278232bad50ea0dd05de3b06299d66234 Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Fri, 28 Feb 1997 20:39:36 +0000 Subject: Split maxxmit parameter into two : max_send (auto configured by the connecting client, as per CIFS4) and max_recv, which can be configured as the old maxxmit was. Fixes problems with NT directory listings when maxxmit is set very small. jra@cygnus.com (This used to be commit c2d5d1040a933987a0c39545bb5bf8e2fc400a87) --- source3/smbd/reply.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5dbd39f746..f532d613b4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -30,7 +30,8 @@ /* look in server.c for some explanation of these variables */ extern int Protocol; extern int DEBUGLEVEL; -extern int maxxmit; +extern int max_send; +extern int max_recv; extern int chain_fnum; extern char magic_char; extern connection_struct Connections[]; @@ -194,7 +195,7 @@ int reply_tcon(char *inbuf,char *outbuf) return(connection_error(inbuf,outbuf,connection_num)); outsize = set_message(outbuf,2,0,True); - SSVAL(outbuf,smb_vwv0,maxxmit); + SSVAL(outbuf,smb_vwv0,max_recv); SSVAL(outbuf,smb_vwv1,connection_num); SSVAL(outbuf,smb_tid,connection_num); @@ -509,7 +510,9 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) SSVAL(inbuf,smb_uid,sess_vuid); if (!done_sesssetup) - maxxmit = MIN(maxxmit,smb_bufsize); + max_send = MIN(max_send,smb_bufsize); + + DEBUG(0,(" Client requested max send size of %d\n", max_send)); done_sesssetup = True; -- cgit From 0f1f0ceb9519368188f695e18e2341ccfd1b2d15 Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Thu, 8 May 1997 01:14:17 +0000 Subject: 'The mother of all checkins' :-). Jeremy Allison (jallison@whistle.com) Wed May 7 1997: Update for 1.9.17alpha1 release - 'browsefix release' designed to make browsing across subnets work. byteorder.h: Updated copyright to 1997. charcnv.c: Updated copyright to 1997. charset.c Updated copyright to 1997. charset.h Updated copyright to 1997. client.c Updated copyright to 1997. clientutil.c Updated copyright to 1997. dir.c Updated copyright to 1997. fault.c Updated copyright to 1997. includes.h Updated copyright to 1997. interface.c Updated copyright to 1997. ipc.c Updated copyright to 1997. kanji.c Updated copyright to 1997. kanji.h Updated copyright to 1997. loadparm.c Updated copyright to 1997. locking.c Updated copyright to 1997. mangle.c Updated copyright to 1997. message.c Updated copyright to 1997. nameannounce.c Made use of WINS subnet explicit. Added reset_announce_timer() so announcement can be made immediately when we become a master. Expanded code to do sync with dmb. namebrowse.c Removed redundent checks for AM_MASTER in sync code. Made use of WINS subnet explicit. namedbname.c Made use of WINS subnet explicit. namedbresp.c Made use of WINS subnet explicit. namedbserver.c Made use of WINS subnet explicit. namedbsubnet.c Explicitly add workgroup to WINS subnet when we become a dmb. Made use of WINS subnet explicit. namedbwork.c Made use of WINS subnet explicit. Removed redundent check_work_servertype() function. nameelect.c Explicitly add workgroup to WINS subnet when we become a master browser. Made use of WINS subnet explicit. namelogon.c Updated copyright to 1997. namepacket.c Updated copyright to 1997. namequery.c Updated copyright to 1997. nameresp.c Made use of WINS subnet explicit. Made nmbd fail if configured as master browser and one exists already. nameserv.c Made use of WINS subnet explicit. Remove redundent logon server and domain master code. nameserv.h Add emumerate subnet macros. nameservreply.c Made use of WINS subnet explicit. nameservresp.c Updated copyright to 1997. namework.c Made use of WINS subnet explicit. Updated code to add sync browser entries to add subnet parameter. nmbd.c Added sanity check for misconfigured nmbd. nmblib.c Updated copyright to 1997. nmblookup.c Updated copyright to 1997. nmbsync.c Removed redundent AM_ANY_MASTER check. params.c Updated copyright to 1997. password.c Updated copyright to 1997. pipes.c Updated copyright to 1997. predict.c Updated copyright to 1997. printing.c Updated copyright to 1997. proto.h Changed protos for new nmbd code. quotas.c Updated copyright to 1997. replace.c Updated copyright to 1997. reply.c Updated copyright to 1997. server.c Updated copyright to 1997. shmem.c Updated copyright to 1997. smb.h Updated copyright to 1997. smbencrypt.c Updated copyright to 1997. smbpasswd.c Updated copyright to 1997. smbrun.c Updated copyright to 1997. status.c Updated copyright to 1997. system.c Updated copyright to 1997. testparm.c Updated copyright to 1997. testprns.c Updated copyright to 1997. time.c Updated copyright to 1997. trans2.c Updated copyright to 1997. trans2.h Updated copyright to 1997. uid.c Updated copyright to 1997. username.c Updated copyright to 1997. util.c Updated copyright to 1997. version.h Changed to 1.9.17alpha1. (This used to be commit cf23a155a1315f50d488794a2caf88402bf3e3e6) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f532d613b4..bb75211deb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2,7 +2,7 @@ Unix SMB/Netbios implementation. Version 1.9. Main SMB reply routines - Copyright (C) Andrew Tridgell 1992-1995 + Copyright (C) Andrew Tridgell 1992-1997 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by -- cgit From aa864415c5183c948fe9ae221023d40265c38013 Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Tue, 20 May 1997 00:32:51 +0000 Subject: dir.c: Fixed double slash issue. includes.h: Changed to ifdef FAST_SHARE_MODES. ipc.c: Changed lp_workgroup() to myworkgroup. loadparm.c: Added new shared mem parameters. Added Luke's fix. locking.c: Rewrite to do share modes better (both fast and slow modes). nameannounce.c: Changed lp_workgroup() to myworkgroup. Added Luke's fix. nameconf.c: Changed lp_workgroup() to myworkgroup. namedbname.c: Improved debug. namedbserver.c: Changed lp_workgroup() to myworkgroup. namedbsubnet.c: Added Luke's fix - rewritten somewhat. namedbwork.c: Changed lp_workgroup() to myworkgroup. nameelect.c: Added Luke's fix - rewritten somewhat. nameresp.c: Stoped shadowing global. nameserv.c: Added Luke's fix - Improved debug. nameservreply.c: Improved debug. namework.c: Changed lp_workgroup() to myworkgroup. nmbd.c: Added Luke's fix - Changed lp_workgroup() to myworkgroup. pipes.c: Changed lp_workgroup() to myworkgroup. proto.h: Added Luke's fix, added smb_shm_ proto's. reply.c: Changed lp_workgroup() to myworkgroup. server.c: Rewrite to do share modes better (both fast and slow modes). shmem.c: Rewrite to do share modes better (both fast and slow modes). smb.h: Rewrite to do share modes better (both fast and slow modes). status.c: Rewrite to do share modes better (both fast and slow modes). trans2.c: Fixed double slash issue. util.c: Tidied up, created myworkgroup. Jeremy Allison (jallison@whistle.com). (This used to be commit 2a1711eaaf08bb6776770cd3c96b3010f431a677) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bb75211deb..639c386c2f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -40,6 +40,7 @@ extern BOOL case_sensitive; extern BOOL case_preserve; extern BOOL short_case_preserve; extern pstring sesssetup_user; +extern fstring myworkgroup; extern int Client; /* this macro should always be used to extract an fnum (smb_fid) from @@ -480,7 +481,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) p = smb_buf(outbuf); strcpy(p,"Unix"); p = skip_string(p,1); strcpy(p,"Samba "); strcat(p,VERSION); p = skip_string(p,1); - strcpy(p,lp_workgroup()); p = skip_string(p,1); + strcpy(p,myworkgroup); p = skip_string(p,1); set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); /* perhaps grab OS version here?? */ } -- cgit From ccf4314fe73fb035f6941f00ce952ba3a308c2da Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Tue, 27 May 1997 20:28:45 +0000 Subject: loadparm.c: Ensure printer services cannot be read only and don't use share mode locking. locking.c: Changed aborts to returns so not so drastic on PANIC errors. proto.h: Removed definition of open_file as this is now never externally called. reply.c: Changed reply_mknew, reply_ctemp, reply_printopen to go through open_file_shared. server.c: Modified open_file_shared to be more robust and be useful for printer & temp files. Removed truncate option from open_file (now all truncates are done in open_file_shared). util.c: Added EAGAIN to errors checked in open_socket_out(). version.h: Updated to 1.9.17alpha2. jallison@whistle.com (This used to be commit d8471909b79fd591be2b789485b65d2e636d4745) --- source3/smbd/reply.c | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 639c386c2f..530ce84895 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1135,7 +1135,7 @@ int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) /**************************************************************************** - reply to a mknew + reply to a mknew or a create ****************************************************************************/ int reply_mknew(char *inbuf,char *outbuf) { @@ -1145,7 +1145,8 @@ int reply_mknew(char *inbuf,char *outbuf) int outsize = 0; int createmode; mode_t unixmode; - + int ofun = 0; + com = SVAL(inbuf,smb_com); cnum = SVAL(inbuf,smb_tid); @@ -1160,9 +1161,6 @@ int reply_mknew(char *inbuf,char *outbuf) unixmode = unix_mode(cnum,createmode); - if (com == SMBmknew && file_exist(fname,NULL)) - return(ERROR(ERRDOS,ERRfilexists)); - fnum = find_free_file(); if (fnum < 0) return(ERROR(ERRSRV,ERRnofids)); @@ -1170,7 +1168,19 @@ int reply_mknew(char *inbuf,char *outbuf) if (!check_name(fname,cnum)) return(UNIXERROR(ERRDOS,ERRnoaccess)); - open_file(fnum,cnum,fname,O_RDWR | O_CREAT | O_TRUNC,unixmode, 0); + if(com == SMBmknew) + { + /* We should fail if file exists. */ + ofun = 0x10; + } + else + { + /* SMBcreate - Create if file doesn't exist, truncate if it does. */ + ofun = 0x12; + } + + /* Open file in dos compatibility share mode. */ + open_file_shared(fnum,cnum,fname,(DENY_FCB<<4)|0xF, ofun, unixmode, NULL, NULL); if (!Files[fnum].open) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -1218,7 +1228,9 @@ int reply_ctemp(char *inbuf,char *outbuf) strcpy(fname2,(char *)mktemp(fname)); - open_file(fnum,cnum,fname2,O_RDWR | O_CREAT | O_TRUNC,unixmode, 0); + /* Open file in dos compatibility share mode. */ + /* We should fail if file exists. */ + open_file_shared(fnum,cnum,fname2,(DENY_FCB<<4)|0xF, 0x10, unixmode, NULL, NULL); if (!Files[fnum].open) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2219,8 +2231,8 @@ int reply_printopen(char *inbuf,char *outbuf) if (!check_name(fname2,cnum)) return(ERROR(ERRDOS,ERRnoaccess)); - open_file(fnum,cnum,fname2,O_WRONLY | O_CREAT | O_TRUNC, - unix_mode(cnum,0), 0); + /* Open for exclusive use, write only. */ + open_file_shared(fnum,cnum,fname2,(DENY_ALL<<4)|1, 0x12, unix_mode(cnum,0), NULL, NULL); if (!Files[fnum].open) return(UNIXERROR(ERRDOS,ERRnoaccess)); -- cgit From c6e63aa896a10656f6205828e744b722fc72f8ac Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Wed, 11 Jun 1997 01:03:06 +0000 Subject: Makefile: Added quoata changes for Linux from Thorvald Natvig Makefile.RPM: Added quoata changes for Linux from Thorvald Natvig charset.c: Large changes to add multiple client code pages. charset.h: Changed charset_initialise() proto. client.c: Fixed message sending bug. Changed charset_initialise(). ipc.c: Fixed #ifdef compile problems. loadparm.c: Added "client code page" option. nmbd.c: Changed charset_initialise(). Fixed lmhosts read. nmblookup.c: Changed charset_initialise(). proto.h: Added lp_client_code_page(void). quotas.c: Added quoata changes for Linux from Thorvald Natvig reply.c: Changed debug level. Made SMBecho ignore tid. server.c: Changed charset_initialise(). smb.h: Added DEFAULT_CLIENT_CODE_PAGE as 850. smbpasswd.c: Changed charset_initialise(). status.c: Changed charset_initialise(). testparm.c: Changed charset_initialise(). testprns.c: Changed charset_initialise(). Jeremy Allison (jallison@whistle.com) (This used to be commit 957025bace1bcff34d21a6caeca498e85abccb23) --- source3/smbd/reply.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 530ce84895..8af4536c19 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -513,7 +513,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (!done_sesssetup) max_send = MIN(max_send,smb_bufsize); - DEBUG(0,(" Client requested max send size of %d\n", max_send)); + DEBUG(1,(" Client requested max send size of %d\n", max_send)); done_sesssetup = True; @@ -2156,11 +2156,17 @@ int reply_echo(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); + /* According to the latest CIFS spec we shouldn't + care what the TID is. + */ + +#if 0 if (cnum != 0xFFFF && !OPEN_CNUM(cnum)) { DEBUG(4,("Invalid cnum in echo (%d)\n",cnum)); return(ERROR(ERRSRV,ERRinvnid)); } +#endif /* copy any incoming data back out */ if (data_len > 0) -- cgit From f6384eca672565bf820f86721de5cf25a5e5e9fe Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Thu, 3 Jul 1997 19:44:06 +0000 Subject: Fix for deleting directories that contain only veto files. Needed for interoperability with netatalk volumes. Jeremy (jallison@whistle.com) (This used to be commit e72a8513bccf77177f6fb6002057fee608947a32) --- source3/smbd/reply.c | 74 +++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 70 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8af4536c19..5f030d5372 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1326,7 +1326,7 @@ int reply_unlink(char *inbuf,char *outbuf) char *dname; if (check_name(directory,cnum)) - dirptr = OpenDir(directory); + dirptr = OpenDir(directory, True); /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then the pattern matches against the long name, otherwise the short name @@ -2449,10 +2449,76 @@ int reply_rmdir(char *inbuf,char *outbuf) if (check_name(directory,cnum)) { + dptr_closepath(directory,SVAL(inbuf,smb_pid)); ok = (sys_rmdir(directory) == 0); + if(!ok && (errno == ENOTEMPTY) && lp_veto_files()) + { + /* Check to see if the only thing in this directory are + vetoed files/directories. If so then delete them and + retry. If we fail to delete any of them (and we *don't* + do a recursive delete) then fail the rmdir. */ + BOOL all_veto_files = True; + char *dname; + void *dirptr = OpenDir(directory, False); + + if(dirptr != NULL) + { + int dirpos = TellDir(dirptr); + while ((dname = ReadDirName(dirptr))) + { + if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) + continue; + if(!is_vetoed_name(dname)) + { + all_veto_files = False; + break; + } + } + if(all_veto_files) + { + SeekDir(dirptr,dirpos); + while ((dname = ReadDirName(dirptr))) + { + pstring fullname; + struct stat st; + + if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) + continue; + + /* Construct the full name. */ + if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) + { + errno = ENOMEM; + break; + } + strcpy(fullname, directory); + strcat(fullname, "/"); + strcat(fullname, dname); + + if(sys_lstat(fullname, &st) != 0) + break; + if(st.st_mode & S_IFDIR) + { + if(sys_rmdir(fullname) != 0) + break; + } + else if(sys_unlink(fullname) != 0) + break; + } + CloseDir(dirptr); + /* Retry the rmdir */ + ok = (sys_rmdir(directory) == 0); + } + else + CloseDir(dirptr); + } + else + errno = ENOTEMPTY; + } + if (!ok) - DEBUG(3,("couldn't remove directory %s : %s\n", + DEBUG(3,("couldn't remove directory %s : %s\n", directory,strerror(errno))); } @@ -2670,7 +2736,7 @@ int reply_mv(char *inbuf,char *outbuf) pstring destname; if (check_name(directory,cnum)) - dirptr = OpenDir(directory); + dirptr = OpenDir(directory, True); if (dirptr) { @@ -2861,7 +2927,7 @@ int reply_copy(char *inbuf,char *outbuf) pstring destname; if (check_name(directory,cnum)) - dirptr = OpenDir(directory); + dirptr = OpenDir(directory, True); if (dirptr) { -- cgit From 1fe89d0b716ccd9fca4abe4daf89df063b38f4b3 Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Sun, 6 Jul 1997 13:48:10 +0000 Subject: added, tested and debugged new "hide files" option. lkcl (This used to be commit 60af320a436c3a26230fd7ac71856e67ef64e819) --- source3/smbd/reply.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5f030d5372..af980943ca 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -767,7 +767,7 @@ int reply_search(char *inbuf,char *outbuf) memcpy(mask,status+1,11); mask[11] = 0; dirtype = CVAL(status,0) & 0x1F; - Connections[cnum].dirptr = dptr_fetch(status+12,&dptr_num); + Connections[cnum].dirptr = dptr_fetch(SNUM(cnum), status+12,&dptr_num); if (!Connections[cnum].dirptr) goto SearchEmpty; string_set(&Connections[cnum].dirpath,dptr_path(dptr_num)); @@ -832,7 +832,7 @@ int reply_search(char *inbuf,char *outbuf) { memcpy(p,status,21); make_dir_struct(p,"???????????",volume_label(SNUM(cnum)),0,aVOLID,0); - dptr_fill(p+12,dptr_num); + dptr_fill(SNUM(cnum), p+12,dptr_num); if (dptr_zero(p+12) && (status_len==0)) numentries = 1; else @@ -854,7 +854,7 @@ int reply_search(char *inbuf,char *outbuf) { memcpy(p,status,21); make_dir_struct(p,mask,fname,size,mode,date); - dptr_fill(p+12,dptr_num); + dptr_fill(SNUM(cnum), p+12,dptr_num); numentries++; } p += DIR_STRUCT_SIZE; @@ -937,7 +937,7 @@ int reply_fclose(char *inbuf,char *outbuf) memcpy(status,smb_buf(inbuf) + 1 + strlen(path) + 4,21); - if(dptr_fetch(status+12,&dptr_num)) { + if(dptr_fetch(SNUM(cnum), status+12,&dptr_num)) { /* Close the dptr - we know it's gone */ dptr_close(dptr_num); } @@ -1326,7 +1326,7 @@ int reply_unlink(char *inbuf,char *outbuf) char *dname; if (check_name(directory,cnum)) - dirptr = OpenDir(directory, True); + dirptr = OpenDir(SNUM(cnum), directory, True); /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then the pattern matches against the long name, otherwise the short name @@ -2736,7 +2736,7 @@ int reply_mv(char *inbuf,char *outbuf) pstring destname; if (check_name(directory,cnum)) - dirptr = OpenDir(directory, True); + dirptr = OpenDir(SNUM(cnum), directory, True); if (dirptr) { @@ -2927,7 +2927,7 @@ int reply_copy(char *inbuf,char *outbuf) pstring destname; if (check_name(directory,cnum)) - dirptr = OpenDir(directory, True); + dirptr = OpenDir(SNUM(cnum), directory, True); if (dirptr) { -- cgit From bc4d8cb3068425c0f4b84020b856d80fba7ce81f Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Sun, 6 Jul 1997 14:07:00 +0000 Subject: missed one OpenDir() and two is_vetoed_name() calls, both of which take a service number as a parameter, in the rmdir code, when doing a recompile. lkcl (This used to be commit e095e339e62471a0b172918d2d3213f8a34b2108) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index af980943ca..8f650cb994 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2452,7 +2452,7 @@ int reply_rmdir(char *inbuf,char *outbuf) dptr_closepath(directory,SVAL(inbuf,smb_pid)); ok = (sys_rmdir(directory) == 0); - if(!ok && (errno == ENOTEMPTY) && lp_veto_files()) + if(!ok && (errno == ENOTEMPTY) && lp_veto_files(SNUM(cnum))) { /* Check to see if the only thing in this directory are vetoed files/directories. If so then delete them and @@ -2460,7 +2460,7 @@ int reply_rmdir(char *inbuf,char *outbuf) do a recursive delete) then fail the rmdir. */ BOOL all_veto_files = True; char *dname; - void *dirptr = OpenDir(directory, False); + void *dirptr = OpenDir(SNUM(cnum), directory, False); if(dirptr != NULL) { @@ -2469,7 +2469,7 @@ int reply_rmdir(char *inbuf,char *outbuf) { if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) continue; - if(!is_vetoed_name(dname)) + if(!is_vetoed_name(SNUM(cnum), dname)) { all_veto_files = False; break; -- cgit From 8b904f4ecc7b6bd6558d40fda4184112bbb10366 Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Thu, 17 Jul 1997 20:11:58 +0000 Subject: Makefile: Added krb5 option from Nathan Neulinger includes.h: Added krb5 option from Nathan Neulinger , added SGI5 fix. password.c: Added krb5 option from Nathan Neulinger quotas.c: Added inode quote fix. reply.c: removed redundent code. server.c: Changed error debug to 0, removed redundent check. util.c: Added close_low_fd() to become_daemon - fix for rsh from Johnathan Knight. Jeremy (jallison@whistle.com) (This used to be commit 256afb764828b0a6dad5529d62501bc9ea2807ee) --- source3/smbd/reply.c | 7 ------- 1 file changed, 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8f650cb994..315c7fbb51 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1026,7 +1026,6 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) pstring fname; int cnum = SVAL(inbuf,smb_tid); int fnum = -1; - int openmode = 0; int smb_mode = SVAL(inbuf,smb_vwv3); int smb_attr = SVAL(inbuf,smb_vwv5); BOOL oplock_request = BITSETW(inbuf+smb_vwv2,1); @@ -1050,12 +1049,6 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) strcpy(fname,smb_buf(inbuf)); unix_convert(fname,cnum,0); - /* now add create and trunc bits */ - if (smb_ofun & 0x10) - openmode |= O_CREAT; - if ((smb_ofun & 0x3) == 2) - openmode |= O_TRUNC; - fnum = find_free_file(); if (fnum < 0) return(ERROR(ERRSRV,ERRnofids)); -- cgit From 612111c7a1a048d19e24b5e2e4d426247d320d1e Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Fri, 18 Jul 1997 20:21:32 +0000 Subject: charset.c: Split charset_initialise() into 2 - a charset_initialise() and a codepage_initialise(). Fixes problem with initialising dos map twice. charset.h: Changes to support charset changes. client.c: Changes to support charset changes. loadparm.c: follow symlinks parameter from David Clerc nmbd.c: Changes to support charset changes. nmblookup.c:Changes to support charset changes. proto.h: Changes to support charset changes. reply.c: Don't call security=server with no user/no password guest. Fix from Stefaan A Eeckels server.c: follow symlinks code from David Clerc smbpasswd.c:Changes to support charset changes. status.c: Changes to support charset changes. testparm.c: Changes to support charset changes. testprns.c: Changes to support charset changes. uid.c: Fixed log message with no \n. Jeremy (jallison@whistle.com) (This used to be commit 2a28a6e5e461aca7fe6c19cd01d287010056cffb) --- source3/smbd/reply.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 315c7fbb51..5869588664 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -409,8 +409,14 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) } + /* If no username is sent use the guest account */ if (!*user) - strcpy(user,lp_guestaccount(-1)); + { + strcpy(user,lp_guestaccount(-1)); + /* If no user and no password then set guest flag. */ + if( *smb_apasswd == 0) + guest = True; + } strlower(user); @@ -421,24 +427,22 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) add_session_user(user); - if (!(lp_security() == SEC_SERVER && server_validate(inbuf)) && + if (!guest && !(lp_security() == SEC_SERVER && server_validate(inbuf)) && !check_hosts_equiv(user)) { - if (strequal(user,lp_guestaccount(-1)) && (*smb_apasswd == 0)) - guest = True; - /* now check if it's a valid username/password */ /* If an NT password was supplied try and validate with that - first. This is superior as the passwords are mixed case 128 length unicode */ - if(smb_ntpasslen && !guest) + first. This is superior as the passwords are mixed case + 128 length unicode */ + if(smb_ntpasslen) { if(!password_ok(user,smb_ntpasswd,smb_ntpasslen,NULL)) DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); else valid_nt_password = True; } - if (!valid_nt_password && !guest && !password_ok(user,smb_apasswd,smb_apasslen,NULL)) + if (!valid_nt_password && !password_ok(user,smb_apasswd,smb_apasslen,NULL)) { if (!computer_id && lp_security() >= SEC_USER) { #if (GUEST_SESSSETUP == 0) -- cgit From 15ae50ca5203bc4c04567e400ba041a4d1757b2b Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Thu, 24 Jul 1997 17:25:11 +0000 Subject: Makefile: Added UNIXWARE 2.x with shadow passwords from fja@extratech.com client.c: Made prompt appear at debug level 0. Fixed strcasecmp redefinition. Caused client to use set_blocking rather than making fcntl calls itself. dir.c: Removed redundent snum parameters. includes.h: Added SCO fixes. loadparm.c: Made default 'files to hide' a null string. nmbd.c: Removed O_NONBLOCK from pid file open for platforms that dont have it. proto.h: Changed snum to cnum where needed. Changed is_xx_path to is_in_path (now called via MACRO). quotas.c: Swapped setuid/seteuid calls when restoring uid. reply.c: Removed redundent snum parameters. server.c: Changed snum to cnum where needed. Setup new veto_list, hide_list namelists. Added standard_sub changes from Stefaan A Eeckels and Paul Rippin shmem.c: Changed cast for sizeof to be int before negating. smb.h: Added new veto_list, hide_list entries to connections. Added IS_PRINT, IS_HIDDEN_PATH, IS_VETO_PATH macros. trans2.c: Removed redundent snum parameters. util.c: Added standard_sub_basic changes from Stefaan A Eeckels and Paul Rippin Fixed up veto/hidden path processing so the paths are pres-parsed and checked for wildcards (for speed). Jeremy (jallison@whistle.com) (This used to be commit 9afa36f7874cfd527aa6ef1e7965c1d35d46ab1f) --- source3/smbd/reply.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5869588664..374a01b665 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -771,7 +771,7 @@ int reply_search(char *inbuf,char *outbuf) memcpy(mask,status+1,11); mask[11] = 0; dirtype = CVAL(status,0) & 0x1F; - Connections[cnum].dirptr = dptr_fetch(SNUM(cnum), status+12,&dptr_num); + Connections[cnum].dirptr = dptr_fetch(status+12,&dptr_num); if (!Connections[cnum].dirptr) goto SearchEmpty; string_set(&Connections[cnum].dirpath,dptr_path(dptr_num)); @@ -836,7 +836,7 @@ int reply_search(char *inbuf,char *outbuf) { memcpy(p,status,21); make_dir_struct(p,"???????????",volume_label(SNUM(cnum)),0,aVOLID,0); - dptr_fill(SNUM(cnum), p+12,dptr_num); + dptr_fill(p+12,dptr_num); if (dptr_zero(p+12) && (status_len==0)) numentries = 1; else @@ -858,7 +858,7 @@ int reply_search(char *inbuf,char *outbuf) { memcpy(p,status,21); make_dir_struct(p,mask,fname,size,mode,date); - dptr_fill(SNUM(cnum), p+12,dptr_num); + dptr_fill(p+12,dptr_num); numentries++; } p += DIR_STRUCT_SIZE; @@ -941,7 +941,7 @@ int reply_fclose(char *inbuf,char *outbuf) memcpy(status,smb_buf(inbuf) + 1 + strlen(path) + 4,21); - if(dptr_fetch(SNUM(cnum), status+12,&dptr_num)) { + if(dptr_fetch(status+12,&dptr_num)) { /* Close the dptr - we know it's gone */ dptr_close(dptr_num); } @@ -1323,7 +1323,7 @@ int reply_unlink(char *inbuf,char *outbuf) char *dname; if (check_name(directory,cnum)) - dirptr = OpenDir(SNUM(cnum), directory, True); + dirptr = OpenDir(cnum, directory, True); /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then the pattern matches against the long name, otherwise the short name @@ -2457,7 +2457,7 @@ int reply_rmdir(char *inbuf,char *outbuf) do a recursive delete) then fail the rmdir. */ BOOL all_veto_files = True; char *dname; - void *dirptr = OpenDir(SNUM(cnum), directory, False); + void *dirptr = OpenDir(cnum, directory, False); if(dirptr != NULL) { @@ -2466,7 +2466,7 @@ int reply_rmdir(char *inbuf,char *outbuf) { if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) continue; - if(!is_vetoed_name(SNUM(cnum), dname)) + if(!IS_VETO_PATH(cnum, dname)) { all_veto_files = False; break; @@ -2733,7 +2733,7 @@ int reply_mv(char *inbuf,char *outbuf) pstring destname; if (check_name(directory,cnum)) - dirptr = OpenDir(SNUM(cnum), directory, True); + dirptr = OpenDir(cnum, directory, True); if (dirptr) { @@ -2924,7 +2924,7 @@ int reply_copy(char *inbuf,char *outbuf) pstring destname; if (check_name(directory,cnum)) - dirptr = OpenDir(SNUM(cnum), directory, True); + dirptr = OpenDir(cnum, directory, True); if (dirptr) { @@ -3105,7 +3105,7 @@ int reply_readbmpx(char *inbuf,char *outbuf,int length,int bufsize) mincount = SVAL(inbuf,smb_vwv4); data = smb_buf(outbuf); - pad = ((int)data)%4; + pad = ((long)data)%4; if (pad) pad = 4 - pad; data += pad; -- cgit From e9269c67a59ffa741123cb2ce3ab8dfb97136dec Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Tue, 19 Aug 1997 19:22:26 +0000 Subject: Makefile: Changed for HPUX10 tidyup. includes.h: Changed for HPUX10 tidyup. ipc.c: Fixed bug where getting local server list from NT browsers would fail. nmbsync.c: Fixed bug where getting local server list from NT browsers would fail. proto.h: Changed for crash bug on SCO with USE_MMAP. quotas.c: Added OSF quotas (patch from Bret Giddings ). Rolled back solaris uid change - I think it was wrong. reply.c: Changed for crash bug on SCO with USE_MMAP. server.c: Removed Lukes changes. Changed for crash bug on SCO with USE_MMAP. smb.h: Changed for crash bug on SCO with USE_MMAP. smbpasswd.c:Fixed crash bug with Lukes changes. uid.c: Removed Lukes changes. util.c: Fixed I18N bug with extended char filenames and widelinks = no. Jeremy (jallison@whistle.com) (This used to be commit bf1c79f7fd7f9beec4f9f4e58337cadceeb1cb38) --- source3/smbd/reply.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 374a01b665..0216b58c34 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1374,7 +1374,7 @@ int reply_readbraw(char *inbuf, char *outbuf) { int cnum,maxcount,mincount,fnum; int nread = 0; - int startpos; + uint32 startpos; char *header = outbuf; int ret=0; int fd; @@ -1418,7 +1418,7 @@ int reply_readbraw(char *inbuf, char *outbuf) Files[fnum].size = size; } - nread = MIN(maxcount,size - startpos); + nread = MIN(maxcount,(int)(size - startpos)); } if (nread < mincount) @@ -1515,7 +1515,7 @@ int reply_read(char *inbuf,char *outbuf) int cnum,numtoread,fnum; int nread = 0; char *data; - int startpos; + uint32 startpos; int outsize = 0; cnum = SVAL(inbuf,smb_tid); @@ -3081,7 +3081,7 @@ int reply_readbmpx(char *inbuf,char *outbuf,int length,int bufsize) int nread = -1; int total_read; char *data; - int32 startpos; + uint32 startpos; int outsize, mincount, maxcount; int max_per_packet; int tcount; @@ -3152,7 +3152,7 @@ int reply_writebmpx(char *inbuf,char *outbuf) int cnum,numtowrite,fnum; int nwritten = -1; int outsize = 0; - int32 startpos; + uint32 startpos; int tcount, write_through, smb_doff; char *data; -- cgit From c76dc7c2963d1205cf46849df6b6f0edbf63692d Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Wed, 20 Aug 1997 01:22:05 +0000 Subject: Fix suggested by "Christian Groessler" dir.c: Cause dptr_create to return -2 when failing on unix error. reply.c: Use UNIXERROR in more cases. server.c: Add ENOTDIR mapping to error table. trans2.c: Correctly determine UNIX error on dptr_create. Jeremy (jallison@whistle.com) (This used to be commit de38a0b34fcd65fa3024300f978aa30eb86d854f) --- source3/smbd/reply.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0216b58c34..f630e71e25 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -546,7 +546,7 @@ int reply_chkpth(char *inbuf,char *outbuf) ok = directory_exist(name,NULL); if (!ok) - return(ERROR(ERRDOS,ERRbadpath)); + return(UNIXERROR(ERRDOS,ERRbadpath)); outsize = set_message(outbuf,0,0,True); @@ -825,7 +825,11 @@ int reply_search(char *inbuf,char *outbuf) { dptr_num = dptr_create(cnum,directory,expect_close,SVAL(inbuf,smb_pid)); if (dptr_num < 0) - return(ERROR(ERRDOS,ERRnofids)); + { + if(dptr_num == -2) + return (UNIXERROR(ERRDOS,ERRnofids)); + return(ERROR(ERRDOS,ERRnofids)); + } } DEBUG(4,("dptr_num is %d\n",dptr_num)); -- cgit From 46dbd8c06009ad9e64251ae844fb16f2a30f5ab7 Mon Sep 17 00:00:00 2001 From: Samba Release Account Date: Wed, 20 Aug 1997 20:32:23 +0000 Subject: Changes to allow Samba to return the same error code as Windows NT. Takes care of the cases where a Windows program is parsing a pathname component by component and expects 2 different errors. ERRbadpath - if a component in the path doesn't exist. ERRbaddirectory - if a component in the path exists but is not a directory. Extra error code added to smb.h to support this. Code based on suggestions from "Christian Groessler" . Jeremy (jallison@whistle.com) (This used to be commit 28b3c6db8a81b41b448a4f3cd98e9cd2c4b5fb2e) --- source3/smbd/reply.c | 239 +++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 193 insertions(+), 46 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f630e71e25..cadd63e045 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -534,11 +534,12 @@ int reply_chkpth(char *inbuf,char *outbuf) int cnum,mode; pstring name; BOOL ok = False; - + BOOL bad_path = False; + cnum = SVAL(inbuf,smb_tid); strcpy(name,smb_buf(inbuf) + 1); - unix_convert(name,cnum,0); + unix_convert(name,cnum,0,&bad_path); mode = SVAL(inbuf,smb_vwv0); @@ -546,8 +547,20 @@ int reply_chkpth(char *inbuf,char *outbuf) ok = directory_exist(name,NULL); if (!ok) + { + /* We special case this - as when a Windows machine + is parsing a path is steps through the components + one at a time - if a component fails it expects + ERRbadpath, not ERRbadfile. + */ + if(errno == ENOENT) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,ERRbadpath)); - + } + outsize = set_message(outbuf,0,0,True); DEBUG(3,("%s chkpth %s cnum=%d mode=%d\n",timestring(),name,cnum,mode)); @@ -569,11 +582,12 @@ int reply_getatr(char *inbuf,char *outbuf) int mode=0; uint32 size=0; time_t mtime=0; - + BOOL bad_path = False; + cnum = SVAL(inbuf,smb_tid); strcpy(fname,smb_buf(inbuf) + 1); - unix_convert(fname,cnum,0); + unix_convert(fname,cnum,0,&bad_path); /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ @@ -587,23 +601,31 @@ int reply_getatr(char *inbuf,char *outbuf) } else if (check_name(fname,cnum)) + { + if (sys_stat(fname,&sbuf) == 0) { - if (sys_stat(fname,&sbuf) == 0) - { - mode = dos_mode(cnum,fname,&sbuf); - size = sbuf.st_size; - mtime = sbuf.st_mtime; - if (mode & aDIR) - size = 0; - ok = True; - } - else - DEBUG(3,("stat of %s failed (%s)\n",fname,strerror(errno))); + mode = dos_mode(cnum,fname,&sbuf); + size = sbuf.st_size; + mtime = sbuf.st_mtime; + if (mode & aDIR) + size = 0; + ok = True; + } + else + DEBUG(3,("stat of %s failed (%s)\n",fname,strerror(errno))); } if (!ok) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } + return(UNIXERROR(ERRDOS,ERRbadfile)); - + } + outsize = set_message(outbuf,10,0,True); SSVAL(outbuf,smb_vwv0,mode); @@ -635,11 +657,12 @@ int reply_setatr(char *inbuf,char *outbuf) BOOL ok=False; int mode; time_t mtime; - + BOOL bad_path = False; + cnum = SVAL(inbuf,smb_tid); strcpy(fname,smb_buf(inbuf) + 1); - unix_convert(fname,cnum,0); + unix_convert(fname,cnum,0,&bad_path); mode = SVAL(inbuf,smb_vwv0); mtime = make_unix_date3(inbuf+smb_vwv1); @@ -652,8 +675,16 @@ int reply_setatr(char *inbuf,char *outbuf) ok = set_filetime(fname,mtime); if (!ok) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } + return(UNIXERROR(ERRDOS,ERRnoaccess)); - + } + outsize = set_message(outbuf,0,0,True); DEBUG(3,("%s setatr name=%s mode=%d\n",timestring(),fname,mode)); @@ -715,6 +746,7 @@ int reply_search(char *inbuf,char *outbuf) BOOL check_descend = False; BOOL expect_close = False; BOOL can_open = True; + BOOL bad_path = False; *mask = *directory = *fname = 0; @@ -742,26 +774,32 @@ int reply_search(char *inbuf,char *outbuf) strcpy(directory,smb_buf(inbuf)+1); strcpy(dir2,smb_buf(inbuf)+1); - unix_convert(directory,cnum,0); + unix_convert(directory,cnum,0,&bad_path); unix_format(dir2); if (!check_name(directory,cnum)) - can_open = False; + can_open = False; p = strrchr(dir2,'/'); if (p == NULL) - {strcpy(mask,dir2);*dir2 = 0;} + { + strcpy(mask,dir2); + *dir2 = 0; + } else - {*p = 0;strcpy(mask,p+1);} + { + *p = 0; + strcpy(mask,p+1); + } p = strrchr(directory,'/'); if (!p) - *directory = 0; + *directory = 0; else - *p = 0; + *p = 0; if (strlen(directory) == 0) - strcpy(directory,"./"); + strcpy(directory,"./"); bzero(status,21); CVAL(status,0) = dirtype; } @@ -827,7 +865,14 @@ int reply_search(char *inbuf,char *outbuf) if (dptr_num < 0) { if(dptr_num == -2) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return (UNIXERROR(ERRDOS,ERRnofids)); + } return(ERROR(ERRDOS,ERRnofids)); } } @@ -974,27 +1019,42 @@ int reply_open(char *inbuf,char *outbuf) int unixmode; int rmode=0; struct stat sbuf; - + BOOL bad_path = False; + cnum = SVAL(inbuf,smb_tid); share_mode = SVAL(inbuf,smb_vwv0); strcpy(fname,smb_buf(inbuf)+1); - unix_convert(fname,cnum,0); + unix_convert(fname,cnum,0,&bad_path); fnum = find_free_file(); if (fnum < 0) return(ERROR(ERRSRV,ERRnofids)); if (!check_name(fname,cnum)) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,ERRnoaccess)); - + } + unixmode = unix_mode(cnum,aARCH); open_file_shared(fnum,cnum,fname,share_mode,3,unixmode,&rmode,NULL); if (!Files[fnum].open) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,ERRnoaccess)); + } if (fstat(Files[fnum].fd_ptr->fd,&sbuf) != 0) { close_file(fnum); @@ -1047,6 +1107,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) int size=0,fmode=0,mtime=0,rmode=0; struct stat sbuf; int smb_action = 0; + BOOL bad_path = False; /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(cnum)) @@ -1055,14 +1116,21 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* XXXX we need to handle passed times, sattr and flags */ strcpy(fname,smb_buf(inbuf)); - unix_convert(fname,cnum,0); + unix_convert(fname,cnum,0,&bad_path); fnum = find_free_file(); if (fnum < 0) return(ERROR(ERRSRV,ERRnofids)); if (!check_name(fname,cnum)) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,ERRnoaccess)); + } unixmode = unix_mode(cnum,smb_attr | aARCH); @@ -1070,7 +1138,14 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) &rmode,&smb_action); if (!Files[fnum].open) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,ERRnoaccess)); + } if (fstat(Files[fnum].fd_ptr->fd,&sbuf) != 0) { close_file(fnum); @@ -1147,13 +1222,14 @@ int reply_mknew(char *inbuf,char *outbuf) int createmode; mode_t unixmode; int ofun = 0; + BOOL bad_path = False; com = SVAL(inbuf,smb_com); cnum = SVAL(inbuf,smb_tid); createmode = SVAL(inbuf,smb_vwv0); strcpy(fname,smb_buf(inbuf)+1); - unix_convert(fname,cnum,0); + unix_convert(fname,cnum,0,&bad_path); if (createmode & aVOLID) { @@ -1167,7 +1243,14 @@ int reply_mknew(char *inbuf,char *outbuf) return(ERROR(ERRSRV,ERRnofids)); if (!check_name(fname,cnum)) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,ERRnoaccess)); + } if(com == SMBmknew) { @@ -1184,8 +1267,15 @@ int reply_mknew(char *inbuf,char *outbuf) open_file_shared(fnum,cnum,fname,(DENY_FCB<<4)|0xF, ofun, unixmode, NULL, NULL); if (!Files[fnum].open) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,ERRnoaccess)); - + } + outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fnum); @@ -1212,11 +1302,12 @@ int reply_ctemp(char *inbuf,char *outbuf) int outsize = 0; int createmode; mode_t unixmode; - + BOOL bad_path = False; + cnum = SVAL(inbuf,smb_tid); createmode = SVAL(inbuf,smb_vwv0); sprintf(fname,"%s/TMXXXXXX",smb_buf(inbuf)+1); - unix_convert(fname,cnum,0); + unix_convert(fname,cnum,0,&bad_path); unixmode = unix_mode(cnum,createmode); @@ -1225,7 +1316,14 @@ int reply_ctemp(char *inbuf,char *outbuf) return(ERROR(ERRSRV,ERRnofids)); if (!check_name(fname,cnum)) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,ERRnoaccess)); + } strcpy(fname2,(char *)mktemp(fname)); @@ -1234,7 +1332,14 @@ int reply_ctemp(char *inbuf,char *outbuf) open_file_shared(fnum,cnum,fname2,(DENY_FCB<<4)|0xF, 0x10, unixmode, NULL, NULL); if (!Files[fnum].open) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,ERRnoaccess)); + } outsize = set_message(outbuf,1,2 + strlen(fname2),True); SSVAL(outbuf,smb_vwv0,fnum); @@ -1290,6 +1395,7 @@ int reply_unlink(char *inbuf,char *outbuf) int error = ERRnoaccess; BOOL has_wild; BOOL exists=False; + BOOL bad_path = False; *directory = *mask = 0; @@ -1300,7 +1406,7 @@ int reply_unlink(char *inbuf,char *outbuf) DEBUG(3,("reply_unlink : %s\n",name)); - unix_convert(name,cnum,0); + unix_convert(name,cnum,0,&bad_path); p = strrchr(name,'/'); if (!p) { @@ -1362,7 +1468,14 @@ int reply_unlink(char *inbuf,char *outbuf) if (exists) return(ERROR(ERRDOS,error)); else + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,error)); + } } outsize = set_message(outbuf,0,0,True); @@ -2415,17 +2528,25 @@ int reply_mkdir(char *inbuf,char *outbuf) pstring directory; int cnum; int outsize,ret= -1; - + BOOL bad_path = False; + strcpy(directory,smb_buf(inbuf) + 1); cnum = SVAL(inbuf,smb_tid); - unix_convert(directory,cnum,0); + unix_convert(directory,cnum,0,&bad_path); if (check_name(directory,cnum)) ret = sys_mkdir(directory,unix_mode(cnum,aDIR)); if (ret < 0) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,ERRnoaccess)); - + } + outsize = set_message(outbuf,0,0,True); DEBUG(3,("%s mkdir %s cnum=%d ret=%d\n",timestring(),directory,cnum,ret)); @@ -2443,10 +2564,11 @@ int reply_rmdir(char *inbuf,char *outbuf) int cnum; int outsize = 0; BOOL ok = False; - + BOOL bad_path = False; + cnum = SVAL(inbuf,smb_tid); strcpy(directory,smb_buf(inbuf) + 1); - unix_convert(directory,cnum,0); + unix_convert(directory,cnum,0,&bad_path); if (check_name(directory,cnum)) { @@ -2524,8 +2646,15 @@ int reply_rmdir(char *inbuf,char *outbuf) } if (!ok) + { + if((errno == ENOENT) && bad_path) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,ERRbadpath)); - + } + outsize = set_message(outbuf,0,0,True); DEBUG(3,("%s rmdir %s\n",timestring(),directory)); @@ -2629,6 +2758,8 @@ int reply_mv(char *inbuf,char *outbuf) int error = ERRnoaccess; BOOL has_wild; BOOL exists=False; + BOOL bad_path1 = False; + BOOL bad_path2 = False; *directory = *mask = 0; @@ -2639,8 +2770,8 @@ int reply_mv(char *inbuf,char *outbuf) DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - unix_convert(name,cnum,0); - unix_convert(newname,cnum,newname_last_component); + unix_convert(name,cnum,0,&bad_path1); + unix_convert(newname,cnum,newname_last_component,&bad_path2); /* * Split the old name into directory and last component @@ -2775,7 +2906,14 @@ int reply_mv(char *inbuf,char *outbuf) if (exists) return(ERROR(ERRDOS,error)); else + { + if((errno == ENOENT) && (bad_path1 || bad_path2)) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,error)); + } } outsize = set_message(outbuf,0,0,True); @@ -2865,6 +3003,8 @@ int reply_copy(char *inbuf,char *outbuf) int ofun = SVAL(inbuf,smb_vwv1); int flags = SVAL(inbuf,smb_vwv2); BOOL target_is_directory=False; + BOOL bad_path1 = False; + BOOL bad_path2 = False; *directory = *mask = 0; @@ -2881,8 +3021,8 @@ int reply_copy(char *inbuf,char *outbuf) return(ERROR(ERRSRV,ERRinvdevice)); } - unix_convert(name,cnum,0); - unix_convert(newname,cnum,0); + unix_convert(name,cnum,0,&bad_path1); + unix_convert(newname,cnum,0,&bad_path2); target_is_directory = directory_exist(newname,NULL); @@ -2960,7 +3100,14 @@ int reply_copy(char *inbuf,char *outbuf) if (exists) return(ERROR(ERRDOS,error)); else + { + if((errno == ENOENT) && (bad_path1 || bad_path2)) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } return(UNIXERROR(ERRDOS,error)); + } } outsize = set_message(outbuf,1,0,True); -- cgit From f434139087ea45ed1eb578267843943b0f04c94c Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 31 Aug 1997 02:18:59 +0000 Subject: fixed a bug in the printjob encoding/decoding. We weren't doing it for the print_ functions in reply.c, with the effect that you couldn't cancel print jobs from smbclient or from older dos clients. we now use a couple of utility functions printjob_encode() and printjob_decode() rather than sticking the bitops inline in each place. also fixed a bunch of places that used foo%0xFF rather than foo&0xFF Note that this isn't really me doing the commit, it can't be as I'm working on my thesis ... (This used to be commit 3556763be3acbf01c967ee9717943dd44163fb9f) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index cadd63e045..4616ea14ed 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2463,7 +2463,7 @@ int reply_printqueue(char *inbuf,char *outbuf) { put_dos_date2(p,0,queue[i].time); CVAL(p,4) = (queue[i].status==LPQ_PRINTING?2:3); - SSVAL(p,5,queue[i].job); + SSVAL(p,5,printjob_encode(SNUM(cnum), queue[i].job)); SIVAL(p,7,queue[i].size); CVAL(p,11) = 0; StrnCpy(p+12,queue[i].user,16); -- cgit From 3fc24dc9ed330d73aedbe2017cdfa5b5657e69cc Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sun, 31 Aug 1997 14:14:22 +0000 Subject: added word count 3 support into reply_tcon_and_X (see cifs6.txt). the only thing i couldn't do was get the chaining word count to point to the end of the smb reply, for the next and_X (not that there is one). (This used to be commit 54f11999d2113f2e88144ed63e23dd82b32e14a6) --- source3/smbd/reply.c | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4616ea14ed..8e304a77df 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -261,7 +261,29 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (connection_num < 0) return(connection_error(inbuf,outbuf,connection_num)); - set_message(outbuf,2,strlen(devicename)+1,True); + if (Protocol < PROTOCOL_NT1) + { + set_message(outbuf,2,strlen(devicename)+1,True); + strcpy(smb_buf(outbuf),devicename); + } + else + { + char *fsname = "NTFS"; + int devlen = strlen(devicename)+1; + int fslen = strlen(fsname)+1; + int len = devlen + fslen + 1; + + char *p; + set_message(outbuf,3,3,True); + + p = smb_buf(outbuf); + strcpy(p,devicename); p = skip_string(p,1); /* device name */ + strcpy(p,fsname); p = skip_string(p,1); /* filesystem type e.g NTFS */ + + set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); + + SSVAL(outbuf, smb_vwv2, 0x0); /* optional support */ + } DEBUG(3,("%s tconX service=%s user=%s cnum=%d\n",timestring(),service,user,connection_num)); @@ -269,8 +291,6 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) SSVAL(inbuf,smb_tid,connection_num); SSVAL(outbuf,smb_tid,connection_num); - strcpy(smb_buf(outbuf),devicename); - return chain_reply(inbuf,outbuf,length,bufsize); } -- cgit From e1e4b37ac785da3829f4326722c34a473a17ade5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 2 Sep 1997 22:21:38 +0000 Subject: reply.c: Removed unused variables. Caught by gcc -Wall -Werror server.c: Fix for old DOS clients not understanding ERRbaddirectory - map to ERRbadpath. util.c: Fix for systems with no LOG_DAEMON facility. Jeremy (jallison@whistle.com) (This used to be commit dadb1ffb4ca5222c0b62d785cd714d65cae328e8) --- source3/smbd/reply.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8e304a77df..58b509ecec 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -269,11 +269,8 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) else { char *fsname = "NTFS"; - int devlen = strlen(devicename)+1; - int fslen = strlen(fsname)+1; - int len = devlen + fslen + 1; - char *p; + set_message(outbuf,3,3,True); p = smb_buf(outbuf); -- cgit From f5302af621d91536a72b437ae2b80f9dedb46920 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 4 Sep 1997 20:26:07 +0000 Subject: Fixed up determination of client type for PROTOCOL_NT1. Uses client capabilities bits in session_setup_and_X to decide. Made remote_arch an enum as well as a string, for easier use. Jeremy (jallison@whistle.com) (This used to be commit 99080705a2d0adcb25e1eecbe517a2fac2779baa) --- source3/smbd/reply.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 58b509ecec..773063131a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -367,8 +367,24 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) } else { uint16 passlen1 = SVAL(inbuf,smb_vwv7); uint16 passlen2 = SVAL(inbuf,smb_vwv8); + uint32 client_caps = IVAL(inbuf,smb_vwv11); + enum remote_arch_types ra_type = get_remote_arch(); + char *p = smb_buf(inbuf); + /* client_caps is used as final determination if client is NT or Win95. + This is needed to return the correct error codes in some + circumstances. + */ + + if(ra_type == RA_WINNT || ra_type == RA_WIN95) + { + if(client_caps & (CAP_NT_SMBS | CAP_STATUS32)) + set_remote_arch( RA_WINNT); + else + set_remote_arch( RA_WIN95); + } + if (passlen1 != 24 && passlen2 != 24) doencrypt = False; -- cgit From 34695928331e74a44389815cab941a3e673c84ee Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 12 Sep 1997 16:29:36 +0000 Subject: Added fix that means if connecting user sends guest account with no password they are seen as guest. Previous patch broke this. Jeremy (jallison@whistle.com) (This used to be commit 9a55c49626f65627b26417795891260bb2afcc27) --- source3/smbd/reply.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 773063131a..228d8ad669 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -268,7 +268,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) } else { - char *fsname = "NTFS"; + char *fsname = "SAMBA"; char *p; set_message(outbuf,3,3,True); @@ -459,6 +459,13 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) add_session_user(user); + /* Check if the given username was the guest user with no password. + We need to do this check after add_session_user() as that + call can potentially change the username (via map_user). + */ + + if(!guest && strequal(user,lp_guestaccount(-1)) && (*smb_apasswd == 0)) + guest = True; if (!guest && !(lp_security() == SEC_SERVER && server_validate(inbuf)) && !check_hosts_equiv(user)) -- cgit From 1590983eb0849130962cb0a08198cf8ad3d49380 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 17 Sep 1997 01:29:53 +0000 Subject: Added 'delete veto files' paremeter. Ugly - but the only way to allow Samba client users to delete directories containing Mac metafile information (.AppleDouble directories). Needed for clean integration with netatalk. Jeremy (jallison@whistle.com) (This used to be commit 29c6c037dc62e44784e9d127d1e7ef3dd1506733) --- source3/smbd/reply.c | 67 +++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 66 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 228d8ad669..cb0e5d7628 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2594,6 +2594,66 @@ int reply_mkdir(char *inbuf,char *outbuf) return(outsize); } +/**************************************************************************** +Static function used by reply_rmdir to delete an entire directory +tree recursively. +****************************************************************************/ +static BOOL recursive_rmdir(char *directory) +{ + char *dname = NULL; + BOOL ret = False; + void *dirptr = OpenDir(-1, directory, False); + + if(dirptr == NULL) + return True; + + while((dname = ReadDirName(dirptr))) + { + pstring fullname; + struct stat st; + + if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) + continue; + + /* Construct the full name. */ + if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) + { + errno = ENOMEM; + ret = True; + break; + } + strcpy(fullname, directory); + strcat(fullname, "/"); + strcat(fullname, dname); + + if(sys_lstat(fullname, &st) != 0) + { + ret = True; + break; + } + + if(st.st_mode & S_IFDIR) + { + if(recursive_rmdir(fullname)!=0) + { + ret = True; + break; + } + if(sys_rmdir(fullname) != 0) + { + ret = True; + break; + } + } + else if(sys_unlink(fullname) != 0) + { + ret = True; + break; + } + } + CloseDir(dirptr); + return ret; +} /**************************************************************************** reply to a rmdir @@ -2662,10 +2722,15 @@ int reply_rmdir(char *inbuf,char *outbuf) if(sys_lstat(fullname, &st) != 0) break; if(st.st_mode & S_IFDIR) + { + if(lp_recursive_veto_delete(SNUM(cnum))) { - if(sys_rmdir(fullname) != 0) + if(recursive_rmdir(fullname) != 0) break; } + if(sys_rmdir(fullname) != 0) + break; + } else if(sys_unlink(fullname) != 0) break; } -- cgit From 570a5becfcf1202d1277af8b149d50ca70315b74 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 18 Sep 1997 07:05:43 +0000 Subject: added some debug stuff (This used to be commit 95184fd1ecdf5eea9c42d748db848210b7e863d3) --- source3/smbd/reply.c | 115 ++++++++++++++++++++++++++++----------------------- 1 file changed, 64 insertions(+), 51 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index cb0e5d7628..09c4e29416 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -53,58 +53,71 @@ a packet to ensure chaining works correctly */ ****************************************************************************/ int reply_special(char *inbuf,char *outbuf) { - int outsize = 4; - int msg_type = CVAL(inbuf,0); - int msg_flags = CVAL(inbuf,1); - pstring name1,name2; - extern fstring remote_machine; - extern fstring local_machine; - char *p; - - *name1 = *name2 = 0; - - smb_setlen(outbuf,0); - - switch (msg_type) - { - case 0x81: /* session request */ - CVAL(outbuf,0) = 0x82; - CVAL(outbuf,3) = 0; - if (name_len(inbuf+4) > 50) - { - DEBUG(0,("Invalid name length in session request\n")); - return(0); + int outsize = 4; + int msg_type = CVAL(inbuf,0); + int msg_flags = CVAL(inbuf,1); + pstring name1,name2; + extern fstring remote_machine; + extern fstring local_machine; + char *p; + + *name1 = *name2 = 0; + + smb_setlen(outbuf,0); + + switch (msg_type) { + case 0x81: /* session request */ + CVAL(outbuf,0) = 0x82; + CVAL(outbuf,3) = 0; + if (name_len(inbuf+4) > 50) { + DEBUG(0,("Invalid name length in session request\n")); + return(0); + } + name_extract(inbuf,4,name1); + name_extract(inbuf,4 + name_len(inbuf + 4),name2); + DEBUG(2,("netbios connect: name1=%s name2=%s\n", + name1,name2)); + + strcpy(remote_machine,name2); + trim_string(remote_machine," "," "); + p = strchr(remote_machine,' '); + strlower(remote_machine); + if (p) *p = 0; + + strcpy(local_machine,name1); + trim_string(local_machine," "," "); + p = strchr(local_machine,' '); + strlower(local_machine); + if (p) *p = 0; + + add_session_user(remote_machine); + + reload_services(True); + reopen_logs(); + + break; + + case 0x89: /* session keepalive request + (some old clients produce this?) */ + CVAL(outbuf,0) = 0x85; + CVAL(outbuf,3) = 0; + break; + + case 0x82: /* positive session response */ + case 0x83: /* negative session response */ + case 0x84: /* retarget session response */ + DEBUG(0,("Unexpected session response\n")); + break; + + case 0x85: /* session keepalive */ + default: + return(0); } - name_extract(inbuf,4,name1); - name_extract(inbuf,4 + name_len(inbuf + 4),name2); - DEBUG(2,("netbios connect: name1=%s name2=%s\n",name1,name2)); - - strcpy(remote_machine,name2); - trim_string(remote_machine," "," "); - p = strchr(remote_machine,' '); - strlower(remote_machine); - if (p) *p = 0; - - strcpy(local_machine,name1); - trim_string(local_machine," "," "); - p = strchr(local_machine,' '); - strlower(local_machine); - if (p) *p = 0; - - add_session_user(remote_machine); - - reload_services(True); - reopen_logs(); - - break; - case 0x85: /* session keepalive */ - default: - return(0); - } - - DEBUG(5,("%s init msg_type=0x%x msg_flags=0x%x\n",timestring(),msg_type,msg_flags)); - - return(outsize); + + DEBUG(5,("%s init msg_type=0x%x msg_flags=0x%x\n", + timestring(),msg_type,msg_flags)); + + return(outsize); } -- cgit From 81eb442e88e8231b8e9c556c1ee393e99269af78 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 23 Sep 1997 19:19:06 +0000 Subject: Checkin to sync up oplock development code so that NT domain development code won't diverge. Makefile: Fixed make proto (again). Added GLIBC2 fixes for Linux. includes.h: Added GLIBC2 fixes for Linux. proto.h: Much tidier. quotas.c: OSF/1 quota fix. reply.c: Fix from Ray Frush for zero NT timestamps. server.c util.c: First oplock checkin - nowhere near finished so bracketed with #ifdef USE_OPLOCKS. Done to make sync with NT domain code easier. Jeremy (jallison@whistle.com) (This used to be commit 7dce7d84473beb5663b14a8ab32781970819c19d) --- source3/smbd/reply.c | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 09c4e29416..8117685637 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3610,11 +3610,31 @@ int reply_setattrE(char *inbuf,char *outbuf) unix_times.actime = make_unix_date2(inbuf+smb_vwv3); unix_times.modtime = make_unix_date2(inbuf+smb_vwv5); + /* + * Patch from Ray Frush + * Sometimes times are sent as zero - ignore them. + */ + + if ((unix_times.actime == 0) && (unix_times.modtime == 0)) + { + /* Ignore request */ + DEBUG(3,("%s reply_setattrE fnum=%d cnum=%d ignoring zero request - \ +not setting timestamps of 0\n", + timestring(), fnum,cnum,unix_times.actime,unix_times.modtime)); + return(outsize); + } + else if ((unix_times.actime != 0) && (unix_times.modtime == 0)) + { + /* set modify time = to access time if modify time was 0 */ + unix_times.modtime = unix_times.actime; + } + /* Set the date on this file */ if(sys_utime(Files[fnum].name, &unix_times)) return(ERROR(ERRDOS,ERRnoaccess)); - DEBUG(3,("%s reply_setattrE fnum=%d cnum=%d\n",timestring(),fnum,cnum)); + DEBUG(3,("%s reply_setattrE fnum=%d cnum=%d actime=%d modtime=%d\n", + timestring(), fnum,cnum,unix_times.actime,unix_times.modtime)); return(outsize); } -- cgit From cef59090bb2fd3f8a9efd1a453cb90264b891d58 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 26 Sep 1997 18:55:29 +0000 Subject: Adding Andrews buffer overflow fixes into the main branch. Jeremy (jallison@whistle.com) (This used to be commit e7eb1f044d3101679dc7a118820ea5efe0cd837c) --- source3/smbd/reply.c | 175 +++++++++++++++++++++++++++++---------------------- 1 file changed, 101 insertions(+), 74 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8117685637..c1422bbcf6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -48,6 +48,18 @@ a packet to ensure chaining works correctly */ #define GETFNUM(buf,where) (chain_fnum!= -1?chain_fnum:SVAL(buf,where)) +/**************************************************************************** +report a possible attack via the password buffer overflow bug +****************************************************************************/ +static void overflow_attack(int len) +{ + DEBUG(0,("ERROR: Invalid password length %d\n", len)); + DEBUG(0,("you're machine may be under attack by a user exploiting an old bug\n")); + DEBUG(0,("Attack was from IP=%s\n", client_addr())); + exit_server("possible attack"); +} + + /**************************************************************************** reply to an special message ****************************************************************************/ @@ -66,36 +78,36 @@ int reply_special(char *inbuf,char *outbuf) smb_setlen(outbuf,0); switch (msg_type) { - case 0x81: /* session request */ - CVAL(outbuf,0) = 0x82; - CVAL(outbuf,3) = 0; - if (name_len(inbuf+4) > 50) { - DEBUG(0,("Invalid name length in session request\n")); - return(0); - } - name_extract(inbuf,4,name1); - name_extract(inbuf,4 + name_len(inbuf + 4),name2); + case 0x81: /* session request */ + CVAL(outbuf,0) = 0x82; + CVAL(outbuf,3) = 0; + if (name_len(inbuf+4) > 50 || name_len(inbuf+4 + name_len(inbuf + 4)) > 50) { + DEBUG(0,("Invalid name length in session request\n")); + return(0); + } + name_extract(inbuf,4,name1); + name_extract(inbuf,4 + name_len(inbuf + 4),name2); DEBUG(2,("netbios connect: name1=%s name2=%s\n", name1,name2)); - - strcpy(remote_machine,name2); - trim_string(remote_machine," "," "); - p = strchr(remote_machine,' '); - strlower(remote_machine); - if (p) *p = 0; - - strcpy(local_machine,name1); - trim_string(local_machine," "," "); - p = strchr(local_machine,' '); - strlower(local_machine); - if (p) *p = 0; - - add_session_user(remote_machine); - - reload_services(True); - reopen_logs(); - - break; + + fstrcpy(remote_machine,name2); + trim_string(remote_machine," "," "); + p = strchr(remote_machine,' '); + strlower(remote_machine); + if (p) *p = 0; + + fstrcpy(local_machine,name1); + trim_string(local_machine," "," "); + p = strchr(local_machine,' '); + strlower(local_machine); + if (p) *p = 0; + + add_session_user(remote_machine); + + reload_services(True); + reopen_logs(); + + break; case 0x89: /* session keepalive request (some old clients produce this?) */ @@ -160,25 +172,25 @@ static void parse_connect(char *p,char *service,char *user, p2 = strrchr(p,'\\'); if (p2 == NULL) - strcpy(service,p); + fstrcpy(service,p); else - strcpy(service,p2+1); + fstrcpy(service,p2+1); p += strlen(p) + 2; - strcpy(password,p); + fstrcpy(password,p); *pwlen = strlen(password); p += strlen(p) + 2; - strcpy(dev,p); + fstrcpy(dev,p); *user = 0; p = strchr(service,'%'); if (p != NULL) { *p = 0; - strcpy(user,p+1); + fstrcpy(user,p+1); } } @@ -238,6 +250,10 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* we might have to close an old one */ if ((SVAL(inbuf,smb_vwv2) & 0x1) != 0) close_cnum(SVAL(inbuf,smb_tid),vuid); + + if (passlen > MAX_PASSWORD_LENGTH) { + overflow_attack(passlen); + } { char *path; @@ -252,18 +268,17 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) passlen = strlen(password); } - DEBUG(4,("parsing net-path %s, passlen=%d\n",path,passlen)); - strcpy(service,path+2); + fstrcpy(service,path+2); p = strchr(service,'\\'); if (!p) return(ERROR(ERRSRV,ERRinvnetname)); *p = 0; - strcpy(service,p+1); + fstrcpy(service,p+1); p = strchr(service,'%'); if (p) { *p++ = 0; - strcpy(user,p); + fstrcpy(user,p); } StrnCpy(devicename,path + strlen(path) + 1,6); DEBUG(4,("Got device type %s\n",devicename)); @@ -372,11 +387,15 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (Protocol < PROTOCOL_NT1) { smb_apasslen = SVAL(inbuf,smb_vwv7); + if (smb_apasslen > MAX_PASSWORD_LENGTH) + overflow_attack(smb_apasslen); + memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); - StrnCpy(user,smb_buf(inbuf)+smb_apasslen,sizeof(user)-1); + pstrcpy(user,smb_buf(inbuf)+smb_apasslen); - if (lp_security() != SEC_SERVER && !doencrypt) - smb_apasslen = strlen(smb_apasswd); + if (lp_security() != SEC_SERVER && !doencrypt) { + smb_apasslen = strlen(smb_apasswd); + } } else { uint16 passlen1 = SVAL(inbuf,smb_vwv7); uint16 passlen2 = SVAL(inbuf,smb_vwv8); @@ -401,6 +420,13 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (passlen1 != 24 && passlen2 != 24) doencrypt = False; + if (passlen1 > MAX_PASSWORD_LENGTH) { + overflow_attack(passlen1); + } + + passlen1 = MIN(passlen1, MAX_PASSWORD_LENGTH); + passlen2 = MIN(passlen2, MAX_PASSWORD_LENGTH); + if(doencrypt) { /* Save the lanman2 password and the NT md4 password. */ smb_apasslen = passlen1; @@ -438,7 +464,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) } p += passlen1 + passlen2; - strcpy(user,p); p = skip_string(p,1); + fstrcpy(user,p); p = skip_string(p,1); DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", p,skip_string(p,1),skip_string(p,2))); } @@ -591,7 +617,7 @@ int reply_chkpth(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); - strcpy(name,smb_buf(inbuf) + 1); + pstrcpy(name,smb_buf(inbuf) + 1); unix_convert(name,cnum,0,&bad_path); mode = SVAL(inbuf,smb_vwv0); @@ -639,7 +665,7 @@ int reply_getatr(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); - strcpy(fname,smb_buf(inbuf) + 1); + pstrcpy(fname,smb_buf(inbuf) + 1); unix_convert(fname,cnum,0,&bad_path); /* dos smetimes asks for a stat of "" - it returns a "hidden directory" @@ -714,7 +740,7 @@ int reply_setatr(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); - strcpy(fname,smb_buf(inbuf) + 1); + pstrcpy(fname,smb_buf(inbuf) + 1); unix_convert(fname,cnum,0,&bad_path); mode = SVAL(inbuf,smb_vwv0); @@ -825,8 +851,8 @@ int reply_search(char *inbuf,char *outbuf) { pstring dir2; - strcpy(directory,smb_buf(inbuf)+1); - strcpy(dir2,smb_buf(inbuf)+1); + pstrcpy(directory,smb_buf(inbuf)+1); + pstrcpy(dir2,smb_buf(inbuf)+1); unix_convert(directory,cnum,0,&bad_path); unix_format(dir2); @@ -842,7 +868,7 @@ int reply_search(char *inbuf,char *outbuf) else { *p = 0; - strcpy(mask,p+1); + pstrcpy(mask,p+1); } p = strrchr(directory,'/'); @@ -876,7 +902,7 @@ int reply_search(char *inbuf,char *outbuf) if ((p = strrchr(mask,' '))) { fstring ext; - strcpy(ext,p+1); + fstrcpy(ext,p+1); *p = 0; trim_string(mask,NULL," "); strcat(mask,"."); @@ -898,7 +924,7 @@ int reply_search(char *inbuf,char *outbuf) if (!strchr(mask,'.') && strlen(mask)>8) { fstring tmp; - strcpy(tmp,&mask[8]); + fstrcpy(tmp,&mask[8]); mask[8] = '.'; mask[9] = 0; strcat(mask,tmp); @@ -1078,7 +1104,7 @@ int reply_open(char *inbuf,char *outbuf) share_mode = SVAL(inbuf,smb_vwv0); - strcpy(fname,smb_buf(inbuf)+1); + pstrcpy(fname,smb_buf(inbuf)+1); unix_convert(fname,cnum,0,&bad_path); fnum = find_free_file(); @@ -1168,7 +1194,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* XXXX we need to handle passed times, sattr and flags */ - strcpy(fname,smb_buf(inbuf)); + pstrcpy(fname,smb_buf(inbuf)); unix_convert(fname,cnum,0,&bad_path); fnum = find_free_file(); @@ -1281,7 +1307,7 @@ int reply_mknew(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); createmode = SVAL(inbuf,smb_vwv0); - strcpy(fname,smb_buf(inbuf)+1); + pstrcpy(fname,smb_buf(inbuf)+1); unix_convert(fname,cnum,0,&bad_path); if (createmode & aVOLID) @@ -1359,7 +1385,8 @@ int reply_ctemp(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); createmode = SVAL(inbuf,smb_vwv0); - sprintf(fname,"%s/TMXXXXXX",smb_buf(inbuf)+1); + pstrcpy(fname,smb_buf(inbuf)+1); + strcat(fname,"/TMXXXXXX"); unix_convert(fname,cnum,0,&bad_path); unixmode = unix_mode(cnum,createmode); @@ -1455,7 +1482,7 @@ int reply_unlink(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); dirtype = SVAL(inbuf,smb_vwv0); - strcpy(name,smb_buf(inbuf) + 1); + pstrcpy(name,smb_buf(inbuf) + 1); DEBUG(3,("reply_unlink : %s\n",name)); @@ -1503,7 +1530,7 @@ int reply_unlink(char *inbuf,char *outbuf) while ((dname = ReadDirName(dirptr))) { pstring fname; - strcpy(fname,dname); + pstrcpy(fname,dname); if(!mask_match(fname, mask, case_sensitive, False)) continue; @@ -2381,7 +2408,7 @@ int reply_printopen(char *inbuf,char *outbuf) { pstring s; char *p; - StrnCpy(s,smb_buf(inbuf)+1,sizeof(pstring)-1); + pstrcpy(s,smb_buf(inbuf)+1); p = s; while (*p) { @@ -2583,7 +2610,7 @@ int reply_mkdir(char *inbuf,char *outbuf) int outsize,ret= -1; BOOL bad_path = False; - strcpy(directory,smb_buf(inbuf) + 1); + pstrcpy(directory,smb_buf(inbuf) + 1); cnum = SVAL(inbuf,smb_tid); unix_convert(directory,cnum,0,&bad_path); @@ -2680,7 +2707,7 @@ int reply_rmdir(char *inbuf,char *outbuf) BOOL bad_path = False; cnum = SVAL(inbuf,smb_tid); - strcpy(directory,smb_buf(inbuf) + 1); + pstrcpy(directory,smb_buf(inbuf) + 1); unix_convert(directory,cnum,0,&bad_path); if (check_name(directory,cnum)) @@ -2728,7 +2755,7 @@ int reply_rmdir(char *inbuf,char *outbuf) errno = ENOMEM; break; } - strcpy(fullname, directory); + pstrcpy(fullname, directory); strcat(fullname, "/"); strcat(fullname, dname); @@ -2795,21 +2822,21 @@ static BOOL resolve_wildcards(char *name1,char *name2) if (!name1 || !name2) return(False); - strcpy(root1,name1); - strcpy(root2,name2); + fstrcpy(root1,name1); + fstrcpy(root2,name2); p = strrchr(root1,'.'); if (p) { *p = 0; - strcpy(ext1,p+1); + fstrcpy(ext1,p+1); } else { - strcpy(ext1,""); + fstrcpy(ext1,""); } p = strrchr(root2,'.'); if (p) { *p = 0; - strcpy(ext2,p+1); + fstrcpy(ext2,p+1); } else { - strcpy(ext2,""); + fstrcpy(ext2,""); } p = root1; @@ -2883,8 +2910,8 @@ int reply_mv(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); - strcpy(name,smb_buf(inbuf) + 1); - strcpy(newname,smb_buf(inbuf) + 3 + strlen(name)); + pstrcpy(name,smb_buf(inbuf) + 1); + pstrcpy(newname,smb_buf(inbuf) + 3 + strlen(name)); DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); @@ -2998,14 +3025,14 @@ int reply_mv(char *inbuf,char *outbuf) while ((dname = ReadDirName(dirptr))) { pstring fname; - strcpy(fname,dname); + pstrcpy(fname,dname); if(!mask_match(fname, mask, case_sensitive, False)) continue; error = ERRnoaccess; sprintf(fname,"%s/%s",directory,dname); if (!can_rename(fname,cnum)) continue; - strcpy(destname,newname); + pstrcpy(destname,newname); if (!resolve_wildcards(fname,destname)) continue; @@ -3051,7 +3078,7 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, int fnum1,fnum2; pstring dest; - strcpy(dest,dest1); + pstrcpy(dest,dest1); if (target_is_directory) { char *p = strrchr(src,'/'); if (p) @@ -3128,8 +3155,8 @@ int reply_copy(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); - strcpy(name,smb_buf(inbuf)); - strcpy(newname,smb_buf(inbuf) + 1 + strlen(name)); + pstrcpy(name,smb_buf(inbuf)); + pstrcpy(newname,smb_buf(inbuf) + 1 + strlen(name)); DEBUG(3,("reply_copy : %s -> %s\n",name,newname)); @@ -3198,7 +3225,7 @@ int reply_copy(char *inbuf,char *outbuf) while ((dname = ReadDirName(dirptr))) { pstring fname; - strcpy(fname,dname); + pstrcpy(fname,dname); if(!mask_match(fname, mask, case_sensitive, False)) continue; @@ -3252,7 +3279,7 @@ int reply_setdir(char *inbuf,char *outbuf) if (!CAN_SETDIR(snum)) return(ERROR(ERRDOS,ERRnoaccess)); - strcpy(newdir,smb_buf(inbuf) + 1); + pstrcpy(newdir,smb_buf(inbuf) + 1); strlower(newdir); if (strlen(newdir) == 0) -- cgit From dff16872ca39c007d32d114af82d3ccd97f9d47a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 26 Sep 1997 19:26:56 +0000 Subject: Syncing up current oplock work in progress. #ifdef'ed out so should have no effect on other work. Jeremy (jallison@whistle.com) (This used to be commit 7e3d4c8b21f63a06d32605d230129e36883ad08c) --- source3/smbd/reply.c | 79 ++++++++++++++++++++++++++++++++++------------------ 1 file changed, 52 insertions(+), 27 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c1422bbcf6..94839c227a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1099,6 +1099,8 @@ int reply_open(char *inbuf,char *outbuf) int rmode=0; struct stat sbuf; BOOL bad_path = False; + files_struct *fsp; + int oplock_request = CORE_OPLOCK_REQUEST(inbuf); cnum = SVAL(inbuf,smb_tid); @@ -1123,9 +1125,12 @@ int reply_open(char *inbuf,char *outbuf) unixmode = unix_mode(cnum,aARCH); - open_file_shared(fnum,cnum,fname,share_mode,3,unixmode,&rmode,NULL); + open_file_shared(fnum,cnum,fname,share_mode,3,unixmode, + oplock_request,&rmode,NULL); - if (!Files[fnum].open) + fsp = &Files[fnum]; + + if (!fsp->open) { if((errno == ENOENT) && bad_path) { @@ -1135,7 +1140,7 @@ int reply_open(char *inbuf,char *outbuf) return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fstat(Files[fnum].fd_ptr->fd,&sbuf) != 0) { + if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { close_file(fnum); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1157,10 +1162,12 @@ int reply_open(char *inbuf,char *outbuf) SIVAL(outbuf,smb_vwv4,size); SSVAL(outbuf,smb_vwv6,rmode); - if (lp_fake_oplocks(SNUM(cnum))) { - CVAL(outbuf,smb_flg) |= (CVAL(inbuf,smb_flg) & (1<<5)); + if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { + fsp->granted_oplock = True; } + if(fsp->granted_oplock) + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; return(outsize); } @@ -1175,7 +1182,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) int fnum = -1; int smb_mode = SVAL(inbuf,smb_vwv3); int smb_attr = SVAL(inbuf,smb_vwv5); - BOOL oplock_request = BITSETW(inbuf+smb_vwv2,1); + BOOL oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf); #if 0 int open_flags = SVAL(inbuf,smb_vwv2); int smb_sattr = SVAL(inbuf,smb_vwv4); @@ -1187,6 +1194,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) struct stat sbuf; int smb_action = 0; BOOL bad_path = False; + files_struct *fsp; /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(cnum)) @@ -1214,9 +1222,11 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) unixmode = unix_mode(cnum,smb_attr | aARCH); open_file_shared(fnum,cnum,fname,smb_mode,smb_ofun,unixmode, - &rmode,&smb_action); + oplock_request, &rmode,&smb_action); - if (!Files[fnum].open) + fsp = &Files[fnum]; + + if (!fsp->open) { if((errno == ENOENT) && bad_path) { @@ -1226,7 +1236,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fstat(Files[fnum].fd_ptr->fd,&sbuf) != 0) { + if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { close_file(fnum); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1240,9 +1250,12 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) } if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { - smb_action |= (1<<15); + fsp->granted_oplock = True; } + if(fsp->granted_oplock) + smb_action |= EXTENDED_OPLOCK_GRANTED; + set_message(outbuf,15,0,True); SSVAL(outbuf,smb_vwv2,fnum); SSVAL(outbuf,smb_vwv3,fmode); @@ -1302,6 +1315,8 @@ int reply_mknew(char *inbuf,char *outbuf) mode_t unixmode; int ofun = 0; BOOL bad_path = False; + files_struct *fsp; + int oplock_request = CORE_OPLOCK_REQUEST(inbuf); com = SVAL(inbuf,smb_com); cnum = SVAL(inbuf,smb_tid); @@ -1343,9 +1358,12 @@ int reply_mknew(char *inbuf,char *outbuf) } /* Open file in dos compatibility share mode. */ - open_file_shared(fnum,cnum,fname,(DENY_FCB<<4)|0xF, ofun, unixmode, NULL, NULL); + open_file_shared(fnum,cnum,fname,(DENY_FCB<<4)|0xF, ofun, unixmode, + oplock_request, NULL, NULL); - if (!Files[fnum].open) + fsp = &Files[fnum]; + + if (!fsp->open) { if((errno == ENOENT) && bad_path) { @@ -1358,10 +1376,13 @@ int reply_mknew(char *inbuf,char *outbuf) outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fnum); - if (lp_fake_oplocks(SNUM(cnum))) { - CVAL(outbuf,smb_flg) |= (CVAL(inbuf,smb_flg) & (1<<5)); + if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { + fsp->granted_oplock = True; } - + + if(fsp->granted_oplock) + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + DEBUG(2,("new file %s\n",fname)); DEBUG(3,("%s mknew %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n",timestring(),fname,Files[fnum].fd_ptr->fd,fnum,cnum,createmode,unixmode)); @@ -1382,6 +1403,8 @@ int reply_ctemp(char *inbuf,char *outbuf) int createmode; mode_t unixmode; BOOL bad_path = False; + files_struct *fsp; + int oplock_request = CORE_OPLOCK_REQUEST(inbuf); cnum = SVAL(inbuf,smb_tid); createmode = SVAL(inbuf,smb_vwv0); @@ -1409,9 +1432,12 @@ int reply_ctemp(char *inbuf,char *outbuf) /* Open file in dos compatibility share mode. */ /* We should fail if file exists. */ - open_file_shared(fnum,cnum,fname2,(DENY_FCB<<4)|0xF, 0x10, unixmode, NULL, NULL); + open_file_shared(fnum,cnum,fname2,(DENY_FCB<<4)|0xF, 0x10, unixmode, + oplock_request, NULL, NULL); - if (!Files[fnum].open) + fsp = &Files[fnum]; + + if (!fsp->open) { if((errno == ENOENT) && bad_path) { @@ -1426,10 +1452,13 @@ int reply_ctemp(char *inbuf,char *outbuf) CVAL(smb_buf(outbuf),0) = 4; strcpy(smb_buf(outbuf) + 1,fname2); - if (lp_fake_oplocks(SNUM(cnum))) { - CVAL(outbuf,smb_flg) |= (CVAL(inbuf,smb_flg) & (1<<5)); + if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { + fsp->granted_oplock = True; } + if(fsp->granted_oplock) + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + DEBUG(2,("created temp file %s\n",fname2)); DEBUG(3,("%s ctemp %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n",timestring(),fname2,Files[fnum].fd_ptr->fd,fnum,cnum,createmode,unixmode)); @@ -2432,7 +2461,8 @@ int reply_printopen(char *inbuf,char *outbuf) return(ERROR(ERRDOS,ERRnoaccess)); /* Open for exclusive use, write only. */ - open_file_shared(fnum,cnum,fname2,(DENY_ALL<<4)|1, 0x12, unix_mode(cnum,0), NULL, NULL); + open_file_shared(fnum,cnum,fname2,(DENY_ALL<<4)|1, 0x12, unix_mode(cnum,0), + 0, NULL, NULL); if (!Files[fnum].open) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -3094,7 +3124,7 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, fnum1 = find_free_file(); if (fnum1<0) return(False); open_file_shared(fnum1,cnum,src,(DENY_NONE<<4), - 1,0,&Access,&action); + 1,0,0,&Access,&action); if (!Files[fnum1].open) return(False); @@ -3107,7 +3137,7 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, return(False); } open_file_shared(fnum2,cnum,dest,(DENY_NONE<<4)|1, - ofun,st.st_mode,&Access,&action); + ofun,st.st_mode,0,&Access,&action); if (!Files[fnum2].open) { close_file(fnum1); @@ -3713,8 +3743,3 @@ int reply_getattrE(char *inbuf,char *outbuf) return(outsize); } - - - - - -- cgit From a5af479e5d4e93aaf8b1effdbd9057d2a9b85aea Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 26 Sep 1997 19:40:12 +0000 Subject: Fixed you're -> your text that some pedant complained about :-). Jeremy (jallison@whistle.com). (This used to be commit b11833f1bdecf1c3c3e5bc7494741605cba92a1e) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 94839c227a..c1c42be801 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -54,7 +54,7 @@ report a possible attack via the password buffer overflow bug static void overflow_attack(int len) { DEBUG(0,("ERROR: Invalid password length %d\n", len)); - DEBUG(0,("you're machine may be under attack by a user exploiting an old bug\n")); + DEBUG(0,("your machine may be under attack by a user exploiting an old bug\n")); DEBUG(0,("Attack was from IP=%s\n", client_addr())); exit_server("possible attack"); } -- cgit From a0cd12e221af54e00aa7dd971c080881da8b32ac Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 30 Sep 1997 02:38:19 +0000 Subject: dir.c: more pstrcpys. local.h: Add OPLOCK_BREAK_TIMEOUT. password.c: Fix for paranoia password server security bug. proto.h: Updated. reply.c: Oplock changes. server.c: Massive oplock changes - nearly there.... smb.h: oplock definitions. util.c: Add local message processing queues for oplocks. Jeremy (jallison@whistle.com) (This used to be commit 92f1553db2cdf6f32881eb984a87050cf3e4760b) --- source3/smbd/reply.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c1c42be801..8987e7c0c2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -42,6 +42,7 @@ extern BOOL short_case_preserve; extern pstring sesssetup_user; extern fstring myworkgroup; extern int Client; +extern int global_oplock_break; /* this macro should always be used to extract an fnum (smb_fid) from a packet to ensure chaining works correctly */ @@ -388,7 +389,9 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (Protocol < PROTOCOL_NT1) { smb_apasslen = SVAL(inbuf,smb_vwv7); if (smb_apasslen > MAX_PASSWORD_LENGTH) + { overflow_attack(smb_apasslen); + } memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); pstrcpy(user,smb_buf(inbuf)+smb_apasslen); @@ -1163,7 +1166,7 @@ int reply_open(char *inbuf,char *outbuf) SSVAL(outbuf,smb_vwv6,rmode); if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { - fsp->granted_oplock = True; + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } if(fsp->granted_oplock) @@ -1250,7 +1253,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) } if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { - fsp->granted_oplock = True; + smb_action |= EXTENDED_OPLOCK_GRANTED; } if(fsp->granted_oplock) @@ -1377,7 +1380,7 @@ int reply_mknew(char *inbuf,char *outbuf) SSVAL(outbuf,smb_vwv0,fnum); if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { - fsp->granted_oplock = True; + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } if(fsp->granted_oplock) @@ -1453,7 +1456,7 @@ int reply_ctemp(char *inbuf,char *outbuf) strcpy(smb_buf(outbuf) + 1,fname2); if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { - fsp->granted_oplock = True; + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } if(fsp->granted_oplock) -- cgit From 5864551aef50295addd1c8aa690a52870f70626d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 1 Oct 1997 23:32:22 +0000 Subject: OPLOCK CHECK-IN - oplocks are now *OPERATIONAL* !!!! Yipeee. At least as far as I can check in a short time :-). local.h: Changed OPLOCK_BREAK_TIMEOUT to 30 seconds. locking.c: Big changes to delete oplocks on a share mode entry. proto.h: updated. reply.c: Added oplock break code in lockingX reply & readbraw reply. server.c: Add batch oplock code. Force server shutdown if client fails to respond to oplock break. smb.h: Fix silly slow share mode oplock define bug. status.c: Add oplock status info. Jeremy (jallison@whistle.com) (This used to be commit 4c83d37239f15f855fc10f01d7b4bf4217fb9eda) --- source3/smbd/reply.c | 57 +++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 54 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8987e7c0c2..1a896aa02a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1254,10 +1254,13 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { smb_action |= EXTENDED_OPLOCK_GRANTED; + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } - if(fsp->granted_oplock) + if(fsp->granted_oplock) { smb_action |= EXTENDED_OPLOCK_GRANTED; + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + } set_message(outbuf,15,0,True); SSVAL(outbuf,smb_vwv2,fnum); @@ -1609,6 +1612,22 @@ int reply_readbraw(char *inbuf, char *outbuf) int fd; char *fname; +#ifdef USE_OPLOCKS + /* + * Special check if an oplock break has been issued + * and the readraw request croses on the wire, we must + * return a zero length response here. + */ + + if(global_oplock_break) + { + _smb_setlen(header,0); + transfer_file(0,Client,0,header,4,0); + DEBUG(5,("readbraw - oplock break finished\n")); + return -1; + } +#endif + cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); @@ -3342,7 +3361,10 @@ int reply_setdir(char *inbuf,char *outbuf) int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) { int fnum = GETFNUM(inbuf,smb_vwv2); - uint16 locktype = SVAL(inbuf,smb_vwv3); + unsigned char locktype = CVAL(inbuf,smb_vwv3); +#if 0 + unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1); +#endif /* USE_OPLOCKS */ uint16 num_ulocks = SVAL(inbuf,smb_vwv6); uint16 num_locks = SVAL(inbuf,smb_vwv7); uint32 count, offset; @@ -3359,6 +3381,35 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) CHECK_ERROR(fnum); data = smb_buf(inbuf); + +#ifdef USE_OPLOCKS + /* Check if this is an oplock break on a file + we have granted an oplock on. + */ + if((locktype == LOCKING_ANDX_OPLOCK_RELEASE) && + (num_ulocks == 0) && (num_locks == 0) && + (CVAL(inbuf,smb_vwv0) == 0xFF)) + { + DEBUG(5,("reply_lockingX: oplock break reply from client for fnum = %d\n", + fnum)); + /* + * Make sure we have granted an oplock on this file. + */ + if(!Files[fnum].granted_oplock) + { + DEBUG(0,("reply_lockingX: Error : oplock break from client for fnum = %d and \ +oplock granted on this file.\n", fnum)); + return ERROR(ERRDOS,ERRlock); + } + + /* Just clear the granted flag and return. oplock_break() + will handle changing the share_mode_entry. */ + + Files[fnum].granted_oplock = 0; + return -1; + } +#endif /* USE_OPLOCKS */ + /* Data now points at the beginning of the list of smb_unlkrng structs */ for(i = 0; i < (int)num_ulocks; i++) { @@ -3393,7 +3444,7 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) set_message(outbuf,2,0,True); DEBUG(3,("%s lockingX fnum=%d cnum=%d type=%d num_locks=%d num_ulocks=%d\n", - timestring(),fnum,cnum,locktype,num_locks,num_ulocks)); + timestring(),fnum,cnum,(unsigned int)locktype,num_locks,num_ulocks)); chain_fnum = fnum; -- cgit From a69125bae97619580134dfd38f1952f37b2bbcec Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 2 Oct 1997 14:11:34 +0000 Subject: change a debug level in reply.c change from ERRbaddirectory to ERRbadpath for ENOTDIR errors. This reverts to the old Samba code. I've done quite a bit of testing against NT4 and have yet to get it to produce the ERRbaddirectory error code. Producing ERRbaddirectory made a visual basic application that was sent to me not run. This might explain some of the "it doesn't work any more" complaints we've got about 1.9.17. Jeremy, can you remember how you got NT to produce ERRbaddirectory? There might be some specific circumstances we need to cover. (This used to be commit 1ed901ddffef48cdce87017bab0fd613e6ca8637) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1a896aa02a..aa3f43a813 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -599,7 +599,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (!done_sesssetup) max_send = MIN(max_send,smb_bufsize); - DEBUG(1,(" Client requested max send size of %d\n", max_send)); + DEBUG(6,("Client requested max send size of %d\n", max_send)); done_sesssetup = True; -- cgit From 2f7b04061e61df7dcc1029b71fe12ca4dfca5f10 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 3 Oct 1997 20:36:06 +0000 Subject: locking.c: Fixed incorrect parameter count in debug statements. May explain solaris crashes. reply.c: Added NT specific error code. Put oplock break code in correct place in reply_lockingX. server.c: Removed unneeded error mapping stuff. Fixed race condition in oplock code. trans2.c: Added NT specific error code. util.c: Added paranoia check in interpret_addr. Some core dumps reported here. Upped fcntl debug levels. Andrew. Please check the NT specific error code handling (search for the string "/* Ugly - NT specific hack - but needed (JRA) */", this makes NT and 95 clients behave correctly here - please check your Visual Basic apps with this code. Jeremy (jallison@whistle.com). (This used to be commit 97ee4a5f69bd9cfbbc8710a1a04d80db0ee40104) --- source3/smbd/reply.c | 34 +++++++++++++++++++++++++++++----- 1 file changed, 29 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index aa3f43a813..a8f674183c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -640,6 +640,15 @@ int reply_chkpth(char *inbuf,char *outbuf) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + + /* Ugly - NT specific hack - but needed (JRA) */ + if((errno == ENOTDIR) && (Protocol >= PROTOCOL_NT1) && + (get_remote_arch() == RA_WINNT)) + { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbaddirectory; + } + return(UNIXERROR(ERRDOS,ERRbadpath)); } @@ -3390,22 +3399,37 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) (num_ulocks == 0) && (num_locks == 0) && (CVAL(inbuf,smb_vwv0) == 0xFF)) { + share_lock_token token; + files_struct *fsp = &Files[fnum]; + uint32 dev = fsp->fd_ptr->dev; + uint32 inode = fsp->fd_ptr->inode; + DEBUG(5,("reply_lockingX: oplock break reply from client for fnum = %d\n", fnum)); /* * Make sure we have granted an oplock on this file. */ - if(!Files[fnum].granted_oplock) + if(!fsp->granted_oplock) { DEBUG(0,("reply_lockingX: Error : oplock break from client for fnum = %d and \ -oplock granted on this file.\n", fnum)); +no oplock granted on this file.\n", fnum)); return ERROR(ERRDOS,ERRlock); } - /* Just clear the granted flag and return. oplock_break() - will handle changing the share_mode_entry. */ + /* Remove the oplock flag from the sharemode. */ + lock_share_entry(fsp->cnum, dev, inode, &token); + if(remove_share_oplock( fnum, token)==False) + { + DEBUG(0,("reply_lockingX: failed to remove share oplock for fnum %d, \ +dev = %x, inode = %x\n", fnum, dev, inode)); + unlock_share_entry(fsp->cnum, dev, inode, token); + return -1; + } + unlock_share_entry(fsp->cnum, dev, inode, token); + + /* Clear the granted flag and return. */ - Files[fnum].granted_oplock = 0; + fsp->granted_oplock = False; return -1; } #endif /* USE_OPLOCKS */ -- cgit From 2e92be3aaf01c574d32d1a10e1359888638b68bc Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 6 Oct 1997 17:52:25 +0000 Subject: client.c: Changed shadowed variable. locking.c: Removed USE_OPLOCKS - now the default. params.c: Removed unused variable. proto.h: Updated. reply.c: Removed USE_OPLOCKS - now the default. server.c: Removed USE_OPLOCKS - now the default. smb.h: Removed USE_OPLOCKS - now the default. smbparse.c: Changed shadowed variable. status.c: Removed USE_OPLOCKS - now the default. util.c: Removed USE_OPLOCKS - now the default. Jeremy (jallison@whistle.com) (This used to be commit b93509846d6291771787af457500eec8984ee6bd) --- source3/smbd/reply.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a8f674183c..fa641931eb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1621,7 +1621,6 @@ int reply_readbraw(char *inbuf, char *outbuf) int fd; char *fname; -#ifdef USE_OPLOCKS /* * Special check if an oplock break has been issued * and the readraw request croses on the wire, we must @@ -1635,7 +1634,6 @@ int reply_readbraw(char *inbuf, char *outbuf) DEBUG(5,("readbraw - oplock break finished\n")); return -1; } -#endif cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); @@ -3373,7 +3371,7 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) unsigned char locktype = CVAL(inbuf,smb_vwv3); #if 0 unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1); -#endif /* USE_OPLOCKS */ +#endif uint16 num_ulocks = SVAL(inbuf,smb_vwv6); uint16 num_locks = SVAL(inbuf,smb_vwv7); uint32 count, offset; @@ -3391,7 +3389,6 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) data = smb_buf(inbuf); -#ifdef USE_OPLOCKS /* Check if this is an oplock break on a file we have granted an oplock on. */ @@ -3432,7 +3429,6 @@ dev = %x, inode = %x\n", fnum, dev, inode)); fsp->granted_oplock = False; return -1; } -#endif /* USE_OPLOCKS */ /* Data now points at the beginning of the list of smb_unlkrng structs */ -- cgit From e5494e2c093fecd4b493ab925f7c7d30b79bc98d Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 9 Oct 1997 06:36:04 +0000 Subject: bracket some macros change MAX_PASSWORD_LENGTH to MAX_PASS_LEN to prevent conflict on some systems add #ifdef around soft link dependent code (for systems that don't have soft links) (This used to be commit e10ba4b97a219e87b62d32834bf15ed2e323ed2e) --- source3/smbd/reply.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fa641931eb..2a3679553c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -252,7 +252,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) if ((SVAL(inbuf,smb_vwv2) & 0x1) != 0) close_cnum(SVAL(inbuf,smb_tid),vuid); - if (passlen > MAX_PASSWORD_LENGTH) { + if (passlen > MAX_PASS_LEN) { overflow_attack(passlen); } @@ -388,7 +388,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (Protocol < PROTOCOL_NT1) { smb_apasslen = SVAL(inbuf,smb_vwv7); - if (smb_apasslen > MAX_PASSWORD_LENGTH) + if (smb_apasslen > MAX_PASS_LEN) { overflow_attack(smb_apasslen); } @@ -423,12 +423,12 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (passlen1 != 24 && passlen2 != 24) doencrypt = False; - if (passlen1 > MAX_PASSWORD_LENGTH) { + if (passlen1 > MAX_PASS_LEN) { overflow_attack(passlen1); } - passlen1 = MIN(passlen1, MAX_PASSWORD_LENGTH); - passlen2 = MIN(passlen2, MAX_PASSWORD_LENGTH); + passlen1 = MIN(passlen1, MAX_PASS_LEN); + passlen2 = MIN(passlen2, MAX_PASS_LEN); if(doencrypt) { /* Save the lanman2 password and the NT md4 password. */ -- cgit From f3f44f7dbbc360733da329ef55bb0353ae0a8443 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 9 Oct 1997 18:40:52 +0000 Subject: local.h: Fix spelling mistake :-). namedbsubnet.c: Stop registering 1x name unless we can be a local master. reply.c: Remove ERRbaddirectory code. server.c: Remove abort() - use exit_server() instead. trans2.c: Remove ERRbaddirectory code. Jeremy (jallison@whistle.com) (This used to be commit 76247228896d39312ba896fa229076be3271e2e4) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2a3679553c..baccb76291 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -641,13 +641,15 @@ int reply_chkpth(char *inbuf,char *outbuf) unix_ERR_code = ERRbadpath; } - /* Ugly - NT specific hack - but needed (JRA) */ +#if 0 + /* Ugly - NT specific hack - maybe not needed ? (JRA) */ if((errno == ENOTDIR) && (Protocol >= PROTOCOL_NT1) && (get_remote_arch() == RA_WINNT)) { unix_ERR_class = ERRDOS; unix_ERR_code = ERRbaddirectory; } +#endif return(UNIXERROR(ERRDOS,ERRbadpath)); } -- cgit From d83845241381fb6ff86890d1d43c3d3bf6522a2b Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Wed, 15 Oct 1997 19:16:38 +0000 Subject: smb.h smbparse.c pipenetlog.c : whoops, the SAM Logon structure was wrong. updated this, and cifsntdomain.txt. more debug info in pipenetlog.c. the crash is somewhere around deal_with_credentials(). byteorder.h : put in uint8, uint16 and uint32 typecasts around debug info, because sign extending was resulting in ffffffe8 being displayed instead of e8. credentials.c : some debugging info, because i'm tracking a coredump. without gdb. nothing like making things difficult. reply.c : whoops, missed this (important) bit from paul's code, which tells the NT workstation that the MACHINE$ entry doesn't already exist, and we're going to create a default entry with a password "machine" right now. proto.h: the usual. (This used to be commit ed606bc7d4e6fb1091e527ea70a3e950d50a1db4) --- source3/smbd/reply.c | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index baccb76291..dffb6f05bd 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -479,8 +479,31 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* computer with that name (minus the $) has access. For now */ /* say yes to everything ending in $. */ if (user[strlen(user) - 1] == '$') { - computer_id = True; + struct smb_passwd *smb_pass; /* To check if machine account exists */ +#ifdef NTDOMAIN +/* + PAXX: Ack. We don't want to do this. The workstation trust account + with a $ on the end should exist in the local password database + or be mapped to something generic, but not modified. For NT + domain support we must reject this used in certain circumstances + with a code to indicate to the client that it is an invalid use + of a workstation trust account. NTWKS needs this error to join + a domain. This may be the source of future bugs if we cannot + be sure whether to reject this or not. +*/ + smb_pass = get_smbpwnam(user); + if(smb_pass) + { + /* PAXX: This is the NO LOGON workstation trust account stuff */ + DEBUG(4,("Rejecting workstation trust account %s",user)); + SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */ + CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */ + return(ERROR(0x99,0xc000)); /* 0x99 NT error, 0xc00 */ + } + computer_id = True; +#else /* not NTDOMAIN, leave this in. PAXX: Someone get rid of this */ user[strlen(user) - 1] = '\0'; +#endif } -- cgit From 359d42c08d012b3e1c1bc6ac1071f8add706ba35 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 15 Oct 1997 21:53:59 +0000 Subject: ipc.c: Adding Andrews become_root code to the main branch. locking.c: Adding Andrews become_root code to the main branch. pipes.c: Fixing the close_file issue. proto.h: The usual. reply.c: Move smb_pass into NTDOMAIN defined code. Fixing the close_file issue. server.c: Fixing the close_file issue. trans2.c: Fixing the close_file issue. uid.c: Adding Andrews become_root code to the main branch. Jeremy (jallison@whistle.com) (This used to be commit 16fd4337f79ce33f91050c96c4a566221c5d9126) --- source3/smbd/reply.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index dffb6f05bd..56288df073 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -479,8 +479,8 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* computer with that name (minus the $) has access. For now */ /* say yes to everything ending in $. */ if (user[strlen(user) - 1] == '$') { - struct smb_passwd *smb_pass; /* To check if machine account exists */ #ifdef NTDOMAIN + struct smb_passwd *smb_pass; /* To check if machine account exists */ /* PAXX: Ack. We don't want to do this. The workstation trust account with a $ on the end should exist in the local password database @@ -1178,7 +1178,7 @@ int reply_open(char *inbuf,char *outbuf) } if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { - close_file(fnum); + close_file(fnum,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1188,7 +1188,7 @@ int reply_open(char *inbuf,char *outbuf) if (fmode & aDIR) { DEBUG(3,("attempt to open a directory %s\n",fname)); - close_file(fnum); + close_file(fnum,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1274,7 +1274,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) } if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { - close_file(fnum); + close_file(fnum,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1282,7 +1282,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) fmode = dos_mode(cnum,fname,&sbuf); mtime = sbuf.st_mtime; if (fmode & aDIR) { - close_file(fnum); + close_file(fnum,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1328,7 +1328,7 @@ int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) int i; for (i=0;iuid && Files[i].open) { - close_file(i); + close_file(i,False); } } @@ -2271,7 +2271,7 @@ int reply_close(char *inbuf,char *outbuf) /* try and set the date */ set_filetime(Files[fnum].name,mtime); - close_file(fnum); + close_file(fnum,True); /* We have a cached error */ if(eclass || err) @@ -2318,7 +2318,7 @@ int reply_writeclose(char *inbuf,char *outbuf) set_filetime(Files[fnum].name,mtime); - close_file(fnum); + close_file(fnum,True); DEBUG(3,("%s writeclose fnum=%d cnum=%d num=%d wrote=%d (numopen=%d)\n", timestring(),fnum,cnum,numtowrite,nwritten, @@ -2550,7 +2550,7 @@ int reply_printclose(char *inbuf,char *outbuf) if (!CAN_PRINT(cnum)) return(ERROR(ERRDOS,ERRnoaccess)); - close_file(fnum); + close_file(fnum,True); DEBUG(3,("%s printclose fd=%d fnum=%d cnum=%d\n",timestring(),Files[fnum].fd_ptr->fd,fnum,cnum)); @@ -3187,14 +3187,14 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, fnum2 = find_free_file(); if (fnum2<0) { - close_file(fnum1); + close_file(fnum1,False); return(False); } open_file_shared(fnum2,cnum,dest,(DENY_NONE<<4)|1, ofun,st.st_mode,0,&Access,&action); if (!Files[fnum2].open) { - close_file(fnum1); + close_file(fnum1,False); return(False); } @@ -3205,8 +3205,8 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, if (st.st_size) ret = transfer_file(Files[fnum1].fd_ptr->fd,Files[fnum2].fd_ptr->fd,st.st_size,NULL,0,0); - close_file(fnum1); - close_file(fnum2); + close_file(fnum1,False); + close_file(fnum2,False); return(ret == st.st_size); } -- cgit From 0225c88104f8966b6ca1b6ed0485f4753aee4bef Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sat, 18 Oct 1997 15:01:01 +0000 Subject: put the NT_STATUS_ALLOTTED_SPACE_EXCEEDED error in instead of 0x99. whatever that means. (This used to be commit ce54f3a7a965b0a9f888dc45d6f4633609d5ca08) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 56288df073..c5b7c50071 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -26,6 +26,7 @@ #include "includes.h" #include "trans2.h" +#include "nterr.h" /* look in server.c for some explanation of these variables */ extern int Protocol; @@ -498,7 +499,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) DEBUG(4,("Rejecting workstation trust account %s",user)); SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */ CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */ - return(ERROR(0x99,0xc000)); /* 0x99 NT error, 0xc00 */ + return(ERROR(NT_STATUS_ALLOTTED_SPACE_EXCEEDED, 0xc000)); /* 0x99 NT error, 0xc00 */ } computer_id = True; #else /* not NTDOMAIN, leave this in. PAXX: Someone get rid of this */ -- cgit From 3e670e4057321911c6674b8abe3c0bdcd684fd09 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 20 Oct 1997 08:46:00 +0000 Subject: a major share modes reorganisation. The shares modes code is now split into separate files. The shared memory implementation is in locking_shm.c. The slow implementation is in locking_slow.c It is all controlled by a struct share_ops structure that has function pointers to the implementation of all the functions needed by a share modes implementation. An initialisation function sets up this structure. This will make adding new implementations easy and clean. This also allowed me to get rid of the ugly code in smbstatus. Now status.c links to the locking code and calls methods in share_ops. I also renamed some things and generally organised things in a much cleaner fashion. Defines and structures specific to each implementation have been moved to the appropriate file and out of smb.h. (This used to be commit 65ab9adaa0d356b8041ed8a507ea52117f2a284e) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c5b7c50071..7576ee323b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3422,7 +3422,7 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) (num_ulocks == 0) && (num_locks == 0) && (CVAL(inbuf,smb_vwv0) == 0xFF)) { - share_lock_token token; + int token; files_struct *fsp = &Files[fnum]; uint32 dev = fsp->fd_ptr->dev; uint32 inode = fsp->fd_ptr->inode; -- cgit From 79f4fb52c1ed56fd843f81b4eb0cdd2991d4d0f4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 20 Oct 1997 18:52:04 +0000 Subject: loadparm.c: Changed 'interfaces only' parameter to 'bind interfaces only'. Added 'dos filetimes' parameter for UTIME fix. locking_shm.c: Fixed typo (sorry Andrew :-). namepacket.c: Changed lp_interfaces_only() to lp_bind_interfaces_only(). proto.h: The usual. reply.c: Made filetime calls use new file_utime call (wrapper for sys_utime). server.c: Made filetime calls use new file_utime call (wrapper for sys_utime). system.c: Added Andrew's sanity checks to times in sys_utime(). time.c: Moved set_filetime() to server.c. Made null_mtime() global. trans2.c: Made filetime calls use new file_utime call (wrapper for sys_utime). Jeremy (jallison@whistle.com) (This used to be commit 41a1d81c112a82ad2ae1b3c4ee81051f133ce1ed) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- source3/smbd/reply.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7576ee323b..424c7d8183 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -789,7 +789,7 @@ int reply_setatr(char *inbuf,char *outbuf) if (check_name(fname,cnum)) ok = (dos_chmod(cnum,fname,mode,NULL) == 0); if (ok) - ok = set_filetime(fname,mtime); + ok = set_filetime(cnum,fname,mtime); if (!ok) { @@ -2270,7 +2270,7 @@ int reply_close(char *inbuf,char *outbuf) mtime = make_unix_date3(inbuf+smb_vwv1); /* try and set the date */ - set_filetime(Files[fnum].name,mtime); + set_filetime(cnum, Files[fnum].name,mtime); close_file(fnum,True); @@ -2317,7 +2317,7 @@ int reply_writeclose(char *inbuf,char *outbuf) nwritten = write_file(fnum,data,numtowrite); - set_filetime(Files[fnum].name,mtime); + set_filetime(cnum, Files[fnum].name,mtime); close_file(fnum,True); @@ -3787,7 +3787,7 @@ not setting timestamps of 0\n", } /* Set the date on this file */ - if(sys_utime(Files[fnum].name, &unix_times)) + if(file_utime(cnum, Files[fnum].name, &unix_times)) return(ERROR(ERRDOS,ERRnoaccess)); DEBUG(3,("%s reply_setattrE fnum=%d cnum=%d actime=%d modtime=%d\n", -- cgit From 0891bb6a910841455162876be09a92107cd9df00 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 21 Oct 1997 09:34:33 +0000 Subject: rewrote the password server code using the new clientgen.c client interface The new code uses a source netbios name equal to the Samba servers name, not the client name. It also uses NetWkstaUserLogon to do a full network logon. This means it will honour the servers logon restrictions (such as login times etc). (This used to be commit 11de90f972f6d83974425e80014f54e15d495413) --- source3/smbd/reply.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 424c7d8183..3643b6eed0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -379,8 +379,10 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) BOOL computer_id=False; static BOOL done_sesssetup = False; BOOL doencrypt = SMBENCRYPT(); + char *domain = ""; *smb_apasswd = 0; + *smb_ntpasswd = 0; smb_bufsize = SVAL(inbuf,smb_vwv2); smb_mpxmax = SVAL(inbuf,smb_vwv3); @@ -469,8 +471,10 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) p += passlen1 + passlen2; fstrcpy(user,p); p = skip_string(p,1); + domain = p; + DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", - p,skip_string(p,1),skip_string(p,2))); + domain,skip_string(p,1),skip_string(p,2))); } @@ -533,7 +537,10 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if(!guest && strequal(user,lp_guestaccount(-1)) && (*smb_apasswd == 0)) guest = True; - if (!guest && !(lp_security() == SEC_SERVER && server_validate(inbuf)) && + if (!guest && !(lp_security() == SEC_SERVER && + server_validate(user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen)) && !check_hosts_equiv(user)) { -- cgit From 390c1f3c4d3136b454fa5eb8681fa9ca34eaacc2 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sat, 25 Oct 1997 10:58:18 +0000 Subject: Makefile : adding bits for new nt domain code byteorder.h : trying to get macros right, and not to crash on SUNOS5... client.c : added #ifdef NTDOMAIN, and created do_nt_login() function. don't want to have to recompile client.c unless absolutely necessary. credentials.c : moved deal_with_creds() [possibly inappropriately] into credentials.c ipc.c reply.c server.c uid.c : attempting to make (un)become_root() functions calleable from smbclient. this is a little tricky: smbclient might have to be another setuid root program, immediately setuid'ing to non-root, so that we can reset-uid to root to get at the smbpasswd file. or, have a secure pipe mechanism to smbd to grab smbpasswd entries. or the like. smbdes.c smbencrypt.c : created a function to generate lm and nt owf hashes. lsaparse.c ntclient.c smbparse.c : added nt client LSA_AUTH2 code. it works, too! pipenetlog.c pipentlsa.c pipesrvsvc.c : simplification. code-shuffling. getting that damn offset right for the opcode in RPC_HDR. smb.h : changed dcinfo xxx_creds to DOM_CRED structures instead of DOM_CHAL. we might need to store the server times as well. proto.h : the usual. (This used to be commit 82436a3d99d4bdce249ce9ff27fd2ca4b2447e07) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3643b6eed0..22c22ccc55 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2614,7 +2614,7 @@ int reply_printqueue(char *inbuf,char *outbuf) DEBUG(5,("connection not open or not a printer, using cnum %d\n",cnum)); } - if (!become_user(cnum,vuid)) + if (!become_user(&Connections[cnum], cnum, vuid)) return(ERROR(ERRSRV,ERRinvnid)); { -- cgit From 8047228db4d3545da13d87d7b370a38ed0b4c4bb Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 27 Oct 1997 12:02:34 +0000 Subject: Fixed 2 oplock bugs: 1) the oplock macros in smb.h used | where they should have used &. This means that smbd thought that all clients were always requesting oplocks. This would have _really_ confused smbclient and smbfs when they started receiving async oplock break requests when they don't even know what an oplock is! 2) an oplock break request from a client can be embedded in a normal lockingX request, and will be if the client has batched any lock requests internally. The smbd code assumed that all oplock break requests had num_locks==num_ulocks==0 which is not true. The only thing special about a oplock break request with num_locks==num_ulocks==0 is that no reply is sent. Otherwise it is processed as a normal locking request in addition to the oplock break processing. These two fixes get the MS mail system in Win98 working on a Samba 1.9.18 network drive. Andrew (This used to be commit ed71534df56d0296280dbde1859597fb42002088) --- source3/smbd/reply.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 22c22ccc55..f437ea564d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3425,9 +3425,7 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) /* Check if this is an oplock break on a file we have granted an oplock on. */ - if((locktype == LOCKING_ANDX_OPLOCK_RELEASE) && - (num_ulocks == 0) && (num_locks == 0) && - (CVAL(inbuf,smb_vwv0) == 0xFF)) + if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) { int token; files_struct *fsp = &Files[fnum]; @@ -3448,19 +3446,21 @@ no oplock granted on this file.\n", fnum)); /* Remove the oplock flag from the sharemode. */ lock_share_entry(fsp->cnum, dev, inode, &token); - if(remove_share_oplock( fnum, token)==False) - { - DEBUG(0,("reply_lockingX: failed to remove share oplock for fnum %d, \ -dev = %x, inode = %x\n", fnum, dev, inode)); - unlock_share_entry(fsp->cnum, dev, inode, token); - return -1; - } - unlock_share_entry(fsp->cnum, dev, inode, token); + if(remove_share_oplock( fnum, token)==False) { + DEBUG(0,("reply_lockingX: failed to remove share oplock for fnum %d, \ +dev = %x, inode = %x\n", + fnum, dev, inode)); + unlock_share_entry(fsp->cnum, dev, inode, token); + } else { + unlock_share_entry(fsp->cnum, dev, inode, token); - /* Clear the granted flag and return. */ + /* Clear the granted flag and return. */ + fsp->granted_oplock = False; + } - fsp->granted_oplock = False; - return -1; + /* if this is a pure oplock break request then don't send a reply */ + if (num_locks == 0 && num_ulocks == 0) + return -1; } /* Data now points at the beginning of the list -- cgit From 464dc5433641566abeeabd07f46ab569c986a3b0 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 27 Oct 1997 13:38:07 +0000 Subject: also disable read prediction in 1.9.18 (This used to be commit 0f15558efb26b7215540a588dfe8733e9346d407) --- source3/smbd/reply.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f437ea564d..9e261a1bd5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1722,8 +1722,10 @@ int reply_readbraw(char *inbuf, char *outbuf) int predict=0; _smb_setlen(header,nread); +#if USE_READ_PREDICTION if (!Files[fnum].can_write) predict = read_predict(fd,startpos,header+4,NULL,nread); +#endif if ((nread-predict) > 0) seek_file(fnum,startpos + predict); -- cgit From 7c20ee083f6820a4c8776cefae3e0477f79ea934 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 28 Oct 1997 06:07:07 +0000 Subject: refuse pathworks type R connect (patch from Stephen Tweedie) (This used to be commit c63fee2b282c8b53f87e63995384602b66a805a6) --- source3/smbd/reply.c | 63 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 39 insertions(+), 24 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9e261a1bd5..9484f3b85f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -74,42 +74,57 @@ int reply_special(char *inbuf,char *outbuf) extern fstring remote_machine; extern fstring local_machine; char *p; + int len; + char name_type = 0; *name1 = *name2 = 0; smb_setlen(outbuf,0); switch (msg_type) { - case 0x81: /* session request */ - CVAL(outbuf,0) = 0x82; - CVAL(outbuf,3) = 0; - if (name_len(inbuf+4) > 50 || name_len(inbuf+4 + name_len(inbuf + 4)) > 50) { - DEBUG(0,("Invalid name length in session request\n")); - return(0); - } - name_extract(inbuf,4,name1); - name_extract(inbuf,4 + name_len(inbuf + 4),name2); + case 0x81: /* session request */ + CVAL(outbuf,0) = 0x82; + CVAL(outbuf,3) = 0; + if (name_len(inbuf+4) > 50 || + name_len(inbuf+4 + name_len(inbuf + 4)) > 50) { + DEBUG(0,("Invalid name length in session request\n")); + return(0); + } + name_extract(inbuf,4,name1); + name_extract(inbuf,4 + name_len(inbuf + 4),name2); DEBUG(2,("netbios connect: name1=%s name2=%s\n", name1,name2)); - fstrcpy(remote_machine,name2); - trim_string(remote_machine," "," "); - p = strchr(remote_machine,' '); - strlower(remote_machine); - if (p) *p = 0; - - fstrcpy(local_machine,name1); - trim_string(local_machine," "," "); - p = strchr(local_machine,' '); - strlower(local_machine); - if (p) *p = 0; + fstrcpy(remote_machine,name2); + trim_string(remote_machine," "," "); + p = strchr(remote_machine,' '); + strlower(remote_machine); + if (p) *p = 0; + + fstrcpy(local_machine,name1); + trim_string(local_machine," "," "); + len = strlen(local_machine); + if (len == 16) { + name_type = local_machine[15]; + local_machine[15] = 0; + } + p = strchr(local_machine,' '); + strlower(local_machine); + if (p) *p = 0; + + if (name_type == 'R') { + /* We are being asked for a pathworks session --- + no thanks! */ + CVAL(outbuf, 0) = 0x83; + break; + } - add_session_user(remote_machine); + add_session_user(remote_machine); - reload_services(True); - reopen_logs(); + reload_services(True); + reopen_logs(); - break; + break; case 0x89: /* session keepalive request (some old clients produce this?) */ -- cgit From a275e5d4e16142a9924f8b97980f364a80df3b64 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 30 Oct 1997 01:05:13 +0000 Subject: removed mechanism that created actual files NETLOGON, lsarpc and the like, which are pipes on the IPC$ connection. created mechanism to record pipe names in a separate pipes_struct. it is planned to expand this, to return sensible things like interface structures, and policy handles (RPC_IFACE and LSA_POL_HND). and the like. (This used to be commit 33cce5fac0e2f818a19a6c4e6a797ef44f3b5c75) --- source3/smbd/reply.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9484f3b85f..46425861d4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2283,7 +2283,12 @@ int reply_close(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); + /* If it's an IPC, pass off to the pipe handler. */ + if (IS_IPC(cnum)) + return reply_pipe_close(inbuf,outbuf); + fnum = GETFNUM(inbuf,smb_vwv0); + CHECK_FNUM(fnum,cnum); if(HAS_CACHED_ERROR(fnum)) { -- cgit From b26623bc3a8ff5191763c83564453e77edee836a Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sun, 2 Nov 1997 20:35:20 +0000 Subject: Christian Lademann's contribution: new capabilities in smb.conf. '<' and '|' characters indicate read file and execute command respectively, and feed the output into the parameter (!!!). '<$' and '|$' means run standard_sub_basic() on them. this is going to be fun to document in smb.conf.5.... also, Christian created a new "online" service parameter. services can be taken "off-line".... (This used to be commit 15f44d28916cdc1432bffdbb999c7cf7efd8fb86) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 46425861d4..116542ba34 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1023,7 +1023,9 @@ int reply_search(char *inbuf,char *outbuf) if ((dirtype&0x1F) == aVOLID) { memcpy(p,status,21); - make_dir_struct(p,"???????????",volume_label(SNUM(cnum)),0,aVOLID,0); + mode = aVOLID; + if(!CAN_WRITE(cnum)) mode |= aRONLY; + make_dir_struct(p,"???????????",volume_label(SNUM(cnum)),0,mode,0); dptr_fill(p+12,dptr_num); if (dptr_zero(p+12) && (status_len==0)) numentries = 1; -- cgit From cdc6099647f7a48a8e31f9dfc331fe82dd66acdf Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 3 Nov 1997 19:24:45 +0000 Subject: Rolling back the files loadparm.c : to equivalent to version 1.67 reply.c : to equivalent to version 1.69 server.c : to equivalent to version 1.122 util.c : to equivalent to version 1.98 to remove the incorrect changes. proto.h: The usual. rpc_pipes/smbparse.c : Backeting stuff that SHOULD NOT BE IN THE none-NTDOMAIN build ! Jeremy. (This used to be commit 6064c9d80fd9fcc3ceec528494ba5e2591610098) --- source3/smbd/reply.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 116542ba34..46425861d4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1023,9 +1023,7 @@ int reply_search(char *inbuf,char *outbuf) if ((dirtype&0x1F) == aVOLID) { memcpy(p,status,21); - mode = aVOLID; - if(!CAN_WRITE(cnum)) mode |= aRONLY; - make_dir_struct(p,"???????????",volume_label(SNUM(cnum)),0,mode,0); + make_dir_struct(p,"???????????",volume_label(SNUM(cnum)),0,aVOLID,0); dptr_fill(p+12,dptr_num); if (dptr_zero(p+12) && (status_len==0)) numentries = 1; -- cgit From bd529d7a83c35be233baca09bc79aa911ad443ce Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 6 Nov 1997 23:03:58 +0000 Subject: following a cvs error, i am rewriting this monster-commit. with bad grace. Modified Files: --------------- Makefile: adding extra files ipc.c : send_trans_reply() - alignment issue. this makes the alignment the same as that in NT. this should be looked at by people who understand the SMB stuff better than i. api_fd_commands[] - added samr and wkssvc pipes. loadparm.c : lp_domain_controller() changed to mean "samba is a domain controller". it's a "yes/no" parameter, now. no, it isn't used _anywhere_. namedbwork.c nameelect.c : if "domain controller = yes" then add SV_TYPE_DOMAIN_CTRL to the host _and_ workgroup announcements. yes, you must do both: nt does. namelogon.c : important NETLOGON bug in SAMLOGON request parsing, which may be the source of some people's problems with logging on to the Samba PDC. password.c : get_smbpwnam() renamed to get_smbpwd_entry(). pipes.c : added samr and wkssvc pipes. proto.h : usual. can we actually _remove_ proto.h from the cvs tree, and have it as one of the Makefile dependencies, or something? reply.c : get_smbpwnam() renamed to get_smbpwd_entry() - also changed response error code when logging in from a WORKSTATION$ account. yes, paul is right: we need to know when to return the right error code, and why. server.c : added call to reset_chain_pnum(). #ifdef NTDOMAIN added call to init_lsa_policy_hnd() #endif. jeremy, you'd be proud: i did a compile without NTDOMAIN, and caught a link error for this function. smb.h : defines and structures for samr and wkssvc pipes. smbpass.c : modified get_smbpwnam() to get_smbpwd_entry() and it now takes two arguments. one for the name; if this is null, it looks up by smb_userid instead. oh, by the way, smb_userids are actually domain relative ids (RIDs). concatenate a RID with the domain SID, and you have an internet globally unique way of identifying a user. we're using RIDs in the wrong way.... added mod_smbpwnam() function. this was based on code in smbpasswd.c rpc_pipes/lsaparse.c : added enum trusted domain parsing. this is incomplete: i need a packet trace to write it properly. rpc_pipes/pipe_hnd.c : added reset_chain_pnum() function. rpc_pipes/pipenetlog.c : get_smbpwnam() function renamed to get_smbpwd_entry(). arcfour() issues. removed capability of get_md4pw() function to automatically add workstation accounts. this should either be done using smbpasswd -add MACHINE$, or by using \PIPE\samr. rpc_pipes/pipe_util.c : create_pol_hnd() - creates a unique LSA Policy Handle. overkill function: uses a 64 bit sequence number; current unix time and the smbd pid. rpc_pipes/smbparse.c : arcfour() issues. smb_io_unistr2() should advance by uni_str_len not uni_max_len. smb_io_smb_hdr_rb() - request bind uses uint16 for the context id, and uint8 for the num_syntaxes. oops, i put these both as uint32s. Added Files: ------------ rpc_pipes/lsa_hnd.c : on the samr pipe, allocate and associate an LSA Policy Handle with a SID. you receive queries with the LSA Policy Handle, and have to turn this back into a SID in order to answer the query... rpc_pipes/pipesamr.c rpc_pipes/samrparse.c \PIPE\samr processing. samr i presume is the SAM Replication pipe. rpc_pipes/pipewkssvc.c rpc_pipes/wksparse.c \PIPE\wkssvc processing. the Workstation Service pipe? holy cow. (This used to be commit 1bd084b3e690eb26a1006d616075e53d711ecd2f) --- source3/smbd/reply.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 46425861d4..e8d79b098c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -498,7 +498,8 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* If name ends in $ then I think it's asking about whether a */ /* computer with that name (minus the $) has access. For now */ /* say yes to everything ending in $. */ - if (user[strlen(user) - 1] == '$') { + if (user[strlen(user) - 1] == '$') + { #ifdef NTDOMAIN struct smb_passwd *smb_pass; /* To check if machine account exists */ /* @@ -511,15 +512,18 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) a domain. This may be the source of future bugs if we cannot be sure whether to reject this or not. */ - smb_pass = get_smbpwnam(user); - if(smb_pass) + /* non-null user name indicates search by username not by smb userid */ + smb_pass = get_smbpwd_entry(user, 0); + + if (!smb_pass) { /* PAXX: This is the NO LOGON workstation trust account stuff */ - DEBUG(4,("Rejecting workstation trust account %s",user)); + DEBUG(4,("No Workstation trust account %s",user)); SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */ CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */ - return(ERROR(NT_STATUS_ALLOTTED_SPACE_EXCEEDED, 0xc000)); /* 0x99 NT error, 0xc00 */ + return(ERROR(NT_STATUS_LOGON_FAILURE, 0xc000)); /* 0x109 NT error, 0xc000 */ } + computer_id = True; #else /* not NTDOMAIN, leave this in. PAXX: Someone get rid of this */ user[strlen(user) - 1] = '\0'; -- cgit From b9c6add64536e855156a00e32e5288486114e66e Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Fri, 7 Nov 1997 03:28:43 +0000 Subject: ipc.c : added a #define around the alignment thing: it's a way to stop NetMonitor from decoding your packets!!!! proto.h : usual. reply.c : added what i believe to be the correct error messages for getting correct domain joining. smb.h : some guesses at good names of the SAMR_XXXX functions. sorting out the SAMR_LOOKUP_RIDS function. this is *not* the same as the LSA_LOOKUP_RIDS function, unless paul accidentally put it on the ntlsa pipe by mistake, instead of the samr pipe :-) rpc_pipes/lsa_hnd.c rpc_pipes/pipe_hnd.c : moved creation and allocation of unique policy handles into this module. rpc_pipes/pipesamr.c rpc_pipes/samrparse.c rpc_pipes/smbparse.c : SAMR_LOOKUP_RIDS is beginning to look _suspiciously_ like the LSA_LOOKUP_RIDS function. but i know that there are subtle discrepancies. (This used to be commit 6bc07b0b4193e28b13a675fece8d9d6b365a7eb0) --- source3/smbd/reply.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e8d79b098c..78dad6f02f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -516,12 +516,21 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) smb_pass = get_smbpwd_entry(user, 0); if (!smb_pass) + { + /* lkclXXXX: if workstation entry doesn't exist, indicate logon failure */ + DEBUG(4,("Workstation trust account %s doesn't exist.",user)); + SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */ + CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */ + return(ERROR(NT_STATUS_LOGON_FAILURE, 0xc000)); /* decimal 109 NT error, 0xc000 */ + } + else { /* PAXX: This is the NO LOGON workstation trust account stuff */ + /* lkclXXXX: if the workstation *does* exist, indicate failure differently! */ DEBUG(4,("No Workstation trust account %s",user)); SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */ CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */ - return(ERROR(NT_STATUS_LOGON_FAILURE, 0xc000)); /* 0x109 NT error, 0xc000 */ + return(ERROR(NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT, 0xc000)); /* decimal 409 NT error, 0xc000 */ } computer_id = True; -- cgit From e357d9106895b165bfa3f8331b9f186004c9a6cd Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sun, 9 Nov 1997 17:30:10 +0000 Subject: attempting to mark up 32 bit error codes, needed for NT domains. separated out smb server-mode password validation into a separate file. added called and calling netbios names to client gen state: referenced section in rfc1002.txt. created workstation trust account checking code in ntclient.c there might be a bug in reply_session_setup_andX. i indented and added { } around single-line if statements: the lm password checking code now doesn't look right (around the GUEST_SESSSETUP bits). *no code semantics have been changed by the indentation process*. (This used to be commit f27966957fa7f16d337a4a58719239d036deab4c) --- source3/smbd/reply.c | 89 ++++++++++++++++++++++++++++++---------------------- 1 file changed, 52 insertions(+), 37 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 78dad6f02f..532fc583c2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -395,6 +395,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) static BOOL done_sesssetup = False; BOOL doencrypt = SMBENCRYPT(); char *domain = ""; + struct cli_state *pwd_srv = NULL; *smb_apasswd = 0; *smb_ntpasswd = 0; @@ -518,19 +519,17 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (!smb_pass) { /* lkclXXXX: if workstation entry doesn't exist, indicate logon failure */ - DEBUG(4,("Workstation trust account %s doesn't exist.",user)); - SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */ - CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */ - return(ERROR(NT_STATUS_LOGON_FAILURE, 0xc000)); /* decimal 109 NT error, 0xc000 */ + DEBUG(4,("Workstation trust account %s doesn't exist\n",user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); /* PAXX: Someone please unhack this */ + return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); /* decimal 109; critical NT error */ } else { /* PAXX: This is the NO LOGON workstation trust account stuff */ /* lkclXXXX: if the workstation *does* exist, indicate failure differently! */ - DEBUG(4,("No Workstation trust account %s",user)); - SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */ - CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */ - return(ERROR(NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT, 0xc000)); /* decimal 409 NT error, 0xc000 */ + DEBUG(4,("No Workstation trust account %s\n",user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); /* PAXX: Someone please unhack this */ + return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)); /* decimal 409; critical NT error */ } computer_id = True; @@ -563,43 +562,59 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) */ if(!guest && strequal(user,lp_guestaccount(-1)) && (*smb_apasswd == 0)) + { guest = True; + } - if (!guest && !(lp_security() == SEC_SERVER && - server_validate(user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen)) && - !check_hosts_equiv(user)) - { - - /* now check if it's a valid username/password */ - /* If an NT password was supplied try and validate with that - first. This is superior as the passwords are mixed case - 128 length unicode */ - if(smb_ntpasslen) - { - if(!password_ok(user,smb_ntpasswd,smb_ntpasslen,NULL)) - DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); - else - valid_nt_password = True; - } - if (!valid_nt_password && !password_ok(user,smb_apasswd,smb_apasslen,NULL)) + if (!guest && !(lp_security() == SEC_SERVER && + ((pwd_srv = pwd_server_connection()) != NULL) && + server_validate(pwd_srv, user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen)) && + !check_hosts_equiv(user)) { - if (!computer_id && lp_security() >= SEC_USER) { + + /* now check if it's a valid username/password */ + /* If an NT password was supplied try and validate with that + first. This is superior as the passwords are mixed case + 128 length unicode */ + + if (smb_ntpasslen) + { + /* check the NT password, if there is one. */ + if(!password_ok(user,smb_ntpasswd,smb_ntpasslen,NULL)) + { + DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); + } + else + { + valid_nt_password = True; + } + } + + /* check the LM password instead */ + if (!valid_nt_password && !password_ok(user,smb_apasswd,smb_apasslen,NULL)) + { + if (!computer_id && lp_security() >= SEC_USER) + { #if (GUEST_SESSSETUP == 0) - return(ERROR(ERRSRV,ERRbadpw)); + return(ERROR(ERRSRV,ERRbadpw)); #endif #if (GUEST_SESSSETUP == 1) - if (Get_Pwnam(user,True)) - return(ERROR(ERRSRV,ERRbadpw)); + if (Get_Pwnam(user,True)) + return(ERROR(ERRSRV,ERRbadpw)); #endif - } - if (*smb_apasswd || !Get_Pwnam(user,True)) - strcpy(user,lp_guestaccount(-1)); - DEBUG(3,("Registered username %s for guest access\n",user)); - guest = True; + } + + /* no lm or nt password specified: username doesn't exist. allow guest access */ + if (*smb_apasswd || !Get_Pwnam(user,True)) + { + strcpy(user, lp_guestaccount(-1)); + DEBUG(3,("Registered username %s for guest access\n",user)); + guest = True; + } + } } - } if (!Get_Pwnam(user,True)) { DEBUG(3,("No such user %s - using guest account\n",user)); -- cgit From 77aec4ae6307c0ad0b843bbf23d64ccb1aaf7476 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 10 Nov 1997 19:23:17 +0000 Subject: Rolled back tree state to 11:59pm 8th November 1997 EST to remove problems. Jeremy (This used to be commit 4a36ac236c2ad634f05efcd0179875d09988614a) --- source3/smbd/reply.c | 89 ++++++++++++++++++++++------------------------------ 1 file changed, 37 insertions(+), 52 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 532fc583c2..78dad6f02f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -395,7 +395,6 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) static BOOL done_sesssetup = False; BOOL doencrypt = SMBENCRYPT(); char *domain = ""; - struct cli_state *pwd_srv = NULL; *smb_apasswd = 0; *smb_ntpasswd = 0; @@ -519,17 +518,19 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (!smb_pass) { /* lkclXXXX: if workstation entry doesn't exist, indicate logon failure */ - DEBUG(4,("Workstation trust account %s doesn't exist\n",user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); /* PAXX: Someone please unhack this */ - return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); /* decimal 109; critical NT error */ + DEBUG(4,("Workstation trust account %s doesn't exist.",user)); + SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */ + CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */ + return(ERROR(NT_STATUS_LOGON_FAILURE, 0xc000)); /* decimal 109 NT error, 0xc000 */ } else { /* PAXX: This is the NO LOGON workstation trust account stuff */ /* lkclXXXX: if the workstation *does* exist, indicate failure differently! */ - DEBUG(4,("No Workstation trust account %s\n",user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); /* PAXX: Someone please unhack this */ - return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)); /* decimal 409; critical NT error */ + DEBUG(4,("No Workstation trust account %s",user)); + SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */ + CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */ + return(ERROR(NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT, 0xc000)); /* decimal 409 NT error, 0xc000 */ } computer_id = True; @@ -562,59 +563,43 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) */ if(!guest && strequal(user,lp_guestaccount(-1)) && (*smb_apasswd == 0)) - { guest = True; - } - - if (!guest && !(lp_security() == SEC_SERVER && - ((pwd_srv = pwd_server_connection()) != NULL) && - server_validate(pwd_srv, user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen)) && - !check_hosts_equiv(user)) - { - /* now check if it's a valid username/password */ - /* If an NT password was supplied try and validate with that - first. This is superior as the passwords are mixed case - 128 length unicode */ + if (!guest && !(lp_security() == SEC_SERVER && + server_validate(user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen)) && + !check_hosts_equiv(user)) + { - if (smb_ntpasslen) - { - /* check the NT password, if there is one. */ - if(!password_ok(user,smb_ntpasswd,smb_ntpasslen,NULL)) - { - DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); - } - else - { - valid_nt_password = True; - } - } - - /* check the LM password instead */ - if (!valid_nt_password && !password_ok(user,smb_apasswd,smb_apasslen,NULL)) - { - if (!computer_id && lp_security() >= SEC_USER) - { + /* now check if it's a valid username/password */ + /* If an NT password was supplied try and validate with that + first. This is superior as the passwords are mixed case + 128 length unicode */ + if(smb_ntpasslen) + { + if(!password_ok(user,smb_ntpasswd,smb_ntpasslen,NULL)) + DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); + else + valid_nt_password = True; + } + if (!valid_nt_password && !password_ok(user,smb_apasswd,smb_apasslen,NULL)) + { + if (!computer_id && lp_security() >= SEC_USER) { #if (GUEST_SESSSETUP == 0) - return(ERROR(ERRSRV,ERRbadpw)); + return(ERROR(ERRSRV,ERRbadpw)); #endif #if (GUEST_SESSSETUP == 1) - if (Get_Pwnam(user,True)) - return(ERROR(ERRSRV,ERRbadpw)); + if (Get_Pwnam(user,True)) + return(ERROR(ERRSRV,ERRbadpw)); #endif - } - - /* no lm or nt password specified: username doesn't exist. allow guest access */ - if (*smb_apasswd || !Get_Pwnam(user,True)) - { - strcpy(user, lp_guestaccount(-1)); - DEBUG(3,("Registered username %s for guest access\n",user)); - guest = True; - } - } + } + if (*smb_apasswd || !Get_Pwnam(user,True)) + strcpy(user,lp_guestaccount(-1)); + DEBUG(3,("Registered username %s for guest access\n",user)); + guest = True; } + } if (!Get_Pwnam(user,True)) { DEBUG(3,("No such user %s - using guest account\n",user)); -- cgit From 689ed3481d491e247fac8fb57a0bd78bfa216c2a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Nov 1997 23:30:49 +0000 Subject: ipc.c: Changed reply_trans to use receive_next_smb() to cope with local message processing. reply.c: Added check to reply_lockingX for chain after oplock break. server.c: Added receive_next_smb(). trans2.c: Changed reply_trans2 to use receive_next_smb() to cope with local message processing. (This used to be commit f4ae644e13f2c4479dfc94c77c0a8295edf54086) --- source3/smbd/reply.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 78dad6f02f..0d5f016613 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3495,7 +3495,14 @@ dev = %x, inode = %x\n", /* if this is a pure oplock break request then don't send a reply */ if (num_locks == 0 && num_ulocks == 0) - return -1; + { + /* Sanity check - ensure a pure oplock break is not a + chained request. */ + if(CVAL(inbuf,smb_vwv0) != 0xff) + DEBUG(0,("reply_lockingX: Error : pure oplock break is a chained %d request !\n", + (unsigned int)CVAL(inbuf,smb_vwv0) )); + return -1; + } } /* Data now points at the beginning of the list -- cgit From 31e8936b9a416aad109e6f63f4c90ac596116510 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 20 Nov 1997 01:36:36 +0000 Subject: added some debug lines to the rename code (This used to be commit ee3042eefb47bbdbefc83ab3f0f407c7dea4d8a0) --- source3/smbd/reply.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0d5f016613..2c646d99f5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3158,14 +3158,23 @@ int reply_mv(char *inbuf,char *outbuf) error = ERRnoaccess; sprintf(fname,"%s/%s",directory,dname); - if (!can_rename(fname,cnum)) continue; + if (!can_rename(fname,cnum)) { + DEBUG(6,("rename %s refused\n", fname)); + continue; + } pstrcpy(destname,newname); - if (!resolve_wildcards(fname,destname)) continue; + if (!resolve_wildcards(fname,destname)) { + DEBUG(6,("resolve_wildcards %s %s failed\n", + fname, destname)); + continue; + } if (file_exist(destname,NULL)) { - error = 183; - continue; + DEBUG(6,("file_exist %s\n", + destname)); + error = 183; + continue; } if (!sys_rename(fname,destname)) count++; DEBUG(3,("reply_mv : doing rename on %s -> %s\n",fname,destname)); -- cgit From cf9d07cc7d41627a59ea3bec5ba2b9eebb894ab5 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 29 Nov 1997 02:40:31 +0000 Subject: added a sent_oplock_break element to Files[] as a paranoia check so we can't sent a oplock break twice on the same file. changed some debug levels in the oplock code to level 0 so we can track down a bug zero the returned Files[] entry in find_free_file() don't try to overcome client bugs in the handling of non-encrypted passwords if in server level security mode added paranoid null termination of password buffers slight change to my ajt_panic() routine (This used to be commit e360c79c9cec681c4609783019749773d3e79386) --- source3/smbd/reply.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2c646d99f5..ec94ab0552 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -260,7 +260,6 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) int connection_num; uint16 vuid = SVAL(inbuf,smb_uid); int passlen = SVAL(inbuf,smb_vwv3); - BOOL doencrypt = SMBENCRYPT(); *service = *user = *password = *devicename = 0; @@ -279,7 +278,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) password[passlen]=0; path = smb_buf(inbuf) + passlen; - if (!doencrypt || passlen != 24) { + if (passlen != 24) { if (strequal(password," ")) *password = 0; passlen = strlen(password); @@ -412,9 +411,10 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) } memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); + smb_apasswd[smb_apasslen] = 0; pstrcpy(user,smb_buf(inbuf)+smb_apasslen); - if (lp_security() != SEC_SERVER && !doencrypt) { + if (!doencrypt && (lp_security() != SEC_SERVER)) { smb_apasslen = strlen(smb_apasswd); } } else { @@ -448,12 +448,14 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) passlen1 = MIN(passlen1, MAX_PASS_LEN); passlen2 = MIN(passlen2, MAX_PASS_LEN); - if(doencrypt) { + if(doencrypt || (lp_security() == SEC_SERVER)) { /* Save the lanman2 password and the NT md4 password. */ smb_apasslen = passlen1; memcpy(smb_apasswd,p,smb_apasslen); + smb_apasswd[smb_apasslen] = 0; smb_ntpasslen = passlen2; memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen); + smb_ntpasswd[smb_ntpasslen] = 0; } else { /* both Win95 and WinNT stuff up the password lengths for non-encrypting systems. Uggh. -- cgit From 15a6097263d4d5179b0eed43ede74fd65a83e090 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sun, 30 Nov 1997 02:58:34 +0000 Subject: clientgen.c: Added cli_mv() (used in a recent torture test). reply.c: Changed reply_open_and_X to split out the oplock request bits from core and extended and if an oplock was granted only set the corresponding bit on reply. server.c: Added code to dynamically allocate i/o buffers in oplock_break (prevents recursion problems) , also made reset of sent_oplock_break explicit. Jeremy. (This used to be commit 16e55ee2b8be9a4210d8cf87691cdf42373759d2) --- source3/smbd/reply.c | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ec94ab0552..06b96b13d9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1257,7 +1257,11 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) int fnum = -1; int smb_mode = SVAL(inbuf,smb_vwv3); int smb_attr = SVAL(inbuf,smb_vwv5); - BOOL oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf); + /* Breakout the oplock request bits so we can set the + reply bits separately. */ + BOOL ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf); + BOOL core_oplock_request = CORE_OPLOCK_REQUEST(inbuf); + BOOL oplock_request = ex_oplock_request | core_oplock_request; #if 0 int open_flags = SVAL(inbuf,smb_vwv2); int smb_sattr = SVAL(inbuf,smb_vwv4); @@ -1324,13 +1328,29 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) return(ERROR(ERRDOS,ERRnoaccess)); } - if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { + /* If the caller set the extended oplock request bit + and we granted one (by whatever means) - set the + correct bit for extended oplock reply. + */ + + if (ex_oplock_request && lp_fake_oplocks(SNUM(cnum))) { smb_action |= EXTENDED_OPLOCK_GRANTED; - CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } - if(fsp->granted_oplock) { + if(ex_oplock_request && fsp->granted_oplock) { smb_action |= EXTENDED_OPLOCK_GRANTED; + } + + /* If the caller set the core oplock request bit + and we granted one (by whatever means) - set the + correct bit for core oplock reply. + */ + + if (core_oplock_request && lp_fake_oplocks(SNUM(cnum))) { + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + } + + if(core_oplock_request && fsp->granted_oplock) { CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } -- cgit From 87df23458eac4e4a81673442db49467a65102b15 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 3 Dec 1997 03:57:29 +0000 Subject: allow local_machine and remote_machine (%L and %m macros) to contain spaces (This used to be commit 93f0619e049d1598db0c3022aeccf33910b0550f) --- source3/smbd/reply.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 06b96b13d9..c903c7a1fd 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -73,7 +73,6 @@ int reply_special(char *inbuf,char *outbuf) pstring name1,name2; extern fstring remote_machine; extern fstring local_machine; - char *p; int len; char name_type = 0; @@ -96,21 +95,18 @@ int reply_special(char *inbuf,char *outbuf) name1,name2)); fstrcpy(remote_machine,name2); + remote_machine[15] = 0; trim_string(remote_machine," "," "); - p = strchr(remote_machine,' '); strlower(remote_machine); - if (p) *p = 0; fstrcpy(local_machine,name1); - trim_string(local_machine," "," "); len = strlen(local_machine); if (len == 16) { name_type = local_machine[15]; local_machine[15] = 0; } - p = strchr(local_machine,' '); + trim_string(local_machine," "," "); strlower(local_machine); - if (p) *p = 0; if (name_type == 'R') { /* We are being asked for a pathworks session --- -- cgit From 221fda2454396fa6c3d2b820d81c56b4cdc48f13 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 12 Jan 1998 00:20:10 +0000 Subject: *** empty log message *** (This used to be commit 7b031586ca33a381eb0e27f3557f43c2550df5f8) --- source3/smbd/reply.c | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c903c7a1fd..7194f3b144 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1191,6 +1191,7 @@ int reply_open(char *inbuf,char *outbuf) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + Files[fnum].reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1208,6 +1209,7 @@ int reply_open(char *inbuf,char *outbuf) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + Files[fnum].reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1291,6 +1293,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + Files[fnum].reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1308,6 +1311,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + Files[fnum].reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1437,6 +1441,7 @@ int reply_mknew(char *inbuf,char *outbuf) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + Files[fnum].reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1464,6 +1469,7 @@ int reply_mknew(char *inbuf,char *outbuf) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + Files[fnum].reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1519,6 +1525,7 @@ int reply_ctemp(char *inbuf,char *outbuf) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + Files[fnum].reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1538,6 +1545,7 @@ int reply_ctemp(char *inbuf,char *outbuf) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + Files[fnum].reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -2572,15 +2580,19 @@ int reply_printopen(char *inbuf,char *outbuf) strcpy(fname2,(char *)mktemp(fname)); - if (!check_name(fname2,cnum)) - return(ERROR(ERRDOS,ERRnoaccess)); + if (!check_name(fname2,cnum)) { + Files[fnum].reserved = False; + return(ERROR(ERRDOS,ERRnoaccess)); + } /* Open for exclusive use, write only. */ open_file_shared(fnum,cnum,fname2,(DENY_ALL<<4)|1, 0x12, unix_mode(cnum,0), 0, NULL, NULL); - if (!Files[fnum].open) - return(UNIXERROR(ERRDOS,ERRnoaccess)); + if (!Files[fnum].open) { + Files[fnum].reserved = False; + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } /* force it to be a print file */ Files[fnum].print_file = True; @@ -3250,7 +3262,10 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, open_file_shared(fnum1,cnum,src,(DENY_NONE<<4), 1,0,0,&Access,&action); - if (!Files[fnum1].open) return(False); + if (!Files[fnum1].open) { + Files[fnum1].reserved = False; + return(False); + } if (!target_is_directory && count) ofun = 1; @@ -3265,6 +3280,7 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, if (!Files[fnum2].open) { close_file(fnum1,False); + Files[fnum2].reserved = False; return(False); } -- cgit From 7ab9d270fe9fcc0360672ff8e163aba985c69aea Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 15 Jan 1998 04:57:54 +0000 Subject: reply.c: Added timestamp to attack warning. server.c: Fixed security=share problem where the vuid was still being looked at. Jeremy. (This used to be commit ab8d615fe2004c3ca93dd2978ba988ea89d7fd74) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7194f3b144..b1caee10a2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -55,7 +55,7 @@ report a possible attack via the password buffer overflow bug ****************************************************************************/ static void overflow_attack(int len) { - DEBUG(0,("ERROR: Invalid password length %d\n", len)); + DEBUG(0,("%s: ERROR: Invalid password length %d\n", timestring(), len)); DEBUG(0,("your machine may be under attack by a user exploiting an old bug\n")); DEBUG(0,("Attack was from IP=%s\n", client_addr())); exit_server("possible attack"); -- cgit From 4f9674d1c85f2e7293874477ae0da15fee1538c7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 16 Jan 1998 08:58:00 +0000 Subject: reply.c: server.c: Test fix for NT worstation SMBmv oplock bug. smbdes.c: Addition of 'forward' parameter in preparation of allowing password change. Jeremy. (This used to be commit 0b0b1fb122a52e67a8fdc77d013ad0b3bbb90d19) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b1caee10a2..847f6e68f2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1586,7 +1586,7 @@ static BOOL can_delete(char *fname,int cnum,int dirtype) } if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) return(False); - if (!check_file_sharing(cnum,fname)) return(False); + if (!check_file_sharing(cnum,fname,False)) return(False); return(True); } @@ -3039,7 +3039,7 @@ static BOOL can_rename(char *fname,int cnum) if (!CAN_WRITE(cnum)) return(False); if (sys_lstat(fname,&sbuf) != 0) return(False); - if (!check_file_sharing(cnum,fname)) return(False); + if (!check_file_sharing(cnum,fname,True)) return(False); return(True); } -- cgit From 55f400bd84f26027f5ec9b7fa06b22895de7557c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 22 Jan 1998 13:27:43 +0000 Subject: This is *not* a big change (although it looks like one). This is merely updating the Copyright statements from 1997 to 1998. It's a once a year thing :-). NO OTHER CHANGES WERE MADE. Jeremy. (This used to be commit b9c16977231efb274e08856f7f3f4408dad6d96c) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 847f6e68f2..746c79db21 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2,7 +2,7 @@ Unix SMB/Netbios implementation. Version 1.9. Main SMB reply routines - Copyright (C) Andrew Tridgell 1992-1997 + Copyright (C) Andrew Tridgell 1992-1998 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by -- cgit From 4f650dab6f867bda2beeeda71b2b97e75834853f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 24 Jan 1998 08:49:21 +0000 Subject: Added get_create_time() function to time.c. This gets the minimum timestamp associated with a file. reply.c and trans2.c then return this as the create time. Designed to fix problems with VC++ and others. Jeremy. (This used to be commit e3d5f6196d6eff707c78941696a368216e2a7410) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 746c79db21..4703dea475 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3916,7 +3916,7 @@ int reply_getattrE(char *inbuf,char *outbuf) /* Convert the times into dos times. Set create date to be last modify date as UNIX doesn't save this */ - put_dos_date2(outbuf,smb_vwv0,sbuf.st_mtime); + put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf)); put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime); put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime); if (mode & aDIR) -- cgit From 5546e28e69b1a43dbb48e024e233d8ebf7fa667a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 7 Feb 1998 12:15:20 +0000 Subject: A small raft of changes, I will sync up with 1.9.18 also. chgpasswd.c: Fixed typo in debug message. includes.h: Fix include for aix. kanji.c: Added cap_to_sj as inverse of sj_to_cap. loadparm.c: local.h: password.c: Added code for "networkstation user login" parameter. - patch from Rob Nielsen . printing.c: Added further aix printing fixes. reply.c: Changed access time fetch to a function. trans2.c: Changed access time fetch to a function. time.c: Changed access time fetch to a function. server.c: Made NT redirector workaround final. util.c: Added debug for write_socket failing. Jeremy. (This used to be commit a031404623c22d62f8de035be2239f609af08112) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4703dea475..db494d07db 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3917,7 +3917,7 @@ int reply_getattrE(char *inbuf,char *outbuf) date to be last modify date as UNIX doesn't save this */ put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf)); - put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime); + put_dos_date2(outbuf,smb_vwv2,get_access_time(&sbuf)); put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime); if (mode & aDIR) { -- cgit From 99e11e171e40703271ad2a7934708cee66b0bb82 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 11 Feb 1998 11:07:14 +0000 Subject: Makefile: Added AIX 3.2.5. loadparm.c: Added "win95 bug compatibility" parameter. local.h: Replaced MAX_OPEN_FILES back to 100 from 10 (oops). reply.c: Fixed ulogoff check against uid - changed to vuid. server.c: Changed file struct save of uid - changed to vuid. smb.h: Changed id in struct current_user to vuid. Changed file struct uid to vuid. time.c: Added "win95 bug compatibility" atime -> mtime return. trans2.c: Added "win95 bug compatibility" fixes. uid.c: Changed id in struct current_user to vuid - added checks to set/reset it. util.c: Added code to expand environment variables. version.h : still at 1.9.18 (head branch doesn't matter too much at present). Jeremy. (This used to be commit adc903bcf59ad1664babd7f1d43675d3a75bfbc9) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index db494d07db..93bb679289 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1385,7 +1385,7 @@ int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) if ((vuser != 0) && (lp_security() != SEC_SHARE)) { int i; for (i=0;iuid && Files[i].open) { + if ((Files[i].vuid == vuid) && Files[i].open) { close_file(i,False); } } -- cgit From 2beada804a238534628398f62fe4ed9e8d2c3efd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 13 Feb 1998 07:11:58 +0000 Subject: Ding-dong the witch is dead, the witch is dead...... This is the checkin that fixes the infamous Visual C++ 'file has changed' bug. I feel *SO* good about that :-). charset.c: Added (void) to fix Herb's fussy compiler. loadparm.c: Removed "win95 bug compatibility" (didn't like it much anyway :-). Added "dos filetime resolution" instead. reply.c: Added the 2 second timestamp resolution fix that the song above is about. time.c: Removed unneeded get_access_time() function. trans2.c : Removed unneeded "win95 bug compatibility" code. Jeremy. (This used to be commit 10d628e4aeaecc573de27e251fec7b91844cba40) --- source3/smbd/reply.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 93bb679289..38380180f9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -779,7 +779,10 @@ int reply_getatr(char *inbuf,char *outbuf) outsize = set_message(outbuf,10,0,True); SSVAL(outbuf,smb_vwv0,mode); - put_dos_date3(outbuf,smb_vwv1,mtime); + if(lp_dos_filetime_resolution(SNUM(cnum)) ) + put_dos_date3(outbuf,smb_vwv1,mtime & ~1); + else + put_dos_date3(outbuf,smb_vwv1,mtime); SIVAL(outbuf,smb_vwv3,size); if (Protocol >= PROTOCOL_NT1) { @@ -1231,7 +1234,10 @@ int reply_open(char *inbuf,char *outbuf) outsize = set_message(outbuf,7,0,True); SSVAL(outbuf,smb_vwv0,fnum); SSVAL(outbuf,smb_vwv1,fmode); - put_dos_date3(outbuf,smb_vwv2,mtime); + if(lp_dos_filetime_resolution(SNUM(cnum)) ) + put_dos_date3(outbuf,smb_vwv2,mtime & ~1); + else + put_dos_date3(outbuf,smb_vwv2,mtime); SIVAL(outbuf,smb_vwv4,size); SSVAL(outbuf,smb_vwv6,rmode); @@ -1357,7 +1363,10 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) set_message(outbuf,15,0,True); SSVAL(outbuf,smb_vwv2,fnum); SSVAL(outbuf,smb_vwv3,fmode); - put_dos_date3(outbuf,smb_vwv4,mtime); + if(lp_dos_filetime_resolution(SNUM(cnum)) ) + put_dos_date3(outbuf,smb_vwv4,mtime & ~1); + else + put_dos_date3(outbuf,smb_vwv4,mtime); SIVAL(outbuf,smb_vwv6,size); SSVAL(outbuf,smb_vwv8,rmode); SSVAL(outbuf,smb_vwv11,smb_action); @@ -3917,7 +3926,7 @@ int reply_getattrE(char *inbuf,char *outbuf) date to be last modify date as UNIX doesn't save this */ put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf)); - put_dos_date2(outbuf,smb_vwv2,get_access_time(&sbuf)); + put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime); put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime); if (mode & aDIR) { -- cgit From fdeea341ed1bae670382e45eb731db1b5838ad21 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 11 Mar 1998 21:11:04 +0000 Subject: "For I have laboured mightily on Luke's code, and hath broken all I saw" - the book of Jeremy, chapter 1 :-). So here is the mega-merge of the NTDOM branch server code. It doesn't include the new client side pieces, we'll look at that later. This should give the same functionality, server wise, as the NTDOM branch does, only merged into the main branch. Any fixes to domain controler functionality should be added to the main branch, not the NTDOM branch. This code compiles without warnings on gcc2.8, but will need further testing before we are sure all the working functionality of the NTDOM server branch has been correctly carried over. I hereby declare the server side of the NTDOM branch dead (and all who sail in her :-). Jeremy. (This used to be commit 118ba4d77a33248e762a2cf843fb7cbc906ee6e7) --- source3/smbd/reply.c | 116 ++++++++++++++++++++++++++++++++------------------- 1 file changed, 74 insertions(+), 42 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 38380180f9..74cfd797c3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -366,6 +366,74 @@ int reply_ioctl(char *inbuf,char *outbuf) #endif } +/**************************************************************************** + always return an error: it's just a matter of which one... + ****************************************************************************/ +static int session_trust_account(char *inbuf, char *outbuf, char *user, + char *smb_passwd, int smb_passlen, + char *smb_nt_passwd, int smb_nt_passlen) +{ + struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ + if (lp_security() == SEC_USER) + { + smb_trust_acct = get_smbpwd_entry(user, 0); + } + else + { + DEBUG(3,("Trust account %s only supported with security = user\n", user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); + } + + if (smb_trust_acct == NULL) + { + /* lkclXXXX: workstation entry doesn't exist */ + DEBUG(4,("Trust account %s user doesn't exist\n",user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_NO_SUCH_USER)); + } + else + { + if ((smb_passlen != 24) || (smb_nt_passlen != 24)) + { + DEBUG(4,("Trust account %s - password length wrong.\n", user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); + } + + if (!smb_password_ok(smb_trust_acct, smb_passwd, smb_nt_passwd)) + { + DEBUG(4,("Trust Account %s - password failed\n", user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); + } + + if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_DOMTRUST)) + { + DEBUG(4,("Domain trust account %s denied by server\n",user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); + } + + if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_SVRTRUST)) + { + DEBUG(4,("Server trust account %s denied by server\n",user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); + } + if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_WSTRUST)) + { + DEBUG(4,("Wksta trust account %s denied by server\n", user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)); + } + } + + /* don't know what to do: indicate logon failure */ + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); +} + /**************************************************************************** reply to a session setup command @@ -386,7 +454,6 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) BOOL valid_nt_password = False; pstring user; BOOL guest=False; - BOOL computer_id=False; static BOOL done_sesssetup = False; BOOL doencrypt = SMBENCRYPT(); char *domain = ""; @@ -496,48 +563,13 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* If name ends in $ then I think it's asking about whether a */ /* computer with that name (minus the $) has access. For now */ /* say yes to everything ending in $. */ - if (user[strlen(user) - 1] == '$') + if ((user[strlen(user) - 1] == '$') && (smb_apasslen == 24) && (smb_ntpasslen == 24)) { -#ifdef NTDOMAIN - struct smb_passwd *smb_pass; /* To check if machine account exists */ -/* - PAXX: Ack. We don't want to do this. The workstation trust account - with a $ on the end should exist in the local password database - or be mapped to something generic, but not modified. For NT - domain support we must reject this used in certain circumstances - with a code to indicate to the client that it is an invalid use - of a workstation trust account. NTWKS needs this error to join - a domain. This may be the source of future bugs if we cannot - be sure whether to reject this or not. -*/ - /* non-null user name indicates search by username not by smb userid */ - smb_pass = get_smbpwd_entry(user, 0); - - if (!smb_pass) - { - /* lkclXXXX: if workstation entry doesn't exist, indicate logon failure */ - DEBUG(4,("Workstation trust account %s doesn't exist.",user)); - SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */ - CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */ - return(ERROR(NT_STATUS_LOGON_FAILURE, 0xc000)); /* decimal 109 NT error, 0xc000 */ - } - else - { - /* PAXX: This is the NO LOGON workstation trust account stuff */ - /* lkclXXXX: if the workstation *does* exist, indicate failure differently! */ - DEBUG(4,("No Workstation trust account %s",user)); - SSVAL(outbuf, smb_flg2, 0xc003); /* PAXX: Someone please unhack this */ - CVAL(outbuf, smb_reh) = 1; /* PAXX: Someone please unhack this */ - return(ERROR(NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT, 0xc000)); /* decimal 409 NT error, 0xc000 */ - } - - computer_id = True; -#else /* not NTDOMAIN, leave this in. PAXX: Someone get rid of this */ - user[strlen(user) - 1] = '\0'; -#endif + return session_trust_account(inbuf, outbuf, user, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen); } - /* If no username is sent use the guest account */ if (!*user) { @@ -583,7 +615,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) } if (!valid_nt_password && !password_ok(user,smb_apasswd,smb_apasslen,NULL)) { - if (!computer_id && lp_security() >= SEC_USER) { + if (lp_security() >= SEC_USER) { #if (GUEST_SESSSETUP == 0) return(ERROR(ERRSRV,ERRbadpw)); #endif @@ -643,7 +675,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) uid = pw->pw_uid; } - if (guest && !computer_id) + if (guest) SSVAL(outbuf,smb_vwv2,1); /* register the name and uid as being validated, so further connections -- cgit From e13f143ec6c46a1a540339d0a48940c6312ae8d9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 11 Mar 1998 23:20:26 +0000 Subject: Missed fixes in NTDOM branch for doing readX via pipe IPC$. Allows long share lists to be browsed. Browsing *into* a long share name still fails, though. (Luke - you may need to look into this). Jeremy. (This used to be commit 5299d1b49f2bfd6cf84a687548904206f4a18a41) --- source3/smbd/reply.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 74cfd797c3..1415d95522 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1954,6 +1954,10 @@ int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) cnum = SVAL(inbuf,smb_tid); + /* If it's an IPC, pass off the pipe handler. */ + if (IS_IPC(cnum)) + return reply_pipe_read_and_X(inbuf,outbuf,length,bufsize); + CHECK_FNUM(fnum,cnum); CHECK_READ(fnum); CHECK_ERROR(fnum); -- cgit From 4389fba6c3c77a1f1ff7c3c8c85ab483acba77f9 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 12 Mar 1998 02:15:32 +0000 Subject: use FSTYPE_STRING not "SAMBA" for filesystem type (This used to be commit df62c80e1d04059905b8a3c5bf9073ba91331e99) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1415d95522..83a4293fad 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -308,7 +308,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) } else { - char *fsname = "SAMBA"; + char *fsname = FSTYPE_STRING; char *p; set_message(outbuf,3,3,True); -- cgit From 86f5105fbca56ab07f8a33e892fe656672600388 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 15 Mar 1998 03:06:50 +0000 Subject: - claim the null connection after the session request to mak sure we have the netbios name - fix another kill connection bug (This used to be commit c634b799874795d42dae28fb4440ea452dc89b1b) --- source3/smbd/reply.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 83a4293fad..b0550bba57 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -120,6 +120,10 @@ int reply_special(char *inbuf,char *outbuf) reload_services(True); reopen_logs(); + if (lp_status(-1)) { + claim_connection(-1,"STATUS.",MAXSTATUS,True); + } + break; case 0x89: /* session keepalive request -- cgit From c54af0f8b20e3f93c59da6a817920e1de6c4a870 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 16 Mar 1998 20:59:47 +0000 Subject: Adding the same change as was added to 1.9.18 branch to add the "name resolve order" parameter. source/Makefile: Re-ordered link for name resolve order code. source/clientgen.c: source/clientutil.c: Added calls to resolve_name(). source/includes.h: Added HPUX zombie fix. source/loadparm.c: Added new name resolve order parameter. source/namequery.c: Re-wrote to include parsing of lmhosts file, new resolve_name() function requested by John. source/nmbd.c: Tell resolve_name not to do WINS lookups if we are the WINS server. source/nmbd_lmhosts.c: Call lmhosts parsing functions in namequery.c source/password.c: Call resolve_name() to lookup security=server name. source/reply.c: source/time.c: source/trans2.c: "fake directory create times" fix from Jim Hague - hague@research.canon.com.au. source/util.c: Removed isalnum() test in Get_Hostname() that seems to cause problems on many systems. Jeremy. (This used to be commit 7f118970da7c43eaddcf92dc056d3e849f1e7d5c) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b0550bba57..4d163d70a0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3965,7 +3965,7 @@ int reply_getattrE(char *inbuf,char *outbuf) /* Convert the times into dos times. Set create date to be last modify date as UNIX doesn't save this */ - put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf)); + put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(cnum)))); put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime); put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime); if (mode & aDIR) -- cgit From f996885676f041437430bfd5843a3000611b0923 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 17 Mar 1998 12:31:43 +0000 Subject: this isn't a big commit, it just looks like it :-) I needed the client_name() and client_addr() functions in swat so I could tell who was connecting from where. The problem was that these functions didn't take a file descriptor parameter they just used the global "Client". So I needed to change all calls to pass a parameter ... lots of files. (This used to be commit a776058900a727591bd7b69debdaa25c0e31d693) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4d163d70a0..8afda69b32 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -57,7 +57,7 @@ static void overflow_attack(int len) { DEBUG(0,("%s: ERROR: Invalid password length %d\n", timestring(), len)); DEBUG(0,("your machine may be under attack by a user exploiting an old bug\n")); - DEBUG(0,("Attack was from IP=%s\n", client_addr())); + DEBUG(0,("Attack was from IP=%s\n", client_addr(Client))); exit_server("possible attack"); } -- cgit From cac6a060af598bf94e6414b06e7365ec51ca360e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 13 Apr 1998 19:24:06 +0000 Subject: Changes to allow Samba to be compiled with -Wstrict-prototypes with gcc. (Not a big change although it looks like it :-). Jeremy. (This used to be commit cd2613c57261456485fe4eeecfda209ada70de8e) --- source3/smbd/reply.c | 83 +++++++++++++++++++++++++--------------------------- 1 file changed, 40 insertions(+), 43 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8afda69b32..d4ee8223ad 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -217,7 +217,7 @@ static void parse_connect(char *p,char *service,char *user, /**************************************************************************** reply to a tcon ****************************************************************************/ -int reply_tcon(char *inbuf,char *outbuf) +int reply_tcon(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring service; pstring user; @@ -358,7 +358,7 @@ int reply_unknown(char *inbuf,char *outbuf) /**************************************************************************** reply to an ioctl ****************************************************************************/ -int reply_ioctl(char *inbuf,char *outbuf) +int reply_ioctl(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { DEBUG(3,("ignoring ioctl\n")); #if 0 @@ -703,7 +703,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /**************************************************************************** reply to a chkpth ****************************************************************************/ -int reply_chkpth(char *inbuf,char *outbuf) +int reply_chkpth(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; int cnum,mode; @@ -758,7 +758,7 @@ int reply_chkpth(char *inbuf,char *outbuf) /**************************************************************************** reply to a getatr ****************************************************************************/ -int reply_getatr(char *inbuf,char *outbuf) +int reply_getatr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; int cnum; @@ -838,7 +838,7 @@ int reply_getatr(char *inbuf,char *outbuf) /**************************************************************************** reply to a setatr ****************************************************************************/ -int reply_setatr(char *inbuf,char *outbuf) +int reply_setatr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; int cnum; @@ -885,7 +885,7 @@ int reply_setatr(char *inbuf,char *outbuf) /**************************************************************************** reply to a dskattr ****************************************************************************/ -int reply_dskattr(char *inbuf,char *outbuf) +int reply_dskattr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum; int outsize = 0; @@ -912,7 +912,7 @@ int reply_dskattr(char *inbuf,char *outbuf) reply to a search Can be called from SMBsearch, SMBffirst or SMBfunique. ****************************************************************************/ -int reply_search(char *inbuf,char *outbuf) +int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring mask; pstring directory; @@ -1158,7 +1158,7 @@ int reply_search(char *inbuf,char *outbuf) /**************************************************************************** reply to a fclose (stop directory search) ****************************************************************************/ -int reply_fclose(char *inbuf,char *outbuf) +int reply_fclose(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum; int outsize = 0; @@ -1195,7 +1195,7 @@ int reply_fclose(char *inbuf,char *outbuf) /**************************************************************************** reply to an open ****************************************************************************/ -int reply_open(char *inbuf,char *outbuf) +int reply_open(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; int cnum; @@ -1448,7 +1448,7 @@ int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) /**************************************************************************** reply to a mknew or a create ****************************************************************************/ -int reply_mknew(char *inbuf,char *outbuf) +int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; int cnum,com; @@ -1538,7 +1538,7 @@ int reply_mknew(char *inbuf,char *outbuf) /**************************************************************************** reply to a create temporary file ****************************************************************************/ -int reply_ctemp(char *inbuf,char *outbuf) +int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; pstring fname2; @@ -1638,7 +1638,7 @@ static BOOL can_delete(char *fname,int cnum,int dirtype) /**************************************************************************** reply to a unlink ****************************************************************************/ -int reply_unlink(char *inbuf,char *outbuf) +int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; pstring name; @@ -1743,7 +1743,7 @@ int reply_unlink(char *inbuf,char *outbuf) /**************************************************************************** reply to a readbraw (core+ protocol) ****************************************************************************/ -int reply_readbraw(char *inbuf, char *outbuf) +int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) { int cnum,maxcount,mincount,fnum; int nread = 0; @@ -1853,7 +1853,7 @@ int reply_readbraw(char *inbuf, char *outbuf) /**************************************************************************** reply to a lockread (core+ protocol) ****************************************************************************/ -int reply_lockread(char *inbuf,char *outbuf) +int reply_lockread(char *inbuf,char *outbuf, int dum_size, int dum_buffsiz) { int cnum,fnum; int nread = -1; @@ -1899,7 +1899,7 @@ int reply_lockread(char *inbuf,char *outbuf) /**************************************************************************** reply to a read ****************************************************************************/ -int reply_read(char *inbuf,char *outbuf) +int reply_read(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum,numtoread,fnum; int nread = 0; @@ -1994,7 +1994,7 @@ int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) /**************************************************************************** reply to a writebraw (core+ or LANMAN1.0 protocol) ****************************************************************************/ -int reply_writebraw(char *inbuf,char *outbuf) +int reply_writebraw(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int nwritten=0; int total_written=0; @@ -2101,7 +2101,7 @@ int reply_writebraw(char *inbuf,char *outbuf) /**************************************************************************** reply to a writeunlock (core+) ****************************************************************************/ -int reply_writeunlock(char *inbuf,char *outbuf) +int reply_writeunlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum,fnum; int nwritten = -1; @@ -2158,7 +2158,7 @@ int reply_writeunlock(char *inbuf,char *outbuf) /**************************************************************************** reply to a write ****************************************************************************/ -int reply_write(char *inbuf,char *outbuf,int dum1,int dum2) +int reply_write(char *inbuf,char *outbuf,int dum_size,int dum_buffsize) { int cnum,numtowrite,fnum; int nwritten = -1; @@ -2166,9 +2166,6 @@ int reply_write(char *inbuf,char *outbuf,int dum1,int dum2) int startpos; char *data; - dum1 = dum2 = 0; - - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); @@ -2276,7 +2273,7 @@ int reply_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) /**************************************************************************** reply to a lseek ****************************************************************************/ -int reply_lseek(char *inbuf,char *outbuf) +int reply_lseek(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum,fnum; uint32 startpos; @@ -2317,7 +2314,7 @@ int reply_lseek(char *inbuf,char *outbuf) /**************************************************************************** reply to a flush ****************************************************************************/ -int reply_flush(char *inbuf,char *outbuf) +int reply_flush(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum, fnum; int outsize = set_message(outbuf,0,0,True); @@ -2348,7 +2345,7 @@ int reply_flush(char *inbuf,char *outbuf) /**************************************************************************** reply to a exit ****************************************************************************/ -int reply_exit(char *inbuf,char *outbuf) +int reply_exit(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); DEBUG(3,("%s exit\n",timestring())); @@ -2360,7 +2357,7 @@ int reply_exit(char *inbuf,char *outbuf) /**************************************************************************** reply to a close ****************************************************************************/ -int reply_close(char *inbuf,char *outbuf) +int reply_close(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int fnum,cnum; int outsize = 0; @@ -2406,7 +2403,7 @@ int reply_close(char *inbuf,char *outbuf) /**************************************************************************** reply to a writeclose (Core+ protocol) ****************************************************************************/ -int reply_writeclose(char *inbuf,char *outbuf) +int reply_writeclose(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum,numtowrite,fnum; int nwritten = -1; @@ -2455,7 +2452,7 @@ int reply_writeclose(char *inbuf,char *outbuf) /**************************************************************************** reply to a lock ****************************************************************************/ -int reply_lock(char *inbuf,char *outbuf) +int reply_lock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int fnum,cnum; int outsize = set_message(outbuf,0,0,True); @@ -2484,7 +2481,7 @@ int reply_lock(char *inbuf,char *outbuf) /**************************************************************************** reply to a unlock ****************************************************************************/ -int reply_unlock(char *inbuf,char *outbuf) +int reply_unlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int fnum,cnum; int outsize = set_message(outbuf,0,0,True); @@ -2513,7 +2510,7 @@ int reply_unlock(char *inbuf,char *outbuf) /**************************************************************************** reply to a tdis ****************************************************************************/ -int reply_tdis(char *inbuf,char *outbuf) +int reply_tdis(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum; int outsize = set_message(outbuf,0,0,True); @@ -2541,7 +2538,7 @@ int reply_tdis(char *inbuf,char *outbuf) /**************************************************************************** reply to a echo ****************************************************************************/ -int reply_echo(char *inbuf,char *outbuf) +int reply_echo(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum; int smb_reverb = SVAL(inbuf,smb_vwv0); @@ -2591,7 +2588,7 @@ int reply_echo(char *inbuf,char *outbuf) /**************************************************************************** reply to a printopen ****************************************************************************/ -int reply_printopen(char *inbuf,char *outbuf) +int reply_printopen(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; pstring fname2; @@ -2658,7 +2655,7 @@ int reply_printopen(char *inbuf,char *outbuf) /**************************************************************************** reply to a printclose ****************************************************************************/ -int reply_printclose(char *inbuf,char *outbuf) +int reply_printclose(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int fnum,cnum; int outsize = set_message(outbuf,0,0,True); @@ -2683,7 +2680,7 @@ int reply_printclose(char *inbuf,char *outbuf) /**************************************************************************** reply to a printqueue ****************************************************************************/ -int reply_printqueue(char *inbuf,char *outbuf) +int reply_printqueue(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum; int outsize = set_message(outbuf,2,3,True); @@ -2777,7 +2774,7 @@ int reply_printqueue(char *inbuf,char *outbuf) /**************************************************************************** reply to a printwrite ****************************************************************************/ -int reply_printwrite(char *inbuf,char *outbuf) +int reply_printwrite(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum,numtowrite,fnum; int outsize = set_message(outbuf,0,0,True); @@ -2809,7 +2806,7 @@ int reply_printwrite(char *inbuf,char *outbuf) /**************************************************************************** reply to a mkdir ****************************************************************************/ -int reply_mkdir(char *inbuf,char *outbuf) +int reply_mkdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring directory; int cnum; @@ -2904,7 +2901,7 @@ static BOOL recursive_rmdir(char *directory) /**************************************************************************** reply to a rmdir ****************************************************************************/ -int reply_rmdir(char *inbuf,char *outbuf) +int reply_rmdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring directory; int cnum; @@ -3096,7 +3093,7 @@ static BOOL can_rename(char *fname,int cnum) /**************************************************************************** reply to a mv ****************************************************************************/ -int reply_mv(char *inbuf,char *outbuf) +int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; pstring name; @@ -3351,7 +3348,7 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, /**************************************************************************** reply to a file copy. ****************************************************************************/ -int reply_copy(char *inbuf,char *outbuf) +int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; pstring name; @@ -3485,7 +3482,7 @@ int reply_copy(char *inbuf,char *outbuf) /**************************************************************************** reply to a setdir ****************************************************************************/ -int reply_setdir(char *inbuf,char *outbuf) +int reply_setdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum,snum; int outsize = 0; @@ -3714,7 +3711,7 @@ int reply_readbmpx(char *inbuf,char *outbuf,int length,int bufsize) /**************************************************************************** reply to a SMBwritebmpx (write block multiplex primary) request ****************************************************************************/ -int reply_writebmpx(char *inbuf,char *outbuf) +int reply_writebmpx(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum,numtowrite,fnum; int nwritten = -1; @@ -3807,7 +3804,7 @@ int reply_writebmpx(char *inbuf,char *outbuf) /**************************************************************************** reply to a SMBwritebs (write block multiplex secondary) request ****************************************************************************/ -int reply_writebs(char *inbuf,char *outbuf) +int reply_writebs(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum,numtowrite,fnum; int nwritten = -1; @@ -3888,7 +3885,7 @@ int reply_writebs(char *inbuf,char *outbuf) /**************************************************************************** reply to a SMBsetattrE ****************************************************************************/ -int reply_setattrE(char *inbuf,char *outbuf) +int reply_setattrE(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum,fnum; struct utimbuf unix_times; @@ -3941,7 +3938,7 @@ not setting timestamps of 0\n", /**************************************************************************** reply to a SMBgetattrE ****************************************************************************/ -int reply_getattrE(char *inbuf,char *outbuf) +int reply_getattrE(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int cnum,fnum; struct stat sbuf; -- cgit From d5e040247e180664bd32a0d7d8dd905f46cbdb47 Mon Sep 17 00:00:00 2001 From: "Christopher R. Hertel" Date: Mon, 13 Apr 1998 22:45:52 +0000 Subject: Changes include: proto.h: The unusual. ;) reply.c: I changes some function names, and updated reply.c to match. See mangle.c below for more. server.c: Changed function names and parameters in file mangle.c, so changed server.c calls to match. See mangle.c below for more. mangle.c: I replaced the caching mechanism used for caching reverse mangled name maps. The old method was a large array of 256-byte strings. Movement in the stack (including push and pop) was done by memcpy()ing whole chunks of memory around. The new system uses the ubi_Cache module which, in turn, uses a splay tree. Entries are dynamically allocated using a minimum amount of memory. Searches are non-linear, which should speed things up a bit, too. Overall, this should save memory and be faster. Other changes: I streamlined the is_mangled() test and made other speed enhancements including replacing some static functions with macros. Added comments, etc. Note: Per an E'mail conversation with Andrew, the 'mangled stack' parameter in smb.conf doesn't do anything anymore. The cache is now set for 16K bytes maximum memory usage. The mangle stack parameter is silently ignored. This can easily be changed, but I'd rather introduce a 'mangled cache memory' parameter and remove 'mangled stack'. Remaining problems: While testing the module, I noticed that something is calling name_map_mangle() twice. The result is that names which contain illegal characters are getting mangled twice. Also, the entire module works by overwriting the input string. This has a variety of nasty side effects. Summary: There's a lot still to be done, but the changes I have in place *should* work in exactly the same way (except for the mangle stack parameter). The rest of the bugs and other issues are separate. Chris -)----- (This used to be commit 8759bec11ba483b2292b0e513b85c98ed5e3e2d4) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d4ee8223ad..7807bf8369 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1675,7 +1675,7 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) } if (is_mangled(mask)) - check_mangled_stack(mask); + check_mangled_cache( mask ); has_wild = strchr(mask,'*') || strchr(mask,'?'); @@ -3142,7 +3142,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) } if (is_mangled(mask)) - check_mangled_stack(mask); + check_mangled_cache( mask ); has_wild = strchr(mask,'*') || strchr(mask,'?'); @@ -3412,7 +3412,7 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) } if (is_mangled(mask)) - check_mangled_stack(mask); + check_mangled_cache( mask ); has_wild = strchr(mask,'*') || strchr(mask,'?'); -- cgit From 2a53d6f7077de596265a3e73e79827392054142c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 14 Apr 1998 00:41:59 +0000 Subject: Modified interfaces to getting smb password entries from get_smbpwd_entry (now an internal function to smbpass.c) to a more UNIX-like : getsmbpwnam() - get entry by name. getsmbpwuid() - get entry by uid. Changed the type returned by the smbpasswd enumeration functions to be a void * so that people don't come to depend on it being a FILE *. These abstractions should make it much easier to replace the smbpasswd file with a better backend in future. Other files changed are to match the above changes. Jeremy. (This used to be commit 1161cfb7f2b0d5a6d3e2b524a14a6f325ce70efb) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7807bf8369..eaf3fe9920 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -380,7 +380,7 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ if (lp_security() == SEC_USER) { - smb_trust_acct = get_smbpwd_entry(user, 0); + smb_trust_acct = getsmbpwnam(user); } else { -- cgit From 7b9a53b68079231fc0c65ee4a265de297031a161 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 16 Apr 1998 19:23:10 +0000 Subject: reply.c: Fix bugs where debug statements were accessing the fd_ptr struct internals after Andrews' code had memset it to zero (this was causing core dumps). charcnv.c: Fixes for ISO8859-2 from Petr Hubeny . Jeremy. (This used to be commit df8783ca76d543d200c743f515a185cfea2880df) --- source3/smbd/reply.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index eaf3fe9920..2c4800b1c2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2386,16 +2386,16 @@ int reply_close(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /* try and set the date */ set_filetime(cnum, Files[fnum].name,mtime); + DEBUG(3,("%s close fd=%d fnum=%d cnum=%d (numopen=%d)\n", + timestring(),Files[fnum].fd_ptr->fd,fnum,cnum, + Connections[cnum].num_files_open)); + close_file(fnum,True); /* We have a cached error */ if(eclass || err) return(ERROR(eclass,err)); - DEBUG(3,("%s close fd=%d fnum=%d cnum=%d (numopen=%d)\n", - timestring(),Files[fnum].fd_ptr->fd,fnum,cnum, - Connections[cnum].num_files_open)); - return(outsize); } @@ -2669,10 +2669,10 @@ int reply_printclose(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (!CAN_PRINT(cnum)) return(ERROR(ERRDOS,ERRnoaccess)); - close_file(fnum,True); - DEBUG(3,("%s printclose fd=%d fnum=%d cnum=%d\n",timestring(),Files[fnum].fd_ptr->fd,fnum,cnum)); + close_file(fnum,True); + return(outsize); } -- cgit From 8584c6bd6621eefb49aff69581caf28e38b4ceda Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 22 Apr 1998 00:56:38 +0000 Subject: genrand.c: Improved generation of random values, more secure. loadparm.c: Started add of 'security=domain' code. password.c: Fix for security=server NT bugs. reply.c: Started add of 'security=domain' code. server.c: Started add of 'security=domain' code. smb.h: Started add of 'security=domain' code. Jeremy. (This used to be commit e6bda112ebe0d41f54c4249b5c2e1f24011347e1) --- source3/smbd/reply.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2c4800b1c2..2f3b3660fc 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -515,7 +515,11 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) passlen1 = MIN(passlen1, MAX_PASS_LEN); passlen2 = MIN(passlen2, MAX_PASS_LEN); - if(doencrypt || (lp_security() == SEC_SERVER)) { +#ifdef DOMAIN_CLIENT + if(doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) { +#else /* DOMAIN_CLIENT */ + if(doencrypt || lp_security() == SEC_SERVER) { +#endif /* DOMAIN_CLIENT */ /* Save the lanman2 password and the NT md4 password. */ smb_apasslen = passlen1; memcpy(smb_apasswd,p,smb_apasslen); @@ -603,6 +607,12 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) server_validate(user, domain, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen)) && +#ifdef DOMAIN_CLIENT + !(lp_security() == SEC_DOMAIN && + domain_client_validate(user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen)) && +#endif /* DOMAIN_CLIENT */ !check_hosts_equiv(user)) { -- cgit From a85f5bc268a1c13334b86ac3a44a026359c09371 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 23 Apr 1998 18:54:57 +0000 Subject: genrand.c: Changed SMB_PASSWD_FILE to lp_smb_passwd_file(). password.c: Started the initial code for domain_client_validate(). All bracketed with #ifdef DOMAIN_CLIENT for now. reply.c: Call to domain_client_validate(). All bracketed with #ifdef DOMAIN_CLIENT for now. smbpass.c: New code to get/set machine passwords. Tidied up nesting of lock calls. Jeremy. (This used to be commit 89fe059a6816f32d2cc5c4c04c4089b60590e7e6) --- source3/smbd/reply.c | 109 ++++++++++++++++++++++++++------------------------- 1 file changed, 55 insertions(+), 54 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2f3b3660fc..4472aa16e6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -377,65 +377,66 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, char *smb_passwd, int smb_passlen, char *smb_nt_passwd, int smb_nt_passlen) { - struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ - if (lp_security() == SEC_USER) - { - smb_trust_acct = getsmbpwnam(user); - } - else - { - DEBUG(3,("Trust account %s only supported with security = user\n", user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); - } + struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ + if (lp_security() == SEC_USER) + { + smb_trust_acct = getsmbpwnam(user); + } + else + { + DEBUG(0,("session_trust_account: Trust account %s only supported with security = user\n", user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); + } - if (smb_trust_acct == NULL) - { - /* lkclXXXX: workstation entry doesn't exist */ - DEBUG(4,("Trust account %s user doesn't exist\n",user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_NO_SUCH_USER)); - } - else - { - if ((smb_passlen != 24) || (smb_nt_passlen != 24)) - { - DEBUG(4,("Trust account %s - password length wrong.\n", user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); - } + if (smb_trust_acct == NULL) + { + /* lkclXXXX: workstation entry doesn't exist */ + DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_NO_SUCH_USER)); + } + else + { + if ((smb_passlen != 24) || (smb_nt_passlen != 24)) + { + DEBUG(0,("session_trust_account: Trust account %s - password length wrong.\n", user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); + } - if (!smb_password_ok(smb_trust_acct, smb_passwd, smb_nt_passwd)) - { - DEBUG(4,("Trust Account %s - password failed\n", user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); - } + if (!smb_password_ok(smb_trust_acct, smb_passwd, smb_nt_passwd)) + { + DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); + } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_DOMTRUST)) - { - DEBUG(4,("Domain trust account %s denied by server\n",user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); - } + if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_DOMTRUST)) + { + DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); + } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_SVRTRUST)) - { - DEBUG(4,("Server trust account %s denied by server\n",user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); - } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_WSTRUST)) - { - DEBUG(4,("Wksta trust account %s denied by server\n", user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)); - } - } + if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_SVRTRUST)) + { + DEBUG(0,("session_trust_account: Server trust account %s denied by server\n",user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); + } + + if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_WSTRUST)) + { + DEBUG(4,("session_trust_account: Wksta trust account %s denied by server\n", user)); + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)); + } + } - /* don't know what to do: indicate logon failure */ - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); + /* don't know what to do: indicate logon failure */ + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } -- cgit From e7ac86607c80912e55ac7179b100cea22749c16f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 25 Apr 1998 01:12:08 +0000 Subject: This looks like a big change but really isn't. It is changing the global variables "myname" and "myworkgroup" to "global_myname" and "global_myworkgroup" respectively. This is to make it very explicit when we are messing with a global (don't ask - it makes the domain client code much clearer :-). Jeremy. (This used to be commit 866406bfe399cf757c8275093dacd5ce4843afa0) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4472aa16e6..fe1de65be3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -41,7 +41,7 @@ extern BOOL case_sensitive; extern BOOL case_preserve; extern BOOL short_case_preserve; extern pstring sesssetup_user; -extern fstring myworkgroup; +extern fstring global_myworkgroup; extern int Client; extern int global_oplock_break; @@ -671,7 +671,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) p = smb_buf(outbuf); strcpy(p,"Unix"); p = skip_string(p,1); strcpy(p,"Samba "); strcat(p,VERSION); p = skip_string(p,1); - strcpy(p,myworkgroup); p = skip_string(p,1); + strcpy(p,global_myworkgroup); p = skip_string(p,1); set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); /* perhaps grab OS version here?? */ } -- cgit From d3832506b2583130c4f4ba4b3edeabca987b7cbb Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 29 Apr 1998 00:02:57 +0000 Subject: This is the checkin that adds the security=domain functionality. WARNING - so far this has only been tested against a Samba PDC (still waiting for IS to add me the machine accounts :-). Still missing is the code in smbpasswd that will add a machine account password and change it on the domain controller, but this is not hard, and I will check it in soon. Jeremy. (This used to be commit 17b94a7084621b3f0106dd4d3386f05cdfc56d19) --- source3/smbd/reply.c | 6 ------ 1 file changed, 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fe1de65be3..a8a0c2f98c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -516,11 +516,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) passlen1 = MIN(passlen1, MAX_PASS_LEN); passlen2 = MIN(passlen2, MAX_PASS_LEN); -#ifdef DOMAIN_CLIENT if(doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) { -#else /* DOMAIN_CLIENT */ - if(doencrypt || lp_security() == SEC_SERVER) { -#endif /* DOMAIN_CLIENT */ /* Save the lanman2 password and the NT md4 password. */ smb_apasslen = passlen1; memcpy(smb_apasswd,p,smb_apasslen); @@ -608,12 +604,10 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) server_validate(user, domain, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen)) && -#ifdef DOMAIN_CLIENT !(lp_security() == SEC_DOMAIN && domain_client_validate(user, domain, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen)) && -#endif /* DOMAIN_CLIENT */ !check_hosts_equiv(user)) { -- cgit From 19f76f391b97b405879fd8574e711a6d59e4e60c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 5 May 1998 19:24:32 +0000 Subject: genrand.c: SGI compile warning fix. ipc.c: Fix for duplicate printer names being long. loadparm.c: Set bNetWkstaUserLogon to false by default - new code in password.c protects us. nmbd_logonnames.c: nmbd_namequery.c: nmbd_namerelease.c: Debug messages fix. password.c: SGI compile warning fix, fix for tcon() with bNetWkstaUserLogon call. reply.c: SGI compile warning fix. server.c Debug messages fix. smbpass.c: Fix for incorrect pointer. Jeremy. (This used to be commit 567d3f838988cafab4770fce1cf68b73085e6c71) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a8a0c2f98c..3a0d4a9bee 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -405,7 +405,7 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(smb_trust_acct, smb_passwd, smb_nt_passwd)) + if (!smb_password_ok(smb_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); -- cgit From a2bddb20ed078c3e1b9cb60a7420b3d107898f52 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 6 May 1998 01:34:51 +0000 Subject: Fixes for the %U and %G problems people have reported. Essentially, multiple session_setup_and_X's may be done to an smbd. As there is only one global variable containing the requested connection name (sessionsetup_user), then any subsequent sessionsetups overwrite this name (causing %U and %G to get the wrong name). This is particularly common when an NT client does a null session setup to get a browse list after the user has connected, but before a share has been mounted. These changes store the requested_name in the vuid structure (so this only really works for user level and above security) and copies this name back into the global variable before the standard_sub call. Jeremy. (This used to be commit b5187ad6a3b3af9fbbeee8bced0ab16b41e9825b) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3a0d4a9bee..50b977d49f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -689,7 +689,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - sess_vuid = register_vuid(uid,gid,user,guest); + sess_vuid = register_vuid(uid,gid,user,sesssetup_user,guest); SSVAL(outbuf,smb_uid,sess_vuid); SSVAL(inbuf,smb_uid,sess_vuid); -- cgit From d8d9f7723337c267a8740750fe19a6387cfbb1f6 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 7 May 1998 18:19:05 +0000 Subject: created "passdb.c" which is an interface point to (at present) either smbpasswd or ldap passwd, at compile-time (-DUSE_LDAP). _none_ of the functions in ldap.c or smbpass.c should be called directly: only those in passdb.c should be used. -DUSE_LDAP is unlikely to compile at the moment. (This used to be commit 57b01ad4ffb14ebd600d4e66602b54ed987f6106) --- source3/smbd/reply.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 50b977d49f..1567e52777 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -377,10 +377,10 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, char *smb_passwd, int smb_passlen, char *smb_nt_passwd, int smb_nt_passlen) { - struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ + struct smb_passwd *sam_trust_acct = NULL; /* check if trust account exists */ if (lp_security() == SEC_USER) { - smb_trust_acct = getsmbpwnam(user); + sam_trust_acct = getsampwnam(user); } else { @@ -389,7 +389,7 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (smb_trust_acct == NULL) + if (sam_trust_acct == NULL) { /* lkclXXXX: workstation entry doesn't exist */ DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); @@ -405,28 +405,28 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(smb_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) + if (!smb_password_ok(sam_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_DOMTRUST)) + if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_DOMTRUST)) { DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_SVRTRUST)) + if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_SVRTRUST)) { DEBUG(0,("session_trust_account: Server trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_WSTRUST)) + if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_WSTRUST)) { DEBUG(4,("session_trust_account: Wksta trust account %s denied by server\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); -- cgit From 3dfc0c847240ac7e12c39f4ed9c31a888949ade1 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 11 May 1998 06:38:36 +0000 Subject: changed to use slprintf() instead of sprintf() just about everywhere. I've implemented slprintf() as a bounds checked sprintf() using mprotect() and a non-writeable page. This should prevent any sprintf based security holes. (This used to be commit ee09e9dadb69aaba5a751dd20ccc6d587d841bd6) --- source3/smbd/reply.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1567e52777..b8270495fd 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1149,7 +1149,7 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) smb_setlen(outbuf,outsize - 4); if ((! *directory) && dptr_path(dptr_num)) - sprintf(directory,"(%s)",dptr_path(dptr_num)); + slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); DEBUG(4,("%s %s mask=%s path=%s cnum=%d dtype=%d nument=%d of %d\n", timestring(), @@ -1716,7 +1716,7 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if(!mask_match(fname, mask, case_sensitive, False)) continue; error = ERRnoaccess; - sprintf(fname,"%s/%s",directory,dname); + slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); if (!can_delete(fname,cnum,dirtype)) continue; if (!sys_unlink(fname)) count++; DEBUG(3,("reply_unlink : doing unlink on %s\n",fname)); @@ -2622,7 +2622,7 @@ int reply_printopen(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (strlen(s) > 10) s[10] = 0; - sprintf(fname,"%s.XXXXXX",s); + slprintf(fname,sizeof(fname)-1, "%s.XXXXXX",s); } fnum = find_free_file(); @@ -3238,7 +3238,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if(!mask_match(fname, mask, case_sensitive, False)) continue; error = ERRnoaccess; - sprintf(fname,"%s/%s",directory,dname); + slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); if (!can_rename(fname,cnum)) { DEBUG(6,("rename %s refused\n", fname)); continue; @@ -3451,7 +3451,7 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if(!mask_match(fname, mask, case_sensitive, False)) continue; error = ERRnoaccess; - sprintf(fname,"%s/%s",directory,dname); + slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); strcpy(destname,newname); if (resolve_wildcards(fname,destname) && copy_file(directory,newname,cnum,ofun, -- cgit From 05eb22f77c21f8027e64b0caddefa4d9f030f95f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 11 May 1998 17:53:37 +0000 Subject: reply.c: Added code to not overwrite sesssetup_user when in share level security and null session setup done. smbpasswd.c: Fix from Gerald Carter to fix incorrect use of pointer. Jeremy. (This used to be commit 69ace0760986a6e892cd5b25ca85930b65e38c45) --- source3/smbd/reply.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b8270495fd..c927e09425 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -586,7 +586,14 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) strlower(user); - strcpy(sesssetup_user,user); + /* + * In share level security, only overwrite sesssetup_use if + * it's a non null-session share. Helps keep %U and %G + * working. + */ + + if((lp_security() != SEC_SHARE) || *user) + strcpy(sesssetup_user,user); reload_services(True); -- cgit From f888868f46a5418bac9ab528497136c152895305 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 12 May 1998 00:55:32 +0000 Subject: This is a security audit change of the main source. It removed all ocurrences of the following functions : sprintf strcpy strcat The replacements are slprintf, safe_strcpy and safe_strcat. It should not be possible to use code in Samba that uses sprintf, strcpy or strcat, only the safe_equivalents. Once Andrew has fixed the slprintf implementation then this code will be moved back to the 1.9.18 code stream. Jeremy. (This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb) --- source3/smbd/reply.c | 112 +++++++++++++++++++++++++-------------------------- 1 file changed, 56 insertions(+), 56 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c927e09425..21a20b0712 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -308,7 +308,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (Protocol < PROTOCOL_NT1) { set_message(outbuf,2,strlen(devicename)+1,True); - strcpy(smb_buf(outbuf),devicename); + pstrcpy(smb_buf(outbuf),devicename); } else { @@ -318,8 +318,8 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) set_message(outbuf,3,3,True); p = smb_buf(outbuf); - strcpy(p,devicename); p = skip_string(p,1); /* device name */ - strcpy(p,fsname); p = skip_string(p,1); /* filesystem type e.g NTFS */ + pstrcpy(p,devicename); p = skip_string(p,1); /* device name */ + pstrcpy(p,fsname); p = skip_string(p,1); /* filesystem type e.g NTFS */ set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); @@ -578,7 +578,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* If no username is sent use the guest account */ if (!*user) { - strcpy(user,lp_guestaccount(-1)); + pstrcpy(user,lp_guestaccount(-1)); /* If no user and no password then set guest flag. */ if( *smb_apasswd == 0) guest = True; @@ -593,7 +593,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) */ if((lp_security() != SEC_SHARE) || *user) - strcpy(sesssetup_user,user); + pstrcpy(sesssetup_user,user); reload_services(True); @@ -641,7 +641,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) #endif } if (*smb_apasswd || !Get_Pwnam(user,True)) - strcpy(user,lp_guestaccount(-1)); + pstrcpy(user,lp_guestaccount(-1)); DEBUG(3,("Registered username %s for guest access\n",user)); guest = True; } @@ -649,7 +649,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (!Get_Pwnam(user,True)) { DEBUG(3,("No such user %s - using guest account\n",user)); - strcpy(user,lp_guestaccount(-1)); + pstrcpy(user,lp_guestaccount(-1)); guest = True; } @@ -670,9 +670,9 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) char *p; set_message(outbuf,3,3,True); p = smb_buf(outbuf); - strcpy(p,"Unix"); p = skip_string(p,1); - strcpy(p,"Samba "); strcat(p,VERSION); p = skip_string(p,1); - strcpy(p,global_myworkgroup); p = skip_string(p,1); + pstrcpy(p,"Unix"); p = skip_string(p,1); + pstrcpy(p,"Samba "); pstrcat(p,VERSION); p = skip_string(p,1); + pstrcpy(p,global_myworkgroup); p = skip_string(p,1); set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); /* perhaps grab OS version here?? */ } @@ -984,7 +984,7 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) p = strrchr(dir2,'/'); if (p == NULL) { - strcpy(mask,dir2); + pstrcpy(mask,dir2); *dir2 = 0; } else @@ -1000,7 +1000,7 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) *p = 0; if (strlen(directory) == 0) - strcpy(directory,"./"); + pstrcpy(directory,"./"); bzero(status,21); CVAL(status,0) = dirtype; } @@ -1027,8 +1027,8 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) fstrcpy(ext,p+1); *p = 0; trim_string(mask,NULL," "); - strcat(mask,"."); - strcat(mask,ext); + pstrcat(mask,"."); + pstrcat(mask,ext); } } @@ -1049,7 +1049,7 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) fstrcpy(tmp,&mask[8]); mask[8] = '.'; mask[9] = 0; - strcat(mask,tmp); + pstrcat(mask,tmp); } DEBUG(5,("mask=%s directory=%s\n",mask,directory)); @@ -1566,7 +1566,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) cnum = SVAL(inbuf,smb_tid); createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); - strcat(fname,"/TMXXXXXX"); + pstrcat(fname,"/TMXXXXXX"); unix_convert(fname,cnum,0,&bad_path); unixmode = unix_mode(cnum,createmode); @@ -1586,7 +1586,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) return(UNIXERROR(ERRDOS,ERRnoaccess)); } - strcpy(fname2,(char *)mktemp(fname)); + pstrcpy(fname2,(char *)mktemp(fname)); /* Open file in dos compatibility share mode. */ /* We should fail if file exists. */ @@ -1609,7 +1609,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,1,2 + strlen(fname2),True); SSVAL(outbuf,smb_vwv0,fnum); CVAL(smb_buf(outbuf),0) = 4; - strcpy(smb_buf(outbuf) + 1,fname2); + pstrcpy(smb_buf(outbuf) + 1,fname2); if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; @@ -1678,12 +1678,12 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) p = strrchr(name,'/'); if (!p) { - strcpy(directory,"./"); - strcpy(mask,name); + pstrcpy(directory,"./"); + pstrcpy(mask,name); } else { *p = 0; - strcpy(directory,name); - strcpy(mask,p+1); + pstrcpy(directory,name); + pstrcpy(mask,p+1); } if (is_mangled(mask)) @@ -1692,8 +1692,8 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) has_wild = strchr(mask,'*') || strchr(mask,'?'); if (!has_wild) { - strcat(directory,"/"); - strcat(directory,mask); + pstrcat(directory,"/"); + pstrcat(directory,mask); if (can_delete(directory,cnum,dirtype) && !sys_unlink(directory)) count++; if (!count) exists = file_exist(directory,NULL); } else { @@ -1713,7 +1713,7 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) error = ERRbadfile; if (strequal(mask,"????????.???")) - strcpy(mask,"*"); + pstrcpy(mask,"*"); while ((dname = ReadDirName(dirptr))) { @@ -2636,7 +2636,7 @@ int reply_printopen(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (fnum < 0) return(ERROR(ERRSRV,ERRnofids)); - strcpy(fname2,(char *)mktemp(fname)); + pstrcpy(fname2,(char *)mktemp(fname)); if (!check_name(fname2,cnum)) { Files[fnum].reserved = False; @@ -2877,9 +2877,9 @@ static BOOL recursive_rmdir(char *directory) ret = True; break; } - strcpy(fullname, directory); - strcat(fullname, "/"); - strcat(fullname, dname); + pstrcpy(fullname, directory); + pstrcat(fullname, "/"); + pstrcat(fullname, dname); if(sys_lstat(fullname, &st) != 0) { @@ -2971,8 +2971,8 @@ int reply_rmdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) break; } pstrcpy(fullname, directory); - strcat(fullname, "/"); - strcat(fullname, dname); + pstrcat(fullname, "/"); + pstrcat(fullname, dname); if(sys_lstat(fullname, &st) != 0) break; @@ -3078,10 +3078,10 @@ static BOOL resolve_wildcards(char *name1,char *name2) if (*p) p++; } - strcpy(name2,root2); + pstrcpy(name2,root2); if (ext2[0]) { - strcat(name2,"."); - strcat(name2,ext2); + pstrcat(name2,"."); + pstrcat(name2,ext2); } return(True); @@ -3144,12 +3144,12 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) p = strrchr(name,'/'); if (!p) { - strcpy(directory,"."); - strcpy(mask,name); + pstrcpy(directory,"."); + pstrcpy(mask,name); } else { *p = 0; - strcpy(directory,name); - strcpy(mask,p+1); + pstrcpy(directory,name); + pstrcpy(mask,p+1); *p = '/'; /* Replace needed for exceptional test below. */ } @@ -3162,16 +3162,16 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) BOOL is_short_name = is_8_3(name, True); /* Add a terminating '/' to the directory name. */ - strcat(directory,"/"); - strcat(directory,mask); + pstrcat(directory,"/"); + pstrcat(directory,mask); /* Ensure newname contains a '/' also */ if(strrchr(newname,'/') == 0) { pstring tmpstr; - strcpy(tmpstr, "./"); - strcat(tmpstr, newname); - strcpy(newname, tmpstr); + pstrcpy(tmpstr, "./"); + pstrcat(tmpstr, newname); + pstrcpy(newname, tmpstr); } DEBUG(3,("reply_mv : case_sensitive = %d, case_preserve = %d, short case preserve = %d, directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", @@ -3197,7 +3197,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) * character above. */ p = strrchr(newname,'/'); - strcpy(newname_modified_last_component,p+1); + pstrcpy(newname_modified_last_component,p+1); if(strcsequal(newname_modified_last_component, newname_last_component) == False) { @@ -3205,7 +3205,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) * Replace the modified last component with * the original. */ - strcpy(p+1, newname_last_component); + pstrcpy(p+1, newname_last_component); } } @@ -3235,7 +3235,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) error = ERRbadfile; if (strequal(mask,"????????.???")) - strcpy(mask,"*"); + pstrcpy(mask,"*"); while ((dname = ReadDirName(dirptr))) { @@ -3309,8 +3309,8 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, p++; else p = src; - strcat(dest,"/"); - strcat(dest,p); + pstrcat(dest,"/"); + pstrcat(dest,p); } if (!file_exist(src,&st)) return(False); @@ -3415,12 +3415,12 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) p = strrchr(name,'/'); if (!p) { - strcpy(directory,"./"); - strcpy(mask,name); + pstrcpy(directory,"./"); + pstrcpy(mask,name); } else { *p = 0; - strcpy(directory,name); - strcpy(mask,p+1); + pstrcpy(directory,name); + pstrcpy(mask,p+1); } if (is_mangled(mask)) @@ -3429,8 +3429,8 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) has_wild = strchr(mask,'*') || strchr(mask,'?'); if (!has_wild) { - strcat(directory,"/"); - strcat(directory,mask); + pstrcat(directory,"/"); + pstrcat(directory,mask); if (resolve_wildcards(directory,newname) && copy_file(directory,newname,cnum,ofun, count,target_is_directory)) count++; @@ -3448,7 +3448,7 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) error = ERRbadfile; if (strequal(mask,"????????.???")) - strcpy(mask,"*"); + pstrcpy(mask,"*"); while ((dname = ReadDirName(dirptr))) { @@ -3459,7 +3459,7 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - strcpy(destname,newname); + pstrcpy(destname,newname); if (resolve_wildcards(fname,destname) && copy_file(directory,newname,cnum,ofun, count,target_is_directory)) count++; -- cgit From ffab54750f0eec202895670dd9293ee4aa3eb475 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 18 May 1998 21:30:57 +0000 Subject: chgpasswd.c: Changed back to getsmb... from getsam... ldap.c: Stoped dummy_function being prototyped. loadparm.c: Fixed slprintf sizes. nisppass.c: Fixed safe_strcpy sizes. nmbd_processlogon.c: Changed back to getsmb... from getsam... nttrans.c: Just a dump of new code. passdb.c: Moved stuff around a lot - stopped any lookups by rid. This needs to be indirected through a function table (soon). password.c: Changed back to getsmb... from getsam... reply.c: Changed back to getsmb... from getsam... slprintf.c: Fixed prototype problems. smb.h: Fixed prototype problems. smbpass.c: Changed to getsmbfile.... smbpasswd.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam... lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup. lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam... Jeremy. (This used to be commit 7d332b2493d2089d09521250fc9b72d8953307c0) --- source3/smbd/reply.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 21a20b0712..4cde83cefe 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -377,10 +377,10 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, char *smb_passwd, int smb_passlen, char *smb_nt_passwd, int smb_nt_passlen) { - struct smb_passwd *sam_trust_acct = NULL; /* check if trust account exists */ + struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ if (lp_security() == SEC_USER) { - sam_trust_acct = getsampwnam(user); + smb_trust_acct = getsmbpwnam(user); } else { @@ -389,7 +389,7 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (sam_trust_acct == NULL) + if (smb_trust_acct == NULL) { /* lkclXXXX: workstation entry doesn't exist */ DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); @@ -405,28 +405,28 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(sam_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) + if (!smb_password_ok(smb_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_DOMTRUST)) + if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_DOMTRUST)) { DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); } - if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_SVRTRUST)) + if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_SVRTRUST)) { DEBUG(0,("session_trust_account: Server trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); } - if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_WSTRUST)) + if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_WSTRUST)) { DEBUG(4,("session_trust_account: Wksta trust account %s denied by server\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); -- cgit From 35c65576f71bb95f1bda5909c3a3cf32665a0dd4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 21 May 1998 23:50:16 +0000 Subject: printing.c: Fixed overflow by one problem in LPRng. reply.c: Fixed password length modifiers to always be done is none-encrypted mode used. This fixes Samba for people who are using non-encrypted passwords with security=server. Jeremy. (This used to be commit 720b565349e3467bd81d6d863b9ac54237edd3cf) --- source3/smbd/reply.c | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4cde83cefe..5ed30a7e8f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -516,6 +516,23 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) passlen1 = MIN(passlen1, MAX_PASS_LEN); passlen2 = MIN(passlen2, MAX_PASS_LEN); + if(!doencrypt) { + /* both Win95 and WinNT stuff up the password lengths for + non-encrypting systems. Uggh. + + if passlen1==24 its a win95 system, and its setting the + password length incorrectly. Luckily it still works with the + default code because Win95 will null terminate the password + anyway + + if passlen1>0 and passlen2>0 then maybe its a NT box and its + setting passlen2 to some random value which really stuffs + things up. we need to fix that one. */ + + if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24 && passlen2 != 1) + passlen2 = 0; + } + if(doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) { /* Save the lanman2 password and the NT md4 password. */ smb_apasslen = passlen1; @@ -525,21 +542,6 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen); smb_ntpasswd[smb_ntpasslen] = 0; } else { - /* both Win95 and WinNT stuff up the password lengths for - non-encrypting systems. Uggh. - - if passlen1==24 its a win95 system, and its setting the - password length incorrectly. Luckily it still works with the - default code because Win95 will null terminate the password - anyway - - if passlen1>0 and passlen2>0 then maybe its a NT box and its - setting passlen2 to some random value which really stuffs - things up. we need to fix that one. */ - if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24 && - passlen2 != 1) { - passlen2 = 0; - } /* we use the first password that they gave */ smb_apasslen = passlen1; StrnCpy(smb_apasswd,p,smb_apasslen); -- cgit From 72bf410b6e9b85f8fbff7f6175661829bef35f62 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 10 Jun 1998 19:45:13 +0000 Subject: De-coupled the mapping of a Windows to UNIX username from the Get_Pwnam username case conversion wrapper. It is now (very) explicit where we are mapping between an incoming Windows username, and when we are doing a UNIX password entry lookup, which may change the case of the given username. This makes things *much* clearer (IMHO:-) and will ease the adding of the 'groupname map' parameter, and the addition of the special 'jeremy' mode for Samba where unix users will not be needed. (We must think of a better name for it :-). Jeremy. (This used to be commit fb6ed81844e7cb6049749e43ac9b4adfaf4ca2de) --- source3/smbd/reply.c | 41 ++++++++++++++++++++++++++++++++++++++--- 1 file changed, 38 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5ed30a7e8f..c9b0c6852d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -232,6 +232,18 @@ int reply_tcon(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) parse_connect(smb_buf(inbuf)+1,service,user,password,&pwlen,dev); + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + map_username(user); + + /* + * Do any UNIX username case mangling. + */ + (void)Get_Pwnam( user, True); + connection_num = make_connection(service,user,password,pwlen,dev,vuid); if (connection_num < 0) @@ -300,6 +312,18 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) DEBUG(4,("Got device type %s\n",devicename)); } + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + map_username(user); + + /* + * Do any UNIX username case mangling. + */ + (void)Get_Pwnam( user, True); + connection_num = make_connection(service,user,password,passlen,devicename,vuid); if (connection_num < 0) @@ -599,11 +623,22 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) reload_services(True); + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + map_username(user); + + /* + * Do any UNIX username case mangling. + */ + (void)Get_Pwnam( user, True); + add_session_user(user); - /* Check if the given username was the guest user with no password. - We need to do this check after add_session_user() as that - call can potentially change the username (via map_user). + /* + * Check if the given username was the guest user with no password. */ if(!guest && strequal(user,lp_guestaccount(-1)) && (*smb_apasswd == 0)) -- cgit From 9a735eb7e25d8bf6c5be7775d89436034ea6be8a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 12 Jun 1998 03:08:23 +0000 Subject: ipc.c: map_username is now a BOOL function. reply.c: map_username is now a BOOL function. server.c: Added capability to do map_username on service names when looking for a home directory. That's what the original code would do. lib/rpc/server/srv_util.c: Changed domain_ to builtin_ for BUILTIN aliases. username.c: Work in progress on groupname map parameter. Jeremy (This used to be commit fa95fae5eed95aff64f0a01825477610a101bbc7) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c9b0c6852d..a9db0b3840 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -237,7 +237,7 @@ int reply_tcon(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) * function. */ - map_username(user); + (void)map_username(user); /* * Do any UNIX username case mangling. @@ -317,7 +317,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) * function. */ - map_username(user); + (void)map_username(user); /* * Do any UNIX username case mangling. @@ -628,7 +628,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) * function. */ - map_username(user); + (void)map_username(user); /* * Do any UNIX username case mangling. -- cgit From 644fbaaf9ba38a5f3d60f27f7110e755b20d31e7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 15 Jun 1998 18:19:54 +0000 Subject: Makefile: smbumount.c: Added fixes to compile under Linux. includes.h: Added SunOS 4.x QSORT_CAST fix. reply.c: Fixed user name mapping function for security=server, security=domain. Jeremy. (This used to be commit 21ca6bfb3ba3927efaf7eeff4325976d41489be2) --- source3/smbd/reply.c | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a9db0b3840..9177b3cde1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -482,6 +482,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) pstring smb_ntpasswd; BOOL valid_nt_password = False; pstring user; + pstring orig_user; BOOL guest=False; static BOOL done_sesssetup = False; BOOL doencrypt = SMBENCRYPT(); @@ -623,6 +624,14 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) reload_services(True); + /* + * Save the username before mapping. We will use + * the original username sent to us for security=server + * and security=domain checking. + */ + + pstrcpy( orig_user, user); + /* * Pass the user through the NT -> unix user mapping * function. @@ -645,14 +654,17 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) guest = True; if (!guest && !(lp_security() == SEC_SERVER && - server_validate(user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen)) && - !(lp_security() == SEC_DOMAIN && - domain_client_validate(user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen)) && - !check_hosts_equiv(user)) + /* Check with orig_user for security=server and + security=domain. */ + server_validate(orig_user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen)) && + !(lp_security() == SEC_DOMAIN && + domain_client_validate(orig_user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen)) && + !check_hosts_equiv(user) + ) { /* now check if it's a valid username/password */ -- cgit From 5ffb30858f3b9181c90e50f6a3d791e017be3f7e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 11 Jul 1998 00:28:34 +0000 Subject: nttrans.c: More NT SMB stuff. reply.c: Broke out the internals of reply_mv so that they may be called externally from the NT transact rename. server.c: Changed stat calls to sys_stat - found in code review of bugfix. Jeremy. (This used to be commit fb19dad88edfd7a5c7257a15afc9253fb41f4b99) --- source3/smbd/reply.c | 142 ++++++++++++++++++++++++++++----------------------- 1 file changed, 77 insertions(+), 65 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9177b3cde1..ec3ad84c9a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3152,33 +3152,28 @@ static BOOL can_rename(char *fname,int cnum) } /**************************************************************************** - reply to a mv + The guts of the rename command, split out so it may be called by the NT SMB + code. ****************************************************************************/ -int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) + +int rename_internals(char *inbuf, char *outbuf, char *name, char *newname) { - int outsize = 0; - pstring name; int cnum; pstring directory; - pstring mask,newname; + pstring mask; pstring newname_last_component; char *p; - int count=0; - int error = ERRnoaccess; BOOL has_wild; - BOOL exists=False; BOOL bad_path1 = False; BOOL bad_path2 = False; + int count=0; + int error = ERRnoaccess; + BOOL exists=False; + + cnum = SVAL(inbuf,smb_tid); *directory = *mask = 0; - cnum = SVAL(inbuf,smb_tid); - - pstrcpy(name,smb_buf(inbuf) + 1); - pstrcpy(newname,smb_buf(inbuf) + 3 + strlen(name)); - - DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - unix_convert(name,cnum,0,&bad_path1); unix_convert(newname,cnum,newname_last_component,&bad_path2); @@ -3223,7 +3218,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) pstrcpy(newname, tmpstr); } - DEBUG(3,("reply_mv : case_sensitive = %d, case_preserve = %d, short case preserve = %d, directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", + DEBUG(3,("rename_internals: case_sensitive = %d, case_preserve = %d, short case preserve = %d, directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", case_sensitive, case_preserve, short_case_preserve, directory, newname, newname_last_component, is_short_name)); @@ -3249,21 +3244,22 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) pstrcpy(newname_modified_last_component,p+1); if(strcsequal(newname_modified_last_component, - newname_last_component) == False) { - /* - * Replace the modified last component with - * the original. - */ + newname_last_component) == False) { + /* + * Replace the modified last component with + * the original. + */ pstrcpy(p+1, newname_last_component); } } if (resolve_wildcards(directory,newname) && - can_rename(directory,cnum) && - !file_exist(newname,NULL) && - !sys_rename(directory,newname)) count++; + can_rename(directory,cnum) && + !file_exist(newname,NULL) && + !sys_rename(directory,newname)) + count++; - DEBUG(3,("reply_mv : %s doing rename on %s -> %s\n",(count != 0) ? "succeeded" : "failed", + DEBUG(3,("rename_internals: %s doing rename on %s -> %s\n",(count != 0) ? "succeeded" : "failed", directory,newname)); if (!count) exists = file_exist(directory,NULL); @@ -3279,62 +3275,78 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (check_name(directory,cnum)) dirptr = OpenDir(cnum, directory, True); - if (dirptr) - { - error = ERRbadfile; + if (dirptr) { + error = ERRbadfile; - if (strequal(mask,"????????.???")) - pstrcpy(mask,"*"); + if (strequal(mask,"????????.???")) + pstrcpy(mask,"*"); - while ((dname = ReadDirName(dirptr))) - { - pstring fname; - pstrcpy(fname,dname); + while ((dname = ReadDirName(dirptr))) { + pstring fname; + pstrcpy(fname,dname); - if(!mask_match(fname, mask, case_sensitive, False)) continue; - - error = ERRnoaccess; - slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); - if (!can_rename(fname,cnum)) { - DEBUG(6,("rename %s refused\n", fname)); - continue; - } - pstrcpy(destname,newname); + if(!mask_match(fname, mask, case_sensitive, False)) + continue; + + error = ERRnoaccess; + slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); + if (!can_rename(fname,cnum)) { + DEBUG(6,("rename %s refused\n", fname)); + continue; + } + pstrcpy(destname,newname); - if (!resolve_wildcards(fname,destname)) { - DEBUG(6,("resolve_wildcards %s %s failed\n", - fname, destname)); - continue; - } + if (!resolve_wildcards(fname,destname)) { + DEBUG(6,("resolve_wildcards %s %s failed\n", fname, destname)); + continue; + } - if (file_exist(destname,NULL)) { - DEBUG(6,("file_exist %s\n", - destname)); - error = 183; - continue; - } - if (!sys_rename(fname,destname)) count++; - DEBUG(3,("reply_mv : doing rename on %s -> %s\n",fname,destname)); - } - CloseDir(dirptr); + if (file_exist(destname,NULL)) { + DEBUG(6,("file_exist %s\n", destname)); + error = 183; + continue; + } + if (!sys_rename(fname,destname)) + count++; + DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } + CloseDir(dirptr); + } } - + if (count == 0) { if (exists) return(ERROR(ERRDOS,error)); - else - { - if((errno == ENOENT) && (bad_path1 || bad_path2)) - { + else { + if((errno == ENOENT) && (bad_path1 || bad_path2)) { unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } return(UNIXERROR(ERRDOS,error)); } } - - outsize = set_message(outbuf,0,0,True); + + return 0; +} + +/**************************************************************************** + Reply to a mv. +****************************************************************************/ + +int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +{ + int outsize = 0; + pstring name; + pstring newname; + + pstrcpy(name,smb_buf(inbuf) + 1); + pstrcpy(newname,smb_buf(inbuf) + 3 + strlen(name)); + + DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); + + outsize = rename_internals(inbuf, outbuf, name, newname); + if(outsize == 0) + outsize = set_message(outbuf,0,0,True); return(outsize); } -- cgit From ebad4278b72289f10ce7afa72a137f5e3e998b01 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 11 Jul 1998 01:25:02 +0000 Subject: nntrans.c: Fully implemented transact rename. reply.c: Added NT specific rename if exists flag to rename_internals(). smb.h: Added NT rename flag. Jeremy. (This used to be commit b398f7daf58459db6e8d3496502abeb634ac2183) --- source3/smbd/reply.c | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ec3ad84c9a..cb659e3ef9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3156,7 +3156,7 @@ static BOOL can_rename(char *fname,int cnum) code. ****************************************************************************/ -int rename_internals(char *inbuf, char *outbuf, char *name, char *newname) +int rename_internals(char *inbuf, char *outbuf, char *name, char *newname, BOOL replace_if_exists) { int cnum; pstring directory; @@ -3203,6 +3203,9 @@ int rename_internals(char *inbuf, char *outbuf, char *name, char *newname) has_wild = strchr(mask,'*') || strchr(mask,'?'); if (!has_wild) { + /* + * No wildcards - just process the one file. + */ BOOL is_short_name = is_8_3(name, True); /* Add a terminating '/' to the directory name. */ @@ -3253,6 +3256,18 @@ int rename_internals(char *inbuf, char *outbuf, char *name, char *newname) } } + if(replace_if_exists) { + /* + * NT SMB specific flag - we must remove a target + * file with the same name before continuing. + */ + if(resolve_wildcards(directory,newname) && + can_rename(directory,cnum) && + file_exist(newname,NULL)) { + sys_unlink(newname); + } + } + if (resolve_wildcards(directory,newname) && can_rename(directory,cnum) && !file_exist(newname,NULL) && @@ -3268,6 +3283,9 @@ int rename_internals(char *inbuf, char *outbuf, char *name, char *newname) error = 183; } } else { + /* + * Wildcards - process each file that matches. + */ void *dirptr = NULL; char *dname; pstring destname; @@ -3301,11 +3319,14 @@ int rename_internals(char *inbuf, char *outbuf, char *name, char *newname) continue; } - if (file_exist(destname,NULL)) { + if (replace_if_exists && file_exist(destname,NULL)) { + sys_unlink(destname); + } else if(file_exist(destname,NULL)) { DEBUG(6,("file_exist %s\n", destname)); error = 183; continue; } + if (!sys_rename(fname,destname)) count++; DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); @@ -3344,7 +3365,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - outsize = rename_internals(inbuf, outbuf, name, newname); + outsize = rename_internals(inbuf, outbuf, name, newname, False); if(outsize == 0) outsize = set_message(outbuf,0,0,True); -- cgit From 59d07445b61e26321e3a1770c13756ac5948aabb Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 14 Jul 1998 21:23:59 +0000 Subject: loadparm.c: With apologies to Charlton Heston and Pierre Boule. "You damn fools, you finally did it". Changed default security mode to be security=user. Yes this is a big (although small in code) change. It's something we've been discussing for a while, to finally wean people off the legacy security=share mode which is *never* what you want. Jeremy. nmbd_incomingrequests.c: Bug fix for nmbd core dumps caused by overrun. Found by . nttrans.c: More NT smb stuff. reply.c: Unlink will overwrite an existing file. Well you learn something new about POSIX every day. :-). server.c: Tidyup unreadable code. smbpasswd.c: Code to allow -U remote_username to allow ordinary users to change remote passwords if their NT username is different from their UNIX username. Patch from . Jeremy. (This used to be commit 4eccb47cfb3c8907a6558b6ea9a02b0184458e34) --- source3/smbd/reply.c | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index cb659e3ef9..07b72738c5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3258,21 +3258,21 @@ int rename_internals(char *inbuf, char *outbuf, char *name, char *newname, BOOL if(replace_if_exists) { /* - * NT SMB specific flag - we must remove a target - * file with the same name before continuing. + * NT SMB specific flag - rename can overwrite + * file with the same name so don't check for + * file_exist(). */ if(resolve_wildcards(directory,newname) && can_rename(directory,cnum) && - file_exist(newname,NULL)) { - sys_unlink(newname); - } - } - - if (resolve_wildcards(directory,newname) && - can_rename(directory,cnum) && - !file_exist(newname,NULL) && !sys_rename(directory,newname)) - count++; + count++; + } else { + if (resolve_wildcards(directory,newname) && + can_rename(directory,cnum) && + !file_exist(newname,NULL) && + !sys_rename(directory,newname)) + count++; + } DEBUG(3,("rename_internals: %s doing rename on %s -> %s\n",(count != 0) ? "succeeded" : "failed", directory,newname)); @@ -3319,9 +3319,7 @@ int rename_internals(char *inbuf, char *outbuf, char *name, char *newname, BOOL continue; } - if (replace_if_exists && file_exist(destname,NULL)) { - sys_unlink(destname); - } else if(file_exist(destname,NULL)) { + if (!replace_if_exists && file_exist(destname,NULL)) { DEBUG(6,("file_exist %s\n", destname)); error = 183; continue; -- cgit From 471087c9d28a4058efc16f98784cb179ffc1e4c4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 17 Jul 1998 22:21:24 +0000 Subject: Code added to fix the renaming of a directory under NT SMB calls. local.h: Changed MAXDIR to MAX_OPEN_DIRECTORIES - shmem size also tuned by this. dir.c: Use MAX_OPEN_DIRECTORIES. nttrans.c: Allow opening of a directory to succeed. Doesn't actually open a file descriptor but takes a files_struct slot marked as an fd. reply.c: Changed to close any outstanding is_directory files. reply_close changed to understand directory files. server.c: Added open_directory(), close_directory() calls. smb.h: Added is_directory to files_struct. Changed OPEN_FNUM to check that target is !is_directory (this prevents the normal file calls from processing a directory files_struct. Jeremy. (This used to be commit e01ce693f47e75e277f3440d46e32b0bd866b550) --- source3/smbd/reply.c | 55 +++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 41 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 07b72738c5..a0d1775b21 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1490,10 +1490,15 @@ int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) open by this user */ if ((vuser != 0) && (lp_security() != SEC_SHARE)) { int i; - for (i=0;ivuid == vuid) && fsp->open) { + if(!fsp->is_directory) + close_file(i,False); + else + close_directory(i); } + } } invalidate_vuid(vuid); @@ -2416,14 +2421,16 @@ int reply_exit(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** - reply to a close + Reply to a close - has to deal with closing a directory opened by NT SMB's. ****************************************************************************/ + int reply_close(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int fnum,cnum; int outsize = 0; time_t mtime; int32 eclass = 0, err = 0; + files_struct *fsp = NULL; outsize = set_message(outbuf,0,0,True); @@ -2435,23 +2442,43 @@ int reply_close(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + /* + * We can only use CHECK_FNUM if we know it's not a directory. + */ + + if(!(VALID_FNUM(fnum) && Files[fnum].open && Files[fnum].is_directory)) + CHECK_FNUM(fnum,cnum); + + fsp = &Files[fnum]; if(HAS_CACHED_ERROR(fnum)) { - eclass = Files[fnum].wbmpx_ptr->wr_errclass; - err = Files[fnum].wbmpx_ptr->wr_error; + eclass = fsp->wbmpx_ptr->wr_errclass; + err = fsp->wbmpx_ptr->wr_error; } - mtime = make_unix_date3(inbuf+smb_vwv1); + if(fsp->is_directory) { + /* + * Special case - close NT SMB directory + * handle. + */ + DEBUG(3,("%s close directory fnum=%d cnum=%d\n", + timestring(), fnum, cnum )); + close_directory(fnum); + } else { + /* + * Close ordinary file. + */ + mtime = make_unix_date3(inbuf+smb_vwv1); - /* try and set the date */ - set_filetime(cnum, Files[fnum].name,mtime); + /* try and set the date */ + set_filetime(cnum, fsp->name,mtime); - DEBUG(3,("%s close fd=%d fnum=%d cnum=%d (numopen=%d)\n", - timestring(),Files[fnum].fd_ptr->fd,fnum,cnum, - Connections[cnum].num_files_open)); + DEBUG(3,("%s close fd=%d fnum=%d cnum=%d (numopen=%d)\n", + timestring(),fsp->fd_ptr->fd,fnum,cnum, + Connections[cnum].num_files_open)); - close_file(fnum,True); + close_file(fnum,True); + } /* We have a cached error */ if(eclass || err) -- cgit From f5866fd4ba8da9acde87c7f9da8f1a242540e287 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 22 Jul 1998 13:59:19 +0000 Subject: Fixed bug found by Richard Sharpe. After increasing files_struct size by MAX_OPEN_DIRECTORIES for nttrans I forgot to update the code that enumerates the array. Created new MAX_FNUMS in local.h, changed all code that iterates through the files_struct array to use this. (sorry Richard). Jeremy. (This used to be commit 339b10222269d71c7a493cc08b7b1bfd35fd55fc) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a0d1775b21..f6fd2ccd90 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1490,7 +1490,7 @@ int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) open by this user */ if ((vuser != 0) && (lp_security() != SEC_SHARE)) { int i; - for (i=0;ivuid == vuid) && fsp->open) { if(!fsp->is_directory) @@ -2396,7 +2396,7 @@ int reply_flush(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (fnum == 0xFFFF) { int i; - for (i=0;i Date: Thu, 23 Jul 1998 00:10:26 +0000 Subject: locking.c: Added lock type to is_locked() and do_lock() as the code in reply_lockingX wasn't taking account of the difference between read and write locks ! How did this ever work :-) ! reply.c: server.c: Add lock type to is_locked() and do_lock(). util.c: Also added code from klausr@ITAP.Physik.Uni-Stuttgart.De to fix problem with log files growing too large if an smbd writes less than 100 debug messages. Jeremy. (This used to be commit 80080abf772a470d5f0f4dcd4a75fb2a09a9fb2a) --- source3/smbd/reply.c | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f6fd2ccd90..35189883e2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1858,7 +1858,7 @@ int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) } - if (!is_locked(fnum,cnum,maxcount,startpos)) + if (!is_locked(fnum,cnum,maxcount,startpos, F_RDLCK)) { int size = Files[fnum].size; int sizeneeded = startpos + maxcount; @@ -1943,7 +1943,7 @@ int reply_lockread(char *inbuf,char *outbuf, int dum_size, int dum_buffsiz) numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; - if(!do_lock( fnum, cnum, numtoread, startpos, &eclass, &ecode)) + if(!do_lock( fnum, cnum, numtoread, startpos, F_RDLCK, &eclass, &ecode)) return (ERROR(eclass,ecode)); nread = read_file(fnum,data,startpos,numtoread); @@ -1987,7 +1987,7 @@ int reply_read(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; - if (is_locked(fnum,cnum,numtoread,startpos)) + if (is_locked(fnum,cnum,numtoread,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); if (numtoread > 0) @@ -2035,7 +2035,7 @@ int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) set_message(outbuf,12,0,True); data = smb_buf(outbuf); - if (is_locked(fnum,cnum,smb_maxcnt,smb_offs)) + if (is_locked(fnum,cnum,smb_maxcnt,smb_offs, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); nread = read_file(fnum,data,smb_offs,smb_maxcnt); ok = True; @@ -2097,7 +2097,7 @@ int reply_writebraw(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) CVAL(inbuf,smb_com) = SMBwritec; CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fnum,cnum,tcount,startpos)) + if (is_locked(fnum,cnum,tcount,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); if (seek_file(fnum,startpos) != startpos) @@ -2188,7 +2188,7 @@ int reply_writeunlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fnum,cnum,numtowrite,startpos)) + if (is_locked(fnum,cnum,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); seek_file(fnum,startpos); @@ -2243,7 +2243,7 @@ int reply_write(char *inbuf,char *outbuf,int dum_size,int dum_buffsize) startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fnum,cnum,numtowrite,startpos)) + if (is_locked(fnum,cnum,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); seek_file(fnum,startpos); @@ -2299,7 +2299,7 @@ int reply_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) data = smb_base(inbuf) + smb_doff; - if (is_locked(fnum,cnum,smb_dsize,smb_offs)) + if (is_locked(fnum,cnum,smb_dsize,smb_offs, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); seek_file(fnum,smb_offs); @@ -2512,7 +2512,7 @@ int reply_writeclose(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) mtime = make_unix_date3(inbuf+smb_vwv4); data = smb_buf(inbuf) + 1; - if (is_locked(fnum,cnum,numtowrite,startpos)) + if (is_locked(fnum,cnum,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); seek_file(fnum,startpos); @@ -2559,7 +2559,7 @@ int reply_lock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) DEBUG(3,("%s lock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n",timestring(),Files[fnum].fd_ptr->fd,fnum,cnum,offset,count)); - if(!do_lock( fnum, cnum, count, offset, &eclass, &ecode)) + if(!do_lock( fnum, cnum, count, offset, F_WRLCK, &eclass, &ecode)) return (ERROR(eclass,ecode)); return(outsize); @@ -3729,7 +3729,8 @@ dev = %x, inode = %x\n", for(i = 0; i < (int)num_locks; i++) { count = IVAL(data,SMB_LKLEN_OFFSET(i)); offset = IVAL(data,SMB_LKOFF_OFFSET(i)); - if(!do_lock(fnum,cnum,count,offset, &eclass, &ecode)) + if(!do_lock(fnum,cnum,count,offset, ((locktype & 1) ? F_RDLCK : F_WRLCK), + &eclass, &ecode)) break; } @@ -3796,7 +3797,7 @@ int reply_readbmpx(char *inbuf,char *outbuf,int length,int bufsize) tcount = maxcount; total_read = 0; - if (is_locked(fnum,cnum,maxcount,startpos)) + if (is_locked(fnum,cnum,maxcount,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); do @@ -3858,7 +3859,7 @@ int reply_writebmpx(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) not an SMBwritebmpx - set this up now so we don't forget */ CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fnum,cnum,tcount,startpos)) + if (is_locked(fnum,cnum,tcount,startpos,F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); seek_file(fnum,startpos); -- cgit From 7abcd0521e36425bf7c3dc90929c00ed49e9ab07 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 28 Jul 1998 18:15:31 +0000 Subject: loadparm.c: Added strict sync parameter. locking.c: Added code to deal with real open mode of file. reply.c: Added strict sync parameter. server.c: Added strict sync parameter. Fixed open modes. Jeremy. (This used to be commit ed57b603b5c9333d588e62d774ad2be67e43ffd9) --- source3/smbd/reply.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 35189883e2..c9daf14b4b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2150,7 +2150,7 @@ int reply_writebraw(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) } if (lp_syncalways(SNUM(cnum)) || write_through) - sync_file(fnum); + sync_file(cnum,fnum); DEBUG(3,("%s writebraw2 fnum=%d cnum=%d start=%d num=%d wrote=%d\n", timestring(),fnum,cnum,startpos,numtowrite,total_written)); @@ -2202,7 +2202,7 @@ int reply_writeunlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) nwritten = write_file(fnum,data,numtowrite); if (lp_syncalways(SNUM(cnum))) - sync_file(fnum); + sync_file(cnum,fnum); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2257,7 +2257,7 @@ int reply_write(char *inbuf,char *outbuf,int dum_size,int dum_buffsize) nwritten = write_file(fnum,data,numtowrite); if (lp_syncalways(SNUM(cnum))) - sync_file(fnum); + sync_file(cnum,fnum); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2330,7 +2330,7 @@ int reply_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) chain_fnum = fnum; if (lp_syncalways(SNUM(cnum)) || write_through) - sync_file(fnum); + sync_file(cnum,fnum); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2398,10 +2398,10 @@ int reply_flush(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) int i; for (i=0;i Date: Wed, 29 Jul 1998 00:27:23 +0000 Subject: locking.c: Print messages when we downgrade a lock. reply.c: Do the same mask expansion we do in trans2.c - needed for Win98. trans2.c: Make the mask expansion into a function call now we have to do it twice. Jeremy. (This used to be commit 7b3a9d6285cc0d1967155a68845e28c6296ecc67) --- source3/smbd/reply.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c9daf14b4b..f05ba2eee6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1081,6 +1081,9 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) } } + /* Convert the formatted mask. (This code lives in trans2.c) */ + mask_convert(mask); + { for (p=mask; *p; p++) { -- cgit From 7284bb5ca049a682097bb25afcf25d40f1ac5479 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 30 Jul 1998 21:18:57 +0000 Subject: Makefile.in: Moved UBIQX stuff into UTILOBJ. loadparm.c: Added "ole locking compatibility" option (default "true"). locking.c: Changes to implement union in files_struct. locking_shm.c: Changes to implement union in files_struct. nttrans.c: Made opening a directory explicit (we have to). Added create directory code for nttrans. reply.c: Changes to implement union in files_struct. server.c: Changes to implement union in files_struct. Added create directory code. trans2.c: Changes to implement union in files_struct. smb.h: Changes to implement union in files_struct. util.c: Changed linked list code to UNIQX linked list. This will make the other lists I need to implement for ChangeNotify and blocking locks easier. Jeremy. (This used to be commit 3a5eea850bb256b39cff8ace1e4fb4e0c1f5472b) --- source3/smbd/reply.c | 140 ++++++++++++++++++++++++++++----------------------- 1 file changed, 78 insertions(+), 62 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f05ba2eee6..2845d5650a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1287,6 +1287,8 @@ int reply_open(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (fnum < 0) return(ERROR(ERRSRV,ERRnofids)); + fsp = &Files[fnum]; + if (!check_name(fname,cnum)) { if((errno == ENOENT) && bad_path) @@ -1294,7 +1296,7 @@ int reply_open(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - Files[fnum].reserved = False; + fsp->reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1303,8 +1305,6 @@ int reply_open(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) open_file_shared(fnum,cnum,fname,share_mode,3,unixmode, oplock_request,&rmode,NULL); - fsp = &Files[fnum]; - if (!fsp->open) { if((errno == ENOENT) && bad_path) @@ -1312,11 +1312,11 @@ int reply_open(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - Files[fnum].reserved = False; + fsp->reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + if (fstat(fsp->f_u.fd_ptr->fd,&sbuf) != 0) { close_file(fnum,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1392,6 +1392,8 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) if (fnum < 0) return(ERROR(ERRSRV,ERRnofids)); + fsp = &Files[fnum]; + if (!check_name(fname,cnum)) { if((errno == ENOENT) && bad_path) @@ -1399,7 +1401,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - Files[fnum].reserved = False; + fsp->reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1408,8 +1410,6 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) open_file_shared(fnum,cnum,fname,smb_mode,smb_ofun,unixmode, oplock_request, &rmode,&smb_action); - fsp = &Files[fnum]; - if (!fsp->open) { if((errno == ENOENT) && bad_path) @@ -1417,11 +1417,11 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - Files[fnum].reserved = False; + fsp->reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + if (fstat(fsp->f_u.fd_ptr->fd,&sbuf) != 0) { close_file(fnum,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1548,6 +1548,8 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (fnum < 0) return(ERROR(ERRSRV,ERRnofids)); + fsp = &Files[fnum]; + if (!check_name(fname,cnum)) { if((errno == ENOENT) && bad_path) @@ -1555,7 +1557,7 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - Files[fnum].reserved = False; + fsp->reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1574,8 +1576,6 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) open_file_shared(fnum,cnum,fname,(DENY_FCB<<4)|0xF, ofun, unixmode, oplock_request, NULL, NULL); - fsp = &Files[fnum]; - if (!fsp->open) { if((errno == ENOENT) && bad_path) @@ -1583,7 +1583,7 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - Files[fnum].reserved = False; + fsp->reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1598,7 +1598,8 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; DEBUG(2,("new file %s\n",fname)); - DEBUG(3,("%s mknew %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n",timestring(),fname,Files[fnum].fd_ptr->fd,fnum,cnum,createmode,unixmode)); + DEBUG(3,("%s mknew %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n", + timestring(),fname,fsp->f_u.fd_ptr->fd,fnum,cnum,createmode,unixmode)); return(outsize); } @@ -1632,6 +1633,8 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (fnum < 0) return(ERROR(ERRSRV,ERRnofids)); + fsp = &Files[fnum]; + if (!check_name(fname,cnum)) { if((errno == ENOENT) && bad_path) @@ -1639,7 +1642,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - Files[fnum].reserved = False; + fsp->reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1650,8 +1653,6 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) open_file_shared(fnum,cnum,fname2,(DENY_FCB<<4)|0xF, 0x10, unixmode, oplock_request, NULL, NULL); - fsp = &Files[fnum]; - if (!fsp->open) { if((errno == ENOENT) && bad_path) @@ -1659,7 +1660,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - Files[fnum].reserved = False; + fsp->reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1676,7 +1677,8 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; DEBUG(2,("created temp file %s\n",fname2)); - DEBUG(3,("%s ctemp %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n",timestring(),fname2,Files[fnum].fd_ptr->fd,fnum,cnum,createmode,unixmode)); + DEBUG(3,("%s ctemp %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n", + timestring(),fname2,fsp->f_u.fd_ptr->fd,fnum,cnum,createmode,unixmode)); return(outsize); } @@ -1821,6 +1823,7 @@ int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) int ret=0; int fd; char *fname; + files_struct *fsp; /* * Special check if an oplock break has been issued @@ -1848,35 +1851,37 @@ int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) maxcount = MAX(mincount,maxcount); if (!FNUM_OK(fnum,cnum) || !Files[fnum].can_read) - { - DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",fnum)); - _smb_setlen(header,0); - transfer_file(0,Client,0,header,4,0); - return(-1); - } + { + DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",fnum)); + _smb_setlen(header,0); + transfer_file(0,Client,0,header,4,0); + return(-1); + } else - { - fd = Files[fnum].fd_ptr->fd; - fname = Files[fnum].name; - } + { + fsp = &Files[fnum]; + + fd = fsp->f_u.fd_ptr->fd; + fname = fsp->name; + } if (!is_locked(fnum,cnum,maxcount,startpos, F_RDLCK)) - { - int size = Files[fnum].size; - int sizeneeded = startpos + maxcount; + { + int size = fsp->size; + int sizeneeded = startpos + maxcount; - if (size < sizeneeded) { - struct stat st; - if (fstat(Files[fnum].fd_ptr->fd,&st) == 0) - size = st.st_size; - if (!Files[fnum].can_write) - Files[fnum].size = size; - } - - nread = MIN(maxcount,(int)(size - startpos)); + if (size < sizeneeded) { + struct stat st; + if (fstat(fsp->f_u.fd_ptr->fd,&st) == 0) + size = st.st_size; + if (!fsp->can_write) + fsp->size = size; } + nread = MIN(maxcount,(int)(size - startpos)); + } + if (nread < mincount) nread = 0; @@ -1891,7 +1896,7 @@ int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) _smb_setlen(header,nread); #if USE_READ_PREDICTION - if (!Files[fnum].can_write) + if (!fsp->can_write) predict = read_predict(fd,startpos,header+4,NULL,nread); #endif @@ -2138,7 +2143,7 @@ int reply_writebraw(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) tcount,nwritten,numtowrite)); } - nwritten = transfer_file(Client,Files[fnum].fd_ptr->fd,numtowrite,NULL,0, + nwritten = transfer_file(Client,Files[fnum].f_u.fd_ptr->fd,numtowrite,NULL,0, startpos+nwritten); total_written += nwritten; @@ -2255,7 +2260,7 @@ int reply_write(char *inbuf,char *outbuf,int dum_size,int dum_buffsize) zero then the file size should be extended or truncated to the size given in smb_vwv[2-3] */ if(numtowrite == 0) - nwritten = set_filelen(Files[fnum].fd_ptr->fd, startpos); + nwritten = set_filelen(Files[fnum].f_u.fd_ptr->fd, startpos); else nwritten = write_file(fnum,data,numtowrite); @@ -2349,7 +2354,8 @@ int reply_lseek(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) int32 res= -1; int mode,umode; int outsize = 0; - + files_struct *fsp; + cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); @@ -2367,9 +2373,11 @@ int reply_lseek(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) default: umode = SEEK_SET; break; } + + fsp = &Files[fnum]; - res = lseek(Files[fnum].fd_ptr->fd,startpos,umode); - Files[fnum].pos = res; + res = lseek(fsp->f_u.fd_ptr->fd,startpos,umode); + fsp->pos = res; outsize = set_message(outbuf,2,0,True); SIVALS(outbuf,smb_vwv0,res); @@ -2477,7 +2485,7 @@ int reply_close(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) set_filetime(cnum, fsp->name,mtime); DEBUG(3,("%s close fd=%d fnum=%d cnum=%d (numopen=%d)\n", - timestring(),fsp->fd_ptr->fd,fnum,cnum, + timestring(),fsp->f_u.fd_ptr->fd,fnum,cnum, Connections[cnum].num_files_open)); close_file(fnum,True); @@ -2560,7 +2568,8 @@ int reply_lock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) count = IVAL(inbuf,smb_vwv1); offset = IVAL(inbuf,smb_vwv3); - DEBUG(3,("%s lock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n",timestring(),Files[fnum].fd_ptr->fd,fnum,cnum,offset,count)); + DEBUG(3,("%s lock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n", + timestring(),Files[fnum].f_u.fd_ptr->fd,fnum,cnum,offset,count)); if(!do_lock( fnum, cnum, count, offset, F_WRLCK, &eclass, &ecode)) return (ERROR(eclass,ecode)); @@ -2592,7 +2601,8 @@ int reply_unlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if(!do_unlock(fnum, cnum, count, offset, &eclass, &ecode)) return (ERROR(eclass,ecode)); - DEBUG(3,("%s unlock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n",timestring(),Files[fnum].fd_ptr->fd,fnum,cnum,offset,count)); + DEBUG(3,("%s unlock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n", + timestring(),Files[fnum].f_u.fd_ptr->fd,fnum,cnum,offset,count)); return(outsize); } @@ -2686,6 +2696,7 @@ int reply_printopen(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) int cnum; int fnum = -1; int outsize = 0; + files_struct *fsp; *fname = *fname2 = 0; @@ -2715,10 +2726,12 @@ int reply_printopen(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (fnum < 0) return(ERROR(ERRSRV,ERRnofids)); + fsp = &Files[fnum]; + pstrcpy(fname2,(char *)mktemp(fname)); if (!check_name(fname2,cnum)) { - Files[fnum].reserved = False; + fsp->reserved = False; return(ERROR(ERRDOS,ERRnoaccess)); } @@ -2726,18 +2739,19 @@ int reply_printopen(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) open_file_shared(fnum,cnum,fname2,(DENY_ALL<<4)|1, 0x12, unix_mode(cnum,0), 0, NULL, NULL); - if (!Files[fnum].open) { - Files[fnum].reserved = False; + if (!fsp->open) { + fsp->reserved = False; return(UNIXERROR(ERRDOS,ERRnoaccess)); } /* force it to be a print file */ - Files[fnum].print_file = True; + fsp->print_file = True; outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fnum); - DEBUG(3,("%s openprint %s fd=%d fnum=%d cnum=%d\n",timestring(),fname2,Files[fnum].fd_ptr->fd,fnum,cnum)); + DEBUG(3,("%s openprint %s fd=%d fnum=%d cnum=%d\n", + timestring(),fname2,fsp->f_u.fd_ptr->fd,fnum,cnum)); return(outsize); } @@ -2760,7 +2774,8 @@ int reply_printclose(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (!CAN_PRINT(cnum)) return(ERROR(ERRDOS,ERRnoaccess)); - DEBUG(3,("%s printclose fd=%d fnum=%d cnum=%d\n",timestring(),Files[fnum].fd_ptr->fd,fnum,cnum)); + DEBUG(3,("%s printclose fd=%d fnum=%d cnum=%d\n", + timestring(),Files[fnum].f_u.fd_ptr->fd,fnum,cnum)); close_file(fnum,True); @@ -3453,11 +3468,12 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, } if ((ofun&3) == 1) { - lseek(Files[fnum2].fd_ptr->fd,0,SEEK_END); + lseek(Files[fnum2].f_u.fd_ptr->fd,0,SEEK_END); } if (st.st_size) - ret = transfer_file(Files[fnum1].fd_ptr->fd,Files[fnum2].fd_ptr->fd,st.st_size,NULL,0,0); + ret = transfer_file(Files[fnum1].f_u.fd_ptr->fd, + Files[fnum2].f_u.fd_ptr->fd,st.st_size,NULL,0,0); close_file(fnum1,False); close_file(fnum2,False); @@ -3675,8 +3691,8 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) { int token; files_struct *fsp = &Files[fnum]; - uint32 dev = fsp->fd_ptr->dev; - uint32 inode = fsp->fd_ptr->inode; + uint32 dev = fsp->f_u.fd_ptr->dev; + uint32 inode = fsp->f_u.fd_ptr->inode; DEBUG(5,("reply_lockingX: oplock break reply from client for fnum = %d\n", fnum)); @@ -4077,7 +4093,7 @@ int reply_getattrE(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) CHECK_ERROR(fnum); /* Do an fstat on this file */ - if(fstat(Files[fnum].fd_ptr->fd, &sbuf)) + if(fstat(Files[fnum].f_u.fd_ptr->fd, &sbuf)) return(UNIXERROR(ERRDOS,ERRnoaccess)); mode = dos_mode(cnum,Files[fnum].name,&sbuf); -- cgit From 28900ea26ff1c8d41328bba30206db7fe91e2184 Mon Sep 17 00:00:00 2001 From: "Christopher R. Hertel" Date: Fri, 31 Jul 1998 22:39:15 +0000 Subject: As per a Andrew's message, I went through and removed the timestring() timestamps from several DEBUG messages. The timestamps are redundant now that DEBUG() provides them automatically. There are still a few more files to do, but I've got to get home for dinner. Chris -)----- (This used to be commit 60286ccecaa6028d687e6406755016455e3b3a26) --- source3/smbd/reply.c | 218 ++++++++++++++++++++++++++------------------------- 1 file changed, 113 insertions(+), 105 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2845d5650a..71544c1b19 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -55,9 +55,13 @@ report a possible attack via the password buffer overflow bug ****************************************************************************/ static void overflow_attack(int len) { - DEBUG(0,("%s: ERROR: Invalid password length %d\n", timestring(), len)); - DEBUG(0,("your machine may be under attack by a user exploiting an old bug\n")); - DEBUG(0,("Attack was from IP=%s\n", client_addr(Client))); + if( DEBUGLVL( 0 ) ) + { + dbgtext( "ERROR: Invalid password length %d.\n", len ); + dbgtext( "Your machine may be under attack by someone " ); + dbgtext( "attempting to exploit an old bug.\n" ); + dbgtext( "Attack was from IP = %s.\n", client_addr(Client) ); + } exit_server("possible attack"); } @@ -143,8 +147,8 @@ int reply_special(char *inbuf,char *outbuf) return(0); } - DEBUG(5,("%s init msg_type=0x%x msg_flags=0x%x\n", - timestring(),msg_type,msg_flags)); + DEBUG( 5, ( "init msg_type=0x%x msg_flags=0x%x\n", + msg_type, msg_flags ) ); return(outsize); } @@ -254,7 +258,7 @@ int reply_tcon(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) SSVAL(outbuf,smb_vwv1,connection_num); SSVAL(outbuf,smb_tid,connection_num); - DEBUG(3,("%s tcon service=%s user=%s cnum=%d\n",timestring(),service,user,connection_num)); + DEBUG(3,("tcon service=%s user=%s cnum=%d\n", service, user, connection_num)); return(outsize); } @@ -350,7 +354,8 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) SSVAL(outbuf, smb_vwv2, 0x0); /* optional support */ } - DEBUG(3,("%s tconX service=%s user=%s cnum=%d\n",timestring(),service,user,connection_num)); + DEBUG( 3, ( "tconX service=%s user=%s cnum=%d\n", + service, user, connection_num ) ); /* set the incoming and outgoing tid to the just created one */ SSVAL(inbuf,smb_tid,connection_num); @@ -370,10 +375,8 @@ int reply_unknown(char *inbuf,char *outbuf) cnum = SVAL(inbuf,smb_tid); type = CVAL(inbuf,smb_com); - DEBUG(0,("%s unknown command type (%s): cnum=%d type=%d (0x%X)\n", - timestring(), - smb_fn_name(type), - cnum,type,type)); + DEBUG(0,("unknown command type (%s): cnum=%d type=%d (0x%X)\n", + smb_fn_name(type), cnum, type, type)); return(ERROR(ERRSRV,ERRunknownsmb)); } @@ -807,11 +810,11 @@ int reply_chkpth(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) return(UNIXERROR(ERRDOS,ERRbadpath)); } - + outsize = set_message(outbuf,0,0,True); - - DEBUG(3,("%s chkpth %s cnum=%d mode=%d\n",timestring(),name,cnum,mode)); - + + DEBUG( 3, ( "chkpth %s cnum=%d mode=%d\n", name, cnum, mode ) ); + return(outsize); } @@ -890,7 +893,7 @@ int reply_getatr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) SSVAL(outbuf,smb_flg2,flg2 | 0x40); /* IS_LONG_NAME */ } - DEBUG(3,("%s getatr name=%s mode=%d size=%d\n",timestring(),fname,mode,size)); + DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, size ) ); return(outsize); } @@ -937,7 +940,7 @@ int reply_setatr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,0,0,True); - DEBUG(3,("%s setatr name=%s mode=%d\n",timestring(),fname,mode)); + DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) ); return(outsize); } @@ -962,9 +965,9 @@ int reply_dskattr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) SSVAL(outbuf,smb_vwv1,bsize/512); SSVAL(outbuf,smb_vwv2,512); SSVAL(outbuf,smb_vwv3,dfree); - - DEBUG(3,("%s dskattr cnum=%d dfree=%d\n",timestring(),cnum,dfree)); - + + DEBUG( 3, ( "dskattr cnum=%d dfree=%d\n", cnum, dfree ) ); + return(outsize); } @@ -1210,10 +1213,9 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if ((! *directory) && dptr_path(dptr_num)) slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); - DEBUG(4,("%s %s mask=%s path=%s cnum=%d dtype=%d nument=%d of %d\n", - timestring(), + DEBUG( 4, ( "%s mask=%s path=%s cnum=%d dtype=%d nument=%d of %d\n", smb_fn_name(CVAL(inbuf,smb_com)), - mask,directory,cnum,dirtype,numentries,maxentries)); + mask, directory, cnum, dirtype, numentries, maxentries ) ); return(outsize); } @@ -1250,7 +1252,7 @@ int reply_fclose(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) SSVAL(outbuf,smb_vwv0,0); - DEBUG(3,("%s search close cnum=%d\n",timestring(),cnum)); + DEBUG( 3, ( "%s search close cnum=%d\n", cnum ) ); return(outsize); } @@ -1508,7 +1510,7 @@ int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) set_message(outbuf,2,0,True); - DEBUG(3,("%s ulogoffX vuid=%d\n",timestring(),vuid)); + DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) ); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -1597,10 +1599,10 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if(fsp->granted_oplock) CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; - DEBUG(2,("new file %s\n",fname)); - DEBUG(3,("%s mknew %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n", - timestring(),fname,fsp->f_u.fd_ptr->fd,fnum,cnum,createmode,unixmode)); - + DEBUG( 2, ( "new file %s\n", fname ) ); + DEBUG( 3, ( "mknew %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n", + fname, fsp->f_u.fd_ptr->fd, fnum, cnum, createmode, unixmode ) ); + return(outsize); } @@ -1676,10 +1678,10 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if(fsp->granted_oplock) CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; - DEBUG(2,("created temp file %s\n",fname2)); - DEBUG(3,("%s ctemp %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n", - timestring(),fname2,fsp->f_u.fd_ptr->fd,fnum,cnum,createmode,unixmode)); - + DEBUG( 2, ( "created temp file %s\n", fname2 ) ); + DEBUG( 3, ( "ctemp %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n", + fname2, fsp->f_u.fd_ptr->fd, fnum, cnum, createmode, unixmode ) ); + return(outsize); } @@ -1885,10 +1887,9 @@ int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) if (nread < mincount) nread = 0; - DEBUG(3,("%s readbraw fnum=%d cnum=%d start=%d max=%d min=%d nread=%d\n", - timestring(), - fnum,cnum,startpos, - maxcount,mincount,nread)); + DEBUG( 3, ( "readbraw fnum=%d cnum=%d start=%d max=%d min=%d nread=%d\n", + fnum, cnum, startpos, + maxcount, mincount, nread ) ); #if UNSAFE_READRAW { @@ -1955,17 +1956,18 @@ int reply_lockread(char *inbuf,char *outbuf, int dum_size, int dum_buffsiz) return (ERROR(eclass,ecode)); nread = read_file(fnum,data,startpos,numtoread); - + if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); - + outsize += nread; SSVAL(outbuf,smb_vwv0,nread); SSVAL(outbuf,smb_vwv5,nread+3); SSVAL(smb_buf(outbuf),1,nread); - - DEBUG(3,("%s lockread fnum=%d cnum=%d num=%d nread=%d\n",timestring(),fnum,cnum,numtoread,nread)); - + + DEBUG( 3, ( "lockread fnum=%d cnum=%d num=%d nread=%d\n", + fnum, cnum, numtoread, nread ) ); + return(outsize); } @@ -2010,8 +2012,9 @@ int reply_read(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) CVAL(smb_buf(outbuf),0) = 1; SSVAL(smb_buf(outbuf),1,nread); - DEBUG(3,("%s read fnum=%d cnum=%d num=%d nread=%d\n",timestring(),fnum,cnum,numtoread,nread)); - + DEBUG( 3, ( "read fnum=%d cnum=%d num=%d nread=%d\n", + fnum, cnum, numtoread, nread ) ); + return(outsize); } @@ -2055,9 +2058,9 @@ int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); SSVAL(smb_buf(outbuf),-2,nread); - DEBUG(3,("%s readX fnum=%d cnum=%d min=%d max=%d nread=%d\n", - timestring(),fnum,cnum, - smb_mincnt,smb_maxcnt,nread)); + DEBUG( 3, ( "readX fnum=%d cnum=%d min=%d max=%d nread=%d\n", + fnum, cnum, + smb_mincnt, smb_maxcnt, nread ) ); chain_fnum = fnum; @@ -2114,8 +2117,8 @@ int reply_writebraw(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (numtowrite>0) nwritten = write_file(fnum,data,numtowrite); - DEBUG(3,("%s writebraw1 fnum=%d cnum=%d start=%d num=%d wrote=%d sync=%d\n", - timestring(),fnum,cnum,startpos,numtowrite,nwritten,write_through)); + DEBUG( 3, ( "writebraw1 fnum=%d cnum=%d start=%d num=%d wrote=%d sync=%d\n", + fnum, cnum, startpos, numtowrite, nwritten, write_through ) ); if (nwritten < numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -2160,8 +2163,8 @@ int reply_writebraw(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (lp_syncalways(SNUM(cnum)) || write_through) sync_file(cnum,fnum); - DEBUG(3,("%s writebraw2 fnum=%d cnum=%d start=%d num=%d wrote=%d\n", - timestring(),fnum,cnum,startpos,numtowrite,total_written)); + DEBUG( 3, ( "writebraw2 fnum=%d cnum=%d start=%d num=%d wrote=%d\n", + fnum, cnum, startpos, numtowrite, total_written ) ); /* we won't return a status if write through is not selected - this follows what WfWg does */ @@ -2222,9 +2225,9 @@ int reply_writeunlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) SSVAL(outbuf,smb_vwv0,nwritten); - DEBUG(3,("%s writeunlock fnum=%d cnum=%d num=%d wrote=%d\n", - timestring(),fnum,cnum,numtowrite,nwritten)); - + DEBUG( 3, ( "writeunlock fnum=%d cnum=%d num=%d wrote=%d\n", + fnum, cnum, numtowrite, nwritten ) ); + return(outsize); } @@ -2279,8 +2282,9 @@ int reply_write(char *inbuf,char *outbuf,int dum_size,int dum_buffsize) SSVAL(outbuf,smb_err,ERRdiskfull); } - DEBUG(3,("%s write fnum=%d cnum=%d num=%d wrote=%d\n",timestring(),fnum,cnum,numtowrite,nwritten)); - + DEBUG( 3, ( "%s write fnum=%d cnum=%d num=%d wrote=%d\n", + fnum, cnum, numtowrite, nwritten ) ); + return(outsize); } @@ -2333,7 +2337,8 @@ int reply_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) SSVAL(outbuf,smb_err,ERRdiskfull); } - DEBUG(3,("%s writeX fnum=%d cnum=%d num=%d wrote=%d\n",timestring(),fnum,cnum,smb_dsize,nwritten)); + DEBUG( 3, ( "%s writeX fnum=%d cnum=%d num=%d wrote=%d\n", + fnum, cnum, smb_dsize, nwritten ) ); chain_fnum = fnum; @@ -2382,8 +2387,9 @@ int reply_lseek(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,2,0,True); SIVALS(outbuf,smb_vwv0,res); - DEBUG(3,("%s lseek fnum=%d cnum=%d ofs=%d mode=%d\n",timestring(),fnum,cnum,startpos,mode)); - + DEBUG( 3, ( "lseek fnum=%d cnum=%d ofs=%d mode=%d\n", + fnum, cnum, startpos, mode ) ); + return(outsize); } @@ -2414,7 +2420,7 @@ int reply_flush(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) else sync_file(cnum,fnum); - DEBUG(3,("%s flush fnum=%d\n",timestring(),fnum)); + DEBUG( 3, ( "flush fnum=%d\n", fnum ) ); return(outsize); } @@ -2425,8 +2431,8 @@ int reply_flush(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) int reply_exit(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); - DEBUG(3,("%s exit\n",timestring())); - + DEBUG( 3, ( "exit\n" ) ); + return(outsize); } @@ -2472,9 +2478,9 @@ int reply_close(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) * Special case - close NT SMB directory * handle. */ - DEBUG(3,("%s close directory fnum=%d cnum=%d\n", - timestring(), fnum, cnum )); - close_directory(fnum); + DEBUG( 3, ( "close directory fnum=%d cnum=%d\n", + fnum, cnum ) ); + close_directory( fnum ); } else { /* * Close ordinary file. @@ -2484,9 +2490,9 @@ int reply_close(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /* try and set the date */ set_filetime(cnum, fsp->name,mtime); - DEBUG(3,("%s close fd=%d fnum=%d cnum=%d (numopen=%d)\n", - timestring(),fsp->f_u.fd_ptr->fd,fnum,cnum, - Connections[cnum].num_files_open)); + DEBUG( 3, ( "close fd=%d fnum=%d cnum=%d (numopen=%d)\n", + fsp->f_u.fd_ptr->fd, fnum, cnum, + Connections[cnum].num_files_open ) ); close_file(fnum,True); } @@ -2534,9 +2540,9 @@ int reply_writeclose(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) close_file(fnum,True); - DEBUG(3,("%s writeclose fnum=%d cnum=%d num=%d wrote=%d (numopen=%d)\n", - timestring(),fnum,cnum,numtowrite,nwritten, - Connections[cnum].num_files_open)); + DEBUG( 3, ( "writeclose fnum=%d cnum=%d num=%d wrote=%d (numopen=%d)\n", + fnum, cnum, numtowrite, nwritten, + Connections[cnum].num_files_open ) ); if (nwritten <= 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2568,12 +2574,12 @@ int reply_lock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) count = IVAL(inbuf,smb_vwv1); offset = IVAL(inbuf,smb_vwv3); - DEBUG(3,("%s lock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n", - timestring(),Files[fnum].f_u.fd_ptr->fd,fnum,cnum,offset,count)); + DEBUG( 3, ("lock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n", + Files[fnum].f_u.fd_ptr->fd, fnum, cnum, offset, count ) ); if(!do_lock( fnum, cnum, count, offset, F_WRLCK, &eclass, &ecode)) return (ERROR(eclass,ecode)); - + return(outsize); } @@ -2601,8 +2607,8 @@ int reply_unlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if(!do_unlock(fnum, cnum, count, offset, &eclass, &ecode)) return (ERROR(eclass,ecode)); - DEBUG(3,("%s unlock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n", - timestring(),Files[fnum].f_u.fd_ptr->fd,fnum,cnum,offset,count)); + DEBUG( 3, ( "unlock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n", + Files[fnum].f_u.fd_ptr->fd, fnum, cnum, offset, count ) ); return(outsize); } @@ -2629,7 +2635,7 @@ int reply_tdis(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) close_cnum(cnum,vuid); - DEBUG(3,("%s tdis cnum=%d\n",timestring(),cnum)); + DEBUG( 3, ( "tdis cnum=%d\n", cnum ) ); return outsize; } @@ -2680,7 +2686,7 @@ int reply_echo(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) send_smb(Client,outbuf); } - DEBUG(3,("%s echo %d times cnum=%d\n",timestring(),smb_reverb,cnum)); + DEBUG( 3, ( "echo %d times cnum=%d\n", smb_reverb, cnum ) ); return -1; } @@ -2750,9 +2756,9 @@ int reply_printopen(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fnum); - DEBUG(3,("%s openprint %s fd=%d fnum=%d cnum=%d\n", - timestring(),fname2,fsp->f_u.fd_ptr->fd,fnum,cnum)); - + DEBUG( 3, ("openprint %s fd=%d fnum=%d cnum=%d\n", + fname2, fsp->f_u.fd_ptr->fd, fnum, cnum ) ); + return(outsize); } @@ -2774,8 +2780,8 @@ int reply_printclose(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (!CAN_PRINT(cnum)) return(ERROR(ERRDOS,ERRnoaccess)); - DEBUG(3,("%s printclose fd=%d fnum=%d cnum=%d\n", - timestring(),Files[fnum].f_u.fd_ptr->fd,fnum,cnum)); + DEBUG( 3, ( "printclose fd=%d fnum=%d cnum=%d\n", + Files[fnum].f_u.fd_ptr->fd,fnum,cnum)); close_file(fnum,True); @@ -2808,8 +2814,8 @@ int reply_printqueue(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) CVAL(smb_buf(outbuf),0) = 1; SSVAL(smb_buf(outbuf),1,0); - DEBUG(3,("%s printqueue cnum=%d start_index=%d max_count=%d\n", - timestring(),cnum,start_index,max_count)); + DEBUG( 3, ( "printqueue cnum=%d start_index=%d max_count=%d\n", + cnum, start_index, max_count ) ); if (!OPEN_CNUM(cnum) || !Connections[cnum].printer) { @@ -2903,7 +2909,7 @@ int reply_printwrite(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (write_file(fnum,data,numtowrite) != numtowrite) return(UNIXERROR(ERRDOS,ERRnoaccess)); - DEBUG(3,("%s printwrite fnum=%d cnum=%d num=%d\n",timestring(),fnum,cnum,numtowrite)); + DEBUG( 3, ( "printwrite fnum=%d cnum=%d num=%d\n", fnum, cnum, numtowrite ) ); return(outsize); } @@ -2935,11 +2941,11 @@ int reply_mkdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) } return(UNIXERROR(ERRDOS,ERRnoaccess)); } - + outsize = set_message(outbuf,0,0,True); - - DEBUG(3,("%s mkdir %s cnum=%d ret=%d\n",timestring(),directory,cnum,ret)); - + + DEBUG( 3, ( "mkdir %s cnum=%d ret=%d\n", directory, cnum, ret ) ); + return(outsize); } @@ -3111,7 +3117,7 @@ int reply_rmdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,0,0,True); - DEBUG(3,("%s rmdir %s\n",timestring(),directory)); + DEBUG( 3, ( "rmdir %s\n", directory ) ); return(outsize); } @@ -3650,9 +3656,9 @@ int reply_setdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,0,0,True); CVAL(outbuf,smb_reh) = CVAL(inbuf,smb_reh); - - DEBUG(3,("%s setdir %s cnum=%d\n",timestring(),newdir,cnum)); - + + DEBUG( 3, ( "setdir %s cnum=%d\n", newdir, cnum ) ); + return(outsize); } @@ -3766,8 +3772,8 @@ dev = %x, inode = %x\n", set_message(outbuf,2,0,True); - DEBUG(3,("%s lockingX fnum=%d cnum=%d type=%d num_locks=%d num_ulocks=%d\n", - timestring(),fnum,cnum,(unsigned int)locktype,num_locks,num_ulocks)); + DEBUG( 3, ( "lockingX fnum=%d cnum=%d type=%d num_locks=%d num_ulocks=%d\n", + fnum, cnum, (unsigned int)locktype, num_locks, num_ulocks ) ); chain_fnum = fnum; @@ -3922,9 +3928,9 @@ int reply_writebmpx(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */ - DEBUG(3,("%s writebmpx fnum=%d cnum=%d num=%d wrote=%d\n", - timestring(),fnum,cnum,numtowrite,nwritten)); - + DEBUG( 3, ( "writebmpx fnum=%d cnum=%d num=%d wrote=%d\n", + fnum, cnum, numtowrite, nwritten ) ); + if (write_through && tcount==nwritten) { /* we need to send both a primary and a secondary response */ smb_setlen(outbuf,outsize - 4); @@ -4052,9 +4058,11 @@ int reply_setattrE(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if ((unix_times.actime == 0) && (unix_times.modtime == 0)) { /* Ignore request */ - DEBUG(3,("%s reply_setattrE fnum=%d cnum=%d ignoring zero request - \ -not setting timestamps of 0\n", - timestring(), fnum,cnum,unix_times.actime,unix_times.modtime)); + if( DEBUGLVL( 3 ) ) + { + dbgtext( "reply_setattrE fnum=%d cnum=%d ", fnum, cnum ); + dbgtext( "ignoring zero request - not setting timestamps of 0\n" ); + } return(outsize); } else if ((unix_times.actime != 0) && (unix_times.modtime == 0)) @@ -4067,8 +4075,8 @@ not setting timestamps of 0\n", if(file_utime(cnum, Files[fnum].name, &unix_times)) return(ERROR(ERRDOS,ERRnoaccess)); - DEBUG(3,("%s reply_setattrE fnum=%d cnum=%d actime=%d modtime=%d\n", - timestring(), fnum,cnum,unix_times.actime,unix_times.modtime)); + DEBUG( 3, ( "reply_setattrE fnum=%d cnum=%d actime=%d modtime=%d\n", + fnum, cnum, unix_times.actime, unix_times.modtime ) ); return(outsize); } @@ -4116,7 +4124,7 @@ int reply_getattrE(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) } SSVAL(outbuf,smb_vwv10, mode); - DEBUG(3,("%s reply_getattrE fnum=%d cnum=%d\n",timestring(),fnum,cnum)); + DEBUG( 3, ( "reply_getattrE fnum=%d cnum=%d\n", fnum, cnum ) ); return(outsize); } -- cgit From c0c057c0dfc43c47b2d340e26026136cf001ff0a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 4 Aug 1998 01:01:26 +0000 Subject: loadparm.c: Added "debug timestamp" synonym for Chris. nttrans.c: Moved common code into function in server.c Removed left over debug level 0. server.c: Moved common code into function in server.c Jeremy. (This used to be commit 34ef55b7228155cef40cbdfcdc1fe623c1037bd6) --- source3/smbd/reply.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 71544c1b19..2e6ceb93aa 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -82,6 +82,8 @@ int reply_special(char *inbuf,char *outbuf) *name1 = *name2 = 0; + bzero(outbuf,smb_size); + smb_setlen(outbuf,0); switch (msg_type) { -- cgit From b1778b6b57401d78fb4352992fde54706af6b75f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 11 Aug 1998 23:28:35 +0000 Subject: include/smb.h: Removed dir_ptr. Not needed. locking/locking.c: First cut a blocking lock code. #ifdef'ed out for now. locking/locking_shm.c: Removed dir_ptr. Not needed. smbd/nttrans.c: More work on ChangeNotify - return is not an error and needs to be handled as a nttrans with zero params. Removed dir_ptr. Not needed. smbd/reply.c: smbd/server.c: smbd/trans2.c: Removed dir_ptr. Not needed. Hmmm. At the moment smbclient is broken - doesn't issue prompt correctly. This needs looking at. Jeremy. (This used to be commit ddfbcc05815621d3c463f92faed047f126412342) --- source3/smbd/reply.c | 55 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 34 insertions(+), 21 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2e6ceb93aa..b0509bf3d5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1320,7 +1320,7 @@ int reply_open(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fstat(fsp->f_u.fd_ptr->fd,&sbuf) != 0) { + if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { close_file(fnum,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1425,7 +1425,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fstat(fsp->f_u.fd_ptr->fd,&sbuf) != 0) { + if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { close_file(fnum,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1603,7 +1603,7 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) DEBUG( 2, ( "new file %s\n", fname ) ); DEBUG( 3, ( "mknew %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n", - fname, fsp->f_u.fd_ptr->fd, fnum, cnum, createmode, unixmode ) ); + fname, fsp->fd_ptr->fd, fnum, cnum, createmode, unixmode ) ); return(outsize); } @@ -1682,7 +1682,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) DEBUG( 2, ( "created temp file %s\n", fname2 ) ); DEBUG( 3, ( "ctemp %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n", - fname2, fsp->f_u.fd_ptr->fd, fnum, cnum, createmode, unixmode ) ); + fname2, fsp->fd_ptr->fd, fnum, cnum, createmode, unixmode ) ); return(outsize); } @@ -1865,7 +1865,7 @@ int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) { fsp = &Files[fnum]; - fd = fsp->f_u.fd_ptr->fd; + fd = fsp->fd_ptr->fd; fname = fsp->name; } @@ -1877,7 +1877,7 @@ int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) if (size < sizeneeded) { struct stat st; - if (fstat(fsp->f_u.fd_ptr->fd,&st) == 0) + if (fstat(fsp->fd_ptr->fd,&st) == 0) size = st.st_size; if (!fsp->can_write) fsp->size = size; @@ -2148,7 +2148,7 @@ int reply_writebraw(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) tcount,nwritten,numtowrite)); } - nwritten = transfer_file(Client,Files[fnum].f_u.fd_ptr->fd,numtowrite,NULL,0, + nwritten = transfer_file(Client,Files[fnum].fd_ptr->fd,numtowrite,NULL,0, startpos+nwritten); total_written += nwritten; @@ -2265,7 +2265,7 @@ int reply_write(char *inbuf,char *outbuf,int dum_size,int dum_buffsize) zero then the file size should be extended or truncated to the size given in smb_vwv[2-3] */ if(numtowrite == 0) - nwritten = set_filelen(Files[fnum].f_u.fd_ptr->fd, startpos); + nwritten = set_filelen(Files[fnum].fd_ptr->fd, startpos); else nwritten = write_file(fnum,data,numtowrite); @@ -2383,7 +2383,7 @@ int reply_lseek(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) fsp = &Files[fnum]; - res = lseek(fsp->f_u.fd_ptr->fd,startpos,umode); + res = lseek(fsp->fd_ptr->fd,startpos,umode); fsp->pos = res; outsize = set_message(outbuf,2,0,True); @@ -2493,7 +2493,7 @@ int reply_close(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) set_filetime(cnum, fsp->name,mtime); DEBUG( 3, ( "close fd=%d fnum=%d cnum=%d (numopen=%d)\n", - fsp->f_u.fd_ptr->fd, fnum, cnum, + fsp->fd_ptr->fd, fnum, cnum, Connections[cnum].num_files_open ) ); close_file(fnum,True); @@ -2577,7 +2577,7 @@ int reply_lock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) offset = IVAL(inbuf,smb_vwv3); DEBUG( 3, ("lock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n", - Files[fnum].f_u.fd_ptr->fd, fnum, cnum, offset, count ) ); + Files[fnum].fd_ptr->fd, fnum, cnum, offset, count ) ); if(!do_lock( fnum, cnum, count, offset, F_WRLCK, &eclass, &ecode)) return (ERROR(eclass,ecode)); @@ -2610,7 +2610,7 @@ int reply_unlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) return (ERROR(eclass,ecode)); DEBUG( 3, ( "unlock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n", - Files[fnum].f_u.fd_ptr->fd, fnum, cnum, offset, count ) ); + Files[fnum].fd_ptr->fd, fnum, cnum, offset, count ) ); return(outsize); } @@ -2759,7 +2759,7 @@ int reply_printopen(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) SSVAL(outbuf,smb_vwv0,fnum); DEBUG( 3, ("openprint %s fd=%d fnum=%d cnum=%d\n", - fname2, fsp->f_u.fd_ptr->fd, fnum, cnum ) ); + fname2, fsp->fd_ptr->fd, fnum, cnum ) ); return(outsize); } @@ -2783,7 +2783,7 @@ int reply_printclose(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) return(ERROR(ERRDOS,ERRnoaccess)); DEBUG( 3, ( "printclose fd=%d fnum=%d cnum=%d\n", - Files[fnum].f_u.fd_ptr->fd,fnum,cnum)); + Files[fnum].fd_ptr->fd,fnum,cnum)); close_file(fnum,True); @@ -3476,12 +3476,12 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, } if ((ofun&3) == 1) { - lseek(Files[fnum2].f_u.fd_ptr->fd,0,SEEK_END); + lseek(Files[fnum2].fd_ptr->fd,0,SEEK_END); } if (st.st_size) - ret = transfer_file(Files[fnum1].f_u.fd_ptr->fd, - Files[fnum2].f_u.fd_ptr->fd,st.st_size,NULL,0,0); + ret = transfer_file(Files[fnum1].fd_ptr->fd, + Files[fnum2].fd_ptr->fd,st.st_size,NULL,0,0); close_file(fnum1,False); close_file(fnum2,False); @@ -3678,7 +3678,7 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) uint16 num_ulocks = SVAL(inbuf,smb_vwv6); uint16 num_locks = SVAL(inbuf,smb_vwv7); uint32 count, offset; - + int32 lock_timeout = IVAL(inbuf,smb_vwv4); int cnum; int i; char *data; @@ -3699,8 +3699,8 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) { int token; files_struct *fsp = &Files[fnum]; - uint32 dev = fsp->f_u.fd_ptr->dev; - uint32 inode = fsp->f_u.fd_ptr->inode; + uint32 dev = fsp->fd_ptr->dev; + uint32 inode = fsp->fd_ptr->inode; DEBUG(5,("reply_lockingX: oplock break reply from client for fnum = %d\n", fnum)); @@ -3749,6 +3749,9 @@ dev = %x, inode = %x\n", return ERROR(eclass,ecode); } + /* Setup the timeout in seconds. */ + lock_timeout = ((lock_timeout == -1) ? -1 : lock_timeout/1000); + /* Now do any requested locks */ data += 10*num_ulocks; /* Data now points at the beginning of the list @@ -3758,6 +3761,16 @@ dev = %x, inode = %x\n", offset = IVAL(data,SMB_LKOFF_OFFSET(i)); if(!do_lock(fnum,cnum,count,offset, ((locktype & 1) ? F_RDLCK : F_WRLCK), &eclass, &ecode)) +#if 0 /* JRATEST - blocking lock code. */ + if((ecode == ERRlock) && (lock_timeout != 0)) { + /* + * A blocking lock was requested. Package up + * this smb into a queued request and push it + * onto the blocking lock queue. + */ + if(push_blocking_lock_request(inbuf, length, lock_timeout, i)) + return -1; +#endif /* JRATEST */ break; } @@ -4103,7 +4116,7 @@ int reply_getattrE(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) CHECK_ERROR(fnum); /* Do an fstat on this file */ - if(fstat(Files[fnum].f_u.fd_ptr->fd, &sbuf)) + if(fstat(Files[fnum].fd_ptr->fd, &sbuf)) return(UNIXERROR(ERRDOS,ERRnoaccess)); mode = dos_mode(cnum,Files[fnum].name,&sbuf); -- cgit From b9623ab59e813131b1ed3f51616a46e719d59c21 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 14 Aug 1998 17:38:29 +0000 Subject: this is the bug change to using connection_struct* instead of cnum. Connections[] is now a local array in server.c I might have broken something with this change. In particular the oplock code is suspect and some .dll files aren't being oplocked when I expected them to be. I'll look at it after I've got some sleep. (This used to be commit c7ee025ead4a85b6fa44a832047b878451845fb6) --- source3/smbd/reply.c | 1785 +++++++++++++++++++++++--------------------------- 1 file changed, 832 insertions(+), 953 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b0509bf3d5..66d1dd2839 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -35,7 +35,6 @@ extern int max_send; extern int max_recv; extern int chain_fnum; extern char magic_char; -extern connection_struct Connections[]; extern files_struct Files[]; extern BOOL case_sensitive; extern BOOL case_preserve; @@ -82,7 +81,7 @@ int reply_special(char *inbuf,char *outbuf) *name1 = *name2 = 0; - bzero(outbuf,smb_size); + bzero(outbuf,smb_size); smb_setlen(outbuf,0); @@ -127,7 +126,7 @@ int reply_special(char *inbuf,char *outbuf) reopen_logs(); if (lp_status(-1)) { - claim_connection(-1,"STATUS.",MAXSTATUS,True); + claim_connection(NULL,"STATUS.",MAXSTATUS,True); } break; @@ -149,8 +148,8 @@ int reply_special(char *inbuf,char *outbuf) return(0); } - DEBUG( 5, ( "init msg_type=0x%x msg_flags=0x%x\n", - msg_type, msg_flags ) ); + DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n", + msg_type, msg_flags)); return(outsize); } @@ -159,26 +158,13 @@ int reply_special(char *inbuf,char *outbuf) /******************************************************************* work out what error to give to a failed connection ********************************************************************/ -static int connection_error(char *inbuf,char *outbuf,int connection_num) +static int connection_error(char *inbuf,char *outbuf,int ecode) { - switch (connection_num) - { - case -8: - return(ERROR(ERRSRV,ERRnoresource)); - case -7: - return(ERROR(ERRSRV,ERRbaduid)); - case -6: - return(ERROR(ERRSRV,ERRinvdevice)); - case -5: - return(ERROR(ERRSRV,ERRinvnetname)); - case -4: - return(ERROR(ERRSRV,ERRaccess)); - case -3: - return(ERROR(ERRDOS,ERRnoipc)); - case -2: - return(ERROR(ERRSRV,ERRinvnetname)); - } - return(ERROR(ERRSRV,ERRbadpw)); + if (ecode == ERRnoipc) { + return(ERROR(ERRDOS,ERRnoipc)); + } + + return(ERROR(ERRSRV,ecode)); } @@ -223,147 +209,145 @@ static void parse_connect(char *p,char *service,char *user, /**************************************************************************** reply to a tcon ****************************************************************************/ -int reply_tcon(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_tcon(connection_struct *conn, + char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - pstring service; - pstring user; - pstring password; - pstring dev; - int connection_num; - int outsize = 0; - uint16 vuid = SVAL(inbuf,smb_uid); - int pwlen=0; - - *service = *user = *password = *dev = 0; - - parse_connect(smb_buf(inbuf)+1,service,user,password,&pwlen,dev); - - /* - * Pass the user through the NT -> unix user mapping - * function. - */ + pstring service; + pstring user; + pstring password; + pstring dev; + int outsize = 0; + uint16 vuid = SVAL(inbuf,smb_uid); + int pwlen=0; + int ecode = -1; + + *service = *user = *password = *dev = 0; + + parse_connect(smb_buf(inbuf)+1,service,user,password,&pwlen,dev); + + /* + * Pass the user through the NT -> unix user mapping + * function. + */ - (void)map_username(user); + (void)map_username(user); - /* - * Do any UNIX username case mangling. - */ - (void)Get_Pwnam( user, True); + /* + * Do any UNIX username case mangling. + */ + (void)Get_Pwnam( user, True); - connection_num = make_connection(service,user,password,pwlen,dev,vuid); + conn = make_connection(service,user,password,pwlen,dev,vuid,&ecode); - if (connection_num < 0) - return(connection_error(inbuf,outbuf,connection_num)); + if (!conn) { + return(connection_error(inbuf,outbuf,ecode)); + } - outsize = set_message(outbuf,2,0,True); - SSVAL(outbuf,smb_vwv0,max_recv); - SSVAL(outbuf,smb_vwv1,connection_num); - SSVAL(outbuf,smb_tid,connection_num); + outsize = set_message(outbuf,2,0,True); + SSVAL(outbuf,smb_vwv0,max_recv); + SSVAL(outbuf,smb_vwv1,conn->cnum); + SSVAL(outbuf,smb_tid,conn->cnum); - DEBUG(3,("tcon service=%s user=%s cnum=%d\n", service, user, connection_num)); + DEBUG(3,("tcon service=%s user=%s cnum=%d\n", + service, user, conn->cnum)); - return(outsize); + return(outsize); } /**************************************************************************** reply to a tcon and X ****************************************************************************/ -int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) +int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - pstring service; - pstring user; - pstring password; - pstring devicename; - int connection_num; - uint16 vuid = SVAL(inbuf,smb_uid); - int passlen = SVAL(inbuf,smb_vwv3); - - *service = *user = *password = *devicename = 0; - - /* we might have to close an old one */ - if ((SVAL(inbuf,smb_vwv2) & 0x1) != 0) - close_cnum(SVAL(inbuf,smb_tid),vuid); - - if (passlen > MAX_PASS_LEN) { - overflow_attack(passlen); - } - - { - char *path; - char *p; - memcpy(password,smb_buf(inbuf),passlen); - password[passlen]=0; - path = smb_buf(inbuf) + passlen; - - if (passlen != 24) { - if (strequal(password," ")) - *password = 0; - passlen = strlen(password); - } - - fstrcpy(service,path+2); - p = strchr(service,'\\'); - if (!p) - return(ERROR(ERRSRV,ERRinvnetname)); - *p = 0; - fstrcpy(service,p+1); - p = strchr(service,'%'); - if (p) - { - *p++ = 0; - fstrcpy(user,p); - } - StrnCpy(devicename,path + strlen(path) + 1,6); - DEBUG(4,("Got device type %s\n",devicename)); - } - - /* - * Pass the user through the NT -> unix user mapping - * function. - */ - - (void)map_username(user); + pstring service; + pstring user; + pstring password; + pstring devicename; + int ecode = -1; + uint16 vuid = SVAL(inbuf,smb_uid); + int passlen = SVAL(inbuf,smb_vwv3); + char *path; + char *p; + + *service = *user = *password = *devicename = 0; - /* - * Do any UNIX username case mangling. - */ - (void)Get_Pwnam( user, True); + /* we might have to close an old one */ + if ((SVAL(inbuf,smb_vwv2) & 0x1) && conn) { + close_cnum(conn,vuid); + } - connection_num = make_connection(service,user,password,passlen,devicename,vuid); + if (passlen > MAX_PASS_LEN) { + overflow_attack(passlen); + } - if (connection_num < 0) - return(connection_error(inbuf,outbuf,connection_num)); + memcpy(password,smb_buf(inbuf),passlen); + password[passlen]=0; + path = smb_buf(inbuf) + passlen; - if (Protocol < PROTOCOL_NT1) - { - set_message(outbuf,2,strlen(devicename)+1,True); - pstrcpy(smb_buf(outbuf),devicename); - } - else - { - char *fsname = FSTYPE_STRING; - char *p; + if (passlen != 24) { + if (strequal(password," ")) + *password = 0; + passlen = strlen(password); + } + + fstrcpy(service,path+2); + p = strchr(service,'\\'); + if (!p) + return(ERROR(ERRSRV,ERRinvnetname)); + *p = 0; + fstrcpy(service,p+1); + p = strchr(service,'%'); + if (p) { + *p++ = 0; + fstrcpy(user,p); + } + StrnCpy(devicename,path + strlen(path) + 1,6); + DEBUG(4,("Got device type %s\n",devicename)); - set_message(outbuf,3,3,True); + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + (void)map_username(user); + + /* + * Do any UNIX username case mangling. + */ + (void)Get_Pwnam(user, True); + + conn = make_connection(service,user,password,passlen,devicename,vuid,&ecode); + + if (!conn) + return(connection_error(inbuf,outbuf,ecode)); - p = smb_buf(outbuf); - pstrcpy(p,devicename); p = skip_string(p,1); /* device name */ - pstrcpy(p,fsname); p = skip_string(p,1); /* filesystem type e.g NTFS */ + if (Protocol < PROTOCOL_NT1) { + set_message(outbuf,2,strlen(devicename)+1,True); + pstrcpy(smb_buf(outbuf),devicename); + } else { + char *fsname = FSTYPE_STRING; + char *p; - set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); + set_message(outbuf,3,3,True); - SSVAL(outbuf, smb_vwv2, 0x0); /* optional support */ - } + p = smb_buf(outbuf); + pstrcpy(p,devicename); p = skip_string(p,1); /* device name */ + pstrcpy(p,fsname); p = skip_string(p,1); /* filesystem type e.g NTFS */ + + set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); + + SSVAL(outbuf, smb_vwv2, 0x0); /* optional support */ + } - DEBUG( 3, ( "tconX service=%s user=%s cnum=%d\n", - service, user, connection_num ) ); + DEBUG(3,("tconX service=%s user=%s\n", + service, user)); - /* set the incoming and outgoing tid to the just created one */ - SSVAL(inbuf,smb_tid,connection_num); - SSVAL(outbuf,smb_tid,connection_num); + /* set the incoming and outgoing tid to the just created one */ + SSVAL(inbuf,smb_tid,conn->cnum); + SSVAL(outbuf,smb_tid,conn->cnum); - return chain_reply(inbuf,outbuf,length,bufsize); + return chain_reply(inbuf,outbuf,length,bufsize); } @@ -372,37 +356,36 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) ****************************************************************************/ int reply_unknown(char *inbuf,char *outbuf) { - int cnum; - int type; - cnum = SVAL(inbuf,smb_tid); - type = CVAL(inbuf,smb_com); + int type; + type = CVAL(inbuf,smb_com); - DEBUG(0,("unknown command type (%s): cnum=%d type=%d (0x%X)\n", - smb_fn_name(type), cnum, type, type)); + DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n", + smb_fn_name(type), type, type)); - return(ERROR(ERRSRV,ERRunknownsmb)); + return(ERROR(ERRSRV,ERRunknownsmb)); } /**************************************************************************** reply to an ioctl ****************************************************************************/ -int reply_ioctl(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_ioctl(connection_struct *conn, + char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - DEBUG(3,("ignoring ioctl\n")); + DEBUG(3,("ignoring ioctl\n")); #if 0 - /* we just say it succeeds and hope its all OK. - some day it would be nice to interpret them individually */ - return set_message(outbuf,1,0,True); + /* we just say it succeeds and hope its all OK. + some day it would be nice to interpret them individually */ + return set_message(outbuf,1,0,True); #else - return(ERROR(ERRSRV,ERRnosupport)); + return(ERROR(ERRSRV,ERRnosupport)); #endif } /**************************************************************************** always return an error: it's just a matter of which one... ****************************************************************************/ -static int session_trust_account(char *inbuf, char *outbuf, char *user, +static int session_trust_account(connection_struct *conn, char *inbuf, char *outbuf, char *user, char *smb_passwd, int smb_passlen, char *smb_nt_passwd, int smb_nt_passlen) { @@ -472,7 +455,7 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, /**************************************************************************** reply to a session setup command ****************************************************************************/ -int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) +int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { uint16 sess_vuid; int gid; @@ -602,7 +585,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /* say yes to everything ending in $. */ if ((user[strlen(user) - 1] == '$') && (smb_apasslen == 24) && (smb_ntpasslen == 24)) { - return session_trust_account(inbuf, outbuf, user, + return session_trust_account(conn, inbuf, outbuf, user, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen); } @@ -769,22 +752,20 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) /**************************************************************************** reply to a chkpth ****************************************************************************/ -int reply_chkpth(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; - int cnum,mode; + int mode; pstring name; BOOL ok = False; BOOL bad_path = False; - cnum = SVAL(inbuf,smb_tid); - pstrcpy(name,smb_buf(inbuf) + 1); - unix_convert(name,cnum,0,&bad_path); + unix_convert(name,conn,0,&bad_path); mode = SVAL(inbuf,smb_vwv0); - if (check_name(name,cnum)) + if (check_name(name,conn)) ok = directory_exist(name,NULL); if (!ok) @@ -815,7 +796,7 @@ int reply_chkpth(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,0,0,True); - DEBUG( 3, ( "chkpth %s cnum=%d mode=%d\n", name, cnum, mode ) ); + DEBUG(3,("chkpth %s mode=%d\n", name, mode)); return(outsize); } @@ -824,10 +805,9 @@ int reply_chkpth(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a getatr ****************************************************************************/ -int reply_getatr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; - int cnum; int outsize = 0; struct stat sbuf; BOOL ok = False; @@ -836,27 +816,25 @@ int reply_getatr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) time_t mtime=0; BOOL bad_path = False; - cnum = SVAL(inbuf,smb_tid); - pstrcpy(fname,smb_buf(inbuf) + 1); - unix_convert(fname,cnum,0,&bad_path); + unix_convert(fname,conn,0,&bad_path); /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ if (! (*fname)) { mode = aHIDDEN | aDIR; - if (!CAN_WRITE(cnum)) mode |= aRONLY; + if (!CAN_WRITE(conn)) mode |= aRONLY; size = 0; mtime = 0; ok = True; } else - if (check_name(fname,cnum)) + if (check_name(fname,conn)) { if (sys_stat(fname,&sbuf) == 0) { - mode = dos_mode(cnum,fname,&sbuf); + mode = dos_mode(conn,fname,&sbuf); size = sbuf.st_size; mtime = sbuf.st_mtime; if (mode & aDIR) @@ -881,7 +859,7 @@ int reply_getatr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,10,0,True); SSVAL(outbuf,smb_vwv0,mode); - if(lp_dos_filetime_resolution(SNUM(cnum)) ) + if(lp_dos_filetime_resolution(SNUM(conn)) ) put_dos_date3(outbuf,smb_vwv1,mtime & ~1); else put_dos_date3(outbuf,smb_vwv1,mtime); @@ -904,30 +882,27 @@ int reply_getatr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a setatr ****************************************************************************/ -int reply_setatr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; - int cnum; int outsize = 0; BOOL ok=False; int mode; time_t mtime; BOOL bad_path = False; - cnum = SVAL(inbuf,smb_tid); - pstrcpy(fname,smb_buf(inbuf) + 1); - unix_convert(fname,cnum,0,&bad_path); + unix_convert(fname,conn,0,&bad_path); mode = SVAL(inbuf,smb_vwv0); mtime = make_unix_date3(inbuf+smb_vwv1); if (directory_exist(fname,NULL)) mode |= aDIR; - if (check_name(fname,cnum)) - ok = (dos_chmod(cnum,fname,mode,NULL) == 0); + if (check_name(fname,conn)) + ok = (dos_chmod(conn,fname,mode,NULL) == 0); if (ok) - ok = set_filetime(cnum,fname,mtime); + ok = set_filetime(conn,fname,mtime); if (!ok) { @@ -951,14 +926,11 @@ int reply_setatr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a dskattr ****************************************************************************/ -int reply_dskattr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum; int outsize = 0; int dfree,dsize,bsize; - cnum = SVAL(inbuf,smb_tid); - sys_disk_free(".",&bsize,&dfree,&dsize); outsize = set_message(outbuf,5,0,True); @@ -968,7 +940,7 @@ int reply_dskattr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) SSVAL(outbuf,smb_vwv2,512); SSVAL(outbuf,smb_vwv3,dfree); - DEBUG( 3, ( "dskattr cnum=%d dfree=%d\n", cnum, dfree ) ); + DEBUG(3,("dskattr dfree=%d\n", dfree)); return(outsize); } @@ -978,7 +950,7 @@ int reply_dskattr(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) reply to a search Can be called from SMBsearch, SMBffirst or SMBfunique. ****************************************************************************/ -int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring mask; pstring directory; @@ -986,7 +958,6 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) int size,mode; time_t date; int dirtype; - int cnum; int outsize = 0; int numentries = 0; BOOL finished = False; @@ -1009,8 +980,6 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if(CVAL(inbuf,smb_com) == SMBffirst) expect_close = True; - cnum = SVAL(inbuf,smb_tid); - outsize = set_message(outbuf,1,3,True); maxentries = SVAL(inbuf,smb_vwv0); dirtype = SVAL(inbuf,smb_vwv1); @@ -1029,10 +998,10 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) pstrcpy(directory,smb_buf(inbuf)+1); pstrcpy(dir2,smb_buf(inbuf)+1); - unix_convert(directory,cnum,0,&bad_path); + unix_convert(directory,conn,0,&bad_path); unix_format(dir2); - if (!check_name(directory,cnum)) + if (!check_name(directory,conn)) can_open = False; p = strrchr(dir2,'/'); @@ -1064,10 +1033,10 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) memcpy(mask,status+1,11); mask[11] = 0; dirtype = CVAL(status,0) & 0x1F; - Connections[cnum].dirptr = dptr_fetch(status+12,&dptr_num); - if (!Connections[cnum].dirptr) + conn->dirptr = dptr_fetch(status+12,&dptr_num); + if (!conn->dirptr) goto SearchEmpty; - string_set(&Connections[cnum].dirpath,dptr_path(dptr_num)); + string_set(&conn->dirpath,dptr_path(dptr_num)); if (!case_sensitive) strnorm(mask); } @@ -1119,7 +1088,7 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (status_len == 0) { - dptr_num = dptr_create(cnum,directory,expect_close,SVAL(inbuf,smb_pid)); + dptr_num = dptr_create(conn,directory,expect_close,SVAL(inbuf,smb_pid)); if (dptr_num < 0) { if(dptr_num == -2) @@ -1142,7 +1111,7 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if ((dirtype&0x1F) == aVOLID) { memcpy(p,status,21); - make_dir_struct(p,"???????????",volume_label(SNUM(cnum)),0,aVOLID,0); + make_dir_struct(p,"???????????",volume_label(SNUM(conn)),0,aVOLID,0); dptr_fill(p+12,dptr_num); if (dptr_zero(p+12) && (status_len==0)) numentries = 1; @@ -1152,15 +1121,16 @@ int reply_search(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) } else { - DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",Connections[cnum].dirpath,lp_dontdescend(SNUM(cnum)))); - if (in_list(Connections[cnum].dirpath, - lp_dontdescend(SNUM(cnum)),True)) + DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n", + conn->dirpath,lp_dontdescend(SNUM(conn)))); + if (in_list(conn->dirpath, + lp_dontdescend(SNUM(conn)),True)) check_descend = True; for (i=numentries;(iopen) @@ -1326,7 +1290,7 @@ int reply_open(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) } size = sbuf.st_size; - fmode = dos_mode(cnum,fname,&sbuf); + fmode = dos_mode(conn,fname,&sbuf); mtime = sbuf.st_mtime; if (fmode & aDIR) { @@ -1338,14 +1302,14 @@ int reply_open(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,7,0,True); SSVAL(outbuf,smb_vwv0,fnum); SSVAL(outbuf,smb_vwv1,fmode); - if(lp_dos_filetime_resolution(SNUM(cnum)) ) + if(lp_dos_filetime_resolution(SNUM(conn)) ) put_dos_date3(outbuf,smb_vwv2,mtime & ~1); else put_dos_date3(outbuf,smb_vwv2,mtime); SIVAL(outbuf,smb_vwv4,size); SSVAL(outbuf,smb_vwv6,rmode); - if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { + if (oplock_request && lp_fake_oplocks(SNUM(conn))) { CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } @@ -1358,10 +1322,9 @@ int reply_open(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to an open and X ****************************************************************************/ -int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) +int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { pstring fname; - int cnum = SVAL(inbuf,smb_tid); int fnum = -1; int smb_mode = SVAL(inbuf,smb_vwv3); int smb_attr = SVAL(inbuf,smb_vwv5); @@ -1384,13 +1347,13 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) files_struct *fsp; /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(cnum)) - return reply_open_pipe_and_X(inbuf,outbuf,length,bufsize); + if (IS_IPC(conn)) + return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize); /* XXXX we need to handle passed times, sattr and flags */ pstrcpy(fname,smb_buf(inbuf)); - unix_convert(fname,cnum,0,&bad_path); + unix_convert(fname,conn,0,&bad_path); fnum = find_free_file(); if (fnum < 0) @@ -1398,7 +1361,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) fsp = &Files[fnum]; - if (!check_name(fname,cnum)) + if (!check_name(fname,conn)) { if((errno == ENOENT) && bad_path) { @@ -1409,9 +1372,9 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) return(UNIXERROR(ERRDOS,ERRnoaccess)); } - unixmode = unix_mode(cnum,smb_attr | aARCH); + unixmode = unix_mode(conn,smb_attr | aARCH); - open_file_shared(fnum,cnum,fname,smb_mode,smb_ofun,unixmode, + open_file_shared(fnum,conn,fname,smb_mode,smb_ofun,unixmode, oplock_request, &rmode,&smb_action); if (!fsp->open) @@ -1431,7 +1394,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) } size = sbuf.st_size; - fmode = dos_mode(cnum,fname,&sbuf); + fmode = dos_mode(conn,fname,&sbuf); mtime = sbuf.st_mtime; if (fmode & aDIR) { close_file(fnum,False); @@ -1443,7 +1406,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) correct bit for extended oplock reply. */ - if (ex_oplock_request && lp_fake_oplocks(SNUM(cnum))) { + if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) { smb_action |= EXTENDED_OPLOCK_GRANTED; } @@ -1456,7 +1419,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) correct bit for core oplock reply. */ - if (core_oplock_request && lp_fake_oplocks(SNUM(cnum))) { + if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) { CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } @@ -1467,7 +1430,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) set_message(outbuf,15,0,True); SSVAL(outbuf,smb_vwv2,fnum); SSVAL(outbuf,smb_vwv3,fmode); - if(lp_dos_filetime_resolution(SNUM(cnum)) ) + if(lp_dos_filetime_resolution(SNUM(conn)) ) put_dos_date3(outbuf,smb_vwv4,mtime & ~1); else put_dos_date3(outbuf,smb_vwv4,mtime); @@ -1484,7 +1447,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize) /**************************************************************************** reply to a SMBulogoffX ****************************************************************************/ -int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) +int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { uint16 vuid = SVAL(inbuf,smb_uid); user_struct *vuser = get_valid_user_struct(vuid); @@ -1521,10 +1484,10 @@ int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize) /**************************************************************************** reply to a mknew or a create ****************************************************************************/ -int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; - int cnum,com; + int com; int fnum = -1; int outsize = 0; int createmode; @@ -1535,18 +1498,17 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) int oplock_request = CORE_OPLOCK_REQUEST(inbuf); com = SVAL(inbuf,smb_com); - cnum = SVAL(inbuf,smb_tid); createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); - unix_convert(fname,cnum,0,&bad_path); + unix_convert(fname,conn,0,&bad_path); if (createmode & aVOLID) { DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname)); } - unixmode = unix_mode(cnum,createmode); + unixmode = unix_mode(conn,createmode); fnum = find_free_file(); if (fnum < 0) @@ -1554,7 +1516,7 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) fsp = &Files[fnum]; - if (!check_name(fname,cnum)) + if (!check_name(fname,conn)) { if((errno == ENOENT) && bad_path) { @@ -1577,7 +1539,7 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) } /* Open file in dos compatibility share mode. */ - open_file_shared(fnum,cnum,fname,(DENY_FCB<<4)|0xF, ofun, unixmode, + open_file_shared(fnum,conn,fname,(DENY_FCB<<4)|0xF, ofun, unixmode, oplock_request, NULL, NULL); if (!fsp->open) @@ -1594,7 +1556,7 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fnum); - if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { + if (oplock_request && lp_fake_oplocks(SNUM(conn))) { CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } @@ -1602,8 +1564,8 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; DEBUG( 2, ( "new file %s\n", fname ) ); - DEBUG( 3, ( "mknew %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n", - fname, fsp->fd_ptr->fd, fnum, cnum, createmode, unixmode ) ); + DEBUG( 3, ( "mknew %s fd=%d fnum=%d dmode=%d umode=%o\n", + fname, fsp->fd_ptr->fd, fnum, createmode, unixmode ) ); return(outsize); } @@ -1612,11 +1574,10 @@ int reply_mknew(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a create temporary file ****************************************************************************/ -int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; pstring fname2; - int cnum; int fnum = -1; int outsize = 0; int createmode; @@ -1625,13 +1586,12 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); - cnum = SVAL(inbuf,smb_tid); createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); pstrcat(fname,"/TMXXXXXX"); - unix_convert(fname,cnum,0,&bad_path); + unix_convert(fname,conn,0,&bad_path); - unixmode = unix_mode(cnum,createmode); + unixmode = unix_mode(conn,createmode); fnum = find_free_file(); if (fnum < 0) @@ -1639,7 +1599,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) fsp = &Files[fnum]; - if (!check_name(fname,cnum)) + if (!check_name(fname,conn)) { if((errno == ENOENT) && bad_path) { @@ -1654,7 +1614,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /* Open file in dos compatibility share mode. */ /* We should fail if file exists. */ - open_file_shared(fnum,cnum,fname2,(DENY_FCB<<4)|0xF, 0x10, unixmode, + open_file_shared(fnum,conn,fname2,(DENY_FCB<<4)|0xF, 0x10, unixmode, oplock_request, NULL, NULL); if (!fsp->open) @@ -1673,7 +1633,7 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) CVAL(smb_buf(outbuf),0) = 4; pstrcpy(smb_buf(outbuf) + 1,fname2); - if (oplock_request && lp_fake_oplocks(SNUM(cnum))) { + if (oplock_request && lp_fake_oplocks(SNUM(conn))) { CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } @@ -1681,8 +1641,8 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; DEBUG( 2, ( "created temp file %s\n", fname2 ) ); - DEBUG( 3, ( "ctemp %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n", - fname2, fsp->fd_ptr->fd, fnum, cnum, createmode, unixmode ) ); + DEBUG( 3, ( "ctemp %s fd=%d fnum=%d dmode=%d umode=%o\n", + fname2, fsp->fd_ptr->fd, fnum, createmode, unixmode ) ); return(outsize); } @@ -1691,33 +1651,32 @@ int reply_ctemp(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /******************************************************************* check if a user is allowed to delete a file ********************************************************************/ -static BOOL can_delete(char *fname,int cnum,int dirtype) +static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) { struct stat sbuf; int fmode; - if (!CAN_WRITE(cnum)) return(False); + if (!CAN_WRITE(conn)) return(False); if (sys_lstat(fname,&sbuf) != 0) return(False); - fmode = dos_mode(cnum,fname,&sbuf); + fmode = dos_mode(conn,fname,&sbuf); if (fmode & aDIR) return(False); - if (!lp_delete_readonly(SNUM(cnum))) { + if (!lp_delete_readonly(SNUM(conn))) { if (fmode & aRONLY) return(False); } if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) return(False); - if (!check_file_sharing(cnum,fname,False)) return(False); + if (!check_file_sharing(conn,fname,False)) return(False); return(True); } /**************************************************************************** reply to a unlink ****************************************************************************/ -int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; pstring name; - int cnum; int dirtype; pstring directory; pstring mask; @@ -1730,14 +1689,13 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) *directory = *mask = 0; - cnum = SVAL(inbuf,smb_tid); dirtype = SVAL(inbuf,smb_vwv0); pstrcpy(name,smb_buf(inbuf) + 1); DEBUG(3,("reply_unlink : %s\n",name)); - unix_convert(name,cnum,0,&bad_path); + unix_convert(name,conn,0,&bad_path); p = strrchr(name,'/'); if (!p) { @@ -1757,14 +1715,14 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - if (can_delete(directory,cnum,dirtype) && !sys_unlink(directory)) count++; + if (can_delete(directory,conn,dirtype) && !sys_unlink(directory)) count++; if (!count) exists = file_exist(directory,NULL); } else { void *dirptr = NULL; char *dname; - if (check_name(directory,cnum)) - dirptr = OpenDir(cnum, directory, True); + if (check_name(directory,conn)) + dirptr = OpenDir(conn, directory, True); /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then the pattern matches against the long name, otherwise the short name @@ -1787,7 +1745,7 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - if (!can_delete(fname,cnum,dirtype)) continue; + if (!can_delete(fname,conn,dirtype)) continue; if (!sys_unlink(fname)) count++; DEBUG(3,("reply_unlink : doing unlink on %s\n",fname)); } @@ -1818,9 +1776,9 @@ int reply_unlink(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a readbraw (core+ protocol) ****************************************************************************/ -int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) +int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int dum_buffsize) { - int cnum,maxcount,mincount,fnum; + int maxcount,mincount,fnum; int nread = 0; uint32 startpos; char *header = outbuf; @@ -1843,7 +1801,6 @@ int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) return -1; } - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); startpos = IVAL(inbuf,smb_vwv1); @@ -1854,7 +1811,7 @@ int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) maxcount = MIN(65535,maxcount); maxcount = MAX(mincount,maxcount); - if (!FNUM_OK(fnum,cnum) || !Files[fnum].can_read) + if (!FNUM_OK(fnum,conn) || !Files[fnum].can_read) { DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",fnum)); _smb_setlen(header,0); @@ -1866,11 +1823,11 @@ int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) fsp = &Files[fnum]; fd = fsp->fd_ptr->fd; - fname = fsp->name; + fname = fsp->fsp_name; } - if (!is_locked(fnum,cnum,maxcount,startpos, F_RDLCK)) + if (!is_locked(fnum,conn,maxcount,startpos, F_RDLCK)) { int size = fsp->size; int sizeneeded = startpos + maxcount; @@ -1889,8 +1846,8 @@ int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) if (nread < mincount) nread = 0; - DEBUG( 3, ( "readbraw fnum=%d cnum=%d start=%d max=%d min=%d nread=%d\n", - fnum, cnum, startpos, + DEBUG( 3, ( "readbraw fnum=%d start=%d max=%d min=%d nread=%d\n", + fnum, startpos, maxcount, mincount, nread ) ); #if UNSAFE_READRAW @@ -1930,9 +1887,9 @@ int reply_readbraw(char *inbuf, char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a lockread (core+ protocol) ****************************************************************************/ -int reply_lockread(char *inbuf,char *outbuf, int dum_size, int dum_buffsiz) +int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsiz) { - int cnum,fnum; + int fnum; int nread = -1; char *data; int outsize = 0; @@ -1940,10 +1897,9 @@ int reply_lockread(char *inbuf,char *outbuf, int dum_size, int dum_buffsiz) int eclass; uint32 ecode; - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_READ(fnum); CHECK_ERROR(fnum); @@ -1954,7 +1910,7 @@ int reply_lockread(char *inbuf,char *outbuf, int dum_size, int dum_buffsiz) numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; - if(!do_lock( fnum, cnum, numtoread, startpos, F_RDLCK, &eclass, &ecode)) + if(!do_lock( fnum, conn, numtoread, startpos, F_RDLCK, &eclass, &ecode)) return (ERROR(eclass,ecode)); nread = read_file(fnum,data,startpos,numtoread); @@ -1967,8 +1923,8 @@ int reply_lockread(char *inbuf,char *outbuf, int dum_size, int dum_buffsiz) SSVAL(outbuf,smb_vwv5,nread+3); SSVAL(smb_buf(outbuf),1,nread); - DEBUG( 3, ( "lockread fnum=%d cnum=%d num=%d nread=%d\n", - fnum, cnum, numtoread, nread ) ); + DEBUG( 3, ( "lockread fnum=%d num=%d nread=%d\n", + fnum, numtoread, nread ) ); return(outsize); } @@ -1977,18 +1933,17 @@ int reply_lockread(char *inbuf,char *outbuf, int dum_size, int dum_buffsiz) /**************************************************************************** reply to a read ****************************************************************************/ -int reply_read(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum,numtoread,fnum; + int numtoread,fnum; int nread = 0; char *data; uint32 startpos; int outsize = 0; - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_READ(fnum); CHECK_ERROR(fnum); @@ -1999,7 +1954,7 @@ int reply_read(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; - if (is_locked(fnum,cnum,numtoread,startpos, F_RDLCK)) + if (is_locked(fnum,conn,numtoread,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); if (numtoread > 0) @@ -2014,8 +1969,8 @@ int reply_read(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) CVAL(smb_buf(outbuf),0) = 1; SSVAL(smb_buf(outbuf),1,nread); - DEBUG( 3, ( "read fnum=%d cnum=%d num=%d nread=%d\n", - fnum, cnum, numtoread, nread ) ); + DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n", + fnum, numtoread, nread ) ); return(outsize); } @@ -2024,31 +1979,28 @@ int reply_read(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a read and X ****************************************************************************/ -int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) +int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { int fnum = GETFNUM(inbuf,smb_vwv2); uint32 smb_offs = IVAL(inbuf,smb_vwv3); int smb_maxcnt = SVAL(inbuf,smb_vwv5); int smb_mincnt = SVAL(inbuf,smb_vwv6); - int cnum; int nread = -1; char *data; BOOL ok = False; - cnum = SVAL(inbuf,smb_tid); - /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(cnum)) + if (IS_IPC(conn)) return reply_pipe_read_and_X(inbuf,outbuf,length,bufsize); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_READ(fnum); CHECK_ERROR(fnum); set_message(outbuf,12,0,True); data = smb_buf(outbuf); - if (is_locked(fnum,cnum,smb_maxcnt,smb_offs, F_RDLCK)) + if (is_locked(fnum,conn,smb_maxcnt,smb_offs, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); nread = read_file(fnum,data,smb_offs,smb_maxcnt); ok = True; @@ -2060,9 +2012,8 @@ int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); SSVAL(smb_buf(outbuf),-2,nread); - DEBUG( 3, ( "readX fnum=%d cnum=%d min=%d max=%d nread=%d\n", - fnum, cnum, - smb_mincnt, smb_maxcnt, nread ) ); + DEBUG( 3, ( "readX fnum=%d min=%d max=%d nread=%d\n", + fnum, smb_mincnt, smb_maxcnt, nread ) ); chain_fnum = fnum; @@ -2073,22 +2024,21 @@ int reply_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) /**************************************************************************** reply to a writebraw (core+ or LANMAN1.0 protocol) ****************************************************************************/ -int reply_writebraw(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int nwritten=0; int total_written=0; int numtowrite=0; - int cnum,fnum; + int fnum; int outsize = 0; long startpos; char *data=NULL; BOOL write_through; int tcount; - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_WRITE(fnum); CHECK_ERROR(fnum); @@ -2110,17 +2060,17 @@ int reply_writebraw(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) CVAL(inbuf,smb_com) = SMBwritec; CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fnum,cnum,tcount,startpos, F_WRLCK)) + if (is_locked(fnum,conn,tcount,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); if (seek_file(fnum,startpos) != startpos) - DEBUG(0,("couldn't seek to %d in writebraw\n",startpos)); + DEBUG(0,("couldn't seek to %ld in writebraw\n",startpos)); if (numtowrite>0) nwritten = write_file(fnum,data,numtowrite); - DEBUG( 3, ( "writebraw1 fnum=%d cnum=%d start=%d num=%d wrote=%d sync=%d\n", - fnum, cnum, startpos, numtowrite, nwritten, write_through ) ); + DEBUG(3,("writebraw1 fnum=%d start=%ld num=%d wrote=%d sync=%d\n", + fnum, startpos, numtowrite, nwritten, write_through)); if (nwritten < numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -2162,11 +2112,11 @@ int reply_writebraw(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) SSVAL(outbuf,smb_err,ERRdiskfull); } - if (lp_syncalways(SNUM(cnum)) || write_through) - sync_file(cnum,fnum); + if (lp_syncalways(SNUM(conn)) || write_through) + sync_file(conn,fnum); - DEBUG( 3, ( "writebraw2 fnum=%d cnum=%d start=%d num=%d wrote=%d\n", - fnum, cnum, startpos, numtowrite, total_written ) ); + DEBUG(3,("writebraw2 fnum=%d start=%ld num=%d wrote=%d\n", + fnum, startpos, numtowrite, total_written)); /* we won't return a status if write through is not selected - this follows what WfWg does */ @@ -2180,9 +2130,9 @@ int reply_writebraw(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a writeunlock (core+) ****************************************************************************/ -int reply_writeunlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum,fnum; + int fnum; int nwritten = -1; int outsize = 0; char *data; @@ -2190,10 +2140,9 @@ int reply_writeunlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) int eclass; uint32 ecode; - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_WRITE(fnum); CHECK_ERROR(fnum); @@ -2201,7 +2150,7 @@ int reply_writeunlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fnum,cnum,numtowrite,startpos, F_WRLCK)) + if (is_locked(fnum,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); seek_file(fnum,startpos); @@ -2214,21 +2163,21 @@ int reply_writeunlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) else nwritten = write_file(fnum,data,numtowrite); - if (lp_syncalways(SNUM(cnum))) - sync_file(cnum,fnum); + if (lp_syncalways(SNUM(conn))) + sync_file(conn,fnum); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); - if(!do_unlock(fnum, cnum, numtowrite, startpos, &eclass, &ecode)) + if(!do_unlock(fnum, conn, numtowrite, startpos, &eclass, &ecode)) return(ERROR(eclass,ecode)); outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,nwritten); - DEBUG( 3, ( "writeunlock fnum=%d cnum=%d num=%d wrote=%d\n", - fnum, cnum, numtowrite, nwritten ) ); + DEBUG( 3, ( "writeunlock fnum=%d num=%d wrote=%d\n", + fnum, numtowrite, nwritten ) ); return(outsize); } @@ -2237,18 +2186,17 @@ int reply_writeunlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a write ****************************************************************************/ -int reply_write(char *inbuf,char *outbuf,int dum_size,int dum_buffsize) +int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,int dum_buffsize) { - int cnum,numtowrite,fnum; + int numtowrite,fnum; int nwritten = -1; int outsize = 0; int startpos; char *data; - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_WRITE(fnum); CHECK_ERROR(fnum); @@ -2256,7 +2204,7 @@ int reply_write(char *inbuf,char *outbuf,int dum_size,int dum_buffsize) startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fnum,cnum,numtowrite,startpos, F_WRLCK)) + if (is_locked(fnum,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); seek_file(fnum,startpos); @@ -2269,8 +2217,8 @@ int reply_write(char *inbuf,char *outbuf,int dum_size,int dum_buffsize) else nwritten = write_file(fnum,data,numtowrite); - if (lp_syncalways(SNUM(cnum))) - sync_file(cnum,fnum); + if (lp_syncalways(SNUM(conn))) + sync_file(conn,fnum); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2284,8 +2232,8 @@ int reply_write(char *inbuf,char *outbuf,int dum_size,int dum_buffsize) SSVAL(outbuf,smb_err,ERRdiskfull); } - DEBUG( 3, ( "%s write fnum=%d cnum=%d num=%d wrote=%d\n", - fnum, cnum, numtowrite, nwritten ) ); + DEBUG(3,("write fnum=%d num=%d wrote=%d\n", + fnum, numtowrite, nwritten)); return(outsize); } @@ -2294,26 +2242,23 @@ int reply_write(char *inbuf,char *outbuf,int dum_size,int dum_buffsize) /**************************************************************************** reply to a write and X ****************************************************************************/ -int reply_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) +int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { int fnum = GETFNUM(inbuf,smb_vwv2); uint32 smb_offs = IVAL(inbuf,smb_vwv3); int smb_dsize = SVAL(inbuf,smb_vwv10); int smb_doff = SVAL(inbuf,smb_vwv11); BOOL write_through = BITSETW(inbuf+smb_vwv7,0); - int cnum; int nwritten = -1; char *data; - cnum = SVAL(inbuf,smb_tid); - - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_WRITE(fnum); CHECK_ERROR(fnum); data = smb_base(inbuf) + smb_doff; - if (is_locked(fnum,cnum,smb_dsize,smb_offs, F_WRLCK)) + if (is_locked(fnum,conn,smb_dsize,smb_offs, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); seek_file(fnum,smb_offs); @@ -2339,13 +2284,13 @@ int reply_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) SSVAL(outbuf,smb_err,ERRdiskfull); } - DEBUG( 3, ( "%s writeX fnum=%d cnum=%d num=%d wrote=%d\n", - fnum, cnum, smb_dsize, nwritten ) ); + DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n", + fnum, smb_dsize, nwritten)); chain_fnum = fnum; - if (lp_syncalways(SNUM(cnum)) || write_through) - sync_file(cnum,fnum); + if (lp_syncalways(SNUM(conn)) || write_through) + sync_file(conn,fnum); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2354,19 +2299,18 @@ int reply_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) /**************************************************************************** reply to a lseek ****************************************************************************/ -int reply_lseek(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum,fnum; + int fnum; uint32 startpos; int32 res= -1; int mode,umode; int outsize = 0; files_struct *fsp; - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_ERROR(fnum); mode = SVAL(inbuf,smb_vwv1) & 3; @@ -2389,8 +2333,8 @@ int reply_lseek(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,2,0,True); SIVALS(outbuf,smb_vwv0,res); - DEBUG( 3, ( "lseek fnum=%d cnum=%d ofs=%d mode=%d\n", - fnum, cnum, startpos, mode ) ); + DEBUG(3,("lseek fnum=%d ofs=%d mode=%d\n", + fnum, startpos, mode)); return(outsize); } @@ -2399,28 +2343,28 @@ int reply_lseek(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a flush ****************************************************************************/ -int reply_flush(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum, fnum; + int fnum; int outsize = set_message(outbuf,0,0,True); - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); if (fnum != 0xFFFF) { - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_ERROR(fnum); } - if (fnum == 0xFFFF) - { - int i; - for (i=0;iwbmpx_ptr->wr_errclass; - err = fsp->wbmpx_ptr->wr_error; - } - - if(fsp->is_directory) { - /* - * Special case - close NT SMB directory - * handle. - */ - DEBUG( 3, ( "close directory fnum=%d cnum=%d\n", - fnum, cnum ) ); - close_directory( fnum ); - } else { - /* - * Close ordinary file. - */ - mtime = make_unix_date3(inbuf+smb_vwv1); + if(HAS_CACHED_ERROR(fnum)) { + eclass = fsp->wbmpx_ptr->wr_errclass; + err = fsp->wbmpx_ptr->wr_error; + } - /* try and set the date */ - set_filetime(cnum, fsp->name,mtime); + if(fsp->is_directory) { + /* + * Special case - close NT SMB directory + * handle. + */ + DEBUG(3,("close directory fnum=%d\n", fnum)); + close_directory(fnum); + } else { + /* + * Close ordinary file. + */ + mtime = make_unix_date3(inbuf+smb_vwv1); + + /* try and set the date */ + set_filetime(conn, fsp->fsp_name,mtime); - DEBUG( 3, ( "close fd=%d fnum=%d cnum=%d (numopen=%d)\n", - fsp->fd_ptr->fd, fnum, cnum, - Connections[cnum].num_files_open ) ); + DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n", + fsp->fd_ptr->fd, fnum, + conn->num_files_open)); - close_file(fnum,True); - } + close_file(fnum,True); + } - /* We have a cached error */ - if(eclass || err) - return(ERROR(eclass,err)); + /* We have a cached error */ + if(eclass || err) + return(ERROR(eclass,err)); - return(outsize); + return(outsize); } /**************************************************************************** reply to a writeclose (Core+ protocol) ****************************************************************************/ -int reply_writeclose(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_writeclose(connection_struct *conn, + char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum,numtowrite,fnum; - int nwritten = -1; - int outsize = 0; - int startpos; - char *data; - time_t mtime; - - cnum = SVAL(inbuf,smb_tid); - fnum = GETFNUM(inbuf,smb_vwv0); - - CHECK_FNUM(fnum,cnum); - CHECK_WRITE(fnum); - CHECK_ERROR(fnum); - - numtowrite = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv2); - mtime = make_unix_date3(inbuf+smb_vwv4); - data = smb_buf(inbuf) + 1; - - if (is_locked(fnum,cnum,numtowrite,startpos, F_WRLCK)) - return(ERROR(ERRDOS,ERRlock)); + int numtowrite,fnum; + int nwritten = -1; + int outsize = 0; + int startpos; + char *data; + time_t mtime; + + fnum = GETFNUM(inbuf,smb_vwv0); + + CHECK_FNUM(fnum,conn); + CHECK_WRITE(fnum); + CHECK_ERROR(fnum); + + numtowrite = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv2); + mtime = make_unix_date3(inbuf+smb_vwv4); + data = smb_buf(inbuf) + 1; + + if (is_locked(fnum,conn,numtowrite,startpos, F_WRLCK)) + return(ERROR(ERRDOS,ERRlock)); - seek_file(fnum,startpos); + seek_file(fnum,startpos); - nwritten = write_file(fnum,data,numtowrite); + nwritten = write_file(fnum,data,numtowrite); - set_filetime(cnum, Files[fnum].name,mtime); + set_filetime(conn, Files[fnum].fsp_name,mtime); - close_file(fnum,True); + close_file(fnum,True); - DEBUG( 3, ( "writeclose fnum=%d cnum=%d num=%d wrote=%d (numopen=%d)\n", - fnum, cnum, numtowrite, nwritten, - Connections[cnum].num_files_open ) ); + DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n", + fnum, numtowrite, nwritten, + conn->num_files_open)); - if (nwritten <= 0) - return(UNIXERROR(ERRDOS,ERRnoaccess)); + if (nwritten <= 0) + return(UNIXERROR(ERRDOS,ERRnoaccess)); - outsize = set_message(outbuf,1,0,True); + outsize = set_message(outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,nwritten); - return(outsize); + SSVAL(outbuf,smb_vwv0,nwritten); + return(outsize); } /**************************************************************************** reply to a lock ****************************************************************************/ -int reply_lock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_lock(connection_struct *conn, + char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int fnum,cnum; - int outsize = set_message(outbuf,0,0,True); - uint32 count,offset; - int eclass; - uint32 ecode; + int fnum; + int outsize = set_message(outbuf,0,0,True); + uint32 count,offset; + int eclass; + uint32 ecode; - cnum = SVAL(inbuf,smb_tid); - fnum = GETFNUM(inbuf,smb_vwv0); + fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); - CHECK_ERROR(fnum); + CHECK_FNUM(fnum,conn); + CHECK_ERROR(fnum); - count = IVAL(inbuf,smb_vwv1); - offset = IVAL(inbuf,smb_vwv3); + count = IVAL(inbuf,smb_vwv1); + offset = IVAL(inbuf,smb_vwv3); - DEBUG( 3, ("lock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n", - Files[fnum].fd_ptr->fd, fnum, cnum, offset, count ) ); + DEBUG(3,("lock fd=%d fnum=%d ofs=%d cnt=%d\n", + Files[fnum].fd_ptr->fd, fnum, offset, count)); - if(!do_lock( fnum, cnum, count, offset, F_WRLCK, &eclass, &ecode)) - return (ERROR(eclass,ecode)); + if (!do_lock(fnum, conn, count, offset, F_WRLCK, &eclass, &ecode)) + return (ERROR(eclass,ecode)); - return(outsize); + return(outsize); } /**************************************************************************** reply to a unlock ****************************************************************************/ -int reply_unlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int fnum,cnum; + int fnum; int outsize = set_message(outbuf,0,0,True); uint32 count,offset; int eclass; uint32 ecode; - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_ERROR(fnum); count = IVAL(inbuf,smb_vwv1); offset = IVAL(inbuf,smb_vwv3); - if(!do_unlock(fnum, cnum, count, offset, &eclass, &ecode)) + if(!do_unlock(fnum, conn, count, offset, &eclass, &ecode)) return (ERROR(eclass,ecode)); - DEBUG( 3, ( "unlock fd=%d fnum=%d cnum=%d ofs=%d cnt=%d\n", - Files[fnum].fd_ptr->fd, fnum, cnum, offset, count ) ); + DEBUG( 3, ( "unlock fd=%d fnum=%d ofs=%d cnt=%d\n", + Files[fnum].fd_ptr->fd, fnum, offset, count ) ); return(outsize); } @@ -2619,27 +2561,24 @@ int reply_unlock(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a tdis ****************************************************************************/ -int reply_tdis(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_tdis(connection_struct *conn, + char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum; - int outsize = set_message(outbuf,0,0,True); - uint16 vuid; + int outsize = set_message(outbuf,0,0,True); + uint16 vuid; - cnum = SVAL(inbuf,smb_tid); - vuid = SVAL(inbuf,smb_uid); + vuid = SVAL(inbuf,smb_uid); - if (!OPEN_CNUM(cnum)) { - DEBUG(4,("Invalid cnum in tdis (%d)\n",cnum)); - return(ERROR(ERRSRV,ERRinvnid)); - } + if (!conn) { + DEBUG(4,("Invalid connection in tdis\n")); + return(ERROR(ERRSRV,ERRinvnid)); + } - Connections[cnum].used = False; + conn->used = False; - close_cnum(cnum,vuid); + close_cnum(conn,vuid); - DEBUG( 3, ( "tdis cnum=%d\n", cnum ) ); - - return outsize; + return outsize; } @@ -2647,261 +2586,217 @@ int reply_tdis(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a echo ****************************************************************************/ -int reply_echo(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_echo(connection_struct *conn, + char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum; - int smb_reverb = SVAL(inbuf,smb_vwv0); - int seq_num; - int data_len = smb_buflen(inbuf); - int outsize = set_message(outbuf,1,data_len,True); - - cnum = SVAL(inbuf,smb_tid); - - /* According to the latest CIFS spec we shouldn't - care what the TID is. - */ - -#if 0 - if (cnum != 0xFFFF && !OPEN_CNUM(cnum)) - { - DEBUG(4,("Invalid cnum in echo (%d)\n",cnum)); - return(ERROR(ERRSRV,ERRinvnid)); - } -#endif + int smb_reverb = SVAL(inbuf,smb_vwv0); + int seq_num; + int data_len = smb_buflen(inbuf); + int outsize = set_message(outbuf,1,data_len,True); + + /* copy any incoming data back out */ + if (data_len > 0) + memcpy(smb_buf(outbuf),smb_buf(inbuf),data_len); - /* copy any incoming data back out */ - if (data_len > 0) - memcpy(smb_buf(outbuf),smb_buf(inbuf),data_len); + if (smb_reverb > 100) { + DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb)); + smb_reverb = 100; + } - if (smb_reverb > 100) - { - DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb)); - smb_reverb = 100; - } + for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) { + SSVAL(outbuf,smb_vwv0,seq_num); - for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) - { - SSVAL(outbuf,smb_vwv0,seq_num); + smb_setlen(outbuf,outsize - 4); - smb_setlen(outbuf,outsize - 4); - - send_smb(Client,outbuf); - } + send_smb(Client,outbuf); + } - DEBUG( 3, ( "echo %d times cnum=%d\n", smb_reverb, cnum ) ); + DEBUG(3,("echo %d times\n", smb_reverb)); - return -1; + return -1; } /**************************************************************************** reply to a printopen ****************************************************************************/ -int reply_printopen(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_printopen(connection_struct *conn, + char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - pstring fname; - pstring fname2; - int cnum; - int fnum = -1; - int outsize = 0; - files_struct *fsp; - - *fname = *fname2 = 0; - - cnum = SVAL(inbuf,smb_tid); - - if (!CAN_PRINT(cnum)) - return(ERROR(ERRDOS,ERRnoaccess)); - - { - pstring s; - char *p; - pstrcpy(s,smb_buf(inbuf)+1); - p = s; - while (*p) - { - if (!(isalnum(*p) || strchr("._-",*p))) - *p = 'X'; - p++; - } + pstring fname; + pstring fname2; + int fnum = -1; + int outsize = 0; + files_struct *fsp; + + *fname = *fname2 = 0; + + if (!CAN_PRINT(conn)) + return(ERROR(ERRDOS,ERRnoaccess)); - if (strlen(s) > 10) s[10] = 0; + { + pstring s; + char *p; + pstrcpy(s,smb_buf(inbuf)+1); + p = s; + while (*p) { + if (!(isalnum(*p) || strchr("._-",*p))) + *p = 'X'; + p++; + } - slprintf(fname,sizeof(fname)-1, "%s.XXXXXX",s); - } + if (strlen(s) > 10) s[10] = 0; - fnum = find_free_file(); - if (fnum < 0) - return(ERROR(ERRSRV,ERRnofids)); + slprintf(fname,sizeof(fname)-1, "%s.XXXXXX",s); + } - fsp = &Files[fnum]; + fnum = find_free_file(); + if (fnum < 0) + return(ERROR(ERRSRV,ERRnofids)); - pstrcpy(fname2,(char *)mktemp(fname)); + fsp = &Files[fnum]; + + pstrcpy(fname2,(char *)mktemp(fname)); - if (!check_name(fname2,cnum)) { - fsp->reserved = False; - return(ERROR(ERRDOS,ERRnoaccess)); - } + if (!check_name(fname2,conn)) { + fsp->reserved = False; + return(ERROR(ERRDOS,ERRnoaccess)); + } - /* Open for exclusive use, write only. */ - open_file_shared(fnum,cnum,fname2,(DENY_ALL<<4)|1, 0x12, unix_mode(cnum,0), - 0, NULL, NULL); + /* Open for exclusive use, write only. */ + open_file_shared(fnum,conn,fname2, + (DENY_ALL<<4)|1, 0x12, unix_mode(conn,0), + 0, NULL, NULL); - if (!fsp->open) { - fsp->reserved = False; - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } + if (!fsp->open) { + fsp->reserved = False; + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } - /* force it to be a print file */ - fsp->print_file = True; + /* force it to be a print file */ + fsp->print_file = True; - outsize = set_message(outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,fnum); + outsize = set_message(outbuf,1,0,True); + SSVAL(outbuf,smb_vwv0,fnum); - DEBUG( 3, ("openprint %s fd=%d fnum=%d cnum=%d\n", - fname2, fsp->fd_ptr->fd, fnum, cnum ) ); + DEBUG(3,("openprint %s fd=%d fnum=%d\n", + fname2, fsp->fd_ptr->fd, fnum)); - return(outsize); + return(outsize); } /**************************************************************************** reply to a printclose ****************************************************************************/ -int reply_printclose(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_printclose(connection_struct *conn, + char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int fnum,cnum; - int outsize = set_message(outbuf,0,0,True); + int fnum; + int outsize = set_message(outbuf,0,0,True); - cnum = SVAL(inbuf,smb_tid); - fnum = GETFNUM(inbuf,smb_vwv0); + fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); - CHECK_ERROR(fnum); + CHECK_FNUM(fnum,conn); + CHECK_ERROR(fnum); - if (!CAN_PRINT(cnum)) - return(ERROR(ERRDOS,ERRnoaccess)); + if (!CAN_PRINT(conn)) + return(ERROR(ERRDOS,ERRnoaccess)); - DEBUG( 3, ( "printclose fd=%d fnum=%d cnum=%d\n", - Files[fnum].fd_ptr->fd,fnum,cnum)); + DEBUG(3,("printclose fd=%d fnum=%d\n", + Files[fnum].fd_ptr->fd,fnum)); - close_file(fnum,True); + close_file(fnum,True); - return(outsize); + return(outsize); } /**************************************************************************** reply to a printqueue ****************************************************************************/ -int reply_printqueue(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_printqueue(connection_struct *conn, + char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum; - int outsize = set_message(outbuf,2,3,True); - int max_count = SVAL(inbuf,smb_vwv0); - int start_index = SVAL(inbuf,smb_vwv1); - uint16 vuid; - - cnum = SVAL(inbuf,smb_tid); - vuid = SVAL(inbuf,smb_uid); - -/* allow checking the queue for anyone */ -#if 0 - if (!CAN_PRINT(cnum)) - return(ERROR(ERRDOS,ERRnoaccess)); -#endif - - SSVAL(outbuf,smb_vwv0,0); - SSVAL(outbuf,smb_vwv1,0); - CVAL(smb_buf(outbuf),0) = 1; - SSVAL(smb_buf(outbuf),1,0); + int outsize = set_message(outbuf,2,3,True); + int max_count = SVAL(inbuf,smb_vwv0); + int start_index = SVAL(inbuf,smb_vwv1); + uint16 vuid; + + vuid = SVAL(inbuf,smb_uid); + + /* we used to allow the client to get the cnum wrong, but that + is really quite gross and only worked when there was only + one printer - I think we should now only accept it if they + get it right (tridge) */ + if (!CAN_PRINT(conn)) + return(ERROR(ERRDOS,ERRnoaccess)); + + SSVAL(outbuf,smb_vwv0,0); + SSVAL(outbuf,smb_vwv1,0); + CVAL(smb_buf(outbuf),0) = 1; + SSVAL(smb_buf(outbuf),1,0); - DEBUG( 3, ( "printqueue cnum=%d start_index=%d max_count=%d\n", - cnum, start_index, max_count ) ); - - if (!OPEN_CNUM(cnum) || !Connections[cnum].printer) - { - int i; - cnum = -1; - - for (i=0;i0?start_index:start_index+max_count+1); - int i; + DEBUG(3,("printqueue start_index=%d max_count=%d\n", + start_index, max_count)); - if (first >= count) - num_to_get = 0; - else - num_to_get = MIN(num_to_get,count-first); + { + print_queue_struct *queue = NULL; + char *p = smb_buf(outbuf) + 3; + int count = get_printqueue(SNUM(conn), conn,&queue,NULL); + int num_to_get = ABS(max_count); + int first = (max_count>0?start_index:start_index+max_count+1); + int i; + + if (first >= count) + num_to_get = 0; + else + num_to_get = MIN(num_to_get,count-first); - for (i=first;i 0) - { - outsize = set_message(outbuf,2,28*count+3,False); - SSVAL(outbuf,smb_vwv0,count); - SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1)); - CVAL(smb_buf(outbuf),0) = 1; - SSVAL(smb_buf(outbuf),1,28*count); - } + if (count > 0) { + outsize = set_message(outbuf,2,28*count+3,False); + SSVAL(outbuf,smb_vwv0,count); + SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1)); + CVAL(smb_buf(outbuf),0) = 1; + SSVAL(smb_buf(outbuf),1,28*count); + } - if (queue) free(queue); + if (queue) free(queue); - DEBUG(3,("%d entries returned in queue\n",count)); - } + DEBUG(3,("%d entries returned in queue\n",count)); + } - return(outsize); + return(outsize); } /**************************************************************************** reply to a printwrite ****************************************************************************/ -int reply_printwrite(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum,numtowrite,fnum; + int numtowrite,fnum; int outsize = set_message(outbuf,0,0,True); char *data; - cnum = SVAL(inbuf,smb_tid); - - if (!CAN_PRINT(cnum)) + if (!CAN_PRINT(conn)) return(ERROR(ERRDOS,ERRnoaccess)); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_WRITE(fnum); CHECK_ERROR(fnum); @@ -2911,7 +2806,7 @@ int reply_printwrite(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) if (write_file(fnum,data,numtowrite) != numtowrite) return(UNIXERROR(ERRDOS,ERRnoaccess)); - DEBUG( 3, ( "printwrite fnum=%d cnum=%d num=%d\n", fnum, cnum, numtowrite ) ); + DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fnum, numtowrite ) ); return(outsize); } @@ -2920,19 +2815,17 @@ int reply_printwrite(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a mkdir ****************************************************************************/ -int reply_mkdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring directory; - int cnum; int outsize,ret= -1; BOOL bad_path = False; pstrcpy(directory,smb_buf(inbuf) + 1); - cnum = SVAL(inbuf,smb_tid); - unix_convert(directory,cnum,0,&bad_path); + unix_convert(directory,conn,0,&bad_path); - if (check_name(directory,cnum)) - ret = sys_mkdir(directory,unix_mode(cnum,aDIR)); + if (check_name(directory, conn)) + ret = sys_mkdir(directory,unix_mode(conn,aDIR)); if (ret < 0) { @@ -2946,7 +2839,7 @@ int reply_mkdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) outsize = set_message(outbuf,0,0,True); - DEBUG( 3, ( "mkdir %s cnum=%d ret=%d\n", directory, cnum, ret ) ); + DEBUG( 3, ( "mkdir %s ret=%d\n", directory, ret ) ); return(outsize); } @@ -2959,7 +2852,7 @@ static BOOL recursive_rmdir(char *directory) { char *dname = NULL; BOOL ret = False; - void *dirptr = OpenDir(-1, directory, False); + void *dirptr = OpenDir(NULL, directory, False); if(dirptr == NULL) return True; @@ -3015,24 +2908,22 @@ static BOOL recursive_rmdir(char *directory) /**************************************************************************** reply to a rmdir ****************************************************************************/ -int reply_rmdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring directory; - int cnum; int outsize = 0; BOOL ok = False; BOOL bad_path = False; - cnum = SVAL(inbuf,smb_tid); pstrcpy(directory,smb_buf(inbuf) + 1); - unix_convert(directory,cnum,0,&bad_path); + unix_convert(directory,conn, NULL,&bad_path); - if (check_name(directory,cnum)) + if (check_name(directory,conn)) { dptr_closepath(directory,SVAL(inbuf,smb_pid)); ok = (sys_rmdir(directory) == 0); - if(!ok && (errno == ENOTEMPTY) && lp_veto_files(SNUM(cnum))) + if(!ok && (errno == ENOTEMPTY) && lp_veto_files(SNUM(conn))) { /* Check to see if the only thing in this directory are vetoed files/directories. If so then delete them and @@ -3040,7 +2931,7 @@ int reply_rmdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) do a recursive delete) then fail the rmdir. */ BOOL all_veto_files = True; char *dname; - void *dirptr = OpenDir(cnum, directory, False); + void *dirptr = OpenDir(conn, directory, False); if(dirptr != NULL) { @@ -3049,7 +2940,7 @@ int reply_rmdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) continue; - if(!IS_VETO_PATH(cnum, dname)) + if(!IS_VETO_PATH(conn, dname)) { all_veto_files = False; break; @@ -3080,7 +2971,7 @@ int reply_rmdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) break; if(st.st_mode & S_IFDIR) { - if(lp_recursive_veto_delete(SNUM(cnum))) + if(lp_recursive_veto_delete(SNUM(conn))) { if(recursive_rmdir(fullname) != 0) break; @@ -3192,14 +3083,14 @@ static BOOL resolve_wildcards(char *name1,char *name2) /******************************************************************* check if a user is allowed to rename a file ********************************************************************/ -static BOOL can_rename(char *fname,int cnum) +static BOOL can_rename(char *fname,connection_struct *conn) { struct stat sbuf; - if (!CAN_WRITE(cnum)) return(False); + if (!CAN_WRITE(conn)) return(False); if (sys_lstat(fname,&sbuf) != 0) return(False); - if (!check_file_sharing(cnum,fname,True)) return(False); + if (!check_file_sharing(conn,fname,True)) return(False); return(True); } @@ -3208,204 +3099,205 @@ static BOOL can_rename(char *fname,int cnum) The guts of the rename command, split out so it may be called by the NT SMB code. ****************************************************************************/ - -int rename_internals(char *inbuf, char *outbuf, char *name, char *newname, BOOL replace_if_exists) +int rename_internals(connection_struct *conn, + char *inbuf, char *outbuf, char *name, + char *newname, BOOL replace_if_exists) { - int cnum; - pstring directory; - pstring mask; - pstring newname_last_component; - char *p; - BOOL has_wild; - BOOL bad_path1 = False; - BOOL bad_path2 = False; - int count=0; - int error = ERRnoaccess; - BOOL exists=False; - - cnum = SVAL(inbuf,smb_tid); - - *directory = *mask = 0; - - unix_convert(name,cnum,0,&bad_path1); - unix_convert(newname,cnum,newname_last_component,&bad_path2); - - /* - * Split the old name into directory and last component - * strings. Note that unix_convert may have stripped off a - * leading ./ from both name and newname if the rename is - * at the root of the share. We need to make sure either both - * name and newname contain a / character or neither of them do - * as this is checked in resolve_wildcards(). - */ - - p = strrchr(name,'/'); - if (!p) { - pstrcpy(directory,"."); - pstrcpy(mask,name); - } else { - *p = 0; - pstrcpy(directory,name); - pstrcpy(mask,p+1); - *p = '/'; /* Replace needed for exceptional test below. */ - } - - if (is_mangled(mask)) - check_mangled_cache( mask ); - - has_wild = strchr(mask,'*') || strchr(mask,'?'); - - if (!has_wild) { - /* - * No wildcards - just process the one file. - */ - BOOL is_short_name = is_8_3(name, True); - - /* Add a terminating '/' to the directory name. */ - pstrcat(directory,"/"); - pstrcat(directory,mask); + pstring directory; + pstring mask; + pstring newname_last_component; + char *p; + BOOL has_wild; + BOOL bad_path1 = False; + BOOL bad_path2 = False; + int count=0; + int error = ERRnoaccess; + BOOL exists=False; + + *directory = *mask = 0; + + unix_convert(name,conn,0,&bad_path1); + unix_convert(newname,conn,newname_last_component,&bad_path2); + + /* + * Split the old name into directory and last component + * strings. Note that unix_convert may have stripped off a + * leading ./ from both name and newname if the rename is + * at the root of the share. We need to make sure either both + * name and newname contain a / character or neither of them do + * as this is checked in resolve_wildcards(). + */ + + p = strrchr(name,'/'); + if (!p) { + pstrcpy(directory,"."); + pstrcpy(mask,name); + } else { + *p = 0; + pstrcpy(directory,name); + pstrcpy(mask,p+1); + *p = '/'; /* Replace needed for exceptional test below. */ + } - /* Ensure newname contains a '/' also */ - if(strrchr(newname,'/') == 0) { - pstring tmpstr; + if (is_mangled(mask)) + check_mangled_cache( mask ); - pstrcpy(tmpstr, "./"); - pstrcat(tmpstr, newname); - pstrcpy(newname, tmpstr); - } - - DEBUG(3,("rename_internals: case_sensitive = %d, case_preserve = %d, short case preserve = %d, directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", - case_sensitive, case_preserve, short_case_preserve, directory, - newname, newname_last_component, is_short_name)); + has_wild = strchr(mask,'*') || strchr(mask,'?'); - /* - * Check for special case with case preserving and not - * case sensitive, if directory and newname are identical, - * and the old last component differs from the original - * last component only by case, then we should allow - * the rename (user is trying to change the case of the - * filename). - */ - if((case_sensitive == False) && ( ((case_preserve == True) && (is_short_name == False)) || - ((short_case_preserve == True) && (is_short_name == True))) && - strcsequal(directory, newname)) { - pstring newname_modified_last_component; - - /* - * Get the last component of the modified name. - * Note that we guarantee that newname contains a '/' - * character above. - */ - p = strrchr(newname,'/'); - pstrcpy(newname_modified_last_component,p+1); + if (!has_wild) { + /* + * No wildcards - just process the one file. + */ + BOOL is_short_name = is_8_3(name, True); - if(strcsequal(newname_modified_last_component, - newname_last_component) == False) { - /* - * Replace the modified last component with - * the original. - */ - pstrcpy(p+1, newname_last_component); - } - } - - if(replace_if_exists) { - /* - * NT SMB specific flag - rename can overwrite - * file with the same name so don't check for - * file_exist(). - */ - if(resolve_wildcards(directory,newname) && - can_rename(directory,cnum) && - !sys_rename(directory,newname)) - count++; - } else { - if (resolve_wildcards(directory,newname) && - can_rename(directory,cnum) && - !file_exist(newname,NULL) && - !sys_rename(directory,newname)) - count++; - } + /* Add a terminating '/' to the directory name. */ + pstrcat(directory,"/"); + pstrcat(directory,mask); + + /* Ensure newname contains a '/' also */ + if(strrchr(newname,'/') == 0) { + pstring tmpstr; + + pstrcpy(tmpstr, "./"); + pstrcat(tmpstr, newname); + pstrcpy(newname, tmpstr); + } + + DEBUG(3,("rename_internals: case_sensitive = %d, case_preserve = %d, short case preserve = %d, directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", + case_sensitive, case_preserve, short_case_preserve, directory, + newname, newname_last_component, is_short_name)); + + /* + * Check for special case with case preserving and not + * case sensitive, if directory and newname are identical, + * and the old last component differs from the original + * last component only by case, then we should allow + * the rename (user is trying to change the case of the + * filename). + */ + if((case_sensitive == False) && + (((case_preserve == True) && + (is_short_name == False)) || + ((short_case_preserve == True) && + (is_short_name == True))) && + strcsequal(directory, newname)) { + pstring newname_modified_last_component; + + /* + * Get the last component of the modified name. + * Note that we guarantee that newname contains a '/' + * character above. + */ + p = strrchr(newname,'/'); + pstrcpy(newname_modified_last_component,p+1); + + if(strcsequal(newname_modified_last_component, + newname_last_component) == False) { + /* + * Replace the modified last component with + * the original. + */ + pstrcpy(p+1, newname_last_component); + } + } + + if(replace_if_exists) { + /* + * NT SMB specific flag - rename can overwrite + * file with the same name so don't check for + * file_exist(). + */ + if(resolve_wildcards(directory,newname) && + can_rename(directory,conn) && + !sys_rename(directory,newname)) + count++; + } else { + if (resolve_wildcards(directory,newname) && + can_rename(directory,conn) && + !file_exist(newname,NULL) && + !sys_rename(directory,newname)) + count++; + } - DEBUG(3,("rename_internals: %s doing rename on %s -> %s\n",(count != 0) ? "succeeded" : "failed", + DEBUG(3,("rename_internals: %s doing rename on %s -> %s\n",(count != 0) ? "succeeded" : "failed", directory,newname)); - - if (!count) exists = file_exist(directory,NULL); - if (!count && exists && file_exist(newname,NULL)) { - exists = True; - error = 183; - } - } else { - /* - * Wildcards - process each file that matches. - */ - void *dirptr = NULL; - char *dname; - pstring destname; - - if (check_name(directory,cnum)) - dirptr = OpenDir(cnum, directory, True); - - if (dirptr) { - error = ERRbadfile; - - if (strequal(mask,"????????.???")) - pstrcpy(mask,"*"); - - while ((dname = ReadDirName(dirptr))) { - pstring fname; - pstrcpy(fname,dname); - - if(!mask_match(fname, mask, case_sensitive, False)) - continue; - - error = ERRnoaccess; - slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); - if (!can_rename(fname,cnum)) { - DEBUG(6,("rename %s refused\n", fname)); - continue; - } - pstrcpy(destname,newname); - - if (!resolve_wildcards(fname,destname)) { - DEBUG(6,("resolve_wildcards %s %s failed\n", fname, destname)); - continue; - } - - if (!replace_if_exists && file_exist(destname,NULL)) { - DEBUG(6,("file_exist %s\n", destname)); - error = 183; - continue; - } - - if (!sys_rename(fname,destname)) - count++; - DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); - } - CloseDir(dirptr); - } - } - - if (count == 0) { - if (exists) - return(ERROR(ERRDOS,error)); - else { - if((errno == ENOENT) && (bad_path1 || bad_path2)) { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - return(UNIXERROR(ERRDOS,error)); - } - } - - return 0; + + if (!count) exists = file_exist(directory,NULL); + if (!count && exists && file_exist(newname,NULL)) { + exists = True; + error = 183; + } + } else { + /* + * Wildcards - process each file that matches. + */ + void *dirptr = NULL; + char *dname; + pstring destname; + + if (check_name(directory,conn)) + dirptr = OpenDir(conn, directory, True); + + if (dirptr) { + error = ERRbadfile; + + if (strequal(mask,"????????.???")) + pstrcpy(mask,"*"); + + while ((dname = ReadDirName(dirptr))) { + pstring fname; + pstrcpy(fname,dname); + + if(!mask_match(fname, mask, case_sensitive, False)) + continue; + + error = ERRnoaccess; + slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); + if (!can_rename(fname,conn)) { + DEBUG(6,("rename %s refused\n", fname)); + continue; + } + pstrcpy(destname,newname); + + if (!resolve_wildcards(fname,destname)) { + DEBUG(6,("resolve_wildcards %s %s failed\n", fname, destname)); + continue; + } + + if (!replace_if_exists && file_exist(destname,NULL)) { + DEBUG(6,("file_exist %s\n", destname)); + error = 183; + continue; + } + + if (!sys_rename(fname,destname)) + count++; + DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); + } + CloseDir(dirptr); + } + } + + if (count == 0) { + if (exists) + return(ERROR(ERRDOS,error)); + else { + if((errno == ENOENT) && (bad_path1 || bad_path2)) { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } + return(UNIXERROR(ERRDOS,error)); + } + } + + return 0; } /**************************************************************************** Reply to a mv. ****************************************************************************/ -int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; pstring name; @@ -3416,7 +3308,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - outsize = rename_internals(inbuf, outbuf, name, newname, False); + outsize = rename_internals(conn, inbuf, outbuf, name, newname, False); if(outsize == 0) outsize = set_message(outbuf,0,0,True); @@ -3426,7 +3318,7 @@ int reply_mv(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /******************************************************************* copy a file as part of a reply_copy ******************************************************************/ -static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, +static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, int count,BOOL target_is_directory) { int Access,action; @@ -3450,7 +3342,7 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, fnum1 = find_free_file(); if (fnum1<0) return(False); - open_file_shared(fnum1,cnum,src,(DENY_NONE<<4), + open_file_shared(fnum1,conn,src,(DENY_NONE<<4), 1,0,0,&Access,&action); if (!Files[fnum1].open) { @@ -3466,7 +3358,7 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, close_file(fnum1,False); return(False); } - open_file_shared(fnum2,cnum,dest,(DENY_NONE<<4)|1, + open_file_shared(fnum2,conn,dest,(DENY_NONE<<4)|1, ofun,st.st_mode,0,&Access,&action); if (!Files[fnum2].open) { @@ -3494,11 +3386,10 @@ static BOOL copy_file(char *src,char *dest1,int cnum,int ofun, /**************************************************************************** reply to a file copy. ****************************************************************************/ -int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; pstring name; - int cnum; pstring directory; pstring mask,newname; char *p; @@ -3515,21 +3406,19 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) *directory = *mask = 0; - cnum = SVAL(inbuf,smb_tid); - pstrcpy(name,smb_buf(inbuf)); pstrcpy(newname,smb_buf(inbuf) + 1 + strlen(name)); DEBUG(3,("reply_copy : %s -> %s\n",name,newname)); - if (tid2 != cnum) { + if (tid2 != conn->cnum) { /* can't currently handle inter share copies XXXX */ DEBUG(3,("Rejecting inter-share copy\n")); return(ERROR(ERRSRV,ERRinvdevice)); } - unix_convert(name,cnum,0,&bad_path1); - unix_convert(newname,cnum,0,&bad_path2); + unix_convert(name,conn,0,&bad_path1); + unix_convert(newname,conn,0,&bad_path2); target_is_directory = directory_exist(newname,NULL); @@ -3566,7 +3455,7 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) pstrcat(directory,"/"); pstrcat(directory,mask); if (resolve_wildcards(directory,newname) && - copy_file(directory,newname,cnum,ofun, + copy_file(directory,newname,conn,ofun, count,target_is_directory)) count++; if (!count) exists = file_exist(directory,NULL); } else { @@ -3574,8 +3463,8 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) char *dname; pstring destname; - if (check_name(directory,cnum)) - dirptr = OpenDir(cnum, directory, True); + if (check_name(directory,conn)) + dirptr = OpenDir(conn, directory, True); if (dirptr) { @@ -3595,7 +3484,7 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); pstrcpy(destname,newname); if (resolve_wildcards(fname,destname) && - copy_file(directory,newname,cnum,ofun, + copy_file(directory,newname,conn,ofun, count,target_is_directory)) count++; DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname)); } @@ -3628,38 +3517,36 @@ int reply_copy(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a setdir ****************************************************************************/ -int reply_setdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum,snum; + int snum; int outsize = 0; BOOL ok = False; pstring newdir; - cnum = SVAL(inbuf,smb_tid); - - snum = Connections[cnum].service; + snum = SNUM(conn); if (!CAN_SETDIR(snum)) return(ERROR(ERRDOS,ERRnoaccess)); pstrcpy(newdir,smb_buf(inbuf) + 1); strlower(newdir); - if (strlen(newdir) == 0) - ok = True; - else - { - ok = directory_exist(newdir,NULL); - if (ok) - string_set(&Connections[cnum].connectpath,newdir); - } + if (strlen(newdir) == 0) { + ok = True; + } else { + ok = directory_exist(newdir,NULL); + if (ok) { + string_set(&conn->connectpath,newdir); + } + } if (!ok) - return(ERROR(ERRDOS,ERRbadpath)); + return(ERROR(ERRDOS,ERRbadpath)); outsize = set_message(outbuf,0,0,True); CVAL(outbuf,smb_reh) = CVAL(inbuf,smb_reh); - - DEBUG( 3, ( "setdir %s cnum=%d\n", newdir, cnum ) ); + + DEBUG(3,("setdir %s\n", newdir)); return(outsize); } @@ -3668,7 +3555,7 @@ int reply_setdir(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a lockingX request ****************************************************************************/ -int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) +int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { int fnum = GETFNUM(inbuf,smb_vwv2); unsigned char locktype = CVAL(inbuf,smb_vwv3); @@ -3679,15 +3566,12 @@ int reply_lockingX(char *inbuf,char *outbuf,int length,int bufsize) uint16 num_locks = SVAL(inbuf,smb_vwv7); uint32 count, offset; int32 lock_timeout = IVAL(inbuf,smb_vwv4); - int cnum; int i; char *data; uint32 ecode=0, dummy2; int eclass=0, dummy1; - cnum = SVAL(inbuf,smb_tid); - - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_ERROR(fnum); data = smb_buf(inbuf); @@ -3715,14 +3599,14 @@ no oplock granted on this file.\n", fnum)); } /* Remove the oplock flag from the sharemode. */ - lock_share_entry(fsp->cnum, dev, inode, &token); + lock_share_entry(fsp->conn, dev, inode, &token); if(remove_share_oplock( fnum, token)==False) { DEBUG(0,("reply_lockingX: failed to remove share oplock for fnum %d, \ dev = %x, inode = %x\n", fnum, dev, inode)); - unlock_share_entry(fsp->cnum, dev, inode, token); + unlock_share_entry(fsp->conn, dev, inode, token); } else { - unlock_share_entry(fsp->cnum, dev, inode, token); + unlock_share_entry(fsp->conn, dev, inode, token); /* Clear the granted flag and return. */ fsp->granted_oplock = False; @@ -3745,7 +3629,7 @@ dev = %x, inode = %x\n", for(i = 0; i < (int)num_ulocks; i++) { count = IVAL(data,SMB_LKLEN_OFFSET(i)); offset = IVAL(data,SMB_LKOFF_OFFSET(i)); - if(!do_unlock(fnum,cnum,count,offset,&eclass, &ecode)) + if(!do_unlock(fnum,conn,count,offset,&eclass, &ecode)) return ERROR(eclass,ecode); } @@ -3759,7 +3643,7 @@ dev = %x, inode = %x\n", for(i = 0; i < (int)num_locks; i++) { count = IVAL(data,SMB_LKLEN_OFFSET(i)); offset = IVAL(data,SMB_LKOFF_OFFSET(i)); - if(!do_lock(fnum,cnum,count,offset, ((locktype & 1) ? F_RDLCK : F_WRLCK), + if(!do_lock(fnum,conn,count,offset, ((locktype & 1) ? F_RDLCK : F_WRLCK), &eclass, &ecode)) #if 0 /* JRATEST - blocking lock code. */ if((ecode == ERRlock) && (lock_timeout != 0)) { @@ -3780,15 +3664,15 @@ dev = %x, inode = %x\n", for(; i >= 0; i--) { count = IVAL(data,SMB_LKLEN_OFFSET(i)); offset = IVAL(data,SMB_LKOFF_OFFSET(i)); - do_unlock(fnum,cnum,count,offset,&dummy1,&dummy2); + do_unlock(fnum,conn,count,offset,&dummy1,&dummy2); } return ERROR(eclass,ecode); } set_message(outbuf,2,0,True); - DEBUG( 3, ( "lockingX fnum=%d cnum=%d type=%d num_locks=%d num_ulocks=%d\n", - fnum, cnum, (unsigned int)locktype, num_locks, num_ulocks ) ); + DEBUG( 3, ( "lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", + fnum, (unsigned int)locktype, num_locks, num_ulocks ) ); chain_fnum = fnum; @@ -3799,9 +3683,9 @@ dev = %x, inode = %x\n", /**************************************************************************** reply to a SMBreadbmpx (read block multiplex) request ****************************************************************************/ -int reply_readbmpx(char *inbuf,char *outbuf,int length,int bufsize) +int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - int cnum,fnum; + int fnum; int nread = -1; int total_read; char *data; @@ -3817,10 +3701,9 @@ int reply_readbmpx(char *inbuf,char *outbuf,int length,int bufsize) outsize = set_message(outbuf,8,0,True); - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_READ(fnum); CHECK_ERROR(fnum); @@ -3837,7 +3720,7 @@ int reply_readbmpx(char *inbuf,char *outbuf,int length,int bufsize) tcount = maxcount; total_read = 0; - if (is_locked(fnum,cnum,maxcount,startpos, F_RDLCK)) + if (is_locked(fnum,conn,maxcount,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); do @@ -3871,19 +3754,18 @@ int reply_readbmpx(char *inbuf,char *outbuf,int length,int bufsize) /**************************************************************************** reply to a SMBwritebmpx (write block multiplex primary) request ****************************************************************************/ -int reply_writebmpx(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum,numtowrite,fnum; + int numtowrite,fnum; int nwritten = -1; int outsize = 0; uint32 startpos; int tcount, write_through, smb_doff; char *data; - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_WRITE(fnum); CHECK_ERROR(fnum); @@ -3899,14 +3781,14 @@ int reply_writebmpx(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) not an SMBwritebmpx - set this up now so we don't forget */ CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fnum,cnum,tcount,startpos,F_WRLCK)) + if (is_locked(fnum,conn,tcount,startpos,F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); seek_file(fnum,startpos); nwritten = write_file(fnum,data,numtowrite); - if(lp_syncalways(SNUM(cnum)) || write_through) - sync_file(cnum,fnum); + if(lp_syncalways(SNUM(conn)) || write_through) + sync_file(conn,fnum); if(nwritten < numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -3943,8 +3825,8 @@ int reply_writebmpx(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */ - DEBUG( 3, ( "writebmpx fnum=%d cnum=%d num=%d wrote=%d\n", - fnum, cnum, numtowrite, nwritten ) ); + DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n", + fnum, numtowrite, nwritten ) ); if (write_through && tcount==nwritten) { /* we need to send both a primary and a secondary response */ @@ -3964,9 +3846,9 @@ int reply_writebmpx(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a SMBwritebs (write block multiplex secondary) request ****************************************************************************/ -int reply_writebs(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum,numtowrite,fnum; + int numtowrite,fnum; int nwritten = -1; int outsize = 0; int32 startpos; @@ -3975,9 +3857,8 @@ int reply_writebs(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) write_bmpx_struct *wbms; BOOL send_response = False; - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_WRITE(fnum); tcount = SVAL(inbuf,smb_vwv1); @@ -4006,8 +3887,8 @@ int reply_writebs(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) seek_file(fnum,startpos); nwritten = write_file(fnum,data,numtowrite); - if(lp_syncalways(SNUM(cnum)) || write_through) - sync_file(cnum,fnum); + if(lp_syncalways(SNUM(conn)) || write_through) + sync_file(conn,fnum); if (nwritten < numtowrite) { @@ -4045,18 +3926,17 @@ int reply_writebs(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a SMBsetattrE ****************************************************************************/ -int reply_setattrE(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum,fnum; + int fnum; struct utimbuf unix_times; int outsize = 0; outsize = set_message(outbuf,0,0,True); - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_ERROR(fnum); /* Convert the DOS times into unix times. Ignore create @@ -4075,7 +3955,7 @@ int reply_setattrE(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /* Ignore request */ if( DEBUGLVL( 3 ) ) { - dbgtext( "reply_setattrE fnum=%d cnum=%d ", fnum, cnum ); + dbgtext( "reply_setattrE fnum=%d ", fnum); dbgtext( "ignoring zero request - not setting timestamps of 0\n" ); } return(outsize); @@ -4087,11 +3967,11 @@ int reply_setattrE(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) } /* Set the date on this file */ - if(file_utime(cnum, Files[fnum].name, &unix_times)) + if(file_utime(conn, Files[fnum].fsp_name, &unix_times)) return(ERROR(ERRDOS,ERRnoaccess)); - DEBUG( 3, ( "reply_setattrE fnum=%d cnum=%d actime=%d modtime=%d\n", - fnum, cnum, unix_times.actime, unix_times.modtime ) ); + DEBUG( 3, ( "reply_setattrE fnum=%d actime=%d modtime=%d\n", + fnum, (int)unix_times.actime, (int)unix_times.modtime ) ); return(outsize); } @@ -4100,31 +3980,30 @@ int reply_setattrE(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) /**************************************************************************** reply to a SMBgetattrE ****************************************************************************/ -int reply_getattrE(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int cnum,fnum; + int fnum; struct stat sbuf; int outsize = 0; int mode; outsize = set_message(outbuf,11,0,True); - cnum = SVAL(inbuf,smb_tid); fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,cnum); + CHECK_FNUM(fnum,conn); CHECK_ERROR(fnum); /* Do an fstat on this file */ if(fstat(Files[fnum].fd_ptr->fd, &sbuf)) return(UNIXERROR(ERRDOS,ERRnoaccess)); - mode = dos_mode(cnum,Files[fnum].name,&sbuf); + mode = dos_mode(conn,Files[fnum].fsp_name,&sbuf); /* Convert the times into dos times. Set create date to be last modify date as UNIX doesn't save this */ - put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(cnum)))); + put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn)))); put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime); put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime); if (mode & aDIR) @@ -4139,7 +4018,7 @@ int reply_getattrE(char *inbuf,char *outbuf, int dum_size, int dum_buffsize) } SSVAL(outbuf,smb_vwv10, mode); - DEBUG( 3, ( "reply_getattrE fnum=%d cnum=%d\n", fnum, cnum ) ); + DEBUG( 3, ( "reply_getattrE fnum=%d\n", fnum)); return(outsize); } -- cgit From e13aeea928dd89373cfaf3916c96f853c1227884 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 15 Aug 1998 01:19:26 +0000 Subject: configure: Changes for extra headers. configure.in: Source for header changes. client/clitar.c: Fixed isXXX macros & debugs for gcc pedantic compile. include/config.h.in: Added MEMSET, BZERO, MEMORY, RPCSVC_YPCLNT, STRINGS headers. include/includes.h: Headers for the above. include/smb.h: Made SIGNAL_CAST POSIX by default void (*)(int). lib/access.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/charset.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/debug.c: Fixed signal functs. lib/kanji.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/smbrun.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/util.c: Fixed isXXX macros & debugs for gcc pedantic compile. libsmb/namequery.c: Fixed isXXX macros & debugs for gcc pedantic compile. locking/shmem.c: Fixed isXXX macros & debugs for gcc pedantic compile. locking/shmem_sysv.c: Fixed error messages in sysV stuff. nmbd/asyncdns.c: Fixed signal functs. nmbd/nmbd.c: Fixed isXXX macros & debugs for gcc pedantic compile. passdb/passdb.c: Fixed isXXX macros & debugs for gcc pedantic compile. passdb/smbpassfile.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/chgpasswd.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/ipc.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/nttrans.c: Fixed fsp code path. smbd/password.c: fixed HAVE_YP_GET_DEFAULT_DOMAIN problem. smbd/printing.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/reply.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/server.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/trans2.c: Fixed core dump bug. smbd/uid.c: Fixed isXXX macros & debugs for gcc pedantic compile. Jeremy. (This used to be commit 1b9cbcd02e575dc0a95fa589f720df30a4acc46b) --- source3/smbd/reply.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 66d1dd2839..626d2e9617 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -327,7 +327,6 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt pstrcpy(smb_buf(outbuf),devicename); } else { char *fsname = FSTYPE_STRING; - char *p; set_message(outbuf,3,3,True); @@ -1565,7 +1564,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG( 2, ( "new file %s\n", fname ) ); DEBUG( 3, ( "mknew %s fd=%d fnum=%d dmode=%d umode=%o\n", - fname, fsp->fd_ptr->fd, fnum, createmode, unixmode ) ); + fname, fsp->fd_ptr->fd, fnum, createmode, (int)unixmode ) ); return(outsize); } @@ -1642,7 +1641,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG( 2, ( "created temp file %s\n", fname2 ) ); DEBUG( 3, ( "ctemp %s fd=%d fnum=%d dmode=%d umode=%o\n", - fname2, fsp->fd_ptr->fd, fnum, createmode, unixmode ) ); + fname2, fsp->fd_ptr->fd, fnum, createmode, (int)unixmode ) ); return(outsize); } @@ -2640,7 +2639,7 @@ int reply_printopen(connection_struct *conn, pstrcpy(s,smb_buf(inbuf)+1); p = s; while (*p) { - if (!(isalnum(*p) || strchr("._-",*p))) + if (!(isalnum((int)*p) || strchr("._-",*p))) *p = 'X'; p++; } -- cgit From 127655cc888ac40332d4e8e5b94aab03f5120aae Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 15 Aug 1998 07:27:34 +0000 Subject: this checkin gets rid of the global Files[] array and makes it local in files.c it should now be faily easy to expand the default MAX_OPEN_FILES to many thousands. (This used to be commit b088c804f98908eb02f05ab2f2e8a61691a0a582) --- source3/smbd/reply.c | 572 ++++++++++++++++++++++----------------------------- 1 file changed, 249 insertions(+), 323 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 626d2e9617..e9a25ea79a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -33,9 +33,8 @@ extern int Protocol; extern int DEBUGLEVEL; extern int max_send; extern int max_recv; -extern int chain_fnum; +extern files_struct *chain_fsp; extern char magic_char; -extern files_struct Files[]; extern BOOL case_sensitive; extern BOOL case_preserve; extern BOOL short_case_preserve; @@ -44,11 +43,6 @@ extern fstring global_myworkgroup; extern int Client; extern int global_oplock_break; -/* this macro should always be used to extract an fnum (smb_fid) from -a packet to ensure chaining works correctly */ -#define GETFNUM(buf,where) (chain_fnum!= -1?chain_fnum:SVAL(buf,where)) - - /**************************************************************************** report a possible attack via the password buffer overflow bug ****************************************************************************/ @@ -1232,7 +1226,6 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; - int fnum = -1; int outsize = 0; int fmode=0; int share_mode; @@ -1250,12 +1243,10 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstrcpy(fname,smb_buf(inbuf)+1); unix_convert(fname,conn,0,&bad_path); - fnum = find_free_file(); - if (fnum < 0) + fsp = find_free_file(); + if (!fsp) return(ERROR(ERRSRV,ERRnofids)); - fsp = &Files[fnum]; - if (!check_name(fname,conn)) { if((errno == ENOENT) && bad_path) @@ -1263,13 +1254,13 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - fsp->reserved = False; + file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } unixmode = unix_mode(conn,aARCH); - open_file_shared(fnum,conn,fname,share_mode,3,unixmode, + open_file_shared(fsp,conn,fname,share_mode,3,unixmode, oplock_request,&rmode,NULL); if (!fsp->open) @@ -1279,12 +1270,12 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - fsp->reserved = False; + file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { - close_file(fnum,False); + close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1294,12 +1285,12 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (fmode & aDIR) { DEBUG(3,("attempt to open a directory %s\n",fname)); - close_file(fnum,False); + close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } outsize = set_message(outbuf,7,0,True); - SSVAL(outbuf,smb_vwv0,fnum); + SSVAL(outbuf,smb_vwv0,fsp->fnum); SSVAL(outbuf,smb_vwv1,fmode); if(lp_dos_filetime_resolution(SNUM(conn)) ) put_dos_date3(outbuf,smb_vwv2,mtime & ~1); @@ -1324,7 +1315,6 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { pstring fname; - int fnum = -1; int smb_mode = SVAL(inbuf,smb_vwv3); int smb_attr = SVAL(inbuf,smb_vwv5); /* Breakout the oplock request bits so we can set the @@ -1354,12 +1344,10 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt pstrcpy(fname,smb_buf(inbuf)); unix_convert(fname,conn,0,&bad_path); - fnum = find_free_file(); - if (fnum < 0) + fsp = find_free_file(); + if (!fsp) return(ERROR(ERRSRV,ERRnofids)); - fsp = &Files[fnum]; - if (!check_name(fname,conn)) { if((errno == ENOENT) && bad_path) @@ -1367,13 +1355,13 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - fsp->reserved = False; + file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } unixmode = unix_mode(conn,smb_attr | aARCH); - open_file_shared(fnum,conn,fname,smb_mode,smb_ofun,unixmode, + open_file_shared(fsp,conn,fname,smb_mode,smb_ofun,unixmode, oplock_request, &rmode,&smb_action); if (!fsp->open) @@ -1383,12 +1371,12 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - fsp->reserved = False; + file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { - close_file(fnum,False); + close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1396,7 +1384,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt fmode = dos_mode(conn,fname,&sbuf); mtime = sbuf.st_mtime; if (fmode & aDIR) { - close_file(fnum,False); + close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1427,7 +1415,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } set_message(outbuf,15,0,True); - SSVAL(outbuf,smb_vwv2,fnum); + SSVAL(outbuf,smb_vwv2,fsp->fnum); SSVAL(outbuf,smb_vwv3,fmode); if(lp_dos_filetime_resolution(SNUM(conn)) ) put_dos_date3(outbuf,smb_vwv4,mtime & ~1); @@ -1437,7 +1425,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt SSVAL(outbuf,smb_vwv8,rmode); SSVAL(outbuf,smb_vwv11,smb_action); - chain_fnum = fnum; + chain_fsp = fsp; return chain_reply(inbuf,outbuf,length,bufsize); } @@ -1458,16 +1446,7 @@ int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length, /* in user level security we are supposed to close any files open by this user */ if ((vuser != 0) && (lp_security() != SEC_SHARE)) { - int i; - for (i=0;ivuid == vuid) && fsp->open) { - if(!fsp->is_directory) - close_file(i,False); - else - close_directory(i); - } - } + file_close_user(vuid); } invalidate_vuid(vuid); @@ -1487,7 +1466,6 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, { pstring fname; int com; - int fnum = -1; int outsize = 0; int createmode; mode_t unixmode; @@ -1509,12 +1487,10 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unixmode = unix_mode(conn,createmode); - fnum = find_free_file(); - if (fnum < 0) + fsp = find_free_file(); + if (!fsp) return(ERROR(ERRSRV,ERRnofids)); - fsp = &Files[fnum]; - if (!check_name(fname,conn)) { if((errno == ENOENT) && bad_path) @@ -1522,7 +1498,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - fsp->reserved = False; + file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1538,7 +1514,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } /* Open file in dos compatibility share mode. */ - open_file_shared(fnum,conn,fname,(DENY_FCB<<4)|0xF, ofun, unixmode, + open_file_shared(fsp,conn,fname,(DENY_FCB<<4)|0xF, ofun, unixmode, oplock_request, NULL, NULL); if (!fsp->open) @@ -1548,12 +1524,12 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - fsp->reserved = False; + file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } outsize = set_message(outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,fnum); + SSVAL(outbuf,smb_vwv0,fsp->fnum); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; @@ -1563,8 +1539,8 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; DEBUG( 2, ( "new file %s\n", fname ) ); - DEBUG( 3, ( "mknew %s fd=%d fnum=%d dmode=%d umode=%o\n", - fname, fsp->fd_ptr->fd, fnum, createmode, (int)unixmode ) ); + DEBUG( 3, ( "mknew %s fd=%d dmode=%d umode=%o\n", + fname, fsp->fd_ptr->fd, createmode, (int)unixmode ) ); return(outsize); } @@ -1577,7 +1553,6 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, { pstring fname; pstring fname2; - int fnum = -1; int outsize = 0; int createmode; mode_t unixmode; @@ -1592,12 +1567,10 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unixmode = unix_mode(conn,createmode); - fnum = find_free_file(); - if (fnum < 0) + fsp = find_free_file(); + if (fsp) return(ERROR(ERRSRV,ERRnofids)); - fsp = &Files[fnum]; - if (!check_name(fname,conn)) { if((errno == ENOENT) && bad_path) @@ -1605,7 +1578,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - fsp->reserved = False; + file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1613,7 +1586,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, /* Open file in dos compatibility share mode. */ /* We should fail if file exists. */ - open_file_shared(fnum,conn,fname2,(DENY_FCB<<4)|0xF, 0x10, unixmode, + open_file_shared(fsp,conn,fname2,(DENY_FCB<<4)|0xF, 0x10, unixmode, oplock_request, NULL, NULL); if (!fsp->open) @@ -1623,12 +1596,12 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - fsp->reserved = False; + file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } outsize = set_message(outbuf,1,2 + strlen(fname2),True); - SSVAL(outbuf,smb_vwv0,fnum); + SSVAL(outbuf,smb_vwv0,fsp->fnum); CVAL(smb_buf(outbuf),0) = 4; pstrcpy(smb_buf(outbuf) + 1,fname2); @@ -1640,8 +1613,8 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; DEBUG( 2, ( "created temp file %s\n", fname2 ) ); - DEBUG( 3, ( "ctemp %s fd=%d fnum=%d dmode=%d umode=%o\n", - fname2, fsp->fd_ptr->fd, fnum, createmode, (int)unixmode ) ); + DEBUG( 3, ( "ctemp %s fd=%d dmode=%d umode=%o\n", + fname2, fsp->fd_ptr->fd, createmode, (int)unixmode ) ); return(outsize); } @@ -1777,7 +1750,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size ****************************************************************************/ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int dum_buffsize) { - int maxcount,mincount,fnum; + int maxcount,mincount; int nread = 0; uint32 startpos; char *header = outbuf; @@ -1800,7 +1773,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s return -1; } - fnum = GETFNUM(inbuf,smb_vwv0); + fsp = GETFSP(inbuf,smb_vwv0); startpos = IVAL(inbuf,smb_vwv1); maxcount = SVAL(inbuf,smb_vwv3); @@ -1810,23 +1783,18 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s maxcount = MIN(65535,maxcount); maxcount = MAX(mincount,maxcount); - if (!FNUM_OK(fnum,conn) || !Files[fnum].can_read) - { - DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",fnum)); - _smb_setlen(header,0); - transfer_file(0,Client,0,header,4,0); - return(-1); - } - else - { - fsp = &Files[fnum]; - - fd = fsp->fd_ptr->fd; - fname = fsp->fsp_name; + if (!FNUM_OK(fsp,conn) || !fsp->can_read) { + DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",fsp->fnum)); + _smb_setlen(header,0); + transfer_file(0,Client,0,header,4,0); + return(-1); + } else { + fd = fsp->fd_ptr->fd; + fname = fsp->fsp_name; } - if (!is_locked(fnum,conn,maxcount,startpos, F_RDLCK)) + if (!is_locked(fsp,conn,maxcount,startpos, F_RDLCK)) { int size = fsp->size; int sizeneeded = startpos + maxcount; @@ -1846,7 +1814,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s nread = 0; DEBUG( 3, ( "readbraw fnum=%d start=%d max=%d min=%d nread=%d\n", - fnum, startpos, + fsp->fnum, startpos, maxcount, mincount, nread ) ); #if UNSAFE_READRAW @@ -1860,7 +1828,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s #endif if ((nread-predict) > 0) - seek_file(fnum,startpos + predict); + seek_file(fsp,startpos + predict); ret = transfer_file(fd,Client,nread-predict,header,4+predict, startpos+predict); @@ -1871,7 +1839,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s fname,startpos,nread,ret)); #else - ret = read_file(fnum,header+4,startpos,nread); + ret = read_file(fsp,header+4,startpos,nread); if (ret < mincount) ret = 0; _smb_setlen(header,ret); @@ -1888,19 +1856,17 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s ****************************************************************************/ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsiz) { - int fnum; int nread = -1; char *data; int outsize = 0; uint32 startpos, numtoread; int eclass; uint32 ecode; - - fnum = GETFNUM(inbuf,smb_vwv0); + files_struct *fsp = GETFSP(inbuf,smb_vwv0); - CHECK_FNUM(fnum,conn); - CHECK_READ(fnum); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_READ(fsp); + CHECK_ERROR(fsp); numtoread = SVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv2); @@ -1909,10 +1875,10 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int dum_si numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; - if(!do_lock( fnum, conn, numtoread, startpos, F_RDLCK, &eclass, &ecode)) + if(!do_lock( fsp, conn, numtoread, startpos, F_RDLCK, &eclass, &ecode)) return (ERROR(eclass,ecode)); - nread = read_file(fnum,data,startpos,numtoread); + nread = read_file(fsp,data,startpos,numtoread); if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -1923,7 +1889,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int dum_si SSVAL(smb_buf(outbuf),1,nread); DEBUG( 3, ( "lockread fnum=%d num=%d nread=%d\n", - fnum, numtoread, nread ) ); + fsp->fnum, numtoread, nread ) ); return(outsize); } @@ -1934,17 +1900,16 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int dum_si ****************************************************************************/ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int numtoread,fnum; + int numtoread; int nread = 0; char *data; uint32 startpos; int outsize = 0; - - fnum = GETFNUM(inbuf,smb_vwv0); + files_struct *fsp = GETFSP(inbuf,smb_vwv0); - CHECK_FNUM(fnum,conn); - CHECK_READ(fnum); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_READ(fsp); + CHECK_ERROR(fsp); numtoread = SVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv2); @@ -1953,11 +1918,11 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; - if (is_locked(fnum,conn,numtoread,startpos, F_RDLCK)) + if (is_locked(fsp,conn,numtoread,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); if (numtoread > 0) - nread = read_file(fnum,data,startpos,numtoread); + nread = read_file(fsp,data,startpos,numtoread); if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -1969,7 +1934,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SSVAL(smb_buf(outbuf),1,nread); DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n", - fnum, numtoread, nread ) ); + fsp->fnum, numtoread, nread ) ); return(outsize); } @@ -1980,7 +1945,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, ****************************************************************************/ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - int fnum = GETFNUM(inbuf,smb_vwv2); + files_struct *fsp = GETFSP(inbuf,smb_vwv2); uint32 smb_offs = IVAL(inbuf,smb_vwv3); int smb_maxcnt = SVAL(inbuf,smb_vwv5); int smb_mincnt = SVAL(inbuf,smb_vwv6); @@ -1992,16 +1957,16 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (IS_IPC(conn)) return reply_pipe_read_and_X(inbuf,outbuf,length,bufsize); - CHECK_FNUM(fnum,conn); - CHECK_READ(fnum); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_READ(fsp); + CHECK_ERROR(fsp); set_message(outbuf,12,0,True); data = smb_buf(outbuf); - if (is_locked(fnum,conn,smb_maxcnt,smb_offs, F_RDLCK)) + if (is_locked(fsp,conn,smb_maxcnt,smb_offs, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); - nread = read_file(fnum,data,smb_offs,smb_maxcnt); + nread = read_file(fsp,data,smb_offs,smb_maxcnt); ok = True; if (nread < 0) @@ -2012,9 +1977,9 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt SSVAL(smb_buf(outbuf),-2,nread); DEBUG( 3, ( "readX fnum=%d min=%d max=%d nread=%d\n", - fnum, smb_mincnt, smb_maxcnt, nread ) ); + fsp->fnum, smb_mincnt, smb_maxcnt, nread ) ); - chain_fnum = fnum; + chain_fsp = fsp; return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2028,18 +1993,16 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s int nwritten=0; int total_written=0; int numtowrite=0; - int fnum; int outsize = 0; long startpos; char *data=NULL; BOOL write_through; int tcount; + files_struct *fsp = GETFSP(inbuf,smb_vwv0); - fnum = GETFNUM(inbuf,smb_vwv0); - - CHECK_FNUM(fnum,conn); - CHECK_WRITE(fnum); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); + CHECK_ERROR(fsp); tcount = IVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv3); @@ -2059,17 +2022,17 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s CVAL(inbuf,smb_com) = SMBwritec; CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fnum,conn,tcount,startpos, F_WRLCK)) + if (is_locked(fsp,conn,tcount,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - if (seek_file(fnum,startpos) != startpos) + if (seek_file(fsp,startpos) != startpos) DEBUG(0,("couldn't seek to %ld in writebraw\n",startpos)); if (numtowrite>0) - nwritten = write_file(fnum,data,numtowrite); + nwritten = write_file(fsp,data,numtowrite); DEBUG(3,("writebraw1 fnum=%d start=%ld num=%d wrote=%d sync=%d\n", - fnum, startpos, numtowrite, nwritten, write_through)); + fsp->fnum, startpos, numtowrite, nwritten, write_through)); if (nwritten < numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -2097,7 +2060,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s tcount,nwritten,numtowrite)); } - nwritten = transfer_file(Client,Files[fnum].fd_ptr->fd,numtowrite,NULL,0, + nwritten = transfer_file(Client,fsp->fd_ptr->fd,numtowrite,NULL,0, startpos+nwritten); total_written += nwritten; @@ -2112,10 +2075,10 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s } if (lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fnum); + sync_file(conn,fsp); DEBUG(3,("writebraw2 fnum=%d start=%ld num=%d wrote=%d\n", - fnum, startpos, numtowrite, total_written)); + fsp->fnum, startpos, numtowrite, total_written)); /* we won't return a status if write through is not selected - this follows what WfWg does */ @@ -2131,28 +2094,26 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s ****************************************************************************/ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int fnum; int nwritten = -1; int outsize = 0; char *data; uint32 numtowrite,startpos; int eclass; uint32 ecode; - - fnum = GETFNUM(inbuf,smb_vwv0); + files_struct *fsp = GETFSP(inbuf,smb_vwv0); - CHECK_FNUM(fnum,conn); - CHECK_WRITE(fnum); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); + CHECK_ERROR(fsp); numtowrite = SVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fnum,conn,numtowrite,startpos, F_WRLCK)) + if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - seek_file(fnum,startpos); + seek_file(fsp,startpos); /* The special X/Open SMB protocol handling of zero length writes is *NOT* done for @@ -2160,15 +2121,15 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum if(numtowrite == 0) nwritten = 0; else - nwritten = write_file(fnum,data,numtowrite); + nwritten = write_file(fsp,data,numtowrite); if (lp_syncalways(SNUM(conn))) - sync_file(conn,fnum); + sync_file(conn,fsp); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); - if(!do_unlock(fnum, conn, numtowrite, startpos, &eclass, &ecode)) + if(!do_unlock(fsp, conn, numtowrite, startpos, &eclass, &ecode)) return(ERROR(eclass,ecode)); outsize = set_message(outbuf,1,0,True); @@ -2176,7 +2137,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum SSVAL(outbuf,smb_vwv0,nwritten); DEBUG( 3, ( "writeunlock fnum=%d num=%d wrote=%d\n", - fnum, numtowrite, nwritten ) ); + fsp->fnum, numtowrite, nwritten ) ); return(outsize); } @@ -2187,37 +2148,36 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum ****************************************************************************/ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,int dum_buffsize) { - int numtowrite,fnum; + int numtowrite; int nwritten = -1; int outsize = 0; int startpos; char *data; + files_struct *fsp = GETFSP(inbuf,smb_vwv0); - fnum = GETFNUM(inbuf,smb_vwv0); - - CHECK_FNUM(fnum,conn); - CHECK_WRITE(fnum); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); + CHECK_ERROR(fsp); numtowrite = SVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fnum,conn,numtowrite,startpos, F_WRLCK)) + if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - seek_file(fnum,startpos); + seek_file(fsp,startpos); /* X/Open SMB protocol says that if smb_vwv1 is zero then the file size should be extended or truncated to the size given in smb_vwv[2-3] */ if(numtowrite == 0) - nwritten = set_filelen(Files[fnum].fd_ptr->fd, startpos); + nwritten = set_filelen(fsp->fd_ptr->fd, startpos); else - nwritten = write_file(fnum,data,numtowrite); + nwritten = write_file(fsp,data,numtowrite); if (lp_syncalways(SNUM(conn))) - sync_file(conn,fnum); + sync_file(conn,fsp); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2232,7 +2192,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i } DEBUG(3,("write fnum=%d num=%d wrote=%d\n", - fnum, numtowrite, nwritten)); + fsp->fnum, numtowrite, nwritten)); return(outsize); } @@ -2243,7 +2203,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i ****************************************************************************/ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - int fnum = GETFNUM(inbuf,smb_vwv2); + files_struct *fsp = GETFSP(inbuf,smb_vwv2); uint32 smb_offs = IVAL(inbuf,smb_vwv3); int smb_dsize = SVAL(inbuf,smb_vwv10); int smb_doff = SVAL(inbuf,smb_vwv11); @@ -2251,16 +2211,16 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng int nwritten = -1; char *data; - CHECK_FNUM(fnum,conn); - CHECK_WRITE(fnum); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); + CHECK_ERROR(fsp); data = smb_base(inbuf) + smb_doff; - if (is_locked(fnum,conn,smb_dsize,smb_offs, F_WRLCK)) + if (is_locked(fsp,conn,smb_dsize,smb_offs, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - seek_file(fnum,smb_offs); + seek_file(fsp,smb_offs); /* X/Open SMB protocol says that, unlike SMBwrite if the length is zero then NO truncation is @@ -2269,7 +2229,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng if(smb_dsize == 0) nwritten = 0; else - nwritten = write_file(fnum,data,smb_dsize); + nwritten = write_file(fsp,data,smb_dsize); if(((nwritten == 0) && (smb_dsize != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2284,12 +2244,12 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng } DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n", - fnum, smb_dsize, nwritten)); + fsp->fnum, smb_dsize, nwritten)); - chain_fnum = fnum; + chain_fsp = fsp; if (lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fnum); + sync_file(conn,fsp); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2300,17 +2260,14 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng ****************************************************************************/ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int fnum; uint32 startpos; int32 res= -1; int mode,umode; int outsize = 0; - files_struct *fsp; - - fnum = GETFNUM(inbuf,smb_vwv0); + files_struct *fsp = GETFSP(inbuf,smb_vwv0); - CHECK_FNUM(fnum,conn); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_ERROR(fsp); mode = SVAL(inbuf,smb_vwv1) & 3; startpos = IVAL(inbuf,smb_vwv2); @@ -2324,8 +2281,6 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, umode = SEEK_SET; break; } - fsp = &Files[fnum]; - res = lseek(fsp->fd_ptr->fd,startpos,umode); fsp->pos = res; @@ -2333,7 +2288,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SIVALS(outbuf,smb_vwv0,res); DEBUG(3,("lseek fnum=%d ofs=%d mode=%d\n", - fnum, startpos, mode)); + fsp->fnum, startpos, mode)); return(outsize); } @@ -2344,28 +2299,21 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, ****************************************************************************/ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int fnum; int outsize = set_message(outbuf,0,0,True); + files_struct *fsp = GETFSP(inbuf,smb_vwv0); - fnum = GETFNUM(inbuf,smb_vwv0); - - if (fnum != 0xFFFF) { - CHECK_FNUM(fnum,conn); - CHECK_ERROR(fnum); + if (fsp) { + CHECK_FSP(fsp,conn); + CHECK_ERROR(fsp); } - if (fnum == 0xFFFF) { - int i; - for (i=0;iopen && fsp->is_directory)) + CHECK_FSP(fsp,conn); - fsp = &Files[fnum]; - - if(HAS_CACHED_ERROR(fnum)) { + if(HAS_CACHED_ERROR(fsp)) { eclass = fsp->wbmpx_ptr->wr_errclass; err = fsp->wbmpx_ptr->wr_error; } @@ -2423,8 +2368,8 @@ int reply_close(connection_struct *conn, * Special case - close NT SMB directory * handle. */ - DEBUG(3,("close directory fnum=%d\n", fnum)); - close_directory(fnum); + DEBUG(3,("close directory fnum=%d\n", fsp->fnum)); + close_directory(fsp); } else { /* * Close ordinary file. @@ -2435,10 +2380,10 @@ int reply_close(connection_struct *conn, set_filetime(conn, fsp->fsp_name,mtime); DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n", - fsp->fd_ptr->fd, fnum, + fsp->fd_ptr->fd, fsp->fnum, conn->num_files_open)); - close_file(fnum,True); + close_file(fsp,True); } /* We have a cached error */ @@ -2455,37 +2400,36 @@ int reply_close(connection_struct *conn, int reply_writeclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int numtowrite,fnum; + int numtowrite; int nwritten = -1; int outsize = 0; int startpos; char *data; time_t mtime; - - fnum = GETFNUM(inbuf,smb_vwv0); + files_struct *fsp = GETFSP(inbuf,smb_vwv0); - CHECK_FNUM(fnum,conn); - CHECK_WRITE(fnum); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); + CHECK_ERROR(fsp); numtowrite = SVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv2); mtime = make_unix_date3(inbuf+smb_vwv4); data = smb_buf(inbuf) + 1; - if (is_locked(fnum,conn,numtowrite,startpos, F_WRLCK)) + if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - seek_file(fnum,startpos); + seek_file(fsp,startpos); - nwritten = write_file(fnum,data,numtowrite); + nwritten = write_file(fsp,data,numtowrite); - set_filetime(conn, Files[fnum].fsp_name,mtime); + set_filetime(conn, fsp->fsp_name,mtime); - close_file(fnum,True); + close_file(fsp,True); DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n", - fnum, numtowrite, nwritten, + fsp->fnum, numtowrite, nwritten, conn->num_files_open)); if (nwritten <= 0) @@ -2504,24 +2448,22 @@ int reply_writeclose(connection_struct *conn, int reply_lock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int fnum; int outsize = set_message(outbuf,0,0,True); uint32 count,offset; int eclass; uint32 ecode; + files_struct *fsp = GETFSP(inbuf,smb_vwv0); - fnum = GETFNUM(inbuf,smb_vwv0); - - CHECK_FNUM(fnum,conn); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_ERROR(fsp); count = IVAL(inbuf,smb_vwv1); offset = IVAL(inbuf,smb_vwv3); DEBUG(3,("lock fd=%d fnum=%d ofs=%d cnt=%d\n", - Files[fnum].fd_ptr->fd, fnum, offset, count)); + fsp->fd_ptr->fd, fsp->fnum, offset, count)); - if (!do_lock(fnum, conn, count, offset, F_WRLCK, &eclass, &ecode)) + if (!do_lock(fsp, conn, count, offset, F_WRLCK, &eclass, &ecode)) return (ERROR(eclass,ecode)); return(outsize); @@ -2533,25 +2475,23 @@ int reply_lock(connection_struct *conn, ****************************************************************************/ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int fnum; int outsize = set_message(outbuf,0,0,True); uint32 count,offset; int eclass; uint32 ecode; - - fnum = GETFNUM(inbuf,smb_vwv0); + files_struct *fsp = GETFSP(inbuf,smb_vwv0); - CHECK_FNUM(fnum,conn); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_ERROR(fsp); count = IVAL(inbuf,smb_vwv1); offset = IVAL(inbuf,smb_vwv3); - if(!do_unlock(fnum, conn, count, offset, &eclass, &ecode)) + if(!do_unlock(fsp, conn, count, offset, &eclass, &ecode)) return (ERROR(eclass,ecode)); DEBUG( 3, ( "unlock fd=%d fnum=%d ofs=%d cnt=%d\n", - Files[fnum].fd_ptr->fd, fnum, offset, count ) ); + fsp->fd_ptr->fd, fsp->fnum, offset, count ) ); return(outsize); } @@ -2624,7 +2564,6 @@ int reply_printopen(connection_struct *conn, { pstring fname; pstring fname2; - int fnum = -1; int outsize = 0; files_struct *fsp; @@ -2649,26 +2588,24 @@ int reply_printopen(connection_struct *conn, slprintf(fname,sizeof(fname)-1, "%s.XXXXXX",s); } - fnum = find_free_file(); - if (fnum < 0) + fsp = find_free_file(); + if (!fsp) return(ERROR(ERRSRV,ERRnofids)); - - fsp = &Files[fnum]; pstrcpy(fname2,(char *)mktemp(fname)); if (!check_name(fname2,conn)) { - fsp->reserved = False; + file_free(fsp); return(ERROR(ERRDOS,ERRnoaccess)); } /* Open for exclusive use, write only. */ - open_file_shared(fnum,conn,fname2, + open_file_shared(fsp,conn,fname2, (DENY_ALL<<4)|1, 0x12, unix_mode(conn,0), 0, NULL, NULL); if (!fsp->open) { - fsp->reserved = False; + file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -2676,10 +2613,10 @@ int reply_printopen(connection_struct *conn, fsp->print_file = True; outsize = set_message(outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,fnum); + SSVAL(outbuf,smb_vwv0,fsp->fnum); DEBUG(3,("openprint %s fd=%d fnum=%d\n", - fname2, fsp->fd_ptr->fd, fnum)); + fname2, fsp->fd_ptr->fd, fsp->fnum)); return(outsize); } @@ -2691,21 +2628,19 @@ int reply_printopen(connection_struct *conn, int reply_printclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int fnum; int outsize = set_message(outbuf,0,0,True); - - fnum = GETFNUM(inbuf,smb_vwv0); + files_struct *fsp = GETFSP(inbuf,smb_vwv0); - CHECK_FNUM(fnum,conn); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_ERROR(fsp); if (!CAN_PRINT(conn)) return(ERROR(ERRDOS,ERRnoaccess)); DEBUG(3,("printclose fd=%d fnum=%d\n", - Files[fnum].fd_ptr->fd,fnum)); + fsp->fd_ptr->fd,fsp->fnum)); - close_file(fnum,True); + close_file(fsp,True); return(outsize); } @@ -2786,26 +2721,25 @@ int reply_printqueue(connection_struct *conn, ****************************************************************************/ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int numtowrite,fnum; + int numtowrite; int outsize = set_message(outbuf,0,0,True); char *data; + files_struct *fsp = GETFSP(inbuf,smb_vwv0); if (!CAN_PRINT(conn)) return(ERROR(ERRDOS,ERRnoaccess)); - fnum = GETFNUM(inbuf,smb_vwv0); - - CHECK_FNUM(fnum,conn); - CHECK_WRITE(fnum); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); + CHECK_ERROR(fsp); numtowrite = SVAL(smb_buf(inbuf),1); data = smb_buf(inbuf) + 3; - if (write_file(fnum,data,numtowrite) != numtowrite) + if (write_file(fsp,data,numtowrite) != numtowrite) return(UNIXERROR(ERRDOS,ERRnoaccess)); - DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fnum, numtowrite ) ); + DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) ); return(outsize); } @@ -3323,7 +3257,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, int Access,action; struct stat st; int ret=0; - int fnum1,fnum2; + files_struct *fsp1,*fsp2; pstring dest; pstrcpy(dest,dest1); @@ -3339,43 +3273,43 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, if (!file_exist(src,&st)) return(False); - fnum1 = find_free_file(); - if (fnum1<0) return(False); - open_file_shared(fnum1,conn,src,(DENY_NONE<<4), + fsp1 = find_free_file(); + if (!fsp1) return(False); + open_file_shared(fsp1,conn,src,(DENY_NONE<<4), 1,0,0,&Access,&action); - if (!Files[fnum1].open) { - Files[fnum1].reserved = False; + if (!fsp1->open) { + fsp1->reserved = False; return(False); } if (!target_is_directory && count) ofun = 1; - fnum2 = find_free_file(); - if (fnum2<0) { - close_file(fnum1,False); - return(False); + fsp2 = find_free_file(); + if (!fsp2) { + close_file(fsp1,False); + return(False); } - open_file_shared(fnum2,conn,dest,(DENY_NONE<<4)|1, + open_file_shared(fsp2,conn,dest,(DENY_NONE<<4)|1, ofun,st.st_mode,0,&Access,&action); - if (!Files[fnum2].open) { - close_file(fnum1,False); - Files[fnum2].reserved = False; + if (!fsp2->open) { + close_file(fsp1,False); + fsp2->reserved = False; return(False); } if ((ofun&3) == 1) { - lseek(Files[fnum2].fd_ptr->fd,0,SEEK_END); + lseek(fsp2->fd_ptr->fd,0,SEEK_END); } if (st.st_size) - ret = transfer_file(Files[fnum1].fd_ptr->fd, - Files[fnum2].fd_ptr->fd,st.st_size,NULL,0,0); + ret = transfer_file(fsp1->fd_ptr->fd, + fsp2->fd_ptr->fd,st.st_size,NULL,0,0); - close_file(fnum1,False); - close_file(fnum2,False); + close_file(fsp1,False); + close_file(fsp2,False); return(ret == st.st_size); } @@ -3556,7 +3490,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size ****************************************************************************/ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - int fnum = GETFNUM(inbuf,smb_vwv2); + files_struct *fsp = GETFSP(inbuf,smb_vwv2); unsigned char locktype = CVAL(inbuf,smb_vwv3); #if 0 unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1); @@ -3570,8 +3504,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, uint32 ecode=0, dummy2; int eclass=0, dummy1; - CHECK_FNUM(fnum,conn); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_ERROR(fsp); data = smb_buf(inbuf); @@ -3581,28 +3515,27 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) { int token; - files_struct *fsp = &Files[fnum]; uint32 dev = fsp->fd_ptr->dev; uint32 inode = fsp->fd_ptr->inode; DEBUG(5,("reply_lockingX: oplock break reply from client for fnum = %d\n", - fnum)); + fsp->fnum)); /* * Make sure we have granted an oplock on this file. */ if(!fsp->granted_oplock) { DEBUG(0,("reply_lockingX: Error : oplock break from client for fnum = %d and \ -no oplock granted on this file.\n", fnum)); +no oplock granted on this file.\n", fsp->fnum)); return ERROR(ERRDOS,ERRlock); } /* Remove the oplock flag from the sharemode. */ lock_share_entry(fsp->conn, dev, inode, &token); - if(remove_share_oplock( fnum, token)==False) { + if(remove_share_oplock(fsp, token)==False) { DEBUG(0,("reply_lockingX: failed to remove share oplock for fnum %d, \ dev = %x, inode = %x\n", - fnum, dev, inode)); + fsp->fnum, dev, inode)); unlock_share_entry(fsp->conn, dev, inode, token); } else { unlock_share_entry(fsp->conn, dev, inode, token); @@ -3628,7 +3561,7 @@ dev = %x, inode = %x\n", for(i = 0; i < (int)num_ulocks; i++) { count = IVAL(data,SMB_LKLEN_OFFSET(i)); offset = IVAL(data,SMB_LKOFF_OFFSET(i)); - if(!do_unlock(fnum,conn,count,offset,&eclass, &ecode)) + if(!do_unlock(fsp,conn,count,offset,&eclass, &ecode)) return ERROR(eclass,ecode); } @@ -3642,7 +3575,7 @@ dev = %x, inode = %x\n", for(i = 0; i < (int)num_locks; i++) { count = IVAL(data,SMB_LKLEN_OFFSET(i)); offset = IVAL(data,SMB_LKOFF_OFFSET(i)); - if(!do_lock(fnum,conn,count,offset, ((locktype & 1) ? F_RDLCK : F_WRLCK), + if(!do_lock(fsp,conn,count,offset, ((locktype & 1) ? F_RDLCK : F_WRLCK), &eclass, &ecode)) #if 0 /* JRATEST - blocking lock code. */ if((ecode == ERRlock) && (lock_timeout != 0)) { @@ -3663,7 +3596,7 @@ dev = %x, inode = %x\n", for(; i >= 0; i--) { count = IVAL(data,SMB_LKLEN_OFFSET(i)); offset = IVAL(data,SMB_LKOFF_OFFSET(i)); - do_unlock(fnum,conn,count,offset,&dummy1,&dummy2); + do_unlock(fsp,conn,count,offset,&dummy1,&dummy2); } return ERROR(eclass,ecode); } @@ -3671,9 +3604,9 @@ dev = %x, inode = %x\n", set_message(outbuf,2,0,True); DEBUG( 3, ( "lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", - fnum, (unsigned int)locktype, num_locks, num_ulocks ) ); + fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks ) ); - chain_fnum = fnum; + chain_fsp = fsp; return chain_reply(inbuf,outbuf,length,bufsize); } @@ -3684,7 +3617,6 @@ dev = %x, inode = %x\n", ****************************************************************************/ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - int fnum; int nread = -1; int total_read; char *data; @@ -3693,6 +3625,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, int max_per_packet; int tcount; int pad; + files_struct *fsp = GETFSP(inbuf,smb_vwv0); /* this function doesn't seem to work - disable by default */ if (!lp_readbmpx()) @@ -3700,11 +3633,9 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, outsize = set_message(outbuf,8,0,True); - fnum = GETFNUM(inbuf,smb_vwv0); - - CHECK_FNUM(fnum,conn); - CHECK_READ(fnum); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_READ(fsp); + CHECK_ERROR(fsp); startpos = IVAL(inbuf,smb_vwv1); maxcount = SVAL(inbuf,smb_vwv3); @@ -3719,14 +3650,14 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, tcount = maxcount; total_read = 0; - if (is_locked(fnum,conn,maxcount,startpos, F_RDLCK)) + if (is_locked(fsp,conn,maxcount,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); do { int N = MIN(max_per_packet,tcount-total_read); - nread = read_file(fnum,data,startpos,N); + nread = read_file(fsp,data,startpos,N); if (nread <= 0) nread = 0; @@ -3755,18 +3686,17 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, ****************************************************************************/ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int numtowrite,fnum; + int numtowrite; int nwritten = -1; int outsize = 0; uint32 startpos; int tcount, write_through, smb_doff; char *data; - - fnum = GETFNUM(inbuf,smb_vwv0); + files_struct *fsp = GETFSP(inbuf,smb_vwv0); - CHECK_FNUM(fnum,conn); - CHECK_WRITE(fnum); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); + CHECK_ERROR(fsp); tcount = SVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv3); @@ -3780,14 +3710,14 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s not an SMBwritebmpx - set this up now so we don't forget */ CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fnum,conn,tcount,startpos,F_WRLCK)) + if (is_locked(fsp,conn,tcount,startpos,F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - seek_file(fnum,startpos); - nwritten = write_file(fnum,data,numtowrite); + seek_file(fsp,startpos); + nwritten = write_file(fsp,data,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fnum); + sync_file(conn,fsp); if(nwritten < numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -3799,8 +3729,8 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s if(tcount > nwritten) { write_bmpx_struct *wbms; - if(Files[fnum].wbmpx_ptr != NULL) - wbms = Files[fnum].wbmpx_ptr; /* Use an existing struct */ + if(fsp->wbmpx_ptr != NULL) + wbms = fsp->wbmpx_ptr; /* Use an existing struct */ else wbms = (write_bmpx_struct *)malloc(sizeof(write_bmpx_struct)); if(!wbms) @@ -3813,7 +3743,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s wbms->wr_total_written = nwritten; wbms->wr_errclass = 0; wbms->wr_error = 0; - Files[fnum].wbmpx_ptr = wbms; + fsp->wbmpx_ptr = wbms; } /* We are returning successfully, set the message type back to @@ -3825,7 +3755,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */ DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n", - fnum, numtowrite, nwritten ) ); + fsp->fnum, numtowrite, nwritten ) ); if (write_through && tcount==nwritten) { /* we need to send both a primary and a secondary response */ @@ -3847,18 +3777,18 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s ****************************************************************************/ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int numtowrite,fnum; + int numtowrite; int nwritten = -1; int outsize = 0; int32 startpos; int tcount, write_through, smb_doff; char *data; write_bmpx_struct *wbms; - BOOL send_response = False; - - fnum = GETFNUM(inbuf,smb_vwv0); - CHECK_FNUM(fnum,conn); - CHECK_WRITE(fnum); + BOOL send_response = False; + files_struct *fsp = GETFSP(inbuf,smb_vwv0); + + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); tcount = SVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv2); @@ -3872,7 +3802,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz /* This fd should have an auxiliary struct attached, check that it does */ - wbms = Files[fnum].wbmpx_ptr; + wbms = fsp->wbmpx_ptr; if(!wbms) return(-1); /* If write through is set we can return errors, else we must @@ -3883,18 +3813,18 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz if(wbms->wr_discard) return -1; /* Just discard the packet */ - seek_file(fnum,startpos); - nwritten = write_file(fnum,data,numtowrite); + seek_file(fsp,startpos); + nwritten = write_file(fsp,data,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fnum); + sync_file(conn,fsp); if (nwritten < numtowrite) { if(write_through) { /* We are returning an error - we can delete the aux struct */ if (wbms) free((char *)wbms); - Files[fnum].wbmpx_ptr = NULL; + fsp->wbmpx_ptr = NULL; return(ERROR(ERRHRD,ERRdiskfull)); } return(CACHE_ERROR(wbms,ERRHRD,ERRdiskfull)); @@ -3912,7 +3842,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz } free((char *)wbms); - Files[fnum].wbmpx_ptr = NULL; + fsp->wbmpx_ptr = NULL; } if(send_response) @@ -3927,16 +3857,14 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz ****************************************************************************/ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int fnum; struct utimbuf unix_times; int outsize = 0; + files_struct *fsp = GETFSP(inbuf,smb_vwv0); outsize = set_message(outbuf,0,0,True); - fnum = GETFNUM(inbuf,smb_vwv0); - - CHECK_FNUM(fnum,conn); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_ERROR(fsp); /* Convert the DOS times into unix times. Ignore create time as UNIX can't set this. @@ -3954,7 +3882,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si /* Ignore request */ if( DEBUGLVL( 3 ) ) { - dbgtext( "reply_setattrE fnum=%d ", fnum); + dbgtext( "reply_setattrE fnum=%d ", fsp->fnum); dbgtext( "ignoring zero request - not setting timestamps of 0\n" ); } return(outsize); @@ -3966,11 +3894,11 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si } /* Set the date on this file */ - if(file_utime(conn, Files[fnum].fsp_name, &unix_times)) + if(file_utime(conn, fsp->fsp_name, &unix_times)) return(ERROR(ERRDOS,ERRnoaccess)); DEBUG( 3, ( "reply_setattrE fnum=%d actime=%d modtime=%d\n", - fnum, (int)unix_times.actime, (int)unix_times.modtime ) ); + fsp->fnum, (int)unix_times.actime, (int)unix_times.modtime ) ); return(outsize); } @@ -3981,23 +3909,21 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si ****************************************************************************/ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int fnum; struct stat sbuf; int outsize = 0; int mode; + files_struct *fsp = GETFSP(inbuf,smb_vwv0); outsize = set_message(outbuf,11,0,True); - fnum = GETFNUM(inbuf,smb_vwv0); - - CHECK_FNUM(fnum,conn); - CHECK_ERROR(fnum); + CHECK_FSP(fsp,conn); + CHECK_ERROR(fsp); /* Do an fstat on this file */ - if(fstat(Files[fnum].fd_ptr->fd, &sbuf)) + if(fstat(fsp->fd_ptr->fd, &sbuf)) return(UNIXERROR(ERRDOS,ERRnoaccess)); - mode = dos_mode(conn,Files[fnum].fsp_name,&sbuf); + mode = dos_mode(conn,fsp->fsp_name,&sbuf); /* Convert the times into dos times. Set create date to be last modify date as UNIX doesn't save @@ -4017,7 +3943,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si } SSVAL(outbuf,smb_vwv10, mode); - DEBUG( 3, ( "reply_getattrE fnum=%d\n", fnum)); + DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum)); return(outsize); } -- cgit From 6a6e8958ad86d61395d9ad47a0c2bef732d07b13 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 16 Aug 1998 02:32:55 +0000 Subject: changed find_free_file() to file_new(). (This used to be commit 3daee29636dcb2d99a0e7c08179a098befae00dc) --- source3/smbd/reply.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e9a25ea79a..340602d3a5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1243,7 +1243,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstrcpy(fname,smb_buf(inbuf)+1); unix_convert(fname,conn,0,&bad_path); - fsp = find_free_file(); + fsp = file_new(); if (!fsp) return(ERROR(ERRSRV,ERRnofids)); @@ -1344,7 +1344,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt pstrcpy(fname,smb_buf(inbuf)); unix_convert(fname,conn,0,&bad_path); - fsp = find_free_file(); + fsp = file_new(); if (!fsp) return(ERROR(ERRSRV,ERRnofids)); @@ -1487,7 +1487,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unixmode = unix_mode(conn,createmode); - fsp = find_free_file(); + fsp = file_new(); if (!fsp) return(ERROR(ERRSRV,ERRnofids)); @@ -1567,7 +1567,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unixmode = unix_mode(conn,createmode); - fsp = find_free_file(); + fsp = file_new(); if (fsp) return(ERROR(ERRSRV,ERRnofids)); @@ -2588,7 +2588,7 @@ int reply_printopen(connection_struct *conn, slprintf(fname,sizeof(fname)-1, "%s.XXXXXX",s); } - fsp = find_free_file(); + fsp = file_new(); if (!fsp) return(ERROR(ERRSRV,ERRnofids)); @@ -3273,7 +3273,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, if (!file_exist(src,&st)) return(False); - fsp1 = find_free_file(); + fsp1 = file_new(); if (!fsp1) return(False); open_file_shared(fsp1,conn,src,(DENY_NONE<<4), 1,0,0,&Access,&action); @@ -3286,7 +3286,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, if (!target_is_directory && count) ofun = 1; - fsp2 = find_free_file(); + fsp2 = file_new(); if (!fsp2) { close_file(fsp1,False); return(False); -- cgit From 739d0b1ddc58bbb792c3eebe8c545602a4fae438 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 16 Aug 1998 04:08:47 +0000 Subject: got rid of the Files[] array completely (previously I'd just made it private to files.c) It now is a doubly linked list with a bitmap for allocated file numbers. Similarly for the fd_ptr code. I also changed the default maximum number of open files to 4096. The static cost is 1 bit per file. It all seems to work, and it passes the "does Sue scream" test, but if you see weird behaviour then please investigate. With the volume of new code that has gone in there are bound to be one or two bugs lurking. note that you must do a "make clean" before building this as many data structures have changed in size. (This used to be commit 79755ce97004b787d7e83a8d18fc4c7c003b7231) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 340602d3a5..e62c0bd576 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3279,7 +3279,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, 1,0,0,&Access,&action); if (!fsp1->open) { - fsp1->reserved = False; + file_free(fsp1); return(False); } @@ -3296,7 +3296,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, if (!fsp2->open) { close_file(fsp1,False); - fsp2->reserved = False; + file_free(fsp2); return(False); } -- cgit From 8978aae69699ccab76fdf95037948b1cc7e7c286 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 17 Aug 1998 03:52:05 +0000 Subject: much cleaner chain pointer handling for both files and pipes. the chain pointer is now stored as a static and is set whenever a handle is created or extracted. This also makes the code less error prone. (This used to be commit 068a862982bea726e8d7b1b4065d510b9840a272) --- source3/smbd/reply.c | 53 ++++++++++++++++++++++------------------------------ 1 file changed, 22 insertions(+), 31 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e62c0bd576..6b91d9d152 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -33,7 +33,6 @@ extern int Protocol; extern int DEBUGLEVEL; extern int max_send; extern int max_recv; -extern files_struct *chain_fsp; extern char magic_char; extern BOOL case_sensitive; extern BOOL case_preserve; @@ -1425,8 +1424,6 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt SSVAL(outbuf,smb_vwv8,rmode); SSVAL(outbuf,smb_vwv11,smb_action); - chain_fsp = fsp; - return chain_reply(inbuf,outbuf,length,bufsize); } @@ -1773,7 +1770,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s return -1; } - fsp = GETFSP(inbuf,smb_vwv0); + fsp = file_fsp(inbuf,smb_vwv0); startpos = IVAL(inbuf,smb_vwv1); maxcount = SVAL(inbuf,smb_vwv3); @@ -1862,7 +1859,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int dum_si uint32 startpos, numtoread; int eclass; uint32 ecode; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); CHECK_FSP(fsp,conn); CHECK_READ(fsp); @@ -1905,7 +1902,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, char *data; uint32 startpos; int outsize = 0; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); CHECK_FSP(fsp,conn); CHECK_READ(fsp); @@ -1945,7 +1942,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, ****************************************************************************/ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - files_struct *fsp = GETFSP(inbuf,smb_vwv2); + files_struct *fsp = file_fsp(inbuf,smb_vwv2); uint32 smb_offs = IVAL(inbuf,smb_vwv3); int smb_maxcnt = SVAL(inbuf,smb_vwv5); int smb_mincnt = SVAL(inbuf,smb_vwv6); @@ -1979,8 +1976,6 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt DEBUG( 3, ( "readX fnum=%d min=%d max=%d nread=%d\n", fsp->fnum, smb_mincnt, smb_maxcnt, nread ) ); - chain_fsp = fsp; - return chain_reply(inbuf,outbuf,length,bufsize); } @@ -1998,7 +1993,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s char *data=NULL; BOOL write_through; int tcount; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -2100,7 +2095,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum uint32 numtowrite,startpos; int eclass; uint32 ecode; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -2153,7 +2148,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i int outsize = 0; int startpos; char *data; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -2203,7 +2198,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i ****************************************************************************/ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - files_struct *fsp = GETFSP(inbuf,smb_vwv2); + files_struct *fsp = file_fsp(inbuf,smb_vwv2); uint32 smb_offs = IVAL(inbuf,smb_vwv3); int smb_dsize = SVAL(inbuf,smb_vwv10); int smb_doff = SVAL(inbuf,smb_vwv11); @@ -2246,8 +2241,6 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n", fsp->fnum, smb_dsize, nwritten)); - chain_fsp = fsp; - if (lp_syncalways(SNUM(conn)) || write_through) sync_file(conn,fsp); @@ -2264,7 +2257,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int32 res= -1; int mode,umode; int outsize = 0; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); @@ -2300,7 +2293,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); if (fsp) { CHECK_FSP(fsp,conn); @@ -2349,7 +2342,7 @@ int reply_close(connection_struct *conn, return reply_pipe_close(conn, inbuf,outbuf); } - fsp = GETFSP(inbuf,smb_vwv0); + fsp = file_fsp(inbuf,smb_vwv0); /* * We can only use CHECK_FSP if we know it's not a directory. @@ -2406,7 +2399,7 @@ int reply_writeclose(connection_struct *conn, int startpos; char *data; time_t mtime; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -2452,7 +2445,7 @@ int reply_lock(connection_struct *conn, uint32 count,offset; int eclass; uint32 ecode; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); @@ -2479,7 +2472,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size uint32 count,offset; int eclass; uint32 ecode; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); @@ -2629,7 +2622,7 @@ int reply_printclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); @@ -2724,7 +2717,7 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ int numtowrite; int outsize = set_message(outbuf,0,0,True); char *data; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); if (!CAN_PRINT(conn)) return(ERROR(ERRDOS,ERRnoaccess)); @@ -3490,7 +3483,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size ****************************************************************************/ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - files_struct *fsp = GETFSP(inbuf,smb_vwv2); + files_struct *fsp = file_fsp(inbuf,smb_vwv2); unsigned char locktype = CVAL(inbuf,smb_vwv3); #if 0 unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1); @@ -3606,8 +3599,6 @@ dev = %x, inode = %x\n", DEBUG( 3, ( "lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks ) ); - chain_fsp = fsp; - return chain_reply(inbuf,outbuf,length,bufsize); } @@ -3625,7 +3616,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, int max_per_packet; int tcount; int pad; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); /* this function doesn't seem to work - disable by default */ if (!lp_readbmpx()) @@ -3692,7 +3683,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s uint32 startpos; int tcount, write_through, smb_doff; char *data; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -3785,7 +3776,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz char *data; write_bmpx_struct *wbms; BOOL send_response = False; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -3859,7 +3850,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si { struct utimbuf unix_times; int outsize = 0; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); outsize = set_message(outbuf,0,0,True); @@ -3912,7 +3903,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si struct stat sbuf; int outsize = 0; int mode; - files_struct *fsp = GETFSP(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); outsize = set_message(outbuf,11,0,True); -- cgit From 12de4034c72ea5054d716bf848c2b16bef7a4d89 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 19 Aug 1998 01:49:34 +0000 Subject: Makefile.in: Moved blocking lock code into smbd/blocking.c for link purposes. include/includes.h: Added nterr.h. locking/locking.c: Moved blocking lock code into smbd/blocking.c for link purposes. smbd/close.c: Added blocking lock removal to file close. smbd/filename.c: Tidied up unix_convert() so I could read it (:-) in preparation for the stat_cache code. smbd/nttrans.c: Added WRITE_ATTRIBUTES check. smbd/reply.c: Fixed multibyte char problem in wildcard mask. Jeremy. (This used to be commit 148eaba3dadb1d0bd3ac3ef53da3d9811636e89a) --- source3/smbd/reply.c | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6b91d9d152..28fed8bc04 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1051,14 +1051,24 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size mask_convert(mask); { - for (p=mask; *p; p++) + int skip; + p = mask; + while(*p) + { + if((skip = skip_multibyte_char( *p )) != 0 ) { - if (*p != '?' && *p != '*' && !isdoschar(*p)) - { - DEBUG(5,("Invalid char [%c] in search mask?\n",*p)); - *p = '?'; - } + p += skip; } + else + { + if (*p != '?' && *p != '*' && !isdoschar(*p)) + { + DEBUG(5,("Invalid char [%c] in search mask?\n",*p)); + *p = '?'; + } + p++; + } + } } if (!strchr(mask,'.') && strlen(mask)>8) @@ -3569,8 +3579,8 @@ dev = %x, inode = %x\n", count = IVAL(data,SMB_LKLEN_OFFSET(i)); offset = IVAL(data,SMB_LKOFF_OFFSET(i)); if(!do_lock(fsp,conn,count,offset, ((locktype & 1) ? F_RDLCK : F_WRLCK), - &eclass, &ecode)) -#if 0 /* JRATEST - blocking lock code. */ + &eclass, &ecode)) { +#if 0 /* JRATEST */ if((ecode == ERRlock) && (lock_timeout != 0)) { /* * A blocking lock was requested. Package up @@ -3579,8 +3589,10 @@ dev = %x, inode = %x\n", */ if(push_blocking_lock_request(inbuf, length, lock_timeout, i)) return -1; + } #endif /* JRATEST */ break; + } } /* If any of the above locks failed, then we must unlock -- cgit From dc76502cd8a950f6aff84ce4eedfd9d2b30d3dcc Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 20 Aug 1998 19:28:37 +0000 Subject: Turning on blocking locking code. NB. Blocking lock requests that are not the head of an SMB request (ie. are part of a chain) will not be queued - this will be fixed when we move to the new chain code. In practice, this doesn't seem to cause much of a problem (in my admittedly limited testing) bug a debug level zero message will be placed in the log when this happens to help determine how real the problem is. smbd/locking.c: New debug messages. smbd/blocking.c: New blocking code - handles SMBlock, SMBlockread and SMBlockingX smbd/chgpasswd.c: Fix for master fd leak. smbd/files.c: Tidyup comment. smbd/nttrans.c: Added fnum to debug message. smbd/process.c: Made chain_reply() use construct_reply_common(). Added blocking lock queue processing into idle loop. smbd/reply.c: Added queue pushes for SMBlock, SMBlockread and SMBlockingX. Jeremy. (This used to be commit e1dd03ecda0bc6d7eaa31070c83774bb5679fd1b) --- source3/smbd/reply.c | 36 +++++++++++++++++++++++++++++------- 1 file changed, 29 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 28fed8bc04..3e59e7dbd0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1861,7 +1861,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s /**************************************************************************** reply to a lockread (core+ protocol) ****************************************************************************/ -int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsiz) +int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz) { int nread = -1; char *data; @@ -1882,8 +1882,18 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int dum_si numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; - if(!do_lock( fsp, conn, numtoread, startpos, F_RDLCK, &eclass, &ecode)) + if(!do_lock( fsp, conn, numtoread, startpos, F_RDLCK, &eclass, &ecode)) { + if(ecode == ERRlock) { + /* + * A blocking lock was requested. Package up + * this smb into a queued request and push it + * onto the blocking lock queue. + */ + if(push_blocking_lock_request(inbuf, length, -1, 0)) + return -1; + } return (ERROR(eclass,ecode)); + } nread = read_file(fsp,data,startpos,numtoread); @@ -2449,7 +2459,7 @@ int reply_writeclose(connection_struct *conn, reply to a lock ****************************************************************************/ int reply_lock(connection_struct *conn, - char *inbuf,char *outbuf, int dum_size, int dum_buffsize) + char *inbuf,char *outbuf, int length, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); uint32 count,offset; @@ -2466,8 +2476,18 @@ int reply_lock(connection_struct *conn, DEBUG(3,("lock fd=%d fnum=%d ofs=%d cnt=%d\n", fsp->fd_ptr->fd, fsp->fnum, offset, count)); - if (!do_lock(fsp, conn, count, offset, F_WRLCK, &eclass, &ecode)) - return (ERROR(eclass,ecode)); + if (!do_lock(fsp, conn, count, offset, F_WRLCK, &eclass, &ecode)) { + if(ecode == ERRlock) { + /* + * A blocking lock was requested. Package up + * this smb into a queued request and push it + * onto the blocking lock queue. + */ + if(push_blocking_lock_request(inbuf, length, -1, 0)) + return -1; + } + return (ERROR(eclass,ecode)); + } return(outsize); } @@ -3564,6 +3584,8 @@ dev = %x, inode = %x\n", for(i = 0; i < (int)num_ulocks; i++) { count = IVAL(data,SMB_LKLEN_OFFSET(i)); offset = IVAL(data,SMB_LKOFF_OFFSET(i)); + DEBUG(10,("reply_lockingX: unlock start=%d, len=%d for file %s\n", + (int)offset, (int)count, fsp->fsp_name )); if(!do_unlock(fsp,conn,count,offset,&eclass, &ecode)) return ERROR(eclass,ecode); } @@ -3578,9 +3600,10 @@ dev = %x, inode = %x\n", for(i = 0; i < (int)num_locks; i++) { count = IVAL(data,SMB_LKLEN_OFFSET(i)); offset = IVAL(data,SMB_LKOFF_OFFSET(i)); + DEBUG(10,("reply_lockingX: lock start=%d, len=%d for file %s\n", + (int)offset, (int)count, fsp->fsp_name )); if(!do_lock(fsp,conn,count,offset, ((locktype & 1) ? F_RDLCK : F_WRLCK), &eclass, &ecode)) { -#if 0 /* JRATEST */ if((ecode == ERRlock) && (lock_timeout != 0)) { /* * A blocking lock was requested. Package up @@ -3590,7 +3613,6 @@ dev = %x, inode = %x\n", if(push_blocking_lock_request(inbuf, length, lock_timeout, i)) return -1; } -#endif /* JRATEST */ break; } } -- cgit From 5e5e320d361afcb4d9503354b3912b4c7a672197 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 27 Aug 1998 20:38:53 +0000 Subject: This is the stat cache code - seems to work fine (needs heavy NetBench testing though.... :-). Attempts to efficiently reduce the number of stat() calls Samba does. Jeremy. (This used to be commit d0e48a2d8072c3e77a57ac6a2fb5044c05f03b41) --- source3/smbd/reply.c | 44 +++++++++++++++++++++++++------------------- 1 file changed, 25 insertions(+), 19 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3e59e7dbd0..3052bd730c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -751,14 +751,19 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstring name; BOOL ok = False; BOOL bad_path = False; + struct stat st; pstrcpy(name,smb_buf(inbuf) + 1); - unix_convert(name,conn,0,&bad_path); + unix_convert(name,conn,0,&bad_path,&st); mode = SVAL(inbuf,smb_vwv0); - if (check_name(name,conn)) - ok = directory_exist(name,NULL); + if (check_name(name,conn)) { + if(VALID_STAT(st)) + ok = S_ISDIR(st.st_mode); + else + ok = directory_exist(name,NULL); + } if (!ok) { @@ -809,7 +814,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL bad_path = False; pstrcpy(fname,smb_buf(inbuf) + 1); - unix_convert(fname,conn,0,&bad_path); + unix_convert(fname,conn,0,&bad_path,&sbuf); /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ @@ -824,7 +829,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size else if (check_name(fname,conn)) { - if (sys_stat(fname,&sbuf) == 0) + if (VALID_STAT(sbuf) || sys_stat(fname,&sbuf) == 0) { mode = dos_mode(conn,fname,&sbuf); size = sbuf.st_size; @@ -881,15 +886,16 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL ok=False; int mode; time_t mtime; + struct stat st; BOOL bad_path = False; pstrcpy(fname,smb_buf(inbuf) + 1); - unix_convert(fname,conn,0,&bad_path); + unix_convert(fname,conn,0,&bad_path,&st); mode = SVAL(inbuf,smb_vwv0); mtime = make_unix_date3(inbuf+smb_vwv1); - if (directory_exist(fname,NULL)) + if (VALID_STAT_OF_DIR(st) || directory_exist(fname,NULL)) mode |= aDIR; if (check_name(fname,conn)) ok = (dos_chmod(conn,fname,mode,NULL) == 0); @@ -990,7 +996,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstrcpy(directory,smb_buf(inbuf)+1); pstrcpy(dir2,smb_buf(inbuf)+1); - unix_convert(directory,conn,0,&bad_path); + unix_convert(directory,conn,0,&bad_path,NULL); unix_format(dir2); if (!check_name(directory,conn)) @@ -1250,7 +1256,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, share_mode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); - unix_convert(fname,conn,0,&bad_path); + unix_convert(fname,conn,0,&bad_path,NULL); fsp = file_new(); if (!fsp) @@ -1351,7 +1357,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt /* XXXX we need to handle passed times, sattr and flags */ pstrcpy(fname,smb_buf(inbuf)); - unix_convert(fname,conn,0,&bad_path); + unix_convert(fname,conn,0,&bad_path,NULL); fsp = file_new(); if (!fsp) @@ -1485,7 +1491,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); - unix_convert(fname,conn,0,&bad_path); + unix_convert(fname,conn,0,&bad_path,NULL); if (createmode & aVOLID) { @@ -1570,7 +1576,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); pstrcat(fname,"/TMXXXXXX"); - unix_convert(fname,conn,0,&bad_path); + unix_convert(fname,conn,0,&bad_path,NULL); unixmode = unix_mode(conn,createmode); @@ -1674,7 +1680,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(3,("reply_unlink : %s\n",name)); - unix_convert(name,conn,0,&bad_path); + unix_convert(name,conn,0,&bad_path,NULL); p = strrchr(name,'/'); if (!p) { @@ -2778,7 +2784,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; pstrcpy(directory,smb_buf(inbuf) + 1); - unix_convert(directory,conn,0,&bad_path); + unix_convert(directory,conn,0,&bad_path,NULL); if (check_name(directory, conn)) ret = sys_mkdir(directory,unix_mode(conn,aDIR)); @@ -2872,7 +2878,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; pstrcpy(directory,smb_buf(inbuf) + 1); - unix_convert(directory,conn, NULL,&bad_path); + unix_convert(directory,conn, NULL,&bad_path,NULL); if (check_name(directory,conn)) { @@ -3072,8 +3078,8 @@ int rename_internals(connection_struct *conn, *directory = *mask = 0; - unix_convert(name,conn,0,&bad_path1); - unix_convert(newname,conn,newname_last_component,&bad_path2); + unix_convert(name,conn,0,&bad_path1,NULL); + unix_convert(newname,conn,newname_last_component,&bad_path2,NULL); /* * Split the old name into directory and last component @@ -3373,8 +3379,8 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(ERROR(ERRSRV,ERRinvdevice)); } - unix_convert(name,conn,0,&bad_path1); - unix_convert(newname,conn,0,&bad_path2); + unix_convert(name,conn,0,&bad_path1,NULL); + unix_convert(newname,conn,0,&bad_path2,NULL); target_is_directory = directory_exist(newname,NULL); -- cgit From 693480af8bb2d3e83566af9463ca427f47a879da Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 31 Aug 1998 20:20:54 +0000 Subject: configure.in, configure: include/config.h.in: Added stropts and poll. include/smb.h: Moved old typedefs of uint8 etc. into include/includes.h where all the other defines live (changed them from typedefs to defines). Other changes : changed from using uint32 to SMB_DEV_T and SMB_INO_T in preparation for moving to size independed (ie. 64 bit clean) device and inode access. Stat call wrapper comes next :-). Jeremy. (This used to be commit 3d9ec96de5e04e83abafe9c5d980bd39eee856ea) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3052bd730c..e30c31776c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3544,8 +3544,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) { int token; - uint32 dev = fsp->fd_ptr->dev; - uint32 inode = fsp->fd_ptr->inode; + SMB_DEV_T dev = fsp->fd_ptr->dev; + SMB_INO_T inode = fsp->fd_ptr->inode; DEBUG(5,("reply_lockingX: oplock break reply from client for fnum = %d\n", fsp->fnum)); -- cgit From 18556274139cc5a00593471bd745354d98a35303 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 1 Sep 1998 20:11:54 +0000 Subject: More abstraction of file system data types, to move to a 64 bit file interface for the NT SMB's. Created a new define, SMB_STRUCT_STAT that currently is defined to be struct stat - this wil change to a user defined type containing 64 bit info when the correct wrappers are written for 64 bit stat(), fstat() and lstat() calls. Also changed all sys_xxxx() calls that were previously just wrappers to the same call prefixed by a dos_to_unix() call into dos_xxxx() calls. This makes it explicit when a pathname translation is being done, and when it is not. Now, all sys_xxx() calls are meant to be wrappers to mask OS differences, and not silently converting filenames on the fly. Jeremy. (This used to be commit 28aa182dbffaa4ffd86047e608400de4b26e80eb) --- source3/smbd/reply.c | 60 ++++++++++++++++++++++++++-------------------------- 1 file changed, 30 insertions(+), 30 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e30c31776c..a3164bd67d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -751,7 +751,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstring name; BOOL ok = False; BOOL bad_path = False; - struct stat st; + SMB_STRUCT_STAT st; pstrcpy(name,smb_buf(inbuf) + 1); unix_convert(name,conn,0,&bad_path,&st); @@ -806,7 +806,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size { pstring fname; int outsize = 0; - struct stat sbuf; + SMB_STRUCT_STAT sbuf; BOOL ok = False; int mode=0; uint32 size=0; @@ -829,7 +829,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size else if (check_name(fname,conn)) { - if (VALID_STAT(sbuf) || sys_stat(fname,&sbuf) == 0) + if (VALID_STAT(sbuf) || dos_stat(fname,&sbuf) == 0) { mode = dos_mode(conn,fname,&sbuf); size = sbuf.st_size; @@ -886,7 +886,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL ok=False; int mode; time_t mtime; - struct stat st; + SMB_STRUCT_STAT st; BOOL bad_path = False; pstrcpy(fname,smb_buf(inbuf) + 1); @@ -898,7 +898,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (VALID_STAT_OF_DIR(st) || directory_exist(fname,NULL)) mode |= aDIR; if (check_name(fname,conn)) - ok = (dos_chmod(conn,fname,mode,NULL) == 0); + ok = (file_chmod(conn,fname,mode,NULL) == 0); if (ok) ok = set_filetime(conn,fname,mtime); @@ -1248,7 +1248,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, time_t mtime=0; int unixmode; int rmode=0; - struct stat sbuf; + SMB_STRUCT_STAT sbuf; BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); @@ -1345,7 +1345,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt int smb_ofun = SVAL(inbuf,smb_vwv8); int unixmode; int size=0,fmode=0,mtime=0,rmode=0; - struct stat sbuf; + SMB_STRUCT_STAT sbuf; int smb_action = 0; BOOL bad_path = False; files_struct *fsp; @@ -1638,12 +1638,12 @@ check if a user is allowed to delete a file ********************************************************************/ static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) { - struct stat sbuf; + SMB_STRUCT_STAT sbuf; int fmode; if (!CAN_WRITE(conn)) return(False); - if (sys_lstat(fname,&sbuf) != 0) return(False); + if (dos_lstat(fname,&sbuf) != 0) return(False); fmode = dos_mode(conn,fname,&sbuf); if (fmode & aDIR) return(False); if (!lp_delete_readonly(SNUM(conn))) { @@ -1700,7 +1700,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - if (can_delete(directory,conn,dirtype) && !sys_unlink(directory)) count++; + if (can_delete(directory,conn,dirtype) && !dos_unlink(directory)) count++; if (!count) exists = file_exist(directory,NULL); } else { void *dirptr = NULL; @@ -1731,7 +1731,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); if (!can_delete(fname,conn,dirtype)) continue; - if (!sys_unlink(fname)) count++; + if (!dos_unlink(fname)) count++; DEBUG(3,("reply_unlink : doing unlink on %s\n",fname)); } CloseDir(dirptr); @@ -1813,7 +1813,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s int sizeneeded = startpos + maxcount; if (size < sizeneeded) { - struct stat st; + SMB_STRUCT_STAT st; if (fstat(fsp->fd_ptr->fd,&st) == 0) size = st.st_size; if (!fsp->can_write) @@ -2787,7 +2787,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_convert(directory,conn,0,&bad_path,NULL); if (check_name(directory, conn)) - ret = sys_mkdir(directory,unix_mode(conn,aDIR)); + ret = dos_mkdir(directory,unix_mode(conn,aDIR)); if (ret < 0) { @@ -2822,7 +2822,7 @@ static BOOL recursive_rmdir(char *directory) while((dname = ReadDirName(dirptr))) { pstring fullname; - struct stat st; + SMB_STRUCT_STAT st; if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) continue; @@ -2838,7 +2838,7 @@ static BOOL recursive_rmdir(char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(sys_lstat(fullname, &st) != 0) + if(dos_lstat(fullname, &st) != 0) { ret = True; break; @@ -2851,13 +2851,13 @@ static BOOL recursive_rmdir(char *directory) ret = True; break; } - if(sys_rmdir(fullname) != 0) + if(dos_rmdir(fullname) != 0) { ret = True; break; } } - else if(sys_unlink(fullname) != 0) + else if(dos_unlink(fullname) != 0) { ret = True; break; @@ -2884,7 +2884,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, { dptr_closepath(directory,SVAL(inbuf,smb_pid)); - ok = (sys_rmdir(directory) == 0); + ok = (dos_rmdir(directory) == 0); if(!ok && (errno == ENOTEMPTY) && lp_veto_files(SNUM(conn))) { /* Check to see if the only thing in this directory are @@ -2914,7 +2914,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, while ((dname = ReadDirName(dirptr))) { pstring fullname; - struct stat st; + SMB_STRUCT_STAT st; if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) continue; @@ -2929,7 +2929,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(sys_lstat(fullname, &st) != 0) + if(dos_lstat(fullname, &st) != 0) break; if(st.st_mode & S_IFDIR) { @@ -2938,15 +2938,15 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if(recursive_rmdir(fullname) != 0) break; } - if(sys_rmdir(fullname) != 0) + if(dos_rmdir(fullname) != 0) break; } - else if(sys_unlink(fullname) != 0) + else if(dos_unlink(fullname) != 0) break; } CloseDir(dirptr); /* Retry the rmdir */ - ok = (sys_rmdir(directory) == 0); + ok = (dos_rmdir(directory) == 0); } else CloseDir(dirptr); @@ -3047,11 +3047,11 @@ check if a user is allowed to rename a file ********************************************************************/ static BOOL can_rename(char *fname,connection_struct *conn) { - struct stat sbuf; + SMB_STRUCT_STAT sbuf; if (!CAN_WRITE(conn)) return(False); - if (sys_lstat(fname,&sbuf) != 0) return(False); + if (dos_lstat(fname,&sbuf) != 0) return(False); if (!check_file_sharing(conn,fname,True)) return(False); return(True); @@ -3171,13 +3171,13 @@ int rename_internals(connection_struct *conn, */ if(resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !sys_rename(directory,newname)) + !dos_rename(directory,newname)) count++; } else { if (resolve_wildcards(directory,newname) && can_rename(directory,conn) && !file_exist(newname,NULL) && - !sys_rename(directory,newname)) + !dos_rename(directory,newname)) count++; } @@ -3232,7 +3232,7 @@ int rename_internals(connection_struct *conn, continue; } - if (!sys_rename(fname,destname)) + if (!dos_rename(fname,destname)) count++; DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } @@ -3284,7 +3284,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, int count,BOOL target_is_directory) { int Access,action; - struct stat st; + SMB_STRUCT_STAT st; int ret=0; files_struct *fsp1,*fsp2; pstring dest; @@ -3940,7 +3940,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si ****************************************************************************/ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - struct stat sbuf; + SMB_STRUCT_STAT sbuf; int outsize = 0; int mode; files_struct *fsp = file_fsp(inbuf,smb_vwv0); -- cgit From 7bb86c1b132bce31a006ea9768a54db7a45fe1a5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 3 Sep 1998 18:40:31 +0000 Subject: Ok - this is the 64 bit widening check in. It changes the configure to check for stat64 and friends, and then changes much of Samba to use the data type SMB_OFF_T for file size information. stat/fstat/lstat/lseek/ftruncate have now become sys_stat etc. to hide the 64 bit calls if needed. Note that this still does not expose 64 bit functionality to the client, as the changes to the reply_xxx smb's are not yet done. This code change should make these changes possible. Still to do before full 64 bit-ness to the client: fcntl lock code. statfs code widening of dev_t and ino_t (now possible due to SMB_DEV_T and SMB_OFF_T types being in place). Let me know if wierd things happen after this check-in and I'll fix them :-). Jeremy. (This used to be commit 14500936c321d15995c963766aac67bf1f4e3824) --- source3/smbd/reply.c | 54 +++++++++++++++++++++++++++------------------------- 1 file changed, 28 insertions(+), 26 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a3164bd67d..3665518ae6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -809,7 +809,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SMB_STRUCT_STAT sbuf; BOOL ok = False; int mode=0; - uint32 size=0; + SMB_OFF_T size=0; time_t mtime=0; BOOL bad_path = False; @@ -860,7 +860,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size put_dos_date3(outbuf,smb_vwv1,mtime & ~1); else put_dos_date3(outbuf,smb_vwv1,mtime); - SIVAL(outbuf,smb_vwv3,size); + SIVAL(outbuf,smb_vwv3,(uint32)size); if (Protocol >= PROTOCOL_NT1) { char *p = strrchr(fname,'/'); @@ -870,7 +870,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SSVAL(outbuf,smb_flg2,flg2 | 0x40); /* IS_LONG_NAME */ } - DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, size ) ); + DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, (uint32)size ) ); return(outsize); } @@ -953,7 +953,8 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstring mask; pstring directory; pstring fname; - int size,mode; + SMB_OFF_T size; + int mode; time_t date; int dirtype; int outsize = 0; @@ -1244,7 +1245,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int outsize = 0; int fmode=0; int share_mode; - int size = 0; + SMB_OFF_T size = 0; time_t mtime=0; int unixmode; int rmode=0; @@ -1289,7 +1290,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + if (sys_fstat(fsp->fd_ptr->fd,&sbuf) != 0) { close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1311,7 +1312,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, put_dos_date3(outbuf,smb_vwv2,mtime & ~1); else put_dos_date3(outbuf,smb_vwv2,mtime); - SIVAL(outbuf,smb_vwv4,size); + SIVAL(outbuf,smb_vwv4,(uint32)size); SSVAL(outbuf,smb_vwv6,rmode); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { @@ -1344,7 +1345,8 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt #endif int smb_ofun = SVAL(inbuf,smb_vwv8); int unixmode; - int size=0,fmode=0,mtime=0,rmode=0; + SMB_OFF_T size=0; + int fmode=0,mtime=0,rmode=0; SMB_STRUCT_STAT sbuf; int smb_action = 0; BOOL bad_path = False; @@ -1390,7 +1392,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + if (sys_fstat(fsp->fd_ptr->fd,&sbuf) != 0) { close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1436,7 +1438,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt put_dos_date3(outbuf,smb_vwv4,mtime & ~1); else put_dos_date3(outbuf,smb_vwv4,mtime); - SIVAL(outbuf,smb_vwv6,size); + SIVAL(outbuf,smb_vwv6,(uint32)size); SSVAL(outbuf,smb_vwv8,rmode); SSVAL(outbuf,smb_vwv11,smb_action); @@ -1767,7 +1769,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s int nread = 0; uint32 startpos; char *header = outbuf; - int ret=0; + SMB_OFF_T ret=0; int fd; char *fname; files_struct *fsp; @@ -1781,7 +1783,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if(global_oplock_break) { _smb_setlen(header,0); - transfer_file(0,Client,0,header,4,0); + transfer_file(0,Client,(SMB_OFF_T)0,header,4,0); DEBUG(5,("readbraw - oplock break finished\n")); return -1; } @@ -1799,7 +1801,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if (!FNUM_OK(fsp,conn) || !fsp->can_read) { DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",fsp->fnum)); _smb_setlen(header,0); - transfer_file(0,Client,0,header,4,0); + transfer_file(0,Client,(SMB_OFF_T)0,header,4,0); return(-1); } else { fd = fsp->fd_ptr->fd; @@ -1809,12 +1811,12 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if (!is_locked(fsp,conn,maxcount,startpos, F_RDLCK)) { - int size = fsp->size; + SMB_OFF_T size = fsp->size; int sizeneeded = startpos + maxcount; if (size < sizeneeded) { SMB_STRUCT_STAT st; - if (fstat(fsp->fd_ptr->fd,&st) == 0) + if (sys_fstat(fsp->fd_ptr->fd,&st) == 0) size = st.st_size; if (!fsp->can_write) fsp->size = size; @@ -1843,7 +1845,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if ((nread-predict) > 0) seek_file(fsp,startpos + predict); - ret = transfer_file(fd,Client,nread-predict,header,4+predict, + ret = transfer_file(fd,Client,(SMB_OFF_T)(nread-predict),header,4+predict, startpos+predict); } @@ -2081,7 +2083,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s tcount,nwritten,numtowrite)); } - nwritten = transfer_file(Client,fsp->fd_ptr->fd,numtowrite,NULL,0, + nwritten = transfer_file(Client,fsp->fd_ptr->fd,(SMB_OFF_T)numtowrite,NULL,0, startpos+nwritten); total_written += nwritten; @@ -2193,7 +2195,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i zero then the file size should be extended or truncated to the size given in smb_vwv[2-3] */ if(numtowrite == 0) - nwritten = set_filelen(fsp->fd_ptr->fd, startpos); + nwritten = set_filelen(fsp->fd_ptr->fd, (SMB_OFF_T)startpos); else nwritten = write_file(fsp,data,numtowrite); @@ -2280,7 +2282,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { uint32 startpos; - int32 res= -1; + SMB_OFF_T res= -1; int mode,umode; int outsize = 0; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -2292,19 +2294,19 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, startpos = IVAL(inbuf,smb_vwv2); switch (mode & 3) - { + { case 0: umode = SEEK_SET; break; case 1: umode = SEEK_CUR; break; case 2: umode = SEEK_END; break; default: umode = SEEK_SET; break; - } + } - res = lseek(fsp->fd_ptr->fd,startpos,umode); + res = sys_lseek(fsp->fd_ptr->fd,(SMB_OFF_T)startpos,umode); fsp->pos = res; outsize = set_message(outbuf,2,0,True); - SIVALS(outbuf,smb_vwv0,res); + SIVALS(outbuf,smb_vwv0,(uint32)res); DEBUG(3,("lseek fnum=%d ofs=%d mode=%d\n", fsp->fnum, startpos, mode)); @@ -3330,7 +3332,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if ((ofun&3) == 1) { - lseek(fsp2->fd_ptr->fd,0,SEEK_END); + sys_lseek(fsp2->fd_ptr->fd,0,SEEK_END); } if (st.st_size) @@ -3951,7 +3953,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si CHECK_ERROR(fsp); /* Do an fstat on this file */ - if(fstat(fsp->fd_ptr->fd, &sbuf)) + if(sys_fstat(fsp->fd_ptr->fd, &sbuf)) return(UNIXERROR(ERRDOS,ERRnoaccess)); mode = dos_mode(conn,fsp->fsp_name,&sbuf); @@ -3969,7 +3971,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si } else { - SIVAL(outbuf,smb_vwv6,sbuf.st_size); + SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size); SIVAL(outbuf,smb_vwv8,ROUNDUP(sbuf.st_size,1024)); } SSVAL(outbuf,smb_vwv10, mode); -- cgit From 83900f2b682c62f2b5620b29ecb710274990ac51 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 4 Sep 1998 20:53:58 +0000 Subject: Modified dev_t and ino_t code to be 64 bit clean (including changes to oplock break message passing). I think that smbd/nmbd are now inode and offset size independent (at least for 32 bit and 64 bit systems). Now to expose all this new functionality to NT clients..... Jeremy. (This used to be commit 5910d07bbf45a34d3c901461f74704c029a79474) --- source3/smbd/reply.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3665518ae6..d7ab997010 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3564,9 +3564,15 @@ no oplock granted on this file.\n", fsp->fnum)); /* Remove the oplock flag from the sharemode. */ lock_share_entry(fsp->conn, dev, inode, &token); if(remove_share_oplock(fsp, token)==False) { + +#ifdef LARGE_SMB_INO_T + DEBUG(0,("reply_lockingX: failed to remove share oplock for fnum %d, \ +dev = %x, inode = %.0f\n", fsp->fnum, (unsigned int)dev, (double)inode)); +#else /* LARGE_SMB_INO_T */ DEBUG(0,("reply_lockingX: failed to remove share oplock for fnum %d, \ -dev = %x, inode = %x\n", - fsp->fnum, dev, inode)); +dev = %x, inode = %lx\n", fsp->fnum, (unsigned int)dev, (unsigned long)inode)); +#endif /* LARGE_SMB_INO_T */ + unlock_share_entry(fsp->conn, dev, inode, token); } else { unlock_share_entry(fsp->conn, dev, inode, token); -- cgit From 6e0c276ec8b918165a19b3dfc86bc7bef6d1f706 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 8 Sep 1998 19:21:04 +0000 Subject: Added back groupname map stuff removed by Andrew's "slash 'n' burn" tactics :-). Protected by #ifdef until used. Fixed bug in fd_attempt_close() where a pointer to potentially free'd memory was returned. I hate that. Added "blocking locks" as a per-share option for performance testing. Changed is_mangled() so it will return true if called with a pathname and any component of the pathname was mangled (it was already attempting to do this, but not checking for a '/' as end-of-mangle). This should be a better fix for the wierd stat cache bug Andrew identified. Jeremy. (This used to be commit 0de01f45980c7bc261248a9cead972a8d8cbd594) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d7ab997010..3d537d8868 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1891,7 +1891,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length data = smb_buf(outbuf) + 3; if(!do_lock( fsp, conn, numtoread, startpos, F_RDLCK, &eclass, &ecode)) { - if(ecode == ERRlock) { + if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it @@ -2485,7 +2485,7 @@ int reply_lock(connection_struct *conn, fsp->fd_ptr->fd, fsp->fnum, offset, count)); if (!do_lock(fsp, conn, count, offset, F_WRLCK, &eclass, &ecode)) { - if(ecode == ERRlock) { + if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it @@ -3618,7 +3618,7 @@ dev = %x, inode = %lx\n", fsp->fnum, (unsigned int)dev, (unsigned long)inode)); (int)offset, (int)count, fsp->fsp_name )); if(!do_lock(fsp,conn,count,offset, ((locktype & 1) ? F_RDLCK : F_WRLCK), &eclass, &ecode)) { - if((ecode == ERRlock) && (lock_timeout != 0)) { + if((ecode == ERRlock) && (lock_timeout != 0) && lp_blocking_locks(SNUM(conn))) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it -- cgit From 06cc91f9a631a23dcd4902d710b89e4b7584c459 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 11 Sep 1998 01:24:30 +0000 Subject: Added ssize_t to configure code. Got 'religion' about using size_t and ssize_t for read/write stuff as part of the code to expose 64 bits to the client. This checkin does all the 'easy' stuff - such as all the read/write/lock calls - but now comes the harder parts (open & friends) and all the file enquiry functions..... Jeremy. (This used to be commit 36544fe5476f7770bd5748574fc54be7b3ee4d4a) --- source3/smbd/reply.c | 363 ++++++++++++++++++++++++++++++--------------------- 1 file changed, 215 insertions(+), 148 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3d537d8868..8ec2715d0d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1765,11 +1765,11 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size ****************************************************************************/ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int dum_buffsize) { - int maxcount,mincount; - int nread = 0; - uint32 startpos; + size_t maxcount,mincount; + size_t nread = 0; + SMB_OFF_T startpos; char *header = outbuf; - SMB_OFF_T ret=0; + ssize_t ret=0; int fd; char *fname; files_struct *fsp; @@ -1791,8 +1791,23 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s fsp = file_fsp(inbuf,smb_vwv0); startpos = IVAL(inbuf,smb_vwv1); - maxcount = SVAL(inbuf,smb_vwv3); - mincount = SVAL(inbuf,smb_vwv4); +#ifdef LARGE_SMB_OFF_T + if(SVAL(inbuf,smb_wct) == 10) { + /* + * This is a large offset (64 bit) read. + */ + startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv8)) << 32); + if(startpos < 0) { + DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", + (double)startpos )); + _smb_setlen(header,0); + transfer_file(0,Client,(SMB_OFF_T)0,header,4,0); + return(-1); + } + } +#endif /* LARGE_SMB_OFF_T */ + maxcount = (SVAL(inbuf,smb_vwv3) & 0xFFFF); + mincount = (SVAL(inbuf,smb_vwv4) & 0xFFFF); /* ensure we don't overrun the packet size */ maxcount = MIN(65535,maxcount); @@ -1812,9 +1827,10 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if (!is_locked(fsp,conn,maxcount,startpos, F_RDLCK)) { SMB_OFF_T size = fsp->size; - int sizeneeded = startpos + maxcount; + SMB_OFF_T sizeneeded = startpos + maxcount; - if (size < sizeneeded) { + if (size < sizeneeded) + { SMB_STRUCT_STAT st; if (sys_fstat(fsp->fd_ptr->fd,&st) == 0) size = st.st_size; @@ -1822,14 +1838,14 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s fsp->size = size; } - nread = MIN(maxcount,(int)(size - startpos)); + nread = MIN(maxcount,(size - startpos)); } if (nread < mincount) nread = 0; - DEBUG( 3, ( "readbraw fnum=%d start=%d max=%d min=%d nread=%d\n", - fsp->fnum, startpos, + DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%d min=%d nread=%d\n", + fsp->fnum, (double)startpos, maxcount, mincount, nread ) ); #if UNSAFE_READRAW @@ -1840,12 +1856,12 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s #if USE_READ_PREDICTION if (!fsp->can_write) predict = read_predict(fd,startpos,header+4,NULL,nread); -#endif +#endif /* USE_READ_PREDICTION */ if ((nread-predict) > 0) seek_file(fsp,startpos + predict); - ret = transfer_file(fd,Client,(SMB_OFF_T)(nread-predict),header,4+predict, + ret = (ssize_t)transfer_file(fd,Client,(SMB_OFF_T)(nread-predict),header,4+predict, startpos+predict); } @@ -1853,13 +1869,13 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s DEBUG(0,("ERROR: file read failure on %s at %d for %d bytes (%d)\n", fname,startpos,nread,ret)); -#else +#else /* UNSAFE_READRAW */ ret = read_file(fsp,header+4,startpos,nread); if (ret < mincount) ret = 0; _smb_setlen(header,ret); transfer_file(0,Client,0,header,4+ret,0); -#endif +#endif /* UNSAFE_READRAW */ DEBUG(5,("readbraw finished\n")); return -1; @@ -1871,10 +1887,11 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s ****************************************************************************/ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz) { - int nread = -1; + ssize_t nread = -1; char *data; int outsize = 0; - uint32 startpos, numtoread; + SMB_OFF_T startpos; + size_t numtoread; int eclass; uint32 ecode; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -1925,10 +1942,10 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length ****************************************************************************/ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int numtoread; - int nread = 0; + size_t numtoread; + ssize_t nread = 0; char *data; - uint32 startpos; + SMB_OFF_T startpos; int outsize = 0; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -1971,10 +1988,10 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { files_struct *fsp = file_fsp(inbuf,smb_vwv2); - uint32 smb_offs = IVAL(inbuf,smb_vwv3); - int smb_maxcnt = SVAL(inbuf,smb_vwv5); - int smb_mincnt = SVAL(inbuf,smb_vwv6); - int nread = -1; + SMB_OFF_T startpos = IVAL(inbuf,smb_vwv3); + size_t smb_maxcnt = SVAL(inbuf,smb_vwv5); + size_t smb_mincnt = SVAL(inbuf,smb_vwv6); + ssize_t nread = -1; char *data; BOOL ok = False; @@ -1989,9 +2006,18 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message(outbuf,12,0,True); data = smb_buf(outbuf); - if (is_locked(fsp,conn,smb_maxcnt,smb_offs, F_RDLCK)) +#ifdef LARGE_SMB_INO_T + if(SVAL(inbuf,smb_wct) == 12) { + /* + * This is a large offset (64 bit) read. + */ + startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv10)) << 32); + } +#endif /* LARGE_SMB_INO_T */ + + if (is_locked(fsp,conn,smb_maxcnt,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); - nread = read_file(fsp,data,smb_offs,smb_maxcnt); + nread = read_file(fsp,data,startpos,smb_maxcnt); ok = True; if (nread < 0) @@ -2007,21 +2033,20 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return chain_reply(inbuf,outbuf,length,bufsize); } - /**************************************************************************** reply to a writebraw (core+ or LANMAN1.0 protocol) ****************************************************************************/ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int nwritten=0; - int total_written=0; - int numtowrite=0; - int outsize = 0; - long startpos; + ssize_t nwritten=0; + ssize_t total_written=0; + size_t numtowrite=0; + size_t tcount; + SMB_OFF_T startpos; char *data=NULL; BOOL write_through; - int tcount; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + int outsize = 0; CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -2049,13 +2074,13 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s return(ERROR(ERRDOS,ERRlock)); if (seek_file(fsp,startpos) != startpos) - DEBUG(0,("couldn't seek to %ld in writebraw\n",startpos)); + DEBUG(0,("couldn't seek to %.0f in writebraw\n",(double)startpos)); if (numtowrite>0) nwritten = write_file(fsp,data,numtowrite); - DEBUG(3,("writebraw1 fnum=%d start=%ld num=%d wrote=%d sync=%d\n", - fsp->fnum, startpos, numtowrite, nwritten, write_through)); + DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n", + fsp->fnum, (double)startpos, numtowrite, nwritten, write_through)); if (nwritten < numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -2092,7 +2117,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s CVAL(outbuf,smb_com) = SMBwritec; SSVAL(outbuf,smb_vwv0,total_written); - if (nwritten < numtowrite) { + if (nwritten < (ssize_t)numtowrite) { CVAL(outbuf,smb_rcls) = ERRHRD; SSVAL(outbuf,smb_err,ERRdiskfull); } @@ -2100,8 +2125,8 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s if (lp_syncalways(SNUM(conn)) || write_through) sync_file(conn,fsp); - DEBUG(3,("writebraw2 fnum=%d start=%ld num=%d wrote=%d\n", - fsp->fnum, startpos, numtowrite, total_written)); + DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n", + fsp->fnum, (double)startpos, numtowrite, total_written)); /* we won't return a status if write through is not selected - this follows what WfWg does */ @@ -2111,19 +2136,19 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s return(outsize); } - /**************************************************************************** reply to a writeunlock (core+) ****************************************************************************/ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int nwritten = -1; - int outsize = 0; + ssize_t nwritten = -1; + size_t numtowrite; + SMB_OFF_T startpos; char *data; - uint32 numtowrite,startpos; int eclass; uint32 ecode; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + int outsize = 0; CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -2165,18 +2190,17 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum return(outsize); } - /**************************************************************************** reply to a write ****************************************************************************/ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,int dum_buffsize) { - int numtowrite; - int nwritten = -1; - int outsize = 0; - int startpos; + size_t numtowrite; + ssize_t nwritten = -1; + SMB_OFF_T startpos; char *data; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + int outsize = 0; CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -2209,7 +2233,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i SSVAL(outbuf,smb_vwv0,nwritten); - if (nwritten < numtowrite) { + if (nwritten < (ssize_t)numtowrite) { CVAL(outbuf,smb_rcls) = ERRHRD; SSVAL(outbuf,smb_err,ERRdiskfull); } @@ -2227,11 +2251,11 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { files_struct *fsp = file_fsp(inbuf,smb_vwv2); - uint32 smb_offs = IVAL(inbuf,smb_vwv3); - int smb_dsize = SVAL(inbuf,smb_vwv10); - int smb_doff = SVAL(inbuf,smb_vwv11); + SMB_OFF_T startpos = IVAL(inbuf,smb_vwv3); + size_t numtowrite = SVAL(inbuf,smb_vwv10); BOOL write_through = BITSETW(inbuf+smb_vwv7,0); - int nwritten = -1; + ssize_t nwritten = -1; + int smb_doff = SVAL(inbuf,smb_vwv11); char *data; CHECK_FSP(fsp,conn); @@ -2240,34 +2264,43 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng data = smb_base(inbuf) + smb_doff; - if (is_locked(fsp,conn,smb_dsize,smb_offs, F_WRLCK)) +#ifdef LLARGE_SMB_INO_T + if(SVAL(inbuf,smb_wct) == 14) { + /* + * This is a large offset (64 bit) write. + */ + startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv12)) << 32); + } +#endif /* LARGE_SMB_INO_T */ + + if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - seek_file(fsp,smb_offs); + seek_file(fsp,startpos); /* X/Open SMB protocol says that, unlike SMBwrite if the length is zero then NO truncation is done, just a write of zero. To truncate a file, use SMBwrite. */ - if(smb_dsize == 0) + if(numtowrite == 0) nwritten = 0; else - nwritten = write_file(fsp,data,smb_dsize); + nwritten = write_file(fsp,data,numtowrite); - if(((nwritten == 0) && (smb_dsize != 0))||(nwritten < 0)) + if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); set_message(outbuf,6,0,True); SSVAL(outbuf,smb_vwv2,nwritten); - if (nwritten < smb_dsize) { + if (nwritten < (ssize_t)numtowrite) { CVAL(outbuf,smb_rcls) = ERRHRD; SSVAL(outbuf,smb_err,ERRdiskfull); } DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n", - fsp->fnum, smb_dsize, nwritten)); + fsp->fnum, numtowrite, nwritten)); if (lp_syncalways(SNUM(conn)) || write_through) sync_file(conn,fsp); @@ -2281,7 +2314,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng ****************************************************************************/ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - uint32 startpos; + SMB_OFF_T startpos; SMB_OFF_T res= -1; int mode,umode; int outsize = 0; @@ -2302,19 +2335,18 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, umode = SEEK_SET; break; } - res = sys_lseek(fsp->fd_ptr->fd,(SMB_OFF_T)startpos,umode); + res = sys_lseek(fsp->fd_ptr->fd,startpos,umode); fsp->pos = res; outsize = set_message(outbuf,2,0,True); - SIVALS(outbuf,smb_vwv0,(uint32)res); + SIVALS(outbuf,smb_vwv0,res); - DEBUG(3,("lseek fnum=%d ofs=%d mode=%d\n", - fsp->fnum, startpos, mode)); + DEBUG(3,("lseek fnum=%d ofs=%.0f mode=%d\n", + fsp->fnum, (double)startpos, mode)); return(outsize); } - /**************************************************************************** reply to a flush ****************************************************************************/ @@ -2421,10 +2453,10 @@ int reply_close(connection_struct *conn, int reply_writeclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int numtowrite; - int nwritten = -1; + size_t numtowrite; + ssize_t nwritten = -1; int outsize = 0; - int startpos; + SMB_OFF_T startpos; char *data; time_t mtime; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -2470,7 +2502,7 @@ int reply_lock(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); - uint32 count,offset; + SMB_OFF_T count,offset; int eclass; uint32 ecode; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -2481,8 +2513,8 @@ int reply_lock(connection_struct *conn, count = IVAL(inbuf,smb_vwv1); offset = IVAL(inbuf,smb_vwv3); - DEBUG(3,("lock fd=%d fnum=%d ofs=%d cnt=%d\n", - fsp->fd_ptr->fd, fsp->fnum, offset, count)); + DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", + fsp->fd_ptr->fd, fsp->fnum, (double)offset, (double)count)); if (!do_lock(fsp, conn, count, offset, F_WRLCK, &eclass, &ecode)) { if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { @@ -2507,7 +2539,7 @@ int reply_lock(connection_struct *conn, int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); - uint32 count,offset; + SMB_OFF_T count,offset; int eclass; uint32 ecode; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -2521,8 +2553,8 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if(!do_unlock(fsp, conn, count, offset, &eclass, &ecode)) return (ERROR(eclass,ecode)); - DEBUG( 3, ( "unlock fd=%d fnum=%d ofs=%d cnt=%d\n", - fsp->fd_ptr->fd, fsp->fnum, offset, count ) ); + DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n", + fsp->fd_ptr->fd, fsp->fnum, (double)offset, (double)count ) ); return(outsize); } @@ -3476,8 +3508,6 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(outsize); } - - /**************************************************************************** reply to a setdir ****************************************************************************/ @@ -3515,7 +3545,6 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return(outsize); } - /**************************************************************************** reply to a lockingX request ****************************************************************************/ @@ -3528,13 +3557,13 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, #endif uint16 num_ulocks = SVAL(inbuf,smb_vwv6); uint16 num_locks = SVAL(inbuf,smb_vwv7); - uint32 count, offset; + SMB_OFF_T count, offset; int32 lock_timeout = IVAL(inbuf,smb_vwv4); int i; char *data; uint32 ecode=0, dummy2; int eclass=0, dummy1; - + BOOL large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES); CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); @@ -3565,13 +3594,8 @@ no oplock granted on this file.\n", fsp->fnum)); lock_share_entry(fsp->conn, dev, inode, &token); if(remove_share_oplock(fsp, token)==False) { -#ifdef LARGE_SMB_INO_T DEBUG(0,("reply_lockingX: failed to remove share oplock for fnum %d, \ dev = %x, inode = %.0f\n", fsp->fnum, (unsigned int)dev, (double)inode)); -#else /* LARGE_SMB_INO_T */ - DEBUG(0,("reply_lockingX: failed to remove share oplock for fnum %d, \ -dev = %x, inode = %lx\n", fsp->fnum, (unsigned int)dev, (unsigned long)inode)); -#endif /* LARGE_SMB_INO_T */ unlock_share_entry(fsp->conn, dev, inode, token); } else { @@ -3596,10 +3620,22 @@ dev = %x, inode = %lx\n", fsp->fnum, (unsigned int)dev, (unsigned long)inode)); /* Data now points at the beginning of the list of smb_unlkrng structs */ for(i = 0; i < (int)num_ulocks; i++) { - count = IVAL(data,SMB_LKLEN_OFFSET(i)); - offset = IVAL(data,SMB_LKOFF_OFFSET(i)); - DEBUG(10,("reply_lockingX: unlock start=%d, len=%d for file %s\n", - (int)offset, (int)count, fsp->fsp_name )); + if(!large_file_format) { + count = IVAL(data,SMB_LKLEN_OFFSET(i)); + offset = IVAL(data,SMB_LKOFF_OFFSET(i)); + } +#ifdef LARGE_SMB_OFF_T + else { + count = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(i))) << 32) | + ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(i))); + offset = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(i))) << 32) | + ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(i))); + } +#endif + + DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for file %s\n", + (double)offset, (double)count, fsp->fsp_name )); + if(!do_unlock(fsp,conn,count,offset,&eclass, &ecode)) return ERROR(eclass,ecode); } @@ -3608,14 +3644,28 @@ dev = %x, inode = %lx\n", fsp->fnum, (unsigned int)dev, (unsigned long)inode)); lock_timeout = ((lock_timeout == -1) ? -1 : lock_timeout/1000); /* Now do any requested locks */ - data += 10*num_ulocks; + data += ((large_file_format ? 20 : 10)*num_ulocks); + /* Data now points at the beginning of the list of smb_lkrng structs */ + for(i = 0; i < (int)num_locks; i++) { - count = IVAL(data,SMB_LKLEN_OFFSET(i)); - offset = IVAL(data,SMB_LKOFF_OFFSET(i)); - DEBUG(10,("reply_lockingX: lock start=%d, len=%d for file %s\n", - (int)offset, (int)count, fsp->fsp_name )); + if(!large_file_format) { + count = IVAL(data,SMB_LKLEN_OFFSET(i)); + offset = IVAL(data,SMB_LKOFF_OFFSET(i)); + } +#ifdef LARGE_SMB_OFF_T + else { + count = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(i))) << 32) | + ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(i))); + offset = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(i))) << 32) | + ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(i))); + } +#endif + + DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for file %s\n", + (double)offset, (double)count, fsp->fsp_name )); + if(!do_lock(fsp,conn,count,offset, ((locktype & 1) ? F_RDLCK : F_WRLCK), &eclass, &ecode)) { if((ecode == ERRlock) && (lock_timeout != 0) && lp_blocking_locks(SNUM(conn))) { @@ -3635,8 +3685,19 @@ dev = %x, inode = %lx\n", fsp->fnum, (unsigned int)dev, (unsigned long)inode)); all of the previous locks (X/Open spec). */ if(i != num_locks && num_locks != 0) { for(; i >= 0; i--) { - count = IVAL(data,SMB_LKLEN_OFFSET(i)); - offset = IVAL(data,SMB_LKOFF_OFFSET(i)); + if(!large_file_format) { + count = IVAL(data,SMB_LKLEN_OFFSET(i)); + offset = IVAL(data,SMB_LKOFF_OFFSET(i)); + } +#ifdef LARGE_SMB_OFF_T + else { + count = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(i))) << 32) | + ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(i))); + offset = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(i))) << 32) | + ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(i))); + } +#endif + do_unlock(fsp,conn,count,offset,&dummy1,&dummy2); } return ERROR(eclass,ecode); @@ -3656,13 +3717,14 @@ dev = %x, inode = %lx\n", fsp->fnum, (unsigned int)dev, (unsigned long)inode)); ****************************************************************************/ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - int nread = -1; - int total_read; + ssize_t nread = -1; + ssize_t total_read; char *data; - uint32 startpos; - int outsize, mincount, maxcount; + SMB_OFF_T startpos; + int outsize; + size_t mincount, maxcount; int max_per_packet; - int tcount; + size_t tcount; int pad; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -3694,14 +3756,14 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, do { - int N = MIN(max_per_packet,tcount-total_read); + size_t N = MIN(max_per_packet,tcount-total_read); nread = read_file(fsp,data,startpos,N); if (nread <= 0) nread = 0; - if (nread < N) - tcount = total_read + nread; + if (nread < (ssize_t)N) + tcount = total_read + nread; set_message(outbuf,8,nread,False); SIVAL(outbuf,smb_vwv0,startpos); @@ -3714,22 +3776,23 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, total_read += nread; startpos += nread; } - while (total_read < tcount); + while (total_read < (ssize_t)tcount); return(-1); } - /**************************************************************************** reply to a SMBwritebmpx (write block multiplex primary) request ****************************************************************************/ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int numtowrite; - int nwritten = -1; + size_t numtowrite; + ssize_t nwritten = -1; int outsize = 0; - uint32 startpos; - int tcount, write_through, smb_doff; + SMB_OFF_T startpos; + size_t tcount; + BOOL write_through; + int smb_doff; char *data; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -3758,32 +3821,32 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s if(lp_syncalways(SNUM(conn)) || write_through) sync_file(conn,fsp); - if(nwritten < numtowrite) + if(nwritten < (ssize_t)numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); /* If the maximum to be written to this file is greater than what we just wrote then set up a secondary struct to be attached to this fd, we will use this to cache error messages etc. */ - if(tcount > nwritten) + if((ssize_t)tcount > nwritten) + { + write_bmpx_struct *wbms; + if(fsp->wbmpx_ptr != NULL) + wbms = fsp->wbmpx_ptr; /* Use an existing struct */ + else + wbms = (write_bmpx_struct *)malloc(sizeof(write_bmpx_struct)); + if(!wbms) { - write_bmpx_struct *wbms; - if(fsp->wbmpx_ptr != NULL) - wbms = fsp->wbmpx_ptr; /* Use an existing struct */ - else - wbms = (write_bmpx_struct *)malloc(sizeof(write_bmpx_struct)); - if(!wbms) - { - DEBUG(0,("Out of memory in reply_readmpx\n")); - return(ERROR(ERRSRV,ERRnoresource)); - } - wbms->wr_mode = write_through; - wbms->wr_discard = False; /* No errors yet */ - wbms->wr_total_written = nwritten; - wbms->wr_errclass = 0; - wbms->wr_error = 0; - fsp->wbmpx_ptr = wbms; + DEBUG(0,("Out of memory in reply_readmpx\n")); + return(ERROR(ERRSRV,ERRnoresource)); } + wbms->wr_mode = write_through; + wbms->wr_discard = False; /* No errors yet */ + wbms->wr_total_written = nwritten; + wbms->wr_errclass = 0; + wbms->wr_error = 0; + fsp->wbmpx_ptr = wbms; + } /* We are returning successfully, set the message type back to SMBwritebmpx */ @@ -3816,11 +3879,13 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s ****************************************************************************/ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int numtowrite; - int nwritten = -1; + size_t numtowrite; + ssize_t nwritten = -1; int outsize = 0; - int32 startpos; - int tcount, write_through, smb_doff; + SMB_OFF_T startpos; + size_t tcount; + BOOL write_through; + int smb_doff; char *data; write_bmpx_struct *wbms; BOOL send_response = False; @@ -3858,32 +3923,34 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz if(lp_syncalways(SNUM(conn)) || write_through) sync_file(conn,fsp); - if (nwritten < numtowrite) + if (nwritten < (ssize_t)numtowrite) + { + if(write_through) { - if(write_through) { - /* We are returning an error - we can delete the aux struct */ - if (wbms) free((char *)wbms); - fsp->wbmpx_ptr = NULL; - return(ERROR(ERRHRD,ERRdiskfull)); - } - return(CACHE_ERROR(wbms,ERRHRD,ERRdiskfull)); + /* We are returning an error - we can delete the aux struct */ + if (wbms) free((char *)wbms); + fsp->wbmpx_ptr = NULL; + return(ERROR(ERRHRD,ERRdiskfull)); } + return(CACHE_ERROR(wbms,ERRHRD,ERRdiskfull)); + } /* Increment the total written, if this matches tcount we can discard the auxiliary struct (hurrah !) and return a writeC */ wbms->wr_total_written += nwritten; if(wbms->wr_total_written >= tcount) + { + if (write_through) { - if (write_through) { - outsize = set_message(outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,wbms->wr_total_written); - send_response = True; - } - - free((char *)wbms); - fsp->wbmpx_ptr = NULL; + outsize = set_message(outbuf,1,0,True); + SSVAL(outbuf,smb_vwv0,wbms->wr_total_written); + send_response = True; } + free((char *)wbms); + fsp->wbmpx_ptr = NULL; + } + if(send_response) return(outsize); -- cgit From 27d0bef143fbc4d7547c022046c094bbdbd0bfc1 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 11 Sep 1998 19:14:27 +0000 Subject: Ok - this is the 'expose 64 bit to the clients' checkin. I have tested it by creating a 'holey' 20GB file - checking that it shows up correctl in the NT file view (it does) and am busily copying it to NULL: on the NT box. All good so far.... :-). Also implemented NT 'delete on close' semantics. Jeremy. (This used to be commit 1654faee80648583e6a47ab7eda990fefdf85124) --- source3/smbd/reply.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8ec2715d0d..e956ab6cd9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2006,14 +2006,14 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message(outbuf,12,0,True); data = smb_buf(outbuf); -#ifdef LARGE_SMB_INO_T +#ifdef LARGE_SMB_OFF_T if(SVAL(inbuf,smb_wct) == 12) { /* * This is a large offset (64 bit) read. */ startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv10)) << 32); } -#endif /* LARGE_SMB_INO_T */ +#endif /* LARGE_SMB_OFF_T */ if (is_locked(fsp,conn,smb_maxcnt,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); @@ -2264,14 +2264,14 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng data = smb_base(inbuf) + smb_doff; -#ifdef LLARGE_SMB_INO_T +#ifdef LLARGE_SMB_OFF_T if(SVAL(inbuf,smb_wct) == 14) { /* * This is a large offset (64 bit) write. */ startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv12)) << 32); } -#endif /* LARGE_SMB_INO_T */ +#endif /* LARGE_SMB_OFF_T */ if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); @@ -2408,8 +2408,8 @@ int reply_close(connection_struct *conn, * We can only use CHECK_FSP if we know it's not a directory. */ - if(!(fsp && fsp->open && fsp->is_directory)) - CHECK_FSP(fsp,conn); + if(!fsp || !fsp->open || (fsp->conn != conn)) + return(ERROR(ERRDOS,ERRbadfid)); if(HAS_CACHED_ERROR(fsp)) { eclass = fsp->wbmpx_ptr->wr_errclass; @@ -3631,7 +3631,7 @@ dev = %x, inode = %.0f\n", fsp->fnum, (unsigned int)dev, (double)inode)); offset = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(i))) << 32) | ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(i))); } -#endif +#endif /* LARGE_SMB_OFF_T */ DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for file %s\n", (double)offset, (double)count, fsp->fsp_name )); @@ -3661,8 +3661,8 @@ dev = %x, inode = %.0f\n", fsp->fnum, (unsigned int)dev, (double)inode)); offset = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(i))) << 32) | ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(i))); } -#endif - +#endif /* LARGE_SMB_OFF_T */ + DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for file %s\n", (double)offset, (double)count, fsp->fsp_name )); @@ -3696,7 +3696,7 @@ dev = %x, inode = %.0f\n", fsp->fnum, (unsigned int)dev, (double)inode)); offset = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(i))) << 32) | ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(i))); } -#endif +#endif /* LARGE_SMB_OFF_T */ do_unlock(fsp,conn,count,offset,&dummy1,&dummy2); } -- cgit From 9b20e5bac2a7b83f8e3dfdf3a274a1ce12dbd92c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 11 Sep 1998 21:42:18 +0000 Subject: Ok so with this bugfix 64 bit file access actually seems to work :-). Problems were just dumb bugs like (defining sys_lseek to return 'int' DOH !). Jeremy. (This used to be commit 54dd51176fbab18af0b21bdee71b53f8f86573a8) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e956ab6cd9..38c39efad6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1792,7 +1792,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s startpos = IVAL(inbuf,smb_vwv1); #ifdef LARGE_SMB_OFF_T - if(SVAL(inbuf,smb_wct) == 10) { + if(CVAL(inbuf,smb_wct) == 10) { /* * This is a large offset (64 bit) read. */ @@ -2007,7 +2007,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt data = smb_buf(outbuf); #ifdef LARGE_SMB_OFF_T - if(SVAL(inbuf,smb_wct) == 12) { + if(CVAL(inbuf,smb_wct) == 12) { /* * This is a large offset (64 bit) read. */ @@ -2265,7 +2265,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng data = smb_base(inbuf) + smb_doff; #ifdef LLARGE_SMB_OFF_T - if(SVAL(inbuf,smb_wct) == 14) { + if(CVAL(inbuf,smb_wct) == 14) { /* * This is a large offset (64 bit) write. */ -- cgit From ac9b687cc2496409e1c8d86393812faf94ec7550 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 17 Sep 1998 19:16:12 +0000 Subject: configure configure.in: Added tests for fseek64 and ftell64. config.h.in: Added fseek64 and ftell64. includes.h: Added definition of SMB_BIG_INTEGER. smb.h: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. access.c: Tidyup of dbug statement. system.c: Added sys_fseek and sys_ftell. Changed mode calls to use mode_t. asyncdns.c: Tidyup of comment. loadparm.c: Tidyup of set_default_server_announce_type() function definition. ldap.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. nispass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. smbpass.c: Changed (*getsmbpwpos) and (*setsmbpwpos) to use SMB_BIG_INTEGER. smbpassfile.c: Use sys_fseek(). chgpasswd.c: Tidyup of debug statement. dosmode.c: Changed mode calls to use mode_t. ipc.c: Removal of dead code. nttrans.c: Changed mode calls to use mode_t. open.c: Changed mode calls to use mode_t. pipes.c: Removal of dead code. reply.c: Removal of dead code. trans2.c: Removal of dead code. Changed mode calls to use mode_t. Jeremy. (This used to be commit c381d32e3dc23fe887408016cae821aceb30da2c) --- source3/smbd/reply.c | 30 ++++++------------------------ 1 file changed, 6 insertions(+), 24 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 38c39efad6..d7f29b60c6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -453,9 +453,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int int gid; int uid; int smb_bufsize; - int smb_mpxmax; - int smb_vc_num; - uint32 smb_sesskey; int smb_apasslen = 0; pstring smb_apasswd; int smb_ntpasslen = 0; @@ -472,9 +469,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int *smb_ntpasswd = 0; smb_bufsize = SVAL(inbuf,smb_vwv2); - smb_mpxmax = SVAL(inbuf,smb_vwv3); - smb_vc_num = SVAL(inbuf,smb_vwv4); - smb_sesskey = IVAL(inbuf,smb_vwv5); if (Protocol < PROTOCOL_NT1) { smb_apasslen = SVAL(inbuf,smb_vwv7); @@ -1247,7 +1241,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int share_mode; SMB_OFF_T size = 0; time_t mtime=0; - int unixmode; + mode_t unixmode; int rmode=0; SMB_STRUCT_STAT sbuf; BOOL bad_path = False; @@ -1344,7 +1338,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt uint32 smb_time = make_unix_date3(inbuf+smb_vwv6); #endif int smb_ofun = SVAL(inbuf,smb_vwv8); - int unixmode; + mode_t unixmode; SMB_OFF_T size=0; int fmode=0,mtime=0,rmode=0; SMB_STRUCT_STAT sbuf; @@ -1770,8 +1764,6 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s SMB_OFF_T startpos; char *header = outbuf; ssize_t ret=0; - int fd; - char *fname; files_struct *fsp; /* @@ -1818,12 +1810,8 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s _smb_setlen(header,0); transfer_file(0,Client,(SMB_OFF_T)0,header,4,0); return(-1); - } else { - fd = fsp->fd_ptr->fd; - fname = fsp->fsp_name; } - if (!is_locked(fsp,conn,maxcount,startpos, F_RDLCK)) { SMB_OFF_T size = fsp->size; @@ -1855,19 +1843,19 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s #if USE_READ_PREDICTION if (!fsp->can_write) - predict = read_predict(fd,startpos,header+4,NULL,nread); + predict = read_predict(fsp->fd_ptr->fd,startpos,header+4,NULL,nread); #endif /* USE_READ_PREDICTION */ if ((nread-predict) > 0) seek_file(fsp,startpos + predict); - ret = (ssize_t)transfer_file(fd,Client,(SMB_OFF_T)(nread-predict),header,4+predict, + ret = (ssize_t)transfer_file(fsp->fd_ptr->fd,Client,(SMB_OFF_T)(nread-predict),header,4+predict, startpos+predict); } if (ret != nread+4) DEBUG(0,("ERROR: file read failure on %s at %d for %d bytes (%d)\n", - fname,startpos,nread,ret)); + fsp->fsp_name,startpos,nread,ret)); #else /* UNSAFE_READRAW */ ret = read_file(fsp,header+4,startpos,nread); @@ -1993,7 +1981,6 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt size_t smb_mincnt = SVAL(inbuf,smb_vwv6); ssize_t nread = -1; char *data; - BOOL ok = False; /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) @@ -2018,7 +2005,6 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (is_locked(fsp,conn,smb_maxcnt,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); nread = read_file(fsp,data,startpos,smb_maxcnt); - ok = True; if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2718,9 +2704,6 @@ int reply_printqueue(connection_struct *conn, int outsize = set_message(outbuf,2,3,True); int max_count = SVAL(inbuf,smb_vwv0); int start_index = SVAL(inbuf,smb_vwv1); - uint16 vuid; - - vuid = SVAL(inbuf,smb_uid); /* we used to allow the client to get the cnum wrong, but that is really quite gross and only worked when there was only @@ -3722,7 +3705,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, char *data; SMB_OFF_T startpos; int outsize; - size_t mincount, maxcount; + size_t maxcount; int max_per_packet; size_t tcount; int pad; @@ -3740,7 +3723,6 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, startpos = IVAL(inbuf,smb_vwv1); maxcount = SVAL(inbuf,smb_vwv3); - mincount = SVAL(inbuf,smb_vwv4); data = smb_buf(outbuf); pad = ((long)data)%4; -- cgit From b8b67f4fab4a6fd686c5796c2701882197a7bd9d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 17 Sep 1998 23:06:57 +0000 Subject: configure configure.in: Added checks for statvfs64. Last bit of 64 bit widening (I hope :-). include/config.h.in: Added #undef STAT_STATVFS64. include/includes.h: Added SMB_STRUCT_STATVFS type, Changed SMB_BIG_INTEGER to SMB_BIG_UINT and SMB_BIG_INT types. include/smb.h: Added flag defines from CIFS spec. lib/debug.c: Fixed one more mode_t issue. lib/system.c: Added sys_statvfs wrapper. lib/util.c: Changed trim_string to use size_t. param/loadparm.c: Moved "blocking locks" into locking section. Alphabetised locking options. Question - shuld we do this for all options ? passdb/ldap.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. passdb/nispass.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. passdb/smbpass.c: Changed SMB_BIG_INTEGER to SMB_BIG_UINT. smbd/dfree.c: Changed to use 64 bit types if available. Moved to use unsigned types. smbd/dosmode.c: Fixed one more mode_t issue. smbd/negprot.c: Changed literals to be FLAG_ #defines. smbd/nttrans.c: Removed dead code. smbd/open.c: Changed disk_free call. smbd/process.c: Changed literals to be FLAG_ #defines. smbd/reply.c: Changed disk_free call. smbd/trans2.c: Fixed but in SMB_QUERY_FS_VOLUME_INFO call. Was using UNICODE - should use ascii. tests/summary.c: Added STAT_STATVFS64 check. Jeremy. (This used to be commit c512b1b91fb7f2a7a93b9033a33e06d966daadb4) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d7f29b60c6..93beb12af3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -921,7 +921,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; - int dfree,dsize,bsize; + SMB_BIG_UINT dfree,dsize,bsize; sys_disk_free(".",&bsize,&dfree,&dsize); -- cgit From 6dfbe2fa1a1d6eb5de05c8f5516c891abe7bdb74 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 18 Sep 1998 00:30:28 +0000 Subject: include/includes.h: lib/system.c: Can't assume every system has a statvfs varient. Return -1 for those that don't. smbd/reply.c: Fixed printf warning. Jeremy. (This used to be commit 14c134e8316687aa5a4ee089c2acfa6428faceae) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 93beb12af3..c4aadb9dad 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -932,7 +932,7 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz SSVAL(outbuf,smb_vwv2,512); SSVAL(outbuf,smb_vwv3,dfree); - DEBUG(3,("dskattr dfree=%d\n", dfree)); + DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree)); return(outsize); } -- cgit From bc3766c5bc55ac7744aaf8cd6871c11b8bf2cfb3 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 18 Sep 1998 02:28:21 +0000 Subject: fixed a typo (LLARGE_SMB_OFF_T instead of LARGE_SMB_OFF_T) (This used to be commit 3e77d94cd2d693490265b60ad7c576a25902d8ea) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c4aadb9dad..1aa4cb988e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2250,7 +2250,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng data = smb_base(inbuf) + smb_doff; -#ifdef LLARGE_SMB_OFF_T +#ifdef LARGE_SMB_OFF_T if(CVAL(inbuf,smb_wct) == 14) { /* * This is a large offset (64 bit) write. -- cgit From 31ebc956e5f17fef8411b5fef1a6529df072df2a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 18 Sep 1998 18:09:17 +0000 Subject: Fixed problems with premature kernel oplock checkin code. The ./configure & build now seem to work ok. Jeremy. (This used to be commit 7c1a5ed1c2a55543d3f3c8bbd38e6c9c35b80390) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1aa4cb988e..ad1894358a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1373,7 +1373,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt unixmode = unix_mode(conn,smb_attr | aARCH); open_file_shared(fsp,conn,fname,smb_mode,smb_ofun,unixmode, - oplock_request, &rmode,&smb_action); + oplock_request, &rmode,&smb_action); if (!fsp->open) { -- cgit From 5e634ef68c2abfda88153a402b189eb71e5aea0e Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 20 Sep 1998 15:48:10 +0000 Subject: 3 changes: 1) use lp_fstype() instead of FSTYPE_STRING 2) added SMB_SEARCH_BITS to the TconX reply options (in vwv3). I noted that NT sets this (undocumented) bit and setting it helped get autorun from exported cdroms working. 3) fixed volume labels in QFSINFO level 258. I made these changes while getting the Encyclopadia Brittanica CD to run from a Samba drive. (I bought it for Sue yesterday). The first and second changes allowed Samba to export CDs with autorun info and the client will autorun it when mounted. There are all sorts of nasty implications in that that perhaps we can go into on samba-technical. Think about creating some autorun info in /tmp/ then waiting for people to mount it as scratch space ... The last change was because EB wanted the right volume label. The code we had used a non unicode volume label but tests with W95->NT4 showed that it has to be unicode. There was a note in the code from Jeremy saying that he thought it should _not_ be unicode. Jeremy, can you explain why? It certainly didn't work as non-unicode (the client displays a garbage volume label) and when I fixed it to use unicode it all worked from Win95. and in case anyone is interested EB98 now works fine from a Samba drive :) (This used to be commit 66268ae5881f43fbdc1ccd751122ab2285c375ad) --- source3/smbd/reply.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ad1894358a..254fb32a51 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -319,7 +319,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message(outbuf,2,strlen(devicename)+1,True); pstrcpy(smb_buf(outbuf),devicename); } else { - char *fsname = FSTYPE_STRING; + char *fsname = lp_fstype(SNUM(conn)); set_message(outbuf,3,3,True); @@ -329,7 +329,9 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); - SSVAL(outbuf, smb_vwv2, 0x0); /* optional support */ + /* what does setting this bit do? It is set by NT4 and + may affect the ability to autorun mounted cdroms */ + SSVAL(outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS); } DEBUG(3,("tconX service=%s user=%s\n", -- cgit From 3b7cee95ac741ee24b8edd36095cc30e3377a23c Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 23 Sep 1998 01:25:33 +0000 Subject: look at the CAP_NT_SMBS bit in the client capabilities to determine if we should serve up volume labels as ascii or unicode. NT wants ascii, W95 wants unicode. It's a crazy protocol! (This used to be commit 24b8a757ae2899d54dd2b2f091a3c0de6de84dbb) --- source3/smbd/reply.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 254fb32a51..21fa2e9a79 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -41,6 +41,8 @@ extern pstring sesssetup_user; extern fstring global_myworkgroup; extern int Client; extern int global_oplock_break; +uint32 global_client_caps = 0; + /**************************************************************************** report a possible attack via the password buffer overflow bug @@ -489,11 +491,11 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } else { uint16 passlen1 = SVAL(inbuf,smb_vwv7); uint16 passlen2 = SVAL(inbuf,smb_vwv8); - uint32 client_caps = IVAL(inbuf,smb_vwv11); enum remote_arch_types ra_type = get_remote_arch(); - char *p = smb_buf(inbuf); + global_client_caps = IVAL(inbuf,smb_vwv11); + /* client_caps is used as final determination if client is NT or Win95. This is needed to return the correct error codes in some circumstances. @@ -501,7 +503,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if(ra_type == RA_WINNT || ra_type == RA_WIN95) { - if(client_caps & (CAP_NT_SMBS | CAP_STATUS32)) + if(global_client_caps & (CAP_NT_SMBS | CAP_STATUS32)) set_remote_arch( RA_WINNT); else set_remote_arch( RA_WIN95); -- cgit From 5f7ee360567a6b4e1a6f43ff01da057d2998fef8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 25 Sep 1998 23:40:49 +0000 Subject: Makefile.in: Fixed bug with continuation line causing proto to fail. Added $(PROGS) $(SPROGS) as targets for make clean. acconfig.h: Added HAVE_IRIX_SPECIFIC_CAPABILITIES. configure.in: Added sys/capability.h header check. Added function checks for srandom random srand rand. Added HAVE_IRIX_SPECIFIC_CAPABILITIES test. includes.h: Added #include . ntdomain.h: Moved struct acct_info into here from smb.h smb.h: Added KERNEL_OPLOCK_CAPABILITY define. Moved enum action_type into rpcclient.h Moved struct cli_state into client.h Moved struct nt_client_info, struct tar_client_info, struct client_info into rpcclient.h lib/genrand.c: Changed to use sys_random() & friends. lib/smbrun.c: Lose capabilities after fork. lib/system.c: Added set_process_capability(), set_inherited_process_capability() sys_random(), sys_srandom(). lib/util.c: Added Ander's EFBIG lock check to fcntl_lock for 64 bit access to an 32 bit mounted NFS filesystem. nmbd/nmbd.c: Changed to use sys_random() & friends. nmbd/nmbd_browsesync.c: Changed to use sys_random() & friends. passdb/ldap.c: Missed one pdb_encode_acct_ctrl call. passdb/passdb.c: Changed to Ander's code for ' ' characters. passdb/smbpass.c: Added Ander's code to reset ACB_PWNOTREQ. script/mkproto.awk: Added 'long' to prototypes. smbd/chgpasswd.c: Lose capabilities after fork. smbd/open.c: Do the mmap *after* the kernel oplock. smbd/oplock.c: Removed stub code from kernel oplock path. Added set_process_capability(), set_inherited_process_capability() calls. smbd/reply.c: Initialize count = 0, offset = 0. smbd/server.c: Added set_process_capability(), set_inherited_process_capability() calls. tests/summary.c: Ensure we have RANDOM or RAND. utils/smbpasswd.c: Added Ander's code to reset ACB_PWNOTREQ. utils/torture.c: Changed to use sys_random() & friends. Jeremy. (This used to be commit e8be306f23963ac00b1a383ebe0cc1421529fb02) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 21fa2e9a79..63bbcbcdba 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3544,7 +3544,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, #endif uint16 num_ulocks = SVAL(inbuf,smb_vwv6); uint16 num_locks = SVAL(inbuf,smb_vwv7); - SMB_OFF_T count, offset; + SMB_OFF_T count = 0, offset = 0; int32 lock_timeout = IVAL(inbuf,smb_vwv4); int i; char *data; -- cgit From a377543cc0af26ddcaf58aa4bc368afd70bca5ec Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 26 Sep 1998 03:49:25 +0000 Subject: Fixed the problem with reply_getatr() being passed a "" name in reply_getatr, replaced the paranoid code in smbd/filename.c that replaces a "" with a ".". I am starting to think this code may well be needed. Jeremy. (This used to be commit bdc3d9f52fbded4b1483af8be0059decfd4bad34) --- source3/smbd/reply.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 63bbcbcdba..12a39589d6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -812,19 +812,20 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL bad_path = False; pstrcpy(fname,smb_buf(inbuf) + 1); - unix_convert(fname,conn,0,&bad_path,&sbuf); /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ if (! (*fname)) - { - mode = aHIDDEN | aDIR; - if (!CAN_WRITE(conn)) mode |= aRONLY; - size = 0; - mtime = 0; - ok = True; - } + { + mode = aHIDDEN | aDIR; + if (!CAN_WRITE(conn)) mode |= aRONLY; + size = 0; + mtime = 0; + ok = True; + } else + { + unix_convert(fname,conn,0,&bad_path,&sbuf); if (check_name(fname,conn)) { if (VALID_STAT(sbuf) || dos_stat(fname,&sbuf) == 0) @@ -839,6 +840,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size else DEBUG(3,("stat of %s failed (%s)\n",fname,strerror(errno))); } + } if (!ok) { -- cgit From 404f14fb36577ee182fd8a928e6cb7b374e4ecb9 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 6 Oct 1998 13:10:06 +0000 Subject: implemented unix semantics for rename in smbwrapper (This used to be commit a5c18f9c82f5f76b00ff29c5668b4f0d3e8d6bd0) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 12a39589d6..6dfff54a0f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3210,7 +3210,7 @@ int rename_internals(connection_struct *conn, if (!count) exists = file_exist(directory,NULL); if (!count && exists && file_exist(newname,NULL)) { exists = True; - error = 183; + error = ERRrename; } } else { /* -- cgit From 2fef8f2e87f61043e3f1a2cf7d1f2a4ff9f119ff Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Wed, 7 Oct 1998 15:22:49 +0000 Subject: dce/rpc (This used to be commit 34afa638f6f7bb145ec094510ac58f7a22dfc3aa) --- source3/smbd/reply.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6dfff54a0f..7cbd0520d9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2250,6 +2250,10 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng int smb_doff = SVAL(inbuf,smb_vwv11); char *data; + /* If it's an IPC, pass off the pipe handler. */ + if (IS_IPC(conn)) + return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize); + CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); CHECK_ERROR(fsp); -- cgit From 97f0c9d55014db221fdceaaf07318ae9df9688a1 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Fri, 16 Oct 1998 21:36:19 +0000 Subject: made pass_check_smb() available for dce/rpc use. (This used to be commit 95e8a910c5d9ba0ef57669fb1256eaa932e0bb09) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7cbd0520d9..5afc4593e6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -651,12 +651,12 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int 128 length unicode */ if(smb_ntpasslen) { - if(!password_ok(user,smb_ntpasswd,smb_ntpasslen,NULL)) + if(!password_ok(user, smb_ntpasswd,smb_ntpasslen,NULL)) DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); else valid_nt_password = True; } - if (!valid_nt_password && !password_ok(user,smb_apasswd,smb_apasslen,NULL)) + if (!valid_nt_password && !password_ok(user, smb_apasswd,smb_apasslen,NULL)) { if (lp_security() >= SEC_USER) { #if (GUEST_SESSSETUP == 0) -- cgit From b4ef754715a8dcb67341f30e0c7f06d18c3ebf00 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 18 Oct 1998 19:30:26 +0000 Subject: check for lp_nt_pipe_support() in open calls (This used to be commit 44d901b3e040a520c4ad9089e68c566c78acacca) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5afc4593e6..d801ce4a63 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1353,7 +1353,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt files_struct *fsp; /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(conn)) + if (IS_IPC(conn) && lp_nt_pipe_support()) return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize); /* XXXX we need to handle passed times, sattr and flags */ -- cgit From b8aec499dc49b1d86d9f44296e07d40232813642 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sun, 18 Oct 1998 22:06:35 +0000 Subject: Fixed sys_lseek and seek_file calls so all returns are *checked* :-). Jeremy. (This used to be commit b8b781191dd7d28944d87eec5fa0fbef798e289b) --- source3/smbd/reply.c | 67 ++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 52 insertions(+), 15 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d801ce4a63..bcb408c2a6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1844,6 +1844,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s #if UNSAFE_READRAW { + BOOL seek_fail = False; int predict=0; _smb_setlen(header,nread); @@ -1852,11 +1853,18 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s predict = read_predict(fsp->fd_ptr->fd,startpos,header+4,NULL,nread); #endif /* USE_READ_PREDICTION */ - if ((nread-predict) > 0) - seek_file(fsp,startpos + predict); - - ret = (ssize_t)transfer_file(fsp->fd_ptr->fd,Client,(SMB_OFF_T)(nread-predict),header,4+predict, - startpos+predict); + if ((nread-predict) > 0) { + if(seek_file(fsp,startpos + predict) == -1) { + DEBUG(0,("reply_readbraw: ERROR: seek_file failed.\n")); + ret = 0; + seek_fail = True; + } + } + + if(!seek_fail) + ret = (ssize_t)transfer_file(fsp->fd_ptr->fd,Client, + (SMB_OFF_T)(nread-predict),header,4+predict, + startpos+predict); } if (ret != nread+4) @@ -2065,8 +2073,10 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s if (is_locked(fsp,conn,tcount,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - if (seek_file(fsp,startpos) != startpos) + if (seek_file(fsp,startpos) == -1) { DEBUG(0,("couldn't seek to %.0f in writebraw\n",(double)startpos)); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } if (numtowrite>0) nwritten = write_file(fsp,data,numtowrite); @@ -2153,7 +2163,8 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - seek_file(fsp,startpos); + if(seek_file(fsp,startpos) == -1) + return(UNIXERROR(ERRDOS,ERRnoaccess)); /* The special X/Open SMB protocol handling of zero length writes is *NOT* done for @@ -2205,7 +2216,8 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - seek_file(fsp,startpos); + if(seek_file(fsp,startpos) == -1) + return(UNIXERROR(ERRDOS,ERRnoaccess)); /* X/Open SMB protocol says that if smb_vwv1 is zero then the file size should be extended or @@ -2272,7 +2284,8 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - seek_file(fsp,startpos); + if(seek_file(fsp,startpos) == -1) + return(UNIXERROR(ERRDOS,ERRnoaccess)); /* X/Open SMB protocol says that, unlike SMBwrite if the length is zero then NO truncation is @@ -2331,7 +2344,9 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, umode = SEEK_SET; break; } - res = sys_lseek(fsp->fd_ptr->fd,startpos,umode); + if((res = sys_lseek(fsp->fd_ptr->fd,startpos,umode)) == -1) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + fsp->pos = res; outsize = set_message(outbuf,2,0,True); @@ -2469,7 +2484,8 @@ int reply_writeclose(connection_struct *conn, if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - seek_file(fsp,startpos); + if(seek_file(fsp,startpos) == -1) + return(UNIXERROR(ERRDOS,ERRnoaccess)); nwritten = write_file(fsp,data,numtowrite); @@ -3312,7 +3328,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, { int Access,action; SMB_STRUCT_STAT st; - int ret=0; + int ret=-1; files_struct *fsp1,*fsp2; pstring dest; @@ -3357,7 +3373,15 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if ((ofun&3) == 1) { - sys_lseek(fsp2->fd_ptr->fd,0,SEEK_END); + if(sys_lseek(fsp2->fd_ptr->fd,0,SEEK_END) == -1) { + DEBUG(0,("copy_file: error - sys_lseek returned error %s\n", + strerror(errno) )); + /* + * Stop the copy from occurring. + */ + ret = -1; + st.st_size = 0; + } } if (st.st_size) @@ -3807,7 +3831,9 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s if (is_locked(fsp,conn,tcount,startpos,F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - seek_file(fsp,startpos); + if(seek_file(fsp,startpos) == -1) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + nwritten = write_file(fsp,data,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) @@ -3909,7 +3935,18 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz if(wbms->wr_discard) return -1; /* Just discard the packet */ - seek_file(fsp,startpos); + if(seek_file(fsp,startpos) == -1) + { + if(write_through) + { + /* We are returning an error - we can delete the aux struct */ + if (wbms) free((char *)wbms); + fsp->wbmpx_ptr = NULL; + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + return(CACHE_ERROR(wbms,ERRDOS,ERRnoaccess)); + } + nwritten = write_file(fsp,data,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) -- cgit From 01de6030843f5f402dee8bf72f564a91ae8437ca Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Mon, 19 Oct 1998 17:32:10 +0000 Subject: - dce/rpc code - removed debug info in struni2 and unistr2 (security risk) - rpc_pipe function was getting pointer to data then calling realloc *dur* - password check function, the start of "credential checking", user, wks, domain, pass as the credentials (not just user,pass which is incorrect in a domain context) - cli_write needs to return ssize_t not size_t, because total can be -1 if the write fails. - fixed signed / unsigned warnings (how come i don't get those any more when i compile with gcc???) - nt password change added in smbd. yes, jeremy, i verified that the SMBtrans2 version still works. (This used to be commit fcfb40d2b0fc565ee4f66b3a3761c246366a2ef3) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bcb408c2a6..8b96ff17fd 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -413,7 +413,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(smb_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) + if (!smb_password_ok(smb_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); -- cgit From 5d6ed11ef3c860c95ae7b3a855b0ddb123bd9737 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 23 Oct 1998 00:58:28 +0000 Subject: include/smb.h: Added #defines for lots of things - makes our code a *lot* easier to read. lib/util.c: Fixed Luke's set_first_token() function - should return void. smbd/close.c: Move delete_on_close into file_fd_struct structure. smbd/ipc.c: Changed local_machine back to fstring. smbd/nttrans.c: Use defines for mapping share modes. smbd/open.c: Move delete_on_close into file_fd_struct structure, added code for ALLOW_SHARE_DELETE. smbd/reply.c: Use defines for mapping share modes. smbd/trans2.c: Move delete_on_close into file_fd_struct structure. Jeremy. (This used to be commit 8e1ce307bd6a9056b4a95fe6f52ff42dc6e03a08) --- source3/smbd/reply.c | 38 ++++++++++++++++++++++---------------- 1 file changed, 22 insertions(+), 16 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8b96ff17fd..bc19f1a931 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1239,6 +1239,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size /**************************************************************************** reply to an open ****************************************************************************/ + int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; @@ -1276,8 +1277,8 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unixmode = unix_mode(conn,aARCH); - open_file_shared(fsp,conn,fname,share_mode,3,unixmode, - oplock_request,&rmode,NULL); + open_file_shared(fsp,conn,fname,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), + unixmode, oplock_request,&rmode,NULL); if (!fsp->open) { @@ -1529,8 +1530,8 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } /* Open file in dos compatibility share mode. */ - open_file_shared(fsp,conn,fname,(DENY_FCB<<4)|0xF, ofun, unixmode, - oplock_request, NULL, NULL); + open_file_shared(fsp,conn,fname,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + ofun, unixmode, oplock_request, NULL, NULL); if (!fsp->open) { @@ -1601,8 +1602,8 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, /* Open file in dos compatibility share mode. */ /* We should fail if file exists. */ - open_file_shared(fsp,conn,fname2,(DENY_FCB<<4)|0xF, 0x10, unixmode, - oplock_request, NULL, NULL); + open_file_shared(fsp,conn,fname2,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + (FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_FAIL), unixmode, oplock_request, NULL, NULL); if (!fsp->open) { @@ -1702,8 +1703,10 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - if (can_delete(directory,conn,dirtype) && !dos_unlink(directory)) count++; - if (!count) exists = file_exist(directory,NULL); + if (can_delete(directory,conn,dirtype) && !dos_unlink(directory)) + count++; + if (!count) + exists = file_exist(directory,NULL); } else { void *dirptr = NULL; char *dname; @@ -2675,9 +2678,8 @@ int reply_printopen(connection_struct *conn, } /* Open for exclusive use, write only. */ - open_file_shared(fsp,conn,fname2, - (DENY_ALL<<4)|1, 0x12, unix_mode(conn,0), - 0, NULL, NULL); + open_file_shared(fsp,conn,fname2, SET_DENY_MODE(DENY_ALL)|SET_OPEN_MODE(DOS_OPEN_WRONLY), + (FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_TRUNCATE), unix_mode(conn,0), 0, NULL, NULL); if (!fsp->open) { file_free(fsp); @@ -3323,6 +3325,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, in /******************************************************************* copy a file as part of a reply_copy ******************************************************************/ + static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, int count,BOOL target_is_directory) { @@ -3343,12 +3346,15 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, pstrcat(dest,p); } - if (!file_exist(src,&st)) return(False); + if (!file_exist(src,&st)) + return(False); fsp1 = file_new(); - if (!fsp1) return(False); - open_file_shared(fsp1,conn,src,(DENY_NONE<<4), - 1,0,0,&Access,&action); + if (!fsp1) + return(False); + + open_file_shared(fsp1,conn,src,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_RDONLY), + (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN),0,0,&Access,&action); if (!fsp1->open) { file_free(fsp1); @@ -3363,7 +3369,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, close_file(fsp1,False); return(False); } - open_file_shared(fsp2,conn,dest,(DENY_NONE<<4)|1, + open_file_shared(fsp2,conn,dest,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), ofun,st.st_mode,0,&Access,&action); if (!fsp2->open) { -- cgit From 9bb7ac81b6e4d33e1be49447dbdbbb8d24259f53 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 23 Oct 1998 03:34:50 +0000 Subject: Reasonably large change to give us *exactly* correct NT delete on close semantics. This was trickier than it looks :-). Check out the new DELETE_ON_CLOSE flag in the share modes and the new code that iterates through all open files on the same device and inode in files.c and trans2.c Also changed the code that modifies share mode entries to take generic function pointers rather than doing a specific thing so this sort of change should be easier in the future. Jeremy. (This used to be commit 5e6a7cd99d29d1cf068fc517272559c1cf47ea3a) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bc19f1a931..babdd2056c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3615,7 +3615,7 @@ no oplock granted on this file.\n", fsp->fnum)); /* Remove the oplock flag from the sharemode. */ lock_share_entry(fsp->conn, dev, inode, &token); - if(remove_share_oplock(fsp, token)==False) { + if(remove_share_oplock(token, fsp)==False) { DEBUG(0,("reply_lockingX: failed to remove share oplock for fnum %d, \ dev = %x, inode = %.0f\n", fsp->fnum, (unsigned int)dev, (double)inode)); -- cgit From 3fcd6d69cb7df37b8169df66d23cba1ea7ce067a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 28 Oct 1998 17:15:28 +0000 Subject: Fix from thwartedefforts@wonky.org (slightly modified) to fix username overwriting problem in security=share. Jeremy. (This used to be commit 17621964344336c6303386c3c9e8a3e23b9e46e1) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index babdd2056c..1d8ccd61eb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -597,7 +597,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int * working. */ - if((lp_security() != SEC_SHARE) || *user) + if((lp_security() != SEC_SHARE) || (*user && !guest)) pstrcpy(sesssetup_user,user); reload_services(True); -- cgit From 01e04614c7c466fdbdc398c782acaa931965f925 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 3 Nov 1998 02:25:28 +0000 Subject: Makefile.in configure configure.in include/proto.h smbd/noquotas.c smbd/quotas.c: Added quotas patch for autoconf from Dejan Ilic . printing/printing.c: Filenames with spaces patch from Allan Bjorklund utils/nmblookup.c: Fix usage() function. smbd/reply.c: Split out the security=server and security=domain checks into check_server_security() and check_domain_security() to aid the writing of the 'hack' appliance mode invented by John Schimmel. Jeremy. (This used to be commit f09ab9b52251087a58af92ec753537ca34a970fc) --- source3/smbd/reply.c | 130 ++++++++++++++++++++++++++++++++++----------------- 1 file changed, 86 insertions(+), 44 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1d8ccd61eb..67c2abb9b5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -447,10 +447,42 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } +/**************************************************************************** + Check for a valid username and password in security=server mode. +****************************************************************************/ + +static BOOL check_server_security(char *orig_user, char *domain, + char *smb_apasswd, int smb_apasslen, + char *smb_ntpasswd, int smb_ntpasslen) +{ + if(lp_security() != SEC_SERVER) + return False; + + return server_validate(orig_user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen); +} + +/**************************************************************************** + Check for a valid username and password in security=domain mode. +****************************************************************************/ + +static BOOL check_domain_security(char *orig_user, char *domain, + char *smb_apasswd, int smb_apasslen, + char *smb_ntpasswd, int smb_ntpasslen) +{ + if(lp_security() != SEC_DOMAIN) + return False; + + return domain_client_validate(orig_user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen); +} /**************************************************************************** reply to a session setup command ****************************************************************************/ + int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { uint16 sess_vuid; @@ -582,12 +614,12 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* If no username is sent use the guest account */ if (!*user) - { - pstrcpy(user,lp_guestaccount(-1)); - /* If no user and no password then set guest flag. */ - if( *smb_apasswd == 0) - guest = True; - } + { + pstrcpy(user,lp_guestaccount(-1)); + /* If no user and no password then set guest flag. */ + if( *smb_apasswd == 0) + guest = True; + } strlower(user); @@ -631,48 +663,58 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if(!guest && strequal(user,lp_guestaccount(-1)) && (*smb_apasswd == 0)) guest = True; - if (!guest && !(lp_security() == SEC_SERVER && - /* Check with orig_user for security=server and - security=domain. */ - server_validate(orig_user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen)) && - !(lp_security() == SEC_DOMAIN && - domain_client_validate(orig_user, domain, + /* + * Check with orig_user for security=server and + * security=domain. + */ + + if (!guest && + !check_server_security(orig_user, domain, smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen)) && + smb_ntpasswd, smb_ntpasslen) && + !check_domain_security(orig_user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen) && !check_hosts_equiv(user) ) + { + + /* + * If we get here then the user wasn't guest and the remote + * authentication methods failed. Check the authentication + * methods on this local server. + * + * If an NT password was supplied try and validate with that + * first. This is superior as the passwords are mixed case + * 128 length unicode. + */ + + if(smb_ntpasslen) { + if(!password_ok(user, smb_ntpasswd,smb_ntpasslen,NULL)) + DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); + else + valid_nt_password = True; + } - /* now check if it's a valid username/password */ - /* If an NT password was supplied try and validate with that - first. This is superior as the passwords are mixed case - 128 length unicode */ - if(smb_ntpasslen) - { - if(!password_ok(user, smb_ntpasswd,smb_ntpasslen,NULL)) - DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); - else - valid_nt_password = True; - } - if (!valid_nt_password && !password_ok(user, smb_apasswd,smb_apasslen,NULL)) - { - if (lp_security() >= SEC_USER) { + if (!valid_nt_password && !password_ok(user, smb_apasswd,smb_apasslen,NULL)) + { + if (lp_security() >= SEC_USER) + { #if (GUEST_SESSSETUP == 0) - return(ERROR(ERRSRV,ERRbadpw)); + return(ERROR(ERRSRV,ERRbadpw)); #endif #if (GUEST_SESSSETUP == 1) - if (Get_Pwnam(user,True)) - return(ERROR(ERRSRV,ERRbadpw)); + if (Get_Pwnam(user,True)) + return(ERROR(ERRSRV,ERRbadpw)); #endif - } - if (*smb_apasswd || !Get_Pwnam(user,True)) - pstrcpy(user,lp_guestaccount(-1)); - DEBUG(3,("Registered username %s for guest access\n",user)); - guest = True; - } + } + if (*smb_apasswd || !Get_Pwnam(user,True)) + pstrcpy(user,lp_guestaccount(-1)); + DEBUG(3,("Registered username %s for guest access\n",user)); + guest = True; } + } if (!Get_Pwnam(user,True)) { DEBUG(3,("No such user %s - using guest account\n",user)); @@ -682,12 +724,12 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!strequal(user,lp_guestaccount(-1)) && lp_servicenumber(user) < 0) - { - int homes = lp_servicenumber(HOMES_NAME); - char *home = get_home_dir(user); - if (homes >= 0 && home) - lp_add_home(user,homes,home); - } + { + int homes = lp_servicenumber(HOMES_NAME); + char *home = get_home_dir(user); + if (homes >= 0 && home) + lp_add_home(user,homes,home); + } /* it's ok - setup a reply */ -- cgit From 375e53826c59c33d52009307f757b71a1fe3d589 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 10 Nov 1998 20:51:25 +0000 Subject: include/local.h: include/smb.h: param/loadparm.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-). printing/printing.c: Added J.F.'s latest fix. rpc_parse/parse_misc.c: parse_reg.c: rpcclient/cmd_reg.c: rpcclient/display.c: SGI compiler signed/unsigned issues. smbd/reply.c: Made GUEST_SESSSETUP run time selectable. Horror of horrors :-). utils/testparm.c: Added extra test. Jeremy. (This used to be commit 9668a5ef50be2e6b575f9989e87ee2ff8da5ac1d) --- source3/smbd/reply.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 67c2abb9b5..d3131b5fea 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -701,14 +701,21 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int { if (lp_security() >= SEC_USER) { -#if (GUEST_SESSSETUP == 0) - return(ERROR(ERRSRV,ERRbadpw)); -#endif -#if (GUEST_SESSSETUP == 1) - if (Get_Pwnam(user,True)) + if (lp_map_to_guest() == NEVER_MAP_TO_GUEST) return(ERROR(ERRSRV,ERRbadpw)); -#endif + + if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) + { + if (Get_Pwnam(user,True)) + return(ERROR(ERRSRV,ERRbadpw)); + } + + /* + * ..else if lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD + * Then always map to guest account - as done below. + */ } + if (*smb_apasswd || !Get_Pwnam(user,True)) pstrcpy(user,lp_guestaccount(-1)); DEBUG(3,("Registered username %s for guest access\n",user)); -- cgit From 00ae36ffd8079dc830fb4c7016a1f6ddd96d9b5c Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 15 Nov 1998 23:07:54 +0000 Subject: change ROUNDUP to SMB_ROUNDUP to prevent conflicts with system macros (This used to be commit d9d44d98ec719b7fc6d5b0fc35bf8727f4cd0372) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d3131b5fea..d466884ab6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4129,7 +4129,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si else { SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size); - SIVAL(outbuf,smb_vwv8,ROUNDUP(sbuf.st_size,1024)); + SIVAL(outbuf,smb_vwv8,SMB_ROUNDUP(sbuf.st_size,1024)); } SSVAL(outbuf,smb_vwv10, mode); -- cgit From 31739a0e1e32abfa7da166afbc5075aeab4124e6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 16 Nov 1998 21:38:13 +0000 Subject: O_EXCL fixes for printing files & oplocks. Jeremy. (This used to be commit 4ca71c90985b1c88d92bdd0f9079a4afc263dc46) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d466884ab6..ee0053aed0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2728,7 +2728,7 @@ int reply_printopen(connection_struct *conn, /* Open for exclusive use, write only. */ open_file_shared(fsp,conn,fname2, SET_DENY_MODE(DENY_ALL)|SET_OPEN_MODE(DOS_OPEN_WRONLY), - (FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_TRUNCATE), unix_mode(conn,0), 0, NULL, NULL); + (FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_FAIL), unix_mode(conn,0), 0, NULL, NULL); if (!fsp->open) { file_free(fsp); -- cgit From 74d539f5573a3ed3ff1b96c54752a389da4c3e14 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Tue, 17 Nov 1998 16:19:04 +0000 Subject: - group database API. oops and oh dear, the threat has been carried out: the pre-alpha "domain group" etc parameters have disappeared. - interactive debug detection - re-added mem_man (andrew's memory management, detects memory corruption) - american spellings of "initialise" replaced with english spelling of "initialise". - started on "lookup_name()" and "lookup_sid()" functions. proper ones. - moved lots of functions around. created some modules of commonly used code. e.g the password file locking code, which is used in groupfile.c and aliasfile.c and smbpass.c - moved RID_TYPE_MASK up another bit. this is really unfortunate, but there is no other "fast" way to identify users from groups from aliases. i do not believe that this code saves us anything (the multipliers) and puts us at a disadvantage (reduces the useable rid space). the designers of NT aren't silly: if they can get away with a user- interface-speed LsaLookupNames / LsaLookupSids, then so can we. i spoke with isaac at the cifs conference, the only time for example that they do a security context check is on file create. certainly not on individual file reads / writes, which would drastically hit their performance and ours, too. - renamed myworkgroup to global_sam_name, amongst other things, when used in the rpc code. there is also a global_member_name, as we are always responsible for a SAM database, the scope of which is limited by the role of the machine (e.g if a member of a workgroup, your SAM is for _local_ logins only, and its name is the name of your server. you even still have a SID. see LsaQueryInfoPolicy, levels 3 and 5). - updated functionality of groupname.c to be able to cope with names like DOMAIN\group and SERVER\alias. used this code to be able to do aliases as well as groups. this code may actually be better off being used in username mapping, too. - created a connect to serverlist function in clientgen.c and used it in password.c - initialisation in server.c depends on the role of the server. well, it does now. - rpctorture. smbtorture. EXERCISE EXTREME CAUTION. (This used to be commit 0d21e1e6090b933f396c764af535ca3388a562db) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ee0053aed0..78a09e46e7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1403,8 +1403,10 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt files_struct *fsp; /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(conn) && lp_nt_pipe_support()) + if (IS_IPC(conn) && lp_nt_pipe_support() && lp_security() != SEC_SHARE) + { return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize); + } /* XXXX we need to handle passed times, sattr and flags */ -- cgit From 490439d77a7fe3daadce1f30f17f03896c6739aa Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 17 Nov 1998 23:44:52 +0000 Subject: Fixed NT modify timestamp issue. If a client does a modify timestamp on an open file (which will do no good at all on UNIX :-) then keep the modify request pending in the files_struct and apply it at close instead. Jeremy. (This used to be commit 92a7a86f0e0255e3812dd35bebfcd653091514ae) --- source3/smbd/reply.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 78a09e46e7..12bf098a94 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2492,6 +2492,17 @@ int reply_close(connection_struct *conn, /* * Close ordinary file. */ + + /* + * If there was a modify time outstanding, + * try and set it here. + */ + if(fsp->pending_modtime) + set_filetime(conn, fsp->fsp_name, fsp->pending_modtime); + + /* + * Now take care of any time sent in the close. + */ mtime = make_unix_date3(inbuf+smb_vwv1); /* try and set the date */ -- cgit From bfc38ff872446e0ad365c22327c779e72a81bef9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 25 Nov 1998 21:17:20 +0000 Subject: Makefile.in: Added maintainer mode fixes. aclocal.m4: Added AC_LIBTESTFUNC. configure.in: Fixed -lsecurity -lsec problems. client.c: dos_ fixes. groupdb/aliasunix.c: Dead code removal. include/includes.h: Added default PRINTCAP_NAME. lib/genrand.c: dos_ fixes. lib/replace.c: Added strtoul. lib/system.c: dos_ fixes. lib/util.c: dos_ fixes. lib/util_sid.c: Signed/unsigned fixes. lib/util_str.c: removed bad const. locking/locking_slow.c: dos_ fixes. printing/printing.c: dos_ fixes. rpc_server/srv_samr.c: Dead code removal. rpc_server/srv_sid.c: global_myworkgroup defined with wrong size AGAIN ! smbd/dir.c: dos_ fixes. smbd/open.c: dos_ fixes. smbd/oplock.c: dos_ fixes. smbd/reply.c smbd/server.c smbd/service.c smbd/uid.c: dos_ fixes. Jeremy. (This used to be commit 6acb4b68f68d516e2ac3c47e500f5600d653435e) --- source3/smbd/reply.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 12bf098a94..1abb084124 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -809,7 +809,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if(VALID_STAT(st)) ok = S_ISDIR(st.st_mode); else - ok = directory_exist(name,NULL); + ok = dos_directory_exist(name,NULL); } if (!ok) @@ -944,7 +944,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size mode = SVAL(inbuf,smb_vwv0); mtime = make_unix_date3(inbuf+smb_vwv1); - if (VALID_STAT_OF_DIR(st) || directory_exist(fname,NULL)) + if (VALID_STAT_OF_DIR(st) || dos_directory_exist(fname,NULL)) mode |= aDIR; if (check_name(fname,conn)) ok = (file_chmod(conn,fname,mode,NULL) == 0); @@ -1757,7 +1757,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (can_delete(directory,conn,dirtype) && !dos_unlink(directory)) count++; if (!count) - exists = file_exist(directory,NULL); + exists = dos_file_exist(directory,NULL); } else { void *dirptr = NULL; char *dname; @@ -3274,7 +3274,7 @@ int rename_internals(connection_struct *conn, /* * NT SMB specific flag - rename can overwrite * file with the same name so don't check for - * file_exist(). + * dos_file_exist(). */ if(resolve_wildcards(directory,newname) && can_rename(directory,conn) && @@ -3283,7 +3283,7 @@ int rename_internals(connection_struct *conn, } else { if (resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !file_exist(newname,NULL) && + !dos_file_exist(newname,NULL) && !dos_rename(directory,newname)) count++; } @@ -3291,8 +3291,8 @@ int rename_internals(connection_struct *conn, DEBUG(3,("rename_internals: %s doing rename on %s -> %s\n",(count != 0) ? "succeeded" : "failed", directory,newname)); - if (!count) exists = file_exist(directory,NULL); - if (!count && exists && file_exist(newname,NULL)) { + if (!count) exists = dos_file_exist(directory,NULL); + if (!count && exists && dos_file_exist(newname,NULL)) { exists = True; error = ERRrename; } @@ -3333,8 +3333,8 @@ int rename_internals(connection_struct *conn, continue; } - if (!replace_if_exists && file_exist(destname,NULL)) { - DEBUG(6,("file_exist %s\n", destname)); + if (!replace_if_exists && dos_file_exist(destname,NULL)) { + DEBUG(6,("dos_file_exist %s\n", destname)); error = 183; continue; } @@ -3408,7 +3408,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, pstrcat(dest,p); } - if (!file_exist(src,&st)) + if (!dos_file_exist(src,&st)) return(False); fsp1 = file_new(); @@ -3501,7 +3501,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_convert(name,conn,0,&bad_path1,NULL); unix_convert(newname,conn,0,&bad_path2,NULL); - target_is_directory = directory_exist(newname,NULL); + target_is_directory = dos_directory_exist(newname,NULL); if ((flags&1) && target_is_directory) { return(ERROR(ERRDOS,ERRbadfile)); @@ -3511,7 +3511,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(ERROR(ERRDOS,ERRbadpath)); } - if ((flags&(1<<5)) && directory_exist(name,NULL)) { + if ((flags&(1<<5)) && dos_directory_exist(name,NULL)) { /* wants a tree copy! XXXX */ DEBUG(3,("Rejecting tree copy\n")); return(ERROR(ERRSRV,ERRerror)); @@ -3538,7 +3538,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (resolve_wildcards(directory,newname) && copy_file(directory,newname,conn,ofun, count,target_is_directory)) count++; - if (!count) exists = file_exist(directory,NULL); + if (!count) exists = dos_file_exist(directory,NULL); } else { void *dirptr = NULL; char *dname; @@ -3613,7 +3613,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (strlen(newdir) == 0) { ok = True; } else { - ok = directory_exist(newdir,NULL); + ok = dos_directory_exist(newdir,NULL); if (ok) { string_set(&conn->connectpath,newdir); } -- cgit From c6ad04b8fb4ee5cbf862a35b4c143a6f75555718 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Mon, 30 Nov 1998 22:42:13 +0000 Subject: attempting to fix "domain user map" up, but it's a bit complicated. i may simply go for a response in the NetSamLogon returning the unix username, forcing the NT user to appear to be a unix user, however even that is fraught with implications. might just have to go the whole hog and do this tuple thing, "unix_name + nt_name" always associated together... issue with api_net_sam_logon, getsam21pwent() being called twice, the second time overwriting static buffer data (argh) so had to make a copy. noticed a nested "become_root()"/"unbecome_root()" which will have to be tracked down... (This used to be commit 474f94f419a531e33b475249da7efb99ac22f454) --- source3/smbd/reply.c | 90 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 56 insertions(+), 34 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1abb084124..505067c83e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -60,6 +60,49 @@ static void overflow_attack(int len) } +/**************************************************************************** + does _both_ nt->unix and unix->unix username remappings. +****************************************************************************/ +static BOOL map_nt_and_unix_username(const char *domain, char *user) +{ + DOM_NAME_MAP gmep; + fstring nt_username; + + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + memset(nt_username, 0, sizeof(nt_username)); + if (domain != NULL) + { + slprintf(nt_username, sizeof(nt_username)-1, "%s\\%s", + domain, user); + } + else + { + fstrcpy(nt_username, user); + } + if (!lookupsmbpwntnam(nt_username, &gmep)) + { + return False; + } + + fstrcpy(user, gmep.unix_name); + + /* + * Pass the user through the unix -> unix user mapping + * function. + */ + + (void)map_username(user); + + /* + * Do any UNIX username case mangling. + */ + return Get_Pwnam( user, True) != NULL; +} + /**************************************************************************** reply to an special message ****************************************************************************/ @@ -220,17 +263,10 @@ int reply_tcon(connection_struct *conn, parse_connect(smb_buf(inbuf)+1,service,user,password,&pwlen,dev); - /* - * Pass the user through the NT -> unix user mapping - * function. - */ - - (void)map_username(user); - - /* - * Do any UNIX username case mangling. - */ - (void)Get_Pwnam( user, True); + if (!map_nt_and_unix_username(global_myworkgroup, user)) + { + return(connection_error(inbuf,outbuf,ERRbadpw)); + } conn = make_connection(service,user,password,pwlen,dev,vuid,&ecode); @@ -300,18 +336,11 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt StrnCpy(devicename,path + strlen(path) + 1,6); DEBUG(4,("Got device type %s\n",devicename)); - /* - * Pass the user through the NT -> unix user mapping - * function. - */ - - (void)map_username(user); - - /* - * Do any UNIX username case mangling. - */ - (void)Get_Pwnam(user, True); - + if (!map_nt_and_unix_username(global_myworkgroup, user)) + { + return(connection_error(inbuf,outbuf,ERRbadpw)); + } + conn = make_connection(service,user,password,passlen,devicename,vuid,&ecode); if (!conn) @@ -642,17 +671,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int pstrcpy( orig_user, user); - /* - * Pass the user through the NT -> unix user mapping - * function. - */ - - (void)map_username(user); - - /* - * Do any UNIX username case mangling. - */ - (void)Get_Pwnam( user, True); + if (!map_nt_and_unix_username(domain, user)) + { + return(ERROR(ERRSRV,ERRbadpw)); + } add_session_user(user); -- cgit From 308da9e82b496b0ecfcbf1ee8fd347f37c136ab9 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Tue, 1 Dec 1998 16:41:34 +0000 Subject: hm. removed the "if failed to map nt name to unix name, fail tcon call" restriction and "domain user map" seems to work. amazing. (This used to be commit 2c0d91e64a6b330b209ca62c3306ec1a53fda873) --- source3/smbd/reply.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 505067c83e..bd238c130c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -263,10 +263,7 @@ int reply_tcon(connection_struct *conn, parse_connect(smb_buf(inbuf)+1,service,user,password,&pwlen,dev); - if (!map_nt_and_unix_username(global_myworkgroup, user)) - { - return(connection_error(inbuf,outbuf,ERRbadpw)); - } + map_nt_and_unix_username(global_myworkgroup, user); conn = make_connection(service,user,password,pwlen,dev,vuid,&ecode); @@ -336,10 +333,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt StrnCpy(devicename,path + strlen(path) + 1,6); DEBUG(4,("Got device type %s\n",devicename)); - if (!map_nt_and_unix_username(global_myworkgroup, user)) - { - return(connection_error(inbuf,outbuf,ERRbadpw)); - } + map_nt_and_unix_username(global_myworkgroup, user); conn = make_connection(service,user,password,passlen,devicename,vuid,&ecode); -- cgit From e2d51234002609f00bfa92b8031ac15616d6fe26 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Tue, 1 Dec 1998 18:24:23 +0000 Subject: andrej spotted that entries _not_ in domain map user were being refused. modified map_nt_and_unix_names() to never refuse a mapping (returns void now not BOOL). (This used to be commit faffcb3c8955dcea3987e2978dc34b4dba580167) --- source3/smbd/reply.c | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bd238c130c..169f69ee07 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -63,7 +63,7 @@ static void overflow_attack(int len) /**************************************************************************** does _both_ nt->unix and unix->unix username remappings. ****************************************************************************/ -static BOOL map_nt_and_unix_username(const char *domain, char *user) +static void map_nt_and_unix_username(const char *domain, char *user) { DOM_NAME_MAP gmep; fstring nt_username; @@ -83,13 +83,12 @@ static BOOL map_nt_and_unix_username(const char *domain, char *user) { fstrcpy(nt_username, user); } - if (!lookupsmbpwntnam(nt_username, &gmep)) + + if (lookupsmbpwntnam(nt_username, &gmep)) { - return False; + fstrcpy(user, gmep.unix_name); } - fstrcpy(user, gmep.unix_name); - /* * Pass the user through the unix -> unix user mapping * function. @@ -100,7 +99,7 @@ static BOOL map_nt_and_unix_username(const char *domain, char *user) /* * Do any UNIX username case mangling. */ - return Get_Pwnam( user, True) != NULL; + (void)Get_Pwnam( user, True); } /**************************************************************************** @@ -665,10 +664,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int pstrcpy( orig_user, user); - if (!map_nt_and_unix_username(domain, user)) - { - return(ERROR(ERRSRV,ERRbadpw)); - } + map_nt_and_unix_username(domain, user); add_session_user(user); -- cgit From 08cdea519c692de092ba7a70664411c1a3cedac0 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Tue, 1 Dec 1998 22:39:33 +0000 Subject: check server role before doing nt user to unix user mapping (This used to be commit 9d4e810e7dd8d6d80b47204636f9a37774f95455) --- source3/smbd/reply.c | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 169f69ee07..d706976714 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -73,20 +73,23 @@ static void map_nt_and_unix_username(const char *domain, char *user) * function. */ - memset(nt_username, 0, sizeof(nt_username)); - if (domain != NULL) + if (lp_server_role() != ROLE_DOMAIN_NONE) { - slprintf(nt_username, sizeof(nt_username)-1, "%s\\%s", - domain, user); - } - else - { - fstrcpy(nt_username, user); - } + memset(nt_username, 0, sizeof(nt_username)); + if (domain != NULL) + { + slprintf(nt_username, sizeof(nt_username)-1, "%s\\%s", + domain, user); + } + else + { + fstrcpy(nt_username, user); + } - if (lookupsmbpwntnam(nt_username, &gmep)) - { - fstrcpy(user, gmep.unix_name); + if (lookupsmbpwntnam(nt_username, &gmep)) + { + fstrcpy(user, gmep.unix_name); + } } /* -- cgit From d4385df3e80d63dbc7a1c90cc903d8343dfba652 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Mon, 14 Dec 1998 20:21:39 +0000 Subject: trying to track down issues in get_home_dir(). (This used to be commit 2cce78aa00f31b79d51aaf46da72019b926e8226) --- source3/smbd/reply.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d706976714..694cf3cdd5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -750,7 +750,11 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int int homes = lp_servicenumber(HOMES_NAME); char *home = get_home_dir(user); if (homes >= 0 && home) - lp_add_home(user,homes,home); + { + pstring home_dir; + fstrcpy(home_dir, home); + lp_add_home(user,homes,home_dir); + } } -- cgit From 43a460075a39148060d4193fcb9c62bfa4acc737 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 25 Mar 1999 13:54:31 +0000 Subject: SAM database "set user info". ---------------------------- - removed DOM_RID4 - removed SAMR_UNKNOWN_32 - added SAMR_SET_USERINFO (opcode 0x32) - added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user) - fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX - added mod_sam21pwd_entry() - preparing to call mod_sam21pwd_entry() - added "user session key" to user_struct.dc. this is md4(nt#) and is needed to decode user's clear-text passwords in SAMR_SET_USERINFO. - split code out in chgpasswd.c to decode 516 byte password buffers. (This used to be commit 2e58ed742435befe419aa366c4052019fede8c23) --- source3/smbd/reply.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 694cf3cdd5..57742003ff 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -511,6 +511,7 @@ reply to a session setup command int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { uint16 sess_vuid; + uchar user_sess_key[16]; int gid; int uid; int smb_bufsize; @@ -706,13 +707,13 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if(smb_ntpasslen) { - if(!password_ok(user, smb_ntpasswd,smb_ntpasslen,NULL)) + if(!password_ok(user, smb_ntpasswd,smb_ntpasslen,NULL,user_sess_key)) DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); else valid_nt_password = True; } - if (!valid_nt_password && !password_ok(user, smb_apasswd,smb_apasslen,NULL)) + if (!valid_nt_password && !password_ok(user, smb_apasswd,smb_apasslen,NULL,user_sess_key)) { if (lp_security() >= SEC_USER) { @@ -791,7 +792,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - sess_vuid = register_vuid(uid,gid,user,sesssetup_user,guest); + sess_vuid = register_vuid(uid,gid,user,sesssetup_user,guest,user_sess_key); SSVAL(outbuf,smb_uid,sess_vuid); SSVAL(inbuf,smb_uid,sess_vuid); -- cgit From 6d5ef2e92995df1cbf5cd3d7c6a33fe55cedb311 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Sun, 4 Apr 1999 06:25:13 +0000 Subject: Use VFS operations for file I/O. (This used to be commit cfddbdb62485256a947a30e04c753200451cbe1c) --- source3/smbd/reply.c | 153 +++++++++++++++++++++++++++------------------------ 1 file changed, 80 insertions(+), 73 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 57742003ff..59a883f2d8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -625,7 +625,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int domain,skip_string(p,1),skip_string(p,2))); } - DEBUG(3,("sesssetupX:name=[%s]\n",user)); /* If name ends in $ then I think it's asking about whether a */ @@ -648,7 +647,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } strlower(user); - /* * In share level security, only overwrite sesssetup_use if * it's a non null-session share. Helps keep %U and %G @@ -657,7 +655,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if((lp_security() != SEC_SHARE) || (*user && !guest)) pstrcpy(sesssetup_user,user); - reload_services(True); /* @@ -668,7 +665,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int pstrcpy( orig_user, user); - map_nt_and_unix_username(domain, user); + map_nt_and_unix_username(domain, user); add_session_user(user); @@ -758,7 +755,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } } - /* it's ok - setup a reply */ if (Protocol < PROTOCOL_NT1) { set_message(outbuf,3,0,True); @@ -897,7 +893,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size unix_convert(fname,conn,0,&bad_path,&sbuf); if (check_name(fname,conn)) { - if (VALID_STAT(sbuf) || dos_stat(fname,&sbuf) == 0) + if (VALID_STAT(sbuf) || conn->vfs_ops.stat(dos_to_unix(fname,False),&sbuf) == 0) { mode = dos_mode(conn,fname,&sbuf); size = sbuf.st_size; @@ -998,7 +994,7 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz int outsize = 0; SMB_BIG_UINT dfree,dsize,bsize; - sys_disk_free(".",&bsize,&dfree,&dsize); + conn->vfs_ops.disk_free(".",&bsize,&dfree,&dsize); outsize = set_message(outbuf,5,0,True); @@ -1346,8 +1342,9 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unixmode = unix_mode(conn,aARCH); - open_file_shared(fsp,conn,fname,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), - unixmode, oplock_request,&rmode,NULL); + open_file_shared(fsp, conn, fname, share_mode, + (FILE_FAIL_IF_NOT_EXIST | FILE_EXISTS_OPEN), + unixmode, oplock_request, &rmode, NULL); if (!fsp->open) { @@ -1360,7 +1357,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (sys_fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + if (fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd,&sbuf) != 0) { close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1450,8 +1447,8 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt unixmode = unix_mode(conn,smb_attr | aARCH); - open_file_shared(fsp,conn,fname,smb_mode,smb_ofun,unixmode, - oplock_request, &rmode,&smb_action); + open_file_shared(fsp, conn, fname, smb_mode, smb_ofun, unixmode, + oplock_request, &rmode, &smb_action); if (!fsp->open) { @@ -1464,7 +1461,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (sys_fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + if (fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd,&sbuf) != 0) { close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1601,8 +1598,9 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } /* Open file in dos compatibility share mode. */ - open_file_shared(fsp,conn,fname,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), - ofun, unixmode, oplock_request, NULL, NULL); + open_file_shared(fsp, conn, fname, + SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + ofun, unixmode, oplock_request, NULL, NULL); if (!fsp->open) { @@ -1673,8 +1671,10 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, /* Open file in dos compatibility share mode. */ /* We should fail if file exists. */ - open_file_shared(fsp,conn,fname2,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), - (FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_FAIL), unixmode, oplock_request, NULL, NULL); + open_file_shared(fsp,conn,fname2, + SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + (FILE_CREATE_IF_NOT_EXIST | FILE_EXISTS_FAIL), + unixmode, oplock_request, NULL, NULL); if (!fsp->open) { @@ -1717,7 +1717,7 @@ static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) if (!CAN_WRITE(conn)) return(False); - if (dos_lstat(fname,&sbuf) != 0) return(False); + if (conn->vfs_ops.lstat(fname,&sbuf) != 0) return(False); fmode = dos_mode(conn,fname,&sbuf); if (fmode & aDIR) return(False); if (!lp_delete_readonly(SNUM(conn))) { @@ -1774,10 +1774,10 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - if (can_delete(directory,conn,dirtype) && !dos_unlink(directory)) + if (can_delete(directory,conn,dirtype) && !conn->vfs_ops.unlink(directory)) count++; if (!count) - exists = dos_file_exist(directory,NULL); + exists = vfs_file_exist(conn,dos_to_unix(directory,False),NULL); } else { void *dirptr = NULL; char *dname; @@ -1807,7 +1807,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); if (!can_delete(fname,conn,dirtype)) continue; - if (!dos_unlink(fname)) count++; + if (!conn->vfs_ops.unlink(fname)) count++; DEBUG(3,("reply_unlink : doing unlink on %s\n",fname)); } CloseDir(dirptr); @@ -1900,7 +1900,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if (size < sizeneeded) { SMB_STRUCT_STAT st; - if (sys_fstat(fsp->fd_ptr->fd,&st) == 0) + if (fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd,&st) == 0) size = st.st_size; if (!fsp->can_write) fsp->size = size; @@ -1924,11 +1924,11 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s #if USE_READ_PREDICTION if (!fsp->can_write) - predict = read_predict(fsp->fd_ptr->fd,startpos,header+4,NULL,nread); + predict = read_predict(fsp, fsp->fd_ptr->fd,startpos,header+4,NULL,nread); #endif /* USE_READ_PREDICTION */ if ((nread-predict) > 0) { - if(seek_file(fsp,startpos + predict) == -1) { + if(conn->vfs_ops.seek(fsp,startpos + predict) == -1) { DEBUG(0,("reply_readbraw: ERROR: seek_file failed.\n")); ret = 0; seek_fail = True; @@ -1936,7 +1936,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s } if(!seek_fail) - ret = (ssize_t)transfer_file(fsp->fd_ptr->fd,Client, + ret = (ssize_t)vfs_transfer_file(-1, fsp->fd_ptr->fd, Client, NULL, (SMB_OFF_T)(nread-predict),header,4+predict, startpos+predict); } @@ -2039,8 +2039,9 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (is_locked(fsp,conn,numtoread,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); - if (numtoread > 0) + if (numtoread > 0) { nread = read_file(fsp,data,startpos,numtoread); + } if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2092,15 +2093,15 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (is_locked(fsp,conn,smb_maxcnt,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); - nread = read_file(fsp,data,startpos,smb_maxcnt); - + nread = read_file(fsp,data,smb_maxcnt); + if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); SSVAL(outbuf,smb_vwv5,nread); SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); SSVAL(smb_buf(outbuf),-2,nread); - + DEBUG( 3, ( "readX fnum=%d min=%d max=%d nread=%d\n", fsp->fnum, smb_mincnt, smb_maxcnt, nread ) ); @@ -2184,8 +2185,9 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s tcount,nwritten,numtowrite)); } - nwritten = transfer_file(Client,fsp->fd_ptr->fd,(SMB_OFF_T)numtowrite,NULL,0, - startpos+nwritten); + nwritten = vfs_transfer_file(Client, NULL, -1, fsp, + (SMB_OFF_T)numtowrite,NULL,0, + startpos+nwritten); total_written += nwritten; /* Set up outbuf to return the correct return */ @@ -2199,7 +2201,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s } if (lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); + conn->vfs_ops.sync(conn, fsp); DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n", fsp->fnum, (double)startpos, numtowrite, total_written)); @@ -2249,7 +2251,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum nwritten = write_file(fsp,data,numtowrite); if (lp_syncalways(SNUM(conn))) - sync_file(conn,fsp); + conn->vfs_ops.sync(conn, fsp); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2302,7 +2304,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i nwritten = write_file(fsp,data,numtowrite); if (lp_syncalways(SNUM(conn))) - sync_file(conn,fsp); + conn->vfs_ops.sync(conn, fsp); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2386,7 +2388,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng fsp->fnum, numtowrite, nwritten)); if (lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); + conn->vfs_ops.sync(conn, fsp); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2418,7 +2420,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, umode = SEEK_SET; break; } - if((res = sys_lseek(fsp->fd_ptr->fd,startpos,umode)) == -1) + if((res = conn->vfs_ops.lseek(fsp->fd_ptr->fd,startpos,umode)) == -1) return(UNIXERROR(ERRDOS,ERRnoaccess)); fsp->pos = res; @@ -2448,7 +2450,7 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!fsp) { file_sync_all(conn); } else { - sync_file(conn,fsp); + conn->vfs_ops.sync(conn, fsp); } DEBUG(3,("flush\n")); @@ -2914,7 +2916,8 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_convert(directory,conn,0,&bad_path,NULL); if (check_name(directory, conn)) - ret = dos_mkdir(directory,unix_mode(conn,aDIR)); + ret = conn->vfs_ops.mkdir(dos_to_unix(directory,False), + unix_mode(conn,aDIR)); if (ret < 0) { @@ -2937,11 +2940,11 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, Static function used by reply_rmdir to delete an entire directory tree recursively. ****************************************************************************/ -static BOOL recursive_rmdir(char *directory) +static BOOL recursive_rmdir(connection_struct *conn, char *directory) { char *dname = NULL; BOOL ret = False; - void *dirptr = OpenDir(NULL, directory, False); + void *dirptr = OpenDir(conn, directory, False); if(dirptr == NULL) return True; @@ -2965,7 +2968,7 @@ static BOOL recursive_rmdir(char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(dos_lstat(fullname, &st) != 0) + if(conn->vfs_ops.lstat(fullname, &st) != 0) { ret = True; break; @@ -2973,18 +2976,18 @@ static BOOL recursive_rmdir(char *directory) if(st.st_mode & S_IFDIR) { - if(recursive_rmdir(fullname)!=0) + if(recursive_rmdir(conn, fullname)!=0) { ret = True; break; } - if(dos_rmdir(fullname) != 0) + if(conn->vfs_ops.rmdir(dos_to_unix(fullname,False)) != 0) { ret = True; break; } } - else if(dos_unlink(fullname) != 0) + else if(conn->vfs_ops.unlink(dos_to_unix(fullname,False)) != 0) { ret = True; break; @@ -3011,7 +3014,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, { dptr_closepath(directory,SVAL(inbuf,smb_pid)); - ok = (dos_rmdir(directory) == 0); + ok = (conn->vfs_ops.rmdir(dos_to_unix(directory,False)) == 0); if(!ok && (errno == ENOTEMPTY) && lp_veto_files(SNUM(conn))) { /* Check to see if the only thing in this directory are @@ -3056,24 +3059,25 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(dos_lstat(fullname, &st) != 0) + if(conn->vfs_ops.lstat(fullname, &st) != 0) break; if(st.st_mode & S_IFDIR) { if(lp_recursive_veto_delete(SNUM(conn))) { - if(recursive_rmdir(fullname) != 0) + DEBUG(0, ("ERROR: recursive_rmdir()\n")); + if(recursive_rmdir(conn, fullname) != 0) break; } - if(dos_rmdir(fullname) != 0) + if(conn->vfs_ops.rmdir(dos_to_unix(fullname,False)) != 0) break; } - else if(dos_unlink(fullname) != 0) + else if(conn->vfs_ops.unlink(dos_to_unix(fullname,False)) != 0) break; } CloseDir(dirptr); /* Retry the rmdir */ - ok = (dos_rmdir(directory) == 0); + ok = (conn->vfs_ops.rmdir(dos_to_unix(directory,False)) == 0); } else CloseDir(dirptr); @@ -3178,7 +3182,7 @@ static BOOL can_rename(char *fname,connection_struct *conn) if (!CAN_WRITE(conn)) return(False); - if (dos_lstat(fname,&sbuf) != 0) return(False); + if (conn->vfs_ops.lstat(fname,&sbuf) != 0) return(False); if (!check_file_sharing(conn,fname,True)) return(False); return(True); @@ -3298,21 +3302,23 @@ int rename_internals(connection_struct *conn, */ if(resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !dos_rename(directory,newname)) + !conn->vfs_ops.rename(dos_to_unix(directory,False), + newname)) count++; } else { if (resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !dos_file_exist(newname,NULL) && - !dos_rename(directory,newname)) + !vfs_file_exist(conn,dos_to_unix(newname,False),NULL) && + !conn->vfs_ops.rename(dos_to_unix(directory,False), + newname)) count++; } DEBUG(3,("rename_internals: %s doing rename on %s -> %s\n",(count != 0) ? "succeeded" : "failed", directory,newname)); - if (!count) exists = dos_file_exist(directory,NULL); - if (!count && exists && dos_file_exist(newname,NULL)) { + if (!count) exists = vfs_file_exist(conn,dos_to_unix(directory,False),NULL); + if (!count && exists && vfs_file_exist(conn,dos_to_unix(newname,False),NULL)) { exists = True; error = ERRrename; } @@ -3353,13 +3359,13 @@ int rename_internals(connection_struct *conn, continue; } - if (!replace_if_exists && dos_file_exist(destname,NULL)) { - DEBUG(6,("dos_file_exist %s\n", destname)); + if (!replace_if_exists && vfs_file_exist(conn,dos_to_unix(destname,False),NULL)) { + DEBUG(6,("file_exist %s\n", destname)); error = 183; continue; } - if (!dos_rename(fname,destname)) + if (!conn->vfs_ops.rename(dos_to_unix(fname,False),destname)) count++; DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } @@ -3428,15 +3434,16 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, pstrcat(dest,p); } - if (!dos_file_exist(src,&st)) + if (!vfs_file_exist(conn,dos_to_unix(src,False),&st)) return(False); fsp1 = file_new(); - if (!fsp1) + if (!fsp1) return(False); - open_file_shared(fsp1,conn,src,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_RDONLY), - (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN),0,0,&Access,&action); + open_file_shared(fsp1, conn, src, + SET_DENY_MODE(DENY_NONE) | SET_OPEN_MODE(DOS_OPEN_RDONLY), + (FILE_FAIL_IF_NOT_EXIST | FILE_EXISTS_OPEN), 0, 0, &Access, &action); if (!fsp1->open) { file_free(fsp1); @@ -3451,8 +3458,9 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, close_file(fsp1,False); return(False); } - open_file_shared(fsp2,conn,dest,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), - ofun,st.st_mode,0,&Access,&action); + open_file_shared(fsp2, conn, dest, + SET_DENY_MODE(DENY_NONE) | SET_OPEN_MODE(DOS_OPEN_WRONLY), + ofun, st.st_mode, 0, &Access, &action); if (!fsp2->open) { close_file(fsp1,False); @@ -3461,7 +3469,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if ((ofun&3) == 1) { - if(sys_lseek(fsp2->fd_ptr->fd,0,SEEK_END) == -1) { + if(conn->vfs_ops.lseek(fsp2->fd_ptr->fd,0,SEEK_END) == -1) { DEBUG(0,("copy_file: error - sys_lseek returned error %s\n", strerror(errno) )); /* @@ -3473,8 +3481,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if (st.st_size) - ret = transfer_file(fsp1->fd_ptr->fd, - fsp2->fd_ptr->fd,st.st_size,NULL,0,0); + ret = vfs_transfer_file(-1, fsp1, -1, fsp2, st.st_size, NULL, 0, 0); close_file(fsp1,False); close_file(fsp2,False); @@ -3558,7 +3565,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (resolve_wildcards(directory,newname) && copy_file(directory,newname,conn,ofun, count,target_is_directory)) count++; - if (!count) exists = dos_file_exist(directory,NULL); + if (!count) exists = vfs_file_exist(conn,dos_to_unix(directory,False),NULL); } else { void *dirptr = NULL; char *dname; @@ -3862,7 +3869,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, { size_t N = MIN(max_per_packet,tcount-total_read); - nread = read_file(fsp,data,startpos,N); + nread = read_file(fsp,data,N); if (nread <= 0) nread = 0; @@ -3925,7 +3932,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s nwritten = write_file(fsp,data,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); + conn->vfs_ops.sync(conn, fsp); if(nwritten < (ssize_t)numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -4038,7 +4045,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz nwritten = write_file(fsp,data,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); + conn->vfs_ops.sync(conn, fsp); if (nwritten < (ssize_t)numtowrite) { @@ -4143,7 +4150,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si CHECK_ERROR(fsp); /* Do an fstat on this file */ - if(sys_fstat(fsp->fd_ptr->fd, &sbuf)) + if(fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd, &sbuf)) return(UNIXERROR(ERRDOS,ERRnoaccess)); mode = dos_mode(conn,fsp->fsp_name,&sbuf); -- cgit From 0ca4ce887c8aaf6059b6c989af00e642ef84f92e Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Sun, 4 Apr 1999 07:18:38 +0000 Subject: Fixed up incorrect calls to read_file(). (This used to be commit 17d007daa3d1fa60501eae1eecfc2d0f88c1692e) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 59a883f2d8..51d737a784 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2093,7 +2093,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (is_locked(fsp,conn,smb_maxcnt,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); - nread = read_file(fsp,data,smb_maxcnt); + nread = read_file(fsp,data,startpos,smb_maxcnt); if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -3869,7 +3869,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, { size_t N = MIN(max_per_packet,tcount-total_read); - nread = read_file(fsp,data,N); + nread = read_file(fsp,data,startpos,N); if (nread <= 0) nread = 0; -- cgit From 1e1a52bb5f0475327d435c06032d1e6234c28bcb Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 20 Apr 1999 03:29:05 +0000 Subject: Changed arguments to fsync() function to break dependency on connection_struct. (This used to be commit ee6f826ccc0897a4538f6f9a560127c54a4c4038) --- source3/smbd/reply.c | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 51d737a784..b20236d6f4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2200,8 +2200,9 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s SSVAL(outbuf,smb_err,ERRdiskfull); } - if (lp_syncalways(SNUM(conn)) || write_through) - conn->vfs_ops.sync(conn, fsp); + if ((lp_syncalways(SNUM(conn)) || write_through) && + lp_strict_sync(SNUM(conn))) + conn->vfs_ops.sync(fsp->fd_ptr->fd); DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n", fsp->fnum, (double)startpos, numtowrite, total_written)); @@ -2250,8 +2251,8 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum else nwritten = write_file(fsp,data,numtowrite); - if (lp_syncalways(SNUM(conn))) - conn->vfs_ops.sync(conn, fsp); + if (lp_syncalways(SNUM(conn)) && lp_strict_sync(SNUM(conn))) + conn->vfs_ops.sync(fsp->fd_ptr->fd); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2303,8 +2304,8 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i else nwritten = write_file(fsp,data,numtowrite); - if (lp_syncalways(SNUM(conn))) - conn->vfs_ops.sync(conn, fsp); + if (lp_syncalways(SNUM(conn)) && lp_strict_sync(SNUM(conn))) + conn->vfs_ops.sync(fsp->fd_ptr->fd); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2387,8 +2388,9 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n", fsp->fnum, numtowrite, nwritten)); - if (lp_syncalways(SNUM(conn)) || write_through) - conn->vfs_ops.sync(conn, fsp); + if ((lp_syncalways(SNUM(conn)) || write_through) && + lp_strict_sync(SNUM(conn))) + conn->vfs_ops.sync(fsp->fd_ptr->fd); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2450,7 +2452,7 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!fsp) { file_sync_all(conn); } else { - conn->vfs_ops.sync(conn, fsp); + conn->vfs_ops.sync(fsp->fd_ptr->fd); } DEBUG(3,("flush\n")); @@ -3931,8 +3933,9 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s nwritten = write_file(fsp,data,numtowrite); - if(lp_syncalways(SNUM(conn)) || write_through) - conn->vfs_ops.sync(conn, fsp); + if((lp_syncalways(SNUM(conn)) || write_through) && + lp_strict_sync(SNUM(conn))) + conn->vfs_ops.sync(fsp->fd_ptr->fd); if(nwritten < (ssize_t)numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -4044,8 +4047,9 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz nwritten = write_file(fsp,data,numtowrite); - if(lp_syncalways(SNUM(conn)) || write_through) - conn->vfs_ops.sync(conn, fsp); + if((lp_syncalways(SNUM(conn)) || write_through) && + lp_strict_sync(SNUM(conn))) + conn->vfs_ops.sync(fsp->fd_ptr->fd); if (nwritten < (ssize_t)numtowrite) { -- cgit From 731c7f2ecfe17651506ba05b88358360e4654a37 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Sun, 13 Jun 1999 04:14:24 +0000 Subject: Moved code that changes the pw_passwd entry (i.e shadow password and weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug. Note that the Get_Pwnam() function now returns a const struct passwd * as a hint to other developers not to change entries in the struct passwd. (This used to be commit 36d7cb4ccc42268e8e6a7b783c945d1853624958) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b20236d6f4..faf9c051d2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -774,7 +774,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int user we should become. */ { - struct passwd *pw = Get_Pwnam(user,False); + const struct passwd *pw = Get_Pwnam(user,False); if (!pw) { DEBUG(1,("Username %s is invalid on this system\n",user)); return(ERROR(ERRSRV,ERRbadpw)); -- cgit From 07afc549e2cde45e1c5b536cc03903fe8765902f Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 24 Jun 1999 18:50:55 +0000 Subject: debugging of NBT messages added. (This used to be commit ceb20adb3c924818201fa8992e19e82f45b40710) --- source3/smbd/reply.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index faf9c051d2..58f327771d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -125,6 +125,9 @@ int reply_special(char *inbuf,char *outbuf) smb_setlen(outbuf,0); + DEBUG(20,("NBT message\n")); + dump_data(20, inbuf, smb_len(inbuf)); + switch (msg_type) { case 0x81: /* session request */ CVAL(outbuf,0) = 0x82; -- cgit From 73891ca8e4f6cca6aa8bb0ae043f660a64baa056 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Tue, 29 Jun 1999 18:47:06 +0000 Subject: improving authentication code (tidyup). (This used to be commit ab1a6aa42db5217f025941fb5107436556bc23b7) --- source3/smbd/reply.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 58f327771d..c44cf069a9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -441,7 +441,9 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(smb_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) + if (!smb_password_ok(smb_trust_acct, NULL, NULL, NULL, + (unsigned char *)smb_passwd, smb_passlen, + (unsigned char *)smb_nt_passwd, smb_nt_passlen)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); @@ -570,7 +572,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int set_remote_arch( RA_WIN95); } - if (passlen1 != 24 && passlen2 != 24) + if (passlen1 != 24 && passlen2 <= 24) doencrypt = False; if (passlen1 > MAX_PASS_LEN) { @@ -593,7 +595,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int setting passlen2 to some random value which really stuffs things up. we need to fix that one. */ - if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24 && passlen2 != 1) + if (passlen1 > 0 && passlen2 > 0 && passlen2 <= 24 && passlen2 != 1) passlen2 = 0; } -- cgit From e71801c3de1e2bc0cb710cb1157adea1b50e12e1 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Tue, 6 Jul 1999 21:26:39 +0000 Subject: reporting failure to accept ntlmv2 (only) with down-level protocols (LANMAN1 and below). (This used to be commit be7b978249ddb5e2e94aa160a360fecbf51f016e) --- source3/smbd/reply.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c44cf069a9..29dccaf9e8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -537,7 +537,8 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int smb_bufsize = SVAL(inbuf,smb_vwv2); - if (Protocol < PROTOCOL_NT1) { + if (Protocol < PROTOCOL_NT1) + { smb_apasslen = SVAL(inbuf,smb_vwv7); if (smb_apasslen > MAX_PASS_LEN) { @@ -551,7 +552,16 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!doencrypt && (lp_security() != SEC_SERVER)) { smb_apasslen = strlen(smb_apasswd); } - } else { + + if (lp_server_ntlmv2() == True) + { + DEBUG(1,("NTLMv2-only accepted with NT LANMAN 1.0 and above.\n\ +user %s attempted down-level SMB connection\n", user)); + return(ERROR(ERRSRV,ERRbadpw)); + } + } + else + { uint16 passlen1 = SVAL(inbuf,smb_vwv7); uint16 passlen2 = SVAL(inbuf,smb_vwv8); enum remote_arch_types ra_type = get_remote_arch(); @@ -707,7 +717,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int * 128 length unicode. */ - if(smb_ntpasslen) + if (smb_ntpasslen) { if(!password_ok(user, smb_ntpasswd,smb_ntpasslen,NULL,user_sess_key)) DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); -- cgit From 8f1404739fe75464fe1500c3f6e6d39d4878ec1e Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Mon, 12 Jul 1999 18:46:15 +0000 Subject: Jean-Francois Micouleau's rewritten DFS patch, originally written by Nigel Williams. despite the data format being *exactly* the same as NT's, this still doesn't work yet. more work needed. (This used to be commit 270981960bb5aab52d2f8e494827101ece6729c4) --- source3/smbd/reply.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 29dccaf9e8..652d6e4795 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -835,6 +835,11 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size unix_convert(name,conn,0,&bad_path,&st); mode = SVAL(inbuf,smb_vwv0); + + if(under_dfs(conn, name)) { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } if (check_name(name,conn)) { if(VALID_STAT(st)) @@ -892,6 +897,11 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL bad_path = False; pstrcpy(fname,smb_buf(inbuf) + 1); + + if (under_dfs(conn, fname)) { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ -- cgit From ac61e4aee2a263de6a882e3ff125b4b65a652a2b Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Mon, 12 Jul 1999 18:57:05 +0000 Subject: lengths of NT passwords when "encrypt passwords = no" can be completely random. values seen can be as high as 18255. this fails the check of <= 24 which sets NT password length to 0, effectively ignoring it. the <= 24 was removed in reply_sesssetup_X. (This used to be commit 98d43b20dc4df72ddbfaeb34581222adc53d15dd) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 652d6e4795..bfa68ab140 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -605,7 +605,7 @@ user %s attempted down-level SMB connection\n", user)); setting passlen2 to some random value which really stuffs things up. we need to fix that one. */ - if (passlen1 > 0 && passlen2 > 0 && passlen2 <= 24 && passlen2 != 1) + if (passlen1 > 0 && passlen2 > 0 && passlen2 != 1) passlen2 = 0; } -- cgit From 939f6d6794e1dc0677624ac67d1f00950417b713 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 15 Jul 1999 20:44:24 +0000 Subject: more dfs stuff. this looks like it's going to be more appropriate to use the vfs tables. at the moment, i replaced all calls to unix_convert() with unix_dfs_convert(). this does the job, but it's not very nice. (This used to be commit 00d4aebce9f268a737ef9df9bdbe59f8fe831979) --- source3/smbd/reply.c | 100 ++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 75 insertions(+), 25 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bfa68ab140..b8300da40a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -832,15 +832,14 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SMB_STRUCT_STAT st; pstrcpy(name,smb_buf(inbuf) + 1); - unix_convert(name,conn,0,&bad_path,&st); - - mode = SVAL(inbuf,smb_vwv0); - - if(under_dfs(conn, name)) { + if (!unix_dfs_convert(name,conn,0,&bad_path,&st)) + { SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); } + mode = SVAL(inbuf,smb_vwv0); + if (check_name(name,conn)) { if(VALID_STAT(st)) ok = S_ISDIR(st.st_mode); @@ -898,11 +897,6 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstrcpy(fname,smb_buf(inbuf) + 1); - if (under_dfs(conn, fname)) { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } - /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ if (! (*fname)) @@ -915,7 +909,11 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } else { - unix_convert(fname,conn,0,&bad_path,&sbuf); + if (!unix_dfs_convert(fname,conn,0,&bad_path,&sbuf)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } if (check_name(fname,conn)) { if (VALID_STAT(sbuf) || conn->vfs_ops.stat(dos_to_unix(fname,False),&sbuf) == 0) @@ -980,7 +978,11 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL bad_path = False; pstrcpy(fname,smb_buf(inbuf) + 1); - unix_convert(fname,conn,0,&bad_path,&st); + if (!unix_dfs_convert(fname,conn,0,&bad_path,&st)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } mode = SVAL(inbuf,smb_vwv0); mtime = make_unix_date3(inbuf+smb_vwv1); @@ -1087,7 +1089,11 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstrcpy(directory,smb_buf(inbuf)+1); pstrcpy(dir2,smb_buf(inbuf)+1); - unix_convert(directory,conn,0,&bad_path,NULL); + if (!unix_dfs_convert(directory,conn,0,&bad_path,NULL)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } unix_format(dir2); if (!check_name(directory,conn)) @@ -1348,7 +1354,11 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, share_mode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); - unix_convert(fname,conn,0,&bad_path,NULL); + if (!unix_dfs_convert(fname,conn,0,&bad_path,NULL)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } fsp = file_new(); if (!fsp) @@ -1453,7 +1463,11 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt /* XXXX we need to handle passed times, sattr and flags */ pstrcpy(fname,smb_buf(inbuf)); - unix_convert(fname,conn,0,&bad_path,NULL); + if (!unix_dfs_convert(fname,conn,0,&bad_path,NULL)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } fsp = file_new(); if (!fsp) @@ -1587,7 +1601,11 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); - unix_convert(fname,conn,0,&bad_path,NULL); + if (!unix_dfs_convert(fname,conn,0,&bad_path,NULL)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } if (createmode & aVOLID) { @@ -1673,7 +1691,11 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); pstrcat(fname,"/TMXXXXXX"); - unix_convert(fname,conn,0,&bad_path,NULL); + if (!unix_dfs_convert(fname,conn,0,&bad_path,NULL)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } unixmode = unix_mode(conn,createmode); @@ -1779,7 +1801,11 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(3,("reply_unlink : %s\n",name)); - unix_convert(name,conn,0,&bad_path,NULL); + if (!unix_dfs_convert(name,conn,0,&bad_path,NULL)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } p = strrchr(name,'/'); if (!p) { @@ -2940,7 +2966,11 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; pstrcpy(directory,smb_buf(inbuf) + 1); - unix_convert(directory,conn,0,&bad_path,NULL); + if (!unix_dfs_convert(directory,conn,0,&bad_path,NULL)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } if (check_name(directory, conn)) ret = conn->vfs_ops.mkdir(dos_to_unix(directory,False), @@ -3035,7 +3065,11 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; pstrcpy(directory,smb_buf(inbuf) + 1); - unix_convert(directory,conn, NULL,&bad_path,NULL); + if (!unix_dfs_convert(directory,conn, NULL,&bad_path,NULL)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } if (check_name(directory,conn)) { @@ -3236,12 +3270,20 @@ int rename_internals(connection_struct *conn, *directory = *mask = 0; - unix_convert(name,conn,0,&bad_path1,NULL); - unix_convert(newname,conn,newname_last_component,&bad_path2,NULL); + if (!unix_dfs_convert(name,conn,0,&bad_path1,NULL)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } + if (!unix_dfs_convert(newname,conn,newname_last_component,&bad_path2,NULL)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } /* * Split the old name into directory and last component - * strings. Note that unix_convert may have stripped off a + * strings. Note that if (!unix_dfs_convert may have stripped off a * leading ./ from both name and newname if the rename is * at the root of the share. We need to make sure either both * name and newname contain a / character or neither of them do @@ -3552,8 +3594,16 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(ERROR(ERRSRV,ERRinvdevice)); } - unix_convert(name,conn,0,&bad_path1,NULL); - unix_convert(newname,conn,0,&bad_path2,NULL); + if (!unix_dfs_convert(name,conn,0,&bad_path1,NULL)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } + if (!unix_dfs_convert(newname,conn,0,&bad_path2,NULL)) + { + SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); + } target_is_directory = dos_directory_exist(newname,NULL); -- cgit From 7c29698e4182f034c0b8251be3bb9370cb35ec08 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 15 Jul 1999 21:25:58 +0000 Subject: work-around for win95 NULL session bug: NULL password actually being placed in data stream before username / domain, whereas NT doesn't do this... (This used to be commit 44e6d4c1b0b6ae54e76e96471b40bb784c8b3c8c) --- source3/smbd/reply.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b8300da40a..bb6e8654d3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -609,7 +609,7 @@ user %s attempted down-level SMB connection\n", user)); passlen2 = 0; } - if(doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) { + if (doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) { /* Save the lanman2 password and the NT md4 password. */ smb_apasslen = passlen1; memcpy(smb_apasswd,p,smb_apasslen); @@ -632,12 +632,22 @@ user %s attempted down-level SMB connection\n", user)); } } - p += passlen1 + passlen2; + if (passlen2 == 0 && smb_apasslen == 0 && ra_type == RA_WIN95) + { + /* work-around for win95 NULL sessions, where NULL password is + actually put in the data stream before the domain name etc */ + p++; + } + else + { + p += passlen1 + passlen2; + } + fstrcpy(user,p); p = skip_string(p,1); domain = p; DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", - domain,skip_string(p,1),skip_string(p,2))); + domain, skip_string(p,1), skip_string(p,2))); } DEBUG(3,("sesssetupX:name=[%s]\n",user)); -- cgit From 46ce0d4619839f40f910eb4a0d2c3da01436bc88 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Wed, 21 Jul 1999 00:31:16 +0000 Subject: comments requested by jeremy as to why NT/95 NULL-password distinction hack was modified. (This used to be commit 50f7bd8a9c47d073bbde66ae26e9f71f030afc4c) --- source3/smbd/reply.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bb6e8654d3..8723779d30 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -603,7 +603,12 @@ user %s attempted down-level SMB connection\n", user)); if passlen1>0 and passlen2>0 then maybe its a NT box and its setting passlen2 to some random value which really stuffs - things up. we need to fix that one. */ + things up. we need to fix that one. + + LKCLXXXX: the random value can be random 16 bit. old test + used to have ... && passlen <= 24) which of course fails + most of the time. + */ if (passlen1 > 0 && passlen2 > 0 && passlen2 != 1) passlen2 = 0; -- cgit From b231d2fafaff8dc67ef2dbaec778f716524d4f6a Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Mon, 15 Nov 1999 22:11:10 +0000 Subject: - added DCE/RPC "fault" PDU support. - disabled (AGAIN) the GETDC "if (MAILSLOT\NTLOGON)" code that will get NT5rc2 to work but WILL break win95 (AGAIN). this needs _not_ to be re-enabled but to be replaced with a better mechanism. - added SMBwrite support (note: SMBwriteX already existed) as NT5rc2 is sending DCE/RPC over SMBwrite not SMBwriteX. (This used to be commit 25c70e3c984c4fed19763ed405741e83fe14f87e) --- source3/smbd/reply.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8723779d30..0c4fb2003c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2348,6 +2348,10 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i files_struct *fsp = file_fsp(inbuf,smb_vwv0); int outsize = 0; + /* If it's an IPC, pass off the pipe handler. */ + if (IS_IPC(conn)) + return reply_pipe_write(inbuf,outbuf,dum_size,dum_buffsize); + CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); CHECK_ERROR(fsp); -- cgit From 24a069eac302069559c6347b24276e7f1a04cc91 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sat, 20 Nov 1999 20:54:29 +0000 Subject: modified domain_client_validate to take trust account name / type. this is to pass DOMAIN_NAME$ and SEC_CHAN_DOMAIN instead of WKSTA_NAME$ and SEC_CHAN_WKSTA. modified check_domain_security to determine if domain name is own domain, and to use wksta trust account if so, otherwise check "trusting domains" parameter and use inter-domain trust account if so, otherwise return False. (This used to be commit 97ec74e1fa99d773812d2df402251fafb76b181c) --- source3/smbd/reply.c | 61 +++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 56 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0c4fb2003c..79b24a986c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -39,6 +39,7 @@ extern BOOL case_preserve; extern BOOL short_case_preserve; extern pstring sesssetup_user; extern fstring global_myworkgroup; +extern fstring global_myname; extern int Client; extern int global_oplock_break; uint32 global_client_caps = 0; @@ -501,12 +502,62 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *smb_apasswd, int smb_apasslen, char *smb_ntpasswd, int smb_ntpasslen) { - if(lp_security() != SEC_DOMAIN) - return False; + fstring acct_name; + uint16 acct_type = 0; + + char *server_list = NULL; + pstring srv_list; + char *trusted_list = lp_trusted_domains(); + + if (lp_security() == SEC_SHARE || lp_security() == SEC_SERVER) + { + return False; + } + + if (lp_security() == SEC_DOMAIN) + { + fstrcpy(acct_name, global_myname); + acct_type = SEC_CHAN_WKSTA; + if (strequal(lp_workgroup(), domain)) + { + DEBUG(10,("local domain server list: %s\n", server_list)); + pstrcpy(srv_list, lp_passwordserver()); + server_list = srv_list; + } + } + + if (server_list == NULL) + { + pstring tmp; + if (next_token(&trusted_list, tmp, NULL, sizeof(tmp))) + { + do + { + fstring trust_dom; + split_at_first_component(tmp, trust_dom, '=', srv_list); + + if (strequal(domain, trust_dom)) + { + DEBUG(10,("trusted domain server list: %s\n", server_list)); + fstrcpy(acct_name, global_myworkgroup); + acct_type = SEC_CHAN_DOMAIN; + server_list = srv_list; + break; + } + + } while (next_token(NULL, tmp, NULL, sizeof(tmp))); + } + } + + if (server_list == NULL) + { + return False; + } - return domain_client_validate(orig_user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen); + return domain_client_validate(orig_user, domain, server_list, + acct_name, acct_type, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen); } /**************************************************************************** -- cgit From 680dcc934182544aa49a4a426f2263c1aaedd4aa Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sun, 21 Nov 1999 17:27:20 +0000 Subject: hmmm... have to add client-side support in domain_client_validate() to _use_ user session key. (This used to be commit be6a6b13939798a9c7242b38864f0ce842391a74) --- source3/smbd/reply.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 79b24a986c..da72c9f3b5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -499,8 +499,9 @@ static BOOL check_server_security(char *orig_user, char *domain, ****************************************************************************/ static BOOL check_domain_security(char *orig_user, char *domain, - char *smb_apasswd, int smb_apasslen, - char *smb_ntpasswd, int smb_ntpasslen) + char *smb_apasswd, int smb_apasslen, + char *smb_ntpasswd, int smb_ntpasslen, + uchar user_sess_key[16]) { fstring acct_name; uint16 acct_type = 0; @@ -557,7 +558,8 @@ static BOOL check_domain_security(char *orig_user, char *domain, return domain_client_validate(orig_user, domain, server_list, acct_name, acct_type, smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen); + smb_ntpasswd, smb_ntpasslen, + user_sess_key); } /**************************************************************************** @@ -768,7 +770,7 @@ user %s attempted down-level SMB connection\n", user)); smb_ntpasswd, smb_ntpasslen) && !check_domain_security(orig_user, domain, smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen) && + smb_ntpasswd, smb_ntpasslen, user_sess_key) && !check_hosts_equiv(user) ) { -- cgit From 32b9508d066f002e778873edc19266a6d897f922 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sun, 21 Nov 1999 19:59:56 +0000 Subject: implement server-side generation of NTLMv2 session key. YESSS :-) (This used to be commit 1092b4f6fbdf3770c0dab756b982a562def1738e) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index da72c9f3b5..d5d0884436 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -444,7 +444,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out if (!smb_password_ok(smb_trust_acct, NULL, NULL, NULL, (unsigned char *)smb_passwd, smb_passlen, - (unsigned char *)smb_nt_passwd, smb_nt_passlen)) + (unsigned char *)smb_nt_passwd, smb_nt_passlen, NULL)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); -- cgit From 7aebbb90c8e09febd345de10c0b438e98f30468b Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 2 Dec 1999 16:52:38 +0000 Subject: need a domain resolving function, but get_trusted_serverlist() will do. this is horrible. (This used to be commit 9df973fe711f322075d86d6792d6c0b8539c1d00) --- source3/smbd/reply.c | 36 ++++++------------------------------ 1 file changed, 6 insertions(+), 30 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d5d0884436..5cf2ac2a7a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -507,49 +507,25 @@ static BOOL check_domain_security(char *orig_user, char *domain, uint16 acct_type = 0; char *server_list = NULL; - pstring srv_list; - char *trusted_list = lp_trusted_domains(); if (lp_security() == SEC_SHARE || lp_security() == SEC_SERVER) { return False; } - if (lp_security() == SEC_DOMAIN) + if (lp_security() == SEC_DOMAIN && strequal(domain, global_myworkgroup)) { fstrcpy(acct_name, global_myname); acct_type = SEC_CHAN_WKSTA; - if (strequal(lp_workgroup(), domain)) - { - DEBUG(10,("local domain server list: %s\n", server_list)); - pstrcpy(srv_list, lp_passwordserver()); - server_list = srv_list; - } } - - if (server_list == NULL) + else { - pstring tmp; - if (next_token(&trusted_list, tmp, NULL, sizeof(tmp))) - { - do - { - fstring trust_dom; - split_at_first_component(tmp, trust_dom, '=', srv_list); - - if (strequal(domain, trust_dom)) - { - DEBUG(10,("trusted domain server list: %s\n", server_list)); - fstrcpy(acct_name, global_myworkgroup); - acct_type = SEC_CHAN_DOMAIN; - server_list = srv_list; - break; - } - - } while (next_token(NULL, tmp, NULL, sizeof(tmp))); - } + fstrcpy(acct_name, global_myworkgroup); + acct_type = SEC_CHAN_DOMAIN; } + server_list = get_trusted_serverlist(domain); + if (server_list == NULL) { return False; -- cgit From b96e4e4f7d80bf783aeea1592fbca58769a58e1d Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 2 Dec 1999 19:07:13 +0000 Subject: domain_client_validate() no longer takes serverlist, it calls get_any_dc_name(). (This used to be commit e21367c0ebdc5e202cdc39d50950bff089bf67f8) --- source3/smbd/reply.c | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5cf2ac2a7a..a0ad2ca20d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -506,8 +506,6 @@ static BOOL check_domain_security(char *orig_user, char *domain, fstring acct_name; uint16 acct_type = 0; - char *server_list = NULL; - if (lp_security() == SEC_SHARE || lp_security() == SEC_SERVER) { return False; @@ -524,14 +522,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, acct_type = SEC_CHAN_DOMAIN; } - server_list = get_trusted_serverlist(domain); - - if (server_list == NULL) - { - return False; - } - - return domain_client_validate(orig_user, domain, server_list, + return domain_client_validate(orig_user, domain, acct_name, acct_type, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen, -- cgit From a0ba234cf9b40adf6b5390e4e67730163a42883f Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Mon, 6 Dec 1999 00:44:32 +0000 Subject: the first independent msrpc daemon - lsarpcd. one horrible cut / paste job from smbd, plus a code split of shared components between the two. the job is not _yet_ complete, as i need to be able to do a become_user() call for security reasons. i picked lsarpcd first because you don't _need_ security on it (microsoft botched so badly on this one, it's not real. at least they fixed this in nt5 with restrictanonymous=0x2). fixing this involves sending the current smb and unix credentials down the unix pipe so that the daemon it eventually goes to can pick them up at the other end. i can't believe this all worked!!! (This used to be commit 2245b0c6d13c7c5886e81f9137b05df883598c26) --- source3/smbd/reply.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a0ad2ca20d..81f2a9beb9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -415,6 +415,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out char *smb_nt_passwd, int smb_nt_passlen) { struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ + uchar last_chal[8]; if (lp_security() == SEC_USER) { smb_trust_acct = getsmbpwnam(user); @@ -441,8 +442,8 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - - if (!smb_password_ok(smb_trust_acct, NULL, NULL, NULL, + if (!last_challenge(last_chal) || + !smb_password_ok(smb_trust_acct, last_chal, NULL, NULL, (unsigned char *)smb_passwd, smb_passlen, (unsigned char *)smb_nt_passwd, smb_nt_passlen, NULL)) { -- cgit From 4f8a24522c683761c6f2ee23dba56f6c7913377b Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sun, 12 Dec 1999 20:03:42 +0000 Subject: final part of "first" phase converting over to msrpc daemon architecture. done a minimal amout of clean-up in the Makefile, removing unnecessary modules from the link stage. this is not complete, yet, and will involve some changes, for example to smbd, to remove dependencies on the password database API that shouldn't be there. for example, smbd should not ever call getsmbpwXXX() it should call the Samr or Lsa API. this first implementation has minor problems with not reinstantiating the same services as the caller. the "homes" service is a good example. (This used to be commit caa50525220b0d0250fa139367593c2de2c12135) --- source3/smbd/reply.c | 38 +++----------------------------------- 1 file changed, 3 insertions(+), 35 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 81f2a9beb9..10146c1287 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -495,41 +495,6 @@ static BOOL check_server_security(char *orig_user, char *domain, smb_ntpasswd, smb_ntpasslen); } -/**************************************************************************** - Check for a valid username and password in security=domain mode. -****************************************************************************/ - -static BOOL check_domain_security(char *orig_user, char *domain, - char *smb_apasswd, int smb_apasslen, - char *smb_ntpasswd, int smb_ntpasslen, - uchar user_sess_key[16]) -{ - fstring acct_name; - uint16 acct_type = 0; - - if (lp_security() == SEC_SHARE || lp_security() == SEC_SERVER) - { - return False; - } - - if (lp_security() == SEC_DOMAIN && strequal(domain, global_myworkgroup)) - { - fstrcpy(acct_name, global_myname); - acct_type = SEC_CHAN_WKSTA; - } - else - { - fstrcpy(acct_name, global_myworkgroup); - acct_type = SEC_CHAN_DOMAIN; - } - - return domain_client_validate(orig_user, domain, - acct_name, acct_type, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen, - user_sess_key); -} - /**************************************************************************** reply to a session setup command ****************************************************************************/ @@ -552,6 +517,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int static BOOL done_sesssetup = False; BOOL doencrypt = SMBENCRYPT(); char *domain = ""; + uchar last_chal[8]; *smb_apasswd = 0; *smb_ntpasswd = 0; @@ -736,7 +702,9 @@ user %s attempted down-level SMB connection\n", user)); !check_server_security(orig_user, domain, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen) && + !last_challenge(last_chal) && !check_domain_security(orig_user, domain, + last_chal, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen, user_sess_key) && !check_hosts_equiv(user) -- cgit From f6276724bafdb6145c0c7b565172d80cb04516ea Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Sun, 12 Dec 1999 21:00:35 +0000 Subject: changed function name of get_home_dir() to get_unixhome_dir(), to stop clash with gnu readline library. fixed issue with [homes] service not being there - call lp_add_home() just before starting the msrpc processing. (This used to be commit 054195df9b6187c663ede5cf4489499abbdc29fc) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 10146c1287..fed82b5e54 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -765,7 +765,7 @@ user %s attempted down-level SMB connection\n", user)); lp_servicenumber(user) < 0) { int homes = lp_servicenumber(HOMES_NAME); - char *home = get_home_dir(user); + char *home = get_unixhome_dir(user); if (homes >= 0 && home) { pstring home_dir; -- cgit From 3db52feb1f3b2c07ce0b06ad4a7099fa6efe3fc7 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 13 Dec 1999 13:27:58 +0000 Subject: first pass at updating head branch to be to be the same as the SAMBA_2_0 branch (This used to be commit 453a822a76780063dff23526c35408866d0c0154) --- source3/smbd/reply.c | 1831 ++++++++++++++++++++++++++++++-------------------- 1 file changed, 1112 insertions(+), 719 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fed82b5e54..54f646e091 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -38,77 +38,33 @@ extern BOOL case_sensitive; extern BOOL case_preserve; extern BOOL short_case_preserve; extern pstring sesssetup_user; +extern pstring global_myname; extern fstring global_myworkgroup; -extern fstring global_myname; extern int Client; extern int global_oplock_break; uint32 global_client_caps = 0; - +unsigned int smb_echo_count = 0; /**************************************************************************** report a possible attack via the password buffer overflow bug ****************************************************************************/ + static void overflow_attack(int len) { - if( DEBUGLVL( 0 ) ) - { - dbgtext( "ERROR: Invalid password length %d.\n", len ); - dbgtext( "Your machine may be under attack by someone " ); - dbgtext( "attempting to exploit an old bug.\n" ); - dbgtext( "Attack was from IP = %s.\n", client_addr(Client) ); - } + if( DEBUGLVL( 0 ) ) { + dbgtext( "ERROR: Invalid password length %d.\n", len ); + dbgtext( "Your machine may be under attack by someone " ); + dbgtext( "attempting to exploit an old bug.\n" ); + dbgtext( "Attack was from IP = %s.\n", client_addr(Client) ); + } exit_server("possible attack"); } -/**************************************************************************** - does _both_ nt->unix and unix->unix username remappings. -****************************************************************************/ -static void map_nt_and_unix_username(const char *domain, char *user) -{ - DOM_NAME_MAP gmep; - fstring nt_username; - - /* - * Pass the user through the NT -> unix user mapping - * function. - */ - - if (lp_server_role() != ROLE_DOMAIN_NONE) - { - memset(nt_username, 0, sizeof(nt_username)); - if (domain != NULL) - { - slprintf(nt_username, sizeof(nt_username)-1, "%s\\%s", - domain, user); - } - else - { - fstrcpy(nt_username, user); - } - - if (lookupsmbpwntnam(nt_username, &gmep)) - { - fstrcpy(user, gmep.unix_name); - } - } - - /* - * Pass the user through the unix -> unix user mapping - * function. - */ - - (void)map_username(user); - - /* - * Do any UNIX username case mangling. - */ - (void)Get_Pwnam( user, True); -} - /**************************************************************************** reply to an special message ****************************************************************************/ + int reply_special(char *inbuf,char *outbuf) { int outsize = 4; @@ -122,13 +78,10 @@ int reply_special(char *inbuf,char *outbuf) *name1 = *name2 = 0; - bzero(outbuf,smb_size); + memset(outbuf,'\0',smb_size); smb_setlen(outbuf,0); - DEBUG(20,("NBT message\n")); - dump_data(20, inbuf, smb_len(inbuf)); - switch (msg_type) { case 0x81: /* session request */ CVAL(outbuf,0) = 0x82; @@ -202,11 +155,11 @@ int reply_special(char *inbuf,char *outbuf) /******************************************************************* work out what error to give to a failed connection ********************************************************************/ + static int connection_error(char *inbuf,char *outbuf,int ecode) { - if (ecode == ERRnoipc) { + if (ecode == ERRnoipc) return(ERROR(ERRDOS,ERRnoipc)); - } return(ERROR(ERRSRV,ecode)); } @@ -247,15 +200,14 @@ static void parse_connect(char *p,char *service,char *user, } } - - - /**************************************************************************** - reply to a tcon + Reply to a tcon. ****************************************************************************/ + int reply_tcon(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { + BOOL doencrypt = SMBENCRYPT(); pstring service; pstring user; pstring password; @@ -269,7 +221,25 @@ int reply_tcon(connection_struct *conn, parse_connect(smb_buf(inbuf)+1,service,user,password,&pwlen,dev); - map_nt_and_unix_username(global_myworkgroup, user); + /* + * Ensure the user and password names are in UNIX codepage format. + */ + + dos_to_unix(user,True); + if (!doencrypt) + dos_to_unix(password,True); + + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + (void)map_username(user); + + /* + * Do any UNIX username case mangling. + */ + (void)Get_Pwnam( user, True); conn = make_connection(service,user,password,pwlen,dev,vuid,&ecode); @@ -288,16 +258,17 @@ int reply_tcon(connection_struct *conn, return(outsize); } - /**************************************************************************** - reply to a tcon and X + Reply to a tcon and X. ****************************************************************************/ + int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { pstring service; pstring user; pstring password; pstring devicename; + BOOL doencrypt = SMBENCRYPT(); int ecode = -1; uint16 vuid = SVAL(inbuf,smb_uid); int passlen = SVAL(inbuf,smb_vwv3); @@ -314,7 +285,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (passlen > MAX_PASS_LEN) { overflow_attack(passlen); } - + memcpy(password,smb_buf(inbuf),passlen); password[passlen]=0; path = smb_buf(inbuf) + passlen; @@ -339,8 +310,26 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt StrnCpy(devicename,path + strlen(path) + 1,6); DEBUG(4,("Got device type %s\n",devicename)); - map_nt_and_unix_username(global_myworkgroup, user); + /* + * Ensure the user and password names are in UNIX codepage format. + */ + + dos_to_unix(user,True); + if (!doencrypt) + dos_to_unix(password,True); + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + (void)map_username(user); + + /* + * Do any UNIX username case mangling. + */ + (void)Get_Pwnam(user, True); + conn = make_connection(service,user,password,passlen,devicename,vuid,&ecode); if (!conn) @@ -397,14 +386,39 @@ int reply_unknown(char *inbuf,char *outbuf) int reply_ioctl(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - DEBUG(3,("ignoring ioctl\n")); -#if 0 - /* we just say it succeeds and hope its all OK. - some day it would be nice to interpret them individually */ - return set_message(outbuf,1,0,True); -#else - return(ERROR(ERRSRV,ERRnosupport)); -#endif + uint16 device = SVAL(inbuf,smb_vwv1); + uint16 function = SVAL(inbuf,smb_vwv2); + uint32 ioctl_code = (device << 16) + function; + int replysize, outsize; + char *p; + + DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code)); + + switch (ioctl_code) + { + case IOCTL_QUERY_JOB_INFO: + replysize = 32; + break; + default: + return(ERROR(ERRSRV,ERRnosupport)); + } + + outsize = set_message(outbuf,8,replysize+1,True); + SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */ + SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */ + SSVAL(outbuf,smb_vwv6,52); /* Offset to data */ + p = smb_buf(outbuf) + 1; /* Allow for alignment */ + + switch (ioctl_code) + { + case IOCTL_QUERY_JOB_INFO: + SSVAL(p,0,1); /* Job number */ + StrnCpy(p+2, global_myname, 15); /* Our NetBIOS name */ + StrnCpy(p+18, lp_servicename(SNUM(conn)), 13); /* Service name */ + break; + } + + return outsize; } /**************************************************************************** @@ -415,7 +429,6 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out char *smb_nt_passwd, int smb_nt_passlen) { struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ - uchar last_chal[8]; if (lp_security() == SEC_USER) { smb_trust_acct = getsmbpwnam(user); @@ -442,10 +455,8 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (!last_challenge(last_chal) || - !smb_password_ok(smb_trust_acct, last_chal, NULL, NULL, - (unsigned char *)smb_passwd, smb_passlen, - (unsigned char *)smb_nt_passwd, smb_nt_passlen, NULL)) + + if (!smb_password_ok(smb_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); @@ -479,20 +490,155 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } +/**************************************************************************** + Create a UNIX user on demand. +****************************************************************************/ + +static int smb_create_user(char *unix_user) +{ + pstring add_script; + int ret; + + pstrcpy(add_script, lp_adduser_script()); + pstring_sub(add_script, "%u", unix_user); + ret = smbrun(add_script,NULL,False); + DEBUG(3,("smb_create_user: Running the command `%s' gave %d\n",add_script,ret)); + return ret; +} + +/**************************************************************************** + Delete a UNIX user on demand. +****************************************************************************/ + +static int smb_delete_user(char *unix_user) +{ + pstring del_script; + int ret; + + pstrcpy(del_script, lp_deluser_script()); + pstring_sub(del_script, "%u", unix_user); + ret = smbrun(del_script,NULL,False); + DEBUG(3,("smb_delete_user: Running the command `%s' gave %d\n",del_script,ret)); + return ret; +} + +/**************************************************************************** + Check user is in correct domain if required +****************************************************************************/ + +static BOOL check_domain_match(char *user, char *domain) +{ + /* + * If we aren't serving to trusted domains, we must make sure that + * the validation request comes from an account in the same domain + * as the Samba server + */ + + if (!lp_allow_trusted_domains() && + !strequal(lp_workgroup(), domain) ) { + DEBUG(1, ("check_domain_match: Attempt to connect as user %s from domain %s denied.\n", user, domain)); + return False; + } else { + return True; + } +} + /**************************************************************************** Check for a valid username and password in security=server mode. ****************************************************************************/ -static BOOL check_server_security(char *orig_user, char *domain, +static BOOL check_server_security(char *orig_user, char *domain, char *unix_user, char *smb_apasswd, int smb_apasslen, char *smb_ntpasswd, int smb_ntpasslen) { + BOOL ret = False; + if(lp_security() != SEC_SERVER) return False; - return server_validate(orig_user, domain, + if (!check_domain_match(orig_user, domain)) + return False; + + ret = server_validate(orig_user, domain, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen); + if(ret) { + /* + * User validated ok against Domain controller. + * If the admin wants us to try and create a UNIX + * user on the fly, do so. + * Note that we can never delete users when in server + * level security as we never know if it was a failure + * due to a bad password, or the user really doesn't exist. + */ + if(lp_adduser_script() && !Get_Pwnam(unix_user,True)) { + smb_create_user(unix_user); + } + } + + return ret; +} + +/**************************************************************************** + Check for a valid username and password in security=domain mode. +****************************************************************************/ + +static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user, + char *smb_apasswd, int smb_apasslen, + char *smb_ntpasswd, int smb_ntpasslen) +{ + BOOL ret = False; + BOOL user_exists = True; + + if(lp_security() != SEC_DOMAIN) + return False; + + if (!check_domain_match(orig_user, domain)) + return False; + + ret = domain_client_validate(orig_user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen, + &user_exists); + + if(ret) { + /* + * User validated ok against Domain controller. + * If the admin wants us to try and create a UNIX + * user on the fly, do so. + */ + if(user_exists && lp_adduser_script() && !Get_Pwnam(unix_user,True)) { + smb_create_user(unix_user); + } + } else { + /* + * User failed to validate ok against Domain controller. + * If the failure was "user doesn't exist" and admin + * wants us to try and delete that UNIX user on the fly, + * do so. + */ + if(!user_exists && lp_deluser_script() && Get_Pwnam(unix_user,True)) { + smb_delete_user(unix_user); + } + } + + return ret; +} + +/**************************************************************************** + Return a bad password error configured for the correct client type. +****************************************************************************/ + +static int bad_password_error(char *inbuf,char *outbuf) +{ + enum remote_arch_types ra_type = get_remote_arch(); + + if(ra_type == RA_WINNT && (global_client_caps & (CAP_NT_SMBS | CAP_STATUS32 ))) { + SSVAL(outbuf,smb_flg2,FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0,0xc0000000|NT_STATUS_LOGON_FAILURE)); + } + + return(ERROR(ERRSRV,ERRbadpw)); } /**************************************************************************** @@ -502,9 +648,8 @@ reply to a session setup command int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { uint16 sess_vuid; - uchar user_sess_key[16]; - int gid; - int uid; + gid_t gid; + uid_t uid; int smb_bufsize; int smb_apasslen = 0; pstring smb_apasswd; @@ -517,63 +662,55 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int static BOOL done_sesssetup = False; BOOL doencrypt = SMBENCRYPT(); char *domain = ""; - uchar last_chal[8]; *smb_apasswd = 0; *smb_ntpasswd = 0; smb_bufsize = SVAL(inbuf,smb_vwv2); - if (Protocol < PROTOCOL_NT1) - { + if (Protocol < PROTOCOL_NT1) { smb_apasslen = SVAL(inbuf,smb_vwv7); if (smb_apasslen > MAX_PASS_LEN) - { - overflow_attack(smb_apasslen); - } + overflow_attack(smb_apasslen); memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); smb_apasswd[smb_apasslen] = 0; pstrcpy(user,smb_buf(inbuf)+smb_apasslen); - + /* + * Incoming user is in DOS codepage format. Convert + * to UNIX. + */ + dos_to_unix(user,True); + if (!doencrypt && (lp_security() != SEC_SERVER)) { - smb_apasslen = strlen(smb_apasswd); + smb_apasslen = strlen(smb_apasswd); } - - if (lp_server_ntlmv2() == True) - { - DEBUG(1,("NTLMv2-only accepted with NT LANMAN 1.0 and above.\n\ -user %s attempted down-level SMB connection\n", user)); - return(ERROR(ERRSRV,ERRbadpw)); - } - } - else - { + } else { uint16 passlen1 = SVAL(inbuf,smb_vwv7); uint16 passlen2 = SVAL(inbuf,smb_vwv8); enum remote_arch_types ra_type = get_remote_arch(); char *p = smb_buf(inbuf); - global_client_caps = IVAL(inbuf,smb_vwv11); + if(global_client_caps == 0) + global_client_caps = IVAL(inbuf,smb_vwv11); /* client_caps is used as final determination if client is NT or Win95. This is needed to return the correct error codes in some circumstances. */ - if(ra_type == RA_WINNT || ra_type == RA_WIN95) - { + if(ra_type == RA_WINNT || ra_type == RA_WIN95) { if(global_client_caps & (CAP_NT_SMBS | CAP_STATUS32)) set_remote_arch( RA_WINNT); else set_remote_arch( RA_WIN95); } - if (passlen1 != 24 && passlen2 <= 24) + if (passlen1 != 24 && passlen2 != 24) doencrypt = False; if (passlen1 > MAX_PASS_LEN) { - overflow_attack(passlen1); + overflow_attack(passlen1); } passlen1 = MIN(passlen1, MAX_PASS_LEN); @@ -590,18 +727,33 @@ user %s attempted down-level SMB connection\n", user)); if passlen1>0 and passlen2>0 then maybe its a NT box and its setting passlen2 to some random value which really stuffs - things up. we need to fix that one. + things up. we need to fix that one. */ - LKCLXXXX: the random value can be random 16 bit. old test - used to have ... && passlen <= 24) which of course fails - most of the time. - */ - - if (passlen1 > 0 && passlen2 > 0 && passlen2 != 1) + if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24 && passlen2 != 1) passlen2 = 0; } - if (doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) { + if (lp_restrict_anonymous()) { + /* there seems to be no reason behind the differences in MS clients formatting + * various info like the domain, NativeOS, and NativeLanMan fields. Win95 + * in particular seems to have an extra null byte between the username and the + * domain, or the password length calculation is wrong, which throws off the + * string extraction routines below. This makes the value of domain be the + * empty string, which fails the restrict anonymous check further down. + * This compensates for that, and allows browsing to work in mixed NT and + * win95 environments even when restrict anonymous is true. AAB + */ + dump_data(100, p, 0x70); + DEBUG(9, ("passlen1=%d, passlen2=%d\n", passlen1, passlen2)); + if (ra_type == RA_WIN95 && !passlen1 && !passlen2 && p[0] == 0 && p[1] == 0) { + DEBUG(0, ("restrict anonymous parameter used in a win95 environment!\n")); + DEBUG(0, ("client is win95 and broken passlen1 offset -- attempting fix\n")); + DEBUG(0, ("if win95 cilents are having difficulty browsing, you will be unable to use restrict anonymous\n")); + passlen1 = 1; + } + } + + if(doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) { /* Save the lanman2 password and the NT md4 password. */ smb_apasslen = passlen1; memcpy(smb_apasswd,p,smb_apasslen); @@ -609,54 +761,77 @@ user %s attempted down-level SMB connection\n", user)); smb_ntpasslen = passlen2; memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen); smb_ntpasswd[smb_ntpasslen] = 0; + + /* + * Ensure the plaintext passwords are in UNIX format. + */ + if(!doencrypt) { + dos_to_unix(smb_apasswd,True); + dos_to_unix(smb_ntpasswd,True); + } + } else { /* we use the first password that they gave */ smb_apasslen = passlen1; StrnCpy(smb_apasswd,p,smb_apasslen); + /* + * Ensure the plaintext password is in UNIX format. + */ + dos_to_unix(smb_apasswd,True); /* trim the password */ smb_apasslen = strlen(smb_apasswd); /* wfwg sometimes uses a space instead of a null */ if (strequal(smb_apasswd," ")) { - smb_apasslen = 0; - *smb_apasswd = 0; + smb_apasslen = 0; + *smb_apasswd = 0; } } - if (passlen2 == 0 && smb_apasslen == 0 && ra_type == RA_WIN95) - { - /* work-around for win95 NULL sessions, where NULL password is - actually put in the data stream before the domain name etc */ - p++; - } - else - { - p += passlen1 + passlen2; - } - - fstrcpy(user,p); p = skip_string(p,1); + p += passlen1 + passlen2; + fstrcpy(user,p); + p = skip_string(p,1); + /* + * Incoming user is in DOS codepage format. Convert + * to UNIX. + */ + dos_to_unix(user,True); domain = p; DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", - domain, skip_string(p,1), skip_string(p,2))); + domain,skip_string(p,1),skip_string(p,2))); } + DEBUG(3,("sesssetupX:name=[%s]\n",user)); /* If name ends in $ then I think it's asking about whether a */ /* computer with that name (minus the $) has access. For now */ /* say yes to everything ending in $. */ - if ((user[strlen(user) - 1] == '$') && (smb_apasslen == 24) && (smb_ntpasslen == 24)) - { + + if (*user && (user[strlen(user) - 1] == '$') && (smb_apasslen == 24) && (smb_ntpasslen == 24)) { return session_trust_account(conn, inbuf, outbuf, user, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen); } + if (done_sesssetup && lp_restrict_anonymous()) { + /* tests show that even if browsing is done over already validated connections + * without a username and password the domain is still provided, which it + * wouldn't be if it was a purely anonymous connection. So, in order to + * restrict anonymous, we only deny connections that have no session + * information. If a domain has been provided, then it's not a purely + * anonymous connection. AAB + */ + if (!*user && !*smb_apasswd && !*domain) { + DEBUG(0, ("restrict anonymous is True and anonymous connection attempted. Denying access.\n")); + return(ERROR(ERRDOS,ERRnoaccess)); + } + } + /* If no username is sent use the guest account */ - if (!*user) - { + if (!*user) { pstrcpy(user,lp_guestaccount(-1)); /* If no user and no password then set guest flag. */ if( *smb_apasswd == 0) @@ -664,6 +839,7 @@ user %s attempted down-level SMB connection\n", user)); } strlower(user); + /* * In share level security, only overwrite sesssetup_use if * it's a non null-session share. Helps keep %U and %G @@ -672,6 +848,7 @@ user %s attempted down-level SMB connection\n", user)); if((lp_security() != SEC_SHARE) || (*user && !guest)) pstrcpy(sesssetup_user,user); + reload_services(True); /* @@ -682,7 +859,17 @@ user %s attempted down-level SMB connection\n", user)); pstrcpy( orig_user, user); - map_nt_and_unix_username(domain, user); + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + (void)map_username(user); + + /* + * Do any UNIX username case mangling. + */ + (void)Get_Pwnam( user, True); add_session_user(user); @@ -699,14 +886,12 @@ user %s attempted down-level SMB connection\n", user)); */ if (!guest && - !check_server_security(orig_user, domain, + !check_server_security(orig_user, domain, user, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen) && + !check_domain_security(orig_user, domain, user, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen) && - !last_challenge(last_chal) && - !check_domain_security(orig_user, domain, - last_chal, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen, user_sess_key) && !check_hosts_equiv(user) ) { @@ -721,25 +906,31 @@ user %s attempted down-level SMB connection\n", user)); * 128 length unicode. */ - if (smb_ntpasslen) + if(smb_ntpasslen) { - if(!password_ok(user, smb_ntpasswd,smb_ntpasslen,NULL,user_sess_key)) - DEBUG(0,("NT Password did not match ! Defaulting to Lanman\n")); + if(!password_ok(user, smb_ntpasswd,smb_ntpasslen,NULL)) + DEBUG(2,("NT Password did not match for user '%s' ! Defaulting to Lanman\n", user)); else valid_nt_password = True; } - if (!valid_nt_password && !password_ok(user, smb_apasswd,smb_apasslen,NULL,user_sess_key)) + if (!valid_nt_password && !password_ok(user, smb_apasswd,smb_apasslen,NULL)) { if (lp_security() >= SEC_USER) { if (lp_map_to_guest() == NEVER_MAP_TO_GUEST) - return(ERROR(ERRSRV,ERRbadpw)); + { + DEBUG(1,("Rejecting user '%s': authentication failed\n", user)); + return bad_password_error(inbuf,outbuf); + } if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) { - if (Get_Pwnam(user,True)) - return(ERROR(ERRSRV,ERRbadpw)); + if (Get_Pwnam(user,True)) + { + DEBUG(1,("Rejecting user '%s': bad password\n", user)); + return bad_password_error(inbuf,outbuf); + } } /* @@ -765,15 +956,12 @@ user %s attempted down-level SMB connection\n", user)); lp_servicenumber(user) < 0) { int homes = lp_servicenumber(HOMES_NAME); - char *home = get_unixhome_dir(user); + char *home = get_user_home_dir(user); if (homes >= 0 && home) - { - pstring home_dir; - fstrcpy(home_dir, home); - lp_add_home(user,homes,home_dir); - } + lp_add_home(user,homes,home); } + /* it's ok - setup a reply */ if (Protocol < PROTOCOL_NT1) { set_message(outbuf,3,0,True); @@ -793,10 +981,10 @@ user %s attempted down-level SMB connection\n", user)); user we should become. */ { - const struct passwd *pw = Get_Pwnam(user,False); + struct passwd *pw = Get_Pwnam(user,False); if (!pw) { DEBUG(1,("Username %s is invalid on this system\n",user)); - return(ERROR(ERRSRV,ERRbadpw)); + return bad_password_error(inbuf,outbuf); } gid = pw->pw_gid; uid = pw->pw_uid; @@ -807,7 +995,7 @@ user %s attempted down-level SMB connection\n", user)); /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - sess_vuid = register_vuid(uid,gid,user,sesssetup_user,guest,user_sess_key); + sess_vuid = register_vuid(uid,gid,user,sesssetup_user,guest); SSVAL(outbuf,smb_uid,sess_vuid); SSVAL(inbuf,smb_uid,sess_vuid); @@ -836,14 +1024,10 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SMB_STRUCT_STAT st; pstrcpy(name,smb_buf(inbuf) + 1); - if (!unix_dfs_convert(name,conn,0,&bad_path,&st)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } + unix_convert(name,conn,0,&bad_path,&st); mode = SVAL(inbuf,smb_vwv0); - + if (check_name(name,conn)) { if(VALID_STAT(st)) ok = S_ISDIR(st.st_mode); @@ -900,7 +1084,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL bad_path = False; pstrcpy(fname,smb_buf(inbuf) + 1); - + /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ if (! (*fname)) @@ -913,14 +1097,10 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } else { - if (!unix_dfs_convert(fname,conn,0,&bad_path,&sbuf)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } + unix_convert(fname,conn,0,&bad_path,&sbuf); if (check_name(fname,conn)) { - if (VALID_STAT(sbuf) || conn->vfs_ops.stat(dos_to_unix(fname,False),&sbuf) == 0) + if (VALID_STAT(sbuf) || dos_stat(fname,&sbuf) == 0) { mode = dos_mode(conn,fname,&sbuf); size = sbuf.st_size; @@ -982,11 +1162,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL bad_path = False; pstrcpy(fname,smb_buf(inbuf) + 1); - if (!unix_dfs_convert(fname,conn,0,&bad_path,&st)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } + unix_convert(fname,conn,0,&bad_path,&st); mode = SVAL(inbuf,smb_vwv0); mtime = make_unix_date3(inbuf+smb_vwv1); @@ -1025,7 +1201,7 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz int outsize = 0; SMB_BIG_UINT dfree,dsize,bsize; - conn->vfs_ops.disk_free(".",&bsize,&dfree,&dsize); + sys_disk_free(".",True,&bsize,&dfree,&dsize); outsize = set_message(outbuf,5,0,True); @@ -1084,74 +1260,70 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size /* dirtype &= ~aDIR; */ - DEBUG(5,("path=%s status_len=%d\n",path,status_len)); + DEBUG(5,("reply_search: path=%s status_len=%d\n",path,status_len)); if (status_len == 0) - { - pstring dir2; - - pstrcpy(directory,smb_buf(inbuf)+1); - pstrcpy(dir2,smb_buf(inbuf)+1); - if (!unix_dfs_convert(directory,conn,0,&bad_path,NULL)) { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } - unix_format(dir2); + pstring dir2; - if (!check_name(directory,conn)) - can_open = False; + pstrcpy(directory,smb_buf(inbuf)+1); + pstrcpy(dir2,smb_buf(inbuf)+1); + unix_convert(directory,conn,0,&bad_path,NULL); + unix_format(dir2); - p = strrchr(dir2,'/'); - if (p == NULL) - { - pstrcpy(mask,dir2); - *dir2 = 0; - } - else - { - *p = 0; - pstrcpy(mask,p+1); - } + if (!check_name(directory,conn)) + can_open = False; - p = strrchr(directory,'/'); - if (!p) - *directory = 0; - else - *p = 0; - - if (strlen(directory) == 0) - pstrcpy(directory,"./"); - bzero(status,21); - CVAL(status,0) = dirtype; + p = strrchr(dir2,'/'); + if (p == NULL) + { + pstrcpy(mask,dir2); + *dir2 = 0; } - else + else { - memcpy(status,smb_buf(inbuf) + 1 + strlen(path) + 4,21); - memcpy(mask,status+1,11); - mask[11] = 0; - dirtype = CVAL(status,0) & 0x1F; - conn->dirptr = dptr_fetch(status+12,&dptr_num); - if (!conn->dirptr) - goto SearchEmpty; - string_set(&conn->dirpath,dptr_path(dptr_num)); - if (!case_sensitive) - strnorm(mask); + *p = 0; + pstrcpy(mask,p+1); } + p = strrchr(directory,'/'); + if (!p) + *directory = 0; + else + *p = 0; + + if (strlen(directory) == 0) + pstrcpy(directory,"./"); + memset((char *)status,'\0',21); + CVAL(status,0) = dirtype; + } + else + { + memcpy(status,smb_buf(inbuf) + 1 + strlen(path) + 4,21); + memcpy(mask,status+1,11); + mask[11] = 0; + dirtype = CVAL(status,0) & 0x1F; + conn->dirptr = dptr_fetch(status+12,&dptr_num); + if (!conn->dirptr) + goto SearchEmpty; + string_set(&conn->dirpath,dptr_path(dptr_num)); + if (!case_sensitive) + strnorm(mask); + } + /* turn strings of spaces into a . */ { trim_string(mask,NULL," "); if ((p = strrchr(mask,' '))) - { - fstring ext; - fstrcpy(ext,p+1); - *p = 0; - trim_string(mask,NULL," "); - pstrcat(mask,"."); - pstrcat(mask,ext); - } + { + fstring ext; + fstrcpy(ext,p+1); + *p = 0; + trim_string(mask,NULL," "); + pstrcat(mask,"."); + pstrcat(mask,ext); + } } /* Convert the formatted mask. (This code lives in trans2.c) */ @@ -1179,104 +1351,104 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } if (!strchr(mask,'.') && strlen(mask)>8) - { - fstring tmp; - fstrcpy(tmp,&mask[8]); - mask[8] = '.'; - mask[9] = 0; - pstrcat(mask,tmp); - } + { + fstring tmp; + fstrcpy(tmp,&mask[8]); + mask[8] = '.'; + mask[9] = 0; + pstrcat(mask,tmp); + } DEBUG(5,("mask=%s directory=%s\n",mask,directory)); if (can_open) - { - p = smb_buf(outbuf) + 3; - - ok = True; + { + p = smb_buf(outbuf) + 3; - if (status_len == 0) - { - dptr_num = dptr_create(conn,directory,expect_close,SVAL(inbuf,smb_pid)); - if (dptr_num < 0) + ok = True; + + if (status_len == 0) + { + dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid)); + if (dptr_num < 0) + { + if(dptr_num == -2) { - if(dptr_num == -2) + if((errno == ENOENT) && bad_path) { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - return (UNIXERROR(ERRDOS,ERRnofids)); + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; } - return(ERROR(ERRDOS,ERRnofids)); + return (UNIXERROR(ERRDOS,ERRnofids)); } - } + return(ERROR(ERRDOS,ERRnofids)); + } + } - DEBUG(4,("dptr_num is %d\n",dptr_num)); + DEBUG(4,("dptr_num is %d\n",dptr_num)); - if (ok) - { - if ((dirtype&0x1F) == aVOLID) - { - memcpy(p,status,21); - make_dir_struct(p,"???????????",volume_label(SNUM(conn)),0,aVOLID,0); - dptr_fill(p+12,dptr_num); - if (dptr_zero(p+12) && (status_len==0)) - numentries = 1; - else - numentries = 0; - p += DIR_STRUCT_SIZE; - } - else - { - DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n", - conn->dirpath,lp_dontdescend(SNUM(conn)))); - if (in_list(conn->dirpath, - lp_dontdescend(SNUM(conn)),True)) - check_descend = True; - - for (i=numentries;(i dontdescend=<%s>\n", + conn->dirpath,lp_dontdescend(SNUM(conn)))); + if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) + check_descend = True; + + for (i=numentries;(i= 0 && CVAL(inbuf,smb_com) == SMBfunique) - dptr_close(dptr_num); + dptr_close(&dptr_num); SSVAL(outbuf,smb_vwv0,numentries); SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE); @@ -1295,8 +1467,8 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%d of %d\n", - smb_fn_name(CVAL(inbuf,smb_com)), - mask, directory, dirtype, numentries, maxentries ) ); + smb_fn_name(CVAL(inbuf,smb_com)), + mask, directory, dirtype, numentries, maxentries ) ); return(outsize); } @@ -1311,7 +1483,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int status_len; char *path; char status[21]; - int dptr_num= -1; + int dptr_num= -2; outsize = set_message(outbuf,1,0,True); path = smb_buf(inbuf) + 1; @@ -1325,7 +1497,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if(dptr_fetch(status+12,&dptr_num)) { /* Close the dptr - we know it's gone */ - dptr_close(dptr_num); + dptr_close(&dptr_num); } SSVAL(outbuf,smb_vwv0,0); @@ -1358,11 +1530,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, share_mode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); - if (!unix_dfs_convert(fname,conn,0,&bad_path,NULL)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } + unix_convert(fname,conn,0,&bad_path,NULL); fsp = file_new(); if (!fsp) @@ -1381,9 +1549,8 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unixmode = unix_mode(conn,aARCH); - open_file_shared(fsp, conn, fname, share_mode, - (FILE_FAIL_IF_NOT_EXIST | FILE_EXISTS_OPEN), - unixmode, oplock_request, &rmode, NULL); + open_file_shared(fsp,conn,fname,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), + unixmode, oplock_request,&rmode,NULL); if (!fsp->open) { @@ -1396,7 +1563,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + if (sys_fstat(fsp->fd_ptr->fd,&sbuf) != 0) { close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1425,7 +1592,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } - if(fsp->granted_oplock) + if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; return(outsize); } @@ -1459,19 +1626,13 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt files_struct *fsp; /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(conn) && lp_nt_pipe_support() && lp_security() != SEC_SHARE) - { + if (IS_IPC(conn) && lp_nt_pipe_support()) return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize); - } /* XXXX we need to handle passed times, sattr and flags */ pstrcpy(fname,smb_buf(inbuf)); - if (!unix_dfs_convert(fname,conn,0,&bad_path,NULL)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } + unix_convert(fname,conn,0,&bad_path,NULL); fsp = file_new(); if (!fsp) @@ -1490,8 +1651,8 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt unixmode = unix_mode(conn,smb_attr | aARCH); - open_file_shared(fsp, conn, fname, smb_mode, smb_ofun, unixmode, - oplock_request, &rmode, &smb_action); + open_file_shared(fsp,conn,fname,smb_mode,smb_ofun,unixmode, + oplock_request, &rmode,&smb_action); if (!fsp->open) { @@ -1504,7 +1665,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + if (sys_fstat(fsp->fd_ptr->fd,&sbuf) != 0) { close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1526,7 +1687,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt smb_action |= EXTENDED_OPLOCK_GRANTED; } - if(ex_oplock_request && fsp->granted_oplock) { + if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { smb_action |= EXTENDED_OPLOCK_GRANTED; } @@ -1539,7 +1700,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } - if(core_oplock_request && fsp->granted_oplock) { + if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } @@ -1605,11 +1766,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); - if (!unix_dfs_convert(fname,conn,0,&bad_path,NULL)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } + unix_convert(fname,conn,0,&bad_path,NULL); if (createmode & aVOLID) { @@ -1636,18 +1793,17 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if(com == SMBmknew) { /* We should fail if file exists. */ - ofun = 0x10; + ofun = FILE_CREATE_IF_NOT_EXIST; } else { /* SMBcreate - Create if file doesn't exist, truncate if it does. */ - ofun = 0x12; + ofun = FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_TRUNCATE; } /* Open file in dos compatibility share mode. */ - open_file_shared(fsp, conn, fname, - SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), - ofun, unixmode, oplock_request, NULL, NULL); + open_file_shared(fsp,conn,fname,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + ofun, unixmode, oplock_request, NULL, NULL); if (!fsp->open) { @@ -1667,7 +1823,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } - if(fsp->granted_oplock) + if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; DEBUG( 2, ( "new file %s\n", fname ) ); @@ -1695,11 +1851,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); pstrcat(fname,"/TMXXXXXX"); - if (!unix_dfs_convert(fname,conn,0,&bad_path,NULL)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } + unix_convert(fname,conn,0,&bad_path,NULL); unixmode = unix_mode(conn,createmode); @@ -1718,14 +1870,12 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRDOS,ERRnoaccess)); } - pstrcpy(fname2,(char *)mktemp(fname)); + pstrcpy(fname2,(char *)smbd_mktemp(fname)); /* Open file in dos compatibility share mode. */ /* We should fail if file exists. */ - open_file_shared(fsp,conn,fname2, - SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), - (FILE_CREATE_IF_NOT_EXIST | FILE_EXISTS_FAIL), - unixmode, oplock_request, NULL, NULL); + open_file_shared(fsp,conn,fname2,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + (FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_FAIL), unixmode, oplock_request, NULL, NULL); if (!fsp->open) { @@ -1747,7 +1897,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } - if(fsp->granted_oplock) + if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; DEBUG( 2, ( "created temp file %s\n", fname2 ) ); @@ -1768,7 +1918,7 @@ static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) if (!CAN_WRITE(conn)) return(False); - if (conn->vfs_ops.lstat(fname,&sbuf) != 0) return(False); + if (dos_lstat(fname,&sbuf) != 0) return(False); fmode = dos_mode(conn,fname,&sbuf); if (fmode & aDIR) return(False); if (!lp_delete_readonly(SNUM(conn))) { @@ -1781,8 +1931,9 @@ static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) } /**************************************************************************** - reply to a unlink + Reply to a unlink ****************************************************************************/ + int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; @@ -1796,6 +1947,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL has_wild; BOOL exists=False; BOOL bad_path = False; + BOOL rc = True; *directory = *mask = 0; @@ -1805,11 +1957,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(3,("reply_unlink : %s\n",name)); - if (!unix_dfs_convert(name,conn,0,&bad_path,NULL)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } + rc = unix_convert(name,conn,0,&bad_path,NULL); p = strrchr(name,'/'); if (!p) { @@ -1821,7 +1969,16 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstrcpy(mask,p+1); } - if (is_mangled(mask)) + /* + * We should only check the mangled cache + * here if unix_convert failed. This means + * that the path in 'mask' doesn't exist + * on the file system and so we need to look + * for a possible mangle. This patch from + * Tine Smukavec . + */ + + if (!rc && is_mangled(mask)) check_mangled_cache( mask ); has_wild = strchr(mask,'*') || strchr(mask,'?'); @@ -1829,10 +1986,10 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - if (can_delete(directory,conn,dirtype) && !conn->vfs_ops.unlink(directory)) + if (can_delete(directory,conn,dirtype) && !dos_unlink(directory)) count++; if (!count) - exists = vfs_file_exist(conn,dos_to_unix(directory,False),NULL); + exists = dos_file_exist(directory,NULL); } else { void *dirptr = NULL; char *dname; @@ -1862,7 +2019,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); if (!can_delete(fname,conn,dirtype)) continue; - if (!conn->vfs_ops.unlink(fname)) count++; + if (!dos_unlink(fname)) count++; DEBUG(3,("reply_unlink : doing unlink on %s\n",fname)); } CloseDir(dirptr); @@ -1892,6 +2049,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size /**************************************************************************** reply to a readbraw (core+ protocol) ****************************************************************************/ + int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int dum_buffsize) { size_t maxcount,mincount; @@ -1917,13 +2075,45 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s fsp = file_fsp(inbuf,smb_vwv0); + if (!FNUM_OK(fsp,conn) || !fsp->can_read) { + /* + * fsp could be NULL here so use the value from the packet. JRA. + */ + DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0))); + _smb_setlen(header,0); + transfer_file(0,Client,(SMB_OFF_T)0,header,4,0); + return(-1); + } + + CHECK_FSP(fsp,conn); + + flush_write_cache(fsp, READRAW_FLUSH); + startpos = IVAL(inbuf,smb_vwv1); -#ifdef LARGE_SMB_OFF_T if(CVAL(inbuf,smb_wct) == 10) { /* * This is a large offset (64 bit) read. */ +#ifdef LARGE_SMB_OFF_T + startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv8)) << 32); + +#else /* !LARGE_SMB_OFF_T */ + + /* + * Ensure we haven't been sent a >32 bit offset. + */ + + if(IVAL(inbuf,smb_vwv8) != 0) { + DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \ +64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) )); + _smb_setlen(header,0); + transfer_file(0,Client,(SMB_OFF_T)0,header,4,0); + return(-1); + } + +#endif /* LARGE_SMB_OFF_T */ + if(startpos < 0) { DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", (double)startpos )); @@ -1932,7 +2122,6 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s return(-1); } } -#endif /* LARGE_SMB_OFF_T */ maxcount = (SVAL(inbuf,smb_vwv3) & 0xFFFF); mincount = (SVAL(inbuf,smb_vwv4) & 0xFFFF); @@ -1940,13 +2129,6 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s maxcount = MIN(65535,maxcount); maxcount = MAX(mincount,maxcount); - if (!FNUM_OK(fsp,conn) || !fsp->can_read) { - DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",fsp->fnum)); - _smb_setlen(header,0); - transfer_file(0,Client,(SMB_OFF_T)0,header,4,0); - return(-1); - } - if (!is_locked(fsp,conn,maxcount,startpos, F_RDLCK)) { SMB_OFF_T size = fsp->size; @@ -1955,7 +2137,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if (size < sizeneeded) { SMB_STRUCT_STAT st; - if (fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd,&st) == 0) + if (sys_fstat(fsp->fd_ptr->fd,&st) == 0) size = st.st_size; if (!fsp->can_write) fsp->size = size; @@ -1969,7 +2151,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%d min=%d nread=%d\n", fsp->fnum, (double)startpos, - maxcount, mincount, nread ) ); + (int)maxcount, (int)mincount, (int)nread ) ); #if UNSAFE_READRAW { @@ -1979,11 +2161,11 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s #if USE_READ_PREDICTION if (!fsp->can_write) - predict = read_predict(fsp, fsp->fd_ptr->fd,startpos,header+4,NULL,nread); + predict = read_predict(fsp->fd_ptr->fd,startpos,header+4,NULL,nread); #endif /* USE_READ_PREDICTION */ if ((nread-predict) > 0) { - if(conn->vfs_ops.seek(fsp,startpos + predict) == -1) { + if(seek_file(fsp,startpos + predict) == -1) { DEBUG(0,("reply_readbraw: ERROR: seek_file failed.\n")); ret = 0; seek_fail = True; @@ -1991,7 +2173,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s } if(!seek_fail) - ret = (ssize_t)vfs_transfer_file(-1, fsp->fd_ptr->fd, Client, NULL, + ret = (ssize_t)transfer_file(fsp->fd_ptr->fd,Client, (SMB_OFF_T)(nread-predict),header,4+predict, startpos+predict); } @@ -2037,8 +2219,15 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length outsize = set_message(outbuf,5,3,True); numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; - - if(!do_lock( fsp, conn, numtoread, startpos, F_RDLCK, &eclass, &ecode)) { + + /* + * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+ + * protocol request that predates the read/write lock concept. + * Thus instead of asking for a read lock here we need to ask + * for a write lock. JRA. + */ + + if(!do_lock( fsp, conn, numtoread, startpos, F_WRLCK, &eclass, &ecode)) { if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { /* * A blocking lock was requested. Package up @@ -2062,7 +2251,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length SSVAL(smb_buf(outbuf),1,nread); DEBUG( 3, ( "lockread fnum=%d num=%d nread=%d\n", - fsp->fnum, numtoread, nread ) ); + fsp->fnum, (int)numtoread, (int)nread ) ); return(outsize); } @@ -2071,7 +2260,8 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length /**************************************************************************** reply to a read ****************************************************************************/ -int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) + +int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { size_t numtoread; ssize_t nread = 0; @@ -2094,9 +2284,8 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (is_locked(fsp,conn,numtoread,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); - if (numtoread > 0) { + if (numtoread > 0) nread = read_file(fsp,data,startpos,numtoread); - } if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2108,7 +2297,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SSVAL(smb_buf(outbuf),1,nread); DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n", - fsp->fnum, numtoread, nread ) ); + fsp->fnum, (int)numtoread, (int)nread ) ); return(outsize); } @@ -2137,28 +2326,42 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message(outbuf,12,0,True); data = smb_buf(outbuf); -#ifdef LARGE_SMB_OFF_T if(CVAL(inbuf,smb_wct) == 12) { +#ifdef LARGE_SMB_OFF_T /* * This is a large offset (64 bit) read. */ startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv10)) << 32); - } + +#else /* !LARGE_SMB_OFF_T */ + + /* + * Ensure we haven't been sent a >32 bit offset. + */ + + if(IVAL(inbuf,smb_vwv10) != 0) { + DEBUG(0,("reply_read_and_X - large offset (%x << 32) used and we don't support \ +64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv10) )); + return(ERROR(ERRDOS,ERRbadaccess)); + } + #endif /* LARGE_SMB_OFF_T */ + } + if (is_locked(fsp,conn,smb_maxcnt,startpos, F_RDLCK)) return(ERROR(ERRDOS,ERRlock)); nread = read_file(fsp,data,startpos,smb_maxcnt); - + if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); SSVAL(outbuf,smb_vwv5,nread); SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); SSVAL(smb_buf(outbuf),-2,nread); - + DEBUG( 3, ( "readX fnum=%d min=%d max=%d nread=%d\n", - fsp->fnum, smb_mincnt, smb_maxcnt, nread ) ); + fsp->fnum, (int)smb_mincnt, (int)smb_maxcnt, (int)nread ) ); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2166,7 +2369,8 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt /**************************************************************************** reply to a writebraw (core+ or LANMAN1.0 protocol) ****************************************************************************/ -int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) + +int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { ssize_t nwritten=0; ssize_t total_written=0; @@ -2203,16 +2407,11 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s if (is_locked(fsp,conn,tcount,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - if (seek_file(fsp,startpos) == -1) { - DEBUG(0,("couldn't seek to %.0f in writebraw\n",(double)startpos)); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - if (numtowrite>0) - nwritten = write_file(fsp,data,numtowrite); + nwritten = write_file(fsp,data,startpos,numtowrite); DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n", - fsp->fnum, (double)startpos, numtowrite, nwritten, write_through)); + fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through)); if (nwritten < numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -2237,12 +2436,11 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s if (tcount > nwritten+numtowrite) { DEBUG(3,("Client overestimated the write %d %d %d\n", - tcount,nwritten,numtowrite)); + (int)tcount,(int)nwritten,(int)numtowrite)); } - nwritten = vfs_transfer_file(Client, NULL, -1, fsp, - (SMB_OFF_T)numtowrite,NULL,0, - startpos+nwritten); + nwritten = transfer_file(Client,fsp->fd_ptr->fd,(SMB_OFF_T)numtowrite,NULL,0, + startpos+nwritten); total_written += nwritten; /* Set up outbuf to return the correct return */ @@ -2255,12 +2453,11 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s SSVAL(outbuf,smb_err,ERRdiskfull); } - if ((lp_syncalways(SNUM(conn)) || write_through) && - lp_strict_sync(SNUM(conn))) - conn->vfs_ops.sync(fsp->fd_ptr->fd); + if (lp_syncalways(SNUM(conn)) || write_through) + sync_file(conn,fsp); DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n", - fsp->fnum, (double)startpos, numtowrite, total_written)); + fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written)); /* we won't return a status if write through is not selected - this follows what WfWg does */ @@ -2273,7 +2470,8 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int dum_s /**************************************************************************** reply to a writeunlock (core+) ****************************************************************************/ -int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) + +int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { ssize_t nwritten = -1; size_t numtowrite; @@ -2295,19 +2493,16 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - if(seek_file(fsp,startpos) == -1) - return(UNIXERROR(ERRDOS,ERRnoaccess)); - /* The special X/Open SMB protocol handling of zero length writes is *NOT* done for this call */ if(numtowrite == 0) nwritten = 0; else - nwritten = write_file(fsp,data,numtowrite); + nwritten = write_file(fsp,data,startpos,numtowrite); - if (lp_syncalways(SNUM(conn)) && lp_strict_sync(SNUM(conn))) - conn->vfs_ops.sync(fsp->fd_ptr->fd); + if (lp_syncalways(SNUM(conn))) + sync_file(conn,fsp); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2320,7 +2515,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum SSVAL(outbuf,smb_vwv0,nwritten); DEBUG( 3, ( "writeunlock fnum=%d num=%d wrote=%d\n", - fsp->fnum, numtowrite, nwritten ) ); + fsp->fnum, (int)numtowrite, (int)nwritten ) ); return(outsize); } @@ -2328,7 +2523,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int dum /**************************************************************************** reply to a write ****************************************************************************/ -int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,int dum_buffsize) +int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize) { size_t numtowrite; ssize_t nwritten = -1; @@ -2337,9 +2532,9 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i files_struct *fsp = file_fsp(inbuf,smb_vwv0); int outsize = 0; - /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(conn)) - return reply_pipe_write(inbuf,outbuf,dum_size,dum_buffsize); + /* If it's an IPC, pass off the pipe handler. */ + if (IS_IPC(conn)) + return reply_pipe_write(inbuf,outbuf,size,dum_buffsize); CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -2350,21 +2545,19 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i data = smb_buf(inbuf) + 3; if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) - return(ERROR(ERRDOS,ERRlock)); - - if(seek_file(fsp,startpos) == -1) - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return(ERROR(ERRDOS,ERRlock)); /* X/Open SMB protocol says that if smb_vwv1 is zero then the file size should be extended or truncated to the size given in smb_vwv[2-3] */ - if(numtowrite == 0) - nwritten = set_filelen(fsp->fd_ptr->fd, (SMB_OFF_T)startpos); - else - nwritten = write_file(fsp,data,numtowrite); + if(numtowrite == 0) { + if((nwritten = set_filelen(fsp->fd_ptr->fd, (SMB_OFF_T)startpos)) >= 0) + set_filelen_write_cache(fsp, startpos); + } else + nwritten = write_file(fsp,data,startpos,numtowrite); - if (lp_syncalways(SNUM(conn)) && lp_strict_sync(SNUM(conn))) - conn->vfs_ops.sync(fsp->fd_ptr->fd); + if (lp_syncalways(SNUM(conn))) + sync_file(conn,fsp); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2379,7 +2572,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int dum_size,i } DEBUG(3,("write fnum=%d num=%d wrote=%d\n", - fsp->fnum, numtowrite, nwritten)); + fsp->fnum, (int)numtowrite, (int)nwritten)); return(outsize); } @@ -2408,21 +2601,31 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng data = smb_base(inbuf) + smb_doff; -#ifdef LARGE_SMB_OFF_T if(CVAL(inbuf,smb_wct) == 14) { +#ifdef LARGE_SMB_OFF_T /* * This is a large offset (64 bit) write. */ startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv12)) << 32); - } + +#else /* !LARGE_SMB_OFF_T */ + + /* + * Ensure we haven't been sent a >32 bit offset. + */ + + if(IVAL(inbuf,smb_vwv12) != 0) { + DEBUG(0,("reply_write_and_X - large offset (%x << 32) used and we don't support \ +64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv12) )); + return(ERROR(ERRDOS,ERRbadaccess)); + } + #endif /* LARGE_SMB_OFF_T */ + } if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - if(seek_file(fsp,startpos) == -1) - return(UNIXERROR(ERRDOS,ERRnoaccess)); - /* X/Open SMB protocol says that, unlike SMBwrite if the length is zero then NO truncation is done, just a write of zero. To truncate a file, @@ -2430,7 +2633,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng if(numtowrite == 0) nwritten = 0; else - nwritten = write_file(fsp,data,numtowrite); + nwritten = write_file(fsp,data,startpos,numtowrite); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2445,11 +2648,10 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng } DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n", - fsp->fnum, numtowrite, nwritten)); + fsp->fnum, (int)numtowrite, (int)nwritten)); - if ((lp_syncalways(SNUM(conn)) || write_through) && - lp_strict_sync(SNUM(conn))) - conn->vfs_ops.sync(fsp->fd_ptr->fd); + if (lp_syncalways(SNUM(conn)) || write_through) + sync_file(conn,fsp); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2458,7 +2660,8 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng /**************************************************************************** reply to a lseek ****************************************************************************/ -int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) + +int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { SMB_OFF_T startpos; SMB_OFF_T res= -1; @@ -2469,11 +2672,12 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); + flush_write_cache(fsp, SEEK_FLUSH); + mode = SVAL(inbuf,smb_vwv1) & 3; - startpos = IVAL(inbuf,smb_vwv2); + startpos = IVALS(inbuf,smb_vwv2); - switch (mode & 3) - { + switch (mode) { case 0: umode = SEEK_SET; break; case 1: umode = SEEK_CUR; break; case 2: umode = SEEK_END; break; @@ -2481,16 +2685,48 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, umode = SEEK_SET; break; } - if((res = conn->vfs_ops.lseek(fsp->fd_ptr->fd,startpos,umode)) == -1) - return(UNIXERROR(ERRDOS,ERRnoaccess)); + if((res = sys_lseek(fsp->fd_ptr->fd,startpos,umode)) == -1) { + /* + * Check for the special case where a seek before the start + * of the file sets the offset to zero. Added in the CIFS spec, + * section 4.2.7. + */ + + if(errno == EINVAL) { + SMB_OFF_T current_pos = startpos; + + if(umode == SEEK_CUR) { + + if((current_pos = sys_lseek(fsp->fd_ptr->fd,0,SEEK_CUR)) == -1) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + current_pos += startpos; + + } else if (umode == SEEK_END) { + + SMB_STRUCT_STAT sbuf; + + if(sys_fstat( fsp->fd_ptr->fd, &sbuf) == -1) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + current_pos += sbuf.st_size; + } + + if(current_pos < 0) + res = sys_lseek(fsp->fd_ptr->fd,0,SEEK_SET); + } + + if(res == -1) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } fsp->pos = res; outsize = set_message(outbuf,2,0,True); - SIVALS(outbuf,smb_vwv0,res); + SIVAL(outbuf,smb_vwv0,res); - DEBUG(3,("lseek fnum=%d ofs=%.0f mode=%d\n", - fsp->fnum, (double)startpos, mode)); + DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n", + fsp->fnum, (double)startpos, (double)res, mode)); return(outsize); } @@ -2498,7 +2734,8 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, /**************************************************************************** reply to a flush ****************************************************************************/ -int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) + +int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -2511,7 +2748,7 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!fsp) { file_sync_all(conn); } else { - conn->vfs_ops.sync(fsp->fd_ptr->fd); + sync_file(conn,fsp); } DEBUG(3,("flush\n")); @@ -2535,8 +2772,8 @@ int reply_exit(connection_struct *conn, /**************************************************************************** Reply to a close - has to deal with closing a directory opened by NT SMB's. ****************************************************************************/ -int reply_close(connection_struct *conn, - char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, + int dum_buffsize) { int outsize = 0; time_t mtime; @@ -2546,9 +2783,8 @@ int reply_close(connection_struct *conn, outsize = set_message(outbuf,0,0,True); /* If it's an IPC, pass off to the pipe handler. */ - if (IS_IPC(conn)) { + if (IS_IPC(conn)) return reply_pipe_close(conn, inbuf,outbuf); - } fsp = file_fsp(inbuf,smb_vwv0); @@ -2556,25 +2792,26 @@ int reply_close(connection_struct *conn, * We can only use CHECK_FSP if we know it's not a directory. */ - if(!fsp || !fsp->open || (fsp->conn != conn)) - return(ERROR(ERRDOS,ERRbadfid)); + if(!fsp || !fsp->open || (fsp->conn != conn)) + return(ERROR(ERRDOS,ERRbadfid)); if(HAS_CACHED_ERROR(fsp)) { eclass = fsp->wbmpx_ptr->wr_errclass; err = fsp->wbmpx_ptr->wr_error; } - if(fsp->is_directory) { + if(fsp->is_directory || fsp->stat_open) { /* - * Special case - close NT SMB directory + * Special case - close NT SMB directory or stat file * handle. */ - DEBUG(3,("close directory fnum=%d\n", fsp->fnum)); - close_directory(fsp); + DEBUG(3,("close %s fnum=%d\n", fsp->is_directory ? "directory" : "stat file open", fsp->fnum)); + close_file(fsp,True); } else { /* * Close ordinary file. */ + int close_err; /* * If there was a modify time outstanding, @@ -2592,10 +2829,19 @@ int reply_close(connection_struct *conn, set_filetime(conn, fsp->fsp_name,mtime); DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n", - fsp->fd_ptr->fd, fsp->fnum, + fsp->fd_ptr ? fsp->fd_ptr->fd : -1, fsp->fnum, conn->num_files_open)); - - close_file(fsp,True); + + /* + * close_file() returns the unix errno if an error + * was detected on close - normally this is due to + * a disk full error. If not then it was probably an I/O error. + */ + + if((close_err = close_file(fsp,True)) != 0) { + errno = close_err; + return (UNIXERROR(ERRHRD,ERRgeneral)); + } } /* We have a cached error */ @@ -2609,12 +2855,14 @@ int reply_close(connection_struct *conn, /**************************************************************************** reply to a writeclose (Core+ protocol) ****************************************************************************/ + int reply_writeclose(connection_struct *conn, - char *inbuf,char *outbuf, int dum_size, int dum_buffsize) + char *inbuf,char *outbuf, int size, int dum_buffsize) { size_t numtowrite; ssize_t nwritten = -1; int outsize = 0; + int close_err = 0; SMB_OFF_T startpos; char *data; time_t mtime; @@ -2631,23 +2879,25 @@ int reply_writeclose(connection_struct *conn, if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - - if(seek_file(fsp,startpos) == -1) - return(UNIXERROR(ERRDOS,ERRnoaccess)); - - nwritten = write_file(fsp,data,numtowrite); + + nwritten = write_file(fsp,data,startpos,numtowrite); set_filetime(conn, fsp->fsp_name,mtime); - close_file(fsp,True); + close_err = close_file(fsp,True); DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n", - fsp->fnum, numtowrite, nwritten, + fsp->fnum, (int)numtowrite, (int)nwritten, conn->num_files_open)); if (nwritten <= 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); - + + if(close_err != 0) { + errno = close_err; + return(UNIXERROR(ERRHRD,ERRgeneral)); + } + outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,nwritten); @@ -2696,7 +2946,8 @@ int reply_lock(connection_struct *conn, /**************************************************************************** reply to a unlock ****************************************************************************/ -int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) + +int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); SMB_OFF_T count,offset; @@ -2775,6 +3026,8 @@ int reply_echo(connection_struct *conn, DEBUG(3,("echo %d times\n", smb_reverb)); + smb_echo_count++; + return -1; } @@ -2815,7 +3068,7 @@ int reply_printopen(connection_struct *conn, if (!fsp) return(ERROR(ERRSRV,ERRnofids)); - pstrcpy(fname2,(char *)mktemp(fname)); + pstrcpy(fname2,(char *)smbd_mktemp(fname)); if (!check_name(fname2,conn)) { file_free(fsp); @@ -2852,6 +3105,7 @@ int reply_printclose(connection_struct *conn, { int outsize = set_message(outbuf,0,0,True); files_struct *fsp = file_fsp(inbuf,smb_vwv0); + int close_err = 0; CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); @@ -2862,7 +3116,12 @@ int reply_printclose(connection_struct *conn, DEBUG(3,("printclose fd=%d fnum=%d\n", fsp->fd_ptr->fd,fsp->fnum)); - close_file(fsp,True); + close_err = close_file(fsp,True); + + if(close_err != 0) { + errno = close_err; + return(UNIXERROR(ERRHRD,ERRgeneral)); + } return(outsize); } @@ -2955,7 +3214,7 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ numtowrite = SVAL(smb_buf(inbuf),1); data = smb_buf(inbuf) + 3; - if (write_file(fsp,data,numtowrite) != numtowrite) + if (write_file(fsp,data,-1,numtowrite) != numtowrite) return(UNIXERROR(ERRDOS,ERRnoaccess)); DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) ); @@ -2974,15 +3233,10 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; pstrcpy(directory,smb_buf(inbuf) + 1); - if (!unix_dfs_convert(directory,conn,0,&bad_path,NULL)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } + unix_convert(directory,conn,0,&bad_path,NULL); if (check_name(directory, conn)) - ret = conn->vfs_ops.mkdir(dos_to_unix(directory,False), - unix_mode(conn,aDIR)); + ret = dos_mkdir(directory,unix_mode(conn,aDIR)); if (ret < 0) { @@ -3005,11 +3259,12 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, Static function used by reply_rmdir to delete an entire directory tree recursively. ****************************************************************************/ -static BOOL recursive_rmdir(connection_struct *conn, char *directory) + +static BOOL recursive_rmdir(char *directory) { char *dname = NULL; BOOL ret = False; - void *dirptr = OpenDir(conn, directory, False); + void *dirptr = OpenDir(NULL, directory, False); if(dirptr == NULL) return True; @@ -3033,7 +3288,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(conn->vfs_ops.lstat(fullname, &st) != 0) + if(dos_lstat(fullname, &st) != 0) { ret = True; break; @@ -3041,18 +3296,18 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) if(st.st_mode & S_IFDIR) { - if(recursive_rmdir(conn, fullname)!=0) + if(recursive_rmdir(fullname)!=0) { ret = True; break; } - if(conn->vfs_ops.rmdir(dos_to_unix(fullname,False)) != 0) + if(dos_rmdir(fullname) != 0) { ret = True; break; } } - else if(conn->vfs_ops.unlink(dos_to_unix(fullname,False)) != 0) + else if(dos_unlink(fullname) != 0) { ret = True; break; @@ -3063,8 +3318,97 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) } /**************************************************************************** - reply to a rmdir + The internals of the rmdir code - called elsewhere. +****************************************************************************/ + +BOOL rmdir_internals(connection_struct *conn, char *directory) +{ + BOOL ok; + + ok = (dos_rmdir(directory) == 0); + if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) + { + /* + * Check to see if the only thing in this directory are + * vetoed files/directories. If so then delete them and + * retry. If we fail to delete any of them (and we *don't* + * do a recursive delete) then fail the rmdir. + */ + BOOL all_veto_files = True; + char *dname; + void *dirptr = OpenDir(conn, directory, False); + + if(dirptr != NULL) + { + int dirpos = TellDir(dirptr); + while ((dname = ReadDirName(dirptr))) + { + if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) + continue; + if(!IS_VETO_PATH(conn, dname)) + { + all_veto_files = False; + break; + } + } + if(all_veto_files) + { + SeekDir(dirptr,dirpos); + while ((dname = ReadDirName(dirptr))) + { + pstring fullname; + SMB_STRUCT_STAT st; + + if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) + continue; + + /* Construct the full name. */ + if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) + { + errno = ENOMEM; + break; + } + pstrcpy(fullname, directory); + pstrcat(fullname, "/"); + pstrcat(fullname, dname); + + if(dos_lstat(fullname, &st) != 0) + break; + if(st.st_mode & S_IFDIR) + { + if(lp_recursive_veto_delete(SNUM(conn))) + { + if(recursive_rmdir(fullname) != 0) + break; + } + if(dos_rmdir(fullname) != 0) + break; + } + else if(dos_unlink(fullname) != 0) + break; + } + CloseDir(dirptr); + /* Retry the rmdir */ + ok = (dos_rmdir(directory) == 0); + } + else + CloseDir(dirptr); + } + else + errno = ENOTEMPTY; + } + + if (!ok) + DEBUG(3,("rmdir_internals: couldn't remove directory %s : %s\n", + directory,strerror(errno))); + + return ok; +} + +/**************************************************************************** + Reply to a rmdir. ****************************************************************************/ + int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring directory; @@ -3073,92 +3417,13 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; pstrcpy(directory,smb_buf(inbuf) + 1); - if (!unix_dfs_convert(directory,conn, NULL,&bad_path,NULL)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } + unix_convert(directory,conn, NULL,&bad_path,NULL); if (check_name(directory,conn)) - { - - dptr_closepath(directory,SVAL(inbuf,smb_pid)); - ok = (conn->vfs_ops.rmdir(dos_to_unix(directory,False)) == 0); - if(!ok && (errno == ENOTEMPTY) && lp_veto_files(SNUM(conn))) - { - /* Check to see if the only thing in this directory are - vetoed files/directories. If so then delete them and - retry. If we fail to delete any of them (and we *don't* - do a recursive delete) then fail the rmdir. */ - BOOL all_veto_files = True; - char *dname; - void *dirptr = OpenDir(conn, directory, False); - - if(dirptr != NULL) - { - int dirpos = TellDir(dirptr); - while ((dname = ReadDirName(dirptr))) - { - if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) - continue; - if(!IS_VETO_PATH(conn, dname)) - { - all_veto_files = False; - break; - } - } - if(all_veto_files) - { - SeekDir(dirptr,dirpos); - while ((dname = ReadDirName(dirptr))) - { - pstring fullname; - SMB_STRUCT_STAT st; - - if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) - continue; - - /* Construct the full name. */ - if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) - { - errno = ENOMEM; - break; - } - pstrcpy(fullname, directory); - pstrcat(fullname, "/"); - pstrcat(fullname, dname); - - if(conn->vfs_ops.lstat(fullname, &st) != 0) - break; - if(st.st_mode & S_IFDIR) - { - if(lp_recursive_veto_delete(SNUM(conn))) - { - DEBUG(0, ("ERROR: recursive_rmdir()\n")); - if(recursive_rmdir(conn, fullname) != 0) - break; - } - if(conn->vfs_ops.rmdir(dos_to_unix(fullname,False)) != 0) - break; - } - else if(conn->vfs_ops.unlink(dos_to_unix(fullname,False)) != 0) - break; - } - CloseDir(dirptr); - /* Retry the rmdir */ - ok = (conn->vfs_ops.rmdir(dos_to_unix(directory,False)) == 0); - } - else - CloseDir(dirptr); - } - else - errno = ENOTEMPTY; - } - - if (!ok) - DEBUG(3,("couldn't remove directory %s : %s\n", - directory,strerror(errno))); - } + { + dptr_closepath(directory,SVAL(inbuf,smb_pid)); + ok = rmdir_internals(conn, directory); + } if (!ok) { @@ -3251,7 +3516,7 @@ static BOOL can_rename(char *fname,connection_struct *conn) if (!CAN_WRITE(conn)) return(False); - if (conn->vfs_ops.lstat(fname,&sbuf) != 0) return(False); + if (dos_lstat(fname,&sbuf) != 0) return(False); if (!check_file_sharing(conn,fname,True)) return(False); return(True); @@ -3275,23 +3540,16 @@ int rename_internals(connection_struct *conn, int count=0; int error = ERRnoaccess; BOOL exists=False; + BOOL rc = True; *directory = *mask = 0; - if (!unix_dfs_convert(name,conn,0,&bad_path1,NULL)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } - if (!unix_dfs_convert(newname,conn,newname_last_component,&bad_path2,NULL)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } + rc = unix_convert(name,conn,0,&bad_path1,NULL); + unix_convert(newname,conn,newname_last_component,&bad_path2,NULL); /* * Split the old name into directory and last component - * strings. Note that if (!unix_dfs_convert may have stripped off a + * strings. Note that unix_convert may have stripped off a * leading ./ from both name and newname if the rename is * at the root of the share. We need to make sure either both * name and newname contain a / character or neither of them do @@ -3309,7 +3567,16 @@ int rename_internals(connection_struct *conn, *p = '/'; /* Replace needed for exceptional test below. */ } - if (is_mangled(mask)) + /* + * We should only check the mangled cache + * here if unix_convert failed. This means + * that the path in 'mask' doesn't exist + * on the file system and so we need to look + * for a possible mangle. This patch from + * Tine Smukavec . + */ + + if (!rc && is_mangled(mask)) check_mangled_cache( mask ); has_wild = strchr(mask,'*') || strchr(mask,'?'); @@ -3379,23 +3646,21 @@ int rename_internals(connection_struct *conn, */ if(resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !conn->vfs_ops.rename(dos_to_unix(directory,False), - newname)) + !dos_rename(directory,newname)) count++; } else { if (resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !vfs_file_exist(conn,dos_to_unix(newname,False),NULL) && - !conn->vfs_ops.rename(dos_to_unix(directory,False), - newname)) + !dos_file_exist(newname,NULL) && + !dos_rename(directory,newname)) count++; } DEBUG(3,("rename_internals: %s doing rename on %s -> %s\n",(count != 0) ? "succeeded" : "failed", directory,newname)); - if (!count) exists = vfs_file_exist(conn,dos_to_unix(directory,False),NULL); - if (!count && exists && vfs_file_exist(conn,dos_to_unix(newname,False),NULL)) { + if (!count) exists = dos_file_exist(directory,NULL); + if (!count && exists && dos_file_exist(newname,NULL)) { exists = True; error = ERRrename; } @@ -3436,13 +3701,13 @@ int rename_internals(connection_struct *conn, continue; } - if (!replace_if_exists && vfs_file_exist(conn,dos_to_unix(destname,False),NULL)) { - DEBUG(6,("file_exist %s\n", destname)); + if (!replace_if_exists && dos_file_exist(destname,NULL)) { + DEBUG(6,("dos_file_exist %s\n", destname)); error = 183; continue; } - if (!conn->vfs_ops.rename(dos_to_unix(fname,False),destname)) + if (!dos_rename(fname,destname)) count++; DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } @@ -3492,14 +3757,16 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, in ******************************************************************/ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, - int count,BOOL target_is_directory) + int count,BOOL target_is_directory, int *err_ret) { int Access,action; SMB_STRUCT_STAT st; - int ret=-1; + SMB_OFF_T ret=-1; files_struct *fsp1,*fsp2; pstring dest; + *err_ret = 0; + pstrcpy(dest,dest1); if (target_is_directory) { char *p = strrchr(src,'/'); @@ -3511,16 +3778,15 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, pstrcat(dest,p); } - if (!vfs_file_exist(conn,dos_to_unix(src,False),&st)) + if (!dos_file_exist(src,&st)) return(False); fsp1 = file_new(); - if (!fsp1) + if (!fsp1) return(False); - open_file_shared(fsp1, conn, src, - SET_DENY_MODE(DENY_NONE) | SET_OPEN_MODE(DOS_OPEN_RDONLY), - (FILE_FAIL_IF_NOT_EXIST | FILE_EXISTS_OPEN), 0, 0, &Access, &action); + open_file_shared(fsp1,conn,src,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_RDONLY), + (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN),0,0,&Access,&action); if (!fsp1->open) { file_free(fsp1); @@ -3535,9 +3801,8 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, close_file(fsp1,False); return(False); } - open_file_shared(fsp2, conn, dest, - SET_DENY_MODE(DENY_NONE) | SET_OPEN_MODE(DOS_OPEN_WRONLY), - ofun, st.st_mode, 0, &Access, &action); + open_file_shared(fsp2,conn,dest,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), + ofun,st.st_mode,0,&Access,&action); if (!fsp2->open) { close_file(fsp1,False); @@ -3546,7 +3811,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if ((ofun&3) == 1) { - if(conn->vfs_ops.lseek(fsp2->fd_ptr->fd,0,SEEK_END) == -1) { + if(sys_lseek(fsp2->fd_ptr->fd,0,SEEK_END) == -1) { DEBUG(0,("copy_file: error - sys_lseek returned error %s\n", strerror(errno) )); /* @@ -3558,12 +3823,19 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if (st.st_size) - ret = vfs_transfer_file(-1, fsp1, -1, fsp2, st.st_size, NULL, 0, 0); + ret = transfer_file(fsp1->fd_ptr->fd, + fsp2->fd_ptr->fd,st.st_size,NULL,0,0); close_file(fsp1,False); - close_file(fsp2,False); + /* + * As we are opening fsp1 read-only we only expect + * an error on close on fsp2 if we are out of space. + * Thus we don't look at the error return from the + * close of fsp1. + */ + *err_ret = close_file(fsp2,False); - return(ret == st.st_size); + return(ret == (SMB_OFF_T)st.st_size); } @@ -3580,6 +3852,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, char *p; int count=0; int error = ERRnoaccess; + int err = 0; BOOL has_wild; BOOL exists=False; int tid2 = SVAL(inbuf,smb_vwv0); @@ -3588,6 +3861,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL target_is_directory=False; BOOL bad_path1 = False; BOOL bad_path2 = False; + BOOL rc = True; *directory = *mask = 0; @@ -3602,16 +3876,8 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(ERROR(ERRSRV,ERRinvdevice)); } - if (!unix_dfs_convert(name,conn,0,&bad_path1,NULL)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } - if (!unix_dfs_convert(newname,conn,0,&bad_path2,NULL)) - { - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_PATH_NOT_COVERED)); - } + rc = unix_convert(name,conn,0,&bad_path1,NULL); + unix_convert(newname,conn,0,&bad_path2,NULL); target_is_directory = dos_directory_exist(newname,NULL); @@ -3639,7 +3905,16 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstrcpy(mask,p+1); } - if (is_mangled(mask)) + /* + * We should only check the mangled cache + * here if unix_convert failed. This means + * that the path in 'mask' doesn't exist + * on the file system and so we need to look + * for a possible mangle. This patch from + * Tine Smukavec . + */ + + if (!rc && is_mangled(mask)) check_mangled_cache( mask ); has_wild = strchr(mask,'*') || strchr(mask,'?'); @@ -3649,8 +3924,12 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstrcat(directory,mask); if (resolve_wildcards(directory,newname) && copy_file(directory,newname,conn,ofun, - count,target_is_directory)) count++; - if (!count) exists = vfs_file_exist(conn,dos_to_unix(directory,False),NULL); + count,target_is_directory,&err)) count++; + if(!count && err) { + errno = err; + return(UNIXERROR(ERRHRD,ERRgeneral)); + } + if (!count) exists = dos_file_exist(directory,NULL); } else { void *dirptr = NULL; char *dname; @@ -3659,33 +3938,38 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (check_name(directory,conn)) dirptr = OpenDir(conn, directory, True); - if (dirptr) - { + if (dirptr) { error = ERRbadfile; if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); - while ((dname = ReadDirName(dirptr))) - { + while ((dname = ReadDirName(dirptr))) { pstring fname; pstrcpy(fname,dname); - if(!mask_match(fname, mask, case_sensitive, False)) continue; + if(!mask_match(fname, mask, case_sensitive, False)) + continue; error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); pstrcpy(destname,newname); if (resolve_wildcards(fname,destname) && - copy_file(directory,newname,conn,ofun, - count,target_is_directory)) count++; + copy_file(fname,destname,conn,ofun, + count,target_is_directory,&err)) count++; DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname)); } CloseDir(dirptr); - } + } } if (count == 0) { + if(err) { + /* Error on close... */ + errno = err; + return(UNIXERROR(ERRHRD,ERRgeneral)); + } + if (exists) return(ERROR(ERRDOS,error)); else @@ -3742,9 +4026,149 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return(outsize); } +/**************************************************************************** + Get a lock count, dealing with large count requests. +****************************************************************************/ + +SMB_OFF_T get_lock_count( char *data, int data_offset, BOOL large_file_format, BOOL *err) +{ + SMB_OFF_T count = 0; + + *err = False; + + if(!large_file_format) { + count = (SMB_OFF_T)IVAL(data,SMB_LKLEN_OFFSET(data_offset)); + } else { + +#if defined(LARGE_SMB_OFF_T) && !defined(HAVE_BROKEN_FCNTL64_LOCKS) + + count = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) | + ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset))); + +#else /* !LARGE_SMB_OFF_T || HAVE_BROKEN_FCNTL64_LOCKS */ + + /* + * NT4.x seems to be broken in that it sends large file + * lockingX calls even if the CAP_LARGE_FILES was *not* + * negotiated. For boxes without large file locks truncate the + * lock count by dropping the top 32 bits. + */ + + if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) { + DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n", + (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)), + (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) )); + SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0); + } + + if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) { + /* + * Before we error out, see if we can sensibly map the top bits + * down to the lower bits - or lose the top bits if they are all 1's. + * It seems that NT has this horrible bug where it will send 64 bit + * lock requests even if told not to. JRA. + */ + + if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) == (uint32)0xFFFFFFFF) + count = (SMB_OFF_T)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)); + else if (IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) == (uint32)0xFFFFFFFF) + count = (SMB_OFF_T)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)); + else { + + DEBUG(0,("get_lock_count: Error : a large file count (%x << 32 | %x) was sent and we don't \ +support large counts.\n", (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)), + (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) )); + + *err = True; + return (SMB_OFF_T)-1; + } + } + else + count = (SMB_OFF_T)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)); + +#endif /* LARGE_SMB_OFF_T */ + } + return count; +} + +/**************************************************************************** + Get a lock offset, dealing with large offset requests. +****************************************************************************/ + +SMB_OFF_T get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err) +{ + SMB_OFF_T offset = 0; + + *err = False; + + if(!large_file_format) { + offset = (SMB_OFF_T)IVAL(data,SMB_LKOFF_OFFSET(data_offset)); + } else { + +#if defined(LARGE_SMB_OFF_T) && !defined(HAVE_BROKEN_FCNTL64_LOCKS) + + offset = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) | + ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset))); + +#else /* !LARGE_SMB_OFF_T || HAVE_BROKEN_FCNTL64_LOCKS */ + + /* + * NT4.x seems to be broken in that it sends large file + * lockingX calls even if the CAP_LARGE_FILES was *not* + * negotiated. For boxes without large file locks mangle the + * lock offset by mapping the top 32 bits onto the lower 32. + */ + + if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) { + uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)); + uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)); + uint32 new_low = 0; + + if((new_low = map_lock_offset(high, low)) == 0) { + *err = True; + return (SMB_OFF_T)-1; + } + + DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n", + (unsigned int)high, (unsigned int)low, (unsigned int)new_low )); + SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0); + SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low); + } + + if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0){ + /* + * Before we error out, see if we can sensibly map the top bits + * down to the lower bits - or lose the top bits if they are all 1's. + * It seems that NT has this horrible bug where it will send 64 bit + * lock requests even if told not to. JRA. + */ + + if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)) == (uint32)0xFFFFFFFF) + offset = (SMB_OFF_T)IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)); + else if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) == (uint32)0xFFFFFFFF) + offset = (SMB_OFF_T)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)); + else { + + DEBUG(0,("get_lock_count: Error : a large file offset (%x << 32 | %x) was sent and we don't \ +support large offsets.\n", (unsigned int)IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)), + (unsigned int)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)) )); + + *err = True; + return (SMB_OFF_T)-1; + } + } + else + offset = (SMB_OFF_T)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)); + +#endif /* LARGE_SMB_OFF_T */ + } + return offset; +} + /**************************************************************************** reply to a lockingX request ****************************************************************************/ + int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { files_struct *fsp = file_fsp(inbuf,smb_vwv2); @@ -3761,6 +4185,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, uint32 ecode=0, dummy2; int eclass=0, dummy1; BOOL large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES); + BOOL err1, err2; + CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); @@ -3771,35 +4197,28 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, */ if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) { - int token; - SMB_DEV_T dev = fsp->fd_ptr->dev; - SMB_INO_T inode = fsp->fd_ptr->inode; - DEBUG(5,("reply_lockingX: oplock break reply from client for fnum = %d\n", fsp->fnum)); + /* - * Make sure we have granted an oplock on this file. + * Make sure we have granted an exclusive or batch oplock on this file. */ - if(!fsp->granted_oplock) + + if(!EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { DEBUG(0,("reply_lockingX: Error : oplock break from client for fnum = %d and \ -no oplock granted on this file.\n", fsp->fnum)); - return ERROR(ERRDOS,ERRlock); - } - - /* Remove the oplock flag from the sharemode. */ - lock_share_entry(fsp->conn, dev, inode, &token); - if(remove_share_oplock(token, fsp)==False) { - - DEBUG(0,("reply_lockingX: failed to remove share oplock for fnum %d, \ -dev = %x, inode = %.0f\n", fsp->fnum, (unsigned int)dev, (double)inode)); +no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); - unlock_share_entry(fsp->conn, dev, inode, token); - } else { - unlock_share_entry(fsp->conn, dev, inode, token); + /* if this is a pure oplock break request then don't send a reply */ + if (num_locks == 0 && num_ulocks == 0) + return -1; + else + return ERROR(ERRDOS,ERRlock); + } - /* Clear the granted flag and return. */ - fsp->granted_oplock = False; + if (remove_oplock(fsp) == False) { + DEBUG(0,("reply_lockingX: error in removing oplock on file %s\n", + fsp->fsp_name )); } /* if this is a pure oplock break request then don't send a reply */ @@ -3817,18 +4236,14 @@ dev = %x, inode = %.0f\n", fsp->fnum, (unsigned int)dev, (double)inode)); /* Data now points at the beginning of the list of smb_unlkrng structs */ for(i = 0; i < (int)num_ulocks; i++) { - if(!large_file_format) { - count = IVAL(data,SMB_LKLEN_OFFSET(i)); - offset = IVAL(data,SMB_LKOFF_OFFSET(i)); - } -#ifdef LARGE_SMB_OFF_T - else { - count = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(i))) << 32) | - ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(i))); - offset = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(i))) << 32) | - ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(i))); - } -#endif /* LARGE_SMB_OFF_T */ + count = get_lock_count( data, i, large_file_format, &err1); + offset = get_lock_offset( data, i, large_file_format, &err2); + + /* + * There is no error code marked "stupid client bug".... :-). + */ + if(err1 || err2) + return ERROR(ERRDOS,ERRnoaccess); DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for file %s\n", (double)offset, (double)count, fsp->fsp_name )); @@ -3847,18 +4262,14 @@ dev = %x, inode = %.0f\n", fsp->fnum, (unsigned int)dev, (double)inode)); of smb_lkrng structs */ for(i = 0; i < (int)num_locks; i++) { - if(!large_file_format) { - count = IVAL(data,SMB_LKLEN_OFFSET(i)); - offset = IVAL(data,SMB_LKOFF_OFFSET(i)); - } -#ifdef LARGE_SMB_OFF_T - else { - count = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(i))) << 32) | - ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(i))); - offset = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(i))) << 32) | - ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(i))); - } -#endif /* LARGE_SMB_OFF_T */ + count = get_lock_count( data, i, large_file_format, &err1); + offset = get_lock_offset( data, i, large_file_format, &err2); + + /* + * There is no error code marked "stupid client bug".... :-). + */ + if(err1 || err2) + return ERROR(ERRDOS,ERRnoaccess); DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for file %s\n", (double)offset, (double)count, fsp->fsp_name )); @@ -3882,19 +4293,15 @@ dev = %x, inode = %.0f\n", fsp->fnum, (unsigned int)dev, (double)inode)); all of the previous locks (X/Open spec). */ if(i != num_locks && num_locks != 0) { for(; i >= 0; i--) { - if(!large_file_format) { - count = IVAL(data,SMB_LKLEN_OFFSET(i)); - offset = IVAL(data,SMB_LKOFF_OFFSET(i)); - } -#ifdef LARGE_SMB_OFF_T - else { - count = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(i))) << 32) | - ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(i))); - offset = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(i))) << 32) | - ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(i))); - } -#endif /* LARGE_SMB_OFF_T */ + count = get_lock_count( data, i, large_file_format, &err1); + offset = get_lock_offset( data, i, large_file_format, &err2); + /* + * There is no error code marked "stupid client bug".... :-). + */ + if(err1 || err2) + return ERROR(ERRDOS,ERRnoaccess); + do_unlock(fsp,conn,count,offset,&dummy1,&dummy2); } return ERROR(eclass,ecode); @@ -3980,7 +4387,8 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, /**************************************************************************** reply to a SMBwritebmpx (write block multiplex primary) request ****************************************************************************/ -int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) + +int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { size_t numtowrite; ssize_t nwritten = -1; @@ -4011,14 +4419,10 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s if (is_locked(fsp,conn,tcount,startpos,F_WRLCK)) return(ERROR(ERRDOS,ERRlock)); - if(seek_file(fsp,startpos) == -1) - return(UNIXERROR(ERRDOS,ERRnoaccess)); - - nwritten = write_file(fsp,data,numtowrite); + nwritten = write_file(fsp,data,startpos,numtowrite); - if((lp_syncalways(SNUM(conn)) || write_through) && - lp_strict_sync(SNUM(conn))) - conn->vfs_ops.sync(fsp->fd_ptr->fd); + if(lp_syncalways(SNUM(conn)) || write_through) + sync_file(conn,fsp); if(nwritten < (ssize_t)numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -4056,7 +4460,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int dum_s SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */ DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n", - fsp->fnum, numtowrite, nwritten ) ); + fsp->fnum, (int)numtowrite, (int)nwritten ) ); if (write_through && tcount==nwritten) { /* we need to send both a primary and a secondary response */ @@ -4116,23 +4520,10 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz if(wbms->wr_discard) return -1; /* Just discard the packet */ - if(seek_file(fsp,startpos) == -1) - { - if(write_through) - { - /* We are returning an error - we can delete the aux struct */ - if (wbms) free((char *)wbms); - fsp->wbmpx_ptr = NULL; - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - return(CACHE_ERROR(wbms,ERRDOS,ERRnoaccess)); - } - - nwritten = write_file(fsp,data,numtowrite); + nwritten = write_file(fsp,data,startpos,numtowrite); - if((lp_syncalways(SNUM(conn)) || write_through) && - lp_strict_sync(SNUM(conn))) - conn->vfs_ops.sync(fsp->fd_ptr->fd); + if(lp_syncalways(SNUM(conn)) || write_through) + sync_file(conn,fsp); if (nwritten < (ssize_t)numtowrite) { @@ -4172,7 +4563,8 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz /**************************************************************************** reply to a SMBsetattrE ****************************************************************************/ -int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) + +int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { struct utimbuf unix_times; int outsize = 0; @@ -4224,7 +4616,8 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si /**************************************************************************** reply to a SMBgetattrE ****************************************************************************/ -int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) + +int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { SMB_STRUCT_STAT sbuf; int outsize = 0; @@ -4237,7 +4630,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int dum_si CHECK_ERROR(fsp); /* Do an fstat on this file */ - if(fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd, &sbuf)) + if(sys_fstat(fsp->fd_ptr->fd, &sbuf)) return(UNIXERROR(ERRDOS,ERRnoaccess)); mode = dos_mode(conn,fsp->fsp_name,&sbuf); -- cgit From 69d24d869bf97978b31a51fe8e8d08cac4874d67 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 21 Dec 1999 04:54:30 +0000 Subject: first cut at using the tdb code for the connections structure, the SWAT status page and smbstatus. It made the code _much_ simpler, I wish we'd done a database module a long time ago! (This used to be commit 4951755413c11d4c5b9af4699a6e622056d52433) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 54f646e091..aa7e95294d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -123,7 +123,7 @@ int reply_special(char *inbuf,char *outbuf) reopen_logs(); if (lp_status(-1)) { - claim_connection(NULL,"STATUS.",MAXSTATUS,True); + claim_connection(NULL,"",MAXSTATUS,True); } break; -- cgit From 826446ddef1ef0f462c02932d11e3713f00497c7 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 13 Jan 2000 12:10:48 +0000 Subject: changes to reflect the new syntax of the locking calls. (This used to be commit 44117df2c908d473b3e1a1020b22af6d584809ef) --- source3/smbd/reply.c | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index aa7e95294d..1e90ff4c4f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2129,7 +2129,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s maxcount = MIN(65535,maxcount); maxcount = MAX(mincount,maxcount); - if (!is_locked(fsp,conn,maxcount,startpos, F_RDLCK)) + if (!is_locked(fsp,conn,maxcount,startpos, READ_LOCK)) { SMB_OFF_T size = fsp->size; SMB_OFF_T sizeneeded = startpos + maxcount; @@ -2227,7 +2227,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * for a write lock. JRA. */ - if(!do_lock( fsp, conn, numtoread, startpos, F_WRLCK, &eclass, &ecode)) { + if(!do_lock( fsp, conn, numtoread, startpos, WRITE_LOCK, &eclass, &ecode)) { if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { /* * A blocking lock was requested. Package up @@ -2281,7 +2281,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; - if (is_locked(fsp,conn,numtoread,startpos, F_RDLCK)) + if (is_locked(fsp,conn,numtoread,startpos, READ_LOCK)) return(ERROR(ERRDOS,ERRlock)); if (numtoread > 0) @@ -2349,7 +2349,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } - if (is_locked(fsp,conn,smb_maxcnt,startpos, F_RDLCK)) + if (is_locked(fsp,conn,smb_maxcnt,startpos, READ_LOCK)) return(ERROR(ERRDOS,ERRlock)); nread = read_file(fsp,data,startpos,smb_maxcnt); @@ -2404,7 +2404,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, CVAL(inbuf,smb_com) = SMBwritec; CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fsp,conn,tcount,startpos, F_WRLCK)) + if (is_locked(fsp,conn,tcount,startpos, WRITE_LOCK)) return(ERROR(ERRDOS,ERRlock)); if (numtowrite>0) @@ -2490,7 +2490,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) + if (is_locked(fsp,conn,numtowrite,startpos, WRITE_LOCK)) return(ERROR(ERRDOS,ERRlock)); /* The special X/Open SMB protocol handling of @@ -2544,7 +2544,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) + if (is_locked(fsp,conn,numtowrite,startpos, WRITE_LOCK)) return(ERROR(ERRDOS,ERRlock)); /* X/Open SMB protocol says that if smb_vwv1 is @@ -2623,7 +2623,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng #endif /* LARGE_SMB_OFF_T */ } - if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) + if (is_locked(fsp,conn,numtowrite,startpos, WRITE_LOCK)) return(ERROR(ERRDOS,ERRlock)); /* X/Open SMB protocol says that, unlike SMBwrite @@ -2877,7 +2877,7 @@ int reply_writeclose(connection_struct *conn, mtime = make_unix_date3(inbuf+smb_vwv4); data = smb_buf(inbuf) + 1; - if (is_locked(fsp,conn,numtowrite,startpos, F_WRLCK)) + if (is_locked(fsp,conn,numtowrite,startpos, WRITE_LOCK)) return(ERROR(ERRDOS,ERRlock)); nwritten = write_file(fsp,data,startpos,numtowrite); @@ -2926,7 +2926,7 @@ int reply_lock(connection_struct *conn, DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fd_ptr->fd, fsp->fnum, (double)offset, (double)count)); - if (!do_lock(fsp, conn, count, offset, F_WRLCK, &eclass, &ecode)) { + if (!do_lock(fsp, conn, count, offset, WRITE_LOCK, &eclass, &ecode)) { if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { /* * A blocking lock was requested. Package up @@ -2946,7 +2946,6 @@ int reply_lock(connection_struct *conn, /**************************************************************************** reply to a unlock ****************************************************************************/ - int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); @@ -4248,7 +4247,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for file %s\n", (double)offset, (double)count, fsp->fsp_name )); - if(!do_unlock(fsp,conn,count,offset,&eclass, &ecode)) + if(!do_unlock(fsp,conn,count,offset, &eclass, &ecode)) return ERROR(eclass,ecode); } @@ -4274,7 +4273,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for file %s\n", (double)offset, (double)count, fsp->fsp_name )); - if(!do_lock(fsp,conn,count,offset, ((locktype & 1) ? F_RDLCK : F_WRLCK), + if(!do_lock(fsp,conn,count,offset, ((locktype & 1) ? READ_LOCK : WRITE_LOCK), &eclass, &ecode)) { if((ecode == ERRlock) && (lock_timeout != 0) && lp_blocking_locks(SNUM(conn))) { /* @@ -4354,7 +4353,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, tcount = maxcount; total_read = 0; - if (is_locked(fsp,conn,maxcount,startpos, F_RDLCK)) + if (is_locked(fsp,conn,maxcount,startpos, READ_LOCK)) return(ERROR(ERRDOS,ERRlock)); do @@ -4416,7 +4415,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, not an SMBwritebmpx - set this up now so we don't forget */ CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fsp,conn,tcount,startpos,F_WRLCK)) + if (is_locked(fsp,conn,tcount,startpos,WRITE_LOCK)) return(ERROR(ERRDOS,ERRlock)); nwritten = write_file(fsp,data,startpos,numtowrite); -- cgit From 3a6c2069d77176bfa2b379ef711034396c477791 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 14 Jan 2000 01:41:04 +0000 Subject: Added "inherit permissions" patch. Fixed locking bug found by Andrew. Jeremy. (This used to be commit 38dffd360dc2e44bfc9e751f017e24f81ff0f2fa) --- source3/smbd/reply.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1e90ff4c4f..d15a26b20c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1547,7 +1547,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRDOS,ERRnoaccess)); } - unixmode = unix_mode(conn,aARCH); + unixmode = unix_mode(conn,aARCH,fname); open_file_shared(fsp,conn,fname,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), unixmode, oplock_request,&rmode,NULL); @@ -1649,7 +1649,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return(UNIXERROR(ERRDOS,ERRnoaccess)); } - unixmode = unix_mode(conn,smb_attr | aARCH); + unixmode = unix_mode(conn,smb_attr | aARCH, fname); open_file_shared(fsp,conn,fname,smb_mode,smb_ofun,unixmode, oplock_request, &rmode,&smb_action); @@ -1773,7 +1773,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname)); } - unixmode = unix_mode(conn,createmode); + unixmode = unix_mode(conn,createmode,fname); fsp = file_new(); if (!fsp) @@ -1853,7 +1853,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstrcat(fname,"/TMXXXXXX"); unix_convert(fname,conn,0,&bad_path,NULL); - unixmode = unix_mode(conn,createmode); + unixmode = unix_mode(conn,createmode,fname); fsp = file_new(); if (fsp) @@ -3076,7 +3076,7 @@ int reply_printopen(connection_struct *conn, /* Open for exclusive use, write only. */ open_file_shared(fsp,conn,fname2, SET_DENY_MODE(DENY_ALL)|SET_OPEN_MODE(DOS_OPEN_WRONLY), - (FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_FAIL), unix_mode(conn,0), 0, NULL, NULL); + (FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_FAIL), unix_mode(conn,0,fname2), 0, NULL, NULL); if (!fsp->open) { file_free(fsp); @@ -3235,7 +3235,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_convert(directory,conn,0,&bad_path,NULL); if (check_name(directory, conn)) - ret = dos_mkdir(directory,unix_mode(conn,aDIR)); + ret = dos_mkdir(directory,unix_mode(conn,aDIR,directory)); if (ret < 0) { @@ -4291,7 +4291,12 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); /* If any of the above locks failed, then we must unlock all of the previous locks (X/Open spec). */ if(i != num_locks && num_locks != 0) { - for(; i >= 0; i--) { + /* + * Ensure we don't do a remove on the lock that just failed, + * as under POSIX rules, if we have a lock already there, we + * will delete it (and we shouldn't) ..... + */ + for(i--; i >= 0; i--) { count = get_lock_count( data, i, large_file_format, &err1); offset = get_lock_offset( data, i, large_file_format, &err2); -- cgit From d867b86721e988dee56d5e9382b32c870ccb2790 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 26 Jan 2000 00:12:35 +0000 Subject: Second set of inline optimisation fixes from Ying Chen . Stop makeing function calls for every use of skip_multibyte_char. This function is called several *million* times during a NetBench run :-). Jeremy. (This used to be commit e5a3deba46ea2d4cb49a6c4b73edd766fe8b5a5c) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d15a26b20c..d1ccda1750 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1334,7 +1334,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size p = mask; while(*p) { - if((skip = skip_multibyte_char( *p )) != 0 ) + if((skip = get_character_len( *p )) != 0 ) { p += skip; } -- cgit From 16bb009dbbe6302febf3848cee61e9927eeb0fb5 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 3 Feb 2000 05:17:25 +0000 Subject: Mega-VFS merge. Yeah baby! Synopsis: change every disk access function to work through a vfs_ops structure contained in the connection_struct. (This used to be commit 3aad500c0fb61232ed3431ff4b743b5d18ec852f) --- source3/smbd/reply.c | 120 ++++++++++++++++++++++++++------------------------- 1 file changed, 62 insertions(+), 58 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d1ccda1750..f022301450 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -981,7 +981,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int user we should become. */ { - struct passwd *pw = Get_Pwnam(user,False); + const struct passwd *pw = Get_Pwnam(user,False); if (!pw) { DEBUG(1,("Username %s is invalid on this system\n",user)); return bad_password_error(inbuf,outbuf); @@ -1032,7 +1032,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if(VALID_STAT(st)) ok = S_ISDIR(st.st_mode); else - ok = dos_directory_exist(name,NULL); + ok = vfs_directory_exist(conn,dos_to_unix(name,False),NULL); } if (!ok) @@ -1167,7 +1167,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size mode = SVAL(inbuf,smb_vwv0); mtime = make_unix_date3(inbuf+smb_vwv1); - if (VALID_STAT_OF_DIR(st) || dos_directory_exist(fname,NULL)) + if (VALID_STAT_OF_DIR(st) || vfs_directory_exist(conn, dos_to_unix(fname,False),NULL)) mode |= aDIR; if (check_name(fname,conn)) ok = (file_chmod(conn,fname,mode,NULL) == 0); @@ -1201,7 +1201,7 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz int outsize = 0; SMB_BIG_UINT dfree,dsize,bsize; - sys_disk_free(".",True,&bsize,&dfree,&dsize); + conn->vfs_ops.disk_free(".",True,&bsize,&dfree,&dsize); outsize = set_message(outbuf,5,0,True); @@ -1563,7 +1563,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (sys_fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + if (fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd,&sbuf) != 0) { close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1665,7 +1665,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (sys_fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + if (fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd,&sbuf) != 0) { close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1918,7 +1918,7 @@ static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) if (!CAN_WRITE(conn)) return(False); - if (dos_lstat(fname,&sbuf) != 0) return(False); + if (conn->vfs_ops.lstat(fname,&sbuf) != 0) return(False); fmode = dos_mode(conn,fname,&sbuf); if (fmode & aDIR) return(False); if (!lp_delete_readonly(SNUM(conn))) { @@ -1989,7 +1989,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (can_delete(directory,conn,dirtype) && !dos_unlink(directory)) count++; if (!count) - exists = dos_file_exist(directory,NULL); + exists = vfs_file_exist(conn,dos_to_unix(directory,False),NULL); } else { void *dirptr = NULL; char *dname; @@ -2019,7 +2019,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); if (!can_delete(fname,conn,dirtype)) continue; - if (!dos_unlink(fname)) count++; + if (!conn->vfs_ops.unlink(fname)) count++; DEBUG(3,("reply_unlink : doing unlink on %s\n",fname)); } CloseDir(dirptr); @@ -2137,7 +2137,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if (size < sizeneeded) { SMB_STRUCT_STAT st; - if (sys_fstat(fsp->fd_ptr->fd,&st) == 0) + if (fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd,&st) == 0) size = st.st_size; if (!fsp->can_write) fsp->size = size; @@ -2161,11 +2161,11 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s #if USE_READ_PREDICTION if (!fsp->can_write) - predict = read_predict(fsp->fd_ptr->fd,startpos,header+4,NULL,nread); + predict = read_predict(fsp, fsp->fd_ptr->fd,startpos,header+4,NULL,nread); #endif /* USE_READ_PREDICTION */ if ((nread-predict) > 0) { - if(seek_file(fsp,startpos + predict) == -1) { + if(conn->vfs_ops.seek(fsp,startpos + predict) == -1) { DEBUG(0,("reply_readbraw: ERROR: seek_file failed.\n")); ret = 0; seek_fail = True; @@ -2173,7 +2173,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s } if(!seek_fail) - ret = (ssize_t)transfer_file(fsp->fd_ptr->fd,Client, + ret = (ssize_t)vfs_transfer_file(-1, fsp->fd_ptr->fd, Client, NULL, (SMB_OFF_T)(nread-predict),header,4+predict, startpos+predict); } @@ -2439,8 +2439,9 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, (int)tcount,(int)nwritten,(int)numtowrite)); } - nwritten = transfer_file(Client,fsp->fd_ptr->fd,(SMB_OFF_T)numtowrite,NULL,0, - startpos+nwritten); + nwritten = vfs_transfer_file(Client, NULL, -1, fsp, + (SMB_OFF_T)numtowrite,NULL,0, + startpos+nwritten); total_written += nwritten; /* Set up outbuf to return the correct return */ @@ -2453,8 +2454,9 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, SSVAL(outbuf,smb_err,ERRdiskfull); } - if (lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); + if ((lp_syncalways(SNUM(conn)) || write_through) && + lp_strict_sync(SNUM(conn))) + conn->vfs_ops.fsync(fsp->fd_ptr->fd); DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n", fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written)); @@ -2502,7 +2504,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz nwritten = write_file(fsp,data,startpos,numtowrite); if (lp_syncalways(SNUM(conn))) - sync_file(conn,fsp); + conn->vfs_ops.fsync(fsp->fd_ptr->fd); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2551,13 +2553,13 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d zero then the file size should be extended or truncated to the size given in smb_vwv[2-3] */ if(numtowrite == 0) { - if((nwritten = set_filelen(fsp->fd_ptr->fd, (SMB_OFF_T)startpos)) >= 0) + if((nwritten = set_filelen(fsp->fd_ptr->fd, (SMB_OFF_T)startpos)) >= 0) /* tpot vfs */ set_filelen_write_cache(fsp, startpos); } else nwritten = write_file(fsp,data,startpos,numtowrite); if (lp_syncalways(SNUM(conn))) - sync_file(conn,fsp); + conn->vfs_ops.fsync(fsp->fd_ptr->fd); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2651,7 +2653,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng fsp->fnum, (int)numtowrite, (int)nwritten)); if (lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); + conn->vfs_ops.fsync(fsp->fd_ptr->fd); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2685,7 +2687,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int umode = SEEK_SET; break; } - if((res = sys_lseek(fsp->fd_ptr->fd,startpos,umode)) == -1) { + if((res = conn->vfs_ops.lseek(fsp->fd_ptr->fd,startpos,umode)) == -1) { /* * Check for the special case where a seek before the start * of the file sets the offset to zero. Added in the CIFS spec, @@ -2697,7 +2699,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int if(umode == SEEK_CUR) { - if((current_pos = sys_lseek(fsp->fd_ptr->fd,0,SEEK_CUR)) == -1) + if((current_pos = conn->vfs_ops.lseek(fsp->fd_ptr->fd,0,SEEK_CUR)) == -1) return(UNIXERROR(ERRDOS,ERRnoaccess)); current_pos += startpos; @@ -2706,14 +2708,14 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int SMB_STRUCT_STAT sbuf; - if(sys_fstat( fsp->fd_ptr->fd, &sbuf) == -1) + if(conn->vfs_ops.fstat( fsp->fd_ptr->fd, &sbuf) == -1) return(UNIXERROR(ERRDOS,ERRnoaccess)); current_pos += sbuf.st_size; } if(current_pos < 0) - res = sys_lseek(fsp->fd_ptr->fd,0,SEEK_SET); + res = conn->vfs_ops.lseek(fsp->fd_ptr->fd,0,SEEK_SET); } if(res == -1) @@ -2748,7 +2750,7 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int if (!fsp) { file_sync_all(conn); } else { - sync_file(conn,fsp); + conn->vfs_ops.fsync(fsp->fd_ptr->fd); } DEBUG(3,("flush\n")); @@ -3235,7 +3237,8 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_convert(directory,conn,0,&bad_path,NULL); if (check_name(directory, conn)) - ret = dos_mkdir(directory,unix_mode(conn,aDIR,directory)); + ret = conn->vfs_ops.mkdir(dos_to_unix(directory,False), + unix_mode(conn,aDIR,directory)); if (ret < 0) { @@ -3259,7 +3262,7 @@ Static function used by reply_rmdir to delete an entire directory tree recursively. ****************************************************************************/ -static BOOL recursive_rmdir(char *directory) +static BOOL recursive_rmdir(connection_struct *conn, char *directory) { char *dname = NULL; BOOL ret = False; @@ -3287,7 +3290,7 @@ static BOOL recursive_rmdir(char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(dos_lstat(fullname, &st) != 0) + if(conn->vfs_ops.lstat(fullname, &st) != 0) { ret = True; break; @@ -3295,18 +3298,18 @@ static BOOL recursive_rmdir(char *directory) if(st.st_mode & S_IFDIR) { - if(recursive_rmdir(fullname)!=0) + if(recursive_rmdir(conn, fullname)!=0) { ret = True; break; } - if(dos_rmdir(fullname) != 0) + if(conn->vfs_ops.rmdir(dos_to_unix(fullname,False)) != 0) { ret = True; break; } } - else if(dos_unlink(fullname) != 0) + else if(conn->vfs_ops.unlink(dos_to_unix(fullname,False)) != 0) { ret = True; break; @@ -3324,7 +3327,7 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) { BOOL ok; - ok = (dos_rmdir(directory) == 0); + ok = (conn->vfs_ops.rmdir(dos_to_unix(directory, False)) == 0); if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) { /* @@ -3371,24 +3374,24 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(dos_lstat(fullname, &st) != 0) + if(conn->vfs_ops.lstat(dos_to_unix(fullname, False), &st) != 0) break; if(st.st_mode & S_IFDIR) { if(lp_recursive_veto_delete(SNUM(conn))) { - if(recursive_rmdir(fullname) != 0) + if(recursive_rmdir(conn, fullname) != 0) break; } - if(dos_rmdir(fullname) != 0) + if(conn->vfs_ops.rmdir(dos_to_unix(fullname, False)) != 0) break; } - else if(dos_unlink(fullname) != 0) + else if(conn->vfs_ops.unlink(dos_to_unix(fullname, False)) != 0) break; } CloseDir(dirptr); /* Retry the rmdir */ - ok = (dos_rmdir(directory) == 0); + ok = (conn->vfs_ops.rmdir(dos_to_unix(directory, False)) == 0); } else CloseDir(dirptr); @@ -3515,7 +3518,7 @@ static BOOL can_rename(char *fname,connection_struct *conn) if (!CAN_WRITE(conn)) return(False); - if (dos_lstat(fname,&sbuf) != 0) return(False); + if (conn->vfs_ops.lstat(fname,&sbuf) != 0) return(False); if (!check_file_sharing(conn,fname,True)) return(False); return(True); @@ -3645,21 +3648,23 @@ int rename_internals(connection_struct *conn, */ if(resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !dos_rename(directory,newname)) + !conn->vfs_ops.rename(dos_to_unix(directory,False), + newname)) count++; } else { if (resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !dos_file_exist(newname,NULL) && - !dos_rename(directory,newname)) + !vfs_file_exist(conn,dos_to_unix(newname,False),NULL) && + !conn->vfs_ops.rename(dos_to_unix(directory,False), + newname)) count++; } DEBUG(3,("rename_internals: %s doing rename on %s -> %s\n",(count != 0) ? "succeeded" : "failed", directory,newname)); - if (!count) exists = dos_file_exist(directory,NULL); - if (!count && exists && dos_file_exist(newname,NULL)) { + if (!count) exists = vfs_file_exist(conn,dos_to_unix(directory,False),NULL); + if (!count && exists && vfs_file_exist(conn,dos_to_unix(newname,False),NULL)) { exists = True; error = ERRrename; } @@ -3700,13 +3705,13 @@ int rename_internals(connection_struct *conn, continue; } - if (!replace_if_exists && dos_file_exist(destname,NULL)) { - DEBUG(6,("dos_file_exist %s\n", destname)); + if (!replace_if_exists && vfs_file_exist(conn,dos_to_unix(destname,False),NULL)) { + DEBUG(6,("file_exist %s\n", destname)); error = 183; continue; } - if (!dos_rename(fname,destname)) + if (!conn->vfs_ops.rename(dos_to_unix(fname,False),destname)) count++; DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } @@ -3777,7 +3782,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, pstrcat(dest,p); } - if (!dos_file_exist(src,&st)) + if (!vfs_file_exist(conn,dos_to_unix(src,False),&st)) return(False); fsp1 = file_new(); @@ -3810,7 +3815,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if ((ofun&3) == 1) { - if(sys_lseek(fsp2->fd_ptr->fd,0,SEEK_END) == -1) { + if(conn->vfs_ops.lseek(fsp2->fd_ptr->fd,0,SEEK_END) == -1) { DEBUG(0,("copy_file: error - sys_lseek returned error %s\n", strerror(errno) )); /* @@ -3822,8 +3827,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if (st.st_size) - ret = transfer_file(fsp1->fd_ptr->fd, - fsp2->fd_ptr->fd,st.st_size,NULL,0,0); + ret = vfs_transfer_file(-1, fsp1, -1, fsp2, st.st_size, NULL, 0, 0); close_file(fsp1,False); /* @@ -3878,7 +3882,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, rc = unix_convert(name,conn,0,&bad_path1,NULL); unix_convert(newname,conn,0,&bad_path2,NULL); - target_is_directory = dos_directory_exist(newname,NULL); + target_is_directory = vfs_directory_exist(conn,dos_to_unix(newname,False),NULL); if ((flags&1) && target_is_directory) { return(ERROR(ERRDOS,ERRbadfile)); @@ -3888,7 +3892,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(ERROR(ERRDOS,ERRbadpath)); } - if ((flags&(1<<5)) && dos_directory_exist(name,NULL)) { + if ((flags&(1<<5)) && vfs_directory_exist(conn,dos_to_unix(name,False),NULL)) { /* wants a tree copy! XXXX */ DEBUG(3,("Rejecting tree copy\n")); return(ERROR(ERRSRV,ERRerror)); @@ -3928,7 +3932,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, errno = err; return(UNIXERROR(ERRHRD,ERRgeneral)); } - if (!count) exists = dos_file_exist(directory,NULL); + if (!count) exists = vfs_file_exist(conn,dos_to_unix(directory,False),NULL); } else { void *dirptr = NULL; char *dname; @@ -4008,7 +4012,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (strlen(newdir) == 0) { ok = True; } else { - ok = dos_directory_exist(newdir,NULL); + ok = vfs_directory_exist(conn,dos_to_unix(newdir,False),NULL); if (ok) { string_set(&conn->connectpath,newdir); } @@ -4426,7 +4430,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, nwritten = write_file(fsp,data,startpos,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); + conn->vfs_ops.fsync(fsp->fd_ptr->fd); if(nwritten < (ssize_t)numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -4527,7 +4531,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz nwritten = write_file(fsp,data,startpos,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); + conn->vfs_ops.fsync(fsp->fd_ptr->fd); if (nwritten < (ssize_t)numtowrite) { @@ -4634,7 +4638,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, CHECK_ERROR(fsp); /* Do an fstat on this file */ - if(sys_fstat(fsp->fd_ptr->fd, &sbuf)) + if(fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd, &sbuf)) return(UNIXERROR(ERRDOS,ERRnoaccess)); mode = dos_mode(conn,fsp->fsp_name,&sbuf); -- cgit From ae7696117e81bb469fa71f9bc880f6b5aac0724e Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 3 Feb 2000 23:08:24 +0000 Subject: Put back lots of missing calls to dos_to_unix(). Thanks to aono@cc.osaka-kyoiku.ac.jp (Tomoki AONO) (This used to be commit 176c405d2702a4245561ff56c8eac3c754a0dea3) --- source3/smbd/reply.c | 41 ++++++++++++++++++++++------------------- 1 file changed, 22 insertions(+), 19 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f022301450..3715bd224f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1032,7 +1032,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if(VALID_STAT(st)) ok = S_ISDIR(st.st_mode); else - ok = vfs_directory_exist(conn,dos_to_unix(name,False),NULL); + ok = vfs_directory_exist(conn,name,NULL); } if (!ok) @@ -1167,7 +1167,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size mode = SVAL(inbuf,smb_vwv0); mtime = make_unix_date3(inbuf+smb_vwv1); - if (VALID_STAT_OF_DIR(st) || vfs_directory_exist(conn, dos_to_unix(fname,False),NULL)) + if (VALID_STAT_OF_DIR(st) || vfs_directory_exist(conn, fname, NULL)) mode |= aDIR; if (check_name(fname,conn)) ok = (file_chmod(conn,fname,mode,NULL) == 0); @@ -1918,7 +1918,7 @@ static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) if (!CAN_WRITE(conn)) return(False); - if (conn->vfs_ops.lstat(fname,&sbuf) != 0) return(False); + if (conn->vfs_ops.lstat(dos_to_unix(fname,False),&sbuf) != 0) return(False); fmode = dos_mode(conn,fname,&sbuf); if (fmode & aDIR) return(False); if (!lp_delete_readonly(SNUM(conn))) { @@ -1989,7 +1989,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (can_delete(directory,conn,dirtype) && !dos_unlink(directory)) count++; if (!count) - exists = vfs_file_exist(conn,dos_to_unix(directory,False),NULL); + exists = vfs_file_exist(conn,directory,NULL); } else { void *dirptr = NULL; char *dname; @@ -2019,7 +2019,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); if (!can_delete(fname,conn,dirtype)) continue; - if (!conn->vfs_ops.unlink(fname)) count++; + if (!conn->vfs_ops.unlink(dos_to_unix(fname,False))) count++; DEBUG(3,("reply_unlink : doing unlink on %s\n",fname)); } CloseDir(dirptr); @@ -2708,7 +2708,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int SMB_STRUCT_STAT sbuf; - if(conn->vfs_ops.fstat( fsp->fd_ptr->fd, &sbuf) == -1) + if(conn->vfs_ops.fstat(fsp->fd_ptr->fd, &sbuf) == -1) return(UNIXERROR(ERRDOS,ERRnoaccess)); current_pos += sbuf.st_size; @@ -3290,7 +3290,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(conn->vfs_ops.lstat(fullname, &st) != 0) + if(conn->vfs_ops.lstat(dos_to_unix(fullname,False), &st) != 0) { ret = True; break; @@ -3518,7 +3518,7 @@ static BOOL can_rename(char *fname,connection_struct *conn) if (!CAN_WRITE(conn)) return(False); - if (conn->vfs_ops.lstat(fname,&sbuf) != 0) return(False); + if (conn->vfs_ops.lstat(dos_to_unix(fname,False),&sbuf) != 0) return(False); if (!check_file_sharing(conn,fname,True)) return(False); return(True); @@ -3654,7 +3654,7 @@ int rename_internals(connection_struct *conn, } else { if (resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !vfs_file_exist(conn,dos_to_unix(newname,False),NULL) && + !vfs_file_exist(conn,newname,NULL) && !conn->vfs_ops.rename(dos_to_unix(directory,False), newname)) count++; @@ -3663,8 +3663,8 @@ int rename_internals(connection_struct *conn, DEBUG(3,("rename_internals: %s doing rename on %s -> %s\n",(count != 0) ? "succeeded" : "failed", directory,newname)); - if (!count) exists = vfs_file_exist(conn,dos_to_unix(directory,False),NULL); - if (!count && exists && vfs_file_exist(conn,dos_to_unix(newname,False),NULL)) { + if (!count) exists = vfs_file_exist(conn,directory,NULL); + if (!count && exists && vfs_file_exist(conn,newname,NULL)) { exists = True; error = ERRrename; } @@ -3701,17 +3701,20 @@ int rename_internals(connection_struct *conn, pstrcpy(destname,newname); if (!resolve_wildcards(fname,destname)) { - DEBUG(6,("resolve_wildcards %s %s failed\n", fname, destname)); + DEBUG(6,("resolve_wildcards %s %s failed\n", + fname, destname)); continue; } - if (!replace_if_exists && vfs_file_exist(conn,dos_to_unix(destname,False),NULL)) { + if (!replace_if_exists && + vfs_file_exist(conn,destname, NULL)) { DEBUG(6,("file_exist %s\n", destname)); error = 183; continue; } - if (!conn->vfs_ops.rename(dos_to_unix(fname,False),destname)) + if (!conn->vfs_ops.rename(dos_to_unix(fname,False), + destname)) count++; DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } @@ -3782,7 +3785,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, pstrcat(dest,p); } - if (!vfs_file_exist(conn,dos_to_unix(src,False),&st)) + if (!vfs_file_exist(conn,src,&st)) return(False); fsp1 = file_new(); @@ -3882,7 +3885,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, rc = unix_convert(name,conn,0,&bad_path1,NULL); unix_convert(newname,conn,0,&bad_path2,NULL); - target_is_directory = vfs_directory_exist(conn,dos_to_unix(newname,False),NULL); + target_is_directory = vfs_directory_exist(conn,False,NULL); if ((flags&1) && target_is_directory) { return(ERROR(ERRDOS,ERRbadfile)); @@ -3892,7 +3895,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(ERROR(ERRDOS,ERRbadpath)); } - if ((flags&(1<<5)) && vfs_directory_exist(conn,dos_to_unix(name,False),NULL)) { + if ((flags&(1<<5)) && vfs_directory_exist(conn,name,NULL)) { /* wants a tree copy! XXXX */ DEBUG(3,("Rejecting tree copy\n")); return(ERROR(ERRSRV,ERRerror)); @@ -3932,7 +3935,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, errno = err; return(UNIXERROR(ERRHRD,ERRgeneral)); } - if (!count) exists = vfs_file_exist(conn,dos_to_unix(directory,False),NULL); + if (!count) exists = vfs_file_exist(conn,directory,NULL); } else { void *dirptr = NULL; char *dname; @@ -4012,7 +4015,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (strlen(newdir) == 0) { ok = True; } else { - ok = vfs_directory_exist(conn,dos_to_unix(newdir,False),NULL); + ok = vfs_directory_exist(conn,newdir,NULL); if (ok) { string_set(&conn->connectpath,newdir); } -- cgit From 952799d9afe028d822181831715b85521c89a7ef Mon Sep 17 00:00:00 2001 From: Shirish Kalele Date: Wed, 8 Mar 2000 22:14:30 +0000 Subject: dded Microsoft Dfs services. * added a new msdfs/ directory under source/ * added msdfs sources under this directory. * modified configure setup to add a --with-msdfs configure time option Modified Files: Makefile.in acconfig.h configure configure.in include/config.h.in include/includes.h include/proto.h include/smb.h include/smb_macros.h param/loadparm.c smbd/negprot.c smbd/nttrans.c smbd/process.c smbd/reply.c smbd/server.c smbd/trans2.c Added Files: include/msdfs.h msdfs/README msdfs/msdfs.c msdfs/msdfs_tdb.c msdfs/parse_dfs_map.c ---------------------------------------------------------------------- (This used to be commit 4684b4a188b54493dbe7f0de2909a8d3c5c3ebf9) --- source3/smbd/reply.c | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3715bd224f..6b1d28abe0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -352,7 +352,10 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt /* what does setting this bit do? It is set by NT4 and may affect the ability to autorun mounted cdroms */ SSVAL(outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS); + + init_dfsroot(conn, inbuf, outbuf); } + DEBUG(3,("tconX service=%s user=%s\n", service, user)); @@ -1024,6 +1027,9 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SMB_STRUCT_STAT st; pstrcpy(name,smb_buf(inbuf) + 1); + + RESOLVE_DFSPATH(name, conn, inbuf, outbuf); + unix_convert(name,conn,0,&bad_path,&st); mode = SVAL(inbuf,smb_vwv0); @@ -1085,6 +1091,10 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstrcpy(fname,smb_buf(inbuf) + 1); + RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + + /* if((SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES) && dfs_redirect(fname,conn)) return(dfs_path_error(inbuf,outbuf)); + */ /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ if (! (*fname)) @@ -1530,6 +1540,9 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, share_mode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); + + RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + unix_convert(fname,conn,0,&bad_path,NULL); fsp = file_new(); @@ -1632,6 +1645,9 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt /* XXXX we need to handle passed times, sattr and flags */ pstrcpy(fname,smb_buf(inbuf)); + + RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + unix_convert(fname,conn,0,&bad_path,NULL); fsp = file_new(); @@ -1766,6 +1782,9 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); + + RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + unix_convert(fname,conn,0,&bad_path,NULL); if (createmode & aVOLID) @@ -1851,6 +1870,9 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); pstrcat(fname,"/TMXXXXXX"); + + RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + unix_convert(fname,conn,0,&bad_path,NULL); unixmode = unix_mode(conn,createmode,fname); @@ -1955,6 +1977,8 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstrcpy(name,smb_buf(inbuf) + 1); + RESOLVE_DFSPATH(name, conn, inbuf, outbuf); + DEBUG(3,("reply_unlink : %s\n",name)); rc = unix_convert(name,conn,0,&bad_path,NULL); @@ -3419,6 +3443,9 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; pstrcpy(directory,smb_buf(inbuf) + 1); + + RESOLVE_DFSPATH(directory, conn, inbuf, outbuf) + unix_convert(directory,conn, NULL,&bad_path,NULL); if (check_name(directory,conn)) @@ -3749,7 +3776,10 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, in pstrcpy(name,smb_buf(inbuf) + 1); pstrcpy(newname,smb_buf(inbuf) + 3 + strlen(name)); - + + RESOLVE_DFSPATH(name, conn, inbuf, outbuf); + RESOLVE_DFSPATH(newname, conn, inbuf, outbuf); + DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); outsize = rename_internals(conn, inbuf, outbuf, name, newname, False); @@ -3882,6 +3912,9 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(ERROR(ERRSRV,ERRinvdevice)); } + RESOLVE_DFSPATH(name, conn, inbuf, outbuf); + RESOLVE_DFSPATH(newname, conn, inbuf, outbuf); + rc = unix_convert(name,conn,0,&bad_path1,NULL); unix_convert(newname,conn,0,&bad_path2,NULL); -- cgit From 01d88573ea1b3809a3e264989e1e04cd397528f7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 13 Mar 2000 20:05:18 +0000 Subject: include/smb.h: smbd/negprot.c: smbd/reply.c: Fixes to recognise Win2k. param/loadparm.c: Put debug timestamp parameter back to correct default. smbd/nttrans.c: Fix to detect Win2k unicode bug with transact create. Jeremy. (This used to be commit bb100352ab2f98fab3978008d269920e03efcf6d) --- source3/smbd/reply.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6b1d28abe0..4b0400fe6c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -636,7 +636,8 @@ static int bad_password_error(char *inbuf,char *outbuf) { enum remote_arch_types ra_type = get_remote_arch(); - if(ra_type == RA_WINNT && (global_client_caps & (CAP_NT_SMBS | CAP_STATUS32 ))) { + if(((ra_type == RA_WINNT) || (ra_type == RA_WIN2K)) && + (global_client_caps & (CAP_NT_SMBS | CAP_STATUS32 ))) { SSVAL(outbuf,smb_flg2,FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0,0xc0000000|NT_STATUS_LOGON_FAILURE)); } @@ -702,11 +703,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int circumstances. */ - if(ra_type == RA_WINNT || ra_type == RA_WIN95) { - if(global_client_caps & (CAP_NT_SMBS | CAP_STATUS32)) - set_remote_arch( RA_WINNT); - else + if(ra_type == RA_WINNT || ra_type == RA_WIN2K || ra_type == RA_WIN95) { + if(!(global_client_caps & (CAP_NT_SMBS | CAP_STATUS32))) { set_remote_arch( RA_WIN95); + } } if (passlen1 != 24 && passlen2 != 24) -- cgit From 84b16407bf8bdf2f318eba75a483c5b2a367d6ae Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 29 Mar 2000 07:44:23 +0000 Subject: More Japanese filename fixes wrt VFS code from Tomoki AONO (This used to be commit a9b628ebaa90e464366d0284226753f31439af9f) --- source3/smbd/reply.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4b0400fe6c..0092d6b397 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3570,6 +3570,7 @@ int rename_internals(connection_struct *conn, int error = ERRnoaccess; BOOL exists=False; BOOL rc = True; + pstring zdirectory; *directory = *mask = 0; @@ -3667,23 +3668,24 @@ int rename_internals(connection_struct *conn, } } + pstrcpy(zdirectory, dos_to_unix(directory, False)); if(replace_if_exists) { /* * NT SMB specific flag - rename can overwrite * file with the same name so don't check for - * dos_file_exist(). + * vfs_file_exist(). */ if(resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !conn->vfs_ops.rename(dos_to_unix(directory,False), - newname)) + !conn->vfs_ops.rename(zdirectory, + dos_to_unix(newname,False))) count++; } else { if (resolve_wildcards(directory,newname) && can_rename(directory,conn) && !vfs_file_exist(conn,newname,NULL) && - !conn->vfs_ops.rename(dos_to_unix(directory,False), - newname)) + !conn->vfs_ops.rename(zdirectory, + dos_to_unix(newname,False))) count++; } @@ -3714,6 +3716,7 @@ int rename_internals(connection_struct *conn, while ((dname = ReadDirName(dirptr))) { pstring fname; + pstrcpy(fname,dname); if(!mask_match(fname, mask, case_sensitive, False)) @@ -3741,7 +3744,7 @@ int rename_internals(connection_struct *conn, } if (!conn->vfs_ops.rename(dos_to_unix(fname,False), - destname)) + dos_to_unix(destname,False))) count++; DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } -- cgit From 689ec46450a3f373b583ebe98d124ab4a99ce3ef Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 10 Apr 2000 13:05:23 +0000 Subject: the bulk of the changes to get rid of fd_ptr and move print open handling to printing/printing.c most of this was just replacing things like fsp->fd_ptr->fd with fsp->fd the changes in open.c are quite dramatic. Most of it is removing all the functions that handled the fd multiplexing (This used to be commit d1827a3648009fd0a0d165055015d9aeda7a1037) --- source3/smbd/reply.c | 131 +++++++++++---------------------------------------- 1 file changed, 28 insertions(+), 103 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0092d6b397..81d3ef32b3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1549,17 +1549,6 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!fsp) return(ERROR(ERRSRV,ERRnofids)); - if (!check_name(fname,conn)) - { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - file_free(fsp); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - unixmode = unix_mode(conn,aARCH,fname); open_file_shared(fsp,conn,fname,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), @@ -1576,7 +1565,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + if (fsp->conn->vfs_ops.fstat(fsp->fd,&sbuf) != 0) { close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1654,17 +1643,6 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (!fsp) return(ERROR(ERRSRV,ERRnofids)); - if (!check_name(fname,conn)) - { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - file_free(fsp); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - unixmode = unix_mode(conn,smb_attr | aARCH, fname); open_file_shared(fsp,conn,fname,smb_mode,smb_ofun,unixmode, @@ -1681,7 +1659,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd,&sbuf) != 0) { + if (fsp->conn->vfs_ops.fstat(fsp->fd,&sbuf) != 0) { close_file(fsp,False); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1798,17 +1776,6 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!fsp) return(ERROR(ERRSRV,ERRnofids)); - if (!check_name(fname,conn)) - { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - file_free(fsp); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - if(com == SMBmknew) { /* We should fail if file exists. */ @@ -1847,7 +1814,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG( 2, ( "new file %s\n", fname ) ); DEBUG( 3, ( "mknew %s fd=%d dmode=%d umode=%o\n", - fname, fsp->fd_ptr->fd, createmode, (int)unixmode ) ); + fname, fsp->fd, createmode, (int)unixmode ) ); return(outsize); } @@ -1881,17 +1848,6 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (fsp) return(ERROR(ERRSRV,ERRnofids)); - if (!check_name(fname,conn)) - { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - file_free(fsp); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - pstrcpy(fname2,(char *)smbd_mktemp(fname)); /* Open file in dos compatibility share mode. */ @@ -1924,7 +1880,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG( 2, ( "created temp file %s\n", fname2 ) ); DEBUG( 3, ( "ctemp %s fd=%d dmode=%d umode=%o\n", - fname2, fsp->fd_ptr->fd, createmode, (int)unixmode ) ); + fname2, fsp->fd, createmode, (int)unixmode ) ); return(outsize); } @@ -2161,7 +2117,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if (size < sizeneeded) { SMB_STRUCT_STAT st; - if (fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd,&st) == 0) + if (fsp->conn->vfs_ops.fstat(fsp->fd,&st) == 0) size = st.st_size; if (!fsp->can_write) fsp->size = size; @@ -2185,7 +2141,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s #if USE_READ_PREDICTION if (!fsp->can_write) - predict = read_predict(fsp, fsp->fd_ptr->fd,startpos,header+4,NULL,nread); + predict = read_predict(fsp, fsp->fd,startpos,header+4,NULL,nread); #endif /* USE_READ_PREDICTION */ if ((nread-predict) > 0) { @@ -2197,7 +2153,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s } if(!seek_fail) - ret = (ssize_t)vfs_transfer_file(-1, fsp->fd_ptr->fd, Client, NULL, + ret = (ssize_t)vfs_transfer_file(-1, fsp->fd, Client, NULL, (SMB_OFF_T)(nread-predict),header,4+predict, startpos+predict); } @@ -2480,7 +2436,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, if ((lp_syncalways(SNUM(conn)) || write_through) && lp_strict_sync(SNUM(conn))) - conn->vfs_ops.fsync(fsp->fd_ptr->fd); + conn->vfs_ops.fsync(fsp->fd); DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n", fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written)); @@ -2528,7 +2484,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz nwritten = write_file(fsp,data,startpos,numtowrite); if (lp_syncalways(SNUM(conn))) - conn->vfs_ops.fsync(fsp->fd_ptr->fd); + conn->vfs_ops.fsync(fsp->fd); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2577,13 +2533,13 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d zero then the file size should be extended or truncated to the size given in smb_vwv[2-3] */ if(numtowrite == 0) { - if((nwritten = set_filelen(fsp->fd_ptr->fd, (SMB_OFF_T)startpos)) >= 0) /* tpot vfs */ + if((nwritten = set_filelen(fsp->fd, (SMB_OFF_T)startpos)) >= 0) /* tpot vfs */ set_filelen_write_cache(fsp, startpos); } else nwritten = write_file(fsp,data,startpos,numtowrite); if (lp_syncalways(SNUM(conn))) - conn->vfs_ops.fsync(fsp->fd_ptr->fd); + conn->vfs_ops.fsync(fsp->fd); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2677,7 +2633,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng fsp->fnum, (int)numtowrite, (int)nwritten)); if (lp_syncalways(SNUM(conn)) || write_through) - conn->vfs_ops.fsync(fsp->fd_ptr->fd); + conn->vfs_ops.fsync(fsp->fd); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2711,7 +2667,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int umode = SEEK_SET; break; } - if((res = conn->vfs_ops.lseek(fsp->fd_ptr->fd,startpos,umode)) == -1) { + if((res = conn->vfs_ops.lseek(fsp->fd,startpos,umode)) == -1) { /* * Check for the special case where a seek before the start * of the file sets the offset to zero. Added in the CIFS spec, @@ -2723,7 +2679,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int if(umode == SEEK_CUR) { - if((current_pos = conn->vfs_ops.lseek(fsp->fd_ptr->fd,0,SEEK_CUR)) == -1) + if((current_pos = conn->vfs_ops.lseek(fsp->fd,0,SEEK_CUR)) == -1) return(UNIXERROR(ERRDOS,ERRnoaccess)); current_pos += startpos; @@ -2732,14 +2688,14 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int SMB_STRUCT_STAT sbuf; - if(conn->vfs_ops.fstat(fsp->fd_ptr->fd, &sbuf) == -1) + if(conn->vfs_ops.fstat(fsp->fd, &sbuf) == -1) return(UNIXERROR(ERRDOS,ERRnoaccess)); current_pos += sbuf.st_size; } if(current_pos < 0) - res = conn->vfs_ops.lseek(fsp->fd_ptr->fd,0,SEEK_SET); + res = conn->vfs_ops.lseek(fsp->fd,0,SEEK_SET); } if(res == -1) @@ -2774,7 +2730,7 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int if (!fsp) { file_sync_all(conn); } else { - conn->vfs_ops.fsync(fsp->fd_ptr->fd); + conn->vfs_ops.fsync(fsp->fd); } DEBUG(3,("flush\n")); @@ -2855,7 +2811,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, set_filetime(conn, fsp->fsp_name,mtime); DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n", - fsp->fd_ptr ? fsp->fd_ptr->fd : -1, fsp->fnum, + fsp->fd, fsp->fnum, conn->num_files_open)); /* @@ -2950,7 +2906,7 @@ int reply_lock(connection_struct *conn, offset = IVAL(inbuf,smb_vwv3); DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", - fsp->fd_ptr->fd, fsp->fnum, (double)offset, (double)count)); + fsp->fd, fsp->fnum, (double)offset, (double)count)); if (!do_lock(fsp, conn, count, offset, WRITE_LOCK, &eclass, &ecode)) { if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { @@ -2990,7 +2946,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, in return (ERROR(eclass,ecode)); DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n", - fsp->fd_ptr->fd, fsp->fnum, (double)offset, (double)count ) ); + fsp->fd, fsp->fnum, (double)offset, (double)count ) ); return(outsize); } @@ -3063,60 +3019,29 @@ int reply_echo(connection_struct *conn, int reply_printopen(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - pstring fname; - pstring fname2; int outsize = 0; files_struct *fsp; - *fname = *fname2 = 0; - if (!CAN_PRINT(conn)) return(ERROR(ERRDOS,ERRnoaccess)); - { - pstring s; - char *p; - pstrcpy(s,smb_buf(inbuf)+1); - p = s; - while (*p) { - if (!(isalnum((int)*p) || strchr("._-",*p))) - *p = 'X'; - p++; - } - - if (strlen(s) > 10) s[10] = 0; - - slprintf(fname,sizeof(fname)-1, "%s.XXXXXX",s); - } - fsp = file_new(); if (!fsp) return(ERROR(ERRSRV,ERRnofids)); - pstrcpy(fname2,(char *)smbd_mktemp(fname)); - - if (!check_name(fname2,conn)) { - file_free(fsp); - return(ERROR(ERRDOS,ERRnoaccess)); - } - /* Open for exclusive use, write only. */ - open_file_shared(fsp,conn,fname2, SET_DENY_MODE(DENY_ALL)|SET_OPEN_MODE(DOS_OPEN_WRONLY), - (FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_FAIL), unix_mode(conn,0,fname2), 0, NULL, NULL); + print_open_file(fsp,conn,"dos.prn"); if (!fsp->open) { file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } - /* force it to be a print file */ - fsp->print_file = True; - outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); - DEBUG(3,("openprint %s fd=%d fnum=%d\n", - fname2, fsp->fd_ptr->fd, fsp->fnum)); + DEBUG(3,("openprint fd=%d fnum=%d\n", + fsp->fd, fsp->fnum)); return(outsize); } @@ -3139,7 +3064,7 @@ int reply_printclose(connection_struct *conn, return(ERROR(ERRDOS,ERRnoaccess)); DEBUG(3,("printclose fd=%d fnum=%d\n", - fsp->fd_ptr->fd,fsp->fnum)); + fsp->fd,fsp->fnum)); close_err = close_file(fsp,True); @@ -3851,7 +3776,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if ((ofun&3) == 1) { - if(conn->vfs_ops.lseek(fsp2->fd_ptr->fd,0,SEEK_END) == -1) { + if(conn->vfs_ops.lseek(fsp2->fd,0,SEEK_END) == -1) { DEBUG(0,("copy_file: error - sys_lseek returned error %s\n", strerror(errno) )); /* @@ -4469,7 +4394,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, nwritten = write_file(fsp,data,startpos,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) - conn->vfs_ops.fsync(fsp->fd_ptr->fd); + conn->vfs_ops.fsync(fsp->fd); if(nwritten < (ssize_t)numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -4570,7 +4495,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz nwritten = write_file(fsp,data,startpos,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) - conn->vfs_ops.fsync(fsp->fd_ptr->fd); + conn->vfs_ops.fsync(fsp->fd); if (nwritten < (ssize_t)numtowrite) { @@ -4677,7 +4602,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, CHECK_ERROR(fsp); /* Do an fstat on this file */ - if(fsp->conn->vfs_ops.fstat(fsp->fd_ptr->fd, &sbuf)) + if(fsp->conn->vfs_ops.fstat(fsp->fd, &sbuf)) return(UNIXERROR(ERRDOS,ERRnoaccess)); mode = dos_mode(conn,fsp->fsp_name,&sbuf); -- cgit From 2fa922611bf7160e2c1ce80c11b50006448bf98d Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 11 Apr 2000 13:55:53 +0000 Subject: finally got sick of the "extern int Client" code and the stupid assumption that we have one socket everywhere while doing so I discovered a few bugs! 1) the clientgen session retarget code if used from smbd or nmbd would cause a crash as it called close_sockets() which closed our main socket! fixed by removing close_sockets() completely - it is unnecessary 2) the caching in client_addr() and client_name() was bogus - it could easily get fooled and give the wrong result. fixed. 3) the retarget could could recurse, allowing an easy denial of service attack on nmbd. fixed. (This used to be commit 5937ab14d222696e40a3fc6f0e6a536f2d7305d3) --- source3/smbd/reply.c | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 81d3ef32b3..3ada28364b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -40,7 +40,6 @@ extern BOOL short_case_preserve; extern pstring sesssetup_user; extern pstring global_myname; extern fstring global_myworkgroup; -extern int Client; extern int global_oplock_break; uint32 global_client_caps = 0; unsigned int smb_echo_count = 0; @@ -55,7 +54,7 @@ static void overflow_attack(int len) dbgtext( "ERROR: Invalid password length %d.\n", len ); dbgtext( "Your machine may be under attack by someone " ); dbgtext( "attempting to exploit an old bug.\n" ); - dbgtext( "Attack was from IP = %s.\n", client_addr(Client) ); + dbgtext( "Attack was from IP = %s.\n", client_addr() ); } exit_server("possible attack"); } @@ -2048,7 +2047,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if(global_oplock_break) { _smb_setlen(header,0); - transfer_file(0,Client,(SMB_OFF_T)0,header,4,0); + transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0); DEBUG(5,("readbraw - oplock break finished\n")); return -1; } @@ -2061,7 +2060,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s */ DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0))); _smb_setlen(header,0); - transfer_file(0,Client,(SMB_OFF_T)0,header,4,0); + transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0); return(-1); } @@ -2088,7 +2087,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \ 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) )); _smb_setlen(header,0); - transfer_file(0,Client,(SMB_OFF_T)0,header,4,0); + transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0); return(-1); } @@ -2098,7 +2097,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", (double)startpos )); _smb_setlen(header,0); - transfer_file(0,Client,(SMB_OFF_T)0,header,4,0); + transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0); return(-1); } } @@ -2167,7 +2166,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if (ret < mincount) ret = 0; _smb_setlen(header,ret); - transfer_file(0,Client,0,header,4+ret,0); + transfer_file(0,smbd_server_fd(),0,header,4+ret,0); #endif /* UNSAFE_READRAW */ DEBUG(5,("readbraw finished\n")); @@ -2403,10 +2402,10 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, CVAL(outbuf,smb_com) = SMBwritebraw; SSVALS(outbuf,smb_vwv0,-1); outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); - send_smb(Client,outbuf); + send_smb(smbd_server_fd(),outbuf); /* Now read the raw data into the buffer and write it */ - if (read_smb_length(Client,inbuf,SMB_SECONDARY_WAIT) == -1) { + if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) { exit_server("secondary writebraw failed"); } @@ -2419,7 +2418,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, (int)tcount,(int)nwritten,(int)numtowrite)); } - nwritten = vfs_transfer_file(Client, NULL, -1, fsp, + nwritten = vfs_transfer_file(smbd_server_fd(), NULL, -1, fsp, (SMB_OFF_T)numtowrite,NULL,0, startpos+nwritten); total_written += nwritten; @@ -3002,7 +3001,7 @@ int reply_echo(connection_struct *conn, smb_setlen(outbuf,outsize - 4); - send_smb(Client,outbuf); + send_smb(smbd_server_fd(),outbuf); } DEBUG(3,("echo %d times\n", smb_reverb)); @@ -4346,7 +4345,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, SSVAL(outbuf,smb_vwv6,nread); SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf)); - send_smb(Client,outbuf); + send_smb(smbd_server_fd(),outbuf); total_read += nread; startpos += nread; @@ -4437,7 +4436,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, if (write_through && tcount==nwritten) { /* we need to send both a primary and a secondary response */ smb_setlen(outbuf,outsize - 4); - send_smb(Client,outbuf); + send_smb(smbd_server_fd(),outbuf); /* now the secondary */ outsize = set_message(outbuf,1,0,True); -- cgit From f6be38cae223f1ad3f4ecc5b81d14c44d92f58ba Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 11 Apr 2000 19:44:54 +0000 Subject: include/byteorder.h: ALIGN4/ALIGN2 macros. include/includes.h: Added SMB_BIG_UINT_BITS. lib/util.c: Removed align2/align4 - use macros. libsmb/namequery.c: Use ALIGN2. locking/locking.c: Replace do_lock, do_unlock, args with SMB_BIG_UINT, not SMB_OFF_T. Needed to move to hiding POSIX locks at a lower layer. nmbd/nmbd_processlogon.c: Use ALIGN2/ALIGN4 macros. smbd/blocking.c: Replace do_lock, do_unlock, args with SMB_BIG_UINT, not SMB_OFF_T. smbd/reply.c: Replace do_lock, do_unlock, args with SMB_BIG_UINT, not SMB_OFF_T. Jeremy. (This used to be commit 491eea8a20bf80d426625479326211dc975857a6) --- source3/smbd/reply.c | 158 +++++++++++++++++---------------------------------- 1 file changed, 53 insertions(+), 105 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3ada28364b..96149acaa1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2108,7 +2108,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s maxcount = MIN(65535,maxcount); maxcount = MAX(mincount,maxcount); - if (!is_locked(fsp,conn,maxcount,startpos, READ_LOCK)) + if (!is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { SMB_OFF_T size = fsp->size; SMB_OFF_T sizeneeded = startpos + maxcount; @@ -2206,7 +2206,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * for a write lock. JRA. */ - if(!do_lock( fsp, conn, numtoread, startpos, WRITE_LOCK, &eclass, &ecode)) { + if(!do_lock( fsp, conn, (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK, &eclass, &ecode)) { if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { /* * A blocking lock was requested. Package up @@ -2260,7 +2260,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; - if (is_locked(fsp,conn,numtoread,startpos, READ_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) return(ERROR(ERRDOS,ERRlock)); if (numtoread > 0) @@ -2328,7 +2328,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } - if (is_locked(fsp,conn,smb_maxcnt,startpos, READ_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) return(ERROR(ERRDOS,ERRlock)); nread = read_file(fsp,data,startpos,smb_maxcnt); @@ -2383,7 +2383,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, CVAL(inbuf,smb_com) = SMBwritec; CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fsp,conn,tcount,startpos, WRITE_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) return(ERROR(ERRDOS,ERRlock)); if (numtowrite>0) @@ -2471,7 +2471,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fsp,conn,numtowrite,startpos, WRITE_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) return(ERROR(ERRDOS,ERRlock)); /* The special X/Open SMB protocol handling of @@ -2488,7 +2488,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); - if(!do_unlock(fsp, conn, numtowrite, startpos, &eclass, &ecode)) + if(!do_unlock(fsp, conn, (SMB_BIG_UINT)numtowrite, (SMB_BIG_UINT)startpos, &eclass, &ecode)) return(ERROR(eclass,ecode)); outsize = set_message(outbuf,1,0,True); @@ -2525,7 +2525,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fsp,conn,numtowrite,startpos, WRITE_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) return(ERROR(ERRDOS,ERRlock)); /* X/Open SMB protocol says that if smb_vwv1 is @@ -2604,7 +2604,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng #endif /* LARGE_SMB_OFF_T */ } - if (is_locked(fsp,conn,numtowrite,startpos, WRITE_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) return(ERROR(ERRDOS,ERRlock)); /* X/Open SMB protocol says that, unlike SMBwrite @@ -2858,7 +2858,7 @@ int reply_writeclose(connection_struct *conn, mtime = make_unix_date3(inbuf+smb_vwv4); data = smb_buf(inbuf) + 1; - if (is_locked(fsp,conn,numtowrite,startpos, WRITE_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) return(ERROR(ERRDOS,ERRlock)); nwritten = write_file(fsp,data,startpos,numtowrite); @@ -2893,7 +2893,7 @@ int reply_lock(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); - SMB_OFF_T count,offset; + SMB_BIG_UINT count,offset; int eclass; uint32 ecode; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -2901,8 +2901,8 @@ int reply_lock(connection_struct *conn, CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); - count = IVAL(inbuf,smb_vwv1); - offset = IVAL(inbuf,smb_vwv3); + count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1); + offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fd, fsp->fnum, (double)offset, (double)count)); @@ -2930,7 +2930,7 @@ int reply_lock(connection_struct *conn, int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); - SMB_OFF_T count,offset; + SMB_BIG_UINT count,offset; int eclass; uint32 ecode; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -2938,8 +2938,8 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, in CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); - count = IVAL(inbuf,smb_vwv1); - offset = IVAL(inbuf,smb_vwv3); + count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1); + offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); if(!do_unlock(fsp, conn, count, offset, &eclass, &ecode)) return (ERROR(eclass,ecode)); @@ -3996,27 +3996,23 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size Get a lock count, dealing with large count requests. ****************************************************************************/ -SMB_OFF_T get_lock_count( char *data, int data_offset, BOOL large_file_format, BOOL *err) +SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format) { - SMB_OFF_T count = 0; - - *err = False; + SMB_BIG_UINT count = 0; if(!large_file_format) { - count = (SMB_OFF_T)IVAL(data,SMB_LKLEN_OFFSET(data_offset)); + count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset)); } else { -#if defined(LARGE_SMB_OFF_T) && !defined(HAVE_BROKEN_FCNTL64_LOCKS) - - count = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) | - ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset))); - -#else /* !LARGE_SMB_OFF_T || HAVE_BROKEN_FCNTL64_LOCKS */ +#if defined(HAVE_LONGLONG) + count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) | + ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset))); +#else /* HAVE_LONGLONG */ /* - * NT4.x seems to be broken in that it sends large file + * NT4.x seems to be broken in that it sends large file (64 bit) * lockingX calls even if the CAP_LARGE_FILES was *not* - * negotiated. For boxes without large file locks truncate the + * negotiated. For boxes without large unsigned ints truncate the * lock count by dropping the top 32 bits. */ @@ -4027,33 +4023,10 @@ SMB_OFF_T get_lock_count( char *data, int data_offset, BOOL large_file_format, B SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0); } - if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) { - /* - * Before we error out, see if we can sensibly map the top bits - * down to the lower bits - or lose the top bits if they are all 1's. - * It seems that NT has this horrible bug where it will send 64 bit - * lock requests even if told not to. JRA. - */ - - if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) == (uint32)0xFFFFFFFF) - count = (SMB_OFF_T)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)); - else if (IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) == (uint32)0xFFFFFFFF) - count = (SMB_OFF_T)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)); - else { - - DEBUG(0,("get_lock_count: Error : a large file count (%x << 32 | %x) was sent and we don't \ -support large counts.\n", (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)), - (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) )); - - *err = True; - return (SMB_OFF_T)-1; - } - } - else - count = (SMB_OFF_T)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)); - -#endif /* LARGE_SMB_OFF_T */ + count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)); +#endif /* HAVE_LONGLONG */ } + return count; } @@ -4061,27 +4034,25 @@ support large counts.\n", (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(da Get a lock offset, dealing with large offset requests. ****************************************************************************/ -SMB_OFF_T get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err) +SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err) { - SMB_OFF_T offset = 0; + SMB_BIG_UINT offset = 0; *err = False; if(!large_file_format) { - offset = (SMB_OFF_T)IVAL(data,SMB_LKOFF_OFFSET(data_offset)); + offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset)); } else { -#if defined(LARGE_SMB_OFF_T) && !defined(HAVE_BROKEN_FCNTL64_LOCKS) - - offset = (((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) | - ((SMB_OFF_T) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset))); - -#else /* !LARGE_SMB_OFF_T || HAVE_BROKEN_FCNTL64_LOCKS */ +#if defined(HAVE_LONGLONG) + offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) | + ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset))); +#else /* HAVE_LONGLONG */ /* - * NT4.x seems to be broken in that it sends large file + * NT4.x seems to be broken in that it sends large file (64 bit) * lockingX calls even if the CAP_LARGE_FILES was *not* - * negotiated. For boxes without large file locks mangle the + * negotiated. For boxes without large unsigned ints mangle the * lock offset by mapping the top 32 bits onto the lower 32. */ @@ -4092,7 +4063,7 @@ SMB_OFF_T get_lock_offset( char *data, int data_offset, BOOL large_file_format, if((new_low = map_lock_offset(high, low)) == 0) { *err = True; - return (SMB_OFF_T)-1; + return (SMB_BIG_UINT)-1; } DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n", @@ -4101,33 +4072,10 @@ SMB_OFF_T get_lock_offset( char *data, int data_offset, BOOL large_file_format, SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low); } - if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0){ - /* - * Before we error out, see if we can sensibly map the top bits - * down to the lower bits - or lose the top bits if they are all 1's. - * It seems that NT has this horrible bug where it will send 64 bit - * lock requests even if told not to. JRA. - */ - - if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)) == (uint32)0xFFFFFFFF) - offset = (SMB_OFF_T)IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)); - else if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) == (uint32)0xFFFFFFFF) - offset = (SMB_OFF_T)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)); - else { - - DEBUG(0,("get_lock_count: Error : a large file offset (%x << 32 | %x) was sent and we don't \ -support large offsets.\n", (unsigned int)IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)), - (unsigned int)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)) )); - - *err = True; - return (SMB_OFF_T)-1; - } - } - else - offset = (SMB_OFF_T)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)); - + offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)); #endif /* LARGE_SMB_OFF_T */ } + return offset; } @@ -4144,14 +4092,14 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, #endif uint16 num_ulocks = SVAL(inbuf,smb_vwv6); uint16 num_locks = SVAL(inbuf,smb_vwv7); - SMB_OFF_T count = 0, offset = 0; + SMB_BIG_UINT count = 0, offset = 0; int32 lock_timeout = IVAL(inbuf,smb_vwv4); int i; char *data; uint32 ecode=0, dummy2; int eclass=0, dummy1; BOOL large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES); - BOOL err1, err2; + BOOL err; CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); @@ -4202,13 +4150,13 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); /* Data now points at the beginning of the list of smb_unlkrng structs */ for(i = 0; i < (int)num_ulocks; i++) { - count = get_lock_count( data, i, large_file_format, &err1); - offset = get_lock_offset( data, i, large_file_format, &err2); + count = get_lock_count( data, i, large_file_format); + offset = get_lock_offset( data, i, large_file_format, &err); /* * There is no error code marked "stupid client bug".... :-). */ - if(err1 || err2) + if(err) return ERROR(ERRDOS,ERRnoaccess); DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for file %s\n", @@ -4228,13 +4176,13 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); of smb_lkrng structs */ for(i = 0; i < (int)num_locks; i++) { - count = get_lock_count( data, i, large_file_format, &err1); - offset = get_lock_offset( data, i, large_file_format, &err2); + count = get_lock_count( data, i, large_file_format); + offset = get_lock_offset( data, i, large_file_format, &err); /* * There is no error code marked "stupid client bug".... :-). */ - if(err1 || err2) + if(err) return ERROR(ERRDOS,ERRnoaccess); DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for file %s\n", @@ -4264,13 +4212,13 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); * will delete it (and we shouldn't) ..... */ for(i--; i >= 0; i--) { - count = get_lock_count( data, i, large_file_format, &err1); - offset = get_lock_offset( data, i, large_file_format, &err2); + count = get_lock_count( data, i, large_file_format); + offset = get_lock_offset( data, i, large_file_format, &err); /* * There is no error code marked "stupid client bug".... :-). */ - if(err1 || err2) + if(err) return ERROR(ERRDOS,ERRnoaccess); do_unlock(fsp,conn,count,offset,&dummy1,&dummy2); @@ -4325,7 +4273,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, tcount = maxcount; total_read = 0; - if (is_locked(fsp,conn,maxcount,startpos, READ_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) return(ERROR(ERRDOS,ERRlock)); do @@ -4387,7 +4335,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, not an SMBwritebmpx - set this up now so we don't forget */ CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fsp,conn,tcount,startpos,WRITE_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) return(ERROR(ERRDOS,ERRlock)); nwritten = write_file(fsp,data,startpos,numtowrite); -- cgit From 96b3bf3140a57c6adeaedd9f7ed427d207d47ee9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 12 Apr 2000 21:46:22 +0000 Subject: Implmented mapping of lock offset/count from 64 bit MS ranges to either 63 or 31 bit POSIX ranges. Code to get these locks not yet added. Jeremy. (This used to be commit 9c3b9146a3baff4b2e403ae8fac6c48df1b7e642) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 96149acaa1..b280b07f7c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4073,7 +4073,7 @@ SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_forma } offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)); -#endif /* LARGE_SMB_OFF_T */ +#endif /* HAVE_LONGLONG */ } return offset; -- cgit From 54de56a1be8ede7476c741cd1631ad1ac8107fcc Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 16 Apr 2000 06:22:31 +0000 Subject: the changes to the main smb code ------------ The following series of commits are for the new tdb based printing backend. This completely replaces our old printing backend. Major changes include: - all print ops are now done in printing/*.c rather than scattered all over the place - system job ids are decoupled from SMB job ids - the lpq parsers don't need to be nearly so smart, they only need to parse the filename, the status and system job id - we can store lots more info about a job, including the full job name - the queue cache control is much better I also added a new utility routine file_lines_load() that loads a text file and parses it into lines. This is used in out lpq parsing and I also want to use it to replace all of our fgets() based code in other places. (This used to be commit d870542c2884510bd45fd5b54ff2157434d53f4c) --- source3/smbd/reply.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b280b07f7c..e998e1741c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -393,6 +393,7 @@ int reply_ioctl(connection_struct *conn, uint32 ioctl_code = (device << 16) + function; int replysize, outsize; char *p; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code)); @@ -413,8 +414,8 @@ int reply_ioctl(connection_struct *conn, switch (ioctl_code) { - case IOCTL_QUERY_JOB_INFO: - SSVAL(p,0,1); /* Job number */ + case IOCTL_QUERY_JOB_INFO: + SSVAL(p,0,fsp->print_jobid); /* Job number */ StrnCpy(p+2, global_myname, 15); /* Our NetBIOS name */ StrnCpy(p+18, lp_servicename(SNUM(conn)), 13); /* Service name */ break; @@ -3029,7 +3030,7 @@ int reply_printopen(connection_struct *conn, return(ERROR(ERRSRV,ERRnofids)); /* Open for exclusive use, write only. */ - print_open_file(fsp,conn,"dos.prn"); + print_fsp_open(fsp,conn,"dos.prn"); if (!fsp->open) { file_free(fsp); @@ -3104,7 +3105,7 @@ int reply_printqueue(connection_struct *conn, { print_queue_struct *queue = NULL; char *p = smb_buf(outbuf) + 3; - int count = get_printqueue(SNUM(conn), conn,&queue,NULL); + int count = print_queue_status(SNUM(conn), &queue,NULL); int num_to_get = ABS(max_count); int first = (max_count>0?start_index:start_index+max_count+1); int i; @@ -3118,8 +3119,7 @@ int reply_printqueue(connection_struct *conn, for (i=first;i Date: Sat, 22 Apr 2000 00:33:16 +0000 Subject: This is a *big* checkin that may break some things, but implements the new open mechanism Andrew & I discussed. config.sub: configure: Included the QNX patch. include/vfs.h: smbd/vfs-wrap.c: smbd/vfs.c: Added ftruncate vfs call (needed). Note that we will also need locking calls in the vfs (to be added). lib/util_unistr.c: nmbd/nmbd_processlogon.c: Fix for NT domain logons causing nmbd to core dump. Also fix for sidsize DOS bug. locking/locking.c: Check value of ret before using it for memdup. printing/printing.c: Convert print_fsp_open to return an allocated fsp. rpc_server/srv_lsa.c: Fix for NT domain logons. I have removed all use of lp_share_modes() from the code (although I left the parameter in the table for backwards compatibility). It no longer makes sense for this to exist. smbd/close.c: Removed lp_share_modes(). smbd/fileio.c: Fixed parameters to unlock_share_entry call in panic code. smbd/files.c: Correctly set the unix_ERR_code to ERRnofids on fsp allocation fail. smbd/nttrans.c: smbd/reply.c: smbd/trans2.c: Changed all occurrences of open_file_shared/open_directory/ open_file_stat to return an fsp from the call. smbd/open.c: Changed all occurrences of open_file_shared/open_directory/ open_file_stat to return an fsp from the call. In addition I have fixed a long standing race condition in the deny mode processing w.r.t. two smbd's creating a file. Andrew, please note that your original idea of using open with O_EXCL in this case would not work (I went over the races very carefully) and so we must re-check deny modes *after* the open() call returns. This is because there is a race between the open with O_EXCL and the lock of the share mode entry. Imagine the case where the first smbd does the open with O_EXCL and a deny mode of DENY_ALL, but is pre-empted before it locks the share modes and creates the deny mode entry for DENY_ALL. A second smbd could then come in with O_RDONLY and a deny mode of DENY_NONE and the two opens would be allowed. The *only* way to fix this race is to lock the share modes after the open and then do the deny mode checks *after* this lock in the case where the file did not originally exist. This code will need extensive testing but seems to initially work. Jeremy. (This used to be commit ab0ecc39d688f16b9692fe90b991f0b89287070a) --- source3/smbd/reply.c | 64 ++++++++++++---------------------------------------- 1 file changed, 14 insertions(+), 50 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e998e1741c..3acfd988d6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1545,23 +1545,18 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_convert(fname,conn,0,&bad_path,NULL); - fsp = file_new(); - if (!fsp) - return(ERROR(ERRSRV,ERRnofids)); - unixmode = unix_mode(conn,aARCH,fname); - open_file_shared(fsp,conn,fname,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), + fsp = open_file_shared(conn,fname,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), unixmode, oplock_request,&rmode,NULL); - if (!fsp->open) + if (!fsp) { if((errno == ENOENT) && bad_path) { unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1639,23 +1634,18 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt unix_convert(fname,conn,0,&bad_path,NULL); - fsp = file_new(); - if (!fsp) - return(ERROR(ERRSRV,ERRnofids)); - unixmode = unix_mode(conn,smb_attr | aARCH, fname); - open_file_shared(fsp,conn,fname,smb_mode,smb_ofun,unixmode, + fsp = open_file_shared(conn,fname,smb_mode,smb_ofun,unixmode, oplock_request, &rmode,&smb_action); - if (!fsp->open) + if (!fsp) { if((errno == ENOENT) && bad_path) { unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1772,10 +1762,6 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unixmode = unix_mode(conn,createmode,fname); - fsp = file_new(); - if (!fsp) - return(ERROR(ERRSRV,ERRnofids)); - if(com == SMBmknew) { /* We should fail if file exists. */ @@ -1788,17 +1774,16 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } /* Open file in dos compatibility share mode. */ - open_file_shared(fsp,conn,fname,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + fsp = open_file_shared(conn,fname,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), ofun, unixmode, oplock_request, NULL, NULL); - if (!fsp->open) + if (!fsp) { if((errno == ENOENT) && bad_path) { unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1844,25 +1829,20 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unixmode = unix_mode(conn,createmode,fname); - fsp = file_new(); - if (fsp) - return(ERROR(ERRSRV,ERRnofids)); - pstrcpy(fname2,(char *)smbd_mktemp(fname)); /* Open file in dos compatibility share mode. */ /* We should fail if file exists. */ - open_file_shared(fsp,conn,fname2,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + fsp = open_file_shared(conn,fname2,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), (FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_FAIL), unixmode, oplock_request, NULL, NULL); - if (!fsp->open) + if (!fsp) { if((errno == ENOENT) && bad_path) { unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - file_free(fsp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -3025,15 +3005,10 @@ int reply_printopen(connection_struct *conn, if (!CAN_PRINT(conn)) return(ERROR(ERRDOS,ERRnoaccess)); - fsp = file_new(); - if (!fsp) - return(ERROR(ERRSRV,ERRnofids)); - /* Open for exclusive use, write only. */ - print_fsp_open(fsp,conn,"dos.prn"); + fsp = print_fsp_open(conn,"dos.prn"); - if (!fsp->open) { - file_free(fsp); + if (!fsp) { return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -3745,32 +3720,21 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, if (!vfs_file_exist(conn,src,&st)) return(False); - fsp1 = file_new(); - if (!fsp1) - return(False); - - open_file_shared(fsp1,conn,src,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_RDONLY), + fsp1 = open_file_shared(conn,src,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_RDONLY), (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN),0,0,&Access,&action); - if (!fsp1->open) { - file_free(fsp1); + if (!fsp1) { return(False); } if (!target_is_directory && count) ofun = 1; - fsp2 = file_new(); - if (!fsp2) { - close_file(fsp1,False); - return(False); - } - open_file_shared(fsp2,conn,dest,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), + fsp2 = open_file_shared(conn,dest,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), ofun,st.st_mode,0,&Access,&action); - if (!fsp2->open) { + if (!fsp2) { close_file(fsp1,False); - file_free(fsp2); return(False); } -- cgit From f7608e853596bcb6e8d3d4dd6bb4407fa090fbc1 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 22 Apr 2000 08:28:22 +0000 Subject: fixed overlapping strcpy() found by insure (This used to be commit 1106fa7f24d229c3877263b7a7dde359556435e6) --- source3/smbd/reply.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3acfd988d6..baff8f2ac8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -260,10 +260,9 @@ int reply_tcon(connection_struct *conn, /**************************************************************************** Reply to a tcon and X. ****************************************************************************/ - int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - pstring service; + fstring service; pstring user; pstring password; pstring devicename; @@ -295,11 +294,9 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt passlen = strlen(password); } - fstrcpy(service,path+2); - p = strchr(service,'\\'); + p = strchr(path+2,'\\'); if (!p) return(ERROR(ERRSRV,ERRinvnetname)); - *p = 0; fstrcpy(service,p+1); p = strchr(service,'%'); if (p) { @@ -309,11 +306,11 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt StrnCpy(devicename,path + strlen(path) + 1,6); DEBUG(4,("Got device type %s\n",devicename)); - /* - * Ensure the user and password names are in UNIX codepage format. - */ + /* + * Ensure the user and password names are in UNIX codepage format. + */ - dos_to_unix(user,True); + dos_to_unix(user,True); if (!doencrypt) dos_to_unix(password,True); -- cgit From e82dbfcbe97c79b1c81915ae949bb2b1763970ba Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 24 Apr 2000 19:23:51 +0000 Subject: Now that fsp's are created on successful file open, the structure member fsp->open is no longer needed (if an fsp pointer is valid, then it's open :-). NB for Luke, this patch also did not apply to TNG. TNG is not yet identical w.r.t file serving with HEAD. This makes it impossible for me to help maintain TNG. Please fix asap. lib/substitute.c: Removed unused variable (pidstr). Jeremy. (This used to be commit 389b700a26e8a308a0dff6fc038c38068aa0119a) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index baff8f2ac8..a020f5eb3b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2751,7 +2751,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * We can only use CHECK_FSP if we know it's not a directory. */ - if(!fsp || !fsp->open || (fsp->conn != conn)) + if(!fsp || (fsp->conn != conn)) return(ERROR(ERRDOS,ERRbadfid)); if(HAS_CACHED_ERROR(fsp)) { -- cgit From 00e3fe132476fcaed0f4b9bbe74b0a6559c39df0 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 25 Apr 2000 14:06:57 +0000 Subject: moved trans2.h and nterr.h into includes.h with all our other includes (This used to be commit d7cd7c88fdabb01d9e40ae8a657737907a21ac37) --- source3/smbd/reply.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a020f5eb3b..590dc4f427 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -25,8 +25,6 @@ #include "includes.h" -#include "trans2.h" -#include "nterr.h" /* look in server.c for some explanation of these variables */ extern int Protocol; -- cgit From c4af7ad8dc75ca252c6e8812b126a171849cc7d2 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 27 Apr 2000 16:53:31 +0000 Subject: Tidyup of smbecho. Jeremy. (This used to be commit 4a4b7a994bbe327216f736133edc51cf9a351716) --- source3/smbd/reply.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 590dc4f427..4134df221e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2960,9 +2960,11 @@ int reply_echo(connection_struct *conn, { int smb_reverb = SVAL(inbuf,smb_vwv0); int seq_num; - int data_len = smb_buflen(inbuf); + unsigned int data_len = smb_buflen(inbuf); int outsize = set_message(outbuf,1,data_len,True); - + + data_len = MIN(data_len, (sizeof(inbuf)-(smb_buf(inbuf)-inbuf))); + /* copy any incoming data back out */ if (data_len > 0) memcpy(smb_buf(outbuf),smb_buf(inbuf),data_len); -- cgit From 3d9141d4156a3207af03d4137acd4b1cde46cfae Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 27 Apr 2000 17:14:45 +0000 Subject: Fixed range check on writeX. Jeremy. (This used to be commit 9cde198108439358e99128fa9a1b3000e33f5414) --- source3/smbd/reply.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4134df221e..41c6dcb143 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2545,7 +2545,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng size_t numtowrite = SVAL(inbuf,smb_vwv10); BOOL write_through = BITSETW(inbuf+smb_vwv7,0); ssize_t nwritten = -1; - int smb_doff = SVAL(inbuf,smb_vwv11); + unsigned int smb_doff = SVAL(inbuf,smb_vwv11); char *data; /* If it's an IPC, pass off the pipe handler. */ @@ -2556,6 +2556,9 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng CHECK_WRITE(fsp); CHECK_ERROR(fsp); + if(smb_doff > smb_len(inbuf)) + return(ERROR(ERRDOS,ERRbadmem)); + data = smb_base(inbuf) + smb_doff; if(CVAL(inbuf,smb_wct) == 14) { -- cgit From 700f72453ed8dfd356a5591b9447127b5066ac4b Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 30 Apr 2000 11:04:28 +0000 Subject: - removed all our old wildcard matching code and replaced it with a call to ms_fnmatch(). This also removes all the Win9X semantics stuff and a bunch of other associated cruft. - moved the stat cache code into statcache.c - fixed the uint16 alignment requirements of ascii_to_unistr() and unistr_to_ascii() - trans2 SMB_FIND_FILE_BOTH_DIRECTORY_INFO returns the short name as unicode always (at least thats what NT4 does) - fixed some errors in the in-memory tdb code. Still ugly, but doesn't crash as much (This used to be commit 03e9cea004bbba72161a5323cf3b4556c94aed8e) --- source3/smbd/reply.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 41c6dcb143..990a9aecb2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1331,9 +1331,6 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } } - /* Convert the formatted mask. (This code lives in trans2.c) */ - mask_convert(mask); - { int skip; p = mask; @@ -1936,7 +1933,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!rc && is_mangled(mask)) check_mangled_cache( mask ); - has_wild = strchr(mask,'*') || strchr(mask,'?'); + has_wild = ms_has_wild(mask); if (!has_wild) { pstrcat(directory,"/"); @@ -1969,7 +1966,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstring fname; pstrcpy(fname,dname); - if(!mask_match(fname, mask, case_sensitive, False)) continue; + if(!mask_match(fname, mask, case_sensitive)) continue; error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); @@ -3508,7 +3505,7 @@ int rename_internals(connection_struct *conn, if (!rc && is_mangled(mask)) check_mangled_cache( mask ); - has_wild = strchr(mask,'*') || strchr(mask,'?'); + has_wild = ms_has_wild(mask); if (!has_wild) { /* @@ -3618,7 +3615,7 @@ int rename_internals(connection_struct *conn, pstrcpy(fname,dname); - if(!mask_match(fname, mask, case_sensitive, False)) + if(!mask_match(fname, mask, case_sensitive)) continue; error = ERRnoaccess; @@ -3847,7 +3844,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!rc && is_mangled(mask)) check_mangled_cache( mask ); - has_wild = strchr(mask,'*') || strchr(mask,'?'); + has_wild = ms_has_wild(mask); if (!has_wild) { pstrcat(directory,"/"); @@ -3878,7 +3875,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstring fname; pstrcpy(fname,dname); - if(!mask_match(fname, mask, case_sensitive, False)) + if(!mask_match(fname, mask, case_sensitive)) continue; error = ERRnoaccess; -- cgit From 34cd425c1ded2afe5adc4d898843c31f66f26b5a Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 30 Apr 2000 14:29:45 +0000 Subject: fixed our smbsearch code. We now store the mask with the dptr, this turns out to be essential for a correct implementation (there ins't enough room to store all possible masks in the status return structure!) (This used to be commit 38f5e133670ada6e5799a16cf1a0e2e3ee1d9afd) --- source3/smbd/reply.c | 30 ++++++++---------------------- 1 file changed, 8 insertions(+), 22 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 990a9aecb2..939696dd89 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1265,9 +1265,6 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size /* dirtype &= ~aDIR; */ - DEBUG(5,("reply_search: path=%s status_len=%d\n",path,status_len)); - - if (status_len == 0) { pstring dir2; @@ -1306,15 +1303,12 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size else { memcpy(status,smb_buf(inbuf) + 1 + strlen(path) + 4,21); - memcpy(mask,status+1,11); - mask[11] = 0; dirtype = CVAL(status,0) & 0x1F; conn->dirptr = dptr_fetch(status+12,&dptr_num); if (!conn->dirptr) goto SearchEmpty; string_set(&conn->dirpath,dptr_path(dptr_num)); - if (!case_sensitive) - strnorm(mask); + fstrcpy(mask, dptr_wcard(dptr_num)); } /* turn strings of spaces into a . */ @@ -1326,8 +1320,10 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size fstrcpy(ext,p+1); *p = 0; trim_string(mask,NULL," "); - pstrcat(mask,"."); - pstrcat(mask,ext); + if (ext[0]) { + pstrcat(mask,"."); + pstrcat(mask,ext); + } } } @@ -1352,17 +1348,6 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } } - if (!strchr(mask,'.') && strlen(mask)>8) - { - fstring tmp; - fstrcpy(tmp,&mask[8]); - mask[8] = '.'; - mask[9] = 0; - pstrcat(mask,tmp); - } - - DEBUG(5,("mask=%s directory=%s\n",mask,directory)); - if (can_open) { p = smb_buf(outbuf) + 3; @@ -1385,6 +1370,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } return(ERROR(ERRDOS,ERRnofids)); } + dptr_set_wcard(dptr_num, mask); } DEBUG(4,("dptr_num is %d\n",dptr_num)); @@ -1419,8 +1405,8 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size make_dir_struct(p,mask,fname,size,mode,date); dptr_fill(p+12,dptr_num); numentries++; - } - p += DIR_STRUCT_SIZE; + } + p += DIR_STRUCT_SIZE; } } } /* if (ok ) */ -- cgit From cb6327cd2d221ab0248a802d8717ea669463845e Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 30 Apr 2000 14:34:31 +0000 Subject: removed more cruft from our old wildcard matching code (This used to be commit 4a15924ffe36ed37ec193a0ef5a0487238edc311) --- source3/smbd/reply.c | 37 ------------------------------------- 1 file changed, 37 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 939696dd89..b152ca59ee 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1311,43 +1311,6 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size fstrcpy(mask, dptr_wcard(dptr_num)); } - /* turn strings of spaces into a . */ - { - trim_string(mask,NULL," "); - if ((p = strrchr(mask,' '))) - { - fstring ext; - fstrcpy(ext,p+1); - *p = 0; - trim_string(mask,NULL," "); - if (ext[0]) { - pstrcat(mask,"."); - pstrcat(mask,ext); - } - } - } - - { - int skip; - p = mask; - while(*p) - { - if((skip = get_character_len( *p )) != 0 ) - { - p += skip; - } - else - { - if (*p != '?' && *p != '*' && !isdoschar(*p)) - { - DEBUG(5,("Invalid char [%c] in search mask?\n",*p)); - *p = '?'; - } - p++; - } - } - } - if (can_open) { p = smb_buf(outbuf) + 3; -- cgit From 29ba16f7925bddb96e2a51cc87e6e509608f8ce7 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 30 Apr 2000 14:59:00 +0000 Subject: fixed dptr_wcard handling (need to use strdup) (This used to be commit 0bab0300748a22b4b861fa443be2014bcd7b348c) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b152ca59ee..ead59ebfc2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1333,7 +1333,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } return(ERROR(ERRDOS,ERRnofids)); } - dptr_set_wcard(dptr_num, mask); + dptr_set_wcard(dptr_num, strdup(mask)); } DEBUG(4,("dptr_num is %d\n",dptr_num)); -- cgit From f6844e0b7eb4412bc44c5533b09f856dc9272e75 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 4 May 2000 16:01:47 +0000 Subject: a minimal change to get appliance mode to work with winbindd we needed to accept usernames of the form DOMAIN/user, which means we needed to pass the domain to a getpwnam() like routine in certain critical spots. What I'd rather do is get rid of "char *user" everywhere and use the new userdom_struct, but that will have to wait a few days. (This used to be commit 8b7a10febead8be182e7d5b1d68259e31530b69c) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ead59ebfc2..90d4200f5e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -944,7 +944,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } } - if (!Get_Pwnam(user,True)) { + if (!smb_getpwnam(user,domain,True)) { DEBUG(3,("No such user %s - using guest account\n",user)); pstrcpy(user,lp_guestaccount(-1)); guest = True; @@ -979,7 +979,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int user we should become. */ { - const struct passwd *pw = Get_Pwnam(user,False); + const struct passwd *pw = smb_getpwnam(user,domain,False); if (!pw) { DEBUG(1,("Username %s is invalid on this system\n",user)); return bad_password_error(inbuf,outbuf); @@ -993,7 +993,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - sess_vuid = register_vuid(uid,gid,user,sesssetup_user,guest); + sess_vuid = register_vuid(uid,gid,user,sesssetup_user,domain,guest); SSVAL(outbuf,smb_uid,sess_vuid); SSVAL(inbuf,smb_uid,sess_vuid); -- cgit From 2958dfcdf87d5169fe1152806be6ad03acb04d88 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 8 May 2000 10:42:21 +0000 Subject: added secrets.tdb and changed storage of trust account password to use it (This used to be commit 88ad00b82acc4636ab57dfe710af08ea85b82ff1) --- source3/smbd/reply.c | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 90d4200f5e..7a818971d9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -838,14 +838,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int strlower(user); - /* - * In share level security, only overwrite sesssetup_use if - * it's a non null-session share. Helps keep %U and %G - * working. - */ - - if((lp_security() != SEC_SHARE) || (*user && !guest)) - pstrcpy(sesssetup_user,user); + pstrcpy(sesssetup_user,user); reload_services(True); -- cgit From 4c061ca15cd1e9b0e2ce32218727c4040757c98d Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 9 May 2000 15:09:52 +0000 Subject: - use smb_gwtpwnam() in another couple of places - don't call add/del user if the scripts are empty (This used to be commit 43860215d4d16cb1bacdc77f1c46c54e4c54abd7) --- source3/smbd/reply.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7a818971d9..b09e09bc6d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -498,6 +498,7 @@ static int smb_create_user(char *unix_user) int ret; pstrcpy(add_script, lp_adduser_script()); + if (! *add_script) return -1; pstring_sub(add_script, "%u", unix_user); ret = smbrun(add_script,NULL,False); DEBUG(3,("smb_create_user: Running the command `%s' gave %d\n",add_script,ret)); @@ -514,6 +515,7 @@ static int smb_delete_user(char *unix_user) int ret; pstrcpy(del_script, lp_deluser_script()); + if (! *del_script) return -1; pstring_sub(del_script, "%u", unix_user); ret = smbrun(del_script,NULL,False); DEBUG(3,("smb_delete_user: Running the command `%s' gave %d\n",del_script,ret)); @@ -569,7 +571,7 @@ static BOOL check_server_security(char *orig_user, char *domain, char *unix_user * level security as we never know if it was a failure * due to a bad password, or the user really doesn't exist. */ - if(lp_adduser_script() && !Get_Pwnam(unix_user,True)) { + if(lp_adduser_script() && !smb_getpwnam(unix_user,domain, True)) { smb_create_user(unix_user); } } @@ -605,7 +607,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user * If the admin wants us to try and create a UNIX * user on the fly, do so. */ - if(user_exists && lp_adduser_script() && !Get_Pwnam(unix_user,True)) { + if(user_exists && lp_adduser_script() && !smb_getpwnam(unix_user,domain,True)) { smb_create_user(unix_user); } } else { @@ -615,7 +617,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user * wants us to try and delete that UNIX user on the fly, * do so. */ - if(!user_exists && lp_deluser_script() && Get_Pwnam(unix_user,True)) { + if(!user_exists && lp_deluser_script() && smb_getpwnam(unix_user,domain,True)) { smb_delete_user(unix_user); } } @@ -860,7 +862,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* * Do any UNIX username case mangling. */ - (void)Get_Pwnam( user, True); + smb_getpwnam(user, domain, True); add_session_user(user); @@ -917,7 +919,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) { - if (Get_Pwnam(user,True)) + if (smb_getpwnam(user,domain,True)) { DEBUG(1,("Rejecting user '%s': bad password\n", user)); return bad_password_error(inbuf,outbuf); @@ -930,7 +932,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int */ } - if (*smb_apasswd || !Get_Pwnam(user,True)) + if (*smb_apasswd || !smb_getpwnam(user,domain,True)) pstrcpy(user,lp_guestaccount(-1)); DEBUG(3,("Registered username %s for guest access\n",user)); guest = True; @@ -938,7 +940,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } if (!smb_getpwnam(user,domain,True)) { - DEBUG(3,("No such user %s - using guest account\n",user)); + DEBUG(3,("No such user %s [%s] - using guest account\n",user, domain)); pstrcpy(user,lp_guestaccount(-1)); guest = True; } -- cgit From c88222da0ced7edf90b68e68ec49e0fe35a512fe Mon Sep 17 00:00:00 2001 From: Herb Lewis Date: Wed, 10 May 2000 01:31:46 +0000 Subject: Fix for misunderstanding of fsync added when vfs layer was done. Samba was doing fsync's (bleagh). Jeremy. (This used to be commit f9a52cadbf11f7afcef754a59d783964a2edb5bc) --- source3/smbd/reply.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b09e09bc6d..2072667174 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2352,7 +2352,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, if ((lp_syncalways(SNUM(conn)) || write_through) && lp_strict_sync(SNUM(conn))) - conn->vfs_ops.fsync(fsp->fd); + sync_file(conn,fsp); DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n", fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written)); @@ -2400,7 +2400,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz nwritten = write_file(fsp,data,startpos,numtowrite); if (lp_syncalways(SNUM(conn))) - conn->vfs_ops.fsync(fsp->fd); + sync_file(conn,fsp); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2455,7 +2455,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d nwritten = write_file(fsp,data,startpos,numtowrite); if (lp_syncalways(SNUM(conn))) - conn->vfs_ops.fsync(fsp->fd); + sync_file(conn,fsp); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2552,7 +2552,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng fsp->fnum, (int)numtowrite, (int)nwritten)); if (lp_syncalways(SNUM(conn)) || write_through) - conn->vfs_ops.fsync(fsp->fd); + sync_file(conn,fsp); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2649,7 +2649,7 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int if (!fsp) { file_sync_all(conn); } else { - conn->vfs_ops.fsync(fsp->fd); + sync_file(conn,fsp); } DEBUG(3,("flush\n")); @@ -4246,7 +4246,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, nwritten = write_file(fsp,data,startpos,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) - conn->vfs_ops.fsync(fsp->fd); + sync_file(conn,fsp); if(nwritten < (ssize_t)numtowrite) return(UNIXERROR(ERRHRD,ERRdiskfull)); @@ -4347,7 +4347,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz nwritten = write_file(fsp,data,startpos,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) - conn->vfs_ops.fsync(fsp->fd); + sync_file(conn,fsp); if (nwritten < (ssize_t)numtowrite) { -- cgit From 49a0e6d5989656c1b3c9c063a20308ca4ee5d73b Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 10 May 2000 10:41:59 +0000 Subject: more merging voodoo this adds "#define OLD_NTDOMAIN 1" in lots of places. Don't panic - this isn't permanent, it should go after another few merge steps have been done (This used to be commit 92109d7b3c06f240452d39f669ecb8c9c86ab610) --- source3/smbd/reply.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2072667174..0d099a7b4c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1,3 +1,4 @@ +#define OLD_NTDOMAIN 1 /* Unix SMB/Netbios implementation. Version 1.9. @@ -4481,3 +4482,4 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, return(outsize); } +#undef OLD_NTDOMAIN -- cgit From 43a3faab0831a866559ca56e70c81be582047d0b Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 10 May 2000 14:48:33 +0000 Subject: - changed smb_getpwnam() to use winbind style usernames - finished ntdom -> winbind rename in head (This used to be commit ada483cb56453afc6df4ec4be18bfe5e943c7150) --- source3/smbd/reply.c | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0d099a7b4c..1fc377f362 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -572,7 +572,7 @@ static BOOL check_server_security(char *orig_user, char *domain, char *unix_user * level security as we never know if it was a failure * due to a bad password, or the user really doesn't exist. */ - if(lp_adduser_script() && !smb_getpwnam(unix_user,domain, True)) { + if(lp_adduser_script() && !smb_getpwnam(unix_user,True)) { smb_create_user(unix_user); } } @@ -608,7 +608,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user * If the admin wants us to try and create a UNIX * user on the fly, do so. */ - if(user_exists && lp_adduser_script() && !smb_getpwnam(unix_user,domain,True)) { + if(user_exists && lp_adduser_script() && !smb_getpwnam(unix_user,True)) { smb_create_user(unix_user); } } else { @@ -618,7 +618,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user * wants us to try and delete that UNIX user on the fly, * do so. */ - if(!user_exists && lp_deluser_script() && smb_getpwnam(unix_user,domain,True)) { + if(!user_exists && lp_deluser_script() && smb_getpwnam(unix_user,True)) { smb_delete_user(unix_user); } } @@ -853,6 +853,17 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int pstrcpy( orig_user, user); + /* if the username exists as a domain/username pair on the unix system then use + that */ + if (!Get_Pwnam(user, False)) { + pstring user2; + slprintf(user2,sizeof(user2),"%s/%s", domain, user); + if (Get_Pwnam(user2, True)) { + DEBUG(3,("Using unix username %s\n", user2)); + pstrcpy(user, user2); + } + } + /* * Pass the user through the NT -> unix user mapping * function. @@ -863,7 +874,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* * Do any UNIX username case mangling. */ - smb_getpwnam(user, domain, True); + smb_getpwnam(user, True); add_session_user(user); @@ -920,7 +931,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) { - if (smb_getpwnam(user,domain,True)) + if (smb_getpwnam(user,True)) { DEBUG(1,("Rejecting user '%s': bad password\n", user)); return bad_password_error(inbuf,outbuf); @@ -933,14 +944,14 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int */ } - if (*smb_apasswd || !smb_getpwnam(user,domain,True)) + if (*smb_apasswd || !smb_getpwnam(user,True)) pstrcpy(user,lp_guestaccount(-1)); DEBUG(3,("Registered username %s for guest access\n",user)); guest = True; } } - if (!smb_getpwnam(user,domain,True)) { + if (!smb_getpwnam(user,True)) { DEBUG(3,("No such user %s [%s] - using guest account\n",user, domain)); pstrcpy(user,lp_guestaccount(-1)); guest = True; @@ -975,7 +986,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int user we should become. */ { - const struct passwd *pw = smb_getpwnam(user,domain,False); + const struct passwd *pw = smb_getpwnam(user,False); if (!pw) { DEBUG(1,("Username %s is invalid on this system\n",user)); return bad_password_error(inbuf,outbuf); -- cgit From dd8f9b5491e92b04bc0c13df265698e97a3ea3c2 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 12 May 2000 05:10:32 +0000 Subject: fixed a problem with appliance operation (This used to be commit acf9286e82b851e25ee863f673bff713a38002e7) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1fc377f362..5c80a61511 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -855,10 +855,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* if the username exists as a domain/username pair on the unix system then use that */ - if (!Get_Pwnam(user, False)) { + if (!getpwnam(user)) { pstring user2; slprintf(user2,sizeof(user2),"%s/%s", domain, user); - if (Get_Pwnam(user2, True)) { + if (getpwnam(user2)) { DEBUG(3,("Using unix username %s\n", user2)); pstrcpy(user, user2); } -- cgit From 479c73559e137a406f912f8e262e1658861dc9db Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 12 May 2000 06:30:45 +0000 Subject: use "winbind separator" option for domain/user separator character (This used to be commit 6cbb826b154e61085fd651116caf472d4d438c1d) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5c80a61511..b08606452f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -857,7 +857,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int that */ if (!getpwnam(user)) { pstring user2; - slprintf(user2,sizeof(user2),"%s/%s", domain, user); + slprintf(user2,sizeof(user2),"%s%s%s", domain, lp_winbind_separator(), user); if (getpwnam(user2)) { DEBUG(3,("Using unix username %s\n", user2)); pstrcpy(user, user2); -- cgit From b27886addbdb1ff7c8e678023c7c1ef6d3bba9a9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 15 May 2000 17:13:50 +0000 Subject: passdb/secrets.c: Fix typo in comment. rpc_server/srv_pipe.c: Use accessor functions rather than diddling with structure internals directly. smbd/process.c: smbd/reply.c: Remove READ_PREDICTION #ifdefs. Jeremy. (This used to be commit eba825ff030a175bd271caa6f543379dfdbbd646) --- source3/smbd/reply.c | 5 ----- 1 file changed, 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b08606452f..eddd06e343 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2067,11 +2067,6 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s int predict=0; _smb_setlen(header,nread); -#if USE_READ_PREDICTION - if (!fsp->can_write) - predict = read_predict(fsp, fsp->fd,startpos,header+4,NULL,nread); -#endif /* USE_READ_PREDICTION */ - if ((nread-predict) > 0) { if(conn->vfs_ops.seek(fsp,startpos + predict) == -1) { DEBUG(0,("reply_readbraw: ERROR: seek_file failed.\n")); -- cgit From 3cbaf59726fc9fb7fc5a3124b3e1b8c5480a568e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 23 May 2000 01:27:19 +0000 Subject: Fixed bug where file access was allowed on IPC$ share. Return correct error codes on invalid share name. Jeremy. (This used to be commit 420d6bc4809cef9d74354175d0fa956ab4e8ac3c) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index eddd06e343..c2db6dd082 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -156,8 +156,8 @@ work out what error to give to a failed connection static int connection_error(char *inbuf,char *outbuf,int ecode) { - if (ecode == ERRnoipc) - return(ERROR(ERRDOS,ERRnoipc)); + if (ecode == ERRnoipc || ecode == ERRnosuchshare) + return(ERROR(ERRDOS,ecode)); return(ERROR(ERRSRV,ecode)); } @@ -295,7 +295,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt p = strchr(path+2,'\\'); if (!p) - return(ERROR(ERRSRV,ERRinvnetname)); + return(ERROR(ERRDOS,ERRnosuchshare)); fstrcpy(service,p+1); p = strchr(service,'%'); if (p) { -- cgit From 295b2d31a55c1450667519502fb94d852bf6cfd0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 23 May 2000 17:57:51 +0000 Subject: Did a proper fix for the file access on IPC$. Denied all pipe opens on trans2 open calls as we don't have the pipe open response coded up yet. Jeremy. (This used to be commit 8142e27c9c32aba5a7dabc48a676b93cf680151b) --- source3/smbd/reply.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c2db6dd082..9845853349 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1571,8 +1571,12 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt files_struct *fsp; /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(conn) && lp_nt_pipe_support()) - return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize); + if (IS_IPC(conn)) { + if (lp_nt_pipe_support()) + return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize); + else + return (ERROR(ERRSRV,ERRaccess)); + } /* XXXX we need to handle passed times, sattr and flags */ -- cgit From 84d40095e1d7ba5c66cabfd2d41012162d652970 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 8 Jun 2000 13:56:07 +0000 Subject: added a NET_USER_INFO_3 struct to user_struct. register_vuid fills it with constructed info. (This used to be commit b1889e4334012b1b2caa604b859da4271509fc87) --- source3/smbd/reply.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9845853349..f9c0695a39 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1000,7 +1000,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - sess_vuid = register_vuid(uid,gid,user,sesssetup_user,domain,guest); + + DEBUG(0,("must call domain_client_validate() which returns a ")); + DEBUG(0,("NET_USER_INFO_3 structure to pass to register_vuid()")); + sess_vuid = register_vuid(uid,gid,user,sesssetup_user,domain,guest, NULL); SSVAL(outbuf,smb_uid,sess_vuid); SSVAL(inbuf,smb_uid,sess_vuid); -- cgit From 28555ec92e061aafb31a9b071caf00e44132c70f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 8 Jun 2000 17:50:19 +0000 Subject: include/smb.h: Removed NET_USER_3 struct from user struct. It doesn't belong there (yet) as there is no infrastructure for it. Replaced it with a dynamic array of group SIDs plus a user. passdb/passdb.c: Added setup_user_sids() function. This is where the lookup should be done, eventually calling winbind. smbd/password.c: Changed to call setup_user_sids(). Removed spurious DEBUG(0) statements. smbd/reply.c: Removed extra parameter to register_vuid(). Jeremy. (This used to be commit 425f4ad9a5e0e7d49620276100ade7a0cae47011) --- source3/smbd/reply.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f9c0695a39..00a0ce3c4a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1001,9 +1001,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - DEBUG(0,("must call domain_client_validate() which returns a ")); - DEBUG(0,("NET_USER_INFO_3 structure to pass to register_vuid()")); - sess_vuid = register_vuid(uid,gid,user,sesssetup_user,domain,guest, NULL); + sess_vuid = register_vuid(uid,gid,user,sesssetup_user,domain,guest); SSVAL(outbuf,smb_uid,sess_vuid); SSVAL(inbuf,smb_uid,sess_vuid); -- cgit From c3487b00dd1dde7fa0511211f466acc1c05d8f3d Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Fri, 9 Jun 2000 01:26:42 +0000 Subject: reverted jeremy's changes that removed NET_USER_INFO_3. will you please not just undercut work in progress, thank you. (This used to be commit 86d440a88c948727bfcfedc694c52c58f9687d8b) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 00a0ce3c4a..f9c0695a39 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1001,7 +1001,9 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - sess_vuid = register_vuid(uid,gid,user,sesssetup_user,domain,guest); + DEBUG(0,("must call domain_client_validate() which returns a ")); + DEBUG(0,("NET_USER_INFO_3 structure to pass to register_vuid()")); + sess_vuid = register_vuid(uid,gid,user,sesssetup_user,domain,guest, NULL); SSVAL(outbuf,smb_uid,sess_vuid); SSVAL(inbuf,smb_uid,sess_vuid); -- cgit From 03e0164270ffd7ceeb8df6f3cc3917c111dc05f8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 9 Jun 2000 18:45:31 +0000 Subject: Luke, I am moving the code back into passdb/passdb.c, this the correct place to do this, not in smbd/passwd.c Please don't change this without asking first, I have run this past Andrew so talk to him (I'm on vacation next week). I also removed the g_newXXX macros. There are essentially a private C extension, not used anywhere else in the code, and add no functionality over malloc(XX) and make the code harder to understand (everyone knows what malloc does). Jeremy. (This used to be commit e1b1b6fb6794ba02e1fea510a981fa0ce0d12b58) --- source3/smbd/reply.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f9c0695a39..00a0ce3c4a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1001,9 +1001,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - DEBUG(0,("must call domain_client_validate() which returns a ")); - DEBUG(0,("NET_USER_INFO_3 structure to pass to register_vuid()")); - sess_vuid = register_vuid(uid,gid,user,sesssetup_user,domain,guest, NULL); + sess_vuid = register_vuid(uid,gid,user,sesssetup_user,domain,guest); SSVAL(outbuf,smb_uid,sess_vuid); SSVAL(inbuf,smb_uid,sess_vuid); -- cgit From 5a5ef183799dd84ff453db849e929533e709fd0b Mon Sep 17 00:00:00 2001 From: Jean-François Micouleau Date: Tue, 25 Jul 2000 13:15:16 +0000 Subject: A rather big change set ! (listed in no particular order) - changed the default forms flag to 2 - all short architecture name are uppercased - get_short_archi() is now case unsensitive - the drivers TDB is indexed by archi/version/name - implemented code to move drivers from the upload area to the download area. Someone else need to look at that code. - don't return anymore a default driver if it doesn't exist in the TDB. Instead return an error. - cleaned prs_unistr. - #ifdef out jeremy's new SD parsing in printer_info_2 - removed the unused MANGLE_CODE - #ifdef out the security checking in update_printer() as it doesn't work for me. Zap your ntdrivers.tdb, it won't work anymore. J.F. (This used to be commit ac0a145acc0953a6f362497abbf4dfe70aa522a6) --- source3/smbd/reply.c | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 00a0ce3c4a..19af1fdc3d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3101,15 +3101,14 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ /**************************************************************************** - reply to a mkdir + The guts of the mkdir command, split out so it may be called by the NT SMB + code. ****************************************************************************/ -int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int mkdir_internal(connection_struct *conn, char *inbuf, char *outbuf, pstring directory) { - pstring directory; - int outsize,ret= -1; BOOL bad_path = False; - - pstrcpy(directory,smb_buf(inbuf) + 1); + int ret= -1; + unix_convert(directory,conn,0,&bad_path,NULL); if (check_name(directory, conn)) @@ -3125,10 +3124,23 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } return(UNIXERROR(ERRDOS,ERRnoaccess)); } +} - outsize = set_message(outbuf,0,0,True); +/**************************************************************************** + reply to a mkdir +****************************************************************************/ +int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +{ + pstring directory; + int outsize; + + pstrcpy(directory,smb_buf(inbuf) + 1); + + outsize=mkdir_internal(conn, inbuf, outbuf, directory); + if(outsize == 0) + outsize = set_message(outbuf,0,0,True); - DEBUG( 3, ( "mkdir %s ret=%d\n", directory, ret ) ); + DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) ); return(outsize); } -- cgit From fcbf69495784000861d432c13217702cc28884f8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 25 Jul 2000 17:09:29 +0000 Subject: Added some error checking and returns to the new 'move' code. Jeremy. (This used to be commit 0bd88d304cd773e0bbf3e6f7fedcb3b544d41cbe) --- source3/smbd/reply.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 19af1fdc3d..8aa7f7c9e4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3124,6 +3124,8 @@ int mkdir_internal(connection_struct *conn, char *inbuf, char *outbuf, pstring d } return(UNIXERROR(ERRDOS,ERRnoaccess)); } + + return ret; } /**************************************************************************** -- cgit From 7f36df301e28dc8ca0e5bfadc109d6e907d9ba2b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 1 Aug 2000 18:32:34 +0000 Subject: Tidyup removing many of the 0xC0000000 | NT_STATUS_XXX stuff (only need NT_STATUS_XXX). Removed IS_BITS_xxx macros as they were just reproducing "C" syntax in a more obscure way. Jeremy. (This used to be commit c55bcec817f47d6162466b193d533c877194124a) --- source3/smbd/reply.c | 47 ++++++++++++++++++----------------------------- 1 file changed, 18 insertions(+), 29 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8aa7f7c9e4..00697c999a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -428,65 +428,54 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out char *smb_nt_passwd, int smb_nt_passlen) { struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ - if (lp_security() == SEC_USER) - { + if (lp_security() == SEC_USER) { smb_trust_acct = getsmbpwnam(user); - } - else - { + } else { DEBUG(0,("session_trust_account: Trust account %s only supported with security = user\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); + return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } - if (smb_trust_acct == NULL) - { + if (smb_trust_acct == NULL) { /* lkclXXXX: workstation entry doesn't exist */ DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_NO_SUCH_USER)); - } - else - { - if ((smb_passlen != 24) || (smb_nt_passlen != 24)) - { + return(ERROR(0, NT_STATUS_NO_SUCH_USER)); + } else { + if ((smb_passlen != 24) || (smb_nt_passlen != 24)) { DEBUG(0,("session_trust_account: Trust account %s - password length wrong.\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); + return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(smb_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) - { + if (!smb_password_ok(smb_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); + return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_DOMTRUST)) - { + if (smb_trust_acct->acct_ctrl & ACB_DOMTRUST) { DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); + return(ERROR(0, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_SVRTRUST)) - { + if (smb_trust_acct->acct_ctrl & ACB_SVRTRUST) { DEBUG(0,("session_trust_account: Server trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); + return(ERROR(0, NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_WSTRUST)) - { + if (smb_trust_acct->acct_ctrl & ACB_WSTRUST) { DEBUG(4,("session_trust_account: Wksta trust account %s denied by server\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)); + return(ERROR(0, NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)); } } /* don't know what to do: indicate logon failure */ SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); + return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } /**************************************************************************** @@ -637,7 +626,7 @@ static int bad_password_error(char *inbuf,char *outbuf) if(((ra_type == RA_WINNT) || (ra_type == RA_WIN2K)) && (global_client_caps & (CAP_NT_SMBS | CAP_STATUS32 ))) { SSVAL(outbuf,smb_flg2,FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0,0xc0000000|NT_STATUS_LOGON_FAILURE)); + return(ERROR(0,NT_STATUS_LOGON_FAILURE)); } return(ERROR(ERRSRV,ERRbadpw)); -- cgit From 7d93eb3483029c9edd2c7b6361d514a7a3ec4e94 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 28 Aug 2000 20:45:00 +0000 Subject: smbd/password.c: Fixed typo in Tim's new code that caused insure overrun error. smbd/reply.c: Fixed lowercasing UNIX character set problem. Jeremy. (This used to be commit 2b6e3ed7a6447d40d9dd7e9b5c286b1aabe4730d) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 00697c999a..00e6f44dd0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -671,6 +671,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int * Incoming user is in DOS codepage format. Convert * to UNIX. */ + strlower(user); dos_to_unix(user,True); if (!doencrypt && (lp_security() != SEC_SERVER)) { @@ -786,6 +787,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int * Incoming user is in DOS codepage format. Convert * to UNIX. */ + strlower(user); dos_to_unix(user,True); domain = p; @@ -828,8 +830,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int guest = True; } - strlower(user); - pstrcpy(sesssetup_user,user); reload_services(True); -- cgit From 177b962dfe4c6215424ff2a2e69a4da3cecb3687 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 30 Aug 2000 18:33:56 +0000 Subject: Added vfs_unlink call to ensure vfs is used on unlink from client. Jeremy. (This used to be commit 38fc56c8434c427335cf264c4b27420c5ad47566) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 00e6f44dd0..7e6a244190 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1888,7 +1888,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - if (can_delete(directory,conn,dirtype) && !dos_unlink(directory)) + if (can_delete(directory,conn,dirtype) && !vfs_unlink(conn,directory)) count++; if (!count) exists = vfs_file_exist(conn,directory,NULL); -- cgit From a19836ae5267fa967482f2baacd5e8cf8767bf79 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 12 Sep 2000 04:50:36 +0000 Subject: we should not lowercase the username we receive in reply_sesssetup_and_X(). The getpwnam() wrapper handles the case munging operations later. this fixes a problem with mixed case usernames. (This used to be commit 2ebfdd21b3123d7daefeeed4dae6e8bc3a7a7653) --- source3/smbd/reply.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7e6a244190..397cae6221 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -671,7 +671,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int * Incoming user is in DOS codepage format. Convert * to UNIX. */ - strlower(user); dos_to_unix(user,True); if (!doencrypt && (lp_security() != SEC_SERVER)) { @@ -787,7 +786,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int * Incoming user is in DOS codepage format. Convert * to UNIX. */ - strlower(user); dos_to_unix(user,True); domain = p; -- cgit From 7a3795d5df8dc1b2e3d2afe2a9e12db34d80e305 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 20 Sep 2000 19:00:21 +0000 Subject: Fix to allow a timestamp of zero to cause an instantaneous changenotify scan - then call this from renames. This allows instantaneous update for W2k renames. Jeremy. (This used to be commit 07dffc4ee931cbc61197e2da277df9c404a77469) --- source3/smbd/reply.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 397cae6221..9dd5a9ef68 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3639,8 +3639,17 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, in DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); outsize = rename_internals(conn, inbuf, outbuf, name, newname, False); - if(outsize == 0) + if(outsize == 0) { + + /* + * Win2k needs a changenotify request response before it will + * update after a rename.. + */ + + process_pending_change_notify_queue((time_t)0); + outsize = set_message(outbuf,0,0,True); + } return(outsize); } -- cgit From b43b2e4f8a4be30e3f7aca6f570f5376fd508e3d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 27 Sep 2000 19:09:59 +0000 Subject: Restructuring of the code to remove dos_ChDir/dos_GetWd and re-vector them through the VFS. All file access/directory access code in smbd should now go via the vfs. Added vfs_chown/vfs_chmod calls. Still looking at vfs_get_nt_acl() vfs_set_nt_acl() call API design. Jeremy. (This used to be commit f96625ec124adb6e110dc54632e006b3620a962b) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9dd5a9ef68..8624bdb9b4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1100,7 +1100,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size unix_convert(fname,conn,0,&bad_path,&sbuf); if (check_name(fname,conn)) { - if (VALID_STAT(sbuf) || dos_stat(fname,&sbuf) == 0) + if (VALID_STAT(sbuf) || vfs_stat(conn,fname,&sbuf) == 0) { mode = dos_mode(conn,fname,&sbuf); size = sbuf.st_size; -- cgit From 941d82bf8060e1ca05c6744572a2e562c69b0b11 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 29 Sep 2000 04:42:29 +0000 Subject: fixed a harmess mixup of bitops and a boolean (This used to be commit 0e0f3dc577ceab540be6505a86697b14a2136b9f) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8624bdb9b4..96a43b48c8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4025,7 +4025,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, char *data; uint32 ecode=0, dummy2; int eclass=0, dummy1; - BOOL large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES); + BOOL large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; BOOL err; CHECK_FSP(fsp,conn); -- cgit From 3ad2ee22bb4ecee24d069bb7efadff18c25044d1 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 3 Oct 2000 02:12:14 +0000 Subject: utf-8 and EUC3 patch from Hiroshi Miura Samba User Group Japan staff. mkdir high bits patch from Robert Dahlem" . jeremy. (This used to be commit b40191d27180ab1e59935086073c4d312552f717) --- source3/smbd/reply.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 96a43b48c8..b98ae441ac 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3099,8 +3099,7 @@ int mkdir_internal(connection_struct *conn, char *inbuf, char *outbuf, pstring d unix_convert(directory,conn,0,&bad_path,NULL); if (check_name(directory, conn)) - ret = conn->vfs_ops.mkdir(dos_to_unix(directory,False), - unix_mode(conn,aDIR,directory)); + ret = vfs_mkdir(conn,directory,unix_mode(conn,aDIR,directory)); if (ret < 0) { -- cgit From 636f146abf0a75cd3b21a57b50627ee149a635ab Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 6 Oct 2000 03:21:49 +0000 Subject: Restructuring of vfs layer to include a "this" pointer - can be an fsp or a conn struct depending on the call. We need this to have a clean NT ACL call interface. This will break any existing VFS libraries (that's why this is pre-release code). Andrew gets credit for this one :-) :-). In addition - added Herb's WITH_PROFILE changes - Herb - please examine the changes I've made to the smbd/reply.c code you added. The original code was very ugly and I have replaced it with a START_PROFILE(x)/END_PROFILE(x) pair using the preprocessor. Please check this compiles ok with the --with-profile switch. Jeremy. (This used to be commit b07611f8159b0b3f42e7e02611be9f4d56de96f5) --- source3/smbd/reply.c | 456 ++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 358 insertions(+), 98 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b98ae441ac..e64875a805 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -214,6 +214,7 @@ int reply_tcon(connection_struct *conn, uint16 vuid = SVAL(inbuf,smb_uid); int pwlen=0; int ecode = -1; + START_PROFILE(SMBtcon); *service = *user = *password = *dev = 0; @@ -242,6 +243,7 @@ int reply_tcon(connection_struct *conn, conn = make_connection(service,user,password,pwlen,dev,vuid,&ecode); if (!conn) { + END_PROFILE(SMBtcon); return(connection_error(inbuf,outbuf,ecode)); } @@ -253,6 +255,7 @@ int reply_tcon(connection_struct *conn, DEBUG(3,("tcon service=%s user=%s cnum=%d\n", service, user, conn->cnum)); + END_PROFILE(SMBtcon); return(outsize); } @@ -271,6 +274,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt int passlen = SVAL(inbuf,smb_vwv3); char *path; char *p; + START_PROFILE(SMBtconX); *service = *user = *password = *devicename = 0; @@ -294,8 +298,10 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } p = strchr(path+2,'\\'); - if (!p) + if (!p) { + END_PROFILE(SMBtconX); return(ERROR(ERRDOS,ERRnosuchshare)); + } fstrcpy(service,p+1); p = strchr(service,'%'); if (p) { @@ -327,8 +333,10 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt conn = make_connection(service,user,password,passlen,devicename,vuid,&ecode); - if (!conn) + if (!conn) { + END_PROFILE(SMBtconX); return(connection_error(inbuf,outbuf,ecode)); + } if (Protocol < PROTOCOL_NT1) { set_message(outbuf,2,strlen(devicename)+1,True); @@ -359,6 +367,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt SSVAL(inbuf,smb_tid,conn->cnum); SSVAL(outbuf,smb_tid,conn->cnum); + END_PROFILE(SMBtconX); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -390,6 +399,7 @@ int reply_ioctl(connection_struct *conn, int replysize, outsize; char *p; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBioctl); DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code)); @@ -399,6 +409,7 @@ int reply_ioctl(connection_struct *conn, replysize = 32; break; default: + END_PROFILE(SMBioctl); return(ERROR(ERRSRV,ERRnosupport)); } @@ -417,6 +428,7 @@ int reply_ioctl(connection_struct *conn, break; } + END_PROFILE(SMBioctl); return outsize; } @@ -653,6 +665,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int static BOOL done_sesssetup = False; BOOL doencrypt = SMBENCRYPT(); char *domain = ""; + START_PROFILE(SMBsesssetupX); *smb_apasswd = 0; *smb_ntpasswd = 0; @@ -801,6 +814,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* say yes to everything ending in $. */ if (*user && (user[strlen(user) - 1] == '$') && (smb_apasslen == 24) && (smb_ntpasslen == 24)) { + END_PROFILE(SMBsesssetupX); return session_trust_account(conn, inbuf, outbuf, user, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen); @@ -816,6 +830,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int */ if (!*user && !*smb_apasswd && !*domain) { DEBUG(0, ("restrict anonymous is True and anonymous connection attempted. Denying access.\n")); + END_PROFILE(SMBsesssetupX); return(ERROR(ERRDOS,ERRnoaccess)); } } @@ -913,6 +928,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (lp_map_to_guest() == NEVER_MAP_TO_GUEST) { DEBUG(1,("Rejecting user '%s': authentication failed\n", user)); + END_PROFILE(SMBsesssetupX); return bad_password_error(inbuf,outbuf); } @@ -921,6 +937,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (smb_getpwnam(user,True)) { DEBUG(1,("Rejecting user '%s': bad password\n", user)); + END_PROFILE(SMBsesssetupX); return bad_password_error(inbuf,outbuf); } } @@ -976,6 +993,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int const struct passwd *pw = smb_getpwnam(user,False); if (!pw) { DEBUG(1,("Username %s is invalid on this system\n",user)); + END_PROFILE(SMBsesssetupX); return bad_password_error(inbuf,outbuf); } gid = pw->pw_gid; @@ -1000,6 +1018,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int done_sesssetup = True; + END_PROFILE(SMBsesssetupX); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -1015,6 +1034,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL ok = False; BOOL bad_path = False; SMB_STRUCT_STAT st; + START_PROFILE(SMBchkpth_count); pstrcpy(name,smb_buf(inbuf) + 1); @@ -1061,6 +1081,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(3,("chkpth %s mode=%d\n", name, mode)); + END_PROFILE(SMBchkpth); return(outsize); } @@ -1078,6 +1099,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SMB_OFF_T size=0; time_t mtime=0; BOOL bad_path = False; + START_PROFILE(SMBgetatr); pstrcpy(fname,smb_buf(inbuf) + 1); @@ -1122,6 +1144,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size unix_ERR_code = ERRbadpath; } + END_PROFILE(SMBgetatr); return(UNIXERROR(ERRDOS,ERRbadfile)); } @@ -1144,6 +1167,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, (uint32)size ) ); + END_PROFILE(SMBgetatr); return(outsize); } @@ -1160,6 +1184,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size time_t mtime; SMB_STRUCT_STAT st; BOOL bad_path = False; + START_PROFILE(SMBsetatr); pstrcpy(fname,smb_buf(inbuf) + 1); unix_convert(fname,conn,0,&bad_path,&st); @@ -1182,6 +1207,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size unix_ERR_code = ERRbadpath; } + END_PROFILE(SMBsetatr); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1189,6 +1215,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) ); + END_PROFILE(SMBsetatr); return(outsize); } @@ -1200,8 +1227,9 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz { int outsize = 0; SMB_BIG_UINT dfree,dsize,bsize; + START_PROFILE(SMBdskattr); - conn->vfs_ops.disk_free(".",True,&bsize,&dfree,&dsize); + conn->vfs_ops.disk_free(conn,".",True,&bsize,&dfree,&dsize); outsize = set_message(outbuf,5,0,True); @@ -1212,6 +1240,7 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree)); + END_PROFILE(SMBdskattr); return(outsize); } @@ -1244,6 +1273,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL expect_close = False; BOOL can_open = True; BOOL bad_path = False; + START_PROFILE(SMBsearch); *mask = *directory = *fname = 0; @@ -1324,8 +1354,10 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + END_PROFILE(SMBsearch); return (UNIXERROR(ERRDOS,ERRnofids)); } + END_PROFILE(SMBsearch); return(ERROR(ERRDOS,ERRnofids)); } dptr_set_wcard(dptr_num, strdup(mask)); @@ -1416,6 +1448,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size smb_fn_name(CVAL(inbuf,smb_com)), mask, directory, dirtype, numentries, maxentries ) ); + END_PROFILE(SMBsearch); return(outsize); } @@ -1430,14 +1463,17 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size char *path; char status[21]; int dptr_num= -2; + START_PROFILE(SMBfclose); outsize = set_message(outbuf,1,0,True); path = smb_buf(inbuf) + 1; status_len = SVAL(smb_buf(inbuf),3 + strlen(path)); - if (status_len == 0) + if (status_len == 0) { + END_PROFILE(SMBfclose); return(ERROR(ERRSRV,ERRsrverror)); + } memcpy(status,smb_buf(inbuf) + 1 + strlen(path) + 4,21); @@ -1450,6 +1486,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(3,("search close\n")); + END_PROFILE(SMBfclose); return(outsize); } @@ -1472,6 +1509,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + START_PROFILE(SMBopen); share_mode = SVAL(inbuf,smb_vwv0); @@ -1493,11 +1531,13 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + END_PROFILE(SMBopen); return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fsp->conn->vfs_ops.fstat(fsp->fd,&sbuf) != 0) { + if (vfs_fstat(fsp,fsp->fd,&sbuf) != 0) { close_file(fsp,False); + END_PROFILE(SMBopen); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1508,6 +1548,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (fmode & aDIR) { DEBUG(3,("attempt to open a directory %s\n",fname)); close_file(fsp,False); + END_PROFILE(SMBopen); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1527,6 +1568,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + END_PROFILE(SMBopen); return(outsize); } @@ -1557,13 +1599,17 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt int smb_action = 0; BOOL bad_path = False; files_struct *fsp; + START_PROFILE(SMBopenX); /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { - if (lp_nt_pipe_support()) + if (lp_nt_pipe_support()) { + END_PROFILE(SMBopenX); return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize); - else + } else { + END_PROFILE(SMBopenX); return (ERROR(ERRSRV,ERRaccess)); + } } /* XXXX we need to handle passed times, sattr and flags */ @@ -1586,11 +1632,13 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + END_PROFILE(SMBopenX); return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (fsp->conn->vfs_ops.fstat(fsp->fd,&sbuf) != 0) { + if (vfs_fstat(fsp,fsp->fd,&sbuf) != 0) { close_file(fsp,False); + END_PROFILE(SMBopenX); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1599,6 +1647,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt mtime = sbuf.st_mtime; if (fmode & aDIR) { close_file(fsp,False); + END_PROFILE(SMBopenX); return(ERROR(ERRDOS,ERRnoaccess)); } @@ -1639,6 +1688,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt SSVAL(outbuf,smb_vwv8,rmode); SSVAL(outbuf,smb_vwv11,smb_action); + END_PROFILE(SMBopenX); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -1650,6 +1700,7 @@ int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length, { uint16 vuid = SVAL(inbuf,smb_uid); user_struct *vuser = get_valid_user_struct(vuid); + START_PROFILE(SMBulogoffX); if(vuser == 0) { DEBUG(3,("ulogoff, vuser id %d does not map to user.\n", vuid)); @@ -1667,6 +1718,7 @@ int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length, DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) ); + END_PROFILE(SMBulogoffX); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -1685,6 +1737,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + START_PROFILE(SMBcreate); com = SVAL(inbuf,smb_com); @@ -1724,6 +1777,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + END_PROFILE(SMBcreate); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1741,6 +1795,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG( 3, ( "mknew %s fd=%d dmode=%d umode=%o\n", fname, fsp->fd, createmode, (int)unixmode ) ); + END_PROFILE(SMBcreate); return(outsize); } @@ -1758,6 +1813,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + START_PROFILE(SMBctemp); createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); @@ -1783,6 +1839,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + END_PROFILE(SMBctemp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1802,6 +1859,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG( 3, ( "ctemp %s fd=%d dmode=%d umode=%o\n", fname2, fsp->fd, createmode, (int)unixmode ) ); + END_PROFILE(SMBctemp); return(outsize); } @@ -1816,7 +1874,7 @@ static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) if (!CAN_WRITE(conn)) return(False); - if (conn->vfs_ops.lstat(dos_to_unix(fname,False),&sbuf) != 0) return(False); + if (conn->vfs_ops.lstat(conn,dos_to_unix(fname,False),&sbuf) != 0) return(False); fmode = dos_mode(conn,fname,&sbuf); if (fmode & aDIR) return(False); if (!lp_delete_readonly(SNUM(conn))) { @@ -1846,6 +1904,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL exists=False; BOOL bad_path = False; BOOL rc = True; + START_PROFILE(SMBunlink); *directory = *mask = 0; @@ -1919,7 +1978,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); if (!can_delete(fname,conn,dirtype)) continue; - if (!conn->vfs_ops.unlink(dos_to_unix(fname,False))) count++; + if (!vfs_unlink(conn,fname)) count++; DEBUG(3,("reply_unlink : doing unlink on %s\n",fname)); } CloseDir(dirptr); @@ -1927,21 +1986,24 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } if (count == 0) { - if (exists) + if (exists) { + END_PROFILE(SMBunlink); return(ERROR(ERRDOS,error)); - else + } else { if((errno == ENOENT) && bad_path) { unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + END_PROFILE(SMBunlink); return(UNIXERROR(ERRDOS,error)); } } outsize = set_message(outbuf,0,0,True); + END_PROFILE(SMBunlink); return(outsize); } @@ -1958,6 +2020,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s char *header = outbuf; ssize_t ret=0; files_struct *fsp; + START_PROFILE(SMBreadbraw); /* * Special check if an oplock break has been issued @@ -1970,6 +2033,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s _smb_setlen(header,0); transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0); DEBUG(5,("readbraw - oplock break finished\n")); + END_PROFILE(SMBreadbraw); return -1; } @@ -1982,6 +2046,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0))); _smb_setlen(header,0); transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0); + END_PROFILE(SMBreadbraw); return(-1); } @@ -2009,6 +2074,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) )); _smb_setlen(header,0); transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0); + END_PROFILE(SMBreadbraw); return(-1); } @@ -2019,6 +2085,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s (double)startpos )); _smb_setlen(header,0); transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0); + END_PROFILE(SMBreadbraw); return(-1); } } @@ -2037,7 +2104,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if (size < sizeneeded) { SMB_STRUCT_STAT st; - if (fsp->conn->vfs_ops.fstat(fsp->fd,&st) == 0) + if (vfs_fstat(fsp,fsp->fd,&st) == 0) size = st.st_size; if (!fsp->can_write) fsp->size = size; @@ -2060,7 +2127,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s _smb_setlen(header,nread); if ((nread-predict) > 0) { - if(conn->vfs_ops.seek(fsp,startpos + predict) == -1) { + if(conn->vfs_ops.seek(fsp,fsp->fd,startpos + predict) == -1) { DEBUG(0,("reply_readbraw: ERROR: seek_file failed.\n")); ret = 0; seek_fail = True; @@ -2068,7 +2135,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s } if(!seek_fail) - ret = (ssize_t)vfs_transfer_file(-1, fsp->fd, Client, NULL, + ret = (ssize_t)vfs_transfer_file(-1, fsp, fsp->fd, Client, NULL, (SMB_OFF_T)(nread-predict),header,4+predict, startpos+predict); } @@ -2086,6 +2153,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s #endif /* UNSAFE_READRAW */ DEBUG(5,("readbraw finished\n")); + END_PROFILE(SMBreadbraw); return -1; } @@ -2103,6 +2171,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length int eclass; uint32 ecode; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBlockread); CHECK_FSP(fsp,conn); CHECK_READ(fsp); @@ -2130,15 +2199,19 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * onto the blocking lock queue. */ if(push_blocking_lock_request(inbuf, length, -1, 0)) + END_PROFILE(SMBlockread); return -1; } + END_PROFILE(SMBlockread); return (ERROR(eclass,ecode)); } nread = read_file(fsp,data,startpos,numtoread); - if (nread < 0) + if (nread < 0) { + END_PROFILE(SMBlockread); return(UNIXERROR(ERRDOS,ERRnoaccess)); + } outsize += nread; SSVAL(outbuf,smb_vwv0,nread); @@ -2148,6 +2221,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length DEBUG( 3, ( "lockread fnum=%d num=%d nread=%d\n", fsp->fnum, (int)numtoread, (int)nread ) ); + END_PROFILE(SMBlockread); return(outsize); } @@ -2164,6 +2238,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int SMB_OFF_T startpos; int outsize = 0; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBread); CHECK_FSP(fsp,conn); CHECK_READ(fsp); @@ -2176,14 +2251,18 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) { + END_PROFILE(SMBread); return(ERROR(ERRDOS,ERRlock)); + } if (numtoread > 0) nread = read_file(fsp,data,startpos,numtoread); - if (nread < 0) + if (nread < 0) { + END_PROFILE(SMBread); return(UNIXERROR(ERRDOS,ERRnoaccess)); + } outsize += nread; SSVAL(outbuf,smb_vwv0,nread); @@ -2194,6 +2273,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n", fsp->fnum, (int)numtoread, (int)nread ) ); + END_PROFILE(SMBread); return(outsize); } @@ -2209,10 +2289,13 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt size_t smb_mincnt = SVAL(inbuf,smb_vwv6); ssize_t nread = -1; char *data; + START_PROFILE(SMBreadX); /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(conn)) + if (IS_IPC(conn)) { + END_PROFILE(SMBreadX); return reply_pipe_read_and_X(inbuf,outbuf,length,bufsize); + } CHECK_FSP(fsp,conn); CHECK_READ(fsp); @@ -2237,6 +2320,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if(IVAL(inbuf,smb_vwv10) != 0) { DEBUG(0,("reply_read_and_X - large offset (%x << 32) used and we don't support \ 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv10) )); + END_PROFILE(SMBreadX); return(ERROR(ERRDOS,ERRbadaccess)); } @@ -2244,12 +2328,16 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } - if (is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) { + END_PROFILE(SMBreadX); return(ERROR(ERRDOS,ERRlock)); + } nread = read_file(fsp,data,startpos,smb_maxcnt); - if (nread < 0) + if (nread < 0) { + END_PROFILE(SMBreadX); return(UNIXERROR(ERRDOS,ERRnoaccess)); + } SSVAL(outbuf,smb_vwv5,nread); SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); @@ -2258,6 +2346,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt DEBUG( 3, ( "readX fnum=%d min=%d max=%d nread=%d\n", fsp->fnum, (int)smb_mincnt, (int)smb_maxcnt, (int)nread ) ); + END_PROFILE(SMBreadX); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2276,6 +2365,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, BOOL write_through; files_struct *fsp = file_fsp(inbuf,smb_vwv0); int outsize = 0; + START_PROFILE(SMBwritebraw); CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -2299,8 +2389,10 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, CVAL(inbuf,smb_com) = SMBwritec; CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + END_PROFILE(SMBwritebraw); return(ERROR(ERRDOS,ERRlock)); + } if (numtowrite>0) nwritten = write_file(fsp,data,startpos,numtowrite); @@ -2308,8 +2400,10 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n", fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through)); - if (nwritten < numtowrite) + if (nwritten < numtowrite) { + END_PROFILE(SMBwritebraw); return(UNIXERROR(ERRHRD,ERRdiskfull)); + } total_written = nwritten; @@ -2358,8 +2452,10 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, /* we won't return a status if write through is not selected - this follows what WfWg does */ - if (!write_through && total_written==tcount) + END_PROFILE(SMBwritebraw); + if (!write_through && total_written==tcount) { return(-1); + } return(outsize); } @@ -2378,6 +2474,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz uint32 ecode; files_struct *fsp = file_fsp(inbuf,smb_vwv0); int outsize = 0; + START_PROFILE(SMBwriteunlock); CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -2387,8 +2484,10 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + END_PROFILE(SMBwriteunlock); return(ERROR(ERRDOS,ERRlock)); + } /* The special X/Open SMB protocol handling of zero length writes is *NOT* done for @@ -2401,11 +2500,15 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz if (lp_syncalways(SNUM(conn))) sync_file(conn,fsp); - if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) + if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { + END_PROFILE(SMBwriteunlock); return(UNIXERROR(ERRDOS,ERRnoaccess)); + } - if(!do_unlock(fsp, conn, (SMB_BIG_UINT)numtowrite, (SMB_BIG_UINT)startpos, &eclass, &ecode)) + if(!do_unlock(fsp, conn, (SMB_BIG_UINT)numtowrite, (SMB_BIG_UINT)startpos, &eclass, &ecode)) { + END_PROFILE(SMBwriteunlock); return(ERROR(eclass,ecode)); + } outsize = set_message(outbuf,1,0,True); @@ -2414,6 +2517,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz DEBUG( 3, ( "writeunlock fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten ) ); + END_PROFILE(SMBwriteunlock); return(outsize); } @@ -2428,10 +2532,13 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d char *data; files_struct *fsp = file_fsp(inbuf,smb_vwv0); int outsize = 0; + START_PROFILE(SMBwrite); /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(conn)) + if (IS_IPC(conn)) { + END_PROFILE(SMBwrite); return reply_pipe_write(inbuf,outbuf,size,dum_buffsize); + } CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -2441,8 +2548,10 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + END_PROFILE(SMBwrite); return(ERROR(ERRDOS,ERRlock)); + } /* X/Open SMB protocol says that if smb_vwv1 is zero then the file size should be extended or @@ -2456,8 +2565,10 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d if (lp_syncalways(SNUM(conn))) sync_file(conn,fsp); - if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) + if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { + END_PROFILE(SMBwrite); return(UNIXERROR(ERRDOS,ERRnoaccess)); + } outsize = set_message(outbuf,1,0,True); @@ -2471,6 +2582,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten)); + END_PROFILE(SMBwrite); return(outsize); } @@ -2487,17 +2599,22 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng ssize_t nwritten = -1; unsigned int smb_doff = SVAL(inbuf,smb_vwv11); char *data; + START_PROFILE(SMBwriteX); /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(conn)) + if (IS_IPC(conn)) { + END_PROFILE(SMBwriteX); return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize); + } CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); CHECK_ERROR(fsp); - if(smb_doff > smb_len(inbuf)) + if(smb_doff > smb_len(inbuf)) { + END_PROFILE(SMBwriteX); return(ERROR(ERRDOS,ERRbadmem)); + } data = smb_base(inbuf) + smb_doff; @@ -2517,14 +2634,17 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng if(IVAL(inbuf,smb_vwv12) != 0) { DEBUG(0,("reply_write_and_X - large offset (%x << 32) used and we don't support \ 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv12) )); + END_PROFILE(SMBwriteX); return(ERROR(ERRDOS,ERRbadaccess)); } #endif /* LARGE_SMB_OFF_T */ } - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + END_PROFILE(SMBwriteX); return(ERROR(ERRDOS,ERRlock)); + } /* X/Open SMB protocol says that, unlike SMBwrite if the length is zero then NO truncation is @@ -2535,8 +2655,10 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng else nwritten = write_file(fsp,data,startpos,numtowrite); - if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) + if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { + END_PROFILE(SMBwriteX); return(UNIXERROR(ERRDOS,ERRnoaccess)); + } set_message(outbuf,6,0,True); @@ -2553,6 +2675,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng if (lp_syncalways(SNUM(conn)) || write_through) sync_file(conn,fsp); + END_PROFILE(SMBwriteX); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -2568,6 +2691,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int int mode,umode; int outsize = 0; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBlseek); CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); @@ -2585,7 +2709,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int umode = SEEK_SET; break; } - if((res = conn->vfs_ops.lseek(fsp->fd,startpos,umode)) == -1) { + if((res = conn->vfs_ops.lseek(fsp,fsp->fd,startpos,umode)) == -1) { /* * Check for the special case where a seek before the start * of the file sets the offset to zero. Added in the CIFS spec, @@ -2597,8 +2721,10 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int if(umode == SEEK_CUR) { - if((current_pos = conn->vfs_ops.lseek(fsp->fd,0,SEEK_CUR)) == -1) + if((current_pos = conn->vfs_ops.lseek(fsp,fsp->fd,0,SEEK_CUR)) == -1) { + END_PROFILE(SMBlseek); return(UNIXERROR(ERRDOS,ERRnoaccess)); + } current_pos += startpos; @@ -2606,18 +2732,22 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int SMB_STRUCT_STAT sbuf; - if(conn->vfs_ops.fstat(fsp->fd, &sbuf) == -1) + if(vfs_fstat(fsp,fsp->fd, &sbuf) == -1) { + END_PROFILE(SMBlseek); return(UNIXERROR(ERRDOS,ERRnoaccess)); + } current_pos += sbuf.st_size; } if(current_pos < 0) - res = conn->vfs_ops.lseek(fsp->fd,0,SEEK_SET); + res = conn->vfs_ops.lseek(fsp,fsp->fd,0,SEEK_SET); } - if(res == -1) + if(res == -1) { + END_PROFILE(SMBlseek); return(UNIXERROR(ERRDOS,ERRnoaccess)); + } } fsp->pos = res; @@ -2628,6 +2758,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n", fsp->fnum, (double)startpos, (double)res, mode)); + END_PROFILE(SMBlseek); return(outsize); } @@ -2639,6 +2770,7 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int { int outsize = set_message(outbuf,0,0,True); files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBflush); if (fsp) { CHECK_FSP(fsp,conn); @@ -2652,6 +2784,7 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int } DEBUG(3,("flush\n")); + END_PROFILE(SMBflush); return(outsize); } @@ -2662,9 +2795,13 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int int reply_exit(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,True); + int outsize; + START_PROFILE(SMBexit); + outsize = set_message(outbuf,0,0,True); + DEBUG(3,("exit\n")); + END_PROFILE(SMBexit); return(outsize); } @@ -2679,12 +2816,15 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, time_t mtime; int32 eclass = 0, err = 0; files_struct *fsp = NULL; + START_PROFILE(SMBclose); outsize = set_message(outbuf,0,0,True); /* If it's an IPC, pass off to the pipe handler. */ - if (IS_IPC(conn)) + if (IS_IPC(conn)) { + END_PROFILE(SMBclose); return reply_pipe_close(conn, inbuf,outbuf); + } fsp = file_fsp(inbuf,smb_vwv0); @@ -2692,8 +2832,10 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * We can only use CHECK_FSP if we know it's not a directory. */ - if(!fsp || (fsp->conn != conn)) + if(!fsp || (fsp->conn != conn)) { + END_PROFILE(SMBclose); return(ERROR(ERRDOS,ERRbadfid)); + } if(HAS_CACHED_ERROR(fsp)) { eclass = fsp->wbmpx_ptr->wr_errclass; @@ -2740,14 +2882,18 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, if((close_err = close_file(fsp,True)) != 0) { errno = close_err; + END_PROFILE(SMBclose); return (UNIXERROR(ERRHRD,ERRgeneral)); } } /* We have a cached error */ - if(eclass || err) + if(eclass || err) { + END_PROFILE(SMBclose); return(ERROR(eclass,err)); + } + END_PROFILE(SMBclose); return(outsize); } @@ -2767,6 +2913,7 @@ int reply_writeclose(connection_struct *conn, char *data; time_t mtime; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBwriteclose); CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -2777,9 +2924,11 @@ int reply_writeclose(connection_struct *conn, mtime = make_unix_date3(inbuf+smb_vwv4); data = smb_buf(inbuf) + 1; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + END_PROFILE(SMBwriteclose); return(ERROR(ERRDOS,ERRlock)); - + } + nwritten = write_file(fsp,data,startpos,numtowrite); set_filetime(conn, fsp->fsp_name,mtime); @@ -2790,17 +2939,21 @@ int reply_writeclose(connection_struct *conn, fsp->fnum, (int)numtowrite, (int)nwritten, conn->num_files_open)); - if (nwritten <= 0) + if (nwritten <= 0) { + END_PROFILE(SMBwriteclose); return(UNIXERROR(ERRDOS,ERRnoaccess)); + } if(close_err != 0) { errno = close_err; + END_PROFILE(SMBwriteclose); return(UNIXERROR(ERRHRD,ERRgeneral)); } outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,nwritten); + END_PROFILE(SMBwriteclose); return(outsize); } @@ -2816,6 +2969,7 @@ int reply_lock(connection_struct *conn, int eclass; uint32 ecode; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBlock); CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); @@ -2827,18 +2981,22 @@ int reply_lock(connection_struct *conn, fsp->fd, fsp->fnum, (double)offset, (double)count)); if (!do_lock(fsp, conn, count, offset, WRITE_LOCK, &eclass, &ecode)) { - if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { - /* - * A blocking lock was requested. Package up - * this smb into a queued request and push it - * onto the blocking lock queue. - */ - if(push_blocking_lock_request(inbuf, length, -1, 0)) - return -1; - } - return (ERROR(eclass,ecode)); - } + if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { + /* + * A blocking lock was requested. Package up + * this smb into a queued request and push it + * onto the blocking lock queue. + */ + if(push_blocking_lock_request(inbuf, length, -1, 0)) { + END_PROFILE(SMBlock); + return -1; + } + } + END_PROFILE(SMBlock); + return (ERROR(eclass,ecode)); + } + END_PROFILE(SMBlock); return(outsize); } @@ -2853,6 +3011,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, in int eclass; uint32 ecode; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBunlock); CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); @@ -2860,12 +3019,15 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, in count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1); offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); - if(!do_unlock(fsp, conn, count, offset, &eclass, &ecode)) + if(!do_unlock(fsp, conn, count, offset, &eclass, &ecode)) { + END_PROFILE(SMBunlock); return (ERROR(eclass,ecode)); + } DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fd, fsp->fnum, (double)offset, (double)count ) ); + END_PROFILE(SMBunlock); return(outsize); } @@ -2878,11 +3040,13 @@ int reply_tdis(connection_struct *conn, { int outsize = set_message(outbuf,0,0,True); uint16 vuid; + START_PROFILE(SMBtdis); vuid = SVAL(inbuf,smb_uid); if (!conn) { DEBUG(4,("Invalid connection in tdis\n")); + END_PROFILE(SMBtdis); return(ERROR(ERRSRV,ERRinvnid)); } @@ -2890,6 +3054,7 @@ int reply_tdis(connection_struct *conn, close_cnum(conn,vuid); + END_PROFILE(SMBtdis); return outsize; } @@ -2905,6 +3070,7 @@ int reply_echo(connection_struct *conn, int seq_num; unsigned int data_len = smb_buflen(inbuf); int outsize = set_message(outbuf,1,data_len,True); + START_PROFILE(SMBecho); data_len = MIN(data_len, (sizeof(inbuf)-(smb_buf(inbuf)-inbuf))); @@ -2929,6 +3095,7 @@ int reply_echo(connection_struct *conn, smb_echo_count++; + END_PROFILE(SMBecho); return -1; } @@ -2941,14 +3108,18 @@ int reply_printopen(connection_struct *conn, { int outsize = 0; files_struct *fsp; + START_PROFILE(SMBsplopen); - if (!CAN_PRINT(conn)) + if (!CAN_PRINT(conn)) { + END_PROFILE(SMBsplopen); return(ERROR(ERRDOS,ERRnoaccess)); + } /* Open for exclusive use, write only. */ fsp = print_fsp_open(conn,"dos.prn"); if (!fsp) { + END_PROFILE(SMBsplopen); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -2958,6 +3129,7 @@ int reply_printopen(connection_struct *conn, DEBUG(3,("openprint fd=%d fnum=%d\n", fsp->fd, fsp->fnum)); + END_PROFILE(SMBsplopen); return(outsize); } @@ -2971,12 +3143,15 @@ int reply_printclose(connection_struct *conn, int outsize = set_message(outbuf,0,0,True); files_struct *fsp = file_fsp(inbuf,smb_vwv0); int close_err = 0; + START_PROFILE(SMBsplclose); CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); - if (!CAN_PRINT(conn)) + if (!CAN_PRINT(conn)) { + END_PROFILE(SMBsplclose); return(ERROR(ERRDOS,ERRnoaccess)); + } DEBUG(3,("printclose fd=%d fnum=%d\n", fsp->fd,fsp->fnum)); @@ -2985,9 +3160,11 @@ int reply_printclose(connection_struct *conn, if(close_err != 0) { errno = close_err; + END_PROFILE(SMBsplclose); return(UNIXERROR(ERRHRD,ERRgeneral)); } + END_PROFILE(SMBsplclose); return(outsize); } @@ -3001,13 +3178,16 @@ int reply_printqueue(connection_struct *conn, int outsize = set_message(outbuf,2,3,True); int max_count = SVAL(inbuf,smb_vwv0); int start_index = SVAL(inbuf,smb_vwv1); + START_PROFILE(SMBsplretq); /* we used to allow the client to get the cnum wrong, but that is really quite gross and only worked when there was only one printer - I think we should now only accept it if they get it right (tridge) */ - if (!CAN_PRINT(conn)) + if (!CAN_PRINT(conn)) { + END_PROFILE(SMBsplretq); return(ERROR(ERRDOS,ERRnoaccess)); + } SSVAL(outbuf,smb_vwv0,0); SSVAL(outbuf,smb_vwv1,0); @@ -3054,6 +3234,7 @@ int reply_printqueue(connection_struct *conn, DEBUG(3,("%d entries returned in queue\n",count)); } + END_PROFILE(SMBsplretq); return(outsize); } @@ -3067,9 +3248,12 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ int outsize = set_message(outbuf,0,0,True); char *data; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBsplwr); - if (!CAN_PRINT(conn)) + if (!CAN_PRINT(conn)) { + END_PROFILE(SMBsplwr); return(ERROR(ERRDOS,ERRnoaccess)); + } CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -3078,11 +3262,14 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ numtowrite = SVAL(smb_buf(inbuf),1); data = smb_buf(inbuf) + 3; - if (write_file(fsp,data,-1,numtowrite) != numtowrite) + if (write_file(fsp,data,-1,numtowrite) != numtowrite) { + END_PROFILE(SMBsplwr); return(UNIXERROR(ERRDOS,ERRnoaccess)); - + } + DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) ); + END_PROFILE(SMBsplwr); return(outsize); } @@ -3121,6 +3308,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, { pstring directory; int outsize; + START_PROFILE(SMBmkdir); pstrcpy(directory,smb_buf(inbuf) + 1); @@ -3130,6 +3318,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) ); + END_PROFILE(SMBmkdir); return(outsize); } @@ -3166,7 +3355,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(conn->vfs_ops.lstat(dos_to_unix(fullname,False), &st) != 0) + if(conn->vfs_ops.lstat(conn,dos_to_unix(fullname,False), &st) != 0) { ret = True; break; @@ -3179,13 +3368,13 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) ret = True; break; } - if(conn->vfs_ops.rmdir(dos_to_unix(fullname,False)) != 0) + if(vfs_rmdir(conn,fullname) != 0) { ret = True; break; } } - else if(conn->vfs_ops.unlink(dos_to_unix(fullname,False)) != 0) + else if(vfs_unlink(conn,fullname) != 0) { ret = True; break; @@ -3203,7 +3392,7 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) { BOOL ok; - ok = (conn->vfs_ops.rmdir(dos_to_unix(directory, False)) == 0); + ok = (vfs_rmdir(conn,directory) == 0); if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) { /* @@ -3250,7 +3439,7 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(conn->vfs_ops.lstat(dos_to_unix(fullname, False), &st) != 0) + if(conn->vfs_ops.lstat(conn,dos_to_unix(fullname, False), &st) != 0) break; if(st.st_mode & S_IFDIR) { @@ -3259,15 +3448,15 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) if(recursive_rmdir(conn, fullname) != 0) break; } - if(conn->vfs_ops.rmdir(dos_to_unix(fullname, False)) != 0) + if(vfs_rmdir(conn,fullname) != 0) break; } - else if(conn->vfs_ops.unlink(dos_to_unix(fullname, False)) != 0) + else if(vfs_unlink(conn,fullname) != 0) break; } CloseDir(dirptr); /* Retry the rmdir */ - ok = (conn->vfs_ops.rmdir(dos_to_unix(directory, False)) == 0); + ok = (vfs_rmdir(conn,directory) == 0); } else CloseDir(dirptr); @@ -3293,6 +3482,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int outsize = 0; BOOL ok = False; BOOL bad_path = False; + START_PROFILE(SMBrmdir); pstrcpy(directory,smb_buf(inbuf) + 1); @@ -3313,6 +3503,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + END_PROFILE(SMBrmdir); return(UNIXERROR(ERRDOS,ERRbadpath)); } @@ -3320,6 +3511,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG( 3, ( "rmdir %s\n", directory ) ); + END_PROFILE(SMBrmdir); return(outsize); } @@ -3397,7 +3589,7 @@ static BOOL can_rename(char *fname,connection_struct *conn) if (!CAN_WRITE(conn)) return(False); - if (conn->vfs_ops.lstat(dos_to_unix(fname,False),&sbuf) != 0) return(False); + if (conn->vfs_ops.lstat(conn,dos_to_unix(fname,False),&sbuf) != 0) return(False); if (!check_file_sharing(conn,fname,True)) return(False); return(True); @@ -3529,14 +3721,14 @@ int rename_internals(connection_struct *conn, */ if(resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !conn->vfs_ops.rename(zdirectory, + !conn->vfs_ops.rename(conn,zdirectory, dos_to_unix(newname,False))) count++; } else { if (resolve_wildcards(directory,newname) && can_rename(directory,conn) && !vfs_file_exist(conn,newname,NULL) && - !conn->vfs_ops.rename(zdirectory, + !conn->vfs_ops.rename(conn,zdirectory, dos_to_unix(newname,False))) count++; } @@ -3595,7 +3787,7 @@ int rename_internals(connection_struct *conn, continue; } - if (!conn->vfs_ops.rename(dos_to_unix(fname,False), + if (!conn->vfs_ops.rename(conn,dos_to_unix(fname,False), dos_to_unix(destname,False))) count++; DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); @@ -3628,6 +3820,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, in int outsize = 0; pstring name; pstring newname; + START_PROFILE(SMBmv); pstrcpy(name,smb_buf(inbuf) + 1); pstrcpy(newname,smb_buf(inbuf) + 3 + strlen(name)); @@ -3650,6 +3843,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, in outsize = set_message(outbuf,0,0,True); } + END_PROFILE(SMBmv); return(outsize); } @@ -3701,7 +3895,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if ((ofun&3) == 1) { - if(conn->vfs_ops.lseek(fsp2->fd,0,SEEK_END) == -1) { + if(conn->vfs_ops.lseek(fsp2,fsp2->fd,0,SEEK_END) == -1) { DEBUG(0,("copy_file: error - sys_lseek returned error %s\n", strerror(errno) )); /* @@ -3751,6 +3945,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path1 = False; BOOL bad_path2 = False; BOOL rc = True; + START_PROFILE(SMBcopy); *directory = *mask = 0; @@ -3762,6 +3957,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (tid2 != conn->cnum) { /* can't currently handle inter share copies XXXX */ DEBUG(3,("Rejecting inter-share copy\n")); + END_PROFILE(SMBcopy); return(ERROR(ERRSRV,ERRinvdevice)); } @@ -3774,16 +3970,19 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, target_is_directory = vfs_directory_exist(conn,False,NULL); if ((flags&1) && target_is_directory) { + END_PROFILE(SMBcopy); return(ERROR(ERRDOS,ERRbadfile)); } if ((flags&2) && !target_is_directory) { + END_PROFILE(SMBcopy); return(ERROR(ERRDOS,ERRbadpath)); } if ((flags&(1<<5)) && vfs_directory_exist(conn,name,NULL)) { /* wants a tree copy! XXXX */ DEBUG(3,("Rejecting tree copy\n")); + END_PROFILE(SMBcopy); return(ERROR(ERRSRV,ERRerror)); } @@ -3819,6 +4018,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, count,target_is_directory,&err)) count++; if(!count && err) { errno = err; + END_PROFILE(SMBcopy); return(UNIXERROR(ERRHRD,ERRgeneral)); } if (!count) exists = vfs_file_exist(conn,directory,NULL); @@ -3859,18 +4059,21 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if(err) { /* Error on close... */ errno = err; + END_PROFILE(SMBcopy); return(UNIXERROR(ERRHRD,ERRgeneral)); } - if (exists) + if (exists) { + END_PROFILE(SMBcopy); return(ERROR(ERRDOS,error)); - else + } else { if((errno == ENOENT) && (bad_path1 || bad_path2)) { unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } + END_PROFILE(SMBcopy); return(UNIXERROR(ERRDOS,error)); } } @@ -3878,6 +4081,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,count); + END_PROFILE(SMBcopy); return(outsize); } @@ -3890,10 +4094,13 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int outsize = 0; BOOL ok = False; pstring newdir; + START_PROFILE(pathworks_setdir); snum = SNUM(conn); - if (!CAN_SETDIR(snum)) + if (!CAN_SETDIR(snum)) { + END_PROFILE(pathworks_setdir); return(ERROR(ERRDOS,ERRnoaccess)); + } pstrcpy(newdir,smb_buf(inbuf) + 1); strlower(newdir); @@ -3907,14 +4114,17 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } } - if (!ok) + if (!ok) { + END_PROFILE(pathworks_setdir); return(ERROR(ERRDOS,ERRbadpath)); + } outsize = set_message(outbuf,0,0,True); CVAL(outbuf,smb_reh) = CVAL(inbuf,smb_reh); DEBUG(3,("setdir %s\n", newdir)); + END_PROFILE(pathworks_setdir); return(outsize); } @@ -4026,6 +4236,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, int eclass=0, dummy1; BOOL large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; BOOL err; + START_PROFILE(SMBlockingX); CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); @@ -4050,10 +4261,13 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); /* if this is a pure oplock break request then don't send a reply */ - if (num_locks == 0 && num_ulocks == 0) + if (num_locks == 0 && num_ulocks == 0) { + END_PROFILE(SMBlockingX); return -1; - else + } else { + END_PROFILE(SMBlockingX); return ERROR(ERRDOS,ERRlock); + } } if (remove_oplock(fsp) == False) { @@ -4069,6 +4283,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); if(CVAL(inbuf,smb_vwv0) != 0xff) DEBUG(0,("reply_lockingX: Error : pure oplock break is a chained %d request !\n", (unsigned int)CVAL(inbuf,smb_vwv0) )); + END_PROFILE(SMBlockingX); return -1; } } @@ -4082,14 +4297,18 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); /* * There is no error code marked "stupid client bug".... :-). */ - if(err) + if(err) { + END_PROFILE(SMBlockingX); return ERROR(ERRDOS,ERRnoaccess); + } DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for file %s\n", (double)offset, (double)count, fsp->fsp_name )); - if(!do_unlock(fsp,conn,count,offset, &eclass, &ecode)) + if(!do_unlock(fsp,conn,count,offset, &eclass, &ecode)) { + END_PROFILE(SMBlockingX); return ERROR(eclass,ecode); + } } /* Setup the timeout in seconds. */ @@ -4108,8 +4327,10 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); /* * There is no error code marked "stupid client bug".... :-). */ - if(err) + if(err) { + END_PROFILE(SMBlockingX); return ERROR(ERRDOS,ERRnoaccess); + } DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for file %s\n", (double)offset, (double)count, fsp->fsp_name )); @@ -4122,8 +4343,10 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); * this smb into a queued request and push it * onto the blocking lock queue. */ - if(push_blocking_lock_request(inbuf, length, lock_timeout, i)) + if(push_blocking_lock_request(inbuf, length, lock_timeout, i)) { + END_PROFILE(SMBlockingX); return -1; + } } break; } @@ -4144,11 +4367,14 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); /* * There is no error code marked "stupid client bug".... :-). */ - if(err) + if(err) { + END_PROFILE(SMBlockingX); return ERROR(ERRDOS,ERRnoaccess); + } do_unlock(fsp,conn,count,offset,&dummy1,&dummy2); } + END_PROFILE(SMBlockingX); return ERROR(eclass,ecode); } @@ -4157,6 +4383,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); DEBUG( 3, ( "lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks ) ); + END_PROFILE(SMBlockingX); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -4176,10 +4403,13 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, size_t tcount; int pad; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBreadBmpx); /* this function doesn't seem to work - disable by default */ - if (!lp_readbmpx()) + if (!lp_readbmpx()) { + END_PROFILE(SMBreadBmpx); return(ERROR(ERRSRV,ERRuseSTD)); + } outsize = set_message(outbuf,8,0,True); @@ -4199,9 +4429,11 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, tcount = maxcount; total_read = 0; - if (is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { + END_PROFILE(SMBreadBmpx); return(ERROR(ERRDOS,ERRlock)); - + } + do { size_t N = MIN(max_per_packet,tcount-total_read); @@ -4226,6 +4458,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, } while (total_read < (ssize_t)tcount); + END_PROFILE(SMBreadBmpx); return(-1); } @@ -4244,6 +4477,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int smb_doff; char *data; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBwriteBmpx); CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -4261,16 +4495,20 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, not an SMBwritebmpx - set this up now so we don't forget */ CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) + if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) { + END_PROFILE(SMBwriteBmpx); return(ERROR(ERRDOS,ERRlock)); + } nwritten = write_file(fsp,data,startpos,numtowrite); if(lp_syncalways(SNUM(conn)) || write_through) sync_file(conn,fsp); - if(nwritten < (ssize_t)numtowrite) + if(nwritten < (ssize_t)numtowrite) { + END_PROFILE(SMBwriteBmpx); return(UNIXERROR(ERRHRD,ERRdiskfull)); + } /* If the maximum to be written to this file is greater than what we just wrote then set @@ -4286,6 +4524,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, if(!wbms) { DEBUG(0,("Out of memory in reply_readmpx\n")); + END_PROFILE(SMBwriteBmpx); return(ERROR(ERRSRV,ERRnoresource)); } wbms->wr_mode = write_through; @@ -4318,6 +4557,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, SSVAL(outbuf,smb_vwv0,nwritten); } + END_PROFILE(SMBwriteBmpx); return(outsize); } @@ -4338,6 +4578,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz write_bmpx_struct *wbms; BOOL send_response = False; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBwriteBs); CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); @@ -4355,15 +4596,20 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz /* This fd should have an auxiliary struct attached, check that it does */ wbms = fsp->wbmpx_ptr; - if(!wbms) return(-1); + if(!wbms) { + END_PROFILE(SMBwriteBs); + return(-1); + } /* If write through is set we can return errors, else we must cache them */ write_through = wbms->wr_mode; /* Check for an earlier error */ - if(wbms->wr_discard) + if(wbms->wr_discard) { + END_PROFILE(SMBwriteBs); return -1; /* Just discard the packet */ + } nwritten = write_file(fsp,data,startpos,numtowrite); @@ -4377,8 +4623,10 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz /* We are returning an error - we can delete the aux struct */ if (wbms) free((char *)wbms); fsp->wbmpx_ptr = NULL; + END_PROFILE(SMBwriteBs); return(ERROR(ERRHRD,ERRdiskfull)); } + END_PROFILE(SMBwriteBs); return(CACHE_ERROR(wbms,ERRHRD,ERRdiskfull)); } @@ -4398,9 +4646,12 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz fsp->wbmpx_ptr = NULL; } - if(send_response) + if(send_response) { + END_PROFILE(SMBwriteBs); return(outsize); + } + END_PROFILE(SMBwriteBs); return(-1); } @@ -4414,6 +4665,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, struct utimbuf unix_times; int outsize = 0; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBsetattrE); outsize = set_message(outbuf,0,0,True); @@ -4439,6 +4691,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, dbgtext( "reply_setattrE fnum=%d ", fsp->fnum); dbgtext( "ignoring zero request - not setting timestamps of 0\n" ); } + END_PROFILE(SMBsetattrE); return(outsize); } else if ((unix_times.actime != 0) && (unix_times.modtime == 0)) @@ -4448,12 +4701,15 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, } /* Set the date on this file */ - if(file_utime(conn, fsp->fsp_name, &unix_times)) + if(file_utime(conn, fsp->fsp_name, &unix_times)) { + END_PROFILE(SMBsetattrE); return(ERROR(ERRDOS,ERRnoaccess)); + } DEBUG( 3, ( "reply_setattrE fnum=%d actime=%d modtime=%d\n", fsp->fnum, (int)unix_times.actime, (int)unix_times.modtime ) ); + END_PROFILE(SMBsetattrE); return(outsize); } @@ -4468,6 +4724,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int outsize = 0; int mode; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBgetattrE); outsize = set_message(outbuf,11,0,True); @@ -4475,8 +4732,10 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, CHECK_ERROR(fsp); /* Do an fstat on this file */ - if(fsp->conn->vfs_ops.fstat(fsp->fd, &sbuf)) + if(vfs_fstat(fsp,fsp->fd, &sbuf)) { + END_PROFILE(SMBgetattrE); return(UNIXERROR(ERRDOS,ERRnoaccess)); + } mode = dos_mode(conn,fsp->fsp_name,&sbuf); @@ -4500,6 +4759,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum)); + END_PROFILE(SMBgetattrE); return(outsize); } #undef OLD_NTDOMAIN -- cgit From ba00796e6dd13b87b7988a98e532676d9eab702c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 6 Oct 2000 18:13:52 +0000 Subject: Herb's warning fixes. Also the POSIX locking fix. We now use our own vfs layer to do get/set acl calls (hurrah!). Jeremy. (This used to be commit dfe77c7046cbd65ee52aea7439f21503c1eac41d) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e64875a805..fd4ff23461 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1034,7 +1034,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL ok = False; BOOL bad_path = False; SMB_STRUCT_STAT st; - START_PROFILE(SMBchkpth_count); + START_PROFILE(SMBchkpth); pstrcpy(name,smb_buf(inbuf) + 1); -- cgit From 11d999f2bc0c841696bc3ea1ddda48524242482c Mon Sep 17 00:00:00 2001 From: Jean-François Micouleau Date: Tue, 10 Oct 2000 13:08:55 +0000 Subject: a netlogon enum trust query doesn't have a function_code at end. a sam_user_info_24 doesn't have a uint16 at end samr_create_user also creates the unix account now samr_set_userinfo changes the password. J.F. (This used to be commit 94f4024481fcd0cb6647af1bd4364033be020641) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fd4ff23461..efd18799a2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -494,7 +494,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out Create a UNIX user on demand. ****************************************************************************/ -static int smb_create_user(char *unix_user) +int smb_create_user(char *unix_user) { pstring add_script; int ret; -- cgit From abf055046fe70842badc2a1904f2cd6966bafbf4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 19 Oct 2000 02:58:24 +0000 Subject: Ok - this is a big patch - and it may break smbd a bit (although I hope not). If you encounter strange file-serving behavior after this patch then back it out. I analysed our stat() usage and realised we were doing approx. 3 stat calls per open, and 2 per getattr/setattr. This patch should fix all that. It causes the stat struct returned from unix_convert() (which now *must* be passed a valid SMB_STRUCT_STAT pointer) to be passed through into the open code. This should prevent the multiple stats that were being done so as not to violate layer encapsulation in the API's. Herb - if you could run a NetBench test with this code and do a padc/par syscall test and also run with the current 2.2.0 code and test the padc/par syscalls I'd appreciate it - you should find the number of stat calls reduced - not sure by how much. The patch depends on unix_convert() actually finding the file and returning a stat struct, or returning a zero'd out stat struct if the file didn't exist. I believe we can guarentee this to be the case - I just wasn't confident enough to make this an assertion before. Ok ok - I did write this whilst at the Miami conference..... sometimes you get a little free time at these things :-). Jeremy. (This used to be commit 66a5c05ec46b641224fbe01b30bd7e83571a2a1b) --- source3/smbd/reply.c | 107 +++++++++++++++++++++++++-------------------------- 1 file changed, 52 insertions(+), 55 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index efd18799a2..4fd9f9c42d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1033,22 +1033,20 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstring name; BOOL ok = False; BOOL bad_path = False; - SMB_STRUCT_STAT st; + SMB_STRUCT_STAT sbuf; START_PROFILE(SMBchkpth); pstrcpy(name,smb_buf(inbuf) + 1); RESOLVE_DFSPATH(name, conn, inbuf, outbuf); - unix_convert(name,conn,0,&bad_path,&st); + unix_convert(name,conn,0,&bad_path,&sbuf); mode = SVAL(inbuf,smb_vwv0); if (check_name(name,conn)) { - if(VALID_STAT(st)) - ok = S_ISDIR(st.st_mode); - else - ok = vfs_directory_exist(conn,name,NULL); + if(VALID_STAT(sbuf)) + ok = S_ISDIR(sbuf.st_mode); } if (!ok) @@ -1182,17 +1180,17 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL ok=False; int mode; time_t mtime; - SMB_STRUCT_STAT st; + SMB_STRUCT_STAT sbuf; BOOL bad_path = False; START_PROFILE(SMBsetatr); pstrcpy(fname,smb_buf(inbuf) + 1); - unix_convert(fname,conn,0,&bad_path,&st); + unix_convert(fname,conn,0,&bad_path,&sbuf); mode = SVAL(inbuf,smb_vwv0); mtime = make_unix_date3(inbuf+smb_vwv1); - if (VALID_STAT_OF_DIR(st) || vfs_directory_exist(conn, fname, NULL)) + if (VALID_STAT_OF_DIR(sbuf)) mode |= aDIR; if (check_name(fname,conn)) ok = (file_chmod(conn,fname,mode,NULL) == 0); @@ -1292,11 +1290,12 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (status_len == 0) { + SMB_STRUCT_STAT sbuf; pstring dir2; pstrcpy(directory,smb_buf(inbuf)+1); pstrcpy(dir2,smb_buf(inbuf)+1); - unix_convert(directory,conn,0,&bad_path,NULL); + unix_convert(directory,conn,0,&bad_path,&sbuf); unix_format(dir2); if (!check_name(directory,conn)) @@ -1517,11 +1516,11 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - unix_convert(fname,conn,0,&bad_path,NULL); + unix_convert(fname,conn,0,&bad_path,&sbuf); unixmode = unix_mode(conn,aARCH,fname); - fsp = open_file_shared(conn,fname,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), + fsp = open_file_shared(conn,fname,&sbuf,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), unixmode, oplock_request,&rmode,NULL); if (!fsp) @@ -1535,12 +1534,6 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (vfs_fstat(fsp,fsp->fd,&sbuf) != 0) { - close_file(fsp,False); - END_PROFILE(SMBopen); - return(ERROR(ERRDOS,ERRnoaccess)); - } - size = sbuf.st_size; fmode = dos_mode(conn,fname,&sbuf); mtime = sbuf.st_mtime; @@ -1618,11 +1611,11 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - unix_convert(fname,conn,0,&bad_path,NULL); + unix_convert(fname,conn,0,&bad_path,&sbuf); unixmode = unix_mode(conn,smb_attr | aARCH, fname); - fsp = open_file_shared(conn,fname,smb_mode,smb_ofun,unixmode, + fsp = open_file_shared(conn,fname,&sbuf,smb_mode,smb_ofun,unixmode, oplock_request, &rmode,&smb_action); if (!fsp) @@ -1636,12 +1629,6 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if (vfs_fstat(fsp,fsp->fd,&sbuf) != 0) { - close_file(fsp,False); - END_PROFILE(SMBopenX); - return(ERROR(ERRDOS,ERRnoaccess)); - } - size = sbuf.st_size; fmode = dos_mode(conn,fname,&sbuf); mtime = sbuf.st_mtime; @@ -1737,6 +1724,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + SMB_STRUCT_STAT sbuf; START_PROFILE(SMBcreate); com = SVAL(inbuf,smb_com); @@ -1746,12 +1734,11 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - unix_convert(fname,conn,0,&bad_path,NULL); + unix_convert(fname,conn,0,&bad_path,&sbuf); - if (createmode & aVOLID) - { + if (createmode & aVOLID) { DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname)); - } + } unixmode = unix_mode(conn,createmode,fname); @@ -1767,7 +1754,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } /* Open file in dos compatibility share mode. */ - fsp = open_file_shared(conn,fname,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + fsp = open_file_shared(conn,fname,&sbuf,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), ofun, unixmode, oplock_request, NULL, NULL); if (!fsp) @@ -1813,23 +1800,27 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + SMB_STRUCT_STAT sbuf; START_PROFILE(SMBctemp); - + createmode = SVAL(inbuf,smb_vwv0); pstrcpy(fname,smb_buf(inbuf)+1); pstrcat(fname,"/TMXXXXXX"); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - unix_convert(fname,conn,0,&bad_path,NULL); + unix_convert(fname,conn,0,&bad_path,&sbuf); unixmode = unix_mode(conn,createmode,fname); pstrcpy(fname2,(char *)smbd_mktemp(fname)); + /* This file should not exist. */ + ZERO_STRUCT(sbuf); + vfs_stat(conn,fname2,&sbuf); /* Open file in dos compatibility share mode. */ /* We should fail if file exists. */ - fsp = open_file_shared(conn,fname2,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + fsp = open_file_shared(conn,fname2,&sbuf,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), (FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_FAIL), unixmode, oplock_request, NULL, NULL); if (!fsp) @@ -1904,6 +1895,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL exists=False; BOOL bad_path = False; BOOL rc = True; + SMB_STRUCT_STAT sbuf; START_PROFILE(SMBunlink); *directory = *mask = 0; @@ -1916,7 +1908,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(3,("reply_unlink : %s\n",name)); - rc = unix_convert(name,conn,0,&bad_path,NULL); + rc = unix_convert(name,conn,0,&bad_path,&sbuf); p = strrchr(name,'/'); if (!p) { @@ -1948,7 +1940,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (can_delete(directory,conn,dirtype) && !vfs_unlink(conn,directory)) count++; if (!count) - exists = vfs_file_exist(conn,directory,NULL); + exists = vfs_file_exist(conn,directory,&sbuf); } else { void *dirptr = NULL; char *dname; @@ -3281,9 +3273,10 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ int mkdir_internal(connection_struct *conn, char *inbuf, char *outbuf, pstring directory) { BOOL bad_path = False; + SMB_STRUCT_STAT sbuf; int ret= -1; - unix_convert(directory,conn,0,&bad_path,NULL); + unix_convert(directory,conn,0,&bad_path,&sbuf); if (check_name(directory, conn)) ret = vfs_mkdir(conn,directory,unix_mode(conn,aDIR,directory)); @@ -3482,13 +3475,14 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int outsize = 0; BOOL ok = False; BOOL bad_path = False; + SMB_STRUCT_STAT sbuf; START_PROFILE(SMBrmdir); pstrcpy(directory,smb_buf(inbuf) + 1); RESOLVE_DFSPATH(directory, conn, inbuf, outbuf) - unix_convert(directory,conn, NULL,&bad_path,NULL); + unix_convert(directory,conn, NULL,&bad_path,&sbuf); if (check_name(directory,conn)) { @@ -3614,12 +3608,13 @@ int rename_internals(connection_struct *conn, int error = ERRnoaccess; BOOL exists=False; BOOL rc = True; - pstring zdirectory; + SMB_STRUCT_STAT sbuf1, sbuf2; + pstring zdirectory; *directory = *mask = 0; - rc = unix_convert(name,conn,0,&bad_path1,NULL); - unix_convert(newname,conn,newname_last_component,&bad_path2,NULL); + rc = unix_convert(name,conn,0,&bad_path1,&sbuf1); + unix_convert(newname,conn,newname_last_component,&bad_path2,&sbuf2); /* * Split the old name into directory and last component @@ -3855,7 +3850,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, int count,BOOL target_is_directory, int *err_ret) { int Access,action; - SMB_STRUCT_STAT st; + SMB_STRUCT_STAT src_sbuf, sbuf2; SMB_OFF_T ret=-1; files_struct *fsp1,*fsp2; pstring dest; @@ -3873,10 +3868,10 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, pstrcat(dest,p); } - if (!vfs_file_exist(conn,src,&st)) + if (!vfs_file_exist(conn,src,&src_sbuf)) return(False); - fsp1 = open_file_shared(conn,src,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_RDONLY), + fsp1 = open_file_shared(conn,src,&src_sbuf,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_RDONLY), (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN),0,0,&Access,&action); if (!fsp1) { @@ -3884,10 +3879,11 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if (!target_is_directory && count) - ofun = 1; + ofun = FILE_EXISTS_OPEN; - fsp2 = open_file_shared(conn,dest,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), - ofun,st.st_mode,0,&Access,&action); + vfs_stat(conn,dest,&sbuf2); + fsp2 = open_file_shared(conn,dest,&sbuf2,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), + ofun,src_sbuf.st_mode,0,&Access,&action); if (!fsp2) { close_file(fsp1,False); @@ -3902,12 +3898,12 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, * Stop the copy from occurring. */ ret = -1; - st.st_size = 0; + src_sbuf.st_size = 0; } } - if (st.st_size) - ret = vfs_transfer_file(-1, fsp1, -1, fsp2, st.st_size, NULL, 0, 0); + if (src_sbuf.st_size) + ret = vfs_transfer_file(-1, fsp1, -1, fsp2, src_sbuf.st_size, NULL, 0, 0); close_file(fsp1,False); /* @@ -3918,7 +3914,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, */ *err_ret = close_file(fsp2,False); - return(ret == (SMB_OFF_T)st.st_size); + return(ret == (SMB_OFF_T)src_sbuf.st_size); } @@ -3945,6 +3941,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path1 = False; BOOL bad_path2 = False; BOOL rc = True; + SMB_STRUCT_STAT sbuf1, sbuf2; START_PROFILE(SMBcopy); *directory = *mask = 0; @@ -3964,10 +3961,10 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(name, conn, inbuf, outbuf); RESOLVE_DFSPATH(newname, conn, inbuf, outbuf); - rc = unix_convert(name,conn,0,&bad_path1,NULL); - unix_convert(newname,conn,0,&bad_path2,NULL); + rc = unix_convert(name,conn,0,&bad_path1,&sbuf1); + unix_convert(newname,conn,0,&bad_path2,&sbuf2); - target_is_directory = vfs_directory_exist(conn,False,NULL); + target_is_directory = VALID_STAT_OF_DIR(sbuf2); if ((flags&1) && target_is_directory) { END_PROFILE(SMBcopy); @@ -3979,7 +3976,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(ERROR(ERRDOS,ERRbadpath)); } - if ((flags&(1<<5)) && vfs_directory_exist(conn,name,NULL)) { + if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) { /* wants a tree copy! XXXX */ DEBUG(3,("Rejecting tree copy\n")); END_PROFILE(SMBcopy); -- cgit From 9fede0dc0dbad51528cd1384023d24549c3f0ba4 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 13 Nov 2000 23:03:34 +0000 Subject: Large commit which restructures the local password storage API. Currently the only backend which works is smbpasswd (tdb, LDAP, and NIS+) are broken, but they were somewhat broken before. :) The following functions implement the storage manipulation interface /*The following definitions come from passdb/pdb_smbpasswd.c */ BOOL pdb_setsampwent (BOOL update); void pdb_endsampwent (void); SAM_ACCOUNT* pdb_getsampwent (void); SAM_ACCOUNT* pdb_getsampwnam (char *username); SAM_ACCOUNT* pdb_getsampwuid (uid_t uid); SAM_ACCOUNT* pdb_getsampwrid (uint32 rid); BOOL pdb_add_sam_account (SAM_ACCOUNT *sampass); BOOL pdb_update_sam_account (SAM_ACCOUNT *sampass, BOOL override); BOOL pdb_delete_sam_account (char* username); There is also a host of pdb_set..() and pdb_get..() functions for manipulating SAM_ACCOUNT struct members. Note that the struct passdb_ops {} has gone away. Also notice that struct smb_passwd (formally in smb.h) has been moved to passdb/pdb_smbpasswd.c and is not accessed outisde of static internal functions in this file. All local password searches should make use of the the SAM_ACCOUNT struct and the previously mentioned functions. I'll write some documentation for this later. The next step is to fix the TDB passdb backend, then work on spliting the backends out into share libraries, and finally get the LDAP backend going. What works and may not: o domain logons from Win9x works o domain logons from WinNT 4 works o user and group enumeration as implemented by Tim works o file and print access works o changing password from Win9x & NT ummm...i'll fix this tonight :) If I broke anything else, just yell and I'll fix it. I think it should be fairly quite. -- jerry (This used to be commit 0b92d0838ebdbe24f34f17e313ecbf61a0301389) --- source3/smbd/reply.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4fd9f9c42d..fa8aa11277 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -439,16 +439,19 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out char *smb_passwd, int smb_passlen, char *smb_nt_passwd, int smb_nt_passlen) { - struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ + /* check if trust account exists */ + SAM_ACCOUNT *sam_trust_acct = NULL; + uint16 acct_ctrl; + if (lp_security() == SEC_USER) { - smb_trust_acct = getsmbpwnam(user); + sam_trust_acct = pdb_getsampwnam(user); } else { DEBUG(0,("session_trust_account: Trust account %s only supported with security = user\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } - if (smb_trust_acct == NULL) { + if (sam_trust_acct == NULL) { /* lkclXXXX: workstation entry doesn't exist */ DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); @@ -460,25 +463,26 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(smb_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { + if (!smb_password_ok(sam_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } - if (smb_trust_acct->acct_ctrl & ACB_DOMTRUST) { + acct_ctrl = pdb_get_acct_ctrl(sam_trust_acct); + if (acct_ctrl & ACB_DOMTRUST) { DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); } - if (smb_trust_acct->acct_ctrl & ACB_SVRTRUST) { + if (acct_ctrl & ACB_SVRTRUST) { DEBUG(0,("session_trust_account: Server trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); } - if (smb_trust_acct->acct_ctrl & ACB_WSTRUST) { + if (acct_ctrl & ACB_WSTRUST) { DEBUG(4,("session_trust_account: Wksta trust account %s denied by server\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)); -- cgit From 4bce271e4fe239a8b4aac2bb65a52165d68d8ea5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 14 Nov 2000 21:56:32 +0000 Subject: Merge from appliance head of JR's changes for driver versioning. Jeremy. (This used to be commit cdbd2e99775642dc2e92004be9014bf38a92d80f) --- source3/smbd/reply.c | 65 +++++++++++++++++++++++++++++++++------------------- 1 file changed, 42 insertions(+), 23 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fa8aa11277..0b3b5bbe27 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1882,14 +1882,13 @@ static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) } /**************************************************************************** - Reply to a unlink + The guts of the unlink command, split out so it may be called by the NT SMB + code. ****************************************************************************/ -int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int unlink_internals(connection_struct *conn, char *inbuf,char *outbuf, + int dirtype, char *name) { - int outsize = 0; - pstring name; - int dirtype; pstring directory; pstring mask; char *p; @@ -1900,18 +1899,9 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL bad_path = False; BOOL rc = True; SMB_STRUCT_STAT sbuf; - START_PROFILE(SMBunlink); *directory = *mask = 0; - dirtype = SVAL(inbuf,smb_vwv0); - - pstrcpy(name,smb_buf(inbuf) + 1); - - RESOLVE_DFSPATH(name, conn, inbuf, outbuf); - - DEBUG(3,("reply_unlink : %s\n",name)); - rc = unix_convert(name,conn,0,&bad_path,&sbuf); p = strrchr(name,'/'); @@ -1975,29 +1965,58 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); if (!can_delete(fname,conn,dirtype)) continue; if (!vfs_unlink(conn,fname)) count++; - DEBUG(3,("reply_unlink : doing unlink on %s\n",fname)); + DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } CloseDir(dirptr); } } if (count == 0) { - if (exists) { - END_PROFILE(SMBunlink); + if (exists) return(ERROR(ERRDOS,error)); - } else - { - if((errno == ENOENT) && bad_path) - { + else { + if((errno == ENOENT) && bad_path) { unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } - END_PROFILE(SMBunlink); return(UNIXERROR(ERRDOS,error)); } } + return 0; +} + +/**************************************************************************** + Reply to a unlink +****************************************************************************/ + +int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +{ + int outsize = 0; + pstring name; + int dirtype; + START_PROFILE(SMBunlink); + + dirtype = SVAL(inbuf,smb_vwv0); + + pstrcpy(name,smb_buf(inbuf) + 1); + + RESOLVE_DFSPATH(name, conn, inbuf, outbuf); + + DEBUG(3,("reply_unlink : %s\n",name)); + + outsize = unlink_internals(conn, inbuf, outbuf, dirtype, name); + if(outsize == 0) { + + /* + * Win2k needs a changenotify request response before it will + * update after a rename.. + */ + + process_pending_change_notify_queue((time_t)0); + outsize = set_message(outbuf,0,0,True); + } END_PROFILE(SMBunlink); return(outsize); @@ -3589,7 +3608,6 @@ static BOOL can_rename(char *fname,connection_struct *conn) if (conn->vfs_ops.lstat(conn,dos_to_unix(fname,False),&sbuf) != 0) return(False); if (!check_file_sharing(conn,fname,True)) return(False); - return(True); } @@ -3718,6 +3736,7 @@ int rename_internals(connection_struct *conn, * file with the same name so don't check for * vfs_file_exist(). */ + if(resolve_wildcards(directory,newname) && can_rename(directory,conn) && !conn->vfs_ops.rename(conn,zdirectory, -- cgit From 6f58dd587124c8b85fc62177b26129aaea5819b0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 16 Nov 2000 00:59:18 +0000 Subject: Ok - fixed a bug in our levelII oplock code. We need to break a level II on a byte range lock (write lock only, but Win2k breaks on read lock also so I do the same) - if you think about why, this is obvious. Also fixed our client code to do level II oplocks, if requested, and fixed the code where we would assume the client wanted level II if it advertised itself as being level II capable - it may not want that. Jeremy. (This used to be commit 213cd0b5192307cd4b0026cae94b2f52fb1b0c02) --- source3/smbd/reply.c | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0b3b5bbe27..dd53eb46e7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2192,6 +2192,8 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length CHECK_READ(fsp); CHECK_ERROR(fsp); + release_level_2_oplocks_on_change(fsp); + numtoread = SVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv2); @@ -2572,8 +2574,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d zero then the file size should be extended or truncated to the size given in smb_vwv[2-3] */ if(numtowrite == 0) { - if((nwritten = set_filelen(fsp->fd, (SMB_OFF_T)startpos)) >= 0) /* tpot vfs */ - set_filelen_write_cache(fsp, startpos); + nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos); } else nwritten = write_file(fsp,data,startpos,numtowrite); @@ -2989,6 +2990,8 @@ int reply_lock(connection_struct *conn, CHECK_FSP(fsp,conn); CHECK_ERROR(fsp); + release_level_2_oplocks_on_change(fsp); + count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1); offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); @@ -4243,9 +4246,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, { files_struct *fsp = file_fsp(inbuf,smb_vwv2); unsigned char locktype = CVAL(inbuf,smb_vwv3); -#if 0 unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1); -#endif uint16 num_ulocks = SVAL(inbuf,smb_vwv6); uint16 num_locks = SVAL(inbuf,smb_vwv7); SMB_BIG_UINT count = 0, offset = 0; @@ -4268,8 +4269,11 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, */ if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) { - DEBUG(5,("reply_lockingX: oplock break reply from client for fnum = %d\n", - fsp->fnum)); + /* Client can insist on breaking to none. */ + BOOL break_to_none = (oplocklevel == 0); + + DEBUG(5,("reply_lockingX: oplock break reply (%u) from client for fnum = %d\n", + fsp->fnum, (unsigned int)oplocklevel )); /* * Make sure we have granted an exclusive or batch oplock on this file. @@ -4290,7 +4294,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); } } - if (remove_oplock(fsp) == False) { + if (remove_oplock(fsp, break_to_none) == False) { DEBUG(0,("reply_lockingX: error in removing oplock on file %s\n", fsp->fsp_name )); } @@ -4308,6 +4312,13 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); } } + /* + * We do this check *after* we have checked this is not a oplock break + * response message. JRA. + */ + + release_level_2_oplocks_on_change(fsp); + /* Data now points at the beginning of the list of smb_unlkrng structs */ for(i = 0; i < (int)num_ulocks; i++) { -- cgit From 7254a66e00f47578ebcb207368a7e33dede31c22 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 21 Nov 2000 22:37:03 +0000 Subject: Don't forget to convert into UNIX character set before calling winbindd. Jeremy. (This used to be commit 00cd72c385f1e5d075dbacf834b68769b5ac38f3) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index dd53eb46e7..5942d63206 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -863,7 +863,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int that */ if (!getpwnam(user)) { pstring user2; - slprintf(user2,sizeof(user2),"%s%s%s", domain, lp_winbind_separator(), user); + slprintf(user2,sizeof(user2),"%s%s%s", dos_to_unix(domain,False), lp_winbind_separator(), user); if (getpwnam(user2)) { DEBUG(3,("Using unix username %s\n", user2)); pstrcpy(user, user2); -- cgit From 71acf4cd1f80b1c8cb78aa0f36cc23d185c7fac3 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 12 Dec 2000 00:05:02 +0000 Subject: Extra part of fix that Gerald missed (sorry). Jeremy. (This used to be commit ebf754400f443452948020d68e29f597f1b2d60c) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5942d63206..59a94964fb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1049,7 +1049,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size mode = SVAL(inbuf,smb_vwv0); if (check_name(name,conn)) { - if(VALID_STAT(sbuf)) + if (VALID_STAT(sbuf) || vfs_stat(conn,name,&sbuf) == 0) ok = S_ISDIR(sbuf.st_mode); } -- cgit From adb91565b5ec81ebb9e0d57b7d91fbd9da410aa3 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 11 Jan 2001 18:38:55 +0000 Subject: rpc_server/srv_samr.c: smbd/reply.c: Added fix needed for appliances. When using winbindd - a new user may exist (from winbind) but have no home directory. Extend add user script so it is called with a %H substitution when a user exists but their home directory does not. Thanks to Alex Win at VA Linux for finding this one and testing the fix. libsmb/clidgram.c: Fixed missing return statements. smbd/uid.c: Fixed typo in debug. Jeremy. (This used to be commit 7ba0a2192b89954604dd793c537b4a17c2d1ac07) --- source3/smbd/reply.c | 42 +++++++++++++++++++++++++++++++++++++----- 1 file changed, 37 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 59a94964fb..7738f2594f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -498,7 +498,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out Create a UNIX user on demand. ****************************************************************************/ -int smb_create_user(char *unix_user) +int smb_create_user(char *unix_user, char *homedir) { pstring add_script; int ret; @@ -506,6 +506,8 @@ int smb_create_user(char *unix_user) pstrcpy(add_script, lp_adduser_script()); if (! *add_script) return -1; pstring_sub(add_script, "%u", unix_user); + if (homedir) + pstring_sub(add_script, "%H", homedir); ret = smbrun(add_script,NULL,False); DEBUG(3,("smb_create_user: Running the command `%s' gave %d\n",add_script,ret)); return ret; @@ -569,6 +571,8 @@ static BOOL check_server_security(char *orig_user, char *domain, char *unix_user smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen); if(ret) { + struct passwd *pwd; + /* * User validated ok against Domain controller. * If the admin wants us to try and create a UNIX @@ -577,8 +581,21 @@ static BOOL check_server_security(char *orig_user, char *domain, char *unix_user * level security as we never know if it was a failure * due to a bad password, or the user really doesn't exist. */ - if(lp_adduser_script() && !smb_getpwnam(unix_user,True)) { - smb_create_user(unix_user); + if(lp_adduser_script() && !(pwd = smb_getpwnam(unix_user,True))) { + smb_create_user(unix_user, NULL); + } + + if(lp_adduser_script() && pwd) { + SMB_STRUCT_STAT st; + + /* + * Also call smb_create_user if the users home directory + * doesn't exist. Used with winbindd to allow the script to + * create the home directory for a user mapped with winbindd. + */ + + if (pwd->pw_shell && (sys_stat(pwd->pw_dir, &st) == -1) && (errno == ENOENT)) + smb_create_user(unix_user, pwd->pw_dir); } } @@ -595,6 +612,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user { BOOL ret = False; BOOL user_exists = True; + struct passwd *pwd; if(lp_security() != SEC_DOMAIN) return False; @@ -613,9 +631,23 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user * If the admin wants us to try and create a UNIX * user on the fly, do so. */ - if(user_exists && lp_adduser_script() && !smb_getpwnam(unix_user,True)) { - smb_create_user(unix_user); + if(user_exists && lp_adduser_script() && !(pwd = smb_getpwnam(unix_user,True))) { + smb_create_user(unix_user, NULL); } + + if(lp_adduser_script() && pwd) { + SMB_STRUCT_STAT st; + + /* + * Also call smb_create_user if the users home directory + * doesn't exist. Used with winbindd to allow the script to + * create the home directory for a user mapped with winbindd. + */ + + if (pwd->pw_shell && (sys_stat(pwd->pw_dir, &st) == -1) && (errno == ENOENT)) + smb_create_user(unix_user, pwd->pw_dir); + } + } else { /* * User failed to validate ok against Domain controller. -- cgit From 2f7c1db093504a9798cdfd9c5d08a259cb4abc46 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 23 Jan 2001 01:52:30 +0000 Subject: include/vfs.h: smbd/vfs-wrap.c: smbd/vfs.c: Added fchmod_acl and chmod_acl. lib/substitute.c: smbd/lanman.c: smbd/open.c: smbd/process.c: smbd/reply.c: smbd/service.c: Removed sessetup_user variable. Added current_user_info struct which conatins domain info etc. Added '%D' for client domain parameter. Jeremy. (This used to be commit 2844ec3d511680609d6794b8718001a1bda9e89f) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7738f2594f..624dc59084 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -36,7 +36,7 @@ extern char magic_char; extern BOOL case_sensitive; extern BOOL case_preserve; extern BOOL short_case_preserve; -extern pstring sesssetup_user; +extern userdom_struct current_user_info; extern pstring global_myname; extern fstring global_myworkgroup; extern int global_oplock_break; @@ -879,7 +879,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int guest = True; } - pstrcpy(sesssetup_user,user); + pstrcpy(current_user_info.smb_name,user); reload_services(True); @@ -1042,7 +1042,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - sess_vuid = register_vuid(uid,gid,user,sesssetup_user,domain,guest); + sess_vuid = register_vuid(uid,gid,user,current_user_info.smb_name,domain,guest); SSVAL(outbuf,smb_uid,sess_vuid); SSVAL(inbuf,smb_uid,sess_vuid); -- cgit From 42571a656f458d9a60850d08202b8daebdcb0bc1 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 23 Jan 2001 22:13:41 +0000 Subject: only add the service name and client machine name to list of users names for a session when in share mode security --jerry (This used to be commit 22d6c2c163dd578365bff85ef95abfa59fe356ea) --- source3/smbd/reply.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 624dc59084..dc604cf49b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -115,7 +115,12 @@ int reply_special(char *inbuf,char *outbuf) break; } - add_session_user(remote_machine); + /* only add the client's machine name to the list + of possibly valid usernames if we are operating + in share mode security */ + if (lp_security() == SEC_SHARE) { + add_session_user(remote_machine); + } reload_services(True); reopen_logs(); -- cgit From 24f8e973b210bbf5b79ac27f0a0e519c7dfe9354 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 24 Jan 2001 19:34:53 +0000 Subject: smbd/process.c: & type with 0xff for paranioa sake... smbd/reply.c smbd/service.c: cause all "add home service" calls to go through a winbindd aware function. Jeremy. (This used to be commit a72d12e992e2755e925032aef1aa99be74bf6652) --- source3/smbd/reply.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index dc604cf49b..b24ec7a944 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1005,10 +1005,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!strequal(user,lp_guestaccount(-1)) && lp_servicenumber(user) < 0) { - int homes = lp_servicenumber(HOMES_NAME); - char *home = get_user_home_dir(user); - if (homes >= 0 && home) - lp_add_home(user,homes,home); + add_home_service(user,get_user_home_dir(user)); } -- cgit From 94fc44a93c46cece9b9fa947bff62087dbcd89fa Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 12 Feb 2001 16:18:02 +0000 Subject: Merge of JohnR's changes to appliance-head, JF's changes to 2.2, updated the POSIX_ACL code to be in sync. Jeremy. (This used to be commit c0517d6f4e3079feca1309fd1ea7b21e83f0de02) --- source3/smbd/reply.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b24ec7a944..2d205543fb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -510,9 +510,9 @@ int smb_create_user(char *unix_user, char *homedir) pstrcpy(add_script, lp_adduser_script()); if (! *add_script) return -1; - pstring_sub(add_script, "%u", unix_user); + all_string_sub(add_script, "%u", unix_user, sizeof(pstring)); if (homedir) - pstring_sub(add_script, "%H", homedir); + all_string_sub(add_script, "%H", homedir, sizeof(pstring)); ret = smbrun(add_script,NULL,False); DEBUG(3,("smb_create_user: Running the command `%s' gave %d\n",add_script,ret)); return ret; @@ -529,7 +529,7 @@ static int smb_delete_user(char *unix_user) pstrcpy(del_script, lp_deluser_script()); if (! *del_script) return -1; - pstring_sub(del_script, "%u", unix_user); + all_string_sub(del_script, "%u", unix_user, sizeof(pstring)); ret = smbrun(del_script,NULL,False); DEBUG(3,("smb_delete_user: Running the command `%s' gave %d\n",del_script,ret)); return ret; @@ -898,10 +898,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* if the username exists as a domain/username pair on the unix system then use that */ - if (!getpwnam(user)) { + if (!sys_getpwnam(user)) { pstring user2; slprintf(user2,sizeof(user2),"%s%s%s", dos_to_unix(domain,False), lp_winbind_separator(), user); - if (getpwnam(user2)) { + if (sys_getpwnam(user2)) { DEBUG(3,("Using unix username %s\n", user2)); pstrcpy(user, user2); } -- cgit From 64172d82fcf1762a8bc938282919f9e3bd39675d Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 14 Feb 2001 05:34:50 +0000 Subject: Merge of i18n fixes from appliance branch. Samba can now talk to a network with a PDC that has international netbios name and domain name. There's still quite a bit of i18n stuff to fix though... (This used to be commit 79045bd72ace9144e7dd73785b1d10a71b0d15aa) --- source3/smbd/reply.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2d205543fb..e1feb921f5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -900,7 +900,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int that */ if (!sys_getpwnam(user)) { pstring user2; - slprintf(user2,sizeof(user2),"%s%s%s", dos_to_unix(domain,False), lp_winbind_separator(), user); + + slprintf(user2,sizeof(user2),"%s%s%s", dos_to_unix(domain,False), + lp_winbind_separator(), user); + if (sys_getpwnam(user2)) { DEBUG(3,("Using unix username %s\n", user2)); pstrcpy(user, user2); @@ -1018,7 +1021,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int p = smb_buf(outbuf); pstrcpy(p,"Unix"); p = skip_string(p,1); pstrcpy(p,"Samba "); pstrcat(p,VERSION); p = skip_string(p,1); - pstrcpy(p,global_myworkgroup); p = skip_string(p,1); + pstrcpy(p,global_myworkgroup); unix_to_dos(p, True); p = skip_string(p,1); set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); /* perhaps grab OS version here?? */ } -- cgit From 62dc55a43295e9e3abd9da13148b322b3aa89917 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 16 Feb 2001 00:24:43 +0000 Subject: configure configure.in smbd/posix_acls.c smbd/dosmode.c: Fix for zero permission W2K profiles. libsmb/cliconnect.c rpc_client/cli_login.c smbd/reply.c: codepage fixes from Tim. Jeremy. (This used to be commit 3ded1e6bd5f79948e437ce5b1799705945f36ad2) --- source3/smbd/reply.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e1feb921f5..402f9db754 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -837,17 +837,16 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int fstrcpy(user,p); p = skip_string(p,1); /* - * Incoming user is in DOS codepage format. Convert + * Incoming user and domain are in DOS codepage format. Convert * to UNIX. */ dos_to_unix(user,True); domain = p; - + dos_to_unix(domain, True); DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", domain,skip_string(p,1),skip_string(p,2))); } - DEBUG(3,("sesssetupX:name=[%s]\n",user)); /* If name ends in $ then I think it's asking about whether a */ -- cgit From 0bfc10011bd5cacecda8b59c36e80f676e5c7fa3 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 9 Mar 2001 18:59:16 +0000 Subject: merge of 'lanman auth' and 'min protocol' from 2.2 (This used to be commit 1d84da779a0fe3219d77686a493d2b2fa1f8072a) --- source3/smbd/reply.c | 33 ++++++++++++++++++++++----------- 1 file changed, 22 insertions(+), 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 402f9db754..4e87782a48 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -700,6 +700,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int int smb_ntpasslen = 0; pstring smb_ntpasswd; BOOL valid_nt_password = False; + BOOL valid_lm_password = False; pstring user; pstring orig_user; BOOL guest=False; @@ -935,15 +936,11 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int * security=domain. */ - if (!guest && - !check_server_security(orig_user, domain, user, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen) && - !check_domain_security(orig_user, domain, user, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen) && - !check_hosts_equiv(user) - ) + if (!guest && !check_server_security(orig_user, domain, user, + smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen) && + !check_domain_security(orig_user, domain, user, smb_apasswd, + smb_apasslen, smb_ntpasswd, smb_ntpasslen) && + !check_hosts_equiv(user)) { /* @@ -959,12 +956,26 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if(smb_ntpasslen) { if(!password_ok(user, smb_ntpasswd,smb_ntpasslen,NULL)) - DEBUG(2,("NT Password did not match for user '%s' ! Defaulting to Lanman\n", user)); + DEBUG(2,("NT Password did not match for user '%s'!\n", user)); else valid_nt_password = True; } + + + /* check the LanMan password only if necessary and if allowed + by lp_lanman_auth() */ + if (!valid_nt_password && lp_lanman_auth()) + { + DEBUG(2,("Defaulting to Lanman password for %s\n", user)); + valid_lm_password = password_ok(user, smb_apasswd,smb_apasslen,NULL); + } + - if (!valid_nt_password && !password_ok(user, smb_apasswd,smb_apasslen,NULL)) + /* The true branch will be executed if + (1) the NT password failed (or was not tried), and + (2) LanMan authentication failed (or was disabled) + */ + if (!valid_nt_password && !valid_lm_password) { if (lp_security() >= SEC_USER) { -- cgit From b08b70faf873455ff14dcd633a7c9eb860ba4b28 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 10 Mar 2001 11:38:27 +0000 Subject: started support for unicode on the wire in smbd. Using a very similar method to what was used in the client I now have session setup and tconx working. Currently this is enabled with SMBD_USE_UNICODE environment variable. Once the code is complete this will become a smb.conf option. (This used to be commit 7684c1e67294266d018c6f0cab58f1a9d797174f) --- source3/smbd/reply.c | 69 +++++++++++++++++++++++++--------------------------- 1 file changed, 33 insertions(+), 36 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4e87782a48..4f98c264b8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -273,12 +273,11 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt pstring user; pstring password; pstring devicename; - BOOL doencrypt = SMBENCRYPT(); int ecode = -1; uint16 vuid = SVAL(inbuf,smb_uid); int passlen = SVAL(inbuf,smb_vwv3); - char *path; - char *p; + pstring path; + char *p, *q; START_PROFILE(SMBtconX); *service = *user = *password = *devicename = 0; @@ -294,7 +293,8 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt memcpy(password,smb_buf(inbuf),passlen); password[passlen]=0; - path = smb_buf(inbuf) + passlen; + p = smb_buf(inbuf) + passlen; + p += srvstr_pull(inbuf, path, p, sizeof(path), -1, STR_TERMINATE|STR_CONVERT); if (passlen != 24) { if (strequal(password," ")) @@ -302,27 +302,20 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt passlen = strlen(password); } - p = strchr(path+2,'\\'); - if (!p) { + q = strchr(path+2,'\\'); + if (!q) { END_PROFILE(SMBtconX); return(ERROR(ERRDOS,ERRnosuchshare)); } - fstrcpy(service,p+1); - p = strchr(service,'%'); - if (p) { - *p++ = 0; - fstrcpy(user,p); + fstrcpy(service,q+1); + q = strchr(service,'%'); + if (q) { + *q++ = 0; + fstrcpy(user,q); } - StrnCpy(devicename,path + strlen(path) + 1,6); - DEBUG(4,("Got device type %s\n",devicename)); + p += srvstr_pull(inbuf, devicename, p, sizeof(devicename), 6, STR_CONVERT); - /* - * Ensure the user and password names are in UNIX codepage format. - */ - - dos_to_unix(user,True); - if (!doencrypt) - dos_to_unix(password,True); + DEBUG(4,("Got device type %s\n",devicename)); /* * Pass the user through the NT -> unix user mapping @@ -349,13 +342,13 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } else { char *fsname = lp_fstype(SNUM(conn)); - set_message(outbuf,3,3,True); + set_message(outbuf,3,0,True); p = smb_buf(outbuf); - pstrcpy(p,devicename); p = skip_string(p,1); /* device name */ - pstrcpy(p,fsname); p = skip_string(p,1); /* filesystem type e.g NTFS */ + p += srvstr_push(inbuf, outbuf, p, devicename, -1, STR_CONVERT|STR_TERMINATE); + p += srvstr_push(inbuf, outbuf, p, fsname, -1, STR_CONVERT|STR_TERMINATE); - set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); + set_message_end(outbuf,p); /* what does setting this bit do? It is set by NT4 and may affect the ability to autorun mounted cdroms */ @@ -703,10 +696,12 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int BOOL valid_lm_password = False; pstring user; pstring orig_user; + fstring domain; + fstring native_os; + fstring native_lanman; BOOL guest=False; static BOOL done_sesssetup = False; BOOL doencrypt = SMBENCRYPT(); - char *domain = ""; START_PROFILE(SMBsesssetupX); *smb_apasswd = 0; @@ -835,17 +830,19 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } p += passlen1 + passlen2; - fstrcpy(user,p); - p = skip_string(p,1); + p += srvstr_pull(inbuf, user, p, sizeof(user), -1, STR_CONVERT|STR_TERMINATE); /* * Incoming user and domain are in DOS codepage format. Convert * to UNIX. */ - dos_to_unix(user,True); - domain = p; - dos_to_unix(domain, True); + p += srvstr_pull(inbuf, domain, p, sizeof(domain), + -1, STR_CONVERT|STR_TERMINATE); + p += srvstr_pull(inbuf, native_os, p, sizeof(native_os), + -1, STR_CONVERT|STR_TERMINATE); + p += srvstr_pull(inbuf, native_lanman, p, sizeof(native_lanman), + -1, STR_CONVERT|STR_TERMINATE); DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", - domain,skip_string(p,1),skip_string(p,2))); + domain,native_os,native_lanman)); } DEBUG(3,("sesssetupX:name=[%s]\n",user)); @@ -1027,12 +1024,12 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int set_message(outbuf,3,0,True); } else { char *p; - set_message(outbuf,3,3,True); + set_message(outbuf,3,0,True); p = smb_buf(outbuf); - pstrcpy(p,"Unix"); p = skip_string(p,1); - pstrcpy(p,"Samba "); pstrcat(p,VERSION); p = skip_string(p,1); - pstrcpy(p,global_myworkgroup); unix_to_dos(p, True); p = skip_string(p,1); - set_message(outbuf,3,PTR_DIFF(p,smb_buf(outbuf)),False); + p += srvstr_push(inbuf, outbuf, p, "Unix", -1, STR_TERMINATE|STR_CONVERT); + p += srvstr_push(inbuf, outbuf, p, "Samba", -1, STR_TERMINATE|STR_CONVERT); + p += srvstr_push(inbuf, outbuf, p, global_myworkgroup, -1, STR_TERMINATE|STR_CONVERT); + set_message_end(outbuf,p); /* perhaps grab OS version here?? */ } -- cgit From 20d3a2986e793deaa2243ee26bfa33f580a6d2e2 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 10 Mar 2001 11:57:38 +0000 Subject: converted reply_open, reply_open_and_x and reply_fclose (This used to be commit 2c8da0ae22309f153bde4e29095b60996fa8fcc5) --- source3/smbd/reply.c | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4f98c264b8..a505160b7d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1507,22 +1507,26 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size { int outsize = 0; int status_len; - char *path; + pstring path; char status[21]; int dptr_num= -2; + char *p; + START_PROFILE(SMBfclose); outsize = set_message(outbuf,1,0,True); - path = smb_buf(inbuf) + 1; - status_len = SVAL(smb_buf(inbuf),3 + strlen(path)); + p = smb_buf(inbuf) + 1; + p += srvstr_pull(inbuf, path, p, sizeof(path), -1, STR_TERMINATE|STR_CONVERT); + p++; + status_len = SVAL(p,0); + p += 2; - if (status_len == 0) { END_PROFILE(SMBfclose); return(ERROR(ERRSRV,ERRsrverror)); } - memcpy(status,smb_buf(inbuf) + 1 + strlen(path) + 4,21); + memcpy(status,p,21); if(dptr_fetch(status+12,&dptr_num)) { /* Close the dptr - we know it's gone */ @@ -1560,7 +1564,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, share_mode = SVAL(inbuf,smb_vwv0); - pstrcpy(fname,smb_buf(inbuf)+1); + srvstr_pull(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), -1, STR_TERMINATE); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -1654,8 +1658,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } /* XXXX we need to handle passed times, sattr and flags */ - - pstrcpy(fname,smb_buf(inbuf)); + srvstr_pull(inbuf, fname, smb_buf(inbuf), sizeof(fname), -1, STR_TERMINATE); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); -- cgit From da3053048c3d224a20d6383ac6682d31059cd46c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sun, 11 Mar 2001 00:32:10 +0000 Subject: Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMR RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549) --- source3/smbd/reply.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a505160b7d..04e7b4c101 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1,4 +1,3 @@ -#define OLD_NTDOMAIN 1 /* Unix SMB/Netbios implementation. Version 1.9. @@ -4840,4 +4839,3 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, END_PROFILE(SMBgetattrE); return(outsize); } -#undef OLD_NTDOMAIN -- cgit From 23e5cf060d282c9ba9bdf49884ce23a13b285aac Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 13 Mar 2001 00:55:19 +0000 Subject: this patch does a number of things: - removes SMB_ALIGNMENT. That macro caused all sorts of problems with getting unicode aligned right in sub-protocols (such as SMBtrans and SMBtrans2). I believe the performance reasons for having SMB_ALIGNMENT has gone away with the new variants of the SMB protocol anyway, as newer commands tend to have their own internal alignment. - fix the locations where we set smb_flg2 to absolute values. We must never do this if we want a hope of coping with unicode. - add initial support for unicode on the wire in smbd. Currently enabled using SMBD_USE_UNICODE environment variable. (This used to be commit b98b1435e9d8f8622444c9ff33082977e661f16b) --- source3/smbd/reply.c | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 04e7b4c101..1240d16a98 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -336,16 +336,21 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } if (Protocol < PROTOCOL_NT1) { - set_message(outbuf,2,strlen(devicename)+1,True); - pstrcpy(smb_buf(outbuf),devicename); + set_message(outbuf,2,0,True); + p = smb_buf(outbuf); + p += srvstr_push(inbuf, outbuf, p, devicename, -1, + STR_CONVERT|STR_TERMINATE|STR_ASCII); + set_message_end(outbuf,p); } else { char *fsname = lp_fstype(SNUM(conn)); set_message(outbuf,3,0,True); p = smb_buf(outbuf); - p += srvstr_push(inbuf, outbuf, p, devicename, -1, STR_CONVERT|STR_TERMINATE); - p += srvstr_push(inbuf, outbuf, p, fsname, -1, STR_CONVERT|STR_TERMINATE); + p += srvstr_push(inbuf, outbuf, p, devicename, -1, + STR_CONVERT|STR_TERMINATE|STR_ASCII); + p += srvstr_push(inbuf, outbuf, p, fsname, -1, + STR_CONVERT|STR_TERMINATE); set_message_end(outbuf,p); @@ -444,50 +449,50 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out sam_trust_acct = pdb_getsampwnam(user); } else { DEBUG(0,("session_trust_account: Trust account %s only supported with security = user\n", user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } if (sam_trust_acct == NULL) { /* lkclXXXX: workstation entry doesn't exist */ DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_NO_SUCH_USER)); } else { if ((smb_passlen != 24) || (smb_nt_passlen != 24)) { DEBUG(0,("session_trust_account: Trust account %s - password length wrong.\n", user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } if (!smb_password_ok(sam_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } acct_ctrl = pdb_get_acct_ctrl(sam_trust_acct); if (acct_ctrl & ACB_DOMTRUST) { DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); } if (acct_ctrl & ACB_SVRTRUST) { DEBUG(0,("session_trust_account: Server trust account %s denied by server\n",user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); } if (acct_ctrl & ACB_WSTRUST) { DEBUG(4,("session_trust_account: Wksta trust account %s denied by server\n", user)); - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)); } } /* don't know what to do: indicate logon failure */ - SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); + SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } @@ -670,7 +675,7 @@ static int bad_password_error(char *inbuf,char *outbuf) if(((ra_type == RA_WINNT) || (ra_type == RA_WIN2K)) && (global_client_caps & (CAP_NT_SMBS | CAP_STATUS32 ))) { - SSVAL(outbuf,smb_flg2,FLAGS2_32_BIT_ERROR_CODES); + SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0,NT_STATUS_LOGON_FAILURE)); } @@ -1203,11 +1208,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SIVAL(outbuf,smb_vwv3,(uint32)size); if (Protocol >= PROTOCOL_NT1) { - char *p = strrchr(fname,'/'); - uint16 flg2 = SVAL(outbuf,smb_flg2); - if (!p) p = fname; - if (!is_8_3(fname, True)) - SSVAL(outbuf,smb_flg2,flg2 | 0x40); /* IS_LONG_NAME */ + SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | 0x40); /* IS_LONG_NAME */ } DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, (uint32)size ) ); @@ -1480,8 +1481,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE); if (Protocol >= PROTOCOL_NT1) { - uint16 flg2 = SVAL(outbuf,smb_flg2); - SSVAL(outbuf,smb_flg2,flg2 | 0x40); /* IS_LONG_NAME */ + SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | 0x40); /* IS_LONG_NAME */ } outsize += DIR_STRUCT_SIZE*numentries; -- cgit From 93143c96a6c7d882d83ea2724e4c1985fc1dbc2d Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 13 Mar 2001 03:45:09 +0000 Subject: - convert chkpath - devicename in tconx is always ascii (This used to be commit 242a6a96d10beeb54e93226ae50bd361486e1c0d) --- source3/smbd/reply.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1240d16a98..0cff1d5a56 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -312,7 +312,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt *q++ = 0; fstrcpy(user,q); } - p += srvstr_pull(inbuf, devicename, p, sizeof(devicename), 6, STR_CONVERT); + p += srvstr_pull(inbuf, devicename, p, sizeof(devicename), 6, STR_CONVERT|STR_ASCII); DEBUG(4,("Got device type %s\n",devicename)); @@ -342,7 +342,8 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt STR_CONVERT|STR_TERMINATE|STR_ASCII); set_message_end(outbuf,p); } else { - char *fsname = lp_fstype(SNUM(conn)); + /* NT sets the fstype of IPC$ to the null string */ + char *fsname = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); set_message(outbuf,3,0,True); @@ -1087,8 +1088,8 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL bad_path = False; SMB_STRUCT_STAT sbuf; START_PROFILE(SMBchkpth); - - pstrcpy(name,smb_buf(inbuf) + 1); + + srvstr_pull(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), -1, STR_TERMINATE); RESOLVE_DFSPATH(name, conn, inbuf, outbuf); -- cgit From a7d2f5b06379cb0c553cd2d9a7c58e2cb8902965 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 13 Mar 2001 06:37:12 +0000 Subject: converted a bunch more server functions to unicode (This used to be commit a074600a09387c2034ffb6651abad69bdc14145e) --- source3/smbd/reply.c | 30 ++++++++++++++++++++---------- 1 file changed, 20 insertions(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0cff1d5a56..a401be1357 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1150,9 +1150,11 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SMB_OFF_T size=0; time_t mtime=0; BOOL bad_path = False; + char *p; START_PROFILE(SMBgetatr); - - pstrcpy(fname,smb_buf(inbuf) + 1); + + p = smb_buf(inbuf) + 1; + p += srvstr_pull(inbuf, fname, p, sizeof(fname), -1, STR_TERMINATE); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -1231,9 +1233,12 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size time_t mtime; SMB_STRUCT_STAT sbuf; BOOL bad_path = False; + char *p; + START_PROFILE(SMBsetatr); - - pstrcpy(fname,smb_buf(inbuf) + 1); + + p = smb_buf(inbuf) + 1; + p += srvstr_pull(inbuf, fname, p, sizeof(fname), -1, STR_TERMINATE); unix_convert(fname,conn,0,&bad_path,&sbuf); mode = SVAL(inbuf,smb_vwv0); @@ -1781,7 +1786,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, com = SVAL(inbuf,smb_com); createmode = SVAL(inbuf,smb_vwv0); - pstrcpy(fname,smb_buf(inbuf)+1); + srvstr_pull(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), -1, STR_TERMINATE); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -2046,7 +2051,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size dirtype = SVAL(inbuf,smb_vwv0); - pstrcpy(name,smb_buf(inbuf) + 1); + srvstr_pull(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), -1, STR_TERMINATE); RESOLVE_DFSPATH(name, conn, inbuf, outbuf); @@ -3888,10 +3893,14 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, in int outsize = 0; pstring name; pstring newname; + char *p; + START_PROFILE(SMBmv); - pstrcpy(name,smb_buf(inbuf) + 1); - pstrcpy(newname,smb_buf(inbuf) + 3 + strlen(name)); + p = smb_buf(inbuf) + 1; + p += srvstr_pull(inbuf, name, p, sizeof(name), -1, STR_TERMINATE); + p++; + p += srvstr_pull(inbuf, newname, p, sizeof(newname), -1, STR_TERMINATE); RESOLVE_DFSPATH(name, conn, inbuf, outbuf); RESOLVE_DFSPATH(newname, conn, inbuf, outbuf); @@ -4019,8 +4028,9 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, *directory = *mask = 0; - pstrcpy(name,smb_buf(inbuf)); - pstrcpy(newname,smb_buf(inbuf) + 1 + strlen(name)); + p = smb_buf(inbuf); + p += srvstr_pull(inbuf, name, p, sizeof(name), -1, STR_TERMINATE); + p += srvstr_pull(inbuf, newname, p, sizeof(newname), -1, STR_TERMINATE); DEBUG(3,("reply_copy : %s -> %s\n",name,newname)); -- cgit From 20dd1f74893e9ea0a2a4ef21ec5e1b02eb9e504d Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 13 Mar 2001 06:55:47 +0000 Subject: converted reply_tcon() (This used to be commit 1e92d340ceb5be8e7d50cc7c889b2053ed67bad3) --- source3/smbd/reply.c | 62 +++++++++++++++++++--------------------------------- 1 file changed, 22 insertions(+), 40 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a401be1357..230b3db750 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -167,41 +167,6 @@ static int connection_error(char *inbuf,char *outbuf,int ecode) } - -/**************************************************************************** - parse a share descriptor string -****************************************************************************/ -static void parse_connect(char *p,char *service,char *user, - char *password,int *pwlen,char *dev) -{ - char *p2; - - DEBUG(4,("parsing connect string %s\n",p)); - - p2 = strrchr(p,'\\'); - if (p2 == NULL) - fstrcpy(service,p); - else - fstrcpy(service,p2+1); - - p += strlen(p) + 2; - - fstrcpy(password,p); - *pwlen = strlen(password); - - p += strlen(p) + 2; - - fstrcpy(dev,p); - - *user = 0; - p = strchr(service,'%'); - if (p != NULL) - { - *p = 0; - fstrcpy(user,p+1); - } -} - /**************************************************************************** Reply to a tcon. ****************************************************************************/ @@ -218,17 +183,34 @@ int reply_tcon(connection_struct *conn, uint16 vuid = SVAL(inbuf,smb_uid); int pwlen=0; int ecode = -1; + char *p; + START_PROFILE(SMBtcon); *service = *user = *password = *dev = 0; - parse_connect(smb_buf(inbuf)+1,service,user,password,&pwlen,dev); + p = smb_buf(inbuf)+1; + p += srvstr_pull(inbuf, service, p, sizeof(service), -1, STR_TERMINATE|STR_CONVERT) + 1; + p += srvstr_pull(inbuf, password, p, sizeof(password), -1, STR_TERMINATE|STR_CONVERT) + 1; + p += srvstr_pull(inbuf, dev, p, sizeof(dev), -1, STR_TERMINATE|STR_CONVERT) + 1; - /* - * Ensure the user and password names are in UNIX codepage format. - */ + *user = 0; + p = strchr(service,'%'); + if (p != NULL) { + *p = 0; + fstrcpy(user,p+1); + } - dos_to_unix(user,True); + p = strrchr(service,'\\'); + if (p) { + pstrcpy(service, p+1); + } + + /* + * Ensure the user and password names are in UNIX codepage format. + */ + + dos_to_unix(user,True); if (!doencrypt) dos_to_unix(password,True); -- cgit From ff0462cde830a306105b9d585a36239f27e38f23 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 13 Mar 2001 22:00:46 +0000 Subject: simpler and more correct srvstr_push() it now uses outbuf not inbuf for the unicode flag, which allows for some server fns to be ascii and means one less parameter in push calls (This used to be commit a6dd6662267eeddf368ff0ffba76b45761bf4eeb) --- source3/smbd/reply.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 230b3db750..96192f0575 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -320,7 +320,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (Protocol < PROTOCOL_NT1) { set_message(outbuf,2,0,True); p = smb_buf(outbuf); - p += srvstr_push(inbuf, outbuf, p, devicename, -1, + p += srvstr_push(outbuf, p, devicename, -1, STR_CONVERT|STR_TERMINATE|STR_ASCII); set_message_end(outbuf,p); } else { @@ -330,9 +330,9 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message(outbuf,3,0,True); p = smb_buf(outbuf); - p += srvstr_push(inbuf, outbuf, p, devicename, -1, + p += srvstr_push(outbuf, p, devicename, -1, STR_CONVERT|STR_TERMINATE|STR_ASCII); - p += srvstr_push(inbuf, outbuf, p, fsname, -1, + p += srvstr_push(outbuf, p, fsname, -1, STR_CONVERT|STR_TERMINATE); set_message_end(outbuf,p); @@ -1013,9 +1013,9 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int char *p; set_message(outbuf,3,0,True); p = smb_buf(outbuf); - p += srvstr_push(inbuf, outbuf, p, "Unix", -1, STR_TERMINATE|STR_CONVERT); - p += srvstr_push(inbuf, outbuf, p, "Samba", -1, STR_TERMINATE|STR_CONVERT); - p += srvstr_push(inbuf, outbuf, p, global_myworkgroup, -1, STR_TERMINATE|STR_CONVERT); + p += srvstr_push(outbuf, p, "Unix", -1, STR_TERMINATE|STR_CONVERT); + p += srvstr_push(outbuf, p, "Samba", -1, STR_TERMINATE|STR_CONVERT); + p += srvstr_push(outbuf, p, global_myworkgroup, -1, STR_TERMINATE|STR_CONVERT); set_message_end(outbuf,p); /* perhaps grab OS version here?? */ } -- cgit From 18b7efe9b302d8cb83ca2ae2e4a8d6329de5d39e Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 13 Mar 2001 23:17:45 +0000 Subject: converted a bunch more fns to unicode (This used to be commit fbb3bf12df5c79cac9445be21f1997234479b472) --- source3/smbd/reply.c | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 96192f0575..56a528b816 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -703,12 +703,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); smb_apasswd[smb_apasslen] = 0; - pstrcpy(user,smb_buf(inbuf)+smb_apasslen); - /* - * Incoming user is in DOS codepage format. Convert - * to UNIX. - */ - dos_to_unix(user,True); + srvstr_pull(inbuf, user, smb_buf(inbuf)+smb_apasslen, sizeof(user), -1, STR_TERMINATE|STR_CONVERT); if (!doencrypt && (lp_security() != SEC_SERVER)) { smb_apasslen = strlen(smb_apasswd); @@ -1839,10 +1834,12 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); SMB_STRUCT_STAT sbuf; + char *p; + START_PROFILE(SMBctemp); createmode = SVAL(inbuf,smb_vwv0); - pstrcpy(fname,smb_buf(inbuf)+1); + srvstr_pull(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), -1, STR_TERMINATE|STR_CONVERT); pstrcat(fname,"/TMXXXXXX"); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -1872,10 +1869,12 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRDOS,ERRnoaccess)); } - outsize = set_message(outbuf,1,2 + strlen(fname2),True); + outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); CVAL(smb_buf(outbuf),0) = 4; - pstrcpy(smb_buf(outbuf) + 1,fname2); + p = smb_buf(outbuf) + 1; + p += srvstr_push(inbuf, outbuf, p, fname2, -1, STR_TERMINATE|STR_CONVERT); + set_message_end(outbuf, p); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; @@ -3363,7 +3362,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int outsize; START_PROFILE(SMBmkdir); - pstrcpy(directory,smb_buf(inbuf) + 1); + srvstr_pull(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), -1, STR_TERMINATE); outsize=mkdir_internal(conn, inbuf, outbuf, directory); if(outsize == 0) @@ -3538,7 +3537,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SMB_STRUCT_STAT sbuf; START_PROFILE(SMBrmdir); - pstrcpy(directory,smb_buf(inbuf) + 1); + srvstr_pull(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), -1, STR_TERMINATE); RESOLVE_DFSPATH(directory, conn, inbuf, outbuf) @@ -4163,9 +4162,8 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size END_PROFILE(pathworks_setdir); return(ERROR(ERRDOS,ERRnoaccess)); } - - pstrcpy(newdir,smb_buf(inbuf) + 1); - strlower(newdir); + + srvstr_pull(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), -1, STR_TERMINATE|STR_CONVERT); if (strlen(newdir) == 0) { ok = True; -- cgit From be8a6ea511b131aa065ffc51cf69811a4c3a76a6 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 13 Mar 2001 23:25:48 +0000 Subject: fixed srvstr_push() call (This used to be commit dca433d035dfb6e94ee659477c71edaa4549644d) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 56a528b816..55e6fb5255 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1873,7 +1873,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SSVAL(outbuf,smb_vwv0,fsp->fnum); CVAL(smb_buf(outbuf),0) = 4; p = smb_buf(outbuf) + 1; - p += srvstr_push(inbuf, outbuf, p, fname2, -1, STR_TERMINATE|STR_CONVERT); + p += srvstr_push(outbuf, p, fname2, -1, STR_TERMINATE|STR_CONVERT); set_message_end(outbuf, p); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { -- cgit From 7906e8168cf717f19ba69435ddf353ce7db110db Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 16 Mar 2001 03:25:33 +0000 Subject: converted reply_search (This used to be commit 0331f93a8117d4c295cda327c3a290296ff621d0) --- source3/smbd/reply.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 55e6fb5255..b559b9bdc5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1295,7 +1295,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size char *p; BOOL ok = False; int status_len; - char *path; + pstring path; char status[21]; int dptr_num= -1; BOOL check_descend = False; @@ -1313,9 +1313,11 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size outsize = set_message(outbuf,1,3,True); maxentries = SVAL(inbuf,smb_vwv0); dirtype = SVAL(inbuf,smb_vwv1); - path = smb_buf(inbuf) + 1; - status_len = SVAL(smb_buf(inbuf),3 + strlen(path)); - + p = smb_buf(inbuf) + 1; + p += srvstr_pull(inbuf, path, p, sizeof(path), -1, STR_TERMINATE); + p++; + status_len = SVAL(p, 0); + p += 2; /* dirtype &= ~aDIR; */ @@ -1324,8 +1326,8 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SMB_STRUCT_STAT sbuf; pstring dir2; - pstrcpy(directory,smb_buf(inbuf)+1); - pstrcpy(dir2,smb_buf(inbuf)+1); + pstrcpy(directory,path); + pstrcpy(dir2,path); unix_convert(directory,conn,0,&bad_path,&sbuf); unix_format(dir2); @@ -1357,7 +1359,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } else { - memcpy(status,smb_buf(inbuf) + 1 + strlen(path) + 4,21); + memcpy(status,p,21); dirtype = CVAL(status,0) & 0x1F; conn->dirptr = dptr_fetch(status+12,&dptr_num); if (!conn->dirptr) -- cgit From f572cd9e35830c509968b29cb5f606bb9f9b929b Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 16 Mar 2001 03:43:14 +0000 Subject: converted reply_printqueue (This used to be commit 70d6b09ac9fbd612960fa02fad5adbf6d87c24ce) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b559b9bdc5..35a4b0f54a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -408,8 +408,8 @@ int reply_ioctl(connection_struct *conn, { case IOCTL_QUERY_JOB_INFO: SSVAL(p,0,fsp->print_jobid); /* Job number */ - StrnCpy(p+2, global_myname, 15); /* Our NetBIOS name */ - StrnCpy(p+18, lp_servicename(SNUM(conn)), 13); /* Service name */ + srvstr_push(outbuf, p+2, global_myname, 15, STR_TERMINATE|STR_CONVERT|STR_ASCII); + srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_CONVERT|STR_ASCII); break; } @@ -3270,7 +3270,7 @@ int reply_printqueue(connection_struct *conn, SSVAL(p,5, queue[i].job); SIVAL(p,7,queue[i].size); CVAL(p,11) = 0; - StrnCpy(p+12,queue[i].user,16); + srvstr_push(outbuf, p+12, queue[i].user, 16, STR_CONVERT|STR_ASCII); p += 28; } -- cgit From f9a15ce1a69f905e94db7650f0a4805720cd9c88 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sun, 8 Apr 2001 20:22:39 +0000 Subject: Got "medieval on our ass" about adding the -1 to slprintf. Jeremy. (This used to be commit 94747b4639ed9b19f7d0fb896e43aa392a84989a) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 35a4b0f54a..4176dd0104 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -880,7 +880,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!sys_getpwnam(user)) { pstring user2; - slprintf(user2,sizeof(user2),"%s%s%s", dos_to_unix(domain,False), + slprintf(user2,sizeof(user2)-1,"%s%s%s", dos_to_unix(domain,False), lp_winbind_separator(), user); if (sys_getpwnam(user2)) { -- cgit From 50e78a9ac8cf0949c2471fafde844c674f97d73d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 13 Apr 2001 00:37:00 +0000 Subject: As Andrew suggested, make smbrun return a fd for a deleted file which can then be read. Jeremy. (This used to be commit e7d59d6de89a5fdd201e4b5c6072dab08b1519db) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4176dd0104..b4e0d490ab 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -493,7 +493,7 @@ int smb_create_user(char *unix_user, char *homedir) all_string_sub(add_script, "%u", unix_user, sizeof(pstring)); if (homedir) all_string_sub(add_script, "%H", homedir, sizeof(pstring)); - ret = smbrun(add_script,NULL,False); + ret = smbrun(add_script,NULL,NULL); DEBUG(3,("smb_create_user: Running the command `%s' gave %d\n",add_script,ret)); return ret; } @@ -510,7 +510,7 @@ static int smb_delete_user(char *unix_user) pstrcpy(del_script, lp_deluser_script()); if (! *del_script) return -1; all_string_sub(del_script, "%u", unix_user, sizeof(pstring)); - ret = smbrun(del_script,NULL,False); + ret = smbrun(del_script,NULL,NULL); DEBUG(3,("smb_delete_user: Running the command `%s' gave %d\n",del_script,ret)); return ret; } -- cgit From 2ef68c7e92d4661664f0410509f7cb551e74a198 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 13 Apr 2001 19:12:06 +0000 Subject: Merge of Andrew's changes in 2.2. Jeremy. (This used to be commit fc76681812b1469208ad6c8847afdfc68bc6db49) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b4e0d490ab..9d517dcaa9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -493,7 +493,7 @@ int smb_create_user(char *unix_user, char *homedir) all_string_sub(add_script, "%u", unix_user, sizeof(pstring)); if (homedir) all_string_sub(add_script, "%H", homedir, sizeof(pstring)); - ret = smbrun(add_script,NULL,NULL); + ret = smbrun(add_script,NULL); DEBUG(3,("smb_create_user: Running the command `%s' gave %d\n",add_script,ret)); return ret; } @@ -510,7 +510,7 @@ static int smb_delete_user(char *unix_user) pstrcpy(del_script, lp_deluser_script()); if (! *del_script) return -1; all_string_sub(del_script, "%u", unix_user, sizeof(pstring)); - ret = smbrun(del_script,NULL,NULL); + ret = smbrun(del_script,NULL); DEBUG(3,("smb_delete_user: Running the command `%s' gave %d\n",del_script,ret)); return ret; } -- cgit From 6f78636a56106c510545dc1c8218b3a90a486c67 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 18 Apr 2001 05:12:46 +0000 Subject: Removed mktemp from HEAD - same as done in 2.2. Jeremy. (This used to be commit 121b59669fbcd1aaedb08011ff36169fc6561c55) --- source3/smbd/reply.c | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9d517dcaa9..82ac230764 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1835,6 +1835,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + int tmpfd; SMB_STRUCT_STAT sbuf; char *p; @@ -1850,15 +1851,23 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unixmode = unix_mode(conn,createmode,fname); - pstrcpy(fname2,(char *)smbd_mktemp(fname)); - /* This file should not exist. */ - ZERO_STRUCT(sbuf); + tmpfd = smb_mkstemp(fname); + if (tmpfd == -1) { + END_PROFILE(SMBctemp); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + vfs_stat(conn,fname2,&sbuf); /* Open file in dos compatibility share mode. */ - /* We should fail if file exists. */ - fsp = open_file_shared(conn,fname2,&sbuf,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), - (FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_FAIL), unixmode, oplock_request, NULL, NULL); + /* We should fail if file does not exist. */ + fsp = open_file_shared(conn,fname,&sbuf, + SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + FILE_FAIL_IF_NOT_EXIST, + unixmode, oplock_request, NULL, NULL); + + /* close fd from smb_mkstemp() */ + close(tmpfd); if (!fsp) { @@ -3169,7 +3178,7 @@ int reply_printopen(connection_struct *conn, } /* Open for exclusive use, write only. */ - fsp = print_fsp_open(conn,"dos.prn"); + fsp = print_fsp_open(conn); if (!fsp) { END_PROFILE(SMBsplopen); -- cgit From 9ce5a03ccbcc21c60a3dbc39b1dbd06b30655852 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 18 Apr 2001 16:41:04 +0000 Subject: merge from 2.2 (This used to be commit f52a5014ee325f9d91f266f88eac51b6136a75b9) --- source3/smbd/reply.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 82ac230764..15e8e9537e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -671,7 +671,7 @@ reply to a session setup command int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - uint16 sess_vuid; + int sess_vuid; gid_t gid; uid_t uid; int smb_bufsize; @@ -1037,6 +1037,11 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int to a uid can get through without a password, on the same VC */ sess_vuid = register_vuid(uid,gid,user,current_user_info.smb_name,domain,guest); + + if (sess_vuid == -1) { + return(ERROR(ERRDOS,ERRnoaccess)); + } + SSVAL(outbuf,smb_uid,sess_vuid); SSVAL(inbuf,smb_uid,sess_vuid); -- cgit From 63602d15afe96206e1fdcea4d2b9014582aa41aa Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 28 Apr 2001 14:01:02 +0000 Subject: - fixed some compiler warnings - fixed slprintf and vsprintf macros (This used to be commit c986a3c51e8cdbc1230edbe0f4a91138c4ada29d) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 15e8e9537e..61b9390d08 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -556,7 +556,7 @@ static BOOL check_server_security(char *orig_user, char *domain, char *unix_user smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen); if(ret) { - struct passwd *pwd; + struct passwd *pwd=NULL; /* * User validated ok against Domain controller. @@ -597,7 +597,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user { BOOL ret = False; BOOL user_exists = True; - struct passwd *pwd; + struct passwd *pwd=NULL; if(lp_security() != SEC_DOMAIN) return False; -- cgit From f35157f39293f9fa240a28642c41708b55d301c8 Mon Sep 17 00:00:00 2001 From: Jean-François Micouleau Date: Fri, 4 May 2001 15:44:27 +0000 Subject: Big cleanup of passdb and backends. I did some basic tests but I have probably broken something. Notably the password changing. So don't cry ;-) J.F. (This used to be commit a4a4c02b12f030a3b9e6225b999c90689dfc4719) --- source3/smbd/reply.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 61b9390d08..c9ef881b59 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -427,34 +427,42 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out /* check if trust account exists */ SAM_ACCOUNT *sam_trust_acct = NULL; uint16 acct_ctrl; + BOOL ret; + + pdb_init_sam(&sam_trust_acct); if (lp_security() == SEC_USER) { - sam_trust_acct = pdb_getsampwnam(user); + ret = pdb_getsampwnam(sam_trust_acct, user); } else { DEBUG(0,("session_trust_account: Trust account %s only supported with security = user\n", user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); + pdb_clear_sam(sam_trust_acct); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } - if (sam_trust_acct == NULL) { + if (ret == False) { /* lkclXXXX: workstation entry doesn't exist */ DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); + pdb_clear_sam(sam_trust_acct); return(ERROR(0, NT_STATUS_NO_SUCH_USER)); } else { if ((smb_passlen != 24) || (smb_nt_passlen != 24)) { DEBUG(0,("session_trust_account: Trust account %s - password length wrong.\n", user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, NT_STATUS_LOGON_FAILURE)); + pdb_clear_sam(sam_trust_acct); + return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } if (!smb_password_ok(sam_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); + pdb_clear_sam(sam_trust_acct); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } acct_ctrl = pdb_get_acct_ctrl(sam_trust_acct); + pdb_clear_sam(sam_trust_acct); if (acct_ctrl & ACB_DOMTRUST) { DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); -- cgit From 30c4c04c2f584857633ce7605555dcfb37a3e1af Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 7 May 2001 14:04:46 +0000 Subject: Patch from Simo: o sed 's/pdb_clear_sam/pdb_free_sam/g' o add pdb_reset_sam() o password changing should be ok now as well. (This used to be commit 96d0e7c3301ad990f6c83b9c216720cb32661fb5) --- source3/smbd/reply.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c9ef881b59..41970c4040 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -436,7 +436,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out } else { DEBUG(0,("session_trust_account: Trust account %s only supported with security = user\n", user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - pdb_clear_sam(sam_trust_acct); + pdb_free_sam(sam_trust_acct); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } @@ -444,25 +444,25 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out /* lkclXXXX: workstation entry doesn't exist */ DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - pdb_clear_sam(sam_trust_acct); + pdb_free_sam(sam_trust_acct); return(ERROR(0, NT_STATUS_NO_SUCH_USER)); } else { if ((smb_passlen != 24) || (smb_nt_passlen != 24)) { DEBUG(0,("session_trust_account: Trust account %s - password length wrong.\n", user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - pdb_clear_sam(sam_trust_acct); + pdb_free_sam(sam_trust_acct); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } if (!smb_password_ok(sam_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - pdb_clear_sam(sam_trust_acct); + pdb_free_sam(sam_trust_acct); return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } acct_ctrl = pdb_get_acct_ctrl(sam_trust_acct); - pdb_clear_sam(sam_trust_acct); + pdb_free_sam(sam_trust_acct); if (acct_ctrl & ACB_DOMTRUST) { DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); -- cgit From 2d27d8c720b705e8ca9575682948c0750c1bb080 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 17 May 2001 06:08:49 +0000 Subject: Fixes to get pam_auth() functionality working again. (This used to be commit 083b74c743f0026693fa0fbe665ed08a3ac706b8) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 41970c4040..2e4837013e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -616,7 +616,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user ret = domain_client_validate(orig_user, domain, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen, - &user_exists); + &user_exists, NULL); if(ret) { /* -- cgit From faa0bef196b732b45c4614acd655af4881504808 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 22 May 2001 20:35:48 +0000 Subject: Defensive brlock and locking database cleaning code. Jeremy. (This used to be commit d7aa42e4593b02ee6e487f7a4633bd7e7620ef2f) --- source3/smbd/reply.c | 82 +++++++++++++++++++++++++--------------------------- 1 file changed, 40 insertions(+), 42 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2e4837013e..b43512329e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -603,57 +603,55 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user char *smb_apasswd, int smb_apasslen, char *smb_ntpasswd, int smb_ntpasslen) { - BOOL ret = False; - BOOL user_exists = True; - struct passwd *pwd=NULL; + BOOL ret = False; + BOOL user_exists = True; + struct passwd *pwd=NULL; - if(lp_security() != SEC_DOMAIN) - return False; + if(lp_security() != SEC_DOMAIN) + return False; - if (!check_domain_match(orig_user, domain)) - return False; + if (!check_domain_match(orig_user, domain)) + return False; - ret = domain_client_validate(orig_user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen, - &user_exists, NULL); + ret = domain_client_validate(orig_user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen, + &user_exists, NULL); - if(ret) { - /* - * User validated ok against Domain controller. - * If the admin wants us to try and create a UNIX - * user on the fly, do so. - */ - if(user_exists && lp_adduser_script() && !(pwd = smb_getpwnam(unix_user,True))) { - smb_create_user(unix_user, NULL); - } + if(ret) { + /* + * User validated ok against Domain controller. + * If the admin wants us to try and create a UNIX + * user on the fly, do so. + */ + if(user_exists && lp_adduser_script() && !(pwd = smb_getpwnam(unix_user,True))) + smb_create_user(unix_user, NULL); - if(lp_adduser_script() && pwd) { - SMB_STRUCT_STAT st; + if(lp_adduser_script() && pwd) { + SMB_STRUCT_STAT st; - /* - * Also call smb_create_user if the users home directory - * doesn't exist. Used with winbindd to allow the script to - * create the home directory for a user mapped with winbindd. - */ + /* + * Also call smb_create_user if the users home directory + * doesn't exist. Used with winbindd to allow the script to + * create the home directory for a user mapped with winbindd. + */ - if (pwd->pw_shell && (sys_stat(pwd->pw_dir, &st) == -1) && (errno == ENOENT)) - smb_create_user(unix_user, pwd->pw_dir); - } + if (pwd->pw_dir && (sys_stat(pwd->pw_dir, &st) == -1) && (errno == ENOENT)) + smb_create_user(unix_user, pwd->pw_dir); + } - } else { - /* - * User failed to validate ok against Domain controller. - * If the failure was "user doesn't exist" and admin - * wants us to try and delete that UNIX user on the fly, - * do so. - */ - if(!user_exists && lp_deluser_script() && smb_getpwnam(unix_user,True)) { - smb_delete_user(unix_user); - } - } + } else { + /* + * User failed to validate ok against Domain controller. + * If the failure was "user doesn't exist" and admin + * wants us to try and delete that UNIX user on the fly, + * do so. + */ + if(!user_exists && lp_deluser_script() && smb_getpwnam(unix_user,True)) + smb_delete_user(unix_user); + } - return ret; + return ret; } /**************************************************************************** -- cgit From 9ff6634db923da17b0946141abf3ce7df61a0dab Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 24 May 2001 19:28:22 +0000 Subject: Fixup the large_writex problem (a large_writex can send a full 64k of data, we already have space for this we just need to understand the length correctly). Jeremy. (This used to be commit 19145bae720bbcc32dcab380c62a33d1f0e3eef0) --- source3/smbd/reply.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b43512329e..914f1801d2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2665,10 +2665,11 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng { files_struct *fsp = file_fsp(inbuf,smb_vwv2); SMB_OFF_T startpos = IVAL(inbuf,smb_vwv3); - size_t numtowrite = SVAL(inbuf,smb_vwv10); + size_t numtowrite = SVAL(inbuf,smb_vwv10)|(((size_t)SVAL(inbuf,smb_vwv9))<<16); BOOL write_through = BITSETW(inbuf+smb_vwv7,0); ssize_t nwritten = -1; unsigned int smb_doff = SVAL(inbuf,smb_vwv11); + unsigned int smblen = smb_len(inbuf); char *data; START_PROFILE(SMBwriteX); @@ -2682,7 +2683,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng CHECK_WRITE(fsp); CHECK_ERROR(fsp); - if(smb_doff > smb_len(inbuf)) { + if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) { END_PROFILE(SMBwriteX); return(ERROR(ERRDOS,ERRbadmem)); } -- cgit From fe6208d09a380e29831240aeb84365f60d048c00 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 25 May 2001 02:45:07 +0000 Subject: return an error code on password attack, rather than exiting. otherwise security scanners may think we are vulnerable! (This used to be commit ee8cb88682421464016d56209eecea764bddc032) --- source3/smbd/reply.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 914f1801d2..23fedccd88 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -54,7 +54,6 @@ static void overflow_attack(int len) dbgtext( "attempting to exploit an old bug.\n" ); dbgtext( "Attack was from IP = %s.\n", client_addr() ); } - exit_server("possible attack"); } @@ -270,6 +269,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (passlen > MAX_PASS_LEN) { overflow_attack(passlen); + return(ERROR(ERRDOS,ERRbuftoosmall)); } memcpy(password,smb_buf(inbuf),passlen); @@ -704,8 +704,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (Protocol < PROTOCOL_NT1) { smb_apasslen = SVAL(inbuf,smb_vwv7); - if (smb_apasslen > MAX_PASS_LEN) - overflow_attack(smb_apasslen); + if (smb_apasslen > MAX_PASS_LEN) { + overflow_attack(smb_apasslen); + return(ERROR(ERRDOS,ERRbuftoosmall)); + } memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); smb_apasswd[smb_apasslen] = 0; @@ -738,7 +740,8 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int doencrypt = False; if (passlen1 > MAX_PASS_LEN) { - overflow_attack(passlen1); + overflow_attack(passlen1); + return(ERROR(ERRDOS,ERRbuftoosmall)); } passlen1 = MIN(passlen1, MAX_PASS_LEN); -- cgit From 091fd5a1746080b8a988f08557ba5f9df97653a4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 5 Jun 2001 06:29:57 +0000 Subject: Deal with incorrect large writes from old NT4.x clients. We still need to set the large write reply correctly. Jeremy. (This used to be commit 810dae29b8b45e91c0c35a4d96202c08b13d4e82) --- source3/smbd/reply.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 23fedccd88..7cb23d8629 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2668,7 +2668,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng { files_struct *fsp = file_fsp(inbuf,smb_vwv2); SMB_OFF_T startpos = IVAL(inbuf,smb_vwv3); - size_t numtowrite = SVAL(inbuf,smb_vwv10)|(((size_t)SVAL(inbuf,smb_vwv9))<<16); + size_t numtowrite = SVAL(inbuf,smb_vwv10); BOOL write_through = BITSETW(inbuf+smb_vwv7,0); ssize_t nwritten = -1; unsigned int smb_doff = SVAL(inbuf,smb_vwv11); @@ -2686,6 +2686,10 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng CHECK_WRITE(fsp); CHECK_ERROR(fsp); + /* Deal with possible LARGE_WRITEX */ + if (smblen > 0xFFFF) + numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16); + if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) { END_PROFILE(SMBwriteX); return(ERROR(ERRDOS,ERRbadmem)); -- cgit From 5264e9a2a737d6498be0f346bcbc3b583609abf5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 5 Jun 2001 08:17:16 +0000 Subject: Set correct reply word in large writeX (greater than 64k) replies. Also added smbtorture test for this. Jeremy. (This used to be commit 6d65556ae8bea45a203defaded8436cbb56965e1) --- source3/smbd/reply.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7cb23d8629..d3f2527b35 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2674,6 +2674,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng unsigned int smb_doff = SVAL(inbuf,smb_vwv11); unsigned int smblen = smb_len(inbuf); char *data; + BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF)); START_PROFILE(SMBwriteX); /* If it's an IPC, pass off the pipe handler. */ @@ -2687,7 +2688,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng CHECK_ERROR(fsp); /* Deal with possible LARGE_WRITEX */ - if (smblen > 0xFFFF) + if (large_writeX) numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16); if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) { @@ -2742,7 +2743,9 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng set_message(outbuf,6,0,True); SSVAL(outbuf,smb_vwv2,nwritten); - + if (large_writeX) + SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1); + if (nwritten < (ssize_t)numtowrite) { CVAL(outbuf,smb_rcls) = ERRHRD; SSVAL(outbuf,smb_err,ERRdiskfull); -- cgit From f63ee18c684af33342de2c5757f9fdf0b7d84997 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 9 Jun 2001 01:38:54 +0000 Subject: *Wonderful* patch from Andrew Bartlett that will help ensure tdb's are cleaned on clients abending connections. Thanks Andrew ! Jeremy. (This used to be commit 1b3977c5367a0b713b194f369abd9872ae01ac2a) --- source3/smbd/reply.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d3f2527b35..9705bfd6b3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2487,7 +2487,8 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, CVAL(outbuf,smb_com) = SMBwritebraw; SSVALS(outbuf,smb_vwv0,-1); outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); - send_smb(smbd_server_fd(),outbuf); + if (!send_smb(smbd_server_fd(),outbuf)) + exit_server("reply_writebraw: send_smb failed.\n"); /* Now read the raw data into the buffer and write it */ if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) { @@ -3172,7 +3173,8 @@ int reply_echo(connection_struct *conn, smb_setlen(outbuf,outsize - 4); - send_smb(smbd_server_fd(),outbuf); + if (!send_smb(smbd_server_fd(),outbuf)) + exit_server("reply_echo: send_smb failed.\n"); } DEBUG(3,("echo %d times\n", smb_reverb)); @@ -4552,7 +4554,8 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, SSVAL(outbuf,smb_vwv6,nread); SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf)); - send_smb(smbd_server_fd(),outbuf); + if (!send_smb(smbd_server_fd(),outbuf)) + exit_server("reply_readbmpx: send_smb failed.\n"); total_read += nread; startpos += nread; @@ -4650,7 +4653,8 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, if (write_through && tcount==nwritten) { /* we need to send both a primary and a secondary response */ smb_setlen(outbuf,outsize - 4); - send_smb(smbd_server_fd(),outbuf); + if (!send_smb(smbd_server_fd(),outbuf)) + exit_server("reply_writebmpx: send_smb failed.\n"); /* now the secondary */ outsize = set_message(outbuf,1,0,True); -- cgit From 10f8162124cd29fdf8324f03baf950cf29d34921 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 12 Jun 2001 09:51:03 +0000 Subject: Removed commented out msdfs code that was being called anyway. (This used to be commit a542f4513ab792363fd5772582c6d317aa913257) --- source3/smbd/reply.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9705bfd6b3..da73a78a33 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1149,8 +1149,6 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - /* if((SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES) && dfs_redirect(fname,conn)) return(dfs_path_error(inbuf,outbuf)); - */ /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ if (! (*fname)) -- cgit From 850a0e27e19ac21bc66d3d26875d3f9bafd5245c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 19 Jun 2001 07:31:55 +0000 Subject: Extra debug in open.c, fix for bad debug message in reply.c Jeremy. (This used to be commit 2c2fc8513699eb39721ac1d65fa1fdaecde526a8) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index da73a78a33..2f9898616c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4343,7 +4343,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, BOOL break_to_none = (oplocklevel == 0); DEBUG(5,("reply_lockingX: oplock break reply (%u) from client for fnum = %d\n", - fsp->fnum, (unsigned int)oplocklevel )); + (unsigned int)oplocklevel, fsp->fnum )); /* * Make sure we have granted an exclusive or batch oplock on this file. -- cgit From fda0f83d751a1ea6c731fd6a82484a724a1c6e32 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 21 Jun 2001 01:01:15 +0000 Subject: Following info from TAKAHASHI Motonobu , Samba Users Group Japan, ensure that we don't use dos_to_unix(xx,True), but always use dos_to_unix(xx,False) to prevent overwriting. Jeremy. (This used to be commit 244aec8ea623fec828add3ab09c5003bf32bd5c7) --- source3/smbd/reply.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2f9898616c..e0b0cea2d3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -209,9 +209,9 @@ int reply_tcon(connection_struct *conn, * Ensure the user and password names are in UNIX codepage format. */ - dos_to_unix(user,True); + pstrcpy(user,dos_to_unix(user,False)); if (!doencrypt) - dos_to_unix(password,True); + pstrcpy(password,dos_to_unix(password,False)); /* * Pass the user through the NT -> unix user mapping @@ -797,8 +797,8 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int * Ensure the plaintext passwords are in UNIX format. */ if(!doencrypt) { - dos_to_unix(smb_apasswd,True); - dos_to_unix(smb_ntpasswd,True); + pstrcpy(smb_apasswd,dos_to_unix(smb_apasswd,False)); + pstrcpy(smb_ntpasswd,dos_to_unix(smb_ntpasswd,False)); } } else { @@ -808,7 +808,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* * Ensure the plaintext password is in UNIX format. */ - dos_to_unix(smb_apasswd,True); + pstrcpy(smb_apasswd,dos_to_unix(smb_apasswd,False)); /* trim the password */ smb_apasslen = strlen(smb_apasswd); -- cgit From 100a54e221dd0712ab37daa5359b202d0a059090 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 22 Jun 2001 00:57:59 +0000 Subject: Andrew - please look this over. I've fixed a long standing (maybe 4-5 years old) bug when chainging a sessionsetup_and_X and tcon together. The wrong username was being entered into the tdb, even though the correct user was used for accessing files. This is related to the fact that authorise_login() is not used for sessionsetup, but only for tcon auths. Jeremy. (This used to be commit 0187cd6aef7586d7ad4bdc70c50f3f2e7c69519c) --- source3/smbd/reply.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e0b0cea2d3..cd7b3fe6fe 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -205,6 +205,14 @@ int reply_tcon(connection_struct *conn, pstrcpy(service, p+1); } + /* + * If the vuid is valid, we should be using that.... + */ + + if (*user == '\0' && (lp_security() != SEC_SHARE) && validated_username(vuid)) { + pstrcpy(user,validated_username(vuid)); + } + /* * Ensure the user and password names are in UNIX codepage format. */ @@ -247,6 +255,7 @@ int reply_tcon(connection_struct *conn, /**************************************************************************** Reply to a tcon and X. ****************************************************************************/ + int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { fstring service; @@ -298,6 +307,14 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt DEBUG(4,("Got device type %s\n",devicename)); + /* + * If the vuid is valid, we should be using that.... + */ + + if (*user == '\0' && (lp_security() != SEC_SHARE) && validated_username(vuid)) { + pstrcpy(user,validated_username(vuid)); + } + /* * Pass the user through the NT -> unix user mapping * function. @@ -1066,7 +1083,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int return chain_reply(inbuf,outbuf,length,bufsize); } - /**************************************************************************** reply to a chkpth ****************************************************************************/ -- cgit From 7133aed083612480a94a7b61d6a0a0308c304b6e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 23 Jun 2001 00:22:14 +0000 Subject: Better fix for client name vulnarability. Jeremy. (This used to be commit 17c3faa367328d186d10f59f08549de0c608b16a) --- source3/smbd/reply.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index cd7b3fe6fe..0c40e5f2b3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -96,6 +96,7 @@ int reply_special(char *inbuf,char *outbuf) remote_machine[15] = 0; trim_string(remote_machine," "," "); strlower(remote_machine); + alpha_strcpy(remote_machine,remote_machine,sizeof(remote_machine)-1); fstrcpy(local_machine,name1); len = strlen(local_machine); @@ -105,6 +106,7 @@ int reply_special(char *inbuf,char *outbuf) } trim_string(local_machine," "," "); strlower(local_machine); + alpha_strcpy(local_machine,local_machine,sizeof(local_machine)-1); if (name_type == 'R') { /* We are being asked for a pathworks session --- -- cgit From 37eb0d6c74ce158b1cc268cea446b33789550048 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 23 Jun 2001 07:22:16 +0000 Subject: Added other_safe_chars to alpha_strcpy(). Needs testing but is a better fix for the problem. Jeremy. (This used to be commit e059fffd03a1382fb2b7059b6de369d9fc765a17) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0c40e5f2b3..da4659dfa1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -96,7 +96,7 @@ int reply_special(char *inbuf,char *outbuf) remote_machine[15] = 0; trim_string(remote_machine," "," "); strlower(remote_machine); - alpha_strcpy(remote_machine,remote_machine,sizeof(remote_machine)-1); + alpha_strcpy(remote_machine,remote_machine,SAFE_NETBIOS_CHARS,sizeof(remote_machine)-1); fstrcpy(local_machine,name1); len = strlen(local_machine); @@ -106,7 +106,7 @@ int reply_special(char *inbuf,char *outbuf) } trim_string(local_machine," "," "); strlower(local_machine); - alpha_strcpy(local_machine,local_machine,sizeof(local_machine)-1); + alpha_strcpy(local_machine,local_machine,SAFE_NETBIOS_CHARS,sizeof(local_machine)-1); if (name_type == 'R') { /* We are being asked for a pathworks session --- -- cgit From 08bda36755d75bc4f9a7e0354a93085b4f9ace66 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 23 Jun 2001 20:01:23 +0000 Subject: Log debug before and after netbios names copied so we know if they've been changed. Jeremy. (This used to be commit f8c121c69c9561f011a0e08a9d0beaf1cefd1667) --- source3/smbd/reply.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index da4659dfa1..1b15639720 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -108,6 +108,9 @@ int reply_special(char *inbuf,char *outbuf) strlower(local_machine); alpha_strcpy(local_machine,local_machine,SAFE_NETBIOS_CHARS,sizeof(local_machine)-1); + DEBUG(2,("netbios connect: local=%s remote=%s\n", + local_machine, remote_machine )); + if (name_type == 'R') { /* We are being asked for a pathworks session --- no thanks! */ -- cgit From 629a59fe85910229ddac8f02c20ead424ba03ac7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 26 Jun 2001 06:06:42 +0000 Subject: Always use DOMAIN\user first that this is the more specific case. Jeremy. (This used to be commit 52143c08536a5f5d888b78b4769c06f7a0a2992b) --- source3/smbd/reply.c | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1b15639720..811a7558dc 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -906,18 +906,23 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int pstrcpy( orig_user, user); - /* if the username exists as a domain/username pair on the unix system then use - that */ - if (!sys_getpwnam(user)) { - pstring user2; - - slprintf(user2,sizeof(user2)-1,"%s%s%s", dos_to_unix(domain,False), - lp_winbind_separator(), user); - - if (sys_getpwnam(user2)) { - DEBUG(3,("Using unix username %s\n", user2)); - pstrcpy(user, user2); - } + /* + * Always try the "DOMAIN\user" lookup first, as this is the most + * specific case. If this fails then try the simple "user" lookup. + */ + + { + pstring dom_user; + + /* Work out who's who */ + + slprintf(dom_user, sizeof(dom_user) - 1,"%s%s%s", + dos_to_unix(domain, False), lp_winbind_separator(), user); + + if (sys_getpwnam(dom_user) != NULL) { + pstrcpy(user, dom_user); + DEBUG(3,("Using unix username %s\n", dom_user)); + } } /* -- cgit From d1f38ac53107d818b88cae9ee4d4442381dc4702 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 30 Jun 2001 01:59:48 +0000 Subject: Fixed the first locking error (test #8 found by locktest code from Clarion locktest. Jeremy. (This used to be commit 5c42845b5bb6fafd0ebf93fbdd23d9bf861da865) --- source3/smbd/reply.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 811a7558dc..b66149e7da 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2193,7 +2193,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s maxcount = MIN(65535,maxcount); maxcount = MAX(mincount,maxcount); - if (!is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) + if (!is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { SMB_OFF_T size = fsp->size; SMB_OFF_T sizeneeded = startpos + maxcount; @@ -2350,7 +2350,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { END_PROFILE(SMBread); return(ERROR(ERRDOS,ERRlock)); } @@ -2427,7 +2427,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } - if (is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { END_PROFILE(SMBreadX); return(ERROR(ERRDOS,ERRlock)); } @@ -2488,7 +2488,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, CVAL(inbuf,smb_com) = SMBwritec; CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { END_PROFILE(SMBwritebraw); return(ERROR(ERRDOS,ERRlock)); } @@ -2584,7 +2584,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { END_PROFILE(SMBwriteunlock); return(ERROR(ERRDOS,ERRlock)); } @@ -2648,7 +2648,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d startpos = IVAL(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { END_PROFILE(SMBwrite); return(ERROR(ERRDOS,ERRlock)); } @@ -2746,7 +2746,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng #endif /* LARGE_SMB_OFF_T */ } - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { END_PROFILE(SMBwriteX); return(ERROR(ERRDOS,ERRlock)); } @@ -3031,7 +3031,7 @@ int reply_writeclose(connection_struct *conn, mtime = make_unix_date3(inbuf+smb_vwv4); data = smb_buf(inbuf) + 1; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { END_PROFILE(SMBwriteclose); return(ERROR(ERRDOS,ERRlock)); } @@ -4556,7 +4556,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, tcount = maxcount; total_read = 0; - if (is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { END_PROFILE(SMBreadBmpx); return(ERROR(ERRDOS,ERRlock)); } @@ -4623,7 +4623,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, not an SMBwritebmpx - set this up now so we don't forget */ CVAL(outbuf,smb_com) = SMBwritec; - if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK,False)) { END_PROFILE(SMBwriteBmpx); return(ERROR(ERRDOS,ERRlock)); } -- cgit From 5b69009b25886bfa8b07e3ac885064ffa730f9bf Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 2 Jul 2001 02:42:41 +0000 Subject: Fixed the nastiest locking bug to track down.... smb_pids are sent in the lockingX calls - use that instead of smb_pid in the packet. Jeremy. (This used to be commit a3925cb9c6303ce24e5fecad6c8f3a0ba78b9ee0) --- source3/smbd/reply.c | 38 +++++++++++++++++++++++++++----------- 1 file changed, 27 insertions(+), 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b66149e7da..2539537bfc 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2290,7 +2290,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * for a write lock. JRA. */ - if(!do_lock( fsp, conn, (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK, &eclass, &ecode)) { + if(!do_lock( fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK, &eclass, &ecode)) { if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { /* * A blocking lock was requested. Package up @@ -2605,7 +2605,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz return(UNIXERROR(ERRDOS,ERRnoaccess)); } - if(!do_unlock(fsp, conn, (SMB_BIG_UINT)numtowrite, (SMB_BIG_UINT)startpos, &eclass, &ecode)) { + if(!do_unlock(fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtowrite, (SMB_BIG_UINT)startpos, &eclass, &ecode)) { END_PROFILE(SMBwriteunlock); return(ERROR(eclass,ecode)); } @@ -3089,7 +3089,7 @@ int reply_lock(connection_struct *conn, DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fd, fsp->fnum, (double)offset, (double)count)); - if (!do_lock(fsp, conn, count, offset, WRITE_LOCK, &eclass, &ecode)) { + if (!do_lock(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK, &eclass, &ecode)) { if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { /* * A blocking lock was requested. Package up @@ -3128,7 +3128,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, in count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1); offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); - if(!do_unlock(fsp, conn, count, offset, &eclass, &ecode)) { + if(!do_unlock(fsp, conn, SVAL(inbuf,smb_pid), count, offset, &eclass, &ecode)) { END_PROFILE(SMBunlock); return (ERROR(eclass,ecode)); } @@ -4247,6 +4247,18 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return(outsize); } +/**************************************************************************** + Get a lock pid, dealing with large count requests. +****************************************************************************/ + +uint16 get_lock_pid( char *data, int data_offset, BOOL large_file_format) +{ + if(!large_file_format) + return SVAL(data,SMB_LPID_OFFSET(data_offset)); + else + return SVAL(data,SMB_LARGE__LPID_OFFSET(data_offset)); +} + /**************************************************************************** Get a lock count, dealing with large count requests. ****************************************************************************/ @@ -4346,6 +4358,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, uint16 num_ulocks = SVAL(inbuf,smb_vwv6); uint16 num_locks = SVAL(inbuf,smb_vwv7); SMB_BIG_UINT count = 0, offset = 0; + uint16 lock_pid; int32 lock_timeout = IVAL(inbuf,smb_vwv4); int i; char *data; @@ -4418,6 +4431,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); /* Data now points at the beginning of the list of smb_unlkrng structs */ for(i = 0; i < (int)num_ulocks; i++) { + lock_pid = get_lock_pid( data, i, large_file_format); count = get_lock_count( data, i, large_file_format); offset = get_lock_offset( data, i, large_file_format, &err); @@ -4429,10 +4443,10 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); return ERROR(ERRDOS,ERRnoaccess); } - DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for file %s\n", - (double)offset, (double)count, fsp->fsp_name )); + DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for pid %u, file %s\n", + (unsigned int)lock_pid, (double)offset, (double)count, fsp->fsp_name )); - if(!do_unlock(fsp,conn,count,offset, &eclass, &ecode)) { + if(!do_unlock(fsp,conn,lock_pid,count,offset, &eclass, &ecode)) { END_PROFILE(SMBlockingX); return ERROR(eclass,ecode); } @@ -4448,6 +4462,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); of smb_lkrng structs */ for(i = 0; i < (int)num_locks; i++) { + lock_pid = get_lock_pid( data, i, large_file_format); count = get_lock_count( data, i, large_file_format); offset = get_lock_offset( data, i, large_file_format, &err); @@ -4459,10 +4474,10 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); return ERROR(ERRDOS,ERRnoaccess); } - DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for file %s\n", - (double)offset, (double)count, fsp->fsp_name )); + DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid %u, file %s\n", + (unsigned int)lock_pid, (double)offset, (double)count, fsp->fsp_name )); - if(!do_lock(fsp,conn,count,offset, ((locktype & 1) ? READ_LOCK : WRITE_LOCK), + if(!do_lock(fsp,conn,lock_pid, count,offset, ((locktype & 1) ? READ_LOCK : WRITE_LOCK), &eclass, &ecode)) { if((ecode == ERRlock) && (lock_timeout != 0) && lp_blocking_locks(SNUM(conn))) { /* @@ -4488,6 +4503,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); * will delete it (and we shouldn't) ..... */ for(i--; i >= 0; i--) { + lock_pid = get_lock_pid( data, i, large_file_format); count = get_lock_count( data, i, large_file_format); offset = get_lock_offset( data, i, large_file_format, &err); @@ -4499,7 +4515,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); return ERROR(ERRDOS,ERRnoaccess); } - do_unlock(fsp,conn,count,offset,&dummy1,&dummy2); + do_unlock(fsp,conn,lock_pid,count,offset,&dummy1,&dummy2); } END_PROFILE(SMBlockingX); return ERROR(eclass,ecode); -- cgit From 0eb28dc851cf4c970dab01a3ef6da15bad3b4fa2 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 3 Jul 2001 17:40:43 +0000 Subject: Fixed incorrect debug parameters for lock_pid. Jeremy. (This used to be commit 310d2af6b0797cbd4f776b5c6c5b90a5d86b1aa9) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2539537bfc..d27f7842eb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4444,7 +4444,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); } DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for pid %u, file %s\n", - (unsigned int)lock_pid, (double)offset, (double)count, fsp->fsp_name )); + (double)offset, (double)count, (unsigned int)lock_pid, fsp->fsp_name )); if(!do_unlock(fsp,conn,lock_pid,count,offset, &eclass, &ecode)) { END_PROFILE(SMBlockingX); @@ -4475,7 +4475,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); } DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid %u, file %s\n", - (unsigned int)lock_pid, (double)offset, (double)count, fsp->fsp_name )); + (double)offset, (double)count, (unsigned int)lock_pid, fsp->fsp_name )); if(!do_lock(fsp,conn,lock_pid, count,offset, ((locktype & 1) ? READ_LOCK : WRITE_LOCK), &eclass, &ecode)) { -- cgit From 59db9bcbf084a23c1f8c7e1c7017f064b8c1e59c Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 4 Jul 2001 04:17:58 +0000 Subject: check for bad usernames early in session setup (This used to be commit 657836599a847578096696af27cd7c9f0d52c931) --- source3/smbd/reply.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d27f7842eb..edcc3f4838 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -858,6 +858,12 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int domain,native_os,native_lanman)); } + /* don't allow for weird usernames */ + alpha_strcpy(user, user, ". _-", sizeof(user)); + if (strstr(user, "..")) { + return bad_password_error(inbuf, outbuf); + } + DEBUG(3,("sesssetupX:name=[%s]\n",user)); /* If name ends in $ then I think it's asking about whether a */ -- cgit From 87fbb7092b8f8b2f0db0f361c3d625e19de57cd9 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 4 Jul 2001 07:15:53 +0000 Subject: The big character set handling changeover! This commit gets rid of all our old codepage handling and replaces it with iconv. All internal strings in Samba are now in "unix" charset, which may be multi-byte. See internals.doc and my posting to samba-technical for a more complete explanation. (This used to be commit debb471267960e56005a741817ebd227ecfc512a) --- source3/smbd/reply.c | 99 +++++++++++++++++++++------------------------------- 1 file changed, 39 insertions(+), 60 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index edcc3f4838..fe0f2862c6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -178,7 +178,6 @@ static int connection_error(char *inbuf,char *outbuf,int ecode) int reply_tcon(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - BOOL doencrypt = SMBENCRYPT(); pstring service; pstring user; pstring password; @@ -194,9 +193,9 @@ int reply_tcon(connection_struct *conn, *service = *user = *password = *dev = 0; p = smb_buf(inbuf)+1; - p += srvstr_pull(inbuf, service, p, sizeof(service), -1, STR_TERMINATE|STR_CONVERT) + 1; - p += srvstr_pull(inbuf, password, p, sizeof(password), -1, STR_TERMINATE|STR_CONVERT) + 1; - p += srvstr_pull(inbuf, dev, p, sizeof(dev), -1, STR_TERMINATE|STR_CONVERT) + 1; + p += srvstr_pull(inbuf, service, p, sizeof(service), -1, STR_TERMINATE) + 1; + p += srvstr_pull(inbuf, password, p, sizeof(password), -1, STR_TERMINATE) + 1; + p += srvstr_pull(inbuf, dev, p, sizeof(dev), -1, STR_TERMINATE) + 1; *user = 0; p = strchr(service,'%'); @@ -218,14 +217,6 @@ int reply_tcon(connection_struct *conn, pstrcpy(user,validated_username(vuid)); } - /* - * Ensure the user and password names are in UNIX codepage format. - */ - - pstrcpy(user,dos_to_unix(user,False)); - if (!doencrypt) - pstrcpy(password,dos_to_unix(password,False)); - /* * Pass the user through the NT -> unix user mapping * function. @@ -289,7 +280,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt memcpy(password,smb_buf(inbuf),passlen); password[passlen]=0; p = smb_buf(inbuf) + passlen; - p += srvstr_pull(inbuf, path, p, sizeof(path), -1, STR_TERMINATE|STR_CONVERT); + p += srvstr_pull(inbuf, path, p, sizeof(path), -1, STR_TERMINATE); if (passlen != 24) { if (strequal(password," ")) @@ -308,7 +299,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt *q++ = 0; fstrcpy(user,q); } - p += srvstr_pull(inbuf, devicename, p, sizeof(devicename), 6, STR_CONVERT|STR_ASCII); + p += srvstr_pull(inbuf, devicename, p, sizeof(devicename), 6, STR_ASCII); DEBUG(4,("Got device type %s\n",devicename)); @@ -343,7 +334,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message(outbuf,2,0,True); p = smb_buf(outbuf); p += srvstr_push(outbuf, p, devicename, -1, - STR_CONVERT|STR_TERMINATE|STR_ASCII); + STR_TERMINATE|STR_ASCII); set_message_end(outbuf,p); } else { /* NT sets the fstype of IPC$ to the null string */ @@ -353,9 +344,9 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt p = smb_buf(outbuf); p += srvstr_push(outbuf, p, devicename, -1, - STR_CONVERT|STR_TERMINATE|STR_ASCII); + STR_TERMINATE|STR_ASCII); p += srvstr_push(outbuf, p, fsname, -1, - STR_CONVERT|STR_TERMINATE); + STR_TERMINATE); set_message_end(outbuf,p); @@ -430,8 +421,8 @@ int reply_ioctl(connection_struct *conn, { case IOCTL_QUERY_JOB_INFO: SSVAL(p,0,fsp->print_jobid); /* Job number */ - srvstr_push(outbuf, p+2, global_myname, 15, STR_TERMINATE|STR_CONVERT|STR_ASCII); - srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_CONVERT|STR_ASCII); + srvstr_push(outbuf, p+2, global_myname, 15, STR_TERMINATE|STR_ASCII); + srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII); break; } @@ -731,9 +722,8 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int return(ERROR(ERRDOS,ERRbuftoosmall)); } - memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); - smb_apasswd[smb_apasslen] = 0; - srvstr_pull(inbuf, user, smb_buf(inbuf)+smb_apasslen, sizeof(user), -1, STR_TERMINATE|STR_CONVERT); + srvstr_pull(inbuf, smb_apasswd, smb_buf(inbuf), sizeof(smb_apasswd), smb_apasslen, 0); + srvstr_pull(inbuf, user, smb_buf(inbuf)+smb_apasslen, sizeof(user), -1, STR_TERMINATE); if (!doencrypt && (lp_security() != SEC_SERVER)) { smb_apasslen = strlen(smb_apasswd); @@ -814,23 +804,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int smb_ntpasslen = passlen2; memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen); smb_ntpasswd[smb_ntpasslen] = 0; - - /* - * Ensure the plaintext passwords are in UNIX format. - */ - if(!doencrypt) { - pstrcpy(smb_apasswd,dos_to_unix(smb_apasswd,False)); - pstrcpy(smb_ntpasswd,dos_to_unix(smb_ntpasswd,False)); - } - } else { /* we use the first password that they gave */ smb_apasslen = passlen1; StrnCpy(smb_apasswd,p,smb_apasslen); - /* - * Ensure the plaintext password is in UNIX format. - */ - pstrcpy(smb_apasswd,dos_to_unix(smb_apasswd,False)); /* trim the password */ smb_apasslen = strlen(smb_apasswd); @@ -843,20 +820,27 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } p += passlen1 + passlen2; - p += srvstr_pull(inbuf, user, p, sizeof(user), -1, STR_CONVERT|STR_TERMINATE); + p += srvstr_pull(inbuf, user, p, sizeof(user), -1, + STR_TERMINATE); /* * Incoming user and domain are in DOS codepage format. Convert * to UNIX. */ p += srvstr_pull(inbuf, domain, p, sizeof(domain), - -1, STR_CONVERT|STR_TERMINATE); + -1, STR_TERMINATE); p += srvstr_pull(inbuf, native_os, p, sizeof(native_os), - -1, STR_CONVERT|STR_TERMINATE); + -1, STR_TERMINATE); p += srvstr_pull(inbuf, native_lanman, p, sizeof(native_lanman), - -1, STR_CONVERT|STR_TERMINATE); + -1, STR_TERMINATE); DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", domain,native_os,native_lanman)); } + + /* don't allow for weird usernames */ + alpha_strcpy(user, user, ". _-", sizeof(user)); + if (strstr(user, "..")) { + return bad_password_error(inbuf, outbuf); + } /* don't allow for weird usernames */ alpha_strcpy(user, user, ". _-", sizeof(user)); @@ -923,7 +907,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* Work out who's who */ slprintf(dom_user, sizeof(dom_user) - 1,"%s%s%s", - dos_to_unix(domain, False), lp_winbind_separator(), user); + domain, lp_winbind_separator(), user); if (sys_getpwnam(dom_user) != NULL) { pstrcpy(user, dom_user); @@ -1050,9 +1034,9 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int char *p; set_message(outbuf,3,0,True); p = smb_buf(outbuf); - p += srvstr_push(outbuf, p, "Unix", -1, STR_TERMINATE|STR_CONVERT); - p += srvstr_push(outbuf, p, "Samba", -1, STR_TERMINATE|STR_CONVERT); - p += srvstr_push(outbuf, p, global_myworkgroup, -1, STR_TERMINATE|STR_CONVERT); + p += srvstr_push(outbuf, p, "Unix", -1, STR_TERMINATE); + p += srvstr_push(outbuf, p, "Samba", -1, STR_TERMINATE); + p += srvstr_push(outbuf, p, global_myworkgroup, -1, STR_TERMINATE); set_message_end(outbuf,p); /* perhaps grab OS version here?? */ } @@ -1544,7 +1528,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size outsize = set_message(outbuf,1,0,True); p = smb_buf(inbuf) + 1; - p += srvstr_pull(inbuf, path, p, sizeof(path), -1, STR_TERMINATE|STR_CONVERT); + p += srvstr_pull(inbuf, path, p, sizeof(path), -1, STR_TERMINATE); p++; status_len = SVAL(p,0); p += 2; @@ -1886,7 +1870,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBctemp); createmode = SVAL(inbuf,smb_vwv0); - srvstr_pull(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), -1, STR_TERMINATE|STR_CONVERT); + srvstr_pull(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), -1, STR_TERMINATE); pstrcat(fname,"/TMXXXXXX"); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -1928,7 +1912,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SSVAL(outbuf,smb_vwv0,fsp->fnum); CVAL(smb_buf(outbuf),0) = 4; p = smb_buf(outbuf) + 1; - p += srvstr_push(outbuf, p, fname2, -1, STR_TERMINATE|STR_CONVERT); + p += srvstr_push(outbuf, p, fname2, -1, STR_TERMINATE); set_message_end(outbuf, p); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { @@ -1957,7 +1941,7 @@ static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) if (!CAN_WRITE(conn)) return(False); - if (conn->vfs_ops.lstat(conn,dos_to_unix(fname,False),&sbuf) != 0) return(False); + if (conn->vfs_ops.lstat(conn,fname,&sbuf) != 0) return(False); fmode = dos_mode(conn,fname,&sbuf); if (fmode & aDIR) return(False); if (!lp_delete_readonly(SNUM(conn))) { @@ -3333,7 +3317,7 @@ int reply_printqueue(connection_struct *conn, SSVAL(p,5, queue[i].job); SIVAL(p,7,queue[i].size); CVAL(p,11) = 0; - srvstr_push(outbuf, p+12, queue[i].user, 16, STR_CONVERT|STR_ASCII); + srvstr_push(outbuf, p+12, queue[i].user, 16, STR_ASCII); p += 28; } @@ -3472,7 +3456,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(conn->vfs_ops.lstat(conn,dos_to_unix(fullname,False), &st) != 0) + if(conn->vfs_ops.lstat(conn,fullname, &st) != 0) { ret = True; break; @@ -3556,7 +3540,7 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(conn->vfs_ops.lstat(conn,dos_to_unix(fullname, False), &st) != 0) + if(conn->vfs_ops.lstat(conn,fullname, &st) != 0) break; if(st.st_mode & S_IFDIR) { @@ -3707,7 +3691,7 @@ static BOOL can_rename(char *fname,connection_struct *conn) if (!CAN_WRITE(conn)) return(False); - if (conn->vfs_ops.lstat(conn,dos_to_unix(fname,False),&sbuf) != 0) return(False); + if (conn->vfs_ops.lstat(conn,fname,&sbuf) != 0) return(False); if (!check_file_sharing(conn,fname,True)) return(False); return(True); } @@ -3732,7 +3716,6 @@ int rename_internals(connection_struct *conn, BOOL exists=False; BOOL rc = True; SMB_STRUCT_STAT sbuf1, sbuf2; - pstring zdirectory; *directory = *mask = 0; @@ -3830,7 +3813,6 @@ int rename_internals(connection_struct *conn, } } - pstrcpy(zdirectory, dos_to_unix(directory, False)); if(replace_if_exists) { /* * NT SMB specific flag - rename can overwrite @@ -3840,15 +3822,13 @@ int rename_internals(connection_struct *conn, if(resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !conn->vfs_ops.rename(conn,zdirectory, - dos_to_unix(newname,False))) + !conn->vfs_ops.rename(conn,directory,newname)) count++; } else { if (resolve_wildcards(directory,newname) && can_rename(directory,conn) && !vfs_file_exist(conn,newname,NULL) && - !conn->vfs_ops.rename(conn,zdirectory, - dos_to_unix(newname,False))) + !conn->vfs_ops.rename(conn,directory,newname)) count++; } @@ -3906,8 +3886,7 @@ int rename_internals(connection_struct *conn, continue; } - if (!conn->vfs_ops.rename(conn,dos_to_unix(fname,False), - dos_to_unix(destname,False))) + if (!conn->vfs_ops.rename(conn,fname,destname)) count++; DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } @@ -4228,7 +4207,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return(ERROR(ERRDOS,ERRnoaccess)); } - srvstr_pull(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), -1, STR_TERMINATE|STR_CONVERT); + srvstr_pull(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), -1, STR_TERMINATE); if (strlen(newdir) == 0) { ok = True; -- cgit From 527e824293ee934ca5da0ef5424efe5ab7757248 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 4 Jul 2001 07:36:09 +0000 Subject: strchr and strrchr are macros when compiling with optimisation in gcc, so we can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf) --- source3/smbd/reply.c | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fe0f2862c6..a331073093 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -198,13 +198,13 @@ int reply_tcon(connection_struct *conn, p += srvstr_pull(inbuf, dev, p, sizeof(dev), -1, STR_TERMINATE) + 1; *user = 0; - p = strchr(service,'%'); + p = strchr_m(service,'%'); if (p != NULL) { *p = 0; fstrcpy(user,p+1); } - p = strrchr(service,'\\'); + p = strrchr_m(service,'\\'); if (p) { pstrcpy(service, p+1); } @@ -288,13 +288,13 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt passlen = strlen(password); } - q = strchr(path+2,'\\'); + q = strchr_m(path+2,'\\'); if (!q) { END_PROFILE(SMBtconX); return(ERROR(ERRDOS,ERRnosuchshare)); } fstrcpy(service,q+1); - q = strchr(service,'%'); + q = strchr_m(service,'%'); if (q) { *q++ = 0; fstrcpy(user,q); @@ -1362,7 +1362,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!check_name(directory,conn)) can_open = False; - p = strrchr(dir2,'/'); + p = strrchr_m(dir2,'/'); if (p == NULL) { pstrcpy(mask,dir2); @@ -1374,7 +1374,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstrcpy(mask,p+1); } - p = strrchr(directory,'/'); + p = strrchr_m(directory,'/'); if (!p) *directory = 0; else @@ -1976,7 +1976,7 @@ int unlink_internals(connection_struct *conn, char *inbuf,char *outbuf, rc = unix_convert(name,conn,0,&bad_path,&sbuf); - p = strrchr(name,'/'); + p = strrchr_m(name,'/'); if (!p) { pstrcpy(directory,"./"); pstrcpy(mask,name); @@ -3627,21 +3627,21 @@ static BOOL resolve_wildcards(char *name1,char *name2) fstring ext1,ext2; char *p,*p2; - name1 = strrchr(name1,'/'); - name2 = strrchr(name2,'/'); + name1 = strrchr_m(name1,'/'); + name2 = strrchr_m(name2,'/'); if (!name1 || !name2) return(False); fstrcpy(root1,name1); fstrcpy(root2,name2); - p = strrchr(root1,'.'); + p = strrchr_m(root1,'.'); if (p) { *p = 0; fstrcpy(ext1,p+1); } else { fstrcpy(ext1,""); } - p = strrchr(root2,'.'); + p = strrchr_m(root2,'.'); if (p) { *p = 0; fstrcpy(ext2,p+1); @@ -3731,7 +3731,7 @@ int rename_internals(connection_struct *conn, * as this is checked in resolve_wildcards(). */ - p = strrchr(name,'/'); + p = strrchr_m(name,'/'); if (!p) { pstrcpy(directory,"."); pstrcpy(mask,name); @@ -3767,7 +3767,7 @@ int rename_internals(connection_struct *conn, pstrcat(directory,mask); /* Ensure newname contains a '/' also */ - if(strrchr(newname,'/') == 0) { + if(strrchr_m(newname,'/') == 0) { pstring tmpstr; pstrcpy(tmpstr, "./"); @@ -3800,7 +3800,7 @@ int rename_internals(connection_struct *conn, * Note that we guarantee that newname contains a '/' * character above. */ - p = strrchr(newname,'/'); + p = strrchr_m(newname,'/'); pstrcpy(newname_modified_last_component,p+1); if(strcsequal(newname_modified_last_component, @@ -3966,7 +3966,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, pstrcpy(dest,dest1); if (target_is_directory) { - char *p = strrchr(src,'/'); + char *p = strrchr_m(src,'/'); if (p) p++; else @@ -4091,7 +4091,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(ERROR(ERRSRV,ERRerror)); } - p = strrchr(name,'/'); + p = strrchr_m(name,'/'); if (!p) { pstrcpy(directory,"./"); pstrcpy(mask,name); -- cgit From 55bd0867d8610f75e2696b1539ca1b1ca3aa062d Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 5 Jul 2001 04:34:50 +0000 Subject: use alpha_strcpy on the domain as it comes off the wire (This used to be commit 3b9eb528f56b325399e5a4588242bb6d9f9226e2) --- source3/smbd/reply.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a331073093..b7291f5577 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -836,15 +836,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int domain,native_os,native_lanman)); } - /* don't allow for weird usernames */ + /* don't allow for weird usernames or domains */ alpha_strcpy(user, user, ". _-", sizeof(user)); - if (strstr(user, "..")) { - return bad_password_error(inbuf, outbuf); - } - - /* don't allow for weird usernames */ - alpha_strcpy(user, user, ". _-", sizeof(user)); - if (strstr(user, "..")) { + alpha_strcpy(domain, domain, ". _-", sizeof(domain)); + if (strstr(user, "..") || strstr(domain,"..")) { return bad_password_error(inbuf, outbuf); } -- cgit From 8ffcec213e633c4844b470339a5608000fdcf773 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 5 Jul 2001 06:39:15 +0000 Subject: fixed a bug in the parameters SMBctemp uses in open_file_shared() (This used to be commit a1dee993cbf52e7232b65323430c8574843eb168) --- source3/smbd/reply.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b7291f5577..3103ed9c8d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1851,7 +1851,6 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; - pstring fname2; int outsize = 0; int createmode; mode_t unixmode; @@ -1880,14 +1879,14 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRDOS,ERRnoaccess)); } - vfs_stat(conn,fname2,&sbuf); + vfs_stat(conn,fname,&sbuf); /* Open file in dos compatibility share mode. */ /* We should fail if file does not exist. */ fsp = open_file_shared(conn,fname,&sbuf, - SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), - FILE_FAIL_IF_NOT_EXIST, - unixmode, oplock_request, NULL, NULL); + SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + FILE_EXISTS_OPEN|FILE_FAIL_IF_NOT_EXIST, + unixmode, oplock_request, NULL, NULL); /* close fd from smb_mkstemp() */ close(tmpfd); @@ -1907,7 +1906,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SSVAL(outbuf,smb_vwv0,fsp->fnum); CVAL(smb_buf(outbuf),0) = 4; p = smb_buf(outbuf) + 1; - p += srvstr_push(outbuf, p, fname2, -1, STR_TERMINATE); + p += srvstr_push(outbuf, p, fname, -1, STR_TERMINATE); set_message_end(outbuf, p); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { @@ -1917,9 +1916,9 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; - DEBUG( 2, ( "created temp file %s\n", fname2 ) ); + DEBUG( 2, ( "created temp file %s\n", fname ) ); DEBUG( 3, ( "ctemp %s fd=%d dmode=%d umode=%o\n", - fname2, fsp->fd, createmode, (int)unixmode ) ); + fname, fsp->fd, createmode, (int)unixmode ) ); END_PROFILE(SMBctemp); return(outsize); -- cgit From aff5f5c15834ffd9b02ea91c7ac146bd4f3cb213 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 5 Jul 2001 18:07:46 +0000 Subject: Fix for rabbit-pellet mode. Chris please test this. Thanks for Dave CB for help on this. Jeremy. (This used to be commit 7efaefdf60e1880cf4ab97e1901248abd00acd79) --- source3/smbd/reply.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3103ed9c8d..21a4eca714 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2538,6 +2538,12 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, follows what WfWg does */ END_PROFILE(SMBwritebraw); if (!write_through && total_written==tcount) { + /* + * Fix for "rabbit pellet" mode, trigger an early TCP ack by + * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA. + */ + if (!send_keepalive(smbd_server_fd())) + exit_server("reply_writebraw: send of keepalive failed"); return(-1); } -- cgit From 7a58c800ed8e86a26b2db44a417ebaadb0dd48b7 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 6 Jul 2001 04:08:24 +0000 Subject: fixed bug where we looked at the first byte of a password to determine if the password is blank. That ain't valid with encrypted passwords! Jeremy, this changes the semantics of session setup. We no longer automatically set guest=True when the client happens to choose their username == the guest username. Instead we rely on the map_to_guest code. I'm pretty sure this is now the right thing, but please look at it carefully before putting it in 2.2 This is the bug that was causing the build farm to sometimes fail. Basically we failed every 256 attempts - ie. when the first byte of the encrypted password happened to be 0 (This used to be commit 4b35a3494c53fe38532fc12cf1c57e1a3715ad0f) --- source3/smbd/reply.c | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 21a4eca714..da0417203d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -873,10 +873,8 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* If no username is sent use the guest account */ if (!*user) { - pstrcpy(user,lp_guestaccount(-1)); - /* If no user and no password then set guest flag. */ - if( *smb_apasswd == 0) - guest = True; + pstrcpy(user,lp_guestaccount(-1)); + guest = True; } pstrcpy(current_user_info.smb_name,user); @@ -924,13 +922,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int add_session_user(user); - /* - * Check if the given username was the guest user with no password. - */ - - if(!guest && strequal(user,lp_guestaccount(-1)) && (*smb_apasswd == 0)) - guest = True; - /* * Check with orig_user for security=server and * security=domain. @@ -942,7 +933,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int smb_apasslen, smb_ntpasswd, smb_ntpasslen) && !check_hosts_equiv(user)) { - /* * If we get here then the user wasn't guest and the remote * authentication methods failed. Check the authentication -- cgit From 5b8d230e39cedda6117cf8528065cbab45bdd835 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 8 Jul 2001 14:10:30 +0000 Subject: This removes unused paramaters from various authtication functions, and should not change behaviour. This should make my later diffs smaller, where I actualy start cleaning up this mess... Andrew Bartlett (This used to be commit 04f090c224bb7ac3b53c430a591fce1fc939a81c) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index da0417203d..5abd737c37 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -945,7 +945,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if(smb_ntpasslen) { - if(!password_ok(user, smb_ntpasswd,smb_ntpasslen,NULL)) + if(!password_ok(user, smb_ntpasswd,smb_ntpasslen)) DEBUG(2,("NT Password did not match for user '%s'!\n", user)); else valid_nt_password = True; @@ -957,7 +957,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!valid_nt_password && lp_lanman_auth()) { DEBUG(2,("Defaulting to Lanman password for %s\n", user)); - valid_lm_password = password_ok(user, smb_apasswd,smb_apasslen,NULL); + valid_lm_password = password_ok(user, smb_apasswd,smb_apasslen); } -- cgit From 1f9a689f1fe3adb91970b7b3aa962d96451a4e1e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 11 Jul 2001 18:52:43 +0000 Subject: Toomas Soome's fix for joining a domain the old way. Jeremy. (This used to be commit 8db233c8b5866df2b3f9f4ed64e7de95807cf371) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5abd737c37..20f5e0fbe2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -837,7 +837,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } /* don't allow for weird usernames or domains */ - alpha_strcpy(user, user, ". _-", sizeof(user)); + alpha_strcpy(user, user, ". _-$", sizeof(user)); alpha_strcpy(domain, domain, ". _-", sizeof(domain)); if (strstr(user, "..") || strstr(domain,"..")) { return bad_password_error(inbuf, outbuf); -- cgit From 9cbe6e8166b3397add8c124c867e7848963c4b80 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 21 Jul 2001 02:23:19 +0000 Subject: This patch fixes up a few issues where we would do lookups in the local system on username we already know are perfectly valid, and in their final form. In particular we don't want to do a lookup for DOMAIN\nobody, it just does not make sense, nor should we do map_username and the like if the username is as specified in the vuid - we have done it already. Andrew Bartlett (This used to be commit 7cb517329b0fa2dec427a890a985c75cd467a3b0) --- source3/smbd/reply.c | 80 +++++++++++++++++++++++++++------------------------- 1 file changed, 42 insertions(+), 38 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 20f5e0fbe2..e32ea3e8e1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -215,20 +215,21 @@ int reply_tcon(connection_struct *conn, if (*user == '\0' && (lp_security() != SEC_SHARE) && validated_username(vuid)) { pstrcpy(user,validated_username(vuid)); + } else { + + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + (void)map_username(user); + + /* + * Do any UNIX username case mangling. + */ + (void)Get_Pwnam( user, True); } - /* - * Pass the user through the NT -> unix user mapping - * function. - */ - - (void)map_username(user); - - /* - * Do any UNIX username case mangling. - */ - (void)Get_Pwnam( user, True); - conn = make_connection(service,user,password,pwlen,dev,vuid,&ecode); if (!conn) { @@ -309,20 +310,22 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (*user == '\0' && (lp_security() != SEC_SHARE) && validated_username(vuid)) { pstrcpy(user,validated_username(vuid)); + } else { + + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + (void)map_username(user); + + /* + * Do any UNIX username case mangling. + */ + (void)Get_Pwnam(user, True); + } - /* - * Pass the user through the NT -> unix user mapping - * function. - */ - - (void)map_username(user); - - /* - * Do any UNIX username case mangling. - */ - (void)Get_Pwnam(user, True); - conn = make_connection(service,user,password,passlen,devicename,vuid,&ecode); if (!conn) { @@ -892,9 +895,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* * Always try the "DOMAIN\user" lookup first, as this is the most * specific case. If this fails then try the simple "user" lookup. + * But don't do this for guests, as this is always a local user. */ - { + if (!guest) { pstring dom_user; /* Work out who's who */ @@ -906,20 +910,20 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int pstrcpy(user, dom_user); DEBUG(3,("Using unix username %s\n", dom_user)); } - } - - /* - * Pass the user through the NT -> unix user mapping - * function. - */ - - (void)map_username(user); - - /* - * Do any UNIX username case mangling. - */ - smb_getpwnam(user, True); + /* + * Pass the user through the NT -> unix user mapping + * function. + */ + + (void)map_username(user); + + /* + * Do any UNIX username case mangling. + */ + smb_getpwnam(user, True); + } + add_session_user(user); /* -- cgit From 1d07607b39c0d3ff345c10893b4e8b1a6c7dabb4 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 25 Jul 2001 13:25:31 +0000 Subject: we need to pull passwords in client charset for crypto to work (This used to be commit 9a87d6f58fc005ddf2daf6fceb12a54fdc48f3b7) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e32ea3e8e1..324734a79d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -725,7 +725,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int return(ERROR(ERRDOS,ERRbuftoosmall)); } - srvstr_pull(inbuf, smb_apasswd, smb_buf(inbuf), sizeof(smb_apasswd), smb_apasslen, 0); + memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); srvstr_pull(inbuf, user, smb_buf(inbuf)+smb_apasslen, sizeof(user), -1, STR_TERMINATE); if (!doencrypt && (lp_security() != SEC_SERVER)) { -- cgit From 986372901e85a79343ba32f590a4a3e7658d2565 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 3 Aug 2001 13:09:23 +0000 Subject: This is my 'Authentication Rewrite' version 1.01, mostly as submitted to samba-technical a few weeks ago. The idea here is to standardize the checking of user names and passwords, thereby ensuring that all authtentications pass the same standards. The interface currently implemented in as nt_status = check_password(user_info, server_info) where user_info contains (mostly) the authentication data, and server_info contains things like the user-id they got, and their resolved user name. The current ugliness with the way the structures are created will be killed the next revision, when they will be created and malloced by creator functions. This patch also includes the first implementation of NTLMv2 in HEAD, but which needs some more testing. We also add a hack to allow plaintext passwords to be compared with smbpasswd, not the system password database. Finally, this patch probably reintroduces the PAM accounts bug we had in 2.2.0, I'll fix that once this hits the tree. (I've just finished testing it on a wide variety of platforms, so I want to get this patch in). (This used to be commit b30b6202f31d339b48d51c0d38174cafd1cfcd42) --- source3/smbd/reply.c | 256 +++++++++------------------------------------------ 1 file changed, 46 insertions(+), 210 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 324734a79d..ab3fba9830 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -433,6 +433,11 @@ int reply_ioctl(connection_struct *conn, return outsize; } +/**************************************************************************** + This function breaks the authentication split. It needs sorting out. + I can't see why we can't hadle this INSIDE the check_password, as in then + end all it does it spit out an nt_status code. + ****************************************************************************/ /**************************************************************************** always return an error: it's just a matter of which one... ****************************************************************************/ @@ -444,7 +449,40 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out SAM_ACCOUNT *sam_trust_acct = NULL; uint16 acct_ctrl; BOOL ret; - + auth_usersupplied_info user_info; + auth_serversupplied_info server_info; + AUTH_STR domain, smb_username, wksta_name; + + ZERO_STRUCT(user_info); + ZERO_STRUCT(server_info); + ZERO_STRUCT(domain); + ZERO_STRUCT(smb_username); + ZERO_STRUCT(wksta_name); + + domain.str = lp_workgroup(); + domain.len = strlen(domain.str); + + user_info.requested_domain = domain; + user_info.domain = domain; + + smb_username.str = user; + smb_username.len = strlen(smb_username.str); + + user_info.requested_username = smb_username; /* For the time-being */ + user_info.smb_username = smb_username; + + user_info.wksta_name = wksta_name; + + user_info.lm_resp.buffer = (uint8 *)smb_passwd; + user_info.lm_resp.len = smb_passlen; + user_info.nt_resp.buffer = (uint8 *)smb_nt_passwd; + user_info.nt_resp.len = smb_nt_passlen; + + if (!last_challenge(user_info.chal)) { + DEBUG(1,("smb_password_ok: no challenge done - password failed\n")); + return NT_STATUS_LOGON_FAILURE; + } + pdb_init_sam(&sam_trust_acct); if (lp_security() == SEC_USER) { @@ -470,7 +508,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(sam_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { + if (!smb_password_ok(sam_trust_acct, &user_info, &server_info)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); pdb_free_sam(sam_trust_acct); @@ -503,173 +541,6 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out return(ERROR(0, NT_STATUS_LOGON_FAILURE)); } -/**************************************************************************** - Create a UNIX user on demand. -****************************************************************************/ - -int smb_create_user(char *unix_user, char *homedir) -{ - pstring add_script; - int ret; - - pstrcpy(add_script, lp_adduser_script()); - if (! *add_script) return -1; - all_string_sub(add_script, "%u", unix_user, sizeof(pstring)); - if (homedir) - all_string_sub(add_script, "%H", homedir, sizeof(pstring)); - ret = smbrun(add_script,NULL); - DEBUG(3,("smb_create_user: Running the command `%s' gave %d\n",add_script,ret)); - return ret; -} - -/**************************************************************************** - Delete a UNIX user on demand. -****************************************************************************/ - -static int smb_delete_user(char *unix_user) -{ - pstring del_script; - int ret; - - pstrcpy(del_script, lp_deluser_script()); - if (! *del_script) return -1; - all_string_sub(del_script, "%u", unix_user, sizeof(pstring)); - ret = smbrun(del_script,NULL); - DEBUG(3,("smb_delete_user: Running the command `%s' gave %d\n",del_script,ret)); - return ret; -} - -/**************************************************************************** - Check user is in correct domain if required -****************************************************************************/ - -static BOOL check_domain_match(char *user, char *domain) -{ - /* - * If we aren't serving to trusted domains, we must make sure that - * the validation request comes from an account in the same domain - * as the Samba server - */ - - if (!lp_allow_trusted_domains() && - !strequal(lp_workgroup(), domain) ) { - DEBUG(1, ("check_domain_match: Attempt to connect as user %s from domain %s denied.\n", user, domain)); - return False; - } else { - return True; - } -} - -/**************************************************************************** - Check for a valid username and password in security=server mode. -****************************************************************************/ - -static BOOL check_server_security(char *orig_user, char *domain, char *unix_user, - char *smb_apasswd, int smb_apasslen, - char *smb_ntpasswd, int smb_ntpasslen) -{ - BOOL ret = False; - - if(lp_security() != SEC_SERVER) - return False; - - if (!check_domain_match(orig_user, domain)) - return False; - - ret = server_validate(orig_user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen); - if(ret) { - struct passwd *pwd=NULL; - - /* - * User validated ok against Domain controller. - * If the admin wants us to try and create a UNIX - * user on the fly, do so. - * Note that we can never delete users when in server - * level security as we never know if it was a failure - * due to a bad password, or the user really doesn't exist. - */ - if(lp_adduser_script() && !(pwd = smb_getpwnam(unix_user,True))) { - smb_create_user(unix_user, NULL); - } - - if(lp_adduser_script() && pwd) { - SMB_STRUCT_STAT st; - - /* - * Also call smb_create_user if the users home directory - * doesn't exist. Used with winbindd to allow the script to - * create the home directory for a user mapped with winbindd. - */ - - if (pwd->pw_shell && (sys_stat(pwd->pw_dir, &st) == -1) && (errno == ENOENT)) - smb_create_user(unix_user, pwd->pw_dir); - } - } - - return ret; -} - -/**************************************************************************** - Check for a valid username and password in security=domain mode. -****************************************************************************/ - -static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user, - char *smb_apasswd, int smb_apasslen, - char *smb_ntpasswd, int smb_ntpasslen) -{ - BOOL ret = False; - BOOL user_exists = True; - struct passwd *pwd=NULL; - - if(lp_security() != SEC_DOMAIN) - return False; - - if (!check_domain_match(orig_user, domain)) - return False; - - ret = domain_client_validate(orig_user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen, - &user_exists, NULL); - - if(ret) { - /* - * User validated ok against Domain controller. - * If the admin wants us to try and create a UNIX - * user on the fly, do so. - */ - if(user_exists && lp_adduser_script() && !(pwd = smb_getpwnam(unix_user,True))) - smb_create_user(unix_user, NULL); - - if(lp_adduser_script() && pwd) { - SMB_STRUCT_STAT st; - - /* - * Also call smb_create_user if the users home directory - * doesn't exist. Used with winbindd to allow the script to - * create the home directory for a user mapped with winbindd. - */ - - if (pwd->pw_dir && (sys_stat(pwd->pw_dir, &st) == -1) && (errno == ENOENT)) - smb_create_user(unix_user, pwd->pw_dir); - } - - } else { - /* - * User failed to validate ok against Domain controller. - * If the failure was "user doesn't exist" and admin - * wants us to try and delete that UNIX user on the fly, - * do so. - */ - if(!user_exists && lp_deluser_script() && smb_getpwnam(unix_user,True)) - smb_delete_user(unix_user); - } - - return ret; -} - /**************************************************************************** Return a bad password error configured for the correct client type. ****************************************************************************/ @@ -701,8 +572,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int pstring smb_apasswd; int smb_ntpasslen = 0; pstring smb_ntpasswd; - BOOL valid_nt_password = False; - BOOL valid_lm_password = False; + BOOL valid_password = False; pstring user; pstring orig_user; fstring domain; @@ -926,50 +796,16 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int add_session_user(user); - /* - * Check with orig_user for security=server and - * security=domain. - */ - - if (!guest && !check_server_security(orig_user, domain, user, - smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen) && - !check_domain_security(orig_user, domain, user, smb_apasswd, - smb_apasslen, smb_ntpasswd, smb_ntpasslen) && - !check_hosts_equiv(user)) - { - /* - * If we get here then the user wasn't guest and the remote - * authentication methods failed. Check the authentication - * methods on this local server. - * - * If an NT password was supplied try and validate with that - * first. This is superior as the passwords are mixed case - * 128 length unicode. - */ - - if(smb_ntpasslen) - { - if(!password_ok(user, smb_ntpasswd,smb_ntpasslen)) - DEBUG(2,("NT Password did not match for user '%s'!\n", user)); - else - valid_nt_password = True; - } - - - /* check the LanMan password only if necessary and if allowed - by lp_lanman_auth() */ - if (!valid_nt_password && lp_lanman_auth()) - { - DEBUG(2,("Defaulting to Lanman password for %s\n", user)); - valid_lm_password = password_ok(user, smb_apasswd,smb_apasslen); - } - + if (!guest) { + valid_password = (pass_check_smb(user, domain, + smb_apasswd, smb_apasslen, + smb_ntpasswd, smb_ntpasslen) == NT_STATUS_NOPROBLEMO); /* The true branch will be executed if (1) the NT password failed (or was not tried), and (2) LanMan authentication failed (or was disabled) */ - if (!valid_nt_password && !valid_lm_password) + if (!valid_password) { if (lp_security() >= SEC_USER) { -- cgit From 4f415ef128528bcecddceee353d40dd3eedf64fd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 3 Aug 2001 19:32:33 +0000 Subject: The write zero bytes is an allocate, not set EOF. Jeremy. (This used to be commit 28b4ee1eba5fbfd83c000a0e485632c477b7bfa9) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ab3fba9830..a956261a78 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2477,7 +2477,8 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d zero then the file size should be extended or truncated to the size given in smb_vwv[2-3] */ if(numtowrite == 0) { - nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos); + /* This is actually an allocate call, not set EOF. JRA */ + nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos); } else nwritten = write_file(fsp,data,startpos,numtowrite); -- cgit From 0c218e1abe237e23014332b014ec06f2e9d27e5e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 7 Aug 2001 01:19:32 +0000 Subject: Added fixes to return correct error codes on space allocation fail. Jeremy. (This used to be commit 3bf2419f4b7a9d46a1d48062212a6a6579c22b92) --- source3/smbd/reply.c | 31 ++++++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a956261a78..d31c83da9b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2442,8 +2442,32 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int siz } /**************************************************************************** - reply to a write + Return correct error for space allocation fail. ****************************************************************************/ + +int allocate_space_error(char *inbuf,char *outbuf, int errno_val) +{ + errno = errno_val; + if (!(global_client_caps & CAP_STATUS32)) + return (UNIXERROR(ERRHRD,ERRdiskfull)); + + /* Use more specific WNT/W2K error codes. */ +#ifdef EDQUOT + if (errno_val == ENOSPC || errno_val == EDQUOT) { +#else + if (errno_val == ENOSPC) { +#endif + SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); + return(ERROR(0,errno == ENOSPC ? NT_STATUS_DISK_FULL : NT_STATUS_QUOTA_EXCEEDED)); + } + + return (UNIXERROR(ERRHRD,ERRdiskfull)); +} + +/**************************************************************************** + Reply to a write. +****************************************************************************/ + int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize) { size_t numtowrite; @@ -2479,6 +2503,11 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d if(numtowrite == 0) { /* This is actually an allocate call, not set EOF. JRA */ nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos); + if (nwritten < 0) { + int ret = allocate_space_error(inbuf, outbuf, errno); + END_PROFILE(SMBwrite); + return ret; + } } else nwritten = write_file(fsp,data,startpos,numtowrite); -- cgit From 64c24ebf6d0b159a744739cf14b1b45fd3dda01d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 7 Aug 2001 19:18:27 +0000 Subject: Always return NT_STATUS_DISK_FULL, even for quota errors. Jeremy. (This used to be commit e4a295b730b3d1ee784c896611d184c7699c74e7) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d31c83da9b..3ba1d4eea9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2458,7 +2458,7 @@ int allocate_space_error(char *inbuf,char *outbuf, int errno_val) if (errno_val == ENOSPC) { #endif SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0,errno == ENOSPC ? NT_STATUS_DISK_FULL : NT_STATUS_QUOTA_EXCEEDED)); + return(ERROR(0,NT_STATUS_DISK_FULL)); } return (UNIXERROR(ERRHRD,ERRdiskfull)); -- cgit From 90d2460cf0e644e82650763c502332e5adad27e7 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 17 Aug 2001 05:38:44 +0000 Subject: One less getpwnam() call... Andrew Bartlett (This used to be commit 204da7ba96b0c562bab5e5536728a0378077bdc7) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3ba1d4eea9..47a363ae8d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -567,6 +567,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int int sess_vuid; gid_t gid; uid_t uid; + char* full_name; int smb_bufsize; int smb_apasslen = 0; pstring smb_apasswd; @@ -879,6 +880,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } gid = pw->pw_gid; uid = pw->pw_uid; + full_name = pw->pw_gecos; } if (guest) @@ -887,7 +889,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - sess_vuid = register_vuid(uid,gid,user,current_user_info.smb_name,domain,guest); + sess_vuid = register_vuid(uid,gid,user,current_user_info.smb_name,domain,guest, full_name); if (sess_vuid == -1) { return(ERROR(ERRDOS,ERRnoaccess)); -- cgit From 578a39d44f532a211169a7635043e2dfc18b3c65 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 17 Aug 2001 07:03:27 +0000 Subject: smbd/auth_server: Doco, we want to use cli_nt_error here soon smbd/password.c: We don't use globals here anymore smbd/reply.c: Tidyness, global_myworkgroup must die! smbd/service.c: Move some of the make_connection code into a helper function. (This used to be commit 15c87e404fcaff9e360a40b8b673938c6e611daf) --- source3/smbd/reply.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 47a363ae8d..ee71854687 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -37,7 +37,6 @@ extern BOOL case_preserve; extern BOOL short_case_preserve; extern userdom_struct current_user_info; extern pstring global_myname; -extern fstring global_myworkgroup; extern int global_oplock_break; uint32 global_client_caps = 0; unsigned int smb_echo_count = 0; @@ -800,7 +799,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!guest) { valid_password = (pass_check_smb(user, domain, smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen) == NT_STATUS_NOPROBLEMO); + smb_ntpasswd, smb_ntpasslen) == NT_STATUS_NOPROBLEMO); /* The true branch will be executed if (1) the NT password failed (or was not tried), and @@ -862,7 +861,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int p = smb_buf(outbuf); p += srvstr_push(outbuf, p, "Unix", -1, STR_TERMINATE); p += srvstr_push(outbuf, p, "Samba", -1, STR_TERMINATE); - p += srvstr_push(outbuf, p, global_myworkgroup, -1, STR_TERMINATE); + p += srvstr_push(outbuf, p, lp_workgroup(), -1, STR_TERMINATE); set_message_end(outbuf,p); /* perhaps grab OS version here?? */ } -- cgit From f9ce2028104fcb1694bc3e8f8d4b7ac3ec8c972e Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 20 Aug 2001 21:11:55 +0000 Subject: two fixes for NT clients -> share level Samba server (This used to be commit a25911d58c752350b62b205cfb0d6fc5b1c90cef) --- source3/smbd/reply.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ee71854687..eb97382750 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -632,7 +632,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int passlen1 = MIN(passlen1, MAX_PASS_LEN); passlen2 = MIN(passlen2, MAX_PASS_LEN); - if(!doencrypt) { + if (!doencrypt) { /* both Win95 and WinNT stuff up the password lengths for non-encrypting systems. Uggh. @@ -716,6 +716,14 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int return bad_password_error(inbuf, outbuf); } + if (lp_security() == SEC_SHARE) { + /* in share level we should ignore any passwords */ + smb_ntpasslen = 0; + smb_apasslen = 0; + guest = True; + } + + DEBUG(3,("sesssetupX:name=[%s]\n",user)); /* If name ends in $ then I think it's asking about whether a */ -- cgit From fe626d22bfd25231db487180dd7e517db93b573e Mon Sep 17 00:00:00 2001 From: Jean-François Micouleau Date: Wed, 22 Aug 2001 13:08:01 +0000 Subject: The DELL powervault 705 is sending a tcon&x with the service name being "share" instead of "\\server\share". Fix that. Still not able to get the user list but that's something else. Jeremy I don't think I broke anything ;-) J.F. (This used to be commit 59018c58e4158e9ccb51c42ca32e490f32ee0def) --- source3/smbd/reply.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index eb97382750..bef1b15084 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -288,12 +288,22 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt passlen = strlen(password); } - q = strchr_m(path+2,'\\'); - if (!q) { - END_PROFILE(SMBtconX); - return(ERROR(ERRDOS,ERRnosuchshare)); + + /* + * the service name can be either: \\server\share + * or share directly like on the DELL PowerVault 705 + */ + if (*path=='\\') { + q = strchr_m(path+2,'\\'); + if (!q) { + END_PROFILE(SMBtconX); + return(ERROR(ERRDOS,ERRnosuchshare)); + } + fstrcpy(service,q+1); } - fstrcpy(service,q+1); + else + fstrcpy(service,path); + q = strchr_m(service,'%'); if (q) { *q++ = 0; -- cgit From 2051bb7d0366e07c5ecda5e5f7cfedc4153d6228 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 22 Aug 2001 19:11:55 +0000 Subject: A few changes: drop paramaters: status utmp hostname change session code to always record each vuid current on the server. The sessionid struct is no longer packed, as I couldn't get that to work ;-) change smbstatus to show this info and less of the connections.tdb info (its not actualy that accurate). I'll get swat doing some of this shortly. (This used to be commit b068ad300527c44673bbee0aede7849199c89de7) --- source3/smbd/reply.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bef1b15084..b4fb6693e6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -127,9 +127,7 @@ int reply_special(char *inbuf,char *outbuf) reload_services(True); reopen_logs(); - if (lp_status(-1)) { - claim_connection(NULL,"",MAXSTATUS,True); - } + claim_connection(NULL,"",MAXSTATUS,True); break; -- cgit From 7495a1a894a44913adc9602d1759a11eb00b631c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 23 Aug 2001 20:45:23 +0000 Subject: Fix to only send the status32 error for status32 clients, not to other nt_smb clients. As spotted by Thursby. (This used to be commit 22de76a920671614144babac9f589419532d8671) --- source3/smbd/reply.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b4fb6693e6..fd4f5d62c0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -554,10 +554,8 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out static int bad_password_error(char *inbuf,char *outbuf) { - enum remote_arch_types ra_type = get_remote_arch(); - if(((ra_type == RA_WINNT) || (ra_type == RA_WIN2K)) && - (global_client_caps & (CAP_NT_SMBS | CAP_STATUS32 ))) { + if (global_client_caps & CAP_STATUS32) { SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0,NT_STATUS_LOGON_FAILURE)); } -- cgit From a22db179a9439ab8455c3cbc13040c2d4a1f1882 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 24 Aug 2001 04:56:33 +0000 Subject: flush on a invalid fsp should give an error (This used to be commit ef5f4866fbbfa6be07cdc3e612a8899967d48289) --- source3/smbd/reply.c | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fd4f5d62c0..fca16a2f04 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2740,24 +2740,24 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,True); - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - START_PROFILE(SMBflush); - - if (fsp) { - CHECK_FSP(fsp,conn); - CHECK_ERROR(fsp); - } + int outsize = set_message(outbuf,0,0,True); + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBflush); - if (!fsp) { - file_sync_all(conn); - } else { + CHECK_FSP(fsp,conn); + if (fsp) { + CHECK_ERROR(fsp); + } + + if (!fsp) { + file_sync_all(conn); + } else { sync_file(conn,fsp); - } - - DEBUG(3,("flush\n")); - END_PROFILE(SMBflush); - return(outsize); + } + + DEBUG(3,("flush\n")); + END_PROFILE(SMBflush); + return(outsize); } -- cgit From 717533483b41ef975953f58e0c6be04828a3d467 Mon Sep 17 00:00:00 2001 From: Herb Lewis Date: Fri, 24 Aug 2001 20:32:01 +0000 Subject: get rid of compiler warnings (This used to be commit 0768991d04ea03e774ca8662c9cae5e1951b88e0) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fca16a2f04..02531bd1cd 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -812,8 +812,8 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!guest) { valid_password = (pass_check_smb(user, domain, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen) == NT_STATUS_NOPROBLEMO); + (unsigned char *)smb_apasswd, smb_apasslen, + (unsigned char *)smb_ntpasswd, smb_ntpasslen) == NT_STATUS_NOPROBLEMO); /* The true branch will be executed if (1) the NT password failed (or was not tried), and -- cgit From e8e98c9ea0690e3acf1126b50882e59e1056c7b3 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 27 Aug 2001 08:19:43 +0000 Subject: converted smbd to use NTSTATUS by default major changes include: - added NSTATUS type - added automatic mapping between dos and nt error codes - changed all ERROR() calls to ERROR_DOS() and many to ERROR_NT() these calls auto-translate to the client error code system - got rid of the cached error code and the writebmpx code We eventually will need to also: - get rid of BOOL, so we don't lose error info - replace all ERROR_DOS() calls with ERROR_NT() calls but that is too much for one night (This used to be commit 83d9896c1ea8be796192b51a4678c2a3b87f7518) --- source3/smbd/reply.c | 1264 ++++++++++++++++++++------------------------------ 1 file changed, 497 insertions(+), 767 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 02531bd1cd..236bb48ce9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -162,9 +162,9 @@ work out what error to give to a failed connection static int connection_error(char *inbuf,char *outbuf,int ecode) { if (ecode == ERRnoipc || ecode == ERRnosuchshare) - return(ERROR(ERRDOS,ecode)); + return(ERROR_DOS(ERRDOS,ecode)); - return(ERROR(ERRSRV,ecode)); + return(ERROR_DOS(ERRSRV,ecode)); } @@ -272,7 +272,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (passlen > MAX_PASS_LEN) { overflow_attack(passlen); - return(ERROR(ERRDOS,ERRbuftoosmall)); + return(ERROR_DOS(ERRDOS,ERRbuftoosmall)); } memcpy(password,smb_buf(inbuf),passlen); @@ -295,7 +295,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt q = strchr_m(path+2,'\\'); if (!q) { END_PROFILE(SMBtconX); - return(ERROR(ERRDOS,ERRnosuchshare)); + return(ERROR_DOS(ERRDOS,ERRnosuchshare)); } fstrcpy(service,q+1); } @@ -391,7 +391,7 @@ int reply_unknown(char *inbuf,char *outbuf) DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n", smb_fn_name(type), type, type)); - return(ERROR(ERRSRV,ERRunknownsmb)); + return(ERROR_DOS(ERRSRV,ERRunknownsmb)); } @@ -418,7 +418,7 @@ int reply_ioctl(connection_struct *conn, break; default: END_PROFILE(SMBioctl); - return(ERROR(ERRSRV,ERRnosupport)); + return(ERROR_DOS(ERRSRV,ERRnosupport)); } outsize = set_message(outbuf,8,replysize+1,True); @@ -496,72 +496,50 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out ret = pdb_getsampwnam(sam_trust_acct, user); } else { DEBUG(0,("session_trust_account: Trust account %s only supported with security = user\n", user)); - SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); pdb_free_sam(sam_trust_acct); - return(ERROR(0, NT_STATUS_LOGON_FAILURE)); + return(ERROR_NT(NT_STATUS_LOGON_FAILURE)); } if (ret == False) { /* lkclXXXX: workstation entry doesn't exist */ DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); - SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); pdb_free_sam(sam_trust_acct); - return(ERROR(0, NT_STATUS_NO_SUCH_USER)); + return(ERROR_NT(NT_STATUS_NO_SUCH_USER)); } else { if ((smb_passlen != 24) || (smb_nt_passlen != 24)) { DEBUG(0,("session_trust_account: Trust account %s - password length wrong.\n", user)); - SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); pdb_free_sam(sam_trust_acct); - return(ERROR(0, NT_STATUS_LOGON_FAILURE)); + return(ERROR_NT(NT_STATUS_LOGON_FAILURE)); } if (!smb_password_ok(sam_trust_acct, &user_info, &server_info)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); - SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - pdb_free_sam(sam_trust_acct); - return(ERROR(0, NT_STATUS_LOGON_FAILURE)); + pdb_free_sam(sam_trust_acct); + return(ERROR_NT(NT_STATUS_LOGON_FAILURE)); } acct_ctrl = pdb_get_acct_ctrl(sam_trust_acct); pdb_free_sam(sam_trust_acct); if (acct_ctrl & ACB_DOMTRUST) { DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); - SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); + return(ERROR_NT(NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); } if (acct_ctrl & ACB_SVRTRUST) { DEBUG(0,("session_trust_account: Server trust account %s denied by server\n",user)); - SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); + return(ERROR_NT(NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); } if (acct_ctrl & ACB_WSTRUST) { DEBUG(4,("session_trust_account: Wksta trust account %s denied by server\n", user)); - SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)); + return(ERROR_NT(NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)); } } /* don't know what to do: indicate logon failure */ - SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0, NT_STATUS_LOGON_FAILURE)); + return(ERROR_NT(NT_STATUS_LOGON_FAILURE)); } -/**************************************************************************** - Return a bad password error configured for the correct client type. -****************************************************************************/ - -static int bad_password_error(char *inbuf,char *outbuf) -{ - - if (global_client_caps & CAP_STATUS32) { - SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0,NT_STATUS_LOGON_FAILURE)); - } - - return(ERROR(ERRSRV,ERRbadpw)); -} /**************************************************************************** reply to a session setup command @@ -598,7 +576,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int smb_apasslen = SVAL(inbuf,smb_vwv7); if (smb_apasslen > MAX_PASS_LEN) { overflow_attack(smb_apasslen); - return(ERROR(ERRDOS,ERRbuftoosmall)); + return(ERROR_DOS(ERRDOS,ERRbuftoosmall)); } memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); @@ -632,7 +610,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (passlen1 > MAX_PASS_LEN) { overflow_attack(passlen1); - return(ERROR(ERRDOS,ERRbuftoosmall)); + return ERROR_DOS(ERRDOS,ERRbuftoosmall); } passlen1 = MIN(passlen1, MAX_PASS_LEN); @@ -719,7 +697,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int alpha_strcpy(user, user, ". _-$", sizeof(user)); alpha_strcpy(domain, domain, ". _-", sizeof(domain)); if (strstr(user, "..") || strstr(domain,"..")) { - return bad_password_error(inbuf, outbuf); + return ERROR_NT(NT_STATUS_LOGON_FAILURE); } if (lp_security() == SEC_SHARE) { @@ -754,7 +732,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!*user && !*smb_apasswd && !*domain) { DEBUG(0, ("restrict anonymous is True and anonymous connection attempted. Denying access.\n")); END_PROFILE(SMBsesssetupX); - return(ERROR(ERRDOS,ERRnoaccess)); + return ERROR_DOS(ERRDOS,ERRnoaccess); } } @@ -825,9 +803,9 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int { if (lp_map_to_guest() == NEVER_MAP_TO_GUEST) { - DEBUG(1,("Rejecting user '%s': authentication failed\n", user)); - END_PROFILE(SMBsesssetupX); - return bad_password_error(inbuf,outbuf); + DEBUG(1,("Rejecting user '%s': authentication failed\n", user)); + END_PROFILE(SMBsesssetupX); + return ERROR_NT(NT_STATUS_LOGON_FAILURE); } if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) @@ -836,7 +814,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int { DEBUG(1,("Rejecting user '%s': bad password\n", user)); END_PROFILE(SMBsesssetupX); - return bad_password_error(inbuf,outbuf); + return ERROR_NT(NT_STATUS_LOGON_FAILURE); } } @@ -889,7 +867,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!pw) { DEBUG(1,("Username %s is invalid on this system\n",user)); END_PROFILE(SMBsesssetupX); - return bad_password_error(inbuf,outbuf); + return ERROR_NT(NT_STATUS_LOGON_FAILURE); } gid = pw->pw_gid; uid = pw->pw_uid; @@ -905,7 +883,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int sess_vuid = register_vuid(uid,gid,user,current_user_info.smb_name,domain,guest, full_name); if (sess_vuid == -1) { - return(ERROR(ERRDOS,ERRnoaccess)); + return ERROR_DOS(ERRDOS,ERRnoaccess); } @@ -949,28 +927,15 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size ok = S_ISDIR(sbuf.st_mode); } - if (!ok) - { + if (!ok) { /* We special case this - as when a Windows machine is parsing a path is steps through the components one at a time - if a component fails it expects ERRbadpath, not ERRbadfile. */ - if(errno == ENOENT) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - -#if 0 - /* Ugly - NT specific hack - maybe not needed ? (JRA) */ - if((errno == ENOTDIR) && (Protocol >= PROTOCOL_NT1) && - (get_remote_arch() == RA_WINNT)) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbaddirectory; + if(errno == ENOENT) { + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); } -#endif return(UNIXERROR(ERRDOS,ERRbadpath)); } @@ -1258,7 +1223,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return (UNIXERROR(ERRDOS,ERRnofids)); } END_PROFILE(SMBsearch); - return(ERROR(ERRDOS,ERRnofids)); + return ERROR_DOS(ERRDOS,ERRnofids); } dptr_set_wcard(dptr_num, strdup(mask)); } @@ -1375,7 +1340,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (status_len == 0) { END_PROFILE(SMBfclose); - return(ERROR(ERRSRV,ERRsrverror)); + return ERROR_DOS(ERRSRV,ERRsrverror); } memcpy(status,p,21); @@ -1446,7 +1411,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG(3,("attempt to open a directory %s\n",fname)); close_file(fsp,False); END_PROFILE(SMBopen); - return(ERROR(ERRDOS,ERRnoaccess)); + return ERROR_DOS(ERRDOS,ERRnoaccess); } outsize = set_message(outbuf,7,0,True); @@ -1505,7 +1470,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize); } else { END_PROFILE(SMBopenX); - return (ERROR(ERRSRV,ERRaccess)); + return ERROR_DOS(ERRSRV,ERRaccess); } } @@ -1538,7 +1503,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (fmode & aDIR) { close_file(fsp,False); END_PROFILE(SMBopenX); - return(ERROR(ERRDOS,ERRnoaccess)); + return ERROR_DOS(ERRDOS,ERRnoaccess); } /* If the caller set the extended oplock request bit @@ -1798,139 +1763,140 @@ static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) ****************************************************************************/ int unlink_internals(connection_struct *conn, char *inbuf,char *outbuf, - int dirtype, char *name) + int dirtype, char *name) { - pstring directory; - pstring mask; - char *p; - int count=0; - int error = ERRnoaccess; - BOOL has_wild; - BOOL exists=False; - BOOL bad_path = False; - BOOL rc = True; - SMB_STRUCT_STAT sbuf; - - *directory = *mask = 0; - - rc = unix_convert(name,conn,0,&bad_path,&sbuf); - - p = strrchr_m(name,'/'); - if (!p) { - pstrcpy(directory,"./"); - pstrcpy(mask,name); - } else { - *p = 0; - pstrcpy(directory,name); - pstrcpy(mask,p+1); - } - - /* - * We should only check the mangled cache - * here if unix_convert failed. This means - * that the path in 'mask' doesn't exist - * on the file system and so we need to look - * for a possible mangle. This patch from - * Tine Smukavec . - */ - - if (!rc && is_mangled(mask)) - check_mangled_cache( mask ); - - has_wild = ms_has_wild(mask); - - if (!has_wild) { - pstrcat(directory,"/"); - pstrcat(directory,mask); - if (can_delete(directory,conn,dirtype) && !vfs_unlink(conn,directory)) - count++; - if (!count) - exists = vfs_file_exist(conn,directory,&sbuf); - } else { - void *dirptr = NULL; - char *dname; - - if (check_name(directory,conn)) - dirptr = OpenDir(conn, directory, True); - - /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then - the pattern matches against the long name, otherwise the short name - We don't implement this yet XXXX - */ - - if (dirptr) - { - error = ERRbadfile; - - if (strequal(mask,"????????.???")) - pstrcpy(mask,"*"); - - while ((dname = ReadDirName(dirptr))) - { - pstring fname; - pstrcpy(fname,dname); - - if(!mask_match(fname, mask, case_sensitive)) continue; + pstring directory; + pstring mask; + char *p; + int count=0; + int error = ERRnoaccess; + BOOL has_wild; + BOOL exists=False; + BOOL bad_path = False; + BOOL rc = True; + SMB_STRUCT_STAT sbuf; + + *directory = *mask = 0; + + rc = unix_convert(name,conn,0,&bad_path,&sbuf); + + p = strrchr_m(name,'/'); + if (!p) { + pstrcpy(directory,"./"); + pstrcpy(mask,name); + } else { + *p = 0; + pstrcpy(directory,name); + pstrcpy(mask,p+1); + } + + /* + * We should only check the mangled cache + * here if unix_convert failed. This means + * that the path in 'mask' doesn't exist + * on the file system and so we need to look + * for a possible mangle. This patch from + * Tine Smukavec . + */ + + if (!rc && is_mangled(mask)) + check_mangled_cache( mask ); + + has_wild = ms_has_wild(mask); + + if (!has_wild) { + pstrcat(directory,"/"); + pstrcat(directory,mask); + if (!can_delete(directory,conn,dirtype)) { + return ERROR_NT(NT_STATUS_SHARING_VIOLATION); + } + if (vfs_unlink(conn,directory) == 0) { + count++; + } + if (!count) + exists = vfs_file_exist(conn,directory,&sbuf); + } else { + void *dirptr = NULL; + char *dname; + + if (check_name(directory,conn)) + dirptr = OpenDir(conn, directory, True); + + /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then + the pattern matches against the long name, otherwise the short name + We don't implement this yet XXXX + */ + + if (dirptr) { + error = ERRbadfile; + + if (strequal(mask,"????????.???")) + pstrcpy(mask,"*"); - error = ERRnoaccess; - slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - if (!can_delete(fname,conn,dirtype)) continue; - if (!vfs_unlink(conn,fname)) count++; - DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); - } - CloseDir(dirptr); - } - } - - if (count == 0) { - if (exists) - return(ERROR(ERRDOS,error)); - else { - if((errno == ENOENT) && bad_path) { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - return(UNIXERROR(ERRDOS,error)); - } - } - - return 0; + while ((dname = ReadDirName(dirptr))) { + pstring fname; + pstrcpy(fname,dname); + + if(!mask_match(fname, mask, case_sensitive)) continue; + + error = ERRnoaccess; + slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); + if (!can_delete(fname,conn,dirtype)) continue; + if (vfs_unlink(conn,fname) == 0) count++; + DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); + } + CloseDir(dirptr); + } + } + + if (count == 0) { + if (exists) + return ERROR_DOS(ERRDOS,error); + else { + if((errno == ENOENT) && bad_path) { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } + return(UNIXERROR(ERRDOS,error)); + } + } + + return 0; } /**************************************************************************** Reply to a unlink ****************************************************************************/ -int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, + int dum_buffsize) { - int outsize = 0; - pstring name; - int dirtype; - START_PROFILE(SMBunlink); - - dirtype = SVAL(inbuf,smb_vwv0); - - srvstr_pull(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), -1, STR_TERMINATE); - - RESOLVE_DFSPATH(name, conn, inbuf, outbuf); - - DEBUG(3,("reply_unlink : %s\n",name)); - - outsize = unlink_internals(conn, inbuf, outbuf, dirtype, name); - if(outsize == 0) { - - /* - * Win2k needs a changenotify request response before it will - * update after a rename.. - */ - - process_pending_change_notify_queue((time_t)0); - - outsize = set_message(outbuf,0,0,True); - } + int outsize = 0; + pstring name; + int dirtype; + START_PROFILE(SMBunlink); + + dirtype = SVAL(inbuf,smb_vwv0); + + srvstr_pull(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), -1, STR_TERMINATE); + + RESOLVE_DFSPATH(name, conn, inbuf, outbuf); + + DEBUG(3,("reply_unlink : %s\n",name)); + + outsize = unlink_internals(conn, inbuf, outbuf, dirtype, name); + if(outsize == 0) { + /* + * Win2k needs a changenotify request response before it will + * update after a rename.. + */ + process_pending_change_notify_queue((time_t)0); + + outsize = set_message(outbuf,0,0,True); + } - END_PROFILE(SMBunlink); - return(outsize); + END_PROFILE(SMBunlink); + return outsize; } @@ -2089,68 +2055,69 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s ****************************************************************************/ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz) { - ssize_t nread = -1; - char *data; - int outsize = 0; - SMB_OFF_T startpos; - size_t numtoread; - int eclass; - uint32 ecode; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - START_PROFILE(SMBlockread); + ssize_t nread = -1; + char *data; + int outsize = 0; + SMB_OFF_T startpos; + size_t numtoread; + NTSTATUS status; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBlockread); - CHECK_FSP(fsp,conn); - CHECK_READ(fsp); - CHECK_ERROR(fsp); + CHECK_FSP(fsp,conn); + CHECK_READ(fsp); - release_level_2_oplocks_on_change(fsp); + release_level_2_oplocks_on_change(fsp); - numtoread = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv2); + numtoread = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv2); - outsize = set_message(outbuf,5,3,True); - numtoread = MIN(BUFFER_SIZE-outsize,numtoread); - data = smb_buf(outbuf) + 3; - - /* - * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+ - * protocol request that predates the read/write lock concept. - * Thus instead of asking for a read lock here we need to ask - * for a write lock. JRA. - */ + outsize = set_message(outbuf,5,3,True); + numtoread = MIN(BUFFER_SIZE-outsize,numtoread); + data = smb_buf(outbuf) + 3; + + /* + * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+ + * protocol request that predates the read/write lock concept. + * Thus instead of asking for a read lock here we need to ask + * for a write lock. JRA. + */ + + status = do_lock(fsp, conn, SVAL(inbuf,smb_pid), + (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK); - if(!do_lock( fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK, &eclass, &ecode)) { - if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { - /* - * A blocking lock was requested. Package up - * this smb into a queued request and push it - * onto the blocking lock queue. - */ - if(push_blocking_lock_request(inbuf, length, -1, 0)) + if (status != NT_STATUS_NOPROBLEMO) { + if (lp_blocking_locks(SNUM(conn))) { + /* + * A blocking lock was requested. Package up + * this smb into a queued request and push it + * onto the blocking lock queue. + */ + if(push_blocking_lock_request(inbuf, length, -1, 0)) + END_PROFILE(SMBlockread); + return -1; + } END_PROFILE(SMBlockread); - return -1; - } - END_PROFILE(SMBlockread); - return (ERROR(eclass,ecode)); - } - - nread = read_file(fsp,data,startpos,numtoread); - - if (nread < 0) { - END_PROFILE(SMBlockread); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } + return ERROR_NT(status); + } - outsize += nread; - SSVAL(outbuf,smb_vwv0,nread); - SSVAL(outbuf,smb_vwv5,nread+3); - SSVAL(smb_buf(outbuf),1,nread); + nread = read_file(fsp,data,startpos,numtoread); - DEBUG( 3, ( "lockread fnum=%d num=%d nread=%d\n", - fsp->fnum, (int)numtoread, (int)nread ) ); + if (nread < 0) { + END_PROFILE(SMBlockread); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + + outsize += nread; + SSVAL(outbuf,smb_vwv0,nread); + SSVAL(outbuf,smb_vwv5,nread+3); + SSVAL(smb_buf(outbuf),1,nread); + + DEBUG(3,("lockread fnum=%d num=%d nread=%d\n", + fsp->fnum, (int)numtoread, (int)nread)); - END_PROFILE(SMBlockread); - return(outsize); + END_PROFILE(SMBlockread); + return(outsize); } @@ -2170,23 +2137,23 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int CHECK_FSP(fsp,conn); CHECK_READ(fsp); - CHECK_ERROR(fsp); numtoread = SVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv2); - + + outsize = set_message(outbuf,5,3,True); numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { END_PROFILE(SMBread); - return(ERROR(ERRDOS,ERRlock)); + return ERROR_DOS(ERRDOS,ERRlock); } if (numtoread > 0) nread = read_file(fsp,data,startpos,numtoread); - + if (nread < 0) { END_PROFILE(SMBread); return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2227,7 +2194,6 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt CHECK_FSP(fsp,conn); CHECK_READ(fsp); - CHECK_ERROR(fsp); set_message(outbuf,12,0,True); data = smb_buf(outbuf); @@ -2249,7 +2215,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt DEBUG(0,("reply_read_and_X - large offset (%x << 32) used and we don't support \ 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv10) )); END_PROFILE(SMBreadX); - return(ERROR(ERRDOS,ERRbadaccess)); + return ERROR_DOS(ERRDOS,ERRbadaccess); } #endif /* LARGE_SMB_OFF_T */ @@ -2258,10 +2224,10 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { END_PROFILE(SMBreadX); - return(ERROR(ERRDOS,ERRlock)); + return ERROR_DOS(ERRDOS,ERRlock); } nread = read_file(fsp,data,startpos,smb_maxcnt); - + if (nread < 0) { END_PROFILE(SMBreadX); return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -2297,7 +2263,6 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); - CHECK_ERROR(fsp); tcount = IVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv3); @@ -2319,7 +2284,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { END_PROFILE(SMBwritebraw); - return(ERROR(ERRDOS,ERRlock)); + return ERROR_DOS(ERRDOS,ERRlock); } if (numtowrite>0) @@ -2399,86 +2364,66 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, reply to a writeunlock (core+) ****************************************************************************/ -int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) +int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, + int size, int dum_buffsize) { - ssize_t nwritten = -1; - size_t numtowrite; - SMB_OFF_T startpos; - char *data; - int eclass; - uint32 ecode; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - int outsize = 0; - START_PROFILE(SMBwriteunlock); - - CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); - CHECK_ERROR(fsp); - - numtowrite = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv2); - data = smb_buf(inbuf) + 3; - - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { - END_PROFILE(SMBwriteunlock); - return(ERROR(ERRDOS,ERRlock)); - } - - /* The special X/Open SMB protocol handling of - zero length writes is *NOT* done for - this call */ - if(numtowrite == 0) - nwritten = 0; - else - nwritten = write_file(fsp,data,startpos,numtowrite); - - if (lp_syncalways(SNUM(conn))) - sync_file(conn,fsp); - - if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { - END_PROFILE(SMBwriteunlock); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - - if(!do_unlock(fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtowrite, (SMB_BIG_UINT)startpos, &eclass, &ecode)) { - END_PROFILE(SMBwriteunlock); - return(ERROR(eclass,ecode)); - } + ssize_t nwritten = -1; + size_t numtowrite; + SMB_OFF_T startpos; + char *data; + NTSTATUS status; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + int outsize = 0; + START_PROFILE(SMBwriteunlock); + + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); - outsize = set_message(outbuf,1,0,True); - - SSVAL(outbuf,smb_vwv0,nwritten); + numtowrite = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv2); + data = smb_buf(inbuf) + 3; - DEBUG( 3, ( "writeunlock fnum=%d num=%d wrote=%d\n", - fsp->fnum, (int)numtowrite, (int)nwritten ) ); - - END_PROFILE(SMBwriteunlock); - return(outsize); -} - -/**************************************************************************** - Return correct error for space allocation fail. -****************************************************************************/ + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, + WRITE_LOCK,False)) { + END_PROFILE(SMBwriteunlock); + return ERROR_DOS(ERRDOS,ERRlock); + } -int allocate_space_error(char *inbuf,char *outbuf, int errno_val) -{ - errno = errno_val; - if (!(global_client_caps & CAP_STATUS32)) - return (UNIXERROR(ERRHRD,ERRdiskfull)); - - /* Use more specific WNT/W2K error codes. */ -#ifdef EDQUOT - if (errno_val == ENOSPC || errno_val == EDQUOT) { -#else - if (errno_val == ENOSPC) { -#endif - SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES); - return(ERROR(0,NT_STATUS_DISK_FULL)); + /* The special X/Open SMB protocol handling of + zero length writes is *NOT* done for + this call */ + if(numtowrite == 0) + nwritten = 0; + else + nwritten = write_file(fsp,data,startpos,numtowrite); + + if (lp_syncalways(SNUM(conn))) + sync_file(conn,fsp); + + if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { + END_PROFILE(SMBwriteunlock); + return(UNIXERROR(ERRDOS,ERRnoaccess)); } - return (UNIXERROR(ERRHRD,ERRdiskfull)); + status = do_unlock(fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtowrite, + (SMB_BIG_UINT)startpos); + if (status != NT_STATUS_NOPROBLEMO) { + END_PROFILE(SMBwriteunlock); + return ERROR_NT(status); + } + + outsize = set_message(outbuf,1,0,True); + + SSVAL(outbuf,smb_vwv0,nwritten); + + DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n", + fsp->fnum, (int)numtowrite, (int)nwritten)); + + END_PROFILE(SMBwriteunlock); + return outsize; } + /**************************************************************************** Reply to a write. ****************************************************************************/ @@ -2501,7 +2446,6 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); - CHECK_ERROR(fsp); numtowrite = SVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv2); @@ -2509,7 +2453,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { END_PROFILE(SMBwrite); - return(ERROR(ERRDOS,ERRlock)); + return ERROR_DOS(ERRDOS,ERRlock); } /* X/Open SMB protocol says that if smb_vwv1 is @@ -2519,9 +2463,8 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d /* This is actually an allocate call, not set EOF. JRA */ nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos); if (nwritten < 0) { - int ret = allocate_space_error(inbuf, outbuf, errno); - END_PROFILE(SMBwrite); - return ret; + END_PROFILE(SMBwrite); + return ERROR_NT(NT_STATUS_DISK_FULL); } } else nwritten = write_file(fsp,data,startpos,numtowrite); @@ -2575,7 +2518,6 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); - CHECK_ERROR(fsp); /* Deal with possible LARGE_WRITEX */ if (large_writeX) @@ -2583,7 +2525,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) { END_PROFILE(SMBwriteX); - return(ERROR(ERRDOS,ERRbadmem)); + return ERROR_DOS(ERRDOS,ERRbadmem); } data = smb_base(inbuf) + smb_doff; @@ -2605,7 +2547,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng DEBUG(0,("reply_write_and_X - large offset (%x << 32) used and we don't support \ 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv12) )); END_PROFILE(SMBwriteX); - return(ERROR(ERRDOS,ERRbadaccess)); + return ERROR_DOS(ERRDOS,ERRbadaccess); } #endif /* LARGE_SMB_OFF_T */ @@ -2613,7 +2555,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { END_PROFILE(SMBwriteX); - return(ERROR(ERRDOS,ERRlock)); + return ERROR_DOS(ERRDOS,ERRlock); } /* X/Open SMB protocol says that, unlike SMBwrite @@ -2666,7 +2608,6 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int START_PROFILE(SMBlseek); CHECK_FSP(fsp,conn); - CHECK_ERROR(fsp); flush_write_cache(fsp, SEEK_FLUSH); @@ -2745,9 +2686,6 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int START_PROFILE(SMBflush); CHECK_FSP(fsp,conn); - if (fsp) { - CHECK_ERROR(fsp); - } if (!fsp) { file_sync_all(conn); @@ -2806,12 +2744,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, if(!fsp || (fsp->conn != conn)) { END_PROFILE(SMBclose); - return(ERROR(ERRDOS,ERRbadfid)); - } - - if(HAS_CACHED_ERROR(fsp)) { - eclass = fsp->wbmpx_ptr->wr_errclass; - err = fsp->wbmpx_ptr->wr_error; + return ERROR_DOS(ERRDOS,ERRbadfid); } if(fsp->is_directory || fsp->stat_open) { @@ -2862,7 +2795,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, /* We have a cached error */ if(eclass || err) { END_PROFILE(SMBclose); - return(ERROR(eclass,err)); + return ERROR_DOS(eclass,err); } END_PROFILE(SMBclose); @@ -2889,7 +2822,6 @@ int reply_writeclose(connection_struct *conn, CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); - CHECK_ERROR(fsp); numtowrite = SVAL(inbuf,smb_vwv1); startpos = IVAL(inbuf,smb_vwv2); @@ -2898,7 +2830,7 @@ int reply_writeclose(connection_struct *conn, if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { END_PROFILE(SMBwriteclose); - return(ERROR(ERRDOS,ERRlock)); + return ERROR_DOS(ERRDOS,ERRlock); } nwritten = write_file(fsp,data,startpos,numtowrite); @@ -2938,13 +2870,11 @@ int reply_lock(connection_struct *conn, { int outsize = set_message(outbuf,0,0,True); SMB_BIG_UINT count,offset; - int eclass; - uint32 ecode; + NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBlock); CHECK_FSP(fsp,conn); - CHECK_ERROR(fsp); release_level_2_oplocks_on_change(fsp); @@ -2954,20 +2884,21 @@ int reply_lock(connection_struct *conn, DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fd, fsp->fnum, (double)offset, (double)count)); - if (!do_lock(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK, &eclass, &ecode)) { - if((ecode == ERRlock) && lp_blocking_locks(SNUM(conn))) { - /* - * A blocking lock was requested. Package up - * this smb into a queued request and push it - * onto the blocking lock queue. - */ - if(push_blocking_lock_request(inbuf, length, -1, 0)) { - END_PROFILE(SMBlock); - return -1; - } - } - END_PROFILE(SMBlock); - return (ERROR(eclass,ecode)); + status = do_lock(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK); + if (status != NT_STATUS_NOPROBLEMO) { + if (status != NT_STATUS_NOPROBLEMO && lp_blocking_locks(SNUM(conn))) { + /* + * A blocking lock was requested. Package up + * this smb into a queued request and push it + * onto the blocking lock queue. + */ + if(push_blocking_lock_request(inbuf, length, -1, 0)) { + END_PROFILE(SMBlock); + return -1; + } + } + END_PROFILE(SMBlock); + return ERROR_NT(status); } END_PROFILE(SMBlock); @@ -2978,31 +2909,31 @@ int reply_lock(connection_struct *conn, /**************************************************************************** reply to a unlock ****************************************************************************/ -int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) +int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, + int dum_buffsize) { - int outsize = set_message(outbuf,0,0,True); - SMB_BIG_UINT count,offset; - int eclass; - uint32 ecode; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - START_PROFILE(SMBunlock); - - CHECK_FSP(fsp,conn); - CHECK_ERROR(fsp); - - count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1); - offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); + int outsize = set_message(outbuf,0,0,True); + SMB_BIG_UINT count,offset; + NTSTATUS status; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBunlock); - if(!do_unlock(fsp, conn, SVAL(inbuf,smb_pid), count, offset, &eclass, &ecode)) { - END_PROFILE(SMBunlock); - return (ERROR(eclass,ecode)); - } + CHECK_FSP(fsp,conn); + + count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1); + offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); + + status = do_unlock(fsp, conn, SVAL(inbuf,smb_pid), count, offset); + if (status != NT_STATUS_NOPROBLEMO) { + END_PROFILE(SMBunlock); + return ERROR_NT(status); + } - DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n", - fsp->fd, fsp->fnum, (double)offset, (double)count ) ); - - END_PROFILE(SMBunlock); - return(outsize); + DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n", + fsp->fd, fsp->fnum, (double)offset, (double)count ) ); + + END_PROFILE(SMBunlock); + return(outsize); } @@ -3021,7 +2952,7 @@ int reply_tdis(connection_struct *conn, if (!conn) { DEBUG(4,("Invalid connection in tdis\n")); END_PROFILE(SMBtdis); - return(ERROR(ERRSRV,ERRinvnid)); + return ERROR_DOS(ERRSRV,ERRinvnid); } conn->used = False; @@ -3087,7 +3018,7 @@ int reply_printopen(connection_struct *conn, if (!CAN_PRINT(conn)) { END_PROFILE(SMBsplopen); - return(ERROR(ERRDOS,ERRnoaccess)); + return ERROR_DOS(ERRDOS,ERRnoaccess); } /* Open for exclusive use, write only. */ @@ -3121,11 +3052,10 @@ int reply_printclose(connection_struct *conn, START_PROFILE(SMBsplclose); CHECK_FSP(fsp,conn); - CHECK_ERROR(fsp); if (!CAN_PRINT(conn)) { END_PROFILE(SMBsplclose); - return(ERROR(ERRDOS,ERRnoaccess)); + return ERROR_DOS(ERRDOS,ERRnoaccess); } DEBUG(3,("printclose fd=%d fnum=%d\n", @@ -3161,7 +3091,7 @@ int reply_printqueue(connection_struct *conn, get it right (tridge) */ if (!CAN_PRINT(conn)) { END_PROFILE(SMBsplretq); - return(ERROR(ERRDOS,ERRnoaccess)); + return ERROR_DOS(ERRDOS,ERRnoaccess); } SSVAL(outbuf,smb_vwv0,0); @@ -3227,12 +3157,11 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ if (!CAN_PRINT(conn)) { END_PROFILE(SMBsplwr); - return(ERROR(ERRDOS,ERRnoaccess)); + return ERROR_DOS(ERRDOS,ERRnoaccess); } CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); - CHECK_ERROR(fsp); numtowrite = SVAL(smb_buf(inbuf),1); data = smb_buf(inbuf) + 3; @@ -3771,7 +3700,7 @@ int rename_internals(connection_struct *conn, if (count == 0) { if (exists) - return(ERROR(ERRDOS,error)); + return ERROR_DOS(ERRDOS,error); else { if((errno == ENOENT) && (bad_path1 || bad_path2)) { unix_ERR_class = ERRDOS; @@ -3938,7 +3867,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, /* can't currently handle inter share copies XXXX */ DEBUG(3,("Rejecting inter-share copy\n")); END_PROFILE(SMBcopy); - return(ERROR(ERRSRV,ERRinvdevice)); + return ERROR_DOS(ERRSRV,ERRinvdevice); } RESOLVE_DFSPATH(name, conn, inbuf, outbuf); @@ -3951,19 +3880,19 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if ((flags&1) && target_is_directory) { END_PROFILE(SMBcopy); - return(ERROR(ERRDOS,ERRbadfile)); + return ERROR_DOS(ERRDOS,ERRbadfile); } if ((flags&2) && !target_is_directory) { END_PROFILE(SMBcopy); - return(ERROR(ERRDOS,ERRbadpath)); + return ERROR_DOS(ERRDOS,ERRbadpath); } if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) { /* wants a tree copy! XXXX */ DEBUG(3,("Rejecting tree copy\n")); END_PROFILE(SMBcopy); - return(ERROR(ERRSRV,ERRerror)); + return ERROR_DOS(ERRSRV,ERRerror); } p = strrchr_m(name,'/'); @@ -4045,7 +3974,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (exists) { END_PROFILE(SMBcopy); - return(ERROR(ERRDOS,error)); + return ERROR_DOS(ERRDOS,error); } else { if((errno == ENOENT) && (bad_path1 || bad_path2)) @@ -4079,7 +4008,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size snum = SNUM(conn); if (!CAN_SETDIR(snum)) { END_PROFILE(pathworks_setdir); - return(ERROR(ERRDOS,ERRnoaccess)); + return ERROR_DOS(ERRDOS,ERRnoaccess); } srvstr_pull(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), -1, STR_TERMINATE); @@ -4095,7 +4024,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!ok) { END_PROFILE(pathworks_setdir); - return(ERROR(ERRDOS,ERRbadpath)); + return ERROR_DOS(ERRDOS,ERRbadpath); } outsize = set_message(outbuf,0,0,True); @@ -4212,182 +4141,180 @@ SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_forma int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - files_struct *fsp = file_fsp(inbuf,smb_vwv2); - unsigned char locktype = CVAL(inbuf,smb_vwv3); - unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1); - uint16 num_ulocks = SVAL(inbuf,smb_vwv6); - uint16 num_locks = SVAL(inbuf,smb_vwv7); - SMB_BIG_UINT count = 0, offset = 0; - uint16 lock_pid; - int32 lock_timeout = IVAL(inbuf,smb_vwv4); - int i; - char *data; - uint32 ecode=0, dummy2; - int eclass=0, dummy1; - BOOL large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; - BOOL err; - START_PROFILE(SMBlockingX); - - CHECK_FSP(fsp,conn); - CHECK_ERROR(fsp); - - data = smb_buf(inbuf); - - /* Check if this is an oplock break on a file - we have granted an oplock on. - */ - if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) - { - /* Client can insist on breaking to none. */ - BOOL break_to_none = (oplocklevel == 0); - - DEBUG(5,("reply_lockingX: oplock break reply (%u) from client for fnum = %d\n", - (unsigned int)oplocklevel, fsp->fnum )); + files_struct *fsp = file_fsp(inbuf,smb_vwv2); + unsigned char locktype = CVAL(inbuf,smb_vwv3); + unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1); + uint16 num_ulocks = SVAL(inbuf,smb_vwv6); + uint16 num_locks = SVAL(inbuf,smb_vwv7); + SMB_BIG_UINT count = 0, offset = 0; + uint16 lock_pid; + int32 lock_timeout = IVAL(inbuf,smb_vwv4); + int i; + char *data; + BOOL large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; + BOOL err; + NTSTATUS status; - /* - * Make sure we have granted an exclusive or batch oplock on this file. - */ + START_PROFILE(SMBlockingX); + + CHECK_FSP(fsp,conn); + + data = smb_buf(inbuf); + + /* Check if this is an oplock break on a file + we have granted an oplock on. + */ + if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) { + /* Client can insist on breaking to none. */ + BOOL break_to_none = (oplocklevel == 0); + + DEBUG(5,("reply_lockingX: oplock break reply (%u) from client for fnum = %d\n", + (unsigned int)oplocklevel, fsp->fnum )); - if(!EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) - { - DEBUG(0,("reply_lockingX: Error : oplock break from client for fnum = %d and \ + /* + * Make sure we have granted an exclusive or batch oplock on this file. + */ + + if(!EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { + DEBUG(0,("reply_lockingX: Error : oplock break from client for fnum = %d and \ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); - /* if this is a pure oplock break request then don't send a reply */ - if (num_locks == 0 && num_ulocks == 0) { - END_PROFILE(SMBlockingX); - return -1; - } else { - END_PROFILE(SMBlockingX); - return ERROR(ERRDOS,ERRlock); - } - } - - if (remove_oplock(fsp, break_to_none) == False) { - DEBUG(0,("reply_lockingX: error in removing oplock on file %s\n", - fsp->fsp_name )); - } - - /* if this is a pure oplock break request then don't send a reply */ - if (num_locks == 0 && num_ulocks == 0) - { - /* Sanity check - ensure a pure oplock break is not a - chained request. */ - if(CVAL(inbuf,smb_vwv0) != 0xff) - DEBUG(0,("reply_lockingX: Error : pure oplock break is a chained %d request !\n", - (unsigned int)CVAL(inbuf,smb_vwv0) )); - END_PROFILE(SMBlockingX); - return -1; - } - } - - /* - * We do this check *after* we have checked this is not a oplock break - * response message. JRA. - */ - - release_level_2_oplocks_on_change(fsp); - - /* Data now points at the beginning of the list - of smb_unlkrng structs */ - for(i = 0; i < (int)num_ulocks; i++) { - lock_pid = get_lock_pid( data, i, large_file_format); - count = get_lock_count( data, i, large_file_format); - offset = get_lock_offset( data, i, large_file_format, &err); - - /* - * There is no error code marked "stupid client bug".... :-). - */ - if(err) { - END_PROFILE(SMBlockingX); - return ERROR(ERRDOS,ERRnoaccess); - } - - DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for pid %u, file %s\n", - (double)offset, (double)count, (unsigned int)lock_pid, fsp->fsp_name )); - - if(!do_unlock(fsp,conn,lock_pid,count,offset, &eclass, &ecode)) { - END_PROFILE(SMBlockingX); - return ERROR(eclass,ecode); - } - } - - /* Setup the timeout in seconds. */ - lock_timeout = ((lock_timeout == -1) ? -1 : lock_timeout/1000); - - /* Now do any requested locks */ - data += ((large_file_format ? 20 : 10)*num_ulocks); - - /* Data now points at the beginning of the list - of smb_lkrng structs */ + /* if this is a pure oplock break request then don't send a reply */ + if (num_locks == 0 && num_ulocks == 0) { + END_PROFILE(SMBlockingX); + return -1; + } else { + END_PROFILE(SMBlockingX); + return ERROR_DOS(ERRDOS,ERRlock); + } + } - for(i = 0; i < (int)num_locks; i++) { - lock_pid = get_lock_pid( data, i, large_file_format); - count = get_lock_count( data, i, large_file_format); - offset = get_lock_offset( data, i, large_file_format, &err); + if (remove_oplock(fsp, break_to_none) == False) { + DEBUG(0,("reply_lockingX: error in removing oplock on file %s\n", + fsp->fsp_name )); + } + + /* if this is a pure oplock break request then don't send a reply */ + if (num_locks == 0 && num_ulocks == 0) { + /* Sanity check - ensure a pure oplock break is not a + chained request. */ + if(CVAL(inbuf,smb_vwv0) != 0xff) + DEBUG(0,("reply_lockingX: Error : pure oplock break is a chained %d request !\n", + (unsigned int)CVAL(inbuf,smb_vwv0) )); + END_PROFILE(SMBlockingX); + return -1; + } + } - /* - * There is no error code marked "stupid client bug".... :-). - */ - if(err) { - END_PROFILE(SMBlockingX); - return ERROR(ERRDOS,ERRnoaccess); - } - - DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid %u, file %s\n", - (double)offset, (double)count, (unsigned int)lock_pid, fsp->fsp_name )); + /* + * We do this check *after* we have checked this is not a oplock break + * response message. JRA. + */ + + release_level_2_oplocks_on_change(fsp); + + /* Data now points at the beginning of the list + of smb_unlkrng structs */ + for(i = 0; i < (int)num_ulocks; i++) { + lock_pid = get_lock_pid( data, i, large_file_format); + count = get_lock_count( data, i, large_file_format); + offset = get_lock_offset( data, i, large_file_format, &err); + + /* + * There is no error code marked "stupid client bug".... :-). + */ + if(err) { + END_PROFILE(SMBlockingX); + return ERROR_DOS(ERRDOS,ERRnoaccess); + } - if(!do_lock(fsp,conn,lock_pid, count,offset, ((locktype & 1) ? READ_LOCK : WRITE_LOCK), - &eclass, &ecode)) { - if((ecode == ERRlock) && (lock_timeout != 0) && lp_blocking_locks(SNUM(conn))) { - /* - * A blocking lock was requested. Package up - * this smb into a queued request and push it - * onto the blocking lock queue. - */ - if(push_blocking_lock_request(inbuf, length, lock_timeout, i)) { - END_PROFILE(SMBlockingX); - return -1; + DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for pid %u, file %s\n", + (double)offset, (double)count, (unsigned int)lock_pid, fsp->fsp_name )); + + status = do_unlock(fsp,conn,lock_pid,count,offset); + if (status != NT_STATUS_NOPROBLEMO) { + END_PROFILE(SMBlockingX); + return ERROR_NT(status); + } } - } - break; - } - } - /* If any of the above locks failed, then we must unlock - all of the previous locks (X/Open spec). */ - if(i != num_locks && num_locks != 0) { - /* - * Ensure we don't do a remove on the lock that just failed, - * as under POSIX rules, if we have a lock already there, we - * will delete it (and we shouldn't) ..... - */ - for(i--; i >= 0; i--) { - lock_pid = get_lock_pid( data, i, large_file_format); - count = get_lock_count( data, i, large_file_format); - offset = get_lock_offset( data, i, large_file_format, &err); + /* Setup the timeout in seconds. */ + lock_timeout = ((lock_timeout == -1) ? -1 : lock_timeout/1000); + + /* Now do any requested locks */ + data += ((large_file_format ? 20 : 10)*num_ulocks); + + /* Data now points at the beginning of the list + of smb_lkrng structs */ + + for(i = 0; i < (int)num_locks; i++) { + lock_pid = get_lock_pid( data, i, large_file_format); + count = get_lock_count( data, i, large_file_format); + offset = get_lock_offset( data, i, large_file_format, &err); + + /* + * There is no error code marked "stupid client bug".... :-). + */ + if(err) { + END_PROFILE(SMBlockingX); + return ERROR_DOS(ERRDOS,ERRnoaccess); + } + + DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid %u, file %s\n", + (double)offset, (double)count, (unsigned int)lock_pid, fsp->fsp_name )); + + status = do_lock(fsp,conn,lock_pid, count,offset, + ((locktype & 1) ? READ_LOCK : WRITE_LOCK)); + if (status != NT_STATUS_NOPROBLEMO) { + if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn))) { + /* + * A blocking lock was requested. Package up + * this smb into a queued request and push it + * onto the blocking lock queue. + */ + if(push_blocking_lock_request(inbuf, length, lock_timeout, i)) { + END_PROFILE(SMBlockingX); + return -1; + } + } + break; + } + } + + /* If any of the above locks failed, then we must unlock + all of the previous locks (X/Open spec). */ + if (i != num_locks && num_locks != 0) { + /* + * Ensure we don't do a remove on the lock that just failed, + * as under POSIX rules, if we have a lock already there, we + * will delete it (and we shouldn't) ..... + */ + for(i--; i >= 0; i--) { + lock_pid = get_lock_pid( data, i, large_file_format); + count = get_lock_count( data, i, large_file_format); + offset = get_lock_offset( data, i, large_file_format, &err); + + /* + * There is no error code marked "stupid client bug".... :-). + */ + if(err) { + END_PROFILE(SMBlockingX); + return ERROR_DOS(ERRDOS,ERRnoaccess); + } + + do_unlock(fsp,conn,lock_pid,count,offset); + } + END_PROFILE(SMBlockingX); + return ERROR_NT(status); + } - /* - * There is no error code marked "stupid client bug".... :-). - */ - if(err) { + set_message(outbuf,2,0,True); + + DEBUG( 3, ( "lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", + fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks ) ); + END_PROFILE(SMBlockingX); - return ERROR(ERRDOS,ERRnoaccess); - } - - do_unlock(fsp,conn,lock_pid,count,offset,&dummy1,&dummy2); - } - END_PROFILE(SMBlockingX); - return ERROR(eclass,ecode); - } - - set_message(outbuf,2,0,True); - - DEBUG( 3, ( "lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", - fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks ) ); - - END_PROFILE(SMBlockingX); - return chain_reply(inbuf,outbuf,length,bufsize); + return chain_reply(inbuf,outbuf,length,bufsize); } @@ -4411,14 +4338,13 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, /* this function doesn't seem to work - disable by default */ if (!lp_readbmpx()) { END_PROFILE(SMBreadBmpx); - return(ERROR(ERRSRV,ERRuseSTD)); + return ERROR_DOS(ERRSRV,ERRuseSTD); } outsize = set_message(outbuf,8,0,True); CHECK_FSP(fsp,conn); CHECK_READ(fsp); - CHECK_ERROR(fsp); startpos = IVAL(inbuf,smb_vwv1); maxcount = SVAL(inbuf,smb_vwv3); @@ -4434,7 +4360,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, if (is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { END_PROFILE(SMBreadBmpx); - return(ERROR(ERRDOS,ERRlock)); + return ERROR_DOS(ERRDOS,ERRlock); } do @@ -4466,200 +4392,6 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, return(-1); } -/**************************************************************************** - reply to a SMBwritebmpx (write block multiplex primary) request -****************************************************************************/ - -int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) -{ - size_t numtowrite; - ssize_t nwritten = -1; - int outsize = 0; - SMB_OFF_T startpos; - size_t tcount; - BOOL write_through; - int smb_doff; - char *data; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - START_PROFILE(SMBwriteBmpx); - - CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); - CHECK_ERROR(fsp); - - tcount = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv3); - write_through = BITSETW(inbuf+smb_vwv7,0); - numtowrite = SVAL(inbuf,smb_vwv10); - smb_doff = SVAL(inbuf,smb_vwv11); - - data = smb_base(inbuf) + smb_doff; - - /* If this fails we need to send an SMBwriteC response, - not an SMBwritebmpx - set this up now so we don't forget */ - CVAL(outbuf,smb_com) = SMBwritec; - - if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK,False)) { - END_PROFILE(SMBwriteBmpx); - return(ERROR(ERRDOS,ERRlock)); - } - - nwritten = write_file(fsp,data,startpos,numtowrite); - - if(lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); - - if(nwritten < (ssize_t)numtowrite) { - END_PROFILE(SMBwriteBmpx); - return(UNIXERROR(ERRHRD,ERRdiskfull)); - } - - /* If the maximum to be written to this file - is greater than what we just wrote then set - up a secondary struct to be attached to this - fd, we will use this to cache error messages etc. */ - if((ssize_t)tcount > nwritten) - { - write_bmpx_struct *wbms; - if(fsp->wbmpx_ptr != NULL) - wbms = fsp->wbmpx_ptr; /* Use an existing struct */ - else - wbms = (write_bmpx_struct *)malloc(sizeof(write_bmpx_struct)); - if(!wbms) - { - DEBUG(0,("Out of memory in reply_readmpx\n")); - END_PROFILE(SMBwriteBmpx); - return(ERROR(ERRSRV,ERRnoresource)); - } - wbms->wr_mode = write_through; - wbms->wr_discard = False; /* No errors yet */ - wbms->wr_total_written = nwritten; - wbms->wr_errclass = 0; - wbms->wr_error = 0; - fsp->wbmpx_ptr = wbms; - } - - /* We are returning successfully, set the message type back to - SMBwritebmpx */ - CVAL(outbuf,smb_com) = SMBwriteBmpx; - - outsize = set_message(outbuf,1,0,True); - - SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */ - - DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n", - fsp->fnum, (int)numtowrite, (int)nwritten ) ); - - if (write_through && tcount==nwritten) { - /* we need to send both a primary and a secondary response */ - smb_setlen(outbuf,outsize - 4); - if (!send_smb(smbd_server_fd(),outbuf)) - exit_server("reply_writebmpx: send_smb failed.\n"); - - /* now the secondary */ - outsize = set_message(outbuf,1,0,True); - CVAL(outbuf,smb_com) = SMBwritec; - SSVAL(outbuf,smb_vwv0,nwritten); - } - - END_PROFILE(SMBwriteBmpx); - return(outsize); -} - - -/**************************************************************************** - reply to a SMBwritebs (write block multiplex secondary) request -****************************************************************************/ -int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) -{ - size_t numtowrite; - ssize_t nwritten = -1; - int outsize = 0; - SMB_OFF_T startpos; - size_t tcount; - BOOL write_through; - int smb_doff; - char *data; - write_bmpx_struct *wbms; - BOOL send_response = False; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - START_PROFILE(SMBwriteBs); - - CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); - - tcount = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv2); - numtowrite = SVAL(inbuf,smb_vwv6); - smb_doff = SVAL(inbuf,smb_vwv7); - - data = smb_base(inbuf) + smb_doff; - - /* We need to send an SMBwriteC response, not an SMBwritebs */ - CVAL(outbuf,smb_com) = SMBwritec; - - /* This fd should have an auxiliary struct attached, - check that it does */ - wbms = fsp->wbmpx_ptr; - if(!wbms) { - END_PROFILE(SMBwriteBs); - return(-1); - } - - /* If write through is set we can return errors, else we must - cache them */ - write_through = wbms->wr_mode; - - /* Check for an earlier error */ - if(wbms->wr_discard) { - END_PROFILE(SMBwriteBs); - return -1; /* Just discard the packet */ - } - - nwritten = write_file(fsp,data,startpos,numtowrite); - - if(lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); - - if (nwritten < (ssize_t)numtowrite) - { - if(write_through) - { - /* We are returning an error - we can delete the aux struct */ - if (wbms) free((char *)wbms); - fsp->wbmpx_ptr = NULL; - END_PROFILE(SMBwriteBs); - return(ERROR(ERRHRD,ERRdiskfull)); - } - END_PROFILE(SMBwriteBs); - return(CACHE_ERROR(wbms,ERRHRD,ERRdiskfull)); - } - - /* Increment the total written, if this matches tcount - we can discard the auxiliary struct (hurrah !) and return a writeC */ - wbms->wr_total_written += nwritten; - if(wbms->wr_total_written >= tcount) - { - if (write_through) - { - outsize = set_message(outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,wbms->wr_total_written); - send_response = True; - } - - free((char *)wbms); - fsp->wbmpx_ptr = NULL; - } - - if(send_response) { - END_PROFILE(SMBwriteBs); - return(outsize); - } - - END_PROFILE(SMBwriteBs); - return(-1); -} - /**************************************************************************** reply to a SMBsetattrE @@ -4675,7 +4407,6 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, outsize = set_message(outbuf,0,0,True); CHECK_FSP(fsp,conn); - CHECK_ERROR(fsp); /* Convert the DOS times into unix times. Ignore create time as UNIX can't set this. @@ -4708,7 +4439,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, /* Set the date on this file */ if(file_utime(conn, fsp->fsp_name, &unix_times)) { END_PROFILE(SMBsetattrE); - return(ERROR(ERRDOS,ERRnoaccess)); + return ERROR_DOS(ERRDOS,ERRnoaccess); } DEBUG( 3, ( "reply_setattrE fnum=%d actime=%d modtime=%d\n", @@ -4734,7 +4465,6 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, outsize = set_message(outbuf,11,0,True); CHECK_FSP(fsp,conn); - CHECK_ERROR(fsp); /* Do an fstat on this file */ if(vfs_fstat(fsp,fsp->fd, &sbuf)) { -- cgit From ee5f7237decfe446f4fdb08422beb2e6cb43af7f Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 27 Aug 2001 17:52:23 +0000 Subject: started converting NTSTATUS to be a structure on systems with gcc in order to make it type incompatible with BOOL so we catch errors sooner. This has already found a number of bugs (This used to be commit 1b778bc7d22efff3f90dc450eb12baa1241cf68f) --- source3/smbd/reply.c | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 236bb48ce9..f1a83c27f0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -487,7 +487,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out if (!last_challenge(user_info.chal)) { DEBUG(1,("smb_password_ok: no challenge done - password failed\n")); - return NT_STATUS_LOGON_FAILURE; + return ERROR_NT(NT_STATUS_LOGON_FAILURE); } pdb_init_sam(&sam_trust_acct); @@ -789,9 +789,11 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int add_session_user(user); if (!guest) { - valid_password = (pass_check_smb(user, domain, - (unsigned char *)smb_apasswd, smb_apasslen, - (unsigned char *)smb_ntpasswd, smb_ntpasslen) == NT_STATUS_NOPROBLEMO); + valid_password = NT_STATUS_IS_OK(pass_check_smb(user, domain, + (unsigned char *)smb_apasswd, + smb_apasslen, + (unsigned char *)smb_ntpasswd, + smb_ntpasslen)); /* The true branch will be executed if (1) the NT password failed (or was not tried), and @@ -2086,7 +2088,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length status = do_lock(fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK); - if (status != NT_STATUS_NOPROBLEMO) { + if (NT_STATUS_V(status)) { if (lp_blocking_locks(SNUM(conn))) { /* * A blocking lock was requested. Package up @@ -2407,7 +2409,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, status = do_unlock(fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtowrite, (SMB_BIG_UINT)startpos); - if (status != NT_STATUS_NOPROBLEMO) { + if (NT_STATUS_V(status)) { END_PROFILE(SMBwriteunlock); return ERROR_NT(status); } @@ -2885,8 +2887,8 @@ int reply_lock(connection_struct *conn, fsp->fd, fsp->fnum, (double)offset, (double)count)); status = do_lock(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK); - if (status != NT_STATUS_NOPROBLEMO) { - if (status != NT_STATUS_NOPROBLEMO && lp_blocking_locks(SNUM(conn))) { + if (NT_STATUS_V(status)) { + if (lp_blocking_locks(SNUM(conn))) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it @@ -2924,7 +2926,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); status = do_unlock(fsp, conn, SVAL(inbuf,smb_pid), count, offset); - if (status != NT_STATUS_NOPROBLEMO) { + if (NT_STATUS_V(status)) { END_PROFILE(SMBunlock); return ERROR_NT(status); } @@ -4232,7 +4234,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); (double)offset, (double)count, (unsigned int)lock_pid, fsp->fsp_name )); status = do_unlock(fsp,conn,lock_pid,count,offset); - if (status != NT_STATUS_NOPROBLEMO) { + if (NT_STATUS_V(status)) { END_PROFILE(SMBlockingX); return ERROR_NT(status); } @@ -4265,7 +4267,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); status = do_lock(fsp,conn,lock_pid, count,offset, ((locktype & 1) ? READ_LOCK : WRITE_LOCK)); - if (status != NT_STATUS_NOPROBLEMO) { + if (NT_STATUS_V(status)) { if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn))) { /* * A blocking lock was requested. Package up -- cgit From 4bd774f458e0628986c8b135686238acf2ff32c9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 30 Aug 2001 22:20:02 +0000 Subject: Fix crash bug with indirecting through null pointer on recursive delete. Jeremy. (This used to be commit a6f04d16613a06c1aafa89d7373d1e4b4a5fb45b) --- source3/smbd/reply.c | 253 ++++++++++++++++++++++++--------------------------- 1 file changed, 119 insertions(+), 134 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f1a83c27f0..deee0f88f8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3209,86 +3209,80 @@ int mkdir_internal(connection_struct *conn, char *inbuf, char *outbuf, pstring d } /**************************************************************************** - reply to a mkdir + Reply to a mkdir. ****************************************************************************/ + int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - pstring directory; - int outsize; - START_PROFILE(SMBmkdir); + pstring directory; + int outsize; + START_PROFILE(SMBmkdir); - srvstr_pull(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), -1, STR_TERMINATE); + srvstr_pull(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), -1, STR_TERMINATE); - outsize=mkdir_internal(conn, inbuf, outbuf, directory); - if(outsize == 0) - outsize = set_message(outbuf,0,0,True); + outsize=mkdir_internal(conn, inbuf, outbuf, directory); + if(outsize == 0) + outsize = set_message(outbuf,0,0,True); - DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) ); + DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) ); - END_PROFILE(SMBmkdir); - return(outsize); + END_PROFILE(SMBmkdir); + return(outsize); } /**************************************************************************** -Static function used by reply_rmdir to delete an entire directory -tree recursively. + Static function used by reply_rmdir to delete an entire directory + tree recursively. Return False on ok, True on fail. ****************************************************************************/ static BOOL recursive_rmdir(connection_struct *conn, char *directory) { - char *dname = NULL; - BOOL ret = False; - void *dirptr = OpenDir(NULL, directory, False); + char *dname = NULL; + BOOL ret = False; + void *dirptr = OpenDir(conn, directory, False); - if(dirptr == NULL) - return True; + if(dirptr == NULL) + return True; - while((dname = ReadDirName(dirptr))) - { - pstring fullname; - SMB_STRUCT_STAT st; + while((dname = ReadDirName(dirptr))) { + pstring fullname; + SMB_STRUCT_STAT st; - if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) - continue; + if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) + continue; - /* Construct the full name. */ - if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) - { - errno = ENOMEM; - ret = True; - break; - } - pstrcpy(fullname, directory); - pstrcat(fullname, "/"); - pstrcat(fullname, dname); + /* Construct the full name. */ + if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) { + errno = ENOMEM; + ret = True; + break; + } - if(conn->vfs_ops.lstat(conn,fullname, &st) != 0) - { - ret = True; - break; - } + pstrcpy(fullname, directory); + pstrcat(fullname, "/"); + pstrcat(fullname, dname); - if(st.st_mode & S_IFDIR) - { - if(recursive_rmdir(conn, fullname)!=0) - { - ret = True; - break; - } - if(vfs_rmdir(conn,fullname) != 0) - { - ret = True; - break; - } - } - else if(vfs_unlink(conn,fullname) != 0) - { - ret = True; - break; - } - } - CloseDir(dirptr); - return ret; + if(conn->vfs_ops.lstat(conn,fullname, &st) != 0) { + ret = True; + break; + } + + if(st.st_mode & S_IFDIR) { + if(recursive_rmdir(conn, fullname)!=0) { + ret = True; + break; + } + if(vfs_rmdir(conn,fullname) != 0) { + ret = True; + break; + } + } else if(vfs_unlink(conn,fullname) != 0) { + ret = True; + break; + } + } + CloseDir(dirptr); + return ret; } /**************************************************************************** @@ -3297,86 +3291,77 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) BOOL rmdir_internals(connection_struct *conn, char *directory) { - BOOL ok; + BOOL ok; + + ok = (vfs_rmdir(conn,directory) == 0); + if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) { + /* + * Check to see if the only thing in this directory are + * vetoed files/directories. If so then delete them and + * retry. If we fail to delete any of them (and we *don't* + * do a recursive delete) then fail the rmdir. + */ + BOOL all_veto_files = True; + char *dname; + void *dirptr = OpenDir(conn, directory, False); - ok = (vfs_rmdir(conn,directory) == 0); - if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) - { - /* - * Check to see if the only thing in this directory are - * vetoed files/directories. If so then delete them and - * retry. If we fail to delete any of them (and we *don't* - * do a recursive delete) then fail the rmdir. - */ - BOOL all_veto_files = True; - char *dname; - void *dirptr = OpenDir(conn, directory, False); + if(dirptr != NULL) { + int dirpos = TellDir(dirptr); + while ((dname = ReadDirName(dirptr))) { + if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) + continue; + if(!IS_VETO_PATH(conn, dname)) { + all_veto_files = False; + break; + } + } - if(dirptr != NULL) - { - int dirpos = TellDir(dirptr); - while ((dname = ReadDirName(dirptr))) - { - if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) - continue; - if(!IS_VETO_PATH(conn, dname)) - { - all_veto_files = False; - break; - } - } - if(all_veto_files) - { - SeekDir(dirptr,dirpos); - while ((dname = ReadDirName(dirptr))) - { - pstring fullname; - SMB_STRUCT_STAT st; + if(all_veto_files) { + SeekDir(dirptr,dirpos); + while ((dname = ReadDirName(dirptr))) { + pstring fullname; + SMB_STRUCT_STAT st; - if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) - continue; + if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) + continue; - /* Construct the full name. */ - if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) - { - errno = ENOMEM; - break; - } - pstrcpy(fullname, directory); - pstrcat(fullname, "/"); - pstrcat(fullname, dname); + /* Construct the full name. */ + if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) { + errno = ENOMEM; + break; + } + + pstrcpy(fullname, directory); + pstrcat(fullname, "/"); + pstrcat(fullname, dname); - if(conn->vfs_ops.lstat(conn,fullname, &st) != 0) - break; - if(st.st_mode & S_IFDIR) - { - if(lp_recursive_veto_delete(SNUM(conn))) - { - if(recursive_rmdir(conn, fullname) != 0) - break; - } - if(vfs_rmdir(conn,fullname) != 0) - break; - } - else if(vfs_unlink(conn,fullname) != 0) - break; - } - CloseDir(dirptr); - /* Retry the rmdir */ - ok = (vfs_rmdir(conn,directory) == 0); - } - else - CloseDir(dirptr); - } - else - errno = ENOTEMPTY; - } - - if (!ok) - DEBUG(3,("rmdir_internals: couldn't remove directory %s : %s\n", - directory,strerror(errno))); + if(conn->vfs_ops.lstat(conn,fullname, &st) != 0) + break; + if(st.st_mode & S_IFDIR) { + if(lp_recursive_veto_delete(SNUM(conn))) { + if(recursive_rmdir(conn, fullname) != 0) + break; + } + if(vfs_rmdir(conn,fullname) != 0) + break; + } else if(vfs_unlink(conn,fullname) != 0) + break; + } + CloseDir(dirptr); + /* Retry the rmdir */ + ok = (vfs_rmdir(conn,directory) == 0); + } else { + CloseDir(dirptr); + } + } else { + errno = ENOTEMPTY; + } + } + + if (!ok) + DEBUG(3,("rmdir_internals: couldn't remove directory %s : %s\n", directory,strerror(errno))); - return ok; + return ok; } /**************************************************************************** -- cgit From bd7ba65ddab3df4c69ce13957fb202b993365897 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 1 Sep 2001 23:06:57 +0000 Subject: more NTSTATUS changes (This used to be commit 8a49b2f7df46b2c990a980758fe1f3871e8b578e) --- source3/smbd/reply.c | 21 ++++----------------- 1 file changed, 4 insertions(+), 17 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index deee0f88f8..8b392e9e0a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -155,19 +155,6 @@ int reply_special(char *inbuf,char *outbuf) } -/******************************************************************* -work out what error to give to a failed connection -********************************************************************/ - -static int connection_error(char *inbuf,char *outbuf,int ecode) -{ - if (ecode == ERRnoipc || ecode == ERRnosuchshare) - return(ERROR_DOS(ERRDOS,ecode)); - - return(ERROR_DOS(ERRSRV,ecode)); -} - - /**************************************************************************** Reply to a tcon. ****************************************************************************/ @@ -182,7 +169,7 @@ int reply_tcon(connection_struct *conn, int outsize = 0; uint16 vuid = SVAL(inbuf,smb_uid); int pwlen=0; - int ecode = -1; + NTSTATUS ecode; char *p; START_PROFILE(SMBtcon); @@ -231,7 +218,7 @@ int reply_tcon(connection_struct *conn, if (!conn) { END_PROFILE(SMBtcon); - return(connection_error(inbuf,outbuf,ecode)); + return ERROR_NT(ecode); } outsize = set_message(outbuf,2,0,True); @@ -256,7 +243,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt pstring user; pstring password; pstring devicename; - int ecode = -1; + NTSTATUS ecode; uint16 vuid = SVAL(inbuf,smb_uid); int passlen = SVAL(inbuf,smb_vwv3); pstring path; @@ -337,7 +324,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (!conn) { END_PROFILE(SMBtconX); - return(connection_error(inbuf,outbuf,ecode)); + return ERROR_NT(ecode); } if (Protocol < PROTOCOL_NT1) { -- cgit From 19fea3242cf6234786b6cbb60631e0071f31ff9f Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 4 Sep 2001 07:13:01 +0000 Subject: the next stage in the NTSTATUS/WERROR change. smbd and nmbd now compile, but the client code still needs some work (This used to be commit dcd6e735f709a9231860ceb9682db40ff26c9a66) --- source3/smbd/reply.c | 185 +++++++++++++++++++++++---------------------------- 1 file changed, 83 insertions(+), 102 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8b392e9e0a..73cfd5ac85 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -499,7 +499,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out return(ERROR_NT(NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(sam_trust_acct, &user_info, &server_info)) { + if (!NT_STATUS_IS_OK(smb_password_ok(sam_trust_acct, &user_info, &server_info))) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); pdb_free_sam(sam_trust_acct); return(ERROR_NT(NT_STATUS_LOGON_FAILURE)); @@ -1751,14 +1751,13 @@ static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) code. ****************************************************************************/ -int unlink_internals(connection_struct *conn, char *inbuf,char *outbuf, - int dirtype, char *name) +NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) { pstring directory; pstring mask; char *p; int count=0; - int error = ERRnoaccess; + NTSTATUS error = NT_STATUS_OK; BOOL has_wild; BOOL exists=False; BOOL bad_path = False; @@ -1797,7 +1796,7 @@ int unlink_internals(connection_struct *conn, char *inbuf,char *outbuf, pstrcat(directory,"/"); pstrcat(directory,mask); if (!can_delete(directory,conn,dirtype)) { - return ERROR_NT(NT_STATUS_SHARING_VIOLATION); + return NT_STATUS_SHARING_VIOLATION; } if (vfs_unlink(conn,directory) == 0) { count++; @@ -1817,7 +1816,7 @@ int unlink_internals(connection_struct *conn, char *inbuf,char *outbuf, */ if (dirptr) { - error = ERRbadfile; + error = NT_STATUS_OBJECT_NAME_NOT_FOUND; if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); @@ -1828,7 +1827,7 @@ int unlink_internals(connection_struct *conn, char *inbuf,char *outbuf, if(!mask_match(fname, mask, case_sensitive)) continue; - error = ERRnoaccess; + error = NT_STATUS_ACCESS_DENIED; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); if (!can_delete(fname,conn,dirtype)) continue; if (vfs_unlink(conn,fname) == 0) count++; @@ -1838,19 +1837,11 @@ int unlink_internals(connection_struct *conn, char *inbuf,char *outbuf, } } - if (count == 0) { - if (exists) - return ERROR_DOS(ERRDOS,error); - else { - if((errno == ENOENT) && bad_path) { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - return(UNIXERROR(ERRDOS,error)); - } + if (count == 0 && NT_STATUS_IS_OK(error)) { + error = map_nt_error_from_unix(errno); } - - return 0; + + return error; } /**************************************************************************** @@ -1863,6 +1854,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int outsize = 0; pstring name; int dirtype; + NTSTATUS status; START_PROFILE(SMBunlink); dirtype = SVAL(inbuf,smb_vwv0); @@ -1873,16 +1865,16 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(3,("reply_unlink : %s\n",name)); - outsize = unlink_internals(conn, inbuf, outbuf, dirtype, name); - if(outsize == 0) { - /* - * Win2k needs a changenotify request response before it will - * update after a rename.. - */ - process_pending_change_notify_queue((time_t)0); - - outsize = set_message(outbuf,0,0,True); - } + status = unlink_internals(conn, dirtype, name); + if (!NT_STATUS_IS_OK(status)) return ERROR_NT(status); + + /* + * Win2k needs a changenotify request response before it will + * update after a rename.. + */ + process_pending_change_notify_queue((time_t)0); + + outsize = set_message(outbuf,0,0,True); END_PROFILE(SMBunlink); return outsize; @@ -3171,28 +3163,22 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ The guts of the mkdir command, split out so it may be called by the NT SMB code. ****************************************************************************/ -int mkdir_internal(connection_struct *conn, char *inbuf, char *outbuf, pstring directory) +NTSTATUS mkdir_internal(connection_struct *conn, pstring directory) { - BOOL bad_path = False; - SMB_STRUCT_STAT sbuf; - int ret= -1; - - unix_convert(directory,conn,0,&bad_path,&sbuf); - - if (check_name(directory, conn)) - ret = vfs_mkdir(conn,directory,unix_mode(conn,aDIR,directory)); - - if (ret < 0) - { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - - return ret; + BOOL bad_path = False; + SMB_STRUCT_STAT sbuf; + int ret= -1; + + unix_convert(directory,conn,0,&bad_path,&sbuf); + + if (check_name(directory, conn)) + ret = vfs_mkdir(conn,directory,unix_mode(conn,aDIR,directory)); + + if (ret == -1) { + return map_nt_error_from_unix(errno); + } + + return NT_STATUS_OK; } /**************************************************************************** @@ -3203,13 +3189,15 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, { pstring directory; int outsize; + NTSTATUS status; START_PROFILE(SMBmkdir); srvstr_pull(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), -1, STR_TERMINATE); - outsize=mkdir_internal(conn, inbuf, outbuf, directory); - if(outsize == 0) - outsize = set_message(outbuf,0,0,True); + status = mkdir_internal(conn, directory); + if (!NT_STATUS_IS_OK(status)) return ERROR_NT(status); + + outsize = set_message(outbuf,0,0,True); DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) ); @@ -3478,9 +3466,9 @@ static BOOL can_rename(char *fname,connection_struct *conn) The guts of the rename command, split out so it may be called by the NT SMB code. ****************************************************************************/ -int rename_internals(connection_struct *conn, - char *inbuf, char *outbuf, char *name, - char *newname, BOOL replace_if_exists) +NTSTATUS rename_internals(connection_struct *conn, + char *name, + char *newname, BOOL replace_if_exists) { pstring directory; pstring mask; @@ -3490,7 +3478,7 @@ int rename_internals(connection_struct *conn, BOOL bad_path1 = False; BOOL bad_path2 = False; int count=0; - int error = ERRnoaccess; + NTSTATUS error = NT_STATUS_OK; BOOL exists=False; BOOL rc = True; SMB_STRUCT_STAT sbuf1, sbuf2; @@ -3600,13 +3588,13 @@ int rename_internals(connection_struct *conn, if(resolve_wildcards(directory,newname) && can_rename(directory,conn) && - !conn->vfs_ops.rename(conn,directory,newname)) + conn->vfs_ops.rename(conn,directory,newname) == 0) count++; } else { if (resolve_wildcards(directory,newname) && can_rename(directory,conn) && !vfs_file_exist(conn,newname,NULL) && - !conn->vfs_ops.rename(conn,directory,newname)) + conn->vfs_ops.rename(conn,directory,newname) == 0) count++; } @@ -3616,7 +3604,7 @@ int rename_internals(connection_struct *conn, if (!count) exists = vfs_file_exist(conn,directory,NULL); if (!count && exists && vfs_file_exist(conn,newname,NULL)) { exists = True; - error = ERRrename; + error = NT_STATUS_OBJECT_NAME_COLLISION; } } else { /* @@ -3630,7 +3618,7 @@ int rename_internals(connection_struct *conn, dirptr = OpenDir(conn, directory, True); if (dirptr) { - error = ERRbadfile; + error = NT_STATUS_OBJECT_NAME_NOT_FOUND; if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); @@ -3643,7 +3631,7 @@ int rename_internals(connection_struct *conn, if(!mask_match(fname, mask, case_sensitive)) continue; - error = ERRnoaccess; + error = NT_STATUS_ACCESS_DENIED; slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); if (!can_rename(fname,conn)) { DEBUG(6,("rename %s refused\n", fname)); @@ -3660,7 +3648,7 @@ int rename_internals(connection_struct *conn, if (!replace_if_exists && vfs_file_exist(conn,destname, NULL)) { DEBUG(6,("file_exist %s\n", destname)); - error = 183; + error = NT_STATUS_OBJECT_NAME_COLLISION; continue; } @@ -3672,59 +3660,52 @@ int rename_internals(connection_struct *conn, } } - if (count == 0) { - if (exists) - return ERROR_DOS(ERRDOS,error); - else { - if((errno == ENOENT) && (bad_path1 || bad_path2)) { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - return(UNIXERROR(ERRDOS,error)); - } + if (count == 0 && NT_STATUS_IS_OK(error)) { + error = map_nt_error_from_unix(errno); } - return 0; + return error; } /**************************************************************************** Reply to a mv. ****************************************************************************/ -int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, + int dum_buffsize) { - int outsize = 0; - pstring name; - pstring newname; - char *p; - - START_PROFILE(SMBmv); - - p = smb_buf(inbuf) + 1; - p += srvstr_pull(inbuf, name, p, sizeof(name), -1, STR_TERMINATE); - p++; - p += srvstr_pull(inbuf, newname, p, sizeof(newname), -1, STR_TERMINATE); - - RESOLVE_DFSPATH(name, conn, inbuf, outbuf); - RESOLVE_DFSPATH(newname, conn, inbuf, outbuf); + int outsize = 0; + pstring name; + pstring newname; + char *p; + NTSTATUS status; - DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); + START_PROFILE(SMBmv); - outsize = rename_internals(conn, inbuf, outbuf, name, newname, False); - if(outsize == 0) { + p = smb_buf(inbuf) + 1; + p += srvstr_pull(inbuf, name, p, sizeof(name), -1, STR_TERMINATE); + p++; + p += srvstr_pull(inbuf, newname, p, sizeof(newname), -1, STR_TERMINATE); + + RESOLVE_DFSPATH(name, conn, inbuf, outbuf); + RESOLVE_DFSPATH(newname, conn, inbuf, outbuf); + + DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); + + status = rename_internals(conn, name, newname, False); + if (!NT_STATUS_IS_OK(status)) { + return ERROR_NT(status); + } /* - * Win2k needs a changenotify request response before it will - * update after a rename.. - */ - - process_pending_change_notify_queue((time_t)0); - - outsize = set_message(outbuf,0,0,True); - } + * Win2k needs a changenotify request response before it will + * update after a rename.. + */ + process_pending_change_notify_queue((time_t)0); + outsize = set_message(outbuf,0,0,True); - END_PROFILE(SMBmv); - return(outsize); + END_PROFILE(SMBmv); + return(outsize); } /******************************************************************* -- cgit From 7e75921e24dc1cca934bc5e4350137292a2f2112 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 4 Sep 2001 19:10:30 +0000 Subject: Merge of transfer file code from 2.2, fix for readbraw. Jeremy. (This used to be commit c05e79453655abb67fd47a2d3dba88b4c5377e35) --- source3/smbd/reply.c | 534 +++++++++++++++++++++++++-------------------------- 1 file changed, 267 insertions(+), 267 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 73cfd5ac85..2af1f62356 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1880,157 +1880,147 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return outsize; } +/**************************************************************************** + Fail for readbraw. +****************************************************************************/ + +void fail_readraw(void) +{ + pstring errstr; + slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)\n", + strerror(errno) ); + exit_server(errstr); +} /**************************************************************************** - reply to a readbraw (core+ protocol) + Reply to a readbraw (core+ protocol). ****************************************************************************/ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int dum_buffsize) { - size_t maxcount,mincount; - size_t nread = 0; - SMB_OFF_T startpos; - char *header = outbuf; - ssize_t ret=0; - files_struct *fsp; - START_PROFILE(SMBreadbraw); + size_t maxcount,mincount; + size_t nread = 0; + SMB_OFF_T startpos; + char *header = outbuf; + ssize_t ret=0; + files_struct *fsp; + START_PROFILE(SMBreadbraw); - /* - * Special check if an oplock break has been issued - * and the readraw request croses on the wire, we must - * return a zero length response here. - */ + /* + * Special check if an oplock break has been issued + * and the readraw request croses on the wire, we must + * return a zero length response here. + */ - if(global_oplock_break) - { - _smb_setlen(header,0); - transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0); - DEBUG(5,("readbraw - oplock break finished\n")); - END_PROFILE(SMBreadbraw); - return -1; - } + if(global_oplock_break) { + _smb_setlen(header,0); + if (write_data(smbd_server_fd(),header,4) != 4) + fail_readraw(); + DEBUG(5,("readbraw - oplock break finished\n")); + END_PROFILE(SMBreadbraw); + return -1; + } - fsp = file_fsp(inbuf,smb_vwv0); - - if (!FNUM_OK(fsp,conn) || !fsp->can_read) { - /* - * fsp could be NULL here so use the value from the packet. JRA. - */ - DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0))); - _smb_setlen(header,0); - transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0); - END_PROFILE(SMBreadbraw); - return(-1); - } + fsp = file_fsp(inbuf,smb_vwv0); - CHECK_FSP(fsp,conn); + if (!FNUM_OK(fsp,conn) || !fsp->can_read) { + /* + * fsp could be NULL here so use the value from the packet. JRA. + */ + DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0))); + _smb_setlen(header,0); + if (write_data(smbd_server_fd(),header,4) != 4) + fail_readraw(); + END_PROFILE(SMBreadbraw); + return(-1); + } - flush_write_cache(fsp, READRAW_FLUSH); + CHECK_FSP(fsp,conn); - startpos = IVAL(inbuf,smb_vwv1); - if(CVAL(inbuf,smb_wct) == 10) { - /* - * This is a large offset (64 bit) read. - */ + flush_write_cache(fsp, READRAW_FLUSH); + + startpos = IVAL(inbuf,smb_vwv1); + if(CVAL(inbuf,smb_wct) == 10) { + /* + * This is a large offset (64 bit) read. + */ #ifdef LARGE_SMB_OFF_T - startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv8)) << 32); + startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv8)) << 32); #else /* !LARGE_SMB_OFF_T */ - /* - * Ensure we haven't been sent a >32 bit offset. - */ + /* + * Ensure we haven't been sent a >32 bit offset. + */ - if(IVAL(inbuf,smb_vwv8) != 0) { - DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \ + if(IVAL(inbuf,smb_vwv8) != 0) { + DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \ 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) )); - _smb_setlen(header,0); - transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0); - END_PROFILE(SMBreadbraw); - return(-1); - } + _smb_setlen(header,0); + if (write_data(smbd_server_fd(),header,4) != 4) + fail_readraw(); + END_PROFILE(SMBreadbraw); + return(-1); + } #endif /* LARGE_SMB_OFF_T */ - if(startpos < 0) { - DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", - (double)startpos )); - _smb_setlen(header,0); - transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0); - END_PROFILE(SMBreadbraw); - return(-1); - } - } - maxcount = (SVAL(inbuf,smb_vwv3) & 0xFFFF); - mincount = (SVAL(inbuf,smb_vwv4) & 0xFFFF); + if(startpos < 0) { + DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", (double)startpos )); + _smb_setlen(header,0); + if (write_data(smbd_server_fd(),header,4) != 4) + fail_readraw(); + END_PROFILE(SMBreadbraw); + return(-1); + } + } + maxcount = (SVAL(inbuf,smb_vwv3) & 0xFFFF); + mincount = (SVAL(inbuf,smb_vwv4) & 0xFFFF); - /* ensure we don't overrun the packet size */ - maxcount = MIN(65535,maxcount); - maxcount = MAX(mincount,maxcount); + /* ensure we don't overrun the packet size */ + maxcount = MIN(65535,maxcount); + maxcount = MAX(mincount,maxcount); - if (!is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK,False)) - { - SMB_OFF_T size = fsp->size; - SMB_OFF_T sizeneeded = startpos + maxcount; - - if (size < sizeneeded) - { - SMB_STRUCT_STAT st; - if (vfs_fstat(fsp,fsp->fd,&st) == 0) - size = st.st_size; - if (!fsp->can_write) - fsp->size = size; - } + if (!is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { + SMB_OFF_T size = fsp->size; + SMB_OFF_T sizeneeded = startpos + maxcount; + + if (size < sizeneeded) { + SMB_STRUCT_STAT st; + if (vfs_fstat(fsp,fsp->fd,&st) == 0) + size = st.st_size; + if (!fsp->can_write) + fsp->size = size; + } - nread = MIN(maxcount,(size - startpos)); - } + if (startpos >= size) + nread = 0; + else + nread = MIN(maxcount,(size - startpos)); + } - if (nread < mincount) - nread = 0; + if (nread < mincount) + nread = 0; - DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%d min=%d nread=%d\n", - fsp->fnum, (double)startpos, - (int)maxcount, (int)mincount, (int)nread ) ); + DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%d min=%d nread=%d\n", fsp->fnum, (double)startpos, + (int)maxcount, (int)mincount, (int)nread ) ); -#if UNSAFE_READRAW - { - BOOL seek_fail = False; - int predict=0; - _smb_setlen(header,nread); - - if ((nread-predict) > 0) { - if(conn->vfs_ops.seek(fsp,fsp->fd,startpos + predict) == -1) { - DEBUG(0,("reply_readbraw: ERROR: seek_file failed.\n")); - ret = 0; - seek_fail = True; - } - } - - if(!seek_fail) - ret = (ssize_t)vfs_transfer_file(-1, fsp, fsp->fd, Client, NULL, - (SMB_OFF_T)(nread-predict),header,4+predict, - startpos+predict); - } - - if (ret != nread+4) - DEBUG(0,("ERROR: file read failure on %s at %d for %d bytes (%d)\n", - fsp->fsp_name,startpos,nread,ret)); - -#else /* UNSAFE_READRAW */ - ret = read_file(fsp,header+4,startpos,nread); - if (ret < mincount) ret = 0; + if (nread > 0) { + ret = read_file(fsp,header+4,startpos,nread); + if (ret < mincount) + ret = 0; + } - _smb_setlen(header,ret); - transfer_file(0,smbd_server_fd(),0,header,4+ret,0); -#endif /* UNSAFE_READRAW */ + _smb_setlen(header,ret); + if (write_data(smbd_server_fd(),header,4+ret) != 4+ret) + fail_readraw(); - DEBUG(5,("readbraw finished\n")); - END_PROFILE(SMBreadbraw); - return -1; + DEBUG(5,("readbraw finished\n")); + END_PROFILE(SMBreadbraw); + return -1; } - /**************************************************************************** reply to a lockread (core+ protocol) ****************************************************************************/ @@ -2231,114 +2221,126 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - ssize_t nwritten=0; - ssize_t total_written=0; - size_t numtowrite=0; - size_t tcount; - SMB_OFF_T startpos; - char *data=NULL; - BOOL write_through; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - int outsize = 0; - START_PROFILE(SMBwritebraw); + ssize_t nwritten=0; + ssize_t total_written=0; + size_t numtowrite=0; + size_t tcount; + SMB_OFF_T startpos; + char *data=NULL; + BOOL write_through; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + int outsize = 0; + START_PROFILE(SMBwritebraw); - CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); - tcount = IVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv3); - write_through = BITSETW(inbuf+smb_vwv7,0); - - /* We have to deal with slightly different formats depending - on whether we are using the core+ or lanman1.0 protocol */ - if(Protocol <= PROTOCOL_COREPLUS) { - numtowrite = SVAL(smb_buf(inbuf),-2); - data = smb_buf(inbuf); - } else { - numtowrite = SVAL(inbuf,smb_vwv10); - data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11); - } + tcount = IVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv3); + write_through = BITSETW(inbuf+smb_vwv7,0); - /* force the error type */ - CVAL(inbuf,smb_com) = SMBwritec; - CVAL(outbuf,smb_com) = SMBwritec; + /* We have to deal with slightly different formats depending + on whether we are using the core+ or lanman1.0 protocol */ - if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { - END_PROFILE(SMBwritebraw); - return ERROR_DOS(ERRDOS,ERRlock); - } + if(Protocol <= PROTOCOL_COREPLUS) { + numtowrite = SVAL(smb_buf(inbuf),-2); + data = smb_buf(inbuf); + } else { + numtowrite = SVAL(inbuf,smb_vwv10); + data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11); + } - if (numtowrite>0) - nwritten = write_file(fsp,data,startpos,numtowrite); + /* force the error type */ + CVAL(inbuf,smb_com) = SMBwritec; + CVAL(outbuf,smb_com) = SMBwritec; + + if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { + END_PROFILE(SMBwritebraw); + return(ERROR_DOS(ERRDOS,ERRlock)); + } + + if (numtowrite>0) + nwritten = write_file(fsp,data,startpos,numtowrite); - DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n", - fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through)); + DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n", + fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through)); - if (nwritten < numtowrite) { - END_PROFILE(SMBwritebraw); - return(UNIXERROR(ERRHRD,ERRdiskfull)); - } + if (nwritten < numtowrite) { + END_PROFILE(SMBwritebraw); + return(UNIXERROR(ERRHRD,ERRdiskfull)); + } - total_written = nwritten; + total_written = nwritten; - /* Return a message to the redirector to tell it - to send more bytes */ - CVAL(outbuf,smb_com) = SMBwritebraw; - SSVALS(outbuf,smb_vwv0,-1); - outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); - if (!send_smb(smbd_server_fd(),outbuf)) - exit_server("reply_writebraw: send_smb failed.\n"); + /* Return a message to the redirector to tell it to send more bytes */ + CVAL(outbuf,smb_com) = SMBwritebraw; + SSVALS(outbuf,smb_vwv0,-1); + outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); + if (!send_smb(smbd_server_fd(),outbuf)) + exit_server("reply_writebraw: send_smb failed.\n"); - /* Now read the raw data into the buffer and write it */ - if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) { - exit_server("secondary writebraw failed"); - } + /* Now read the raw data into the buffer and write it */ + if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) { + exit_server("secondary writebraw failed"); + } - /* Even though this is not an smb message, smb_len - returns the generic length of an smb message */ - numtowrite = smb_len(inbuf); + /* Even though this is not an smb message, smb_len returns the generic length of an smb message */ + numtowrite = smb_len(inbuf); - if (tcount > nwritten+numtowrite) { - DEBUG(3,("Client overestimated the write %d %d %d\n", - (int)tcount,(int)nwritten,(int)numtowrite)); - } + /* Set up outbuf to return the correct return */ + outsize = set_message(outbuf,1,0,True); + CVAL(outbuf,smb_com) = SMBwritec; + SSVAL(outbuf,smb_vwv0,total_written); - nwritten = vfs_transfer_file(smbd_server_fd(), NULL, -1, fsp, - (SMB_OFF_T)numtowrite,NULL,0, - startpos+nwritten); - total_written += nwritten; - - /* Set up outbuf to return the correct return */ - outsize = set_message(outbuf,1,0,True); - CVAL(outbuf,smb_com) = SMBwritec; - SSVAL(outbuf,smb_vwv0,total_written); + if (numtowrite != 0) { - if (nwritten < (ssize_t)numtowrite) { - CVAL(outbuf,smb_rcls) = ERRHRD; - SSVAL(outbuf,smb_err,ERRdiskfull); - } + if (numtowrite > BUFFER_SIZE) { + DEBUG(0,("reply_writebraw: Oversize secondary write raw requested (%u). Terminating\n", + (unsigned int)numtowrite )); + exit_server("secondary writebraw failed"); + } - if ((lp_syncalways(SNUM(conn)) || write_through) && - lp_strict_sync(SNUM(conn))) - sync_file(conn,fsp); + if (tcount > nwritten+numtowrite) { + DEBUG(3,("Client overestimated the write %d %d %d\n", + (int)tcount,(int)nwritten,(int)numtowrite)); + } - DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n", - fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written)); + if (read_data( smbd_server_fd(), inbuf+4, numtowrite) != numtowrite ) { + DEBUG(0,("reply_writebraw: Oversize secondary write raw read failed (%s). Terminating\n", + strerror(errno) )); + exit_server("secondary writebraw failed"); + } - /* we won't return a status if write through is not selected - this - follows what WfWg does */ - END_PROFILE(SMBwritebraw); - if (!write_through && total_written==tcount) { - /* - * Fix for "rabbit pellet" mode, trigger an early TCP ack by - * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA. - */ - if (!send_keepalive(smbd_server_fd())) - exit_server("reply_writebraw: send of keepalive failed"); - return(-1); - } + nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite); - return(outsize); + if (nwritten < (ssize_t)numtowrite) { + CVAL(outbuf,smb_rcls) = ERRHRD; + SSVAL(outbuf,smb_err,ERRdiskfull); + } + + if (nwritten > 0) + total_written += nwritten; + } + + if ((lp_syncalways(SNUM(conn)) || write_through) && lp_strict_sync(SNUM(conn))) + sync_file(conn,fsp); + + DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n", + fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written)); + + /* we won't return a status if write through is not selected - this follows what WfWg does */ + END_PROFILE(SMBwritebraw); + if (!write_through && total_written==tcount) { + /* + * Fix for "rabbit pellet" mode, trigger an early TCP ack by + * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA. + */ + if (!send_keepalive(smbd_server_fd())) + exit_server("reply_writebraw: send of keepalive failed"); + return(-1); + } + + return(outsize); } /**************************************************************************** @@ -3709,82 +3711,80 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } /******************************************************************* - copy a file as part of a reply_copy - ******************************************************************/ + Copy a file as part of a reply_copy. +******************************************************************/ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, int count,BOOL target_is_directory, int *err_ret) { - int Access,action; - SMB_STRUCT_STAT src_sbuf, sbuf2; - SMB_OFF_T ret=-1; - files_struct *fsp1,*fsp2; - pstring dest; + int Access,action; + SMB_STRUCT_STAT src_sbuf, sbuf2; + SMB_OFF_T ret=-1; + files_struct *fsp1,*fsp2; + pstring dest; - *err_ret = 0; + *err_ret = 0; - pstrcpy(dest,dest1); - if (target_is_directory) { - char *p = strrchr_m(src,'/'); - if (p) - p++; - else - p = src; - pstrcat(dest,"/"); - pstrcat(dest,p); - } + pstrcpy(dest,dest1); + if (target_is_directory) { + char *p = strrchr_m(src,'/'); + if (p) + p++; + else + p = src; + pstrcat(dest,"/"); + pstrcat(dest,p); + } - if (!vfs_file_exist(conn,src,&src_sbuf)) - return(False); + if (!vfs_file_exist(conn,src,&src_sbuf)) + return(False); - fsp1 = open_file_shared(conn,src,&src_sbuf,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_RDONLY), - (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN),0,0,&Access,&action); + fsp1 = open_file_shared(conn,src,&src_sbuf,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_RDONLY), + (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN),0,0,&Access,&action); - if (!fsp1) { - return(False); - } + if (!fsp1) + return(False); - if (!target_is_directory && count) - ofun = FILE_EXISTS_OPEN; + if (!target_is_directory && count) + ofun = FILE_EXISTS_OPEN; - vfs_stat(conn,dest,&sbuf2); - fsp2 = open_file_shared(conn,dest,&sbuf2,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), - ofun,src_sbuf.st_mode,0,&Access,&action); + if (vfs_stat(conn,dest,&sbuf2) == -1) + ZERO_STRUCTP(&sbuf2); - if (!fsp2) { - close_file(fsp1,False); - return(False); - } + fsp2 = open_file_shared(conn,dest,&sbuf2,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), + ofun,src_sbuf.st_mode,0,&Access,&action); - if ((ofun&3) == 1) { - if(conn->vfs_ops.lseek(fsp2,fsp2->fd,0,SEEK_END) == -1) { - DEBUG(0,("copy_file: error - sys_lseek returned error %s\n", - strerror(errno) )); - /* - * Stop the copy from occurring. - */ - ret = -1; - src_sbuf.st_size = 0; - } - } + if (!fsp2) { + close_file(fsp1,False); + return(False); + } + + if ((ofun&3) == 1) { + if(conn->vfs_ops.lseek(fsp2,fsp2->fd,0,SEEK_END) == -1) { + DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) )); + /* + * Stop the copy from occurring. + */ + ret = -1; + src_sbuf.st_size = 0; + } + } - if (src_sbuf.st_size) - ret = vfs_transfer_file(-1, fsp1, -1, fsp2, src_sbuf.st_size, NULL, 0, 0); + if (src_sbuf.st_size) + ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size); - close_file(fsp1,False); - /* - * As we are opening fsp1 read-only we only expect - * an error on close on fsp2 if we are out of space. - * Thus we don't look at the error return from the - * close of fsp1. - */ - *err_ret = close_file(fsp2,False); + close_file(fsp1,False); + /* + * As we are opening fsp1 read-only we only expect + * an error on close on fsp2 if we are out of space. + * Thus we don't look at the error return from the + * close of fsp1. + */ + *err_ret = close_file(fsp2,False); - return(ret == (SMB_OFF_T)src_sbuf.st_size); + return(ret == (SMB_OFF_T)src_sbuf.st_size); } - - /**************************************************************************** reply to a file copy. ****************************************************************************/ -- cgit From 83ebf2b6b282926930dc2c5dee3b5f18447d6e81 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 6 Sep 2001 22:43:21 +0000 Subject: Fix the 62bit locking onto 32 bit NFS mounts problem generically for HPUX. Don. please check this out. Jeremy. (This used to be commit ce9f95996498f7795aaef069e1443ea1c7d524b3) --- source3/smbd/reply.c | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2af1f62356..26bd0b4714 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4041,6 +4041,38 @@ SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format return count; } +/**************************************************************************** + Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-). +****************************************************************************/ + +static uint32 map_lock_offset(uint32 high, uint32 low) +{ + unsigned int i; + uint32 mask = 0; + uint32 highcopy = high; + + /* + * Try and find out how many significant bits there are in high. + */ + + for(i = 0; highcopy; i++) + highcopy >>= 1; + + /* + * We use 31 bits not 32 here as POSIX + * lock offsets may not be negative. + */ + + mask = (~0) << (31 - i); + + if(low & mask) + return 0; /* Fail. */ + + high <<= (31 - i); + + return (high|low); +} + /**************************************************************************** Get a lock offset, dealing with large offset requests. ****************************************************************************/ -- cgit From 0135666934c5a8db796539b5414b72e1c2c8348d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 7 Sep 2001 20:01:19 +0000 Subject: #ifdef out function when not used. Jeremy. (This used to be commit fa8d626a2773569a454451e77ea56c707b33b69e) --- source3/smbd/reply.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 26bd0b4714..0d1d5eed7c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4041,6 +4041,7 @@ SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format return count; } +#if !defined(HAVE_LONGLONG) /**************************************************************************** Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-). ****************************************************************************/ @@ -4072,6 +4073,7 @@ static uint32 map_lock_offset(uint32 high, uint32 low) return (high|low); } +#endif /* !defined(HAVE_LONGLONG) */ /**************************************************************************** Get a lock offset, dealing with large offset requests. -- cgit From 65c5a1c0ba2cc3dc8e45a499c42191016e658b20 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 8 Sep 2001 02:59:23 +0000 Subject: convert more code to using d_printf (This used to be commit 60d297303488ed583537ca2853828fccd6da2ade) --- source3/smbd/reply.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0d1d5eed7c..c2d38a1076 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4045,7 +4045,6 @@ SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format /**************************************************************************** Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-). ****************************************************************************/ - static uint32 map_lock_offset(uint32 high, uint32 low) { unsigned int i; -- cgit From b800a36b1c81fb37ca963acdc49978ff065fb0d7 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 12 Sep 2001 06:39:50 +0000 Subject: Some patches to authentication: - the usersupplied_info now contains a smb_username (as it comes across on the wire) and a unix_username (after being passed through mapping functions) - when doing security={server,domain} use the smb_username, otherwise use the unix_username (This used to be commit d34fd8ec0716127c7a68eeb8e77d1ae8cc07b547) --- source3/smbd/reply.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c2d38a1076..9e88f58fa6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -462,7 +462,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out smb_username.str = user; smb_username.len = strlen(smb_username.str); - user_info.requested_username = smb_username; /* For the time-being */ + user_info.unix_username = smb_username; /* For the time-being */ user_info.smb_username = smb_username; user_info.wksta_name = wksta_name; @@ -776,7 +776,8 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int add_session_user(user); if (!guest) { - valid_password = NT_STATUS_IS_OK(pass_check_smb(user, domain, + valid_password = NT_STATUS_IS_OK(pass_check_smb(orig_user, user, + domain, (unsigned char *)smb_apasswd, smb_apasslen, (unsigned char *)smb_ntpasswd, -- cgit From 90b5a6279ee9998fa79f9420952ff954dc50c999 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 15 Sep 2001 12:16:22 +0000 Subject: This looked suspicious now we are attempting to to NTLMv2. Andrew Bartlett (This used to be commit 21baa33946a24159ebe873ac37cf30581437aa1a) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9e88f58fa6..6a8fa104fb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -592,8 +592,8 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } } - if (passlen1 != 24 && passlen2 != 24) - doencrypt = False; + if (passlen1 != 24 && passlen2 <= 24) + doencrypt = False; if (passlen1 > MAX_PASS_LEN) { overflow_attack(passlen1); -- cgit From eb8a3778d0b2e76a9aa1d02eee36ab0ee589d13a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 15 Sep 2001 12:20:21 +0000 Subject: Oops... For reference, NTLMv2 passwords are > 24 chars in length, while NTLMv1 passwords (and old LM passwords) are exactly 24 in lenghth. (This used to be commit 51baa1614d1a338f50dbf8eaa5ea31ab58c11409) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6a8fa104fb..04dcf1c0a8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -592,7 +592,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } } - if (passlen1 != 24 && passlen2 <= 24) + if (passlen1 != 24 && passlen2 < 24) doencrypt = False; if (passlen1 > MAX_PASS_LEN) { -- cgit From 7892c494e7321c64b20bf7e1d794a6b6508fe84a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 15 Sep 2001 12:55:59 +0000 Subject: Kill off the //server/share%user hack in share level security. This should help make much of this code simpiler. Andrew Bartlett (This used to be commit fb0c3629c360fd0c57129500474960e6da6f9ef0) --- source3/smbd/reply.c | 73 ++++++---------------------------------------------- 1 file changed, 8 insertions(+), 65 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 04dcf1c0a8..0b8f160854 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -163,7 +163,6 @@ int reply_tcon(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring service; - pstring user; pstring password; pstring dev; int outsize = 0; @@ -174,47 +173,19 @@ int reply_tcon(connection_struct *conn, START_PROFILE(SMBtcon); - *service = *user = *password = *dev = 0; + *service = *password = *dev = 0; p = smb_buf(inbuf)+1; p += srvstr_pull(inbuf, service, p, sizeof(service), -1, STR_TERMINATE) + 1; p += srvstr_pull(inbuf, password, p, sizeof(password), -1, STR_TERMINATE) + 1; p += srvstr_pull(inbuf, dev, p, sizeof(dev), -1, STR_TERMINATE) + 1; - *user = 0; - p = strchr_m(service,'%'); - if (p != NULL) { - *p = 0; - fstrcpy(user,p+1); - } - p = strrchr_m(service,'\\'); if (p) { pstrcpy(service, p+1); } - /* - * If the vuid is valid, we should be using that.... - */ - - if (*user == '\0' && (lp_security() != SEC_SHARE) && validated_username(vuid)) { - pstrcpy(user,validated_username(vuid)); - } else { - - /* - * Pass the user through the NT -> unix user mapping - * function. - */ - - (void)map_username(user); - - /* - * Do any UNIX username case mangling. - */ - (void)Get_Pwnam( user, True); - } - - conn = make_connection(service,user,password,pwlen,dev,vuid,&ecode); + conn = make_connection(service,password,pwlen,dev,vuid,&ecode); if (!conn) { END_PROFILE(SMBtcon); @@ -226,8 +197,8 @@ int reply_tcon(connection_struct *conn, SSVAL(outbuf,smb_vwv1,conn->cnum); SSVAL(outbuf,smb_tid,conn->cnum); - DEBUG(3,("tcon service=%s user=%s cnum=%d\n", - service, user, conn->cnum)); + DEBUG(3,("tcon service=%s cnum=%d\n", + service, conn->cnum)); END_PROFILE(SMBtcon); return(outsize); @@ -240,7 +211,6 @@ int reply_tcon(connection_struct *conn, int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { fstring service; - pstring user; pstring password; pstring devicename; NTSTATUS ecode; @@ -250,7 +220,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt char *p, *q; START_PROFILE(SMBtconX); - *service = *user = *password = *devicename = 0; + *service = *password = *devicename = 0; /* we might have to close an old one */ if ((SVAL(inbuf,smb_vwv2) & 0x1) && conn) { @@ -289,38 +259,11 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt else fstrcpy(service,path); - q = strchr_m(service,'%'); - if (q) { - *q++ = 0; - fstrcpy(user,q); - } p += srvstr_pull(inbuf, devicename, p, sizeof(devicename), 6, STR_ASCII); DEBUG(4,("Got device type %s\n",devicename)); - /* - * If the vuid is valid, we should be using that.... - */ - - if (*user == '\0' && (lp_security() != SEC_SHARE) && validated_username(vuid)) { - pstrcpy(user,validated_username(vuid)); - } else { - - /* - * Pass the user through the NT -> unix user mapping - * function. - */ - - (void)map_username(user); - - /* - * Do any UNIX username case mangling. - */ - (void)Get_Pwnam(user, True); - - } - - conn = make_connection(service,user,password,passlen,devicename,vuid,&ecode); + conn = make_connection(service,password,passlen,devicename,vuid,&ecode); if (!conn) { END_PROFILE(SMBtconX); @@ -355,8 +298,8 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } - DEBUG(3,("tconX service=%s user=%s\n", - service, user)); + DEBUG(3,("tconX service=%s \n", + service)); /* set the incoming and outgoing tid to the just created one */ SSVAL(inbuf,smb_tid,conn->cnum); -- cgit From 4d89a65a845dbf6f8fa8aa46d2631cfd3a879e0a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 16 Sep 2001 02:35:55 +0000 Subject: Start pushing the NTSTATUS stuff out to the wire for session setups. Rework the 'map to guest' code, its now possible to follow what its trying to do... Add an NT_STATUS_EQUAL(x,y) macro to make this stuff sane to look at. Andrew Bartlett (This used to be commit d618880661976644a6ee713edf969ad561e82097) --- source3/smbd/reply.c | 78 ++++++++++++++++++---------------------------------- 1 file changed, 27 insertions(+), 51 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0b8f160854..a379bf1f7f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -486,7 +486,6 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int pstring smb_apasswd; int smb_ntpasslen = 0; pstring smb_ntpasswd; - BOOL valid_password = False; pstring user; pstring orig_user; fstring domain; @@ -719,57 +718,34 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int add_session_user(user); if (!guest) { - valid_password = NT_STATUS_IS_OK(pass_check_smb(orig_user, user, - domain, - (unsigned char *)smb_apasswd, - smb_apasslen, - (unsigned char *)smb_ntpasswd, - smb_ntpasslen)); - - /* The true branch will be executed if - (1) the NT password failed (or was not tried), and - (2) LanMan authentication failed (or was disabled) - */ - if (!valid_password) - { - if (lp_security() >= SEC_USER) - { - if (lp_map_to_guest() == NEVER_MAP_TO_GUEST) - { - DEBUG(1,("Rejecting user '%s': authentication failed\n", user)); - END_PROFILE(SMBsesssetupX); - return ERROR_NT(NT_STATUS_LOGON_FAILURE); - } - - if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) - { - if (smb_getpwnam(user,True)) - { - DEBUG(1,("Rejecting user '%s': bad password\n", user)); - END_PROFILE(SMBsesssetupX); - return ERROR_NT(NT_STATUS_LOGON_FAILURE); - } - } - - /* - * ..else if lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD - * Then always map to guest account - as done below. - */ - } - - if (*smb_apasswd || !smb_getpwnam(user,True)) - pstrcpy(user,lp_guestaccount(-1)); - DEBUG(3,("Registered username %s for guest access\n",user)); - guest = True; - } - } - - if (!smb_getpwnam(user,True)) { - DEBUG(3,("No such user %s [%s] - using guest account\n",user, domain)); - pstrcpy(user,lp_guestaccount(-1)); - guest = True; + NTSTATUS nt_status; + nt_status = pass_check_smb(orig_user, user, + domain, + (unsigned char *)smb_apasswd, + smb_apasslen, + (unsigned char *)smb_ntpasswd, + smb_ntpasslen); + + if NT_STATUS_IS_OK(nt_status) { + + } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) + && lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) { + DEBUG(3,("No such user %s [%s] - using guest account\n",user, domain)); + pstrcpy(user,lp_guestaccount(-1)); + guest = True; + + } else if ((NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD) + || NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER)) + && (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD)) { + pstrcpy(user,lp_guestaccount(-1)); + DEBUG(3,("Registered username %s for guest access\n",user)); + guest = True; + + } else { + return ERROR_NT(nt_status); + } } - + if (!strequal(user,lp_guestaccount(-1)) && lp_servicenumber(user) < 0) { -- cgit From dec3cbcaf097a3d6fab9359e001279447a5f4def Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 16 Sep 2001 06:35:35 +0000 Subject: Fix up workstaion and kickoff time checks, moved to auth_smbpasswd.c where they can have general effect. Fixed up workstaion support in the rest of samba, so that we can do these checks. Pass through the workstation for cli_net_logon(), if supplied. (This used to be commit 7f04a139b2ee34b4c282590509cdf21395815a7a) --- source3/smbd/reply.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a379bf1f7f..1559cd30df 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3,7 +3,8 @@ Version 1.9. Main SMB reply routines Copyright (C) Andrew Tridgell 1992-1998 - + Copyright (C) Andrew Bartlett 2001 + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or @@ -41,6 +42,8 @@ extern int global_oplock_break; uint32 global_client_caps = 0; unsigned int smb_echo_count = 0; +extern fstring remote_machine; + /**************************************************************************** report a possible attack via the password buffer overflow bug ****************************************************************************/ @@ -66,7 +69,7 @@ int reply_special(char *inbuf,char *outbuf) int msg_type = CVAL(inbuf,0); int msg_flags = CVAL(inbuf,1); pstring name1,name2; - extern fstring remote_machine; + extern fstring local_machine; int len; char name_type = 0; @@ -637,7 +640,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } - DEBUG(3,("sesssetupX:name=[%s]\n",user)); + DEBUG(3,("sesssetupX:name=[%s]@[%s]\n",user, remote_machine)); /* If name ends in $ then I think it's asking about whether a */ /* computer with that name (minus the $) has access. For now */ @@ -720,7 +723,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if (!guest) { NTSTATUS nt_status; nt_status = pass_check_smb(orig_user, user, - domain, + domain, remote_machine, (unsigned char *)smb_apasswd, smb_apasslen, (unsigned char *)smb_ntpasswd, -- cgit From 23af0743267d250a90af77c3bbce4d5fd0cdcc00 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 17 Sep 2001 04:23:48 +0000 Subject: fixed ctemp in server and client. It turns out that ctemp on NT is completely broken, and it's pointless to emulate their brokenness completely in this case, but at least this makes us use approximately the same packet format. The spec is complelet wrong in this case (This used to be commit 2d507ec669def6d49304559e53d6c14af9b290a9) --- source3/smbd/reply.c | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1559cd30df..3dca209581 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1581,13 +1581,13 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int oplock_request = CORE_OPLOCK_REQUEST(inbuf); int tmpfd; SMB_STRUCT_STAT sbuf; - char *p; + char *p, *s; START_PROFILE(SMBctemp); createmode = SVAL(inbuf,smb_vwv0); srvstr_pull(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), -1, STR_TERMINATE); - pstrcat(fname,"/TMXXXXXX"); + pstrcat(fname,"\\TMXXXXXX"); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -1626,17 +1626,28 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); - CVAL(smb_buf(outbuf),0) = 4; - p = smb_buf(outbuf) + 1; - p += srvstr_push(outbuf, p, fname, -1, STR_TERMINATE); - set_message_end(outbuf, p); + + /* the returned filename is relative to the directory */ + s = strrchr_m(fname, '/'); + if (!s) { + s = fname; + } else { + s++; + } + + p = smb_buf(outbuf); + SSVALS(p, 0, -1); /* what is this? not in spec */ + SSVAL(p, 2, strlen(s)); + p += 4; + p += srvstr_push(outbuf, p, s, -1, STR_ASCII); + outsize = set_message_end(outbuf, p); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { - CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; } - if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) - CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) + CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; DEBUG( 2, ( "created temp file %s\n", fname ) ); DEBUG( 3, ( "ctemp %s fd=%d dmode=%d umode=%o\n", -- cgit From 61b2794968faa35dc91edce17e9b91e5366c3514 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Mon, 17 Sep 2001 11:25:41 +0000 Subject: move to SAFE_FREE() (This used to be commit a95943fde0ad89ae3f2deca2f7ba9cb5ab612b74) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3dca209581..8527ebbe34 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3051,7 +3051,7 @@ int reply_printqueue(connection_struct *conn, SSVAL(smb_buf(outbuf),1,28*count); } - if (queue) free(queue); + SAFE_FREE(queue); DEBUG(3,("%d entries returned in queue\n",count)); } -- cgit From b49a1f01b06724abb66e212f3aa641a1578d3534 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 21 Sep 2001 14:27:43 +0000 Subject: fixed the error code handling in can_delete() by converting it to NTSTATUS. This gets the right error codes in SMBunlink (This used to be commit c82f7828c05c747a5782d10c68cc2df80d4071bd) --- source3/smbd/reply.c | 41 ++++++++++++++++++++++------------------- 1 file changed, 22 insertions(+), 19 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8527ebbe34..e3c7c9b856 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1661,23 +1661,26 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, /******************************************************************* check if a user is allowed to delete a file ********************************************************************/ -static BOOL can_delete(char *fname,connection_struct *conn, int dirtype) +static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) { - SMB_STRUCT_STAT sbuf; - int fmode; + SMB_STRUCT_STAT sbuf; + int fmode; - if (!CAN_WRITE(conn)) return(False); + if (!CAN_WRITE(conn)) return NT_STATUS_MEDIA_WRITE_PROTECTED; - if (conn->vfs_ops.lstat(conn,fname,&sbuf) != 0) return(False); - fmode = dos_mode(conn,fname,&sbuf); - if (fmode & aDIR) return(False); - if (!lp_delete_readonly(SNUM(conn))) { - if (fmode & aRONLY) return(False); - } - if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) - return(False); - if (!check_file_sharing(conn,fname,False)) return(False); - return(True); + if (conn->vfs_ops.lstat(conn,fname,&sbuf) != 0) return NT_STATUS_OBJECT_NAME_NOT_FOUND; + + fmode = dos_mode(conn,fname,&sbuf); + if (fmode & aDIR) return NT_STATUS_FILE_IS_A_DIRECTORY; + if (!lp_delete_readonly(SNUM(conn))) { + if (fmode & aRONLY) return NT_STATUS_CANNOT_DELETE; + } + if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) + return NT_STATUS_CANNOT_DELETE; + + if (!check_file_sharing(conn,fname,False)) return NT_STATUS_SHARING_VIOLATION; + + return NT_STATUS_OK; } /**************************************************************************** @@ -1729,9 +1732,9 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - if (!can_delete(directory,conn,dirtype)) { - return NT_STATUS_SHARING_VIOLATION; - } + error = can_delete(directory,conn,dirtype); + if (!NT_STATUS_IS_OK(error)) return error; + if (vfs_unlink(conn,directory) == 0) { count++; } @@ -1761,9 +1764,9 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) if(!mask_match(fname, mask, case_sensitive)) continue; - error = NT_STATUS_ACCESS_DENIED; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - if (!can_delete(fname,conn,dirtype)) continue; + error = can_delete(fname,conn,dirtype); + if (!NT_STATUS_IS_OK(error)) continue; if (vfs_unlink(conn,fname) == 0) count++; DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } -- cgit From 4eb7ef6b612a98e1d71a2a0dfde7d695223a4360 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 23 Sep 2001 05:16:03 +0000 Subject: Fix up NT_STATUS return for session setups, Win2k objects to anything other than NT_STATUS_LOGON_FAILURE. This also brings us (almost) back in line with their implementation. Kill off SMBENCRYPT() macro Kill off 'nt smb support' paramater - tridge okayed this one. Andrew Bartlett (This used to be commit 67947bf6e31ee9758f8a2186f83031ba21b716f2) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e3c7c9b856..64662a54e2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -496,7 +496,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int fstring native_lanman; BOOL guest=False; static BOOL done_sesssetup = False; - BOOL doencrypt = SMBENCRYPT(); + BOOL doencrypt = lp_encrypted_passwords(); START_PROFILE(SMBsesssetupX); *smb_apasswd = 0; @@ -745,8 +745,8 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int guest = True; } else { - return ERROR_NT(nt_status); - } + return ERROR_NT(NT_STATUS_LOGON_FAILURE); + } } if (!strequal(user,lp_guestaccount(-1)) && -- cgit From 5993238b0ec5baa546d0214f1a26d174563fd43e Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 23 Sep 2001 22:51:27 +0000 Subject: Zero out these pstrings before we start: makes for much easier debugging. (This used to be commit d417b6b5cbdbb244cc683387d73a9200eef53427) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 64662a54e2..ac337f1712 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -499,8 +499,8 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int BOOL doencrypt = lp_encrypted_passwords(); START_PROFILE(SMBsesssetupX); - *smb_apasswd = 0; - *smb_ntpasswd = 0; + ZERO_STRUCT(smb_apasswd); + ZERO_STRUCT(smb_ntpasswd); smb_bufsize = SVAL(inbuf,smb_vwv2); -- cgit From 7cb54b29dc6cb3a5a021a10f34fae6ac4f43a284 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 23 Sep 2001 23:07:53 +0000 Subject: Lets call an NTSTATUS an nt_status, not an ecode. (This used to be commit b6048e28ab996ba5581cfa3b50401c0f775befdd) --- source3/smbd/reply.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ac337f1712..572ed90b32 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -171,7 +171,7 @@ int reply_tcon(connection_struct *conn, int outsize = 0; uint16 vuid = SVAL(inbuf,smb_uid); int pwlen=0; - NTSTATUS ecode; + NTSTATUS nt_status; char *p; START_PROFILE(SMBtcon); @@ -188,11 +188,11 @@ int reply_tcon(connection_struct *conn, pstrcpy(service, p+1); } - conn = make_connection(service,password,pwlen,dev,vuid,&ecode); + conn = make_connection(service,password,pwlen,dev,vuid,&nt_status); if (!conn) { END_PROFILE(SMBtcon); - return ERROR_NT(ecode); + return ERROR_NT(nt_status); } outsize = set_message(outbuf,2,0,True); @@ -216,7 +216,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt fstring service; pstring password; pstring devicename; - NTSTATUS ecode; + NTSTATUS nt_status; uint16 vuid = SVAL(inbuf,smb_uid); int passlen = SVAL(inbuf,smb_vwv3); pstring path; @@ -266,11 +266,11 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt DEBUG(4,("Got device type %s\n",devicename)); - conn = make_connection(service,password,passlen,devicename,vuid,&ecode); + conn = make_connection(service,password,passlen,devicename,vuid,&nt_status); if (!conn) { END_PROFILE(SMBtconX); - return ERROR_NT(ecode); + return ERROR_NT(nt_status); } if (Protocol < PROTOCOL_NT1) { -- cgit From 41821943daef5a4fd077e38068539ae4e24121b3 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 26 Sep 2001 13:55:59 +0000 Subject: Kill of the reply.c end of the workstaion trust account mess. Fix the NT errror codes, this time in line with WinXP/2k. - Return the normal error codes, expect for bad user/bad password. These map to logon failure, as a quick security hack. We follow suit. Simplfy some of the password extraction code, the auth subsytem has the intelegence to sort this stuff out, no need to do it here. Move to 'global_encrypted_passwords_negotiated' to determine the use of unencrypted hacks, replacing the current mess. Andrew Bartlett (This used to be commit c04f063573c61d8ef3f43815bbb9b6b076dc23eb) --- source3/smbd/reply.c | 198 +++++++++++---------------------------------------- 1 file changed, 43 insertions(+), 155 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 572ed90b32..dbd149afcf 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -43,6 +43,7 @@ uint32 global_client_caps = 0; unsigned int smb_echo_count = 0; extern fstring remote_machine; +extern BOOL global_encrypted_passwords_negotiated; /**************************************************************************** report a possible attack via the password buffer overflow bug @@ -246,7 +247,6 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt passlen = strlen(password); } - /* * the service name can be either: \\server\share * or share directly like on the DELL PowerVault 705 @@ -373,107 +373,6 @@ int reply_ioctl(connection_struct *conn, return outsize; } -/**************************************************************************** - This function breaks the authentication split. It needs sorting out. - I can't see why we can't hadle this INSIDE the check_password, as in then - end all it does it spit out an nt_status code. - ****************************************************************************/ -/**************************************************************************** - always return an error: it's just a matter of which one... - ****************************************************************************/ -static int session_trust_account(connection_struct *conn, char *inbuf, char *outbuf, char *user, - char *smb_passwd, int smb_passlen, - char *smb_nt_passwd, int smb_nt_passlen) -{ - /* check if trust account exists */ - SAM_ACCOUNT *sam_trust_acct = NULL; - uint16 acct_ctrl; - BOOL ret; - auth_usersupplied_info user_info; - auth_serversupplied_info server_info; - AUTH_STR domain, smb_username, wksta_name; - - ZERO_STRUCT(user_info); - ZERO_STRUCT(server_info); - ZERO_STRUCT(domain); - ZERO_STRUCT(smb_username); - ZERO_STRUCT(wksta_name); - - domain.str = lp_workgroup(); - domain.len = strlen(domain.str); - - user_info.requested_domain = domain; - user_info.domain = domain; - - smb_username.str = user; - smb_username.len = strlen(smb_username.str); - - user_info.unix_username = smb_username; /* For the time-being */ - user_info.smb_username = smb_username; - - user_info.wksta_name = wksta_name; - - user_info.lm_resp.buffer = (uint8 *)smb_passwd; - user_info.lm_resp.len = smb_passlen; - user_info.nt_resp.buffer = (uint8 *)smb_nt_passwd; - user_info.nt_resp.len = smb_nt_passlen; - - if (!last_challenge(user_info.chal)) { - DEBUG(1,("smb_password_ok: no challenge done - password failed\n")); - return ERROR_NT(NT_STATUS_LOGON_FAILURE); - } - - pdb_init_sam(&sam_trust_acct); - - if (lp_security() == SEC_USER) { - ret = pdb_getsampwnam(sam_trust_acct, user); - } else { - DEBUG(0,("session_trust_account: Trust account %s only supported with security = user\n", user)); - pdb_free_sam(sam_trust_acct); - return(ERROR_NT(NT_STATUS_LOGON_FAILURE)); - } - - if (ret == False) { - /* lkclXXXX: workstation entry doesn't exist */ - DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); - pdb_free_sam(sam_trust_acct); - return(ERROR_NT(NT_STATUS_NO_SUCH_USER)); - } else { - if ((smb_passlen != 24) || (smb_nt_passlen != 24)) { - DEBUG(0,("session_trust_account: Trust account %s - password length wrong.\n", user)); - pdb_free_sam(sam_trust_acct); - return(ERROR_NT(NT_STATUS_LOGON_FAILURE)); - } - - if (!NT_STATUS_IS_OK(smb_password_ok(sam_trust_acct, &user_info, &server_info))) { - DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); - pdb_free_sam(sam_trust_acct); - return(ERROR_NT(NT_STATUS_LOGON_FAILURE)); - } - - acct_ctrl = pdb_get_acct_ctrl(sam_trust_acct); - pdb_free_sam(sam_trust_acct); - if (acct_ctrl & ACB_DOMTRUST) { - DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); - return(ERROR_NT(NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); - } - - if (acct_ctrl & ACB_SVRTRUST) { - DEBUG(0,("session_trust_account: Server trust account %s denied by server\n",user)); - return(ERROR_NT(NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); - } - - if (acct_ctrl & ACB_WSTRUST) { - DEBUG(4,("session_trust_account: Wksta trust account %s denied by server\n", user)); - return(ERROR_NT(NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT)); - } - } - - /* don't know what to do: indicate logon failure */ - return(ERROR_NT(NT_STATUS_LOGON_FAILURE)); -} - - /**************************************************************************** reply to a session setup command ****************************************************************************/ @@ -496,14 +395,13 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int fstring native_lanman; BOOL guest=False; static BOOL done_sesssetup = False; - BOOL doencrypt = lp_encrypted_passwords(); + BOOL doencrypt = global_encrypted_passwords_negotiated; START_PROFILE(SMBsesssetupX); - ZERO_STRUCT(smb_apasswd); - ZERO_STRUCT(smb_ntpasswd); + *smb_apasswd = *smb_ntpasswd = 0; smb_bufsize = SVAL(inbuf,smb_vwv2); - + if (Protocol < PROTOCOL_NT1) { smb_apasslen = SVAL(inbuf,smb_vwv7); if (smb_apasslen > MAX_PASS_LEN) { @@ -513,7 +411,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); srvstr_pull(inbuf, user, smb_buf(inbuf)+smb_apasslen, sizeof(user), -1, STR_TERMINATE); - + if (!doencrypt && (lp_security() != SEC_SERVER)) { smb_apasslen = strlen(smb_apasswd); } @@ -585,27 +483,22 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } } - if(doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) { - /* Save the lanman2 password and the NT md4 password. */ - smb_apasslen = passlen1; - memcpy(smb_apasswd,p,smb_apasslen); - smb_apasswd[smb_apasslen] = 0; - smb_ntpasslen = passlen2; - memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen); - smb_ntpasswd[smb_ntpasslen] = 0; - } else { - /* we use the first password that they gave */ - smb_apasslen = passlen1; - StrnCpy(smb_apasswd,p,smb_apasslen); - - /* trim the password */ - smb_apasslen = strlen(smb_apasswd); + /* Save the lanman2 password and the NT md4 password. */ + smb_apasslen = passlen1; + memcpy(smb_apasswd,p,smb_apasslen); - /* wfwg sometimes uses a space instead of a null */ - if (strequal(smb_apasswd," ")) { - smb_apasslen = 0; - *smb_apasswd = 0; - } + smb_ntpasslen = passlen2; + memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen); + + if (smb_apasslen != 24 || !doencrypt) { + /* trim the password */ + smb_apasslen = strlen(smb_apasswd); + + /* wfwg sometimes uses a space instead of a null */ + if (strequal(smb_apasswd," ")) { + smb_apasslen = 0; + *smb_apasswd = 0; + } } p += passlen1 + passlen2; @@ -640,18 +533,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int } - DEBUG(3,("sesssetupX:name=[%s]@[%s]\n",user, remote_machine)); - - /* If name ends in $ then I think it's asking about whether a */ - /* computer with that name (minus the $) has access. For now */ - /* say yes to everything ending in $. */ - - if (*user && (user[strlen(user) - 1] == '$') && (smb_apasslen == 24) && (smb_ntpasslen == 24)) { - END_PROFILE(SMBsesssetupX); - return session_trust_account(conn, inbuf, outbuf, user, - smb_apasswd, smb_apasslen, - smb_ntpasswd, smb_ntpasslen); - } + DEBUG(3,("sesssetupX:name=[%s]\\[%s]@[%s]\n",user, domain, remote_machine)); if (done_sesssetup && lp_restrict_anonymous()) { /* tests show that even if browsing is done over already validated connections @@ -731,21 +613,27 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int if NT_STATUS_IS_OK(nt_status) { - } else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) - && lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) { - DEBUG(3,("No such user %s [%s] - using guest account\n",user, domain)); - pstrcpy(user,lp_guestaccount(-1)); - guest = True; - - } else if ((NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD) - || NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER)) - && (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD)) { - pstrcpy(user,lp_guestaccount(-1)); - DEBUG(3,("Registered username %s for guest access\n",user)); - guest = True; - + } else if NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) { + if ((lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) || + (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD)) { + DEBUG(3,("No such user %s [%s] - using guest account\n",user, domain)); + pstrcpy(user,lp_guestaccount(-1)); + guest = True; + } else { + /* Match WinXP and don't give the game away */ + return ERROR_NT(NT_STATUS_LOGON_FAILURE); + } + } else if NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD) { + if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD) { + pstrcpy(user,lp_guestaccount(-1)); + DEBUG(3,("Registered username %s for guest access\n",user)); + guest = True; + } else { + /* Match WinXP and don't give the game away */ + return ERROR_NT(NT_STATUS_LOGON_FAILURE); + } } else { - return ERROR_NT(NT_STATUS_LOGON_FAILURE); + return ERROR_NT(nt_status); } } @@ -792,10 +680,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int /* register the name and uid as being validated, so further connections to a uid can get through without a password, on the same VC */ - sess_vuid = register_vuid(uid,gid,user,current_user_info.smb_name,domain,guest, full_name); + sess_vuid = register_vuid(uid,gid,user,orig_user,domain,guest, full_name); if (sess_vuid == -1) { - return ERROR_DOS(ERRDOS,ERRnoaccess); + return ERROR_NT(NT_STATUS_LOGON_FAILURE); } -- cgit From dc1fc3ee8ec2199bc73bb5d7ec711c6800f61d65 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 2 Oct 2001 04:29:50 +0000 Subject: Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header. (This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e) --- source3/smbd/reply.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index dbd149afcf..334a48e338 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -29,7 +29,6 @@ /* look in server.c for some explanation of these variables */ extern int Protocol; -extern int DEBUGLEVEL; extern int max_send; extern int max_recv; extern char magic_char; -- cgit From 0c0dd06dbd558254ebb048223b0396454f7ee1dd Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 15 Oct 2001 07:50:21 +0000 Subject: split session setup code out of reply.c in preparation for adding NTLMSSP and kerberos support in smbd (This used to be commit 38a43d75e25bbebe0f6cdfcf389129a842ede842) --- source3/smbd/reply.c | 345 +-------------------------------------------------- 1 file changed, 1 insertion(+), 344 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 334a48e338..8b6e754549 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -44,20 +44,6 @@ unsigned int smb_echo_count = 0; extern fstring remote_machine; extern BOOL global_encrypted_passwords_negotiated; -/**************************************************************************** -report a possible attack via the password buffer overflow bug -****************************************************************************/ - -static void overflow_attack(int len) -{ - if( DEBUGLVL( 0 ) ) { - dbgtext( "ERROR: Invalid password length %d.\n", len ); - dbgtext( "Your machine may be under attack by someone " ); - dbgtext( "attempting to exploit an old bug.\n" ); - dbgtext( "Attack was from IP = %s.\n", client_addr() ); - } -} - /**************************************************************************** reply to an special message @@ -231,8 +217,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } if (passlen > MAX_PASS_LEN) { - overflow_attack(passlen); - return(ERROR_DOS(ERRDOS,ERRbuftoosmall)); + return ERROR_DOS(ERRDOS,ERRbuftoosmall); } memcpy(password,smb_buf(inbuf),passlen); @@ -372,334 +357,6 @@ int reply_ioctl(connection_struct *conn, return outsize; } -/**************************************************************************** -reply to a session setup command -****************************************************************************/ - -int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) -{ - int sess_vuid; - gid_t gid; - uid_t uid; - char* full_name; - int smb_bufsize; - int smb_apasslen = 0; - pstring smb_apasswd; - int smb_ntpasslen = 0; - pstring smb_ntpasswd; - pstring user; - pstring orig_user; - fstring domain; - fstring native_os; - fstring native_lanman; - BOOL guest=False; - static BOOL done_sesssetup = False; - BOOL doencrypt = global_encrypted_passwords_negotiated; - START_PROFILE(SMBsesssetupX); - - *smb_apasswd = *smb_ntpasswd = 0; - - smb_bufsize = SVAL(inbuf,smb_vwv2); - - if (Protocol < PROTOCOL_NT1) { - smb_apasslen = SVAL(inbuf,smb_vwv7); - if (smb_apasslen > MAX_PASS_LEN) { - overflow_attack(smb_apasslen); - return(ERROR_DOS(ERRDOS,ERRbuftoosmall)); - } - - memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); - srvstr_pull(inbuf, user, smb_buf(inbuf)+smb_apasslen, sizeof(user), -1, STR_TERMINATE); - - if (!doencrypt && (lp_security() != SEC_SERVER)) { - smb_apasslen = strlen(smb_apasswd); - } - } else { - uint16 passlen1 = SVAL(inbuf,smb_vwv7); - uint16 passlen2 = SVAL(inbuf,smb_vwv8); - enum remote_arch_types ra_type = get_remote_arch(); - char *p = smb_buf(inbuf); - - if(global_client_caps == 0) - global_client_caps = IVAL(inbuf,smb_vwv11); - - /* client_caps is used as final determination if client is NT or Win95. - This is needed to return the correct error codes in some - circumstances. - */ - - if(ra_type == RA_WINNT || ra_type == RA_WIN2K || ra_type == RA_WIN95) { - if(!(global_client_caps & (CAP_NT_SMBS | CAP_STATUS32))) { - set_remote_arch( RA_WIN95); - } - } - - if (passlen1 != 24 && passlen2 < 24) - doencrypt = False; - - if (passlen1 > MAX_PASS_LEN) { - overflow_attack(passlen1); - return ERROR_DOS(ERRDOS,ERRbuftoosmall); - } - - passlen1 = MIN(passlen1, MAX_PASS_LEN); - passlen2 = MIN(passlen2, MAX_PASS_LEN); - - if (!doencrypt) { - /* both Win95 and WinNT stuff up the password lengths for - non-encrypting systems. Uggh. - - if passlen1==24 its a win95 system, and its setting the - password length incorrectly. Luckily it still works with the - default code because Win95 will null terminate the password - anyway - - if passlen1>0 and passlen2>0 then maybe its a NT box and its - setting passlen2 to some random value which really stuffs - things up. we need to fix that one. */ - - if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24 && passlen2 != 1) - passlen2 = 0; - } - - if (lp_restrict_anonymous()) { - /* there seems to be no reason behind the differences in MS clients formatting - * various info like the domain, NativeOS, and NativeLanMan fields. Win95 - * in particular seems to have an extra null byte between the username and the - * domain, or the password length calculation is wrong, which throws off the - * string extraction routines below. This makes the value of domain be the - * empty string, which fails the restrict anonymous check further down. - * This compensates for that, and allows browsing to work in mixed NT and - * win95 environments even when restrict anonymous is true. AAB - */ - dump_data(100, p, 0x70); - DEBUG(9, ("passlen1=%d, passlen2=%d\n", passlen1, passlen2)); - if (ra_type == RA_WIN95 && !passlen1 && !passlen2 && p[0] == 0 && p[1] == 0) { - DEBUG(0, ("restrict anonymous parameter used in a win95 environment!\n")); - DEBUG(0, ("client is win95 and broken passlen1 offset -- attempting fix\n")); - DEBUG(0, ("if win95 cilents are having difficulty browsing, you will be unable to use restrict anonymous\n")); - passlen1 = 1; - } - } - - /* Save the lanman2 password and the NT md4 password. */ - smb_apasslen = passlen1; - memcpy(smb_apasswd,p,smb_apasslen); - - smb_ntpasslen = passlen2; - memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen); - - if (smb_apasslen != 24 || !doencrypt) { - /* trim the password */ - smb_apasslen = strlen(smb_apasswd); - - /* wfwg sometimes uses a space instead of a null */ - if (strequal(smb_apasswd," ")) { - smb_apasslen = 0; - *smb_apasswd = 0; - } - } - - p += passlen1 + passlen2; - p += srvstr_pull(inbuf, user, p, sizeof(user), -1, - STR_TERMINATE); - /* - * Incoming user and domain are in DOS codepage format. Convert - * to UNIX. - */ - p += srvstr_pull(inbuf, domain, p, sizeof(domain), - -1, STR_TERMINATE); - p += srvstr_pull(inbuf, native_os, p, sizeof(native_os), - -1, STR_TERMINATE); - p += srvstr_pull(inbuf, native_lanman, p, sizeof(native_lanman), - -1, STR_TERMINATE); - DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", - domain,native_os,native_lanman)); - } - - /* don't allow for weird usernames or domains */ - alpha_strcpy(user, user, ". _-$", sizeof(user)); - alpha_strcpy(domain, domain, ". _-", sizeof(domain)); - if (strstr(user, "..") || strstr(domain,"..")) { - return ERROR_NT(NT_STATUS_LOGON_FAILURE); - } - - if (lp_security() == SEC_SHARE) { - /* in share level we should ignore any passwords */ - smb_ntpasslen = 0; - smb_apasslen = 0; - guest = True; - } - - - DEBUG(3,("sesssetupX:name=[%s]\\[%s]@[%s]\n",user, domain, remote_machine)); - - if (done_sesssetup && lp_restrict_anonymous()) { - /* tests show that even if browsing is done over already validated connections - * without a username and password the domain is still provided, which it - * wouldn't be if it was a purely anonymous connection. So, in order to - * restrict anonymous, we only deny connections that have no session - * information. If a domain has been provided, then it's not a purely - * anonymous connection. AAB - */ - if (!*user && !*smb_apasswd && !*domain) { - DEBUG(0, ("restrict anonymous is True and anonymous connection attempted. Denying access.\n")); - END_PROFILE(SMBsesssetupX); - return ERROR_DOS(ERRDOS,ERRnoaccess); - } - } - - /* If no username is sent use the guest account */ - if (!*user) { - pstrcpy(user,lp_guestaccount(-1)); - guest = True; - } - - pstrcpy(current_user_info.smb_name,user); - - reload_services(True); - - /* - * Save the username before mapping. We will use - * the original username sent to us for security=server - * and security=domain checking. - */ - - pstrcpy( orig_user, user); - - /* - * Always try the "DOMAIN\user" lookup first, as this is the most - * specific case. If this fails then try the simple "user" lookup. - * But don't do this for guests, as this is always a local user. - */ - - if (!guest) { - pstring dom_user; - - /* Work out who's who */ - - slprintf(dom_user, sizeof(dom_user) - 1,"%s%s%s", - domain, lp_winbind_separator(), user); - - if (sys_getpwnam(dom_user) != NULL) { - pstrcpy(user, dom_user); - DEBUG(3,("Using unix username %s\n", dom_user)); - } - - /* - * Pass the user through the NT -> unix user mapping - * function. - */ - - (void)map_username(user); - - /* - * Do any UNIX username case mangling. - */ - smb_getpwnam(user, True); - } - - add_session_user(user); - - if (!guest) { - NTSTATUS nt_status; - nt_status = pass_check_smb(orig_user, user, - domain, remote_machine, - (unsigned char *)smb_apasswd, - smb_apasslen, - (unsigned char *)smb_ntpasswd, - smb_ntpasslen); - - if NT_STATUS_IS_OK(nt_status) { - - } else if NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_SUCH_USER) { - if ((lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_USER) || - (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD)) { - DEBUG(3,("No such user %s [%s] - using guest account\n",user, domain)); - pstrcpy(user,lp_guestaccount(-1)); - guest = True; - } else { - /* Match WinXP and don't give the game away */ - return ERROR_NT(NT_STATUS_LOGON_FAILURE); - } - } else if NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD) { - if (lp_map_to_guest() == MAP_TO_GUEST_ON_BAD_PASSWORD) { - pstrcpy(user,lp_guestaccount(-1)); - DEBUG(3,("Registered username %s for guest access\n",user)); - guest = True; - } else { - /* Match WinXP and don't give the game away */ - return ERROR_NT(NT_STATUS_LOGON_FAILURE); - } - } else { - return ERROR_NT(nt_status); - } - } - - if (!strequal(user,lp_guestaccount(-1)) && - lp_servicenumber(user) < 0) - { - add_home_service(user,get_user_home_dir(user)); - } - - - /* it's ok - setup a reply */ - if (Protocol < PROTOCOL_NT1) { - set_message(outbuf,3,0,True); - } else { - char *p; - set_message(outbuf,3,0,True); - p = smb_buf(outbuf); - p += srvstr_push(outbuf, p, "Unix", -1, STR_TERMINATE); - p += srvstr_push(outbuf, p, "Samba", -1, STR_TERMINATE); - p += srvstr_push(outbuf, p, lp_workgroup(), -1, STR_TERMINATE); - set_message_end(outbuf,p); - /* perhaps grab OS version here?? */ - } - - /* Set the correct uid in the outgoing and incoming packets - We will use this on future requests to determine which - user we should become. - */ - { - const struct passwd *pw = smb_getpwnam(user,False); - if (!pw) { - DEBUG(1,("Username %s is invalid on this system\n",user)); - END_PROFILE(SMBsesssetupX); - return ERROR_NT(NT_STATUS_LOGON_FAILURE); - } - gid = pw->pw_gid; - uid = pw->pw_uid; - full_name = pw->pw_gecos; - } - - if (guest) - SSVAL(outbuf,smb_vwv2,1); - - /* register the name and uid as being validated, so further connections - to a uid can get through without a password, on the same VC */ - - sess_vuid = register_vuid(uid,gid,user,orig_user,domain,guest, full_name); - - if (sess_vuid == -1) { - return ERROR_NT(NT_STATUS_LOGON_FAILURE); - } - - - SSVAL(outbuf,smb_uid,sess_vuid); - SSVAL(inbuf,smb_uid,sess_vuid); - - if (!done_sesssetup) - max_send = MIN(max_send,smb_bufsize); - - DEBUG(6,("Client requested max send size of %d\n", max_send)); - - done_sesssetup = True; - - END_PROFILE(SMBsesssetupX); - return chain_reply(inbuf,outbuf,length,bufsize); -} - /**************************************************************************** reply to a chkpth ****************************************************************************/ -- cgit From 6cc3953196e3feb340f7b9b7bb823575414c5683 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 19 Oct 2001 00:56:03 +0000 Subject: Restored old Bmpx code - actually used by OS/2. Jeremy. (This used to be commit 7c1688fd67c1bda1477aaf870371c825280db870) --- source3/smbd/reply.c | 304 +++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 247 insertions(+), 57 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8b6e754549..845fabda92 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3786,84 +3786,83 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); return chain_reply(inbuf,outbuf,length,bufsize); } - /**************************************************************************** - reply to a SMBreadbmpx (read block multiplex) request + Reply to a SMBreadbmpx (read block multiplex) request. ****************************************************************************/ + int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - ssize_t nread = -1; - ssize_t total_read; - char *data; - SMB_OFF_T startpos; - int outsize; - size_t maxcount; - int max_per_packet; - size_t tcount; - int pad; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - START_PROFILE(SMBreadBmpx); + ssize_t nread = -1; + ssize_t total_read; + char *data; + SMB_OFF_T startpos; + int outsize; + size_t maxcount; + int max_per_packet; + size_t tcount; + int pad; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBreadBmpx); - /* this function doesn't seem to work - disable by default */ - if (!lp_readbmpx()) { - END_PROFILE(SMBreadBmpx); - return ERROR_DOS(ERRSRV,ERRuseSTD); - } + /* this function doesn't seem to work - disable by default */ + if (!lp_readbmpx()) { + END_PROFILE(SMBreadBmpx); + return ERROR_DOS(ERRSRV,ERRuseSTD); + } - outsize = set_message(outbuf,8,0,True); + outsize = set_message(outbuf,8,0,True); - CHECK_FSP(fsp,conn); - CHECK_READ(fsp); + CHECK_FSP(fsp,conn); + CHECK_READ(fsp); - startpos = IVAL(inbuf,smb_vwv1); - maxcount = SVAL(inbuf,smb_vwv3); + startpos = IVAL(inbuf,smb_vwv1); + maxcount = SVAL(inbuf,smb_vwv3); - data = smb_buf(outbuf); - pad = ((long)data)%4; - if (pad) pad = 4 - pad; - data += pad; + data = smb_buf(outbuf); + pad = ((long)data)%4; + if (pad) + pad = 4 - pad; + data += pad; - max_per_packet = bufsize-(outsize+pad); - tcount = maxcount; - total_read = 0; + max_per_packet = bufsize-(outsize+pad); + tcount = maxcount; + total_read = 0; - if (is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { - END_PROFILE(SMBreadBmpx); - return ERROR_DOS(ERRDOS,ERRlock); - } + if (is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { + END_PROFILE(SMBreadBmpx); + return ERROR_DOS(ERRDOS,ERRlock); + } - do - { - size_t N = MIN(max_per_packet,tcount-total_read); + do { + size_t N = MIN(max_per_packet,tcount-total_read); - nread = read_file(fsp,data,startpos,N); + nread = read_file(fsp,data,startpos,N); - if (nread <= 0) nread = 0; + if (nread <= 0) + nread = 0; - if (nread < (ssize_t)N) - tcount = total_read + nread; + if (nread < (ssize_t)N) + tcount = total_read + nread; - set_message(outbuf,8,nread,False); - SIVAL(outbuf,smb_vwv0,startpos); - SSVAL(outbuf,smb_vwv2,tcount); - SSVAL(outbuf,smb_vwv6,nread); - SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf)); + set_message(outbuf,8,nread,False); + SIVAL(outbuf,smb_vwv0,startpos); + SSVAL(outbuf,smb_vwv2,tcount); + SSVAL(outbuf,smb_vwv6,nread); + SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf)); - if (!send_smb(smbd_server_fd(),outbuf)) - exit_server("reply_readbmpx: send_smb failed.\n"); + if (!send_smb(smbd_server_fd(),outbuf)) + exit_server("reply_readbmpx: send_smb failed.\n"); - total_read += nread; - startpos += nread; - } - while (total_read < (ssize_t)tcount); + total_read += nread; + startpos += nread; + } while (total_read < (ssize_t)tcount); - END_PROFILE(SMBreadBmpx); - return(-1); + END_PROFILE(SMBreadBmpx); + return(-1); } - /**************************************************************************** - reply to a SMBsetattrE + Reply to a SMBsetattrE. ****************************************************************************/ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) @@ -3919,8 +3918,199 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, } +/* Back from the dead for OS/2..... JRA. */ + +/**************************************************************************** + Reply to a SMBwritebmpx (write block multiplex primary) request. +****************************************************************************/ + +int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) +{ + size_t numtowrite; + ssize_t nwritten = -1; + int outsize = 0; + SMB_OFF_T startpos; + size_t tcount; + BOOL write_through; + int smb_doff; + char *data; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBwriteBmpx); + + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); + CHECK_ERROR(fsp); + + tcount = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv3); + write_through = BITSETW(inbuf+smb_vwv7,0); + numtowrite = SVAL(inbuf,smb_vwv10); + smb_doff = SVAL(inbuf,smb_vwv11); + + data = smb_base(inbuf) + smb_doff; + + /* If this fails we need to send an SMBwriteC response, + not an SMBwritebmpx - set this up now so we don't forget */ + CVAL(outbuf,smb_com) = SMBwritec; + + if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK,False)) { + END_PROFILE(SMBwriteBmpx); + return(ERROR_DOS(ERRDOS,ERRlock)); + } + + nwritten = write_file(fsp,data,startpos,numtowrite); + + if(lp_syncalways(SNUM(conn)) || write_through) + sync_file(conn,fsp); + + if(nwritten < (ssize_t)numtowrite) { + END_PROFILE(SMBwriteBmpx); + return(UNIXERROR(ERRHRD,ERRdiskfull)); + } + + /* If the maximum to be written to this file + is greater than what we just wrote then set + up a secondary struct to be attached to this + fd, we will use this to cache error messages etc. */ + + if((ssize_t)tcount > nwritten) { + write_bmpx_struct *wbms; + if(fsp->wbmpx_ptr != NULL) + wbms = fsp->wbmpx_ptr; /* Use an existing struct */ + else + wbms = (write_bmpx_struct *)malloc(sizeof(write_bmpx_struct)); + if(!wbms) { + DEBUG(0,("Out of memory in reply_readmpx\n")); + END_PROFILE(SMBwriteBmpx); + return(ERROR_DOS(ERRSRV,ERRnoresource)); + } + wbms->wr_mode = write_through; + wbms->wr_discard = False; /* No errors yet */ + wbms->wr_total_written = nwritten; + wbms->wr_errclass = 0; + wbms->wr_error = 0; + fsp->wbmpx_ptr = wbms; + } + + /* We are returning successfully, set the message type back to + SMBwritebmpx */ + CVAL(outbuf,smb_com) = SMBwriteBmpx; + + outsize = set_message(outbuf,1,0,True); + + SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */ + + DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n", + fsp->fnum, (int)numtowrite, (int)nwritten ) ); + + if (write_through && tcount==nwritten) { + /* We need to send both a primary and a secondary response */ + smb_setlen(outbuf,outsize - 4); + if (!send_smb(smbd_server_fd(),outbuf)) + exit_server("reply_writebmpx: send_smb failed.\n"); + + /* Now the secondary */ + outsize = set_message(outbuf,1,0,True); + CVAL(outbuf,smb_com) = SMBwritec; + SSVAL(outbuf,smb_vwv0,nwritten); + } + + END_PROFILE(SMBwriteBmpx); + return(outsize); +} + +/**************************************************************************** + Reply to a SMBwritebs (write block multiplex secondary) request. +****************************************************************************/ + +int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +{ + size_t numtowrite; + ssize_t nwritten = -1; + int outsize = 0; + SMB_OFF_T startpos; + size_t tcount; + BOOL write_through; + int smb_doff; + char *data; + write_bmpx_struct *wbms; + BOOL send_response = False; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBwriteBs); + + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); + + tcount = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv2); + numtowrite = SVAL(inbuf,smb_vwv6); + smb_doff = SVAL(inbuf,smb_vwv7); + + data = smb_base(inbuf) + smb_doff; + + /* We need to send an SMBwriteC response, not an SMBwritebs */ + CVAL(outbuf,smb_com) = SMBwritec; + + /* This fd should have an auxiliary struct attached, + check that it does */ + wbms = fsp->wbmpx_ptr; + if(!wbms) { + END_PROFILE(SMBwriteBs); + return(-1); + } + + /* If write through is set we can return errors, else we must cache them */ + write_through = wbms->wr_mode; + + /* Check for an earlier error */ + if(wbms->wr_discard) { + END_PROFILE(SMBwriteBs); + return -1; /* Just discard the packet */ + } + + nwritten = write_file(fsp,data,startpos,numtowrite); + + if(lp_syncalways(SNUM(conn)) || write_through) + sync_file(conn,fsp); + + if (nwritten < (ssize_t)numtowrite) { + if(write_through) { + /* We are returning an error - we can delete the aux struct */ + if (wbms) + free((char *)wbms); + fsp->wbmpx_ptr = NULL; + END_PROFILE(SMBwriteBs); + return(ERROR_DOS(ERRHRD,ERRdiskfull)); + } + END_PROFILE(SMBwriteBs); + return(CACHE_ERROR(wbms,ERRHRD,ERRdiskfull)); + } + + /* Increment the total written, if this matches tcount + we can discard the auxiliary struct (hurrah !) and return a writeC */ + wbms->wr_total_written += nwritten; + if(wbms->wr_total_written >= tcount) { + if (write_through) { + outsize = set_message(outbuf,1,0,True); + SSVAL(outbuf,smb_vwv0,wbms->wr_total_written); + send_response = True; + } + + free((char *)wbms); + fsp->wbmpx_ptr = NULL; + } + + if(send_response) { + END_PROFILE(SMBwriteBs); + return(outsize); + } + + END_PROFILE(SMBwriteBs); + return(-1); +} + /**************************************************************************** - reply to a SMBgetattrE + Reply to a SMBgetattrE. ****************************************************************************/ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) -- cgit From 7cd889f566ebe352721943e53a055db5b817f12f Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Sat, 20 Oct 2001 23:34:40 +0000 Subject: Converted a bunch of 0x85 constants to SMBkeepalive. (This used to be commit b16a15a13ed7d267c6366abaeeb3ccafa5776f5e) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 845fabda92..852a2d867b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -122,7 +122,7 @@ int reply_special(char *inbuf,char *outbuf) case 0x89: /* session keepalive request (some old clients produce this?) */ - CVAL(outbuf,0) = 0x85; + CVAL(outbuf,0) = SMBkeepalive; CVAL(outbuf,3) = 0; break; @@ -132,7 +132,7 @@ int reply_special(char *inbuf,char *outbuf) DEBUG(0,("Unexpected session response\n")); break; - case 0x85: /* session keepalive */ + case SMBkeepalive: /* session keepalive */ default: return(0); } -- cgit From a972d2c448d0c54c0cf0319c1a0ef5fec27b68d6 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Mon, 29 Oct 2001 13:21:29 +0000 Subject: another few changes to the new mangle code (This used to be commit 92f953c156a39b54230c52c6102a319a4a5ca798) --- source3/smbd/reply.c | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 852a2d867b..ca7bcb9c5f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3000,8 +3000,20 @@ NTSTATUS rename_internals(connection_struct *conn, * Tine Smukavec . */ +#if 0 if (!rc && is_mangled(mask)) check_mangled_cache( mask ); +#endif + if (!rc) + { + char *unmangled; + + unmangled = dos_unmangle(mask); + if (unmangled) + strncpy(mask, unmangled, strlen(unmangled) + 1); + + SAFE_FREE(unmangled); + } has_wild = ms_has_wild(mask); @@ -3350,8 +3362,21 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, * Tine Smukavec . */ - if (!rc && is_mangled(mask)) - check_mangled_cache( mask ); +#if 0 + if (!rc && is_mangled(mask)) + check_mangled_cache( mask ); +#endif + if (!rc) + { + char *unmangled; + + unmangled = dos_unmangle(mask); + if (unmangled) + strncpy(mask, unmangled, strlen(unmangled) + 1); + + SAFE_FREE(unmangled); + } + has_wild = ms_has_wild(mask); -- cgit From 60f0627afb167faad57385d44f0b587186a7ac2b Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 31 Oct 2001 10:46:25 +0000 Subject: This is a farily large patch (3300 lines) and reworks most of the AuthRewrite code. In particular this assists tpot in some of his work, becouse it provides the connection between the authenticaion and the vuid generation. Major Changes: - Fully malloc'ed structures. - Massive rework of the code so that all structures are made and destroyed using malloc and free, rather than hanging around on the stack. - SAM_ACCOUNT unix uids and gids are now pointers to the same, to allow them to be declared 'invalid' without the chance that people might get ROOT by default. - kill off some of the "DOMAIN\user" lookups. These can be readded at a more appropriate place (probably domain_client_validate.c) in the future. They don't belong in session setups. - Massive introduction of DATA_BLOB structures, particularly for passwords. - Use NTLMSSP flags to tell the backend what its getting, rather than magic lenghths. - Fix winbind back up again, but tpot is redoing this soon anyway. - Abstract much of the work in srv_netlog_nt back into auth helper functions. This is a LARGE change, and any assistance is testing it is appriciated. Domain logons are still broken (as far as I can tell) but other functionality seems intact. Needs testing with a wide variety of MS clients. Andrew Bartlett (This used to be commit f70fb819b2f57bd57232b51808345e2319d52f6c) --- source3/smbd/reply.c | 37 +++++++++++++++++++++---------------- 1 file changed, 21 insertions(+), 16 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ca7bcb9c5f..b60738d23d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -159,14 +159,16 @@ int reply_tcon(connection_struct *conn, int pwlen=0; NTSTATUS nt_status; char *p; - + DATA_BLOB password_blob; + START_PROFILE(SMBtcon); *service = *password = *dev = 0; p = smb_buf(inbuf)+1; p += srvstr_pull(inbuf, service, p, sizeof(service), -1, STR_TERMINATE) + 1; - p += srvstr_pull(inbuf, password, p, sizeof(password), -1, STR_TERMINATE) + 1; + pwlen = srvstr_pull(inbuf, password, p, sizeof(password), -1, STR_TERMINATE) + 1; + p += pwlen; p += srvstr_pull(inbuf, dev, p, sizeof(dev), -1, STR_TERMINATE) + 1; p = strrchr_m(service,'\\'); @@ -174,7 +176,9 @@ int reply_tcon(connection_struct *conn, pstrcpy(service, p+1); } - conn = make_connection(service,password,pwlen,dev,vuid,&nt_status); + password_blob = data_blob(password, pwlen+1); + + conn = make_connection(service,password_blob,dev,vuid,&nt_status); if (!conn) { END_PROFILE(SMBtcon); @@ -200,16 +204,17 @@ int reply_tcon(connection_struct *conn, int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { fstring service; - pstring password; + DATA_BLOB password; pstring devicename; NTSTATUS nt_status; uint16 vuid = SVAL(inbuf,smb_uid); int passlen = SVAL(inbuf,smb_vwv3); pstring path; char *p, *q; - START_PROFILE(SMBtconX); - - *service = *password = *devicename = 0; + extern BOOL global_encrypted_passwords_negotiated; + START_PROFILE(SMBtconX); + + *service = *devicename = 0; /* we might have to close an old one */ if ((SVAL(inbuf,smb_vwv2) & 0x1) && conn) { @@ -220,17 +225,17 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return ERROR_DOS(ERRDOS,ERRbuftoosmall); } - memcpy(password,smb_buf(inbuf),passlen); - password[passlen]=0; + if (global_encrypted_passwords_negotiated) { + password = data_blob(smb_buf(inbuf),passlen); + } else { + password = data_blob(smb_buf(inbuf),passlen+1); + /* Ensure correct termination */ + password.data[passlen]=0; + } + p = smb_buf(inbuf) + passlen; p += srvstr_pull(inbuf, path, p, sizeof(path), -1, STR_TERMINATE); - if (passlen != 24) { - if (strequal(password," ")) - *password = 0; - passlen = strlen(password); - } - /* * the service name can be either: \\server\share * or share directly like on the DELL PowerVault 705 @@ -250,7 +255,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt DEBUG(4,("Got device type %s\n",devicename)); - conn = make_connection(service,password,passlen,devicename,vuid,&nt_status); + conn = make_connection(service,password,devicename,vuid,&nt_status); if (!conn) { END_PROFILE(SMBtconX); -- cgit From bdca4e32aa1449385778d43102cce431c85f9e91 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 31 Oct 2001 12:28:40 +0000 Subject: When you make a data_blob() then you probably need to free it too... (This used to be commit 531e24973227ca4f1ae65ffb2454aedd5871de96) --- source3/smbd/reply.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b60738d23d..8a1fecba3f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -179,6 +179,8 @@ int reply_tcon(connection_struct *conn, password_blob = data_blob(password, pwlen+1); conn = make_connection(service,password_blob,dev,vuid,&nt_status); + + data_blob_clear_free(&password); if (!conn) { END_PROFILE(SMBtcon); @@ -257,6 +259,8 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt conn = make_connection(service,password,devicename,vuid,&nt_status); + data_blob_clear_free(&password); + if (!conn) { END_PROFILE(SMBtconX); return ERROR_NT(nt_status); -- cgit From acb81fe408f0e674088f0952aaba442ddb494b0c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 1 Nov 2001 05:02:41 +0000 Subject: Various post AuthRewrite cleanups, fixups and tidyups. Zero out some of the plaintext passwords for paranoia Fix up some of the other passdb backends with the change to *uid_t rather than uid_t. Make some of the code in srv_netlog_nt.c clearer, is passing an array around, so pass its lenght in is definition, not as a seperate paramater. Use sizeof() rather than magic numbers, it makes things easier to read. Cope with a PAM authenticated user who is not in /etc/passwd - currently by saying NO_SUCH_USER, but this can change in future. Andrew Bartlett (This used to be commit 514c91b16baca639bb04638042bf9894d881172a) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8a1fecba3f..54238e90e7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -180,7 +180,7 @@ int reply_tcon(connection_struct *conn, conn = make_connection(service,password_blob,dev,vuid,&nt_status); - data_blob_clear_free(&password); + data_blob_clear_free(&password_blob); if (!conn) { END_PROFILE(SMBtcon); @@ -260,7 +260,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt conn = make_connection(service,password,devicename,vuid,&nt_status); data_blob_clear_free(&password); - + if (!conn) { END_PROFILE(SMBtconX); return ERROR_NT(nt_status); -- cgit From d876260d885ad991526544756609ea38e4867028 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 5 Nov 2001 00:02:38 +0000 Subject: Don't put a \n on the end of the arg to exit_server() (This used to be commit dfb8566220c3e90ca2b757ea124f53aed103269e) --- source3/smbd/reply.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 54238e90e7..9ff74eae05 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1377,7 +1377,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size void fail_readraw(void) { pstring errstr; - slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)\n", + slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)", strerror(errno) ); exit_server(errstr); } @@ -1767,7 +1767,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, SSVALS(outbuf,smb_vwv0,-1); outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); if (!send_smb(smbd_server_fd(),outbuf)) - exit_server("reply_writebraw: send_smb failed.\n"); + exit_server("reply_writebraw: send_smb failed."); /* Now read the raw data into the buffer and write it */ if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) { @@ -2467,7 +2467,7 @@ int reply_echo(connection_struct *conn, smb_setlen(outbuf,outsize - 4); if (!send_smb(smbd_server_fd(),outbuf)) - exit_server("reply_echo: send_smb failed.\n"); + exit_server("reply_echo: send_smb failed."); } DEBUG(3,("echo %d times\n", smb_reverb)); @@ -3885,7 +3885,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf)); if (!send_smb(smbd_server_fd(),outbuf)) - exit_server("reply_readbmpx: send_smb failed.\n"); + exit_server("reply_readbmpx: send_smb failed."); total_read += nread; startpos += nread; @@ -4041,7 +4041,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, /* We need to send both a primary and a secondary response */ smb_setlen(outbuf,outsize - 4); if (!send_smb(smbd_server_fd(),outbuf)) - exit_server("reply_writebmpx: send_smb failed.\n"); + exit_server("reply_writebmpx: send_smb failed."); /* Now the secondary */ outsize = set_message(outbuf,1,0,True); -- cgit From 55dfb66079333acd8e0aee91c0ee90d0a413a8e6 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 8 Nov 2001 22:19:01 +0000 Subject: Change to guest logon code. This changes the way we process guest logons - we now treat them as normal logons, but set the 'guest' flag. In particular this is needed becouse Win2k will do an NTLMSSP login with username "", therefore missing our previous guest connection code - this is getting a pain to do as a special case all over the shop. Tridge: We don't seem to be setting a guest bit for NTLMSSP, in either the anonymous or authenticated case, can you take a look at this? Also some cleanups in the check_password() code that should make some of the debugs clearer. Various other minor cleanups: - change the session code to just take a vuser, rather than having to do a vuid lookup on vuser.vuid - Change some of the global_client_caps linking - Better debug in authorise_login(): show the vuid. Andrew Bartlett (This used to be commit 62f4e4bd0aef9ade653b3f8d575d2864c166ab4d) --- source3/smbd/reply.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9ff74eae05..98898a6551 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -35,10 +35,8 @@ extern char magic_char; extern BOOL case_sensitive; extern BOOL case_preserve; extern BOOL short_case_preserve; -extern userdom_struct current_user_info; extern pstring global_myname; extern int global_oplock_break; -uint32 global_client_caps = 0; unsigned int smb_echo_count = 0; extern fstring remote_machine; -- cgit From 67f5bea4849dd51df0b9467d033fd000a129ce3f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 9 Nov 2001 20:34:12 +0000 Subject: Fixup __LPID -> _LPID. Jeremy. (This used to be commit ab607cdf153d9187fe50af3377ece5a9fafde1b1) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 98898a6551..72e75281c6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3513,7 +3513,7 @@ uint16 get_lock_pid( char *data, int data_offset, BOOL large_file_format) if(!large_file_format) return SVAL(data,SMB_LPID_OFFSET(data_offset)); else - return SVAL(data,SMB_LARGE__LPID_OFFSET(data_offset)); + return SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset)); } /**************************************************************************** -- cgit From 1b579da9ddb4fbdcdd60ed1b50ca52b6fa1e523e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 14 Nov 2001 02:35:56 +0000 Subject: Fix from Herb. mincount/maxcount need to be ssize_t for comparisons. Jeremy. (This used to be commit 60983782ed078593d122e0c0bc6b4e17c3e56e63) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 72e75281c6..dce5873ba8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1386,7 +1386,7 @@ void fail_readraw(void) int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int dum_buffsize) { - size_t maxcount,mincount; + ssize_t maxcount,mincount; size_t nread = 0; SMB_OFF_T startpos; char *header = outbuf; -- cgit From 02eda2e251e6dcb6e0db5cd9c3cbcfa765f3d630 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 17 Nov 2001 03:19:17 +0000 Subject: Tidyups when I was doing the big merge... Jeremy. (This used to be commit 9148bb9eaa67de60c3b0b4709a9c05a840c20c66) --- source3/smbd/reply.c | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index dce5873ba8..1412905cdf 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1164,10 +1164,8 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, /* close fd from smb_mkstemp() */ close(tmpfd); - if (!fsp) - { - if((errno == ENOENT) && bad_path) - { + if (!fsp) { + if((errno == ENOENT) && bad_path) { unix_ERR_class = ERRDOS; unix_ERR_code = ERRbadpath; } @@ -1208,28 +1206,33 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(outsize); } - /******************************************************************* -check if a user is allowed to delete a file + Check if a user is allowed to delete a file. ********************************************************************/ + static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) { SMB_STRUCT_STAT sbuf; int fmode; - if (!CAN_WRITE(conn)) return NT_STATUS_MEDIA_WRITE_PROTECTED; + if (!CAN_WRITE(conn)) + return NT_STATUS_MEDIA_WRITE_PROTECTED; - if (conn->vfs_ops.lstat(conn,fname,&sbuf) != 0) return NT_STATUS_OBJECT_NAME_NOT_FOUND; + if (conn->vfs_ops.lstat(conn,fname,&sbuf) != 0) + return NT_STATUS_OBJECT_NAME_NOT_FOUND; fmode = dos_mode(conn,fname,&sbuf); - if (fmode & aDIR) return NT_STATUS_FILE_IS_A_DIRECTORY; + if (fmode & aDIR) + return NT_STATUS_FILE_IS_A_DIRECTORY; if (!lp_delete_readonly(SNUM(conn))) { - if (fmode & aRONLY) return NT_STATUS_CANNOT_DELETE; + if (fmode & aRONLY) + return NT_STATUS_CANNOT_DELETE; } if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) return NT_STATUS_CANNOT_DELETE; - if (!check_file_sharing(conn,fname,False)) return NT_STATUS_SHARING_VIOLATION; + if (!check_file_sharing(conn,fname,False)) + return NT_STATUS_SHARING_VIOLATION; return NT_STATUS_OK; } @@ -2685,7 +2688,8 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, srvstr_pull(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), -1, STR_TERMINATE); status = mkdir_internal(conn, directory); - if (!NT_STATUS_IS_OK(status)) return ERROR_NT(status); + if (!NT_STATUS_IS_OK(status)) + return ERROR_NT(status); outsize = set_message(outbuf,0,0,True); -- cgit From a8982ca90cafc62da678065cdb93d60ac2033182 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sun, 25 Nov 2001 02:23:22 +0000 Subject: I think this is a fix for the "out of space" errors with oplocks=no. Jeremy. (This used to be commit 84b62d3c8ebd78cd578ac36168631b3bbcafdd8c) --- source3/smbd/reply.c | 107 ++++++++++++++++++++++++++++----------------------- 1 file changed, 58 insertions(+), 49 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1412905cdf..675c06f75f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1904,67 +1904,76 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize) { - size_t numtowrite; - ssize_t nwritten = -1; - SMB_OFF_T startpos; - char *data; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - int outsize = 0; - START_PROFILE(SMBwrite); + size_t numtowrite; + ssize_t nwritten = -1; + SMB_OFF_T startpos; + char *data; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + int outsize = 0; + START_PROFILE(SMBwrite); - /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(conn)) { - END_PROFILE(SMBwrite); - return reply_pipe_write(inbuf,outbuf,size,dum_buffsize); - } + /* If it's an IPC, pass off the pipe handler. */ + if (IS_IPC(conn)) { + END_PROFILE(SMBwrite); + return reply_pipe_write(inbuf,outbuf,size,dum_buffsize); + } - CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); - numtowrite = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv2); - data = smb_buf(inbuf) + 3; + numtowrite = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv2); + data = smb_buf(inbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { - END_PROFILE(SMBwrite); - return ERROR_DOS(ERRDOS,ERRlock); - } + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { + END_PROFILE(SMBwrite); + return ERROR_DOS(ERRDOS,ERRlock); + } - /* X/Open SMB protocol says that if smb_vwv1 is - zero then the file size should be extended or - truncated to the size given in smb_vwv[2-3] */ - if(numtowrite == 0) { - /* This is actually an allocate call, not set EOF. JRA */ - nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos); - if (nwritten < 0) { - END_PROFILE(SMBwrite); - return ERROR_NT(NT_STATUS_DISK_FULL); - } - } else - nwritten = write_file(fsp,data,startpos,numtowrite); + /* + * X/Open SMB protocol says that if smb_vwv1 is + * zero then the file size should be extended or + * truncated to the size given in smb_vwv[2-3]. + */ + + if(numtowrite == 0) { + /* + * This is actually an allocate call, and set EOF. JRA. + */ + nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos); + if (nwritten < 0) { + END_PROFILE(SMBwrite); + return ERROR_NT(NT_STATUS_DISK_FULL); + } + nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos); + if (nwritten < 0) { + END_PROFILE(SMBwrite); + return ERROR_NT(NT_STATUS_DISK_FULL); + } + } else + nwritten = write_file(fsp,data,startpos,numtowrite); - if (lp_syncalways(SNUM(conn))) - sync_file(conn,fsp); + if (lp_syncalways(SNUM(conn))) + sync_file(conn,fsp); - if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { - END_PROFILE(SMBwrite); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } + if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { + END_PROFILE(SMBwrite); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,nwritten); + SSVAL(outbuf,smb_vwv0,nwritten); - if (nwritten < (ssize_t)numtowrite) { - CVAL(outbuf,smb_rcls) = ERRHRD; - SSVAL(outbuf,smb_err,ERRdiskfull); - } + if (nwritten < (ssize_t)numtowrite) { + CVAL(outbuf,smb_rcls) = ERRHRD; + SSVAL(outbuf,smb_err,ERRdiskfull); + } - DEBUG(3,("write fnum=%d num=%d wrote=%d\n", - fsp->fnum, (int)numtowrite, (int)nwritten)); + DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten)); - END_PROFILE(SMBwrite); - return(outsize); + END_PROFILE(SMBwrite); + return(outsize); } -- cgit From 0fd94a5c4b659e715e16fa4b2d5102520412ad55 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sun, 16 Dec 2001 21:04:19 +0000 Subject: Ensured filetimes set (by name) after close. Ignore errors. This is the correct way to ensure times set in 'pending modtime' and 'time close' are always set correctly. Inspired by patch from Juergen Hasch. Jeremy. (This used to be commit 24053858543fa6c22c0c3222570109fbfdabab9e) --- source3/smbd/reply.c | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 675c06f75f..00e0cb8b86 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2242,21 +2242,10 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * Close ordinary file. */ int close_err; + pstring file_name; - /* - * If there was a modify time outstanding, - * try and set it here. - */ - if(fsp->pending_modtime) - set_filetime(conn, fsp->fsp_name, fsp->pending_modtime); - - /* - * Now take care of any time sent in the close. - */ - mtime = make_unix_date3(inbuf+smb_vwv1); - - /* try and set the date */ - set_filetime(conn, fsp->fsp_name,mtime); + /* Save the name for time set in close. */ + pstrcpy( file_name, fsp->fsp_name); DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n", fsp->fd, fsp->fnum, @@ -2273,6 +2262,16 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, END_PROFILE(SMBclose); return (UNIXERROR(ERRHRD,ERRgeneral)); } + + /* + * Now take care of any time sent in the close. + */ + + mtime = make_unix_date3(inbuf+smb_vwv1); + + /* try and set the date */ + set_filetime(conn, file_name, mtime); + } /* We have a cached error */ -- cgit From 4fd97a7a039b94f41e676886d810be523fe2f1e9 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sat, 29 Dec 2001 09:52:24 +0000 Subject: passing NULL to print_queue_status()'s status parameter could end in a segfault (This used to be commit 79254d2b0490ba400832ef6d460895d45cc4273f) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 00e0cb8b86..12834e63a7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2586,8 +2586,9 @@ int reply_printqueue(connection_struct *conn, { print_queue_struct *queue = NULL; + print_status_struct status; char *p = smb_buf(outbuf) + 3; - int count = print_queue_status(SNUM(conn), &queue,NULL); + int count = print_queue_status(SNUM(conn), &queue, &status); int num_to_get = ABS(max_count); int first = (max_count>0?start_index:start_index+max_count+1); int i; -- cgit From 41dd759a50c53504efcd26771a265f34f20a1445 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 3 Jan 2002 20:49:06 +0000 Subject: Ensure modtime is set correctly on destination files in copy command. Jeremy. (This used to be commit fb1ab02553e01df0464f0df3eea7ae6a66b4104b) --- source3/smbd/reply.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 12834e63a7..0e7eca3ac2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3287,6 +3287,10 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size); close_file(fsp1,False); + + /* Ensure the modtime is set correctly on the destination file. */ + fsp2->pending_modtime = src_sbuf.st_mtime; + /* * As we are opening fsp1 read-only we only expect * an error on close on fsp2 if we are out of space. -- cgit From eb61d92ca7053bef9142a29f296aae695c47db33 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 4 Jan 2002 21:11:35 +0000 Subject: Re-wrote the guts of the rename_internals code to cope with a reported bug (renaming name -> name was failing, on W2K it succeeds). Simplified the common case, did a lot of work to ensure NT error codes are correctly reported back to client. Jeremy. (This used to be commit e6b27f3d8069ae304baaebe09341c58d46b05fe4) --- source3/smbd/reply.c | 117 +++++++++++++++++++++++++++++++++++---------------- 1 file changed, 80 insertions(+), 37 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0e7eca3ac2..9e6f8d24c2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2952,26 +2952,26 @@ static BOOL resolve_wildcards(char *name1,char *name2) } /******************************************************************* -check if a user is allowed to rename a file + Check if a user is allowed to rename a file. ********************************************************************/ -static BOOL can_rename(char *fname,connection_struct *conn) + +static NTSTATUS can_rename(char *fname,connection_struct *conn) { - SMB_STRUCT_STAT sbuf; + if (!CAN_WRITE(conn)) + return NT_STATUS_ACCESS_DENIED; - if (!CAN_WRITE(conn)) return(False); + if (!check_file_sharing(conn,fname,True)) + return NT_STATUS_SHARING_VIOLATION; - if (conn->vfs_ops.lstat(conn,fname,&sbuf) != 0) return(False); - if (!check_file_sharing(conn,fname,True)) return(False); - return(True); + return NT_STATUS_OK; } /**************************************************************************** The guts of the rename command, split out so it may be called by the NT SMB code. ****************************************************************************/ -NTSTATUS rename_internals(connection_struct *conn, - char *name, - char *newname, BOOL replace_if_exists) + +NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BOOL replace_if_exists) { pstring directory; pstring mask; @@ -2982,7 +2982,6 @@ NTSTATUS rename_internals(connection_struct *conn, BOOL bad_path2 = False; int count=0; NTSTATUS error = NT_STATUS_OK; - BOOL exists=False; BOOL rc = True; SMB_STRUCT_STAT sbuf1, sbuf2; @@ -3056,7 +3055,8 @@ NTSTATUS rename_internals(connection_struct *conn, pstrcpy(newname, tmpstr); } - DEBUG(3,("rename_internals: case_sensitive = %d, case_preserve = %d, short case preserve = %d, directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", + DEBUG(3,("rename_internals: case_sensitive = %d, case_preserve = %d, short case preserve = %d, \ +directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", case_sensitive, case_preserve, short_case_preserve, directory, newname, newname_last_component, is_short_name)); @@ -3093,34 +3093,76 @@ NTSTATUS rename_internals(connection_struct *conn, pstrcpy(p+1, newname_last_component); } } - - if(replace_if_exists) { - /* - * NT SMB specific flag - rename can overwrite - * file with the same name so don't check for - * vfs_file_exist(). - */ + + resolve_wildcards(directory,newname); + + /* + * The source object must exist. + */ - if(resolve_wildcards(directory,newname) && - can_rename(directory,conn) && - conn->vfs_ops.rename(conn,directory,newname) == 0) - count++; - } else { - if (resolve_wildcards(directory,newname) && - can_rename(directory,conn) && - !vfs_file_exist(conn,newname,NULL) && - conn->vfs_ops.rename(conn,directory,newname) == 0) - count++; + if (!vfs_object_exist(conn, directory, NULL)) { + DEBUG(3,("rename_internals: source doesn't exist doing rename %s -> %s\n", + directory,newname)); + + if (errno == ENOTDIR || errno == EISDIR || errno == ENOENT) { + /* + * Must return different errors depending on whether the parent + * directory existed or not. + */ + + p = strrchr_m(directory, '/'); + if (!p) + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + *p = '\0'; + if (vfs_object_exist(conn, directory, NULL)) + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + error = map_nt_error_from_unix(errno); + DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", + get_nt_error_msg(error), directory,newname)); + + return error; } - DEBUG(3,("rename_internals: %s doing rename on %s -> %s\n",(count != 0) ? "succeeded" : "failed", - directory,newname)); - - if (!count) exists = vfs_file_exist(conn,directory,NULL); - if (!count && exists && vfs_file_exist(conn,newname,NULL)) { - exists = True; - error = NT_STATUS_OBJECT_NAME_COLLISION; + error = can_rename(directory,conn); + + if (!NT_STATUS_IS_OK(error)) { + DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", + get_nt_error_msg(error), directory,newname)); + } + + /* + * If the src and dest names are identical - including case, + * don't do the rename, just return success. + */ + + if (strcsequal(directory, newname)) { + DEBUG(3,("rename_internals: identical names in rename %s - returning success\n", directory)); + return NT_STATUS_OK; } + + if(!replace_if_exists && vfs_object_exist(conn,newname,NULL)) { + DEBUG(3,("rename_internals: dest exists doing rename %s -> %s\n", + directory,newname)); + return NT_STATUS_OBJECT_NAME_COLLISION; + } + + if(conn->vfs_ops.rename(conn,directory, newname) == 0) { + DEBUG(3,("rename_internals: succeeded doing rename on %s -> %s\n", + directory,newname)); + return NT_STATUS_OK; + } + + if (errno == ENOTDIR || errno == EISDIR) + error = NT_STATUS_OBJECT_NAME_COLLISION; + else + error = map_nt_error_from_unix(errno); + + DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", + get_nt_error_msg(error), directory,newname)); + + return error; } else { /* * Wildcards - process each file that matches. @@ -3148,7 +3190,8 @@ NTSTATUS rename_internals(connection_struct *conn, error = NT_STATUS_ACCESS_DENIED; slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); - if (!can_rename(fname,conn)) { + error = can_rename(fname,conn); + if (!NT_STATUS_IS_OK(error)) { DEBUG(6,("rename %s refused\n", fname)); continue; } -- cgit From e86102e86804ec07d8dd704dac963b8b72cd0250 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 4 Jan 2002 22:30:00 +0000 Subject: Missed error return is can_rename fails. Jeremy. (This used to be commit 2db99fa49b538e230f2c606d1004871111ea2bf6) --- source3/smbd/reply.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9e6f8d24c2..c67ce357c6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3130,6 +3130,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", if (!NT_STATUS_IS_OK(error)) { DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", get_nt_error_msg(error), directory,newname)); + return error; } /* -- cgit From d6823366b881612234ab0655adb11c594f864c4a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 11 Jan 2002 19:10:25 +0000 Subject: Same fix as went into 2.2 (I'm waiting for jerry to finish some code). Jeremy. (This used to be commit 01ff6ce4963e1daff019f2b936cef218e1c93f67) --- source3/smbd/reply.c | 68 ++++++++++++++++++++++++++-------------------------- 1 file changed, 34 insertions(+), 34 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c67ce357c6..03d0c18942 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -66,8 +66,8 @@ int reply_special(char *inbuf,char *outbuf) switch (msg_type) { case 0x81: /* session request */ - CVAL(outbuf,0) = 0x82; - CVAL(outbuf,3) = 0; + SCVAL(outbuf,0,0x82); + SCVAL(outbuf,3,0); if (name_len(inbuf+4) > 50 || name_len(inbuf+4 + name_len(inbuf + 4)) > 50) { DEBUG(0,("Invalid name length in session request\n")); @@ -100,7 +100,7 @@ int reply_special(char *inbuf,char *outbuf) if (name_type == 'R') { /* We are being asked for a pathworks session --- no thanks! */ - CVAL(outbuf, 0) = 0x83; + SCVAL(outbuf, 0,0x83); break; } @@ -120,8 +120,8 @@ int reply_special(char *inbuf,char *outbuf) case 0x89: /* session keepalive request (some old clients produce this?) */ - CVAL(outbuf,0) = SMBkeepalive; - CVAL(outbuf,3) = 0; + SCVAL(outbuf,0,SMBkeepalive); + SCVAL(outbuf,3,0); break; case 0x82: /* positive session response */ @@ -651,7 +651,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (strlen(directory) == 0) pstrcpy(directory,"./"); memset((char *)status,'\0',21); - CVAL(status,0) = dirtype; + SCVAL(status,0,dirtype); } else { @@ -735,7 +735,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (numentries == 0 || !ok) { - CVAL(outbuf,smb_rcls) = ERRDOS; + SCVAL(outbuf,smb_rcls,ERRDOS); SSVAL(outbuf,smb_err,ERRnofiles); dptr_close(&dptr_num); } @@ -746,7 +746,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if(ok && expect_close && numentries == 0 && status_len == 0) { - CVAL(outbuf,smb_rcls) = ERRDOS; + SCVAL(outbuf,smb_rcls,ERRDOS); SSVAL(outbuf,smb_err,ERRnofiles); /* Also close the dptr - we know it's gone */ dptr_close(&dptr_num); @@ -758,7 +758,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SSVAL(outbuf,smb_vwv0,numentries); SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE); - CVAL(smb_buf(outbuf),0) = 5; + SCVAL(smb_buf(outbuf),0,5); SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE); if (Protocol >= PROTOCOL_NT1) { @@ -888,11 +888,11 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SSVAL(outbuf,smb_vwv6,rmode); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { - CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) - CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); END_PROFILE(SMBopen); return(outsize); } @@ -988,11 +988,11 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt */ if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) { - CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { - CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } set_message(outbuf,15,0,True); @@ -1103,11 +1103,11 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SSVAL(outbuf,smb_vwv0,fsp->fnum); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { - CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) - CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); DEBUG( 2, ( "new file %s\n", fname ) ); DEBUG( 3, ( "mknew %s fd=%d dmode=%d umode=%o\n", @@ -1192,11 +1192,11 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, outsize = set_message_end(outbuf, p); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { - CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) - CVAL(outbuf,smb_flg) |= CORE_OPLOCK_GRANTED; + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); DEBUG( 2, ( "created temp file %s\n", fname ) ); DEBUG( 3, ( "ctemp %s fd=%d dmode=%d umode=%o\n", @@ -1624,7 +1624,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int outsize += nread; SSVAL(outbuf,smb_vwv0,nread); SSVAL(outbuf,smb_vwv5,nread+3); - CVAL(smb_buf(outbuf),0) = 1; + SCVAL(smb_buf(outbuf),0,1); SSVAL(smb_buf(outbuf),1,nread); DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n", @@ -1742,8 +1742,8 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, } /* force the error type */ - CVAL(inbuf,smb_com) = SMBwritec; - CVAL(outbuf,smb_com) = SMBwritec; + SCVAL(inbuf,smb_com,SMBwritec); + SCVAL(outbuf,smb_com,SMBwritec); if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { END_PROFILE(SMBwritebraw); @@ -1764,7 +1764,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, total_written = nwritten; /* Return a message to the redirector to tell it to send more bytes */ - CVAL(outbuf,smb_com) = SMBwritebraw; + SCVAL(outbuf,smb_com,SMBwritebraw); SSVALS(outbuf,smb_vwv0,-1); outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); if (!send_smb(smbd_server_fd(),outbuf)) @@ -1780,7 +1780,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, /* Set up outbuf to return the correct return */ outsize = set_message(outbuf,1,0,True); - CVAL(outbuf,smb_com) = SMBwritec; + SCVAL(outbuf,smb_com,SMBwritec); SSVAL(outbuf,smb_vwv0,total_written); if (numtowrite != 0) { @@ -1805,7 +1805,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite); if (nwritten < (ssize_t)numtowrite) { - CVAL(outbuf,smb_rcls) = ERRHRD; + SCVAL(outbuf,smb_rcls,ERRHRD); SSVAL(outbuf,smb_err,ERRdiskfull); } @@ -1966,7 +1966,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d SSVAL(outbuf,smb_vwv0,nwritten); if (nwritten < (ssize_t)numtowrite) { - CVAL(outbuf,smb_rcls) = ERRHRD; + SCVAL(outbuf,smb_rcls,ERRHRD); SSVAL(outbuf,smb_err,ERRdiskfull); } @@ -2062,7 +2062,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1); if (nwritten < (ssize_t)numtowrite) { - CVAL(outbuf,smb_rcls) = ERRHRD; + SCVAL(outbuf,smb_rcls,ERRHRD); SSVAL(outbuf,smb_err,ERRdiskfull); } @@ -2578,7 +2578,7 @@ int reply_printqueue(connection_struct *conn, SSVAL(outbuf,smb_vwv0,0); SSVAL(outbuf,smb_vwv1,0); - CVAL(smb_buf(outbuf),0) = 1; + SCVAL(smb_buf(outbuf),0,1); SSVAL(smb_buf(outbuf),1,0); DEBUG(3,("printqueue start_index=%d max_count=%d\n", @@ -2601,10 +2601,10 @@ int reply_printqueue(connection_struct *conn, for (i=first;i0?first+count:first-1)); - CVAL(smb_buf(outbuf),0) = 1; + SCVAL(smb_buf(outbuf),0,1); SSVAL(smb_buf(outbuf),1,28*count); } @@ -3557,7 +3557,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } outsize = set_message(outbuf,0,0,True); - CVAL(outbuf,smb_reh) = CVAL(inbuf,smb_reh); + SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh)); DEBUG(3,("setdir %s\n", newdir)); @@ -4044,7 +4044,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, /* If this fails we need to send an SMBwriteC response, not an SMBwritebmpx - set this up now so we don't forget */ - CVAL(outbuf,smb_com) = SMBwritec; + SCVAL(outbuf,smb_com,SMBwritec); if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK,False)) { END_PROFILE(SMBwriteBmpx); @@ -4087,7 +4087,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, /* We are returning successfully, set the message type back to SMBwritebmpx */ - CVAL(outbuf,smb_com) = SMBwriteBmpx; + SCVAL(outbuf,smb_com,SMBwriteBmpx); outsize = set_message(outbuf,1,0,True); @@ -4104,7 +4104,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, /* Now the secondary */ outsize = set_message(outbuf,1,0,True); - CVAL(outbuf,smb_com) = SMBwritec; + SCVAL(outbuf,smb_com,SMBwritec); SSVAL(outbuf,smb_vwv0,nwritten); } @@ -4142,7 +4142,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz data = smb_base(inbuf) + smb_doff; /* We need to send an SMBwriteC response, not an SMBwritebs */ - CVAL(outbuf,smb_com) = SMBwritec; + SCVAL(outbuf,smb_com,SMBwritec); /* This fd should have an auxiliary struct attached, check that it does */ -- cgit From 9d8ed7220fed8a3b7ff9d45b9c5902c3255956ac Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 25 Jan 2002 20:16:14 +0000 Subject: Fixed display of "remote downlevel document" in old print job submission case. Jeremy. (This used to be commit 248770d73072e36fd9812ec5986dce5380dfab33) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 03d0c18942..3233168ffc 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2504,7 +2504,7 @@ int reply_printopen(connection_struct *conn, } /* Open for exclusive use, write only. */ - fsp = print_fsp_open(conn); + fsp = print_fsp_open(conn, NULL); if (!fsp) { END_PROFILE(SMBsplopen); -- cgit From cd68afe31256ad60748b34f7318a180cfc2127cc Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 30 Jan 2002 06:08:46 +0000 Subject: Removed version number from file header. Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa) --- source3/smbd/reply.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3233168ffc..c7f805122d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1,6 +1,5 @@ /* - Unix SMB/Netbios implementation. - Version 1.9. + Unix SMB/CIFS implementation. Main SMB reply routines Copyright (C) Andrew Tridgell 1992-1998 Copyright (C) Andrew Bartlett 2001 -- cgit From 2da4d64cfcf289d18d622c67d3250c51e6b88466 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 27 Feb 2002 21:46:53 +0000 Subject: Added "nt status support" parameter. Fix offline synchronisation. Jeremy. (This used to be commit 9243a9778e52999d5c62cba484640637b24994d8) --- source3/smbd/reply.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c7f805122d..0a349a9c8a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -482,9 +482,8 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size put_dos_date3(outbuf,smb_vwv1,mtime); SIVAL(outbuf,smb_vwv3,(uint32)size); - if (Protocol >= PROTOCOL_NT1) { - SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | 0x40); /* IS_LONG_NAME */ - } + if (Protocol >= PROTOCOL_NT1) + SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME); DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, (uint32)size ) ); @@ -760,9 +759,8 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SCVAL(smb_buf(outbuf),0,5); SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE); - if (Protocol >= PROTOCOL_NT1) { - SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | 0x40); /* IS_LONG_NAME */ - } + if (Protocol >= PROTOCOL_NT1) + SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME); outsize += DIR_STRUCT_SIZE*numentries; smb_setlen(outbuf,outsize - 4); -- cgit From 5d1db25abd340c2c689f913788911b3a2f411b38 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 5 Mar 2002 01:43:50 +0000 Subject: Mask off the aDIR on setfileinfo. Jeremy. (This used to be commit d9cb1bf20ac8a739102b03d9a70e34fe5cb2f0f7) --- source3/smbd/reply.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0a349a9c8a..0de0e15274 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -517,6 +517,9 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (VALID_STAT_OF_DIR(sbuf)) mode |= aDIR; + else + mode &= ~aDIR; + if (check_name(fname,conn)) ok = (file_chmod(conn,fname,mode,NULL) == 0); if (ok) -- cgit From 57970fd4e29ec6d90540049147e763bd69ee9e04 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 11 Mar 2002 01:34:14 +0000 Subject: make sure we give an error for unknown lockingX locktype bits (This used to be commit 72cb43b912a4c1831f9d7b2fd23ce51aebb09c8f) --- source3/smbd/reply.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0de0e15274..9d5d34e410 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3722,6 +3722,13 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, CHECK_FSP(fsp,conn); data = smb_buf(inbuf); + + if (locktype & (LOCKING_ANDX_CANCEL_LOCK | LOCKING_ANDX_CHANGE_LOCKTYPE)) { + /* we don't support these - and CANCEL_LOCK makes w2k + and XP reboot so I don't really want to be + compatible! (tridge) */ + return ERROR_NT(NT_STATUS_NOT_SUPPORTED); + } /* Check if this is an oplock break on a file we have granted an oplock on. -- cgit From 5e3b923124e82b1d19875746676df13cfdb0f918 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 13 Mar 2002 20:28:19 +0000 Subject: include/smb_macros.h: Don't round up an allocation if the size is zero. "One of these locks is not like the others... One of these locks is not quite the same" :-). When is a zero timeout lock not zero ? When it's being processed by Windows 2000 of course.. This code change, ugly though it is - completely fixes the foxpro/access multi-user file system database problems that people have been having. I used a *wonderful* test program donated by "Gerald Drouillard" which allowed me to completely reproduce this problem, and to finally determine the correct fix. This also explains why Windows 2000 is *so slow* when responding to the smbtorture lock tests. I *love* it when all these things come together and finally make sense :-). Jeremy. (This used to be commit 8aa9860ea2ea7f5aed4b6aa12794fffdfa81b0d0) --- source3/smbd/reply.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9d5d34e410..cbcad435d2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1545,7 +1545,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * for a write lock. JRA. */ - status = do_lock(fsp, conn, SVAL(inbuf,smb_pid), + status = do_lock_spin(fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK); if (NT_STATUS_V(status)) { @@ -2366,7 +2366,7 @@ int reply_lock(connection_struct *conn, DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fd, fsp->fnum, (double)offset, (double)count)); - status = do_lock(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK); + status = do_lock_spin(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK); if (NT_STATUS_V(status)) { if (lp_blocking_locks(SNUM(conn))) { /* @@ -3808,6 +3808,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); } /* Setup the timeout in seconds. */ + lock_timeout = ((lock_timeout == -1) ? -1 : lock_timeout/1000); /* Now do any requested locks */ @@ -3829,10 +3830,11 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); return ERROR_DOS(ERRDOS,ERRnoaccess); } - DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid %u, file %s\n", - (double)offset, (double)count, (unsigned int)lock_pid, fsp->fsp_name )); + DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid %u, file %s timeout = %d\n", + (double)offset, (double)count, (unsigned int)lock_pid, + (int)lock_timeout, fsp->fsp_name )); - status = do_lock(fsp,conn,lock_pid, count,offset, + status = do_lock_spin(fsp,conn,lock_pid, count,offset, ((locktype & 1) ? READ_LOCK : WRITE_LOCK)); if (NT_STATUS_V(status)) { if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn))) { -- cgit From 2ba1950c799137589c4111c9406f88a8f7526e0b Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 13 Mar 2002 22:55:47 +0000 Subject: Fixed bodgy printf arguments in debug statment. Who would have guessed it - we now use floating point maths in Samba. (This used to be commit 6a053fa770b69f21fef52966a0b577b7ac9e817e) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index cbcad435d2..8f6ff9cb34 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3832,7 +3832,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid %u, file %s timeout = %d\n", (double)offset, (double)count, (unsigned int)lock_pid, - (int)lock_timeout, fsp->fsp_name )); + fsp->fsp_name, (int)lock_timeout )); status = do_lock_spin(fsp,conn,lock_pid, count,offset, ((locktype & 1) ? READ_LOCK : WRITE_LOCK)); -- cgit From 65c007b583e2107f5ad1ba6733d3e578a143863e Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 15 Mar 2002 08:14:10 +0000 Subject: syncing up printing code with SAMBA_2_2 (already done some merges in the reverse). * add in new printer change notify code from SAMBA_2_2 * add in se_map_standard() from 2.2 in _spoolss_open_printer_ex() * sync up the _print_queue_struct in smb.h (why did someone change the user/file names in fs_user/fs_file (or vice-versa) ? ) * sync up some cli_spoolss_XXX functions (This used to be commit 5760315c1de4033fdc22684c940f18010010924f) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8f6ff9cb34..e72b6a7319 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2605,7 +2605,7 @@ int reply_printqueue(connection_struct *conn, SSVAL(p,5, queue[i].job); SIVAL(p,7,queue[i].size); SCVAL(p,11,0); - srvstr_push(outbuf, p+12, queue[i].user, 16, STR_ASCII); + srvstr_push(outbuf, p+12, queue[i].fs_user, 16, STR_ASCII); p += 28; } -- cgit From ab13654dc9ac23872e4d1384e1c54e336f113009 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Sun, 17 Mar 2002 04:36:35 +0000 Subject: Renamed get_nt_error_msg() to nt_errstr(). (This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e72b6a7319..1b7db5f0a7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3120,7 +3120,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", } error = map_nt_error_from_unix(errno); DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", - get_nt_error_msg(error), directory,newname)); + nt_errstr(error), directory,newname)); return error; } @@ -3129,7 +3129,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", if (!NT_STATUS_IS_OK(error)) { DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", - get_nt_error_msg(error), directory,newname)); + nt_errstr(error), directory,newname)); return error; } @@ -3161,7 +3161,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", error = map_nt_error_from_unix(errno); DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", - get_nt_error_msg(error), directory,newname)); + nt_errstr(error), directory,newname)); return error; } else { -- cgit From ffadd471b9664018b3010ab5d74e6d05b8886e66 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 19 Mar 2002 02:32:39 +0000 Subject: Sync up vfs changes from 2.2.x. Jeremy. (This used to be commit ad1e858d8e72adf924ff435eab8da3e60842e2e6) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1b7db5f0a7..0af2ea3716 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1261,7 +1261,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) p = strrchr_m(name,'/'); if (!p) { - pstrcpy(directory,"./"); + pstrcpy(directory,"."); pstrcpy(mask,name); } else { *p = 0; -- cgit From b9e91d2a8e41a43d7ebb7d7eed807a7d8de9b329 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 20 Mar 2002 00:46:53 +0000 Subject: Remove the "stat open" code - make it inline. This should fix the bugs with opening and renaming mp3 files, also the word rename problems that people have had for a while. Needs a make clean :-) make. Also added JohnR's printing fix. Jeremy. (This used to be commit 504e5ef0494c54efbd0357e334cb2aa5a9eb9c14) --- source3/smbd/reply.c | 156 ++++++++++++++++++++++++++------------------------- 1 file changed, 80 insertions(+), 76 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0af2ea3716..4dcb674ff1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2230,10 +2230,9 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, return ERROR_DOS(ERRDOS,ERRbadfid); } - if(fsp->is_directory || fsp->stat_open) { + if(fsp->is_directory) { /* - * Special case - close NT SMB directory or stat file - * handle. + * Special case - close NT SMB directory handle. */ DEBUG(3,("close %s fnum=%d\n", fsp->is_directory ? "directory" : "stat file open", fsp->fnum)); close_file(fsp,True); @@ -3969,54 +3968,55 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - struct utimbuf unix_times; - int outsize = 0; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - START_PROFILE(SMBsetattrE); + struct utimbuf unix_times; + int outsize = 0; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBsetattrE); - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,True); - CHECK_FSP(fsp,conn); + if(!fsp || (fsp->conn != conn)) { + END_PROFILE(SMBgetattrE); + return ERROR_DOS(ERRDOS,ERRbadfid); + } - /* Convert the DOS times into unix times. Ignore create - time as UNIX can't set this. - */ - unix_times.actime = make_unix_date2(inbuf+smb_vwv3); - unix_times.modtime = make_unix_date2(inbuf+smb_vwv5); + /* + * Convert the DOS times into unix times. Ignore create + * time as UNIX can't set this. + */ + + unix_times.actime = make_unix_date2(inbuf+smb_vwv3); + unix_times.modtime = make_unix_date2(inbuf+smb_vwv5); - /* - * Patch from Ray Frush - * Sometimes times are sent as zero - ignore them. - */ + /* + * Patch from Ray Frush + * Sometimes times are sent as zero - ignore them. + */ - if ((unix_times.actime == 0) && (unix_times.modtime == 0)) - { - /* Ignore request */ - if( DEBUGLVL( 3 ) ) - { - dbgtext( "reply_setattrE fnum=%d ", fsp->fnum); - dbgtext( "ignoring zero request - not setting timestamps of 0\n" ); - } - END_PROFILE(SMBsetattrE); - return(outsize); - } - else if ((unix_times.actime != 0) && (unix_times.modtime == 0)) - { - /* set modify time = to access time if modify time was 0 */ - unix_times.modtime = unix_times.actime; - } + if ((unix_times.actime == 0) && (unix_times.modtime == 0)) { + /* Ignore request */ + if( DEBUGLVL( 3 ) ) { + dbgtext( "reply_setattrE fnum=%d ", fsp->fnum); + dbgtext( "ignoring zero request - not setting timestamps of 0\n" ); + } + END_PROFILE(SMBsetattrE); + return(outsize); + } else if ((unix_times.actime != 0) && (unix_times.modtime == 0)) { + /* set modify time = to access time if modify time was 0 */ + unix_times.modtime = unix_times.actime; + } - /* Set the date on this file */ - if(file_utime(conn, fsp->fsp_name, &unix_times)) { - END_PROFILE(SMBsetattrE); - return ERROR_DOS(ERRDOS,ERRnoaccess); - } + /* Set the date on this file */ + if(file_utime(conn, fsp->fsp_name, &unix_times)) { + END_PROFILE(SMBsetattrE); + return ERROR_DOS(ERRDOS,ERRnoaccess); + } - DEBUG( 3, ( "reply_setattrE fnum=%d actime=%d modtime=%d\n", - fsp->fnum, (int)unix_times.actime, (int)unix_times.modtime ) ); + DEBUG( 3, ( "reply_setattrE fnum=%d actime=%d modtime=%d\n", + fsp->fnum, (int)unix_times.actime, (int)unix_times.modtime ) ); - END_PROFILE(SMBsetattrE); - return(outsize); + END_PROFILE(SMBsetattrE); + return(outsize); } @@ -4217,44 +4217,48 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - SMB_STRUCT_STAT sbuf; - int outsize = 0; - int mode; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - START_PROFILE(SMBgetattrE); + SMB_STRUCT_STAT sbuf; + int outsize = 0; + int mode; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBgetattrE); - outsize = set_message(outbuf,11,0,True); + outsize = set_message(outbuf,11,0,True); - CHECK_FSP(fsp,conn); + if(!fsp || (fsp->conn != conn)) { + END_PROFILE(SMBgetattrE); + return ERROR_DOS(ERRDOS,ERRbadfid); + } - /* Do an fstat on this file */ - if(vfs_fstat(fsp,fsp->fd, &sbuf)) { - END_PROFILE(SMBgetattrE); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } + /* Do an fstat on this file */ + if(fsp_stat(fsp, &sbuf)) { + END_PROFILE(SMBgetattrE); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } - mode = dos_mode(conn,fsp->fsp_name,&sbuf); + mode = dos_mode(conn,fsp->fsp_name,&sbuf); - /* Convert the times into dos times. Set create - date to be last modify date as UNIX doesn't save - this */ - put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn)))); - put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime); - put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime); - if (mode & aDIR) - { - SIVAL(outbuf,smb_vwv6,0); - SIVAL(outbuf,smb_vwv8,0); - } - else - { - SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size); - SIVAL(outbuf,smb_vwv8,SMB_ROUNDUP(sbuf.st_size,1024)); - } - SSVAL(outbuf,smb_vwv10, mode); + /* + * Convert the times into dos times. Set create + * date to be last modify date as UNIX doesn't save + * this. + */ + + put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn)))); + put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime); + put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime); + + if (mode & aDIR) { + SIVAL(outbuf,smb_vwv6,0); + SIVAL(outbuf,smb_vwv8,0); + } else { + SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size); + SIVAL(outbuf,smb_vwv8,SMB_ROUNDUP(sbuf.st_size,1024)); + } + SSVAL(outbuf,smb_vwv10, mode); - DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum)); + DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum)); - END_PROFILE(SMBgetattrE); - return(outsize); + END_PROFILE(SMBgetattrE); + return(outsize); } -- cgit From c90cd26e9430b2fc065f620bdb6aaf4be0372fcc Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 23 Mar 2002 02:57:44 +0000 Subject: Fix the mp3 rename bug - also tidy up our open code and remove the special cases for rename and unlink. Had to add desired_access into the share mode record. Jeremy. (This used to be commit 3b1b8ac43535fb0839c5474fa55bf7150f6cde31) --- source3/smbd/reply.c | 81 +++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 61 insertions(+), 20 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4dcb674ff1..b556862e68 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1206,6 +1206,41 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(outsize); } +/******************************************************************* + Check if a user is allowed to rename a file. +********************************************************************/ + +static NTSTATUS can_rename(char *fname,connection_struct *conn, SMB_STRUCT_STAT *pst) +{ + int smb_action; + int access_mode; + files_struct *fsp; + + if (!CAN_WRITE(conn)) + return NT_STATUS_MEDIA_WRITE_PROTECTED; + + if (S_ISDIR(pst->st_mode)) + return NT_STATUS_OK; + + /* We need a better way to return NT status codes from open... */ + unix_ERR_class = 0; + unix_ERR_code = 0; + + fsp = open_file_shared1(conn, fname, pst, DELETE_ACCESS, SET_DENY_MODE(DENY_ALL), + (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, 0, &access_mode, &smb_action); + + if (!fsp) { + NTSTATUS ret = NT_STATUS_ACCESS_DENIED; + if (unix_ERR_class == ERRDOS && unix_ERR_code == ERRbadshare) + ret = NT_STATUS_SHARING_VIOLATION; + unix_ERR_class = 0; + unix_ERR_code = 0; + return ret; + } + close_file(fsp,False); + return NT_STATUS_OK; +} + /******************************************************************* Check if a user is allowed to delete a file. ********************************************************************/ @@ -1214,6 +1249,9 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) { SMB_STRUCT_STAT sbuf; int fmode; + int smb_action; + int access_mode; + files_struct *fsp; if (!CAN_WRITE(conn)) return NT_STATUS_MEDIA_WRITE_PROTECTED; @@ -1231,9 +1269,22 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) return NT_STATUS_CANNOT_DELETE; - if (!check_file_sharing(conn,fname,False)) - return NT_STATUS_SHARING_VIOLATION; + /* We need a better way to return NT status codes from open... */ + unix_ERR_class = 0; + unix_ERR_code = 0; + + fsp = open_file_shared1(conn, fname, &sbuf, DELETE_ACCESS, SET_DENY_MODE(DENY_ALL), + (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, 0, &access_mode, &smb_action); + if (!fsp) { + NTSTATUS ret = NT_STATUS_ACCESS_DENIED; + if (unix_ERR_class == ERRDOS && unix_ERR_code == ERRbadshare) + ret = NT_STATUS_SHARING_VIOLATION; + unix_ERR_class = 0; + unix_ERR_code = 0; + return ret; + } + close_file(fsp,False); return NT_STATUS_OK; } @@ -2950,21 +3001,6 @@ static BOOL resolve_wildcards(char *name1,char *name2) return(True); } -/******************************************************************* - Check if a user is allowed to rename a file. -********************************************************************/ - -static NTSTATUS can_rename(char *fname,connection_struct *conn) -{ - if (!CAN_WRITE(conn)) - return NT_STATUS_ACCESS_DENIED; - - if (!check_file_sharing(conn,fname,True)) - return NT_STATUS_SHARING_VIOLATION; - - return NT_STATUS_OK; -} - /**************************************************************************** The guts of the rename command, split out so it may be called by the NT SMB code. @@ -3099,7 +3135,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", * The source object must exist. */ - if (!vfs_object_exist(conn, directory, NULL)) { + if (!vfs_object_exist(conn, directory, &sbuf1)) { DEBUG(3,("rename_internals: source doesn't exist doing rename %s -> %s\n", directory,newname)); @@ -3124,7 +3160,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", return error; } - error = can_rename(directory,conn); + error = can_rename(directory,conn,&sbuf1); if (!NT_STATUS_IS_OK(error)) { DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", @@ -3190,7 +3226,12 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", error = NT_STATUS_ACCESS_DENIED; slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); - error = can_rename(fname,conn); + if (!vfs_object_exist(conn, fname, &sbuf1)) { + error = NT_STATUS_OBJECT_NAME_NOT_FOUND; + DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(error))); + continue; + } + error = can_rename(fname,conn,&sbuf1); if (!NT_STATUS_IS_OK(error)) { DEBUG(6,("rename %s refused\n", fname)); continue; -- cgit From 8f9d7ebb35f40ab6bda8f1d6d940df8b6aec4126 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 26 Mar 2002 03:07:51 +0000 Subject: Removed unused variable. Jeremy. (This used to be commit 4eb29ac559faf29b348a4097a33f9cbf4cf9d057) --- source3/smbd/reply.c | 3 --- 1 file changed, 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b556862e68..06f068dccc 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1301,7 +1301,6 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) int count=0; NTSTATUS error = NT_STATUS_OK; BOOL has_wild; - BOOL exists=False; BOOL bad_path = False; BOOL rc = True; SMB_STRUCT_STAT sbuf; @@ -1343,8 +1342,6 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) if (vfs_unlink(conn,directory) == 0) { count++; } - if (!count) - exists = vfs_file_exist(conn,directory,&sbuf); } else { void *dirptr = NULL; char *dname; -- cgit From 2a664807c53c2af335b1473bfef1a03071e4852c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 2 Apr 2002 19:34:36 +0000 Subject: Fixed the error bad path for recursive mkdir so mkdir \a\b\c\d works. Forward ported some of the code tidyups from 2.2. Jeremy. (This used to be commit 2475c09b354cc7b5f4ce384e4497207d30f619bb) --- source3/smbd/reply.c | 56 ++++++++++++---------------------------------------- 1 file changed, 13 insertions(+), 43 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 06f068dccc..af582f1a41 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -463,12 +463,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!ok) { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - + set_bad_path_error(errno, bad_path); END_PROFILE(SMBgetatr); return(UNIXERROR(ERRDOS,ERRbadfile)); } @@ -527,12 +522,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!ok) { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - + set_bad_path_error(errno, bad_path); END_PROFILE(SMBsetatr); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -678,12 +668,8 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size { if(dptr_num == -2) { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - END_PROFILE(SMBsearch); + set_bad_path_error(errno, bad_path); + END_PROFILE(SMBsearch); return (UNIXERROR(ERRDOS,ERRnofids)); } END_PROFILE(SMBsearch); @@ -857,11 +843,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!fsp) { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } + set_bad_path_error(errno, bad_path); END_PROFILE(SMBopen); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -951,11 +933,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (!fsp) { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } + set_bad_path_error(errno, bad_path); END_PROFILE(SMBopenX); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1090,11 +1068,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!fsp) { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } + set_bad_path_error(errno, bad_path); END_PROFILE(SMBcreate); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -1164,11 +1138,8 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, /* close fd from smb_mkstemp() */ close(tmpfd); - if (!fsp) { - if((errno == ENOENT) && bad_path) { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } + if (!fsp) { + set_bad_path_error(errno, bad_path); END_PROFILE(SMBctemp); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -2724,6 +2695,9 @@ NTSTATUS mkdir_internal(connection_struct *conn, pstring directory) ret = vfs_mkdir(conn,directory,unix_mode(conn,aDIR,directory)); if (ret == -1) { + NTSTATUS nterr = set_bad_path_error(errno, bad_path); + if (!NT_STATUS_IS_OK(nterr)) + return nterr; return map_nt_error_from_unix(errno); } @@ -2916,11 +2890,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!ok) { - if((errno == ENOENT) && bad_path) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } + set_bad_path_error(errno, bad_path); END_PROFILE(SMBrmdir); return(UNIXERROR(ERRDOS,ERRbadpath)); } -- cgit From c21ff8f76209a1e7138ba06ce262a3e2c2880646 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 8 Apr 2002 01:58:44 +0000 Subject: Reintroduce the 2.2 name mangling code, until we get are more flexible solution. Even for a hash/cache setup, this code needs some more work, in particular it needs to use mangle_get_prefix() etc and to move to unicode internals. Andrew Bartlett (This used to be commit ad8aa470575c39fcbc7f1440bf1081d7ea31c0aa) --- source3/smbd/reply.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index af582f1a41..421f886283 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3021,10 +3021,10 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BO * Tine Smukavec . */ -#if 0 +#if 1 if (!rc && is_mangled(mask)) check_mangled_cache( mask ); -#endif +#else if (!rc) { char *unmangled; @@ -3035,6 +3035,7 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BO SAFE_FREE(unmangled); } +#endif has_wild = ms_has_wild(mask); @@ -3437,10 +3438,10 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, * Tine Smukavec . */ -#if 0 +#if 1 if (!rc && is_mangled(mask)) check_mangled_cache( mask ); -#endif +#else if (!rc) { char *unmangled; @@ -3451,7 +3452,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SAFE_FREE(unmangled); } - +#endif has_wild = ms_has_wild(mask); -- cgit From 4ad0ff29bf44e2506311f672bf912e7a2d39048a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 10 Apr 2002 01:04:13 +0000 Subject: Added Shirish's client side caching policy change. Jeremy. (This used to be commit 16015c07eab2e57fa3771051e3e08fde21757cfa) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 421f886283..f3b3ce4a8a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -285,7 +285,8 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt /* what does setting this bit do? It is set by NT4 and may affect the ability to autorun mounted cdroms */ - SSVAL(outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS); + SSVAL(outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS| + (lp_csc_policy(SNUM(conn)) << 2)); init_dfsroot(conn, inbuf, outbuf); } -- cgit From 9cd0306baa1b3a78b40ab97b5d199b90a4c34aa6 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 11 Apr 2002 02:20:56 +0000 Subject: This split the mangling code up to allow for the possibility of multiple mangling implementation, selectable using "mangling method = " in smb.conf It also tidies the interface a little, although it is still nasty. (This used to be commit be23d87a178e7d0691e7d942adf89bb3d2d533c2) --- source3/smbd/reply.c | 43 ++++++++++--------------------------------- 1 file changed, 10 insertions(+), 33 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f3b3ce4a8a..fbb981781f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1300,8 +1300,8 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) * Tine Smukavec . */ - if (!rc && is_mangled(mask)) - check_mangled_cache( mask ); + if (!rc && mangle_is_mangled(mask)) + mangle_check_cache( mask ); has_wild = ms_has_wild(mask); @@ -1842,12 +1842,15 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, /* we won't return a status if write through is not selected - this follows what WfWg does */ END_PROFILE(SMBwritebraw); if (!write_through && total_written==tcount) { + +#if RABBIT_PELLET_FIX /* * Fix for "rabbit pellet" mode, trigger an early TCP ack by * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA. */ if (!send_keepalive(smbd_server_fd())) exit_server("reply_writebraw: send of keepalive failed"); +#endif return(-1); } @@ -3022,21 +3025,8 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BO * Tine Smukavec . */ -#if 1 - if (!rc && is_mangled(mask)) - check_mangled_cache( mask ); -#else - if (!rc) - { - char *unmangled; - - unmangled = dos_unmangle(mask); - if (unmangled) - strncpy(mask, unmangled, strlen(unmangled) + 1); - - SAFE_FREE(unmangled); - } -#endif + if (!rc && mangle_is_mangled(mask)) + mangle_check_cache( mask ); has_wild = ms_has_wild(mask); @@ -3044,7 +3034,7 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BO /* * No wildcards - just process the one file. */ - BOOL is_short_name = is_8_3(name, True); + BOOL is_short_name = mangle_is_8_3(name, True); /* Add a terminating '/' to the directory name. */ pstrcat(directory,"/"); @@ -3439,21 +3429,8 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, * Tine Smukavec . */ -#if 1 - if (!rc && is_mangled(mask)) - check_mangled_cache( mask ); -#else - if (!rc) - { - char *unmangled; - - unmangled = dos_unmangle(mask); - if (unmangled) - strncpy(mask, unmangled, strlen(unmangled) + 1); - - SAFE_FREE(unmangled); - } -#endif + if (!rc && mangle_is_mangled(mask)) + mangle_check_cache( mask ); has_wild = ms_has_wild(mask); -- cgit From e90b65284812aaa5ff9e9935ce9bbad7791cbbcd Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 15 Jul 2002 10:35:28 +0000 Subject: updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce) --- source3/smbd/reply.c | 93 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 58 insertions(+), 35 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fbb981781f..0ccdf7c241 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -163,10 +163,10 @@ int reply_tcon(connection_struct *conn, *service = *password = *dev = 0; p = smb_buf(inbuf)+1; - p += srvstr_pull(inbuf, service, p, sizeof(service), -1, STR_TERMINATE) + 1; - pwlen = srvstr_pull(inbuf, password, p, sizeof(password), -1, STR_TERMINATE) + 1; + p += srvstr_pull_buf(inbuf, service, p, sizeof(service), STR_TERMINATE) + 1; + pwlen = srvstr_pull_buf(inbuf, password, p, sizeof(password), STR_TERMINATE) + 1; p += pwlen; - p += srvstr_pull(inbuf, dev, p, sizeof(dev), -1, STR_TERMINATE) + 1; + p += srvstr_pull_buf(inbuf, dev, p, sizeof(dev), STR_TERMINATE) + 1; p = strrchr_m(service,'\\'); if (p) { @@ -233,7 +233,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } p = smb_buf(inbuf) + passlen; - p += srvstr_pull(inbuf, path, p, sizeof(path), -1, STR_TERMINATE); + p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE); /* * the service name can be either: \\server\share @@ -377,7 +377,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SMB_STRUCT_STAT sbuf; START_PROFILE(SMBchkpth); - srvstr_pull(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), -1, STR_TERMINATE); + srvstr_pull_buf(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), STR_TERMINATE); RESOLVE_DFSPATH(name, conn, inbuf, outbuf); @@ -429,7 +429,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBgetatr); p = smb_buf(inbuf) + 1; - p += srvstr_pull(inbuf, fname, p, sizeof(fname), -1, STR_TERMINATE); + p += srvstr_pull_buf(inbuf, fname, p, sizeof(fname), STR_TERMINATE); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -505,7 +505,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBsetatr); p = smb_buf(inbuf) + 1; - p += srvstr_pull(inbuf, fname, p, sizeof(fname), -1, STR_TERMINATE); + p += srvstr_pull_buf(inbuf, fname, p, sizeof(fname), STR_TERMINATE); unix_convert(fname,conn,0,&bad_path,&sbuf); mode = SVAL(inbuf,smb_vwv0); @@ -542,23 +542,46 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size ****************************************************************************/ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = 0; - SMB_BIG_UINT dfree,dsize,bsize; - START_PROFILE(SMBdskattr); - - conn->vfs_ops.disk_free(conn,".",True,&bsize,&dfree,&dsize); - - outsize = set_message(outbuf,5,0,True); + int outsize = 0; + SMB_BIG_UINT dfree,dsize,bsize; + START_PROFILE(SMBdskattr); + + conn->vfs_ops.disk_free(conn,".",True,&bsize,&dfree,&dsize); - SSVAL(outbuf,smb_vwv0,dsize); - SSVAL(outbuf,smb_vwv1,bsize/512); - SSVAL(outbuf,smb_vwv2,512); - SSVAL(outbuf,smb_vwv3,dfree); + outsize = set_message(outbuf,5,0,True); + + if (Protocol <= PROTOCOL_LANMAN2) { + double total_space, free_space; + /* we need to scale this to a number that DOS6 can handle. We + use floating point so we can handle large drives on systems + that don't have 64 bit integers - DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree)); + we end up displaying a maximum of 2G to DOS systems + */ + total_space = dsize * (double)bsize; + free_space = dfree * (double)bsize; - END_PROFILE(SMBdskattr); - return(outsize); + dsize = (total_space+63*512) / (64*512); + dfree = (free_space+63*512) / (64*512); + + if (dsize > 0xFFFF) dsize = 0xFFFF; + if (dfree > 0xFFFF) dfree = 0xFFFF; + + SSVAL(outbuf,smb_vwv0,dsize); + SSVAL(outbuf,smb_vwv1,64); /* this must be 64 for dos systems */ + SSVAL(outbuf,smb_vwv2,512); /* and this must be 512 */ + SSVAL(outbuf,smb_vwv3,dfree); + } else { + SSVAL(outbuf,smb_vwv0,dsize); + SSVAL(outbuf,smb_vwv1,bsize/512); + SSVAL(outbuf,smb_vwv2,512); + SSVAL(outbuf,smb_vwv3,dfree); + } + + DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree)); + + END_PROFILE(SMBdskattr); + return(outsize); } @@ -602,7 +625,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size maxentries = SVAL(inbuf,smb_vwv0); dirtype = SVAL(inbuf,smb_vwv1); p = smb_buf(inbuf) + 1; - p += srvstr_pull(inbuf, path, p, sizeof(path), -1, STR_TERMINATE); + p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE); p++; status_len = SVAL(p, 0); p += 2; @@ -783,7 +806,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size outsize = set_message(outbuf,1,0,True); p = smb_buf(inbuf) + 1; - p += srvstr_pull(inbuf, path, p, sizeof(path), -1, STR_TERMINATE); + p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE); p++; status_len = SVAL(p,0); p += 2; @@ -831,7 +854,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, share_mode = SVAL(inbuf,smb_vwv0); - srvstr_pull(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), -1, STR_TERMINATE); + srvstr_pull_buf(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), STR_TERMINATE); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -921,7 +944,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } /* XXXX we need to handle passed times, sattr and flags */ - srvstr_pull(inbuf, fname, smb_buf(inbuf), sizeof(fname), -1, STR_TERMINATE); + srvstr_pull_buf(inbuf, fname, smb_buf(inbuf), sizeof(fname), STR_TERMINATE); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -1040,7 +1063,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, com = SVAL(inbuf,smb_com); createmode = SVAL(inbuf,smb_vwv0); - srvstr_pull(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), -1, STR_TERMINATE); + srvstr_pull_buf(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), STR_TERMINATE); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -1112,7 +1135,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBctemp); createmode = SVAL(inbuf,smb_vwv0); - srvstr_pull(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), -1, STR_TERMINATE); + srvstr_pull_buf(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), STR_TERMINATE); pstrcat(fname,"\\TMXXXXXX"); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -1370,7 +1393,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size dirtype = SVAL(inbuf,smb_vwv0); - srvstr_pull(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), -1, STR_TERMINATE); + srvstr_pull_buf(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), STR_TERMINATE); RESOLVE_DFSPATH(name, conn, inbuf, outbuf); @@ -2719,7 +2742,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, NTSTATUS status; START_PROFILE(SMBmkdir); - srvstr_pull(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), -1, STR_TERMINATE); + srvstr_pull_buf(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), STR_TERMINATE); status = mkdir_internal(conn, directory); if (!NT_STATUS_IS_OK(status)) @@ -2880,7 +2903,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SMB_STRUCT_STAT sbuf; START_PROFILE(SMBrmdir); - srvstr_pull(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), -1, STR_TERMINATE); + srvstr_pull_buf(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), STR_TERMINATE); RESOLVE_DFSPATH(directory, conn, inbuf, outbuf) @@ -3241,9 +3264,9 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBmv); p = smb_buf(inbuf) + 1; - p += srvstr_pull(inbuf, name, p, sizeof(name), -1, STR_TERMINATE); + p += srvstr_pull_buf(inbuf, name, p, sizeof(name), STR_TERMINATE); p++; - p += srvstr_pull(inbuf, newname, p, sizeof(newname), -1, STR_TERMINATE); + p += srvstr_pull_buf(inbuf, newname, p, sizeof(newname), STR_TERMINATE); RESOLVE_DFSPATH(name, conn, inbuf, outbuf); RESOLVE_DFSPATH(newname, conn, inbuf, outbuf); @@ -3373,8 +3396,8 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, *directory = *mask = 0; p = smb_buf(inbuf); - p += srvstr_pull(inbuf, name, p, sizeof(name), -1, STR_TERMINATE); - p += srvstr_pull(inbuf, newname, p, sizeof(newname), -1, STR_TERMINATE); + p += srvstr_pull_buf(inbuf, name, p, sizeof(name), STR_TERMINATE); + p += srvstr_pull_buf(inbuf, newname, p, sizeof(newname), STR_TERMINATE); DEBUG(3,("reply_copy : %s -> %s\n",name,newname)); @@ -3526,7 +3549,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_DOS(ERRDOS,ERRnoaccess); } - srvstr_pull(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), -1, STR_TERMINATE); + srvstr_pull_buf(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), STR_TERMINATE); if (strlen(newdir) == 0) { ok = True; -- cgit From 127e77e6e334fdc33086bffcbe00d340c0ba0097 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sat, 17 Aug 2002 15:27:10 +0000 Subject: Sync 3.0 branch with head (This used to be commit 42615b945e2e48e53a21ea47f2e45407913a6a1e) --- source3/smbd/reply.c | 53 ++++++++++++++++++++++++++++++---------------------- 1 file changed, 31 insertions(+), 22 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0ccdf7c241..c6a082d7d8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -38,7 +38,6 @@ extern pstring global_myname; extern int global_oplock_break; unsigned int smb_echo_count = 0; -extern fstring remote_machine; extern BOOL global_encrypted_passwords_negotiated; @@ -53,10 +52,11 @@ int reply_special(char *inbuf,char *outbuf) int msg_flags = CVAL(inbuf,1); pstring name1,name2; - extern fstring local_machine; int len; char name_type = 0; + static BOOL already_got_session = False; + *name1 = *name2 = 0; memset(outbuf,'\0',smb_size); @@ -65,6 +65,11 @@ int reply_special(char *inbuf,char *outbuf) switch (msg_type) { case 0x81: /* session request */ + + if (already_got_session) { + exit_server("multiple session request not permitted"); + } + SCVAL(outbuf,0,0x82); SCVAL(outbuf,3,0); if (name_len(inbuf+4) > 50 || @@ -77,24 +82,19 @@ int reply_special(char *inbuf,char *outbuf) DEBUG(2,("netbios connect: name1=%s name2=%s\n", name1,name2)); - fstrcpy(remote_machine,name2); - remote_machine[15] = 0; - trim_string(remote_machine," "," "); - strlower(remote_machine); - alpha_strcpy(remote_machine,remote_machine,SAFE_NETBIOS_CHARS,sizeof(remote_machine)-1); + name1[15] = 0; - fstrcpy(local_machine,name1); - len = strlen(local_machine); + len = strlen(name2); if (len == 16) { - name_type = local_machine[15]; - local_machine[15] = 0; + name_type = name2[15]; + name2[15] = 0; } - trim_string(local_machine," "," "); - strlower(local_machine); - alpha_strcpy(local_machine,local_machine,SAFE_NETBIOS_CHARS,sizeof(local_machine)-1); + + set_local_machine_name(name1); + set_remote_machine_name(name2); DEBUG(2,("netbios connect: local=%s remote=%s\n", - local_machine, remote_machine )); + get_local_machine_name(), get_remote_machine_name() )); if (name_type == 'R') { /* We are being asked for a pathworks session --- @@ -107,7 +107,7 @@ int reply_special(char *inbuf,char *outbuf) of possibly valid usernames if we are operating in share mode security */ if (lp_security() == SEC_SHARE) { - add_session_user(remote_machine); + add_session_user(get_remote_machine_name()); } reload_services(True); @@ -115,6 +115,7 @@ int reply_special(char *inbuf,char *outbuf) claim_connection(NULL,"",MAXSTATUS,True); + already_got_session = True; break; case 0x89: /* session keepalive request @@ -148,7 +149,8 @@ int reply_special(char *inbuf,char *outbuf) int reply_tcon(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - pstring service; + const char *service; + pstring service_buf; pstring password; pstring dev; int outsize = 0; @@ -160,17 +162,19 @@ int reply_tcon(connection_struct *conn, START_PROFILE(SMBtcon); - *service = *password = *dev = 0; + *service_buf = *password = *dev = 0; p = smb_buf(inbuf)+1; - p += srvstr_pull_buf(inbuf, service, p, sizeof(service), STR_TERMINATE) + 1; + p += srvstr_pull_buf(inbuf, service_buf, p, sizeof(service), STR_TERMINATE) + 1; pwlen = srvstr_pull_buf(inbuf, password, p, sizeof(password), STR_TERMINATE) + 1; p += pwlen; p += srvstr_pull_buf(inbuf, dev, p, sizeof(dev), STR_TERMINATE) + 1; - p = strrchr_m(service,'\\'); + p = strrchr_m(service_buf,'\\'); if (p) { - pstrcpy(service, p+1); + service = p+1; + } else { + service = service_buf; } password_blob = data_blob(password, pwlen+1); @@ -354,10 +358,13 @@ int reply_ioctl(connection_struct *conn, switch (ioctl_code) { case IOCTL_QUERY_JOB_INFO: - SSVAL(p,0,fsp->print_jobid); /* Job number */ + { + uint16 rap_jobid = pjobid_to_rap(SNUM(fsp->conn), fsp->print_jobid); + SSVAL(p,0,rap_jobid); /* Job number */ srvstr_push(outbuf, p+2, global_myname, 15, STR_TERMINATE|STR_ASCII); srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII); break; + } } END_PROFILE(SMBioctl); @@ -2744,6 +2751,8 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, srvstr_pull_buf(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), STR_TERMINATE); + RESOLVE_DFSPATH(directory, conn, inbuf, outbuf); + status = mkdir_internal(conn, directory); if (!NT_STATUS_IS_OK(status)) return ERROR_NT(status); -- cgit From a834a73e341059be154426390304a42e4a011f72 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 25 Sep 2002 15:19:00 +0000 Subject: sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139) --- source3/smbd/reply.c | 547 +++++++++++++++++++++++++++++++-------------------- 1 file changed, 333 insertions(+), 214 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c6a082d7d8..a881e135c0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -23,7 +23,6 @@ makes to handle specific protocols */ - #include "includes.h" /* look in server.c for some explanation of these variables */ @@ -40,9 +39,8 @@ unsigned int smb_echo_count = 0; extern BOOL global_encrypted_passwords_negotiated; - /**************************************************************************** - reply to an special message + Reply to an special message. ****************************************************************************/ int reply_special(char *inbuf,char *outbuf) @@ -113,7 +111,7 @@ int reply_special(char *inbuf,char *outbuf) reload_services(True); reopen_logs(); - claim_connection(NULL,"",MAXSTATUS,True); + claim_connection(NULL,"",0,True,FLAG_MSG_GENERAL|FLAG_MSG_SMBD); already_got_session = True; break; @@ -141,7 +139,6 @@ int reply_special(char *inbuf,char *outbuf) return(outsize); } - /**************************************************************************** Reply to a tcon. ****************************************************************************/ @@ -307,10 +304,10 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return chain_reply(inbuf,outbuf,length,bufsize); } - /**************************************************************************** - reply to an unknown type + Reply to an unknown type. ****************************************************************************/ + int reply_unknown(char *inbuf,char *outbuf) { int type; @@ -322,10 +319,10 @@ int reply_unknown(char *inbuf,char *outbuf) return(ERROR_DOS(ERRSRV,ERRunknownsmb)); } - /**************************************************************************** - reply to an ioctl + Reply to an ioctl. ****************************************************************************/ + int reply_ioctl(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { @@ -339,8 +336,7 @@ int reply_ioctl(connection_struct *conn, DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code)); - switch (ioctl_code) - { + switch (ioctl_code) { case IOCTL_QUERY_JOB_INFO: replysize = 32; break; @@ -355,16 +351,15 @@ int reply_ioctl(connection_struct *conn, SSVAL(outbuf,smb_vwv6,52); /* Offset to data */ p = smb_buf(outbuf) + 1; /* Allow for alignment */ - switch (ioctl_code) - { - case IOCTL_QUERY_JOB_INFO: - { - uint16 rap_jobid = pjobid_to_rap(SNUM(fsp->conn), fsp->print_jobid); - SSVAL(p,0,rap_jobid); /* Job number */ - srvstr_push(outbuf, p+2, global_myname, 15, STR_TERMINATE|STR_ASCII); - srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII); - break; - } + switch (ioctl_code) { + case IOCTL_QUERY_JOB_INFO: + { + uint16 rap_jobid = pjobid_to_rap(SNUM(fsp->conn), fsp->print_jobid); + SSVAL(p,0,rap_jobid); /* Job number */ + srvstr_push(outbuf, p+2, global_myname, 15, STR_TERMINATE|STR_ASCII); + srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII); + break; + } } END_PROFILE(SMBioctl); @@ -372,56 +367,56 @@ int reply_ioctl(connection_struct *conn, } /**************************************************************************** - reply to a chkpth + Reply to a chkpth. ****************************************************************************/ + int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = 0; - int mode; - pstring name; - BOOL ok = False; - BOOL bad_path = False; - SMB_STRUCT_STAT sbuf; - START_PROFILE(SMBchkpth); + int outsize = 0; + int mode; + pstring name; + BOOL ok = False; + BOOL bad_path = False; + SMB_STRUCT_STAT sbuf; + START_PROFILE(SMBchkpth); - srvstr_pull_buf(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), STR_TERMINATE); + srvstr_pull_buf(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), STR_TERMINATE); - RESOLVE_DFSPATH(name, conn, inbuf, outbuf); + RESOLVE_DFSPATH(name, conn, inbuf, outbuf); - unix_convert(name,conn,0,&bad_path,&sbuf); + unix_convert(name,conn,0,&bad_path,&sbuf); - mode = SVAL(inbuf,smb_vwv0); + mode = SVAL(inbuf,smb_vwv0); - if (check_name(name,conn)) { - if (VALID_STAT(sbuf) || vfs_stat(conn,name,&sbuf) == 0) - ok = S_ISDIR(sbuf.st_mode); - } + if (check_name(name,conn)) { + if (VALID_STAT(sbuf) || vfs_stat(conn,name,&sbuf) == 0) + ok = S_ISDIR(sbuf.st_mode); + } - if (!ok) { - /* We special case this - as when a Windows machine - is parsing a path is steps through the components - one at a time - if a component fails it expects - ERRbadpath, not ERRbadfile. - */ - if(errno == ENOENT) { - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); - } + if (!ok) { + /* We special case this - as when a Windows machine + is parsing a path is steps through the components + one at a time - if a component fails it expects + ERRbadpath, not ERRbadfile. + */ + if(errno == ENOENT) + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); - return(UNIXERROR(ERRDOS,ERRbadpath)); - } + return(UNIXERROR(ERRDOS,ERRbadpath)); + } - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,True); - DEBUG(3,("chkpth %s mode=%d\n", name, mode)); + DEBUG(3,("chkpth %s mode=%d\n", name, mode)); - END_PROFILE(SMBchkpth); - return(outsize); + END_PROFILE(SMBchkpth); + return(outsize); } - /**************************************************************************** - reply to a getatr + Reply to a getatr. ****************************************************************************/ + int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; @@ -494,10 +489,10 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return(outsize); } - /**************************************************************************** - reply to a setatr + Reply to a setatr. ****************************************************************************/ + int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; @@ -543,10 +538,10 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return(outsize); } - /**************************************************************************** - reply to a dskattr + Reply to a dskattr. ****************************************************************************/ + int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; @@ -591,11 +586,11 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz return(outsize); } - /**************************************************************************** - reply to a search - Can be called from SMBsearch, SMBffirst or SMBfunique. + Reply to a search. + Can be called from SMBsearch, SMBffirst or SMBfunique. ****************************************************************************/ + int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring mask; @@ -673,12 +668,16 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (strlen(directory) == 0) pstrcpy(directory,"./"); memset((char *)status,'\0',21); - SCVAL(status,0,dirtype); + SCVAL(status,0,(dirtype & 0x1F)); } else { + int status_dirtype; memcpy(status,p,21); - dirtype = CVAL(status,0) & 0x1F; + status_dirtype = CVAL(status,0) & 0x1F; + if (status_dirtype != (dirtype & 0x1F)) + dirtype = status_dirtype; + conn->dirptr = dptr_fetch(status+12,&dptr_num); if (!conn->dirptr) goto SearchEmpty; @@ -796,10 +795,10 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return(outsize); } - /**************************************************************************** - reply to a fclose (stop directory search) + Reply to a fclose (stop directory search). ****************************************************************************/ + int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; @@ -838,9 +837,8 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return(outsize); } - /**************************************************************************** - reply to an open + Reply to an open. ****************************************************************************/ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) @@ -910,10 +908,10 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(outsize); } - /**************************************************************************** - reply to an open and X + Reply to an open and X. ****************************************************************************/ + int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { pstring fname; @@ -1019,10 +1017,10 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return chain_reply(inbuf,outbuf,length,bufsize); } - /**************************************************************************** - reply to a SMBulogoffX + Reply to a SMBulogoffX. ****************************************************************************/ + int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { uint16 vuid = SVAL(inbuf,smb_uid); @@ -1049,10 +1047,10 @@ int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length, return chain_reply(inbuf,outbuf,length,bufsize); } - /**************************************************************************** - reply to a mknew or a create + Reply to a mknew or a create. ****************************************************************************/ + int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; @@ -1122,10 +1120,10 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(outsize); } - /**************************************************************************** - reply to a create temporary file + Reply to a create temporary file. ****************************************************************************/ + int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { pstring fname; @@ -1433,6 +1431,59 @@ void fail_readraw(void) exit_server(errstr); } +/**************************************************************************** + Use sendfile in readbraw. +****************************************************************************/ + +void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T startpos, size_t nread, + ssize_t mincount, char *outbuf) +{ + ssize_t ret=0; + +#if defined(WITH_SENDFILE) + /* + * We can only use sendfile on a non-chained packet and on a file + * that is exclusively oplocked. reply_readbraw has already checked the length. + */ + + if ((nread > 0) && (lp_write_cache_size(SNUM(conn)) == 0) && + EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type) && lp_use_sendfile(SNUM(conn)) ) { + DATA_BLOB header; + + _smb_setlen(outbuf,nread); + header.data = outbuf; + header.length = 4; + header.free = NULL; + + if ( conn->vfs_ops.sendfile( smbd_server_fd(), fsp, fsp->fd, &header, startpos, nread) == -1) { + /* + * Special hack for broken Linux with no 64 bit clean sendfile. If we + * return ENOSYS then pretend we just got a normal read. + */ + if (errno == ENOSYS) + goto normal_read; + + DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n", + fsp->fsp_name, strerror(errno) )); + exit_server("send_file_readbraw sendfile failed"); + } + + } + + normal_read: +#endif + + if (nread > 0) { + ret = read_file(fsp,outbuf+4,startpos,nread); + if (ret < mincount) + ret = 0; + } + + _smb_setlen(outbuf,ret); + if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret) + fail_readraw(); +} + /**************************************************************************** Reply to a readbraw (core+ protocol). ****************************************************************************/ @@ -1443,7 +1494,6 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s size_t nread = 0; SMB_OFF_T startpos; char *header = outbuf; - ssize_t ret=0; files_struct *fsp; START_PROFILE(SMBreadbraw); @@ -1547,15 +1597,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%d min=%d nread=%d\n", fsp->fnum, (double)startpos, (int)maxcount, (int)mincount, (int)nread ) ); - if (nread > 0) { - ret = read_file(fsp,header+4,startpos,nread); - if (ret < mincount) - ret = 0; - } - - _smb_setlen(header,ret); - if (write_data(smbd_server_fd(),header,4+ret) != 4+ret) - fail_readraw(); + send_file_readbraw(conn, fsp, startpos, nread, mincount, outbuf); DEBUG(5,("readbraw finished\n")); END_PROFILE(SMBreadbraw); @@ -1563,8 +1605,9 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s } /**************************************************************************** - reply to a lockread (core+ protocol) + Reply to a lockread (core+ protocol). ****************************************************************************/ + int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz) { ssize_t nread = -1; @@ -1599,15 +1642,16 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK); if (NT_STATUS_V(status)) { - if (lp_blocking_locks(SNUM(conn))) { + if (lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it * onto the blocking lock queue. */ - if(push_blocking_lock_request(inbuf, length, -1, 0)) + if(push_blocking_lock_request(inbuf, length, -1, 0)) { END_PROFILE(SMBlockread); - return -1; + return -1; + } } END_PROFILE(SMBlockread); return ERROR_NT(status); @@ -1632,132 +1676,209 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length return(outsize); } - /**************************************************************************** - reply to a read + Reply to a read. ****************************************************************************/ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - size_t numtoread; - ssize_t nread = 0; - char *data; - SMB_OFF_T startpos; - int outsize = 0; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - START_PROFILE(SMBread); - - CHECK_FSP(fsp,conn); - CHECK_READ(fsp); + size_t numtoread; + ssize_t nread = 0; + char *data; + SMB_OFF_T startpos; + int outsize = 0; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBread); - numtoread = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv2); + CHECK_FSP(fsp,conn); + CHECK_READ(fsp); + numtoread = SVAL(inbuf,smb_vwv1); + startpos = IVAL(inbuf,smb_vwv2); - outsize = set_message(outbuf,5,3,True); - numtoread = MIN(BUFFER_SIZE-outsize,numtoread); - data = smb_buf(outbuf) + 3; + outsize = set_message(outbuf,5,3,True); + numtoread = MIN(BUFFER_SIZE-outsize,numtoread); + data = smb_buf(outbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { - END_PROFILE(SMBread); - return ERROR_DOS(ERRDOS,ERRlock); - } + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { + END_PROFILE(SMBread); + return ERROR_DOS(ERRDOS,ERRlock); + } - if (numtoread > 0) - nread = read_file(fsp,data,startpos,numtoread); + if (numtoread > 0) + nread = read_file(fsp,data,startpos,numtoread); - if (nread < 0) { - END_PROFILE(SMBread); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } + if (nread < 0) { + END_PROFILE(SMBread); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } - outsize += nread; - SSVAL(outbuf,smb_vwv0,nread); - SSVAL(outbuf,smb_vwv5,nread+3); - SCVAL(smb_buf(outbuf),0,1); - SSVAL(smb_buf(outbuf),1,nread); + outsize += nread; + SSVAL(outbuf,smb_vwv0,nread); + SSVAL(outbuf,smb_vwv5,nread+3); + SCVAL(smb_buf(outbuf),0,1); + SSVAL(smb_buf(outbuf),1,nread); - DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n", - fsp->fnum, (int)numtoread, (int)nread ) ); + DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n", + fsp->fnum, (int)numtoread, (int)nread ) ); - END_PROFILE(SMBread); - return(outsize); + END_PROFILE(SMBread); + return(outsize); } +/**************************************************************************** + Reply to a read and X - possibly using sendfile. +****************************************************************************/ + +int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length, + files_struct *fsp, SMB_OFF_T startpos, size_t smb_maxcnt) +{ + ssize_t nread = -1; + char *data = smb_buf(outbuf); + +#if defined(WITH_SENDFILE) + /* + * We can only use sendfile on a non-chained packet and on a file + * that is exclusively oplocked. + */ + + if ((CVAL(inbuf,smb_vwv0) == 0xFF) && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type) && + lp_use_sendfile(SNUM(conn)) && (lp_write_cache_size(SNUM(conn)) == 0) ) { + SMB_STRUCT_STAT sbuf; + DATA_BLOB header; + + if(vfs_fstat(fsp,fsp->fd, &sbuf) == -1) + return(UNIXERROR(ERRDOS,ERRnoaccess)); + + if (startpos > sbuf.st_size) + goto normal_read; + + if (smb_maxcnt > (sbuf.st_size - startpos)) + smb_maxcnt = (sbuf.st_size - startpos); + + if (smb_maxcnt == 0) + goto normal_read; + + /* + * Set up the packet header before send. We + * assume here the sendfile will work (get the + * correct amount of data). + */ + + SSVAL(outbuf,smb_vwv5,smb_maxcnt); + SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); + SSVAL(smb_buf(outbuf),-2,smb_maxcnt); + SCVAL(outbuf,smb_vwv0,0xFF); + set_message(outbuf,12,smb_maxcnt,False); + header.data = outbuf; + header.length = data - outbuf; + header.free = NULL; + + if ( conn->vfs_ops.sendfile( smbd_server_fd(), fsp, fsp->fd, &header, startpos, smb_maxcnt) == -1) { + /* + * Special hack for broken Linux with no 64 bit clean sendfile. If we + * return ENOSYS then pretend we just got a normal read. + */ + if (errno == ENOSYS) + goto normal_read; + + DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n", + fsp->fsp_name, strerror(errno) )); + exit_server("send_file_readX sendfile failed"); + } + + DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n", + fsp->fnum, (int)smb_maxcnt, (int)nread ) ); + return -1; + } + + normal_read: + +#endif + + nread = read_file(fsp,data,startpos,smb_maxcnt); + + if (nread < 0) { + END_PROFILE(SMBreadX); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + + SSVAL(outbuf,smb_vwv5,nread); + SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); + SSVAL(smb_buf(outbuf),-2,nread); + + DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", + fsp->fnum, (int)smb_maxcnt, (int)nread ) ); + + return nread; +} /**************************************************************************** - reply to a read and X + Reply to a read and X. ****************************************************************************/ + int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - files_struct *fsp = file_fsp(inbuf,smb_vwv2); - SMB_OFF_T startpos = IVAL(inbuf,smb_vwv3); - size_t smb_maxcnt = SVAL(inbuf,smb_vwv5); - size_t smb_mincnt = SVAL(inbuf,smb_vwv6); - ssize_t nread = -1; - char *data; - START_PROFILE(SMBreadX); + files_struct *fsp = file_fsp(inbuf,smb_vwv2); + SMB_OFF_T startpos = IVAL(inbuf,smb_vwv3); + ssize_t nread = -1; + size_t smb_maxcnt = SVAL(inbuf,smb_vwv5); +#if 0 + size_t smb_mincnt = SVAL(inbuf,smb_vwv6); +#endif - /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(conn)) { - END_PROFILE(SMBreadX); - return reply_pipe_read_and_X(inbuf,outbuf,length,bufsize); - } + START_PROFILE(SMBreadX); - CHECK_FSP(fsp,conn); - CHECK_READ(fsp); + /* If it's an IPC, pass off the pipe handler. */ + if (IS_IPC(conn)) { + END_PROFILE(SMBreadX); + return reply_pipe_read_and_X(inbuf,outbuf,length,bufsize); + } + + CHECK_FSP(fsp,conn); + CHECK_READ(fsp); - set_message(outbuf,12,0,True); - data = smb_buf(outbuf); + set_message(outbuf,12,0,True); - if(CVAL(inbuf,smb_wct) == 12) { + if(CVAL(inbuf,smb_wct) == 12) { #ifdef LARGE_SMB_OFF_T - /* - * This is a large offset (64 bit) read. - */ - startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv10)) << 32); + /* + * This is a large offset (64 bit) read. + */ + startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv10)) << 32); #else /* !LARGE_SMB_OFF_T */ - /* - * Ensure we haven't been sent a >32 bit offset. - */ + /* + * Ensure we haven't been sent a >32 bit offset. + */ - if(IVAL(inbuf,smb_vwv10) != 0) { - DEBUG(0,("reply_read_and_X - large offset (%x << 32) used and we don't support \ + if(IVAL(inbuf,smb_vwv10) != 0) { + DEBUG(0,("reply_read_and_X - large offset (%x << 32) used and we don't support \ 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv10) )); - END_PROFILE(SMBreadX); - return ERROR_DOS(ERRDOS,ERRbadaccess); - } + END_PROFILE(SMBreadX); + return ERROR_DOS(ERRDOS,ERRbadaccess); + } #endif /* LARGE_SMB_OFF_T */ - } + } - if (is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { - END_PROFILE(SMBreadX); - return ERROR_DOS(ERRDOS,ERRlock); - } - nread = read_file(fsp,data,startpos,smb_maxcnt); + if (is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { + END_PROFILE(SMBreadX); + return ERROR_DOS(ERRDOS,ERRlock); + } - if (nread < 0) { - END_PROFILE(SMBreadX); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - - SSVAL(outbuf,smb_vwv5,nread); - SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); - SSVAL(smb_buf(outbuf),-2,nread); - - DEBUG( 3, ( "readX fnum=%d min=%d max=%d nread=%d\n", - fsp->fnum, (int)smb_mincnt, (int)smb_maxcnt, (int)nread ) ); + nread = send_file_readX(conn, inbuf, outbuf, length, fsp, startpos, smb_maxcnt); + if (nread != -1) + nread = chain_reply(inbuf,outbuf,length,bufsize); - END_PROFILE(SMBreadX); - return chain_reply(inbuf,outbuf,length,bufsize); + END_PROFILE(SMBreadX); + return nread; } /**************************************************************************** - reply to a writebraw (core+ or LANMAN1.0 protocol) + Reply to a writebraw (core+ or LANMAN1.0 protocol). ****************************************************************************/ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) @@ -1888,7 +2009,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, } /**************************************************************************** - reply to a writeunlock (core+) + Reply to a writeunlock (core+). ****************************************************************************/ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, @@ -1950,7 +2071,6 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, return outsize; } - /**************************************************************************** Reply to a write. ****************************************************************************/ @@ -2029,10 +2149,10 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d return(outsize); } - /**************************************************************************** - reply to a write and X + Reply to a write and X. ****************************************************************************/ + int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { files_struct *fsp = file_fsp(inbuf,smb_vwv2); @@ -2129,9 +2249,8 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng return chain_reply(inbuf,outbuf,length,bufsize); } - /**************************************************************************** - reply to a lseek + Reply to a lseek. ****************************************************************************/ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) @@ -2212,7 +2331,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int } /**************************************************************************** - reply to a flush + Reply to a flush. ****************************************************************************/ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) @@ -2234,10 +2353,10 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int return(outsize); } - /**************************************************************************** - reply to a exit + Reply to a exit. ****************************************************************************/ + int reply_exit(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { @@ -2251,10 +2370,10 @@ int reply_exit(connection_struct *conn, return(outsize); } - /**************************************************************************** Reply to a close - has to deal with closing a directory opened by NT SMB's. ****************************************************************************/ + int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { @@ -2336,9 +2455,8 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, return(outsize); } - /**************************************************************************** - reply to a writeclose (Core+ protocol) + Reply to a writeclose (Core+ protocol). ****************************************************************************/ int reply_writeclose(connection_struct *conn, @@ -2395,10 +2513,10 @@ int reply_writeclose(connection_struct *conn, return(outsize); } - /**************************************************************************** - reply to a lock + Reply to a lock. ****************************************************************************/ + int reply_lock(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsize) { @@ -2420,7 +2538,7 @@ int reply_lock(connection_struct *conn, status = do_lock_spin(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK); if (NT_STATUS_V(status)) { - if (lp_blocking_locks(SNUM(conn))) { + if (lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it @@ -2439,10 +2557,10 @@ int reply_lock(connection_struct *conn, return(outsize); } - /**************************************************************************** - reply to a unlock + Reply to a unlock. ****************************************************************************/ + int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { @@ -2470,10 +2588,10 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, return(outsize); } - /**************************************************************************** - reply to a tdis + Reply to a tdis. ****************************************************************************/ + int reply_tdis(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { @@ -2497,11 +2615,10 @@ int reply_tdis(connection_struct *conn, return outsize; } - - /**************************************************************************** - reply to a echo + Reply to a echo. ****************************************************************************/ + int reply_echo(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { @@ -2539,10 +2656,10 @@ int reply_echo(connection_struct *conn, return -1; } - /**************************************************************************** - reply to a printopen + Reply to a printopen. ****************************************************************************/ + int reply_printopen(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { @@ -2573,9 +2690,8 @@ int reply_printopen(connection_struct *conn, return(outsize); } - /**************************************************************************** - reply to a printclose + Reply to a printclose. ****************************************************************************/ int reply_printclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) @@ -2607,10 +2723,10 @@ int reply_printclose(connection_struct *conn, return(outsize); } - /**************************************************************************** - reply to a printqueue + Reply to a printqueue. ****************************************************************************/ + int reply_printqueue(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { @@ -2678,10 +2794,10 @@ int reply_printqueue(connection_struct *conn, return(outsize); } - /**************************************************************************** - reply to a printwrite + Reply to a printwrite. ****************************************************************************/ + int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int numtowrite; @@ -2712,11 +2828,11 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ return(outsize); } - /**************************************************************************** The guts of the mkdir command, split out so it may be called by the NT SMB code. ****************************************************************************/ + NTSTATUS mkdir_internal(connection_struct *conn, pstring directory) { BOOL bad_path = False; @@ -2939,10 +3055,10 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(outsize); } - /******************************************************************* -resolve wildcards in a filename rename + Resolve wildcards in a filename rename. ********************************************************************/ + static BOOL resolve_wildcards(char *name1,char *name2) { fstring root1,root2; @@ -3378,8 +3494,9 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } /**************************************************************************** - reply to a file copy. - ****************************************************************************/ + Reply to a file copy. +****************************************************************************/ + int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; @@ -3542,8 +3659,9 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } /**************************************************************************** - reply to a setdir + Reply to a setdir. ****************************************************************************/ + int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int snum; @@ -3637,6 +3755,7 @@ SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format /**************************************************************************** Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-). ****************************************************************************/ + static uint32 map_lock_offset(uint32 high, uint32 low) { unsigned int i; @@ -3716,7 +3835,7 @@ SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_forma } /**************************************************************************** - reply to a lockingX request + Reply to a lockingX request. ****************************************************************************/ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) @@ -3827,7 +3946,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); /* Setup the timeout in seconds. */ - lock_timeout = ((lock_timeout == -1) ? -1 : lock_timeout/1000); + lock_timeout = ((lock_timeout == -1) ? -1 : (lock_timeout+999)/1000); /* Now do any requested locks */ data += ((large_file_format ? 20 : 10)*num_ulocks); @@ -3855,7 +3974,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); status = do_lock_spin(fsp,conn,lock_pid, count,offset, ((locktype & 1) ? READ_LOCK : WRITE_LOCK)); if (NT_STATUS_V(status)) { - if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn))) { + if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it -- cgit From 66b62281e285ae53c63e43ff074f57053b3e91ae Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 5 Nov 2002 22:49:07 +0000 Subject: Ensure can_delete returns the correct error code. Jeremy. (This used to be commit 52af4ed9ecd8ef5f31ce00c94bc55d6013a7f65a) --- source3/smbd/reply.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a881e135c0..3371d9b544 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1278,10 +1278,13 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) if (!fsp) { NTSTATUS ret = NT_STATUS_ACCESS_DENIED; - if (unix_ERR_class == ERRDOS && unix_ERR_code == ERRbadshare) + if (!NT_STATUS_IS_OK(unix_ERR_ntstatus)) + ret = unix_ERR_ntstatus; + else if (unix_ERR_class == ERRDOS && unix_ERR_code == ERRbadshare) ret = NT_STATUS_SHARING_VIOLATION; unix_ERR_class = 0; unix_ERR_code = 0; + unix_ERR_ntstatus = NT_STATUS_OK; return ret; } close_file(fsp,False); -- cgit From 2f194322d419350f35a48dff750066894d68eccf Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 12 Nov 2002 23:20:50 +0000 Subject: Removed global_myworkgroup, global_myname, global_myscope. Added liberal dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89) --- source3/smbd/reply.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3371d9b544..2c29ffdf51 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -33,7 +33,6 @@ extern char magic_char; extern BOOL case_sensitive; extern BOOL case_preserve; extern BOOL short_case_preserve; -extern pstring global_myname; extern int global_oplock_break; unsigned int smb_echo_count = 0; @@ -356,7 +355,7 @@ int reply_ioctl(connection_struct *conn, { uint16 rap_jobid = pjobid_to_rap(SNUM(fsp->conn), fsp->print_jobid); SSVAL(p,0,rap_jobid); /* Job number */ - srvstr_push(outbuf, p+2, global_myname, 15, STR_TERMINATE|STR_ASCII); + srvstr_push(outbuf, p+2, global_myname(), 15, STR_TERMINATE|STR_ASCII); srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII); break; } -- cgit From 6a019636b980857cf896f250841de757644ba9dd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 3 Dec 2002 08:02:41 +0000 Subject: Fixed nasty bug where file writes with start offsets in the range 0x80000000 -> 0xFFFFFFFF would fail as they were being cast from IVAL (uint32) to SMB_OFF_T (off_t or off64_t, both *signed* types). The sign extension would cause the offset to be treated as negative. Thanks to Herb for helping me track this one down (IRIX is good for large file tests :-). Jeremy. PS. That horrid EXEXIST thing has broken configure..... (This used to be commit 2d14c442bc601a277458b69f05a763aa2a1ab3b7) --- source3/smbd/reply.c | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2c29ffdf51..f320bf8ff5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1532,7 +1532,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s flush_write_cache(fsp, READRAW_FLUSH); - startpos = IVAL(inbuf,smb_vwv1); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1); if(CVAL(inbuf,smb_wct) == 10) { /* * This is a large offset (64 bit) read. @@ -1627,7 +1627,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length release_level_2_oplocks_on_change(fsp); numtoread = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv2); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); outsize = set_message(outbuf,5,3,True); numtoread = MIN(BUFFER_SIZE-outsize,numtoread); @@ -1696,7 +1696,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int CHECK_READ(fsp); numtoread = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv2); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); outsize = set_message(outbuf,5,3,True); numtoread = MIN(BUFFER_SIZE-outsize,numtoread); @@ -1822,7 +1822,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { files_struct *fsp = file_fsp(inbuf,smb_vwv2); - SMB_OFF_T startpos = IVAL(inbuf,smb_vwv3); + SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); ssize_t nread = -1; size_t smb_maxcnt = SVAL(inbuf,smb_vwv5); #if 0 @@ -1900,7 +1900,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, CHECK_WRITE(fsp); tcount = IVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv3); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); write_through = BITSETW(inbuf+smb_vwv7,0); /* We have to deal with slightly different formats depending @@ -2030,7 +2030,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, CHECK_WRITE(fsp); numtowrite = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv2); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, @@ -2097,7 +2097,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d CHECK_WRITE(fsp); numtowrite = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv2); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { @@ -2158,7 +2158,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { files_struct *fsp = file_fsp(inbuf,smb_vwv2); - SMB_OFF_T startpos = IVAL(inbuf,smb_vwv3); + SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); size_t numtowrite = SVAL(inbuf,smb_vwv10); BOOL write_through = BITSETW(inbuf+smb_vwv7,0); ssize_t nwritten = -1; @@ -2269,7 +2269,8 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int flush_write_cache(fsp, SEEK_FLUSH); mode = SVAL(inbuf,smb_vwv1) & 3; - startpos = IVALS(inbuf,smb_vwv2); + /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */ + startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2); switch (mode) { case 0: umode = SEEK_SET; break; @@ -2478,7 +2479,7 @@ int reply_writeclose(connection_struct *conn, CHECK_WRITE(fsp); numtowrite = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv2); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); mtime = make_unix_date3(inbuf+smb_vwv4); data = smb_buf(inbuf) + 1; @@ -4056,7 +4057,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, CHECK_FSP(fsp,conn); CHECK_READ(fsp); - startpos = IVAL(inbuf,smb_vwv1); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1); maxcount = SVAL(inbuf,smb_vwv3); data = smb_buf(outbuf); @@ -4184,7 +4185,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, CHECK_ERROR(fsp); tcount = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv3); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); write_through = BITSETW(inbuf+smb_vwv7,0); numtowrite = SVAL(inbuf,smb_vwv10); smb_doff = SVAL(inbuf,smb_vwv11); @@ -4284,7 +4285,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz CHECK_WRITE(fsp); tcount = SVAL(inbuf,smb_vwv1); - startpos = IVAL(inbuf,smb_vwv2); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); numtowrite = SVAL(inbuf,smb_vwv6); smb_doff = SVAL(inbuf,smb_vwv7); -- cgit From 5ed2d4a1d386d42920bdf97e139eea9bbaaa274b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 3 Dec 2002 23:57:45 +0000 Subject: Reformat of reply.c before Volker's patch. Jeremy. (This used to be commit c3877cfb9c9f3f9f86e32169cbb69c3c5bb2e3db) --- source3/smbd/reply.c | 2088 +++++++++++++++++++++++++------------------------- 1 file changed, 1029 insertions(+), 1059 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f320bf8ff5..adcc8c989d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -418,74 +418,69 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - pstring fname; - int outsize = 0; - SMB_STRUCT_STAT sbuf; - BOOL ok = False; - int mode=0; - SMB_OFF_T size=0; - time_t mtime=0; - BOOL bad_path = False; - char *p; - START_PROFILE(SMBgetatr); - - p = smb_buf(inbuf) + 1; - p += srvstr_pull_buf(inbuf, fname, p, sizeof(fname), STR_TERMINATE); - - RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + pstring fname; + int outsize = 0; + SMB_STRUCT_STAT sbuf; + BOOL ok = False; + int mode=0; + SMB_OFF_T size=0; + time_t mtime=0; + BOOL bad_path = False; + char *p; + START_PROFILE(SMBgetatr); + + p = smb_buf(inbuf) + 1; + p += srvstr_pull_buf(inbuf, fname, p, sizeof(fname), STR_TERMINATE); + + RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - /* dos smetimes asks for a stat of "" - it returns a "hidden directory" - under WfWg - weird! */ - if (! (*fname)) - { - mode = aHIDDEN | aDIR; - if (!CAN_WRITE(conn)) mode |= aRONLY; - size = 0; - mtime = 0; - ok = True; - } - else - { - unix_convert(fname,conn,0,&bad_path,&sbuf); - if (check_name(fname,conn)) - { - if (VALID_STAT(sbuf) || vfs_stat(conn,fname,&sbuf) == 0) - { - mode = dos_mode(conn,fname,&sbuf); - size = sbuf.st_size; - mtime = sbuf.st_mtime; - if (mode & aDIR) - size = 0; - ok = True; - } - else - DEBUG(3,("stat of %s failed (%s)\n",fname,strerror(errno))); - } - } + /* dos smetimes asks for a stat of "" - it returns a "hidden directory" + under WfWg - weird! */ + if (! (*fname)) { + mode = aHIDDEN | aDIR; + if (!CAN_WRITE(conn)) + mode |= aRONLY; + size = 0; + mtime = 0; + ok = True; + } else { + unix_convert(fname,conn,0,&bad_path,&sbuf); + if (check_name(fname,conn)) { + if (VALID_STAT(sbuf) || vfs_stat(conn,fname,&sbuf) == 0) { + mode = dos_mode(conn,fname,&sbuf); + size = sbuf.st_size; + mtime = sbuf.st_mtime; + if (mode & aDIR) + size = 0; + ok = True; + } else { + DEBUG(3,("stat of %s failed (%s)\n",fname,strerror(errno))); + } + } + } - if (!ok) - { - set_bad_path_error(errno, bad_path); - END_PROFILE(SMBgetatr); - return(UNIXERROR(ERRDOS,ERRbadfile)); - } + if (!ok) { + set_bad_path_error(errno, bad_path); + END_PROFILE(SMBgetatr); + return(UNIXERROR(ERRDOS,ERRbadfile)); + } - outsize = set_message(outbuf,10,0,True); + outsize = set_message(outbuf,10,0,True); - SSVAL(outbuf,smb_vwv0,mode); - if(lp_dos_filetime_resolution(SNUM(conn)) ) - put_dos_date3(outbuf,smb_vwv1,mtime & ~1); - else - put_dos_date3(outbuf,smb_vwv1,mtime); - SIVAL(outbuf,smb_vwv3,(uint32)size); + SSVAL(outbuf,smb_vwv0,mode); + if(lp_dos_filetime_resolution(SNUM(conn)) ) + put_dos_date3(outbuf,smb_vwv1,mtime & ~1); + else + put_dos_date3(outbuf,smb_vwv1,mtime); + SIVAL(outbuf,smb_vwv3,(uint32)size); - if (Protocol >= PROTOCOL_NT1) - SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME); + if (Protocol >= PROTOCOL_NT1) + SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME); - DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, (uint32)size ) ); + DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, (uint32)size ) ); - END_PROFILE(SMBgetatr); - return(outsize); + END_PROFILE(SMBgetatr); + return(outsize); } /**************************************************************************** @@ -494,47 +489,46 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - pstring fname; - int outsize = 0; - BOOL ok=False; - int mode; - time_t mtime; - SMB_STRUCT_STAT sbuf; - BOOL bad_path = False; - char *p; - - START_PROFILE(SMBsetatr); - - p = smb_buf(inbuf) + 1; - p += srvstr_pull_buf(inbuf, fname, p, sizeof(fname), STR_TERMINATE); - unix_convert(fname,conn,0,&bad_path,&sbuf); - - mode = SVAL(inbuf,smb_vwv0); - mtime = make_unix_date3(inbuf+smb_vwv1); + pstring fname; + int outsize = 0; + BOOL ok=False; + int mode; + time_t mtime; + SMB_STRUCT_STAT sbuf; + BOOL bad_path = False; + char *p; + + START_PROFILE(SMBsetatr); + + p = smb_buf(inbuf) + 1; + p += srvstr_pull_buf(inbuf, fname, p, sizeof(fname), STR_TERMINATE); + unix_convert(fname,conn,0,&bad_path,&sbuf); + + mode = SVAL(inbuf,smb_vwv0); + mtime = make_unix_date3(inbuf+smb_vwv1); - if (VALID_STAT_OF_DIR(sbuf)) - mode |= aDIR; - else - mode &= ~aDIR; - - if (check_name(fname,conn)) - ok = (file_chmod(conn,fname,mode,NULL) == 0); - if (ok) - ok = set_filetime(conn,fname,mtime); + if (VALID_STAT_OF_DIR(sbuf)) + mode |= aDIR; + else + mode &= ~aDIR; + + if (check_name(fname,conn)) + ok = (file_chmod(conn,fname,mode,NULL) == 0); + if (ok) + ok = set_filetime(conn,fname,mtime); - if (!ok) - { - set_bad_path_error(errno, bad_path); - END_PROFILE(SMBsetatr); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } + if (!ok) { + set_bad_path_error(errno, bad_path); + END_PROFILE(SMBsetatr); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,True); - DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) ); + DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) ); - END_PROFILE(SMBsetatr); - return(outsize); + END_PROFILE(SMBsetatr); + return(outsize); } /**************************************************************************** @@ -592,206 +586,187 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - pstring mask; - pstring directory; - pstring fname; - SMB_OFF_T size; - int mode; - time_t date; - int dirtype; - int outsize = 0; - int numentries = 0; - BOOL finished = False; - int maxentries; - int i; - char *p; - BOOL ok = False; - int status_len; - pstring path; - char status[21]; - int dptr_num= -1; - BOOL check_descend = False; - BOOL expect_close = False; - BOOL can_open = True; - BOOL bad_path = False; - START_PROFILE(SMBsearch); - - *mask = *directory = *fname = 0; - - /* If we were called as SMBffirst then we must expect close. */ - if(CVAL(inbuf,smb_com) == SMBffirst) - expect_close = True; - - outsize = set_message(outbuf,1,3,True); - maxentries = SVAL(inbuf,smb_vwv0); - dirtype = SVAL(inbuf,smb_vwv1); - p = smb_buf(inbuf) + 1; - p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE); - p++; - status_len = SVAL(p, 0); - p += 2; + pstring mask; + pstring directory; + pstring fname; + SMB_OFF_T size; + int mode; + time_t date; + int dirtype; + int outsize = 0; + int numentries = 0; + BOOL finished = False; + int maxentries; + int i; + char *p; + BOOL ok = False; + int status_len; + pstring path; + char status[21]; + int dptr_num= -1; + BOOL check_descend = False; + BOOL expect_close = False; + BOOL can_open = True; + BOOL bad_path = False; + START_PROFILE(SMBsearch); + + *mask = *directory = *fname = 0; + + /* If we were called as SMBffirst then we must expect close. */ + if(CVAL(inbuf,smb_com) == SMBffirst) + expect_close = True; - /* dirtype &= ~aDIR; */ + outsize = set_message(outbuf,1,3,True); + maxentries = SVAL(inbuf,smb_vwv0); + dirtype = SVAL(inbuf,smb_vwv1); + p = smb_buf(inbuf) + 1; + p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE); + p++; + status_len = SVAL(p, 0); + p += 2; - if (status_len == 0) - { - SMB_STRUCT_STAT sbuf; - pstring dir2; - - pstrcpy(directory,path); - pstrcpy(dir2,path); - unix_convert(directory,conn,0,&bad_path,&sbuf); - unix_format(dir2); - - if (!check_name(directory,conn)) - can_open = False; - - p = strrchr_m(dir2,'/'); - if (p == NULL) - { - pstrcpy(mask,dir2); - *dir2 = 0; - } - else - { - *p = 0; - pstrcpy(mask,p+1); - } - - p = strrchr_m(directory,'/'); - if (!p) - *directory = 0; - else - *p = 0; - - if (strlen(directory) == 0) - pstrcpy(directory,"./"); - memset((char *)status,'\0',21); - SCVAL(status,0,(dirtype & 0x1F)); - } - else - { - int status_dirtype; - memcpy(status,p,21); - status_dirtype = CVAL(status,0) & 0x1F; - if (status_dirtype != (dirtype & 0x1F)) - dirtype = status_dirtype; - - conn->dirptr = dptr_fetch(status+12,&dptr_num); - if (!conn->dirptr) - goto SearchEmpty; - string_set(&conn->dirpath,dptr_path(dptr_num)); - fstrcpy(mask, dptr_wcard(dptr_num)); - } - - if (can_open) - { - p = smb_buf(outbuf) + 3; - - ok = True; + /* dirtype &= ~aDIR; */ + + if (status_len == 0) { + SMB_STRUCT_STAT sbuf; + pstring dir2; + + pstrcpy(directory,path); + pstrcpy(dir2,path); + unix_convert(directory,conn,0,&bad_path,&sbuf); + unix_format(dir2); + + if (!check_name(directory,conn)) + can_open = False; + + p = strrchr_m(dir2,'/'); + if (p == NULL) { + pstrcpy(mask,dir2); + *dir2 = 0; + } else { + *p = 0; + pstrcpy(mask,p+1); + } + + p = strrchr_m(directory,'/'); + if (!p) + *directory = 0; + else + *p = 0; + + if (strlen(directory) == 0) + pstrcpy(directory,"./"); + memset((char *)status,'\0',21); + SCVAL(status,0,(dirtype & 0x1F)); + } else { + int status_dirtype; + + memcpy(status,p,21); + status_dirtype = CVAL(status,0) & 0x1F; + if (status_dirtype != (dirtype & 0x1F)) + dirtype = status_dirtype; + + conn->dirptr = dptr_fetch(status+12,&dptr_num); + if (!conn->dirptr) + goto SearchEmpty; + string_set(&conn->dirpath,dptr_path(dptr_num)); + fstrcpy(mask, dptr_wcard(dptr_num)); + } + + if (can_open) { + p = smb_buf(outbuf) + 3; + ok = True; - if (status_len == 0) - { - dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid)); - if (dptr_num < 0) - { - if(dptr_num == -2) - { - set_bad_path_error(errno, bad_path); - END_PROFILE(SMBsearch); - return (UNIXERROR(ERRDOS,ERRnofids)); - } - END_PROFILE(SMBsearch); - return ERROR_DOS(ERRDOS,ERRnofids); - } - dptr_set_wcard(dptr_num, strdup(mask)); - } - - DEBUG(4,("dptr_num is %d\n",dptr_num)); - - if (ok) - { - if ((dirtype&0x1F) == aVOLID) - { - memcpy(p,status,21); - make_dir_struct(p,"???????????",volume_label(SNUM(conn)),0,aVOLID,0); - dptr_fill(p+12,dptr_num); - if (dptr_zero(p+12) && (status_len==0)) - numentries = 1; - else - numentries = 0; - p += DIR_STRUCT_SIZE; - } - else - { - DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n", - conn->dirpath,lp_dontdescend(SNUM(conn)))); - if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) - check_descend = True; - - for (i=numentries;(i dontdescend=<%s>\n", + conn->dirpath,lp_dontdescend(SNUM(conn)))); + if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) + check_descend = True; + + for (i=numentries;(i= 0 && CVAL(inbuf,smb_com) == SMBfunique) - dptr_close(&dptr_num); - - SSVAL(outbuf,smb_vwv0,numentries); - SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE); - SCVAL(smb_buf(outbuf),0,5); - SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE); - - if (Protocol >= PROTOCOL_NT1) - SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME); + if (numentries == 0 || !ok) { + SCVAL(outbuf,smb_rcls,ERRDOS); + SSVAL(outbuf,smb_err,ERRnofiles); + dptr_close(&dptr_num); + } + + /* If we were called as SMBffirst with smb_search_id == NULL + and no entries were found then return error and close dirptr + (X/Open spec) */ + + if(ok && expect_close && numentries == 0 && status_len == 0) { + SCVAL(outbuf,smb_rcls,ERRDOS); + SSVAL(outbuf,smb_err,ERRnofiles); + /* Also close the dptr - we know it's gone */ + dptr_close(&dptr_num); + } + + /* If we were called as SMBfunique, then we can close the dirptr now ! */ + if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) + dptr_close(&dptr_num); + + SSVAL(outbuf,smb_vwv0,numentries); + SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE); + SCVAL(smb_buf(outbuf),0,5); + SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE); + + if (Protocol >= PROTOCOL_NT1) + SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME); - outsize += DIR_STRUCT_SIZE*numentries; - smb_setlen(outbuf,outsize - 4); + outsize += DIR_STRUCT_SIZE*numentries; + smb_setlen(outbuf,outsize - 4); - if ((! *directory) && dptr_path(dptr_num)) - slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); + if ((! *directory) && dptr_path(dptr_num)) + slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); - DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%d of %d\n", - smb_fn_name(CVAL(inbuf,smb_com)), - mask, directory, dirtype, numentries, maxentries ) ); + DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%d of %d\n", + smb_fn_name(CVAL(inbuf,smb_com)), + mask, directory, dirtype, numentries, maxentries ) ); - END_PROFILE(SMBsearch); - return(outsize); + END_PROFILE(SMBsearch); + return(outsize); } /**************************************************************************** @@ -800,40 +775,40 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = 0; - int status_len; - pstring path; - char status[21]; - int dptr_num= -2; - char *p; + int outsize = 0; + int status_len; + pstring path; + char status[21]; + int dptr_num= -2; + char *p; - START_PROFILE(SMBfclose); + START_PROFILE(SMBfclose); - outsize = set_message(outbuf,1,0,True); - p = smb_buf(inbuf) + 1; - p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE); - p++; - status_len = SVAL(p,0); - p += 2; + outsize = set_message(outbuf,1,0,True); + p = smb_buf(inbuf) + 1; + p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE); + p++; + status_len = SVAL(p,0); + p += 2; - if (status_len == 0) { - END_PROFILE(SMBfclose); - return ERROR_DOS(ERRSRV,ERRsrverror); - } + if (status_len == 0) { + END_PROFILE(SMBfclose); + return ERROR_DOS(ERRSRV,ERRsrverror); + } - memcpy(status,p,21); + memcpy(status,p,21); - if(dptr_fetch(status+12,&dptr_num)) { - /* Close the dptr - we know it's gone */ - dptr_close(&dptr_num); - } + if(dptr_fetch(status+12,&dptr_num)) { + /* Close the dptr - we know it's gone */ + dptr_close(&dptr_num); + } - SSVAL(outbuf,smb_vwv0,0); + SSVAL(outbuf,smb_vwv0,0); - DEBUG(3,("search close\n")); + DEBUG(3,("search close\n")); - END_PROFILE(SMBfclose); - return(outsize); + END_PROFILE(SMBfclose); + return(outsize); } /**************************************************************************** @@ -842,69 +817,67 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - pstring fname; - int outsize = 0; - int fmode=0; - int share_mode; - SMB_OFF_T size = 0; - time_t mtime=0; - mode_t unixmode; - int rmode=0; - SMB_STRUCT_STAT sbuf; - BOOL bad_path = False; - files_struct *fsp; - int oplock_request = CORE_OPLOCK_REQUEST(inbuf); - START_PROFILE(SMBopen); + pstring fname; + int outsize = 0; + int fmode=0; + int share_mode; + SMB_OFF_T size = 0; + time_t mtime=0; + mode_t unixmode; + int rmode=0; + SMB_STRUCT_STAT sbuf; + BOOL bad_path = False; + files_struct *fsp; + int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + START_PROFILE(SMBopen); - share_mode = SVAL(inbuf,smb_vwv0); + share_mode = SVAL(inbuf,smb_vwv0); - srvstr_pull_buf(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), STR_TERMINATE); + srvstr_pull_buf(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), STR_TERMINATE); - RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - unix_convert(fname,conn,0,&bad_path,&sbuf); + unix_convert(fname,conn,0,&bad_path,&sbuf); - unixmode = unix_mode(conn,aARCH,fname); + unixmode = unix_mode(conn,aARCH,fname); - fsp = open_file_shared(conn,fname,&sbuf,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), - unixmode, oplock_request,&rmode,NULL); - - if (!fsp) - { - set_bad_path_error(errno, bad_path); - END_PROFILE(SMBopen); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - - size = sbuf.st_size; - fmode = dos_mode(conn,fname,&sbuf); - mtime = sbuf.st_mtime; - - if (fmode & aDIR) { - DEBUG(3,("attempt to open a directory %s\n",fname)); - close_file(fsp,False); - END_PROFILE(SMBopen); - return ERROR_DOS(ERRDOS,ERRnoaccess); - } + fsp = open_file_shared(conn,fname,&sbuf,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), + unixmode, oplock_request,&rmode,NULL); + + if (!fsp) { + set_bad_path_error(errno, bad_path); + END_PROFILE(SMBopen); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + + size = sbuf.st_size; + fmode = dos_mode(conn,fname,&sbuf); + mtime = sbuf.st_mtime; + + if (fmode & aDIR) { + DEBUG(3,("attempt to open a directory %s\n",fname)); + close_file(fsp,False); + END_PROFILE(SMBopen); + return ERROR_DOS(ERRDOS,ERRnoaccess); + } - outsize = set_message(outbuf,7,0,True); - SSVAL(outbuf,smb_vwv0,fsp->fnum); - SSVAL(outbuf,smb_vwv1,fmode); - if(lp_dos_filetime_resolution(SNUM(conn)) ) - put_dos_date3(outbuf,smb_vwv2,mtime & ~1); - else - put_dos_date3(outbuf,smb_vwv2,mtime); - SIVAL(outbuf,smb_vwv4,(uint32)size); - SSVAL(outbuf,smb_vwv6,rmode); - - if (oplock_request && lp_fake_oplocks(SNUM(conn))) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); - } + outsize = set_message(outbuf,7,0,True); + SSVAL(outbuf,smb_vwv0,fsp->fnum); + SSVAL(outbuf,smb_vwv1,fmode); + if(lp_dos_filetime_resolution(SNUM(conn)) ) + put_dos_date3(outbuf,smb_vwv2,mtime & ~1); + else + put_dos_date3(outbuf,smb_vwv2,mtime); + SIVAL(outbuf,smb_vwv4,(uint32)size); + SSVAL(outbuf,smb_vwv6,rmode); + + if (oplock_request && lp_fake_oplocks(SNUM(conn))) + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); - if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); - END_PROFILE(SMBopen); - return(outsize); + if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + END_PROFILE(SMBopen); + return(outsize); } /**************************************************************************** @@ -913,107 +886,102 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - pstring fname; - int smb_mode = SVAL(inbuf,smb_vwv3); - int smb_attr = SVAL(inbuf,smb_vwv5); - /* Breakout the oplock request bits so we can set the - reply bits separately. */ - BOOL ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf); - BOOL core_oplock_request = CORE_OPLOCK_REQUEST(inbuf); - BOOL oplock_request = ex_oplock_request | core_oplock_request; + pstring fname; + int smb_mode = SVAL(inbuf,smb_vwv3); + int smb_attr = SVAL(inbuf,smb_vwv5); + /* Breakout the oplock request bits so we can set the + reply bits separately. */ + BOOL ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf); + BOOL core_oplock_request = CORE_OPLOCK_REQUEST(inbuf); + BOOL oplock_request = ex_oplock_request | core_oplock_request; #if 0 - int open_flags = SVAL(inbuf,smb_vwv2); - int smb_sattr = SVAL(inbuf,smb_vwv4); - uint32 smb_time = make_unix_date3(inbuf+smb_vwv6); + int open_flags = SVAL(inbuf,smb_vwv2); + int smb_sattr = SVAL(inbuf,smb_vwv4); + uint32 smb_time = make_unix_date3(inbuf+smb_vwv6); #endif - int smb_ofun = SVAL(inbuf,smb_vwv8); - mode_t unixmode; - SMB_OFF_T size=0; - int fmode=0,mtime=0,rmode=0; - SMB_STRUCT_STAT sbuf; - int smb_action = 0; - BOOL bad_path = False; - files_struct *fsp; - START_PROFILE(SMBopenX); - - /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(conn)) { - if (lp_nt_pipe_support()) { - END_PROFILE(SMBopenX); - return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize); - } else { - END_PROFILE(SMBopenX); - return ERROR_DOS(ERRSRV,ERRaccess); - } - } + int smb_ofun = SVAL(inbuf,smb_vwv8); + mode_t unixmode; + SMB_OFF_T size=0; + int fmode=0,mtime=0,rmode=0; + SMB_STRUCT_STAT sbuf; + int smb_action = 0; + BOOL bad_path = False; + files_struct *fsp; + START_PROFILE(SMBopenX); + + /* If it's an IPC, pass off the pipe handler. */ + if (IS_IPC(conn)) { + if (lp_nt_pipe_support()) { + END_PROFILE(SMBopenX); + return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize); + } else { + END_PROFILE(SMBopenX); + return ERROR_DOS(ERRSRV,ERRaccess); + } + } - /* XXXX we need to handle passed times, sattr and flags */ - srvstr_pull_buf(inbuf, fname, smb_buf(inbuf), sizeof(fname), STR_TERMINATE); + /* XXXX we need to handle passed times, sattr and flags */ + srvstr_pull_buf(inbuf, fname, smb_buf(inbuf), sizeof(fname), STR_TERMINATE); - RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - unix_convert(fname,conn,0,&bad_path,&sbuf); + unix_convert(fname,conn,0,&bad_path,&sbuf); - unixmode = unix_mode(conn,smb_attr | aARCH, fname); + unixmode = unix_mode(conn,smb_attr | aARCH, fname); - fsp = open_file_shared(conn,fname,&sbuf,smb_mode,smb_ofun,unixmode, - oplock_request, &rmode,&smb_action); + fsp = open_file_shared(conn,fname,&sbuf,smb_mode,smb_ofun,unixmode, + oplock_request, &rmode,&smb_action); - if (!fsp) - { - set_bad_path_error(errno, bad_path); - END_PROFILE(SMBopenX); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - - size = sbuf.st_size; - fmode = dos_mode(conn,fname,&sbuf); - mtime = sbuf.st_mtime; - if (fmode & aDIR) { - close_file(fsp,False); - END_PROFILE(SMBopenX); - return ERROR_DOS(ERRDOS,ERRnoaccess); - } - - /* If the caller set the extended oplock request bit - and we granted one (by whatever means) - set the - correct bit for extended oplock reply. - */ - - if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) { - smb_action |= EXTENDED_OPLOCK_GRANTED; - } - - if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { - smb_action |= EXTENDED_OPLOCK_GRANTED; - } - - /* If the caller set the core oplock request bit - and we granted one (by whatever means) - set the - correct bit for core oplock reply. - */ - - if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); - } - - if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); - } - - set_message(outbuf,15,0,True); - SSVAL(outbuf,smb_vwv2,fsp->fnum); - SSVAL(outbuf,smb_vwv3,fmode); - if(lp_dos_filetime_resolution(SNUM(conn)) ) - put_dos_date3(outbuf,smb_vwv4,mtime & ~1); - else - put_dos_date3(outbuf,smb_vwv4,mtime); - SIVAL(outbuf,smb_vwv6,(uint32)size); - SSVAL(outbuf,smb_vwv8,rmode); - SSVAL(outbuf,smb_vwv11,smb_action); - - END_PROFILE(SMBopenX); - return chain_reply(inbuf,outbuf,length,bufsize); + if (!fsp) { + set_bad_path_error(errno, bad_path); + END_PROFILE(SMBopenX); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + + size = sbuf.st_size; + fmode = dos_mode(conn,fname,&sbuf); + mtime = sbuf.st_mtime; + if (fmode & aDIR) { + close_file(fsp,False); + END_PROFILE(SMBopenX); + return ERROR_DOS(ERRDOS,ERRnoaccess); + } + + /* If the caller set the extended oplock request bit + and we granted one (by whatever means) - set the + correct bit for extended oplock reply. + */ + + if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) + smb_action |= EXTENDED_OPLOCK_GRANTED; + + if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) + smb_action |= EXTENDED_OPLOCK_GRANTED; + + /* If the caller set the core oplock request bit + and we granted one (by whatever means) - set the + correct bit for core oplock reply. + */ + + if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + + if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + + set_message(outbuf,15,0,True); + SSVAL(outbuf,smb_vwv2,fsp->fnum); + SSVAL(outbuf,smb_vwv3,fmode); + if(lp_dos_filetime_resolution(SNUM(conn)) ) + put_dos_date3(outbuf,smb_vwv4,mtime & ~1); + else + put_dos_date3(outbuf,smb_vwv4,mtime); + SIVAL(outbuf,smb_vwv6,(uint32)size); + SSVAL(outbuf,smb_vwv8,rmode); + SSVAL(outbuf,smb_vwv11,smb_action); + + END_PROFILE(SMBopenX); + return chain_reply(inbuf,outbuf,length,bufsize); } /**************************************************************************** @@ -1022,28 +990,26 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - uint16 vuid = SVAL(inbuf,smb_uid); - user_struct *vuser = get_valid_user_struct(vuid); - START_PROFILE(SMBulogoffX); + uint16 vuid = SVAL(inbuf,smb_uid); + user_struct *vuser = get_valid_user_struct(vuid); + START_PROFILE(SMBulogoffX); - if(vuser == 0) { - DEBUG(3,("ulogoff, vuser id %d does not map to user.\n", vuid)); - } + if(vuser == 0) + DEBUG(3,("ulogoff, vuser id %d does not map to user.\n", vuid)); - /* in user level security we are supposed to close any files - open by this user */ - if ((vuser != 0) && (lp_security() != SEC_SHARE)) { - file_close_user(vuid); - } + /* in user level security we are supposed to close any files + open by this user */ + if ((vuser != 0) && (lp_security() != SEC_SHARE)) + file_close_user(vuid); - invalidate_vuid(vuid); + invalidate_vuid(vuid); - set_message(outbuf,2,0,True); + set_message(outbuf,2,0,True); - DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) ); + DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) ); - END_PROFILE(SMBulogoffX); - return chain_reply(inbuf,outbuf,length,bufsize); + END_PROFILE(SMBulogoffX); + return chain_reply(inbuf,outbuf,length,bufsize); } /**************************************************************************** @@ -1052,71 +1018,64 @@ int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length, int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - pstring fname; - int com; - int outsize = 0; - int createmode; - mode_t unixmode; - int ofun = 0; - BOOL bad_path = False; - files_struct *fsp; - int oplock_request = CORE_OPLOCK_REQUEST(inbuf); - SMB_STRUCT_STAT sbuf; - START_PROFILE(SMBcreate); + pstring fname; + int com; + int outsize = 0; + int createmode; + mode_t unixmode; + int ofun = 0; + BOOL bad_path = False; + files_struct *fsp; + int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + SMB_STRUCT_STAT sbuf; + START_PROFILE(SMBcreate); - com = SVAL(inbuf,smb_com); + com = SVAL(inbuf,smb_com); - createmode = SVAL(inbuf,smb_vwv0); - srvstr_pull_buf(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), STR_TERMINATE); + createmode = SVAL(inbuf,smb_vwv0); + srvstr_pull_buf(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), STR_TERMINATE); - RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - unix_convert(fname,conn,0,&bad_path,&sbuf); + unix_convert(fname,conn,0,&bad_path,&sbuf); - if (createmode & aVOLID) { - DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname)); - } + if (createmode & aVOLID) + DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname)); - unixmode = unix_mode(conn,createmode,fname); + unixmode = unix_mode(conn,createmode,fname); - if(com == SMBmknew) - { - /* We should fail if file exists. */ - ofun = FILE_CREATE_IF_NOT_EXIST; - } - else - { - /* SMBcreate - Create if file doesn't exist, truncate if it does. */ - ofun = FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_TRUNCATE; - } - - /* Open file in dos compatibility share mode. */ - fsp = open_file_shared(conn,fname,&sbuf,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), - ofun, unixmode, oplock_request, NULL, NULL); + if(com == SMBmknew) { + /* We should fail if file exists. */ + ofun = FILE_CREATE_IF_NOT_EXIST; + } else { + /* SMBcreate - Create if file doesn't exist, truncate if it does. */ + ofun = FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_TRUNCATE; + } + + /* Open file in dos compatibility share mode. */ + fsp = open_file_shared(conn,fname,&sbuf,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + ofun, unixmode, oplock_request, NULL, NULL); - if (!fsp) - { - set_bad_path_error(errno, bad_path); - END_PROFILE(SMBcreate); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } + if (!fsp) { + set_bad_path_error(errno, bad_path); + END_PROFILE(SMBcreate); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } - outsize = set_message(outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,fsp->fnum); + outsize = set_message(outbuf,1,0,True); + SSVAL(outbuf,smb_vwv0,fsp->fnum); - if (oplock_request && lp_fake_oplocks(SNUM(conn))) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); - } + if (oplock_request && lp_fake_oplocks(SNUM(conn))) + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); - if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); - DEBUG( 2, ( "new file %s\n", fname ) ); - DEBUG( 3, ( "mknew %s fd=%d dmode=%d umode=%o\n", - fname, fsp->fd, createmode, (int)unixmode ) ); + DEBUG( 2, ( "new file %s\n", fname ) ); + DEBUG( 3, ( "mknew %s fd=%d dmode=%d umode=%o\n", fname, fsp->fd, createmode, (int)unixmode ) ); - END_PROFILE(SMBcreate); - return(outsize); + END_PROFILE(SMBcreate); + return(outsize); } /**************************************************************************** @@ -1125,84 +1084,82 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - pstring fname; - int outsize = 0; - int createmode; - mode_t unixmode; - BOOL bad_path = False; - files_struct *fsp; - int oplock_request = CORE_OPLOCK_REQUEST(inbuf); - int tmpfd; - SMB_STRUCT_STAT sbuf; - char *p, *s; - - START_PROFILE(SMBctemp); - - createmode = SVAL(inbuf,smb_vwv0); - srvstr_pull_buf(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), STR_TERMINATE); - pstrcat(fname,"\\TMXXXXXX"); - - RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - - unix_convert(fname,conn,0,&bad_path,&sbuf); + pstring fname; + int outsize = 0; + int createmode; + mode_t unixmode; + BOOL bad_path = False; + files_struct *fsp; + int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + int tmpfd; + SMB_STRUCT_STAT sbuf; + char *p, *s; + + START_PROFILE(SMBctemp); + + createmode = SVAL(inbuf,smb_vwv0); + srvstr_pull_buf(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), STR_TERMINATE); + pstrcat(fname,"\\TMXXXXXX"); + + RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + + unix_convert(fname,conn,0,&bad_path,&sbuf); - unixmode = unix_mode(conn,createmode,fname); + unixmode = unix_mode(conn,createmode,fname); - tmpfd = smb_mkstemp(fname); - if (tmpfd == -1) { - END_PROFILE(SMBctemp); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - - vfs_stat(conn,fname,&sbuf); - - /* Open file in dos compatibility share mode. */ - /* We should fail if file does not exist. */ - fsp = open_file_shared(conn,fname,&sbuf, - SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), - FILE_EXISTS_OPEN|FILE_FAIL_IF_NOT_EXIST, - unixmode, oplock_request, NULL, NULL); - - /* close fd from smb_mkstemp() */ - close(tmpfd); - - if (!fsp) { - set_bad_path_error(errno, bad_path); - END_PROFILE(SMBctemp); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - - outsize = set_message(outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,fsp->fnum); - - /* the returned filename is relative to the directory */ - s = strrchr_m(fname, '/'); - if (!s) { - s = fname; - } else { - s++; - } - - p = smb_buf(outbuf); - SSVALS(p, 0, -1); /* what is this? not in spec */ - SSVAL(p, 2, strlen(s)); - p += 4; - p += srvstr_push(outbuf, p, s, -1, STR_ASCII); - outsize = set_message_end(outbuf, p); - - if (oplock_request && lp_fake_oplocks(SNUM(conn))) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); - } + tmpfd = smb_mkstemp(fname); + if (tmpfd == -1) { + END_PROFILE(SMBctemp); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + + vfs_stat(conn,fname,&sbuf); + + /* Open file in dos compatibility share mode. */ + /* We should fail if file does not exist. */ + fsp = open_file_shared(conn,fname,&sbuf, + SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), + FILE_EXISTS_OPEN|FILE_FAIL_IF_NOT_EXIST, + unixmode, oplock_request, NULL, NULL); + + /* close fd from smb_mkstemp() */ + close(tmpfd); + + if (!fsp) { + set_bad_path_error(errno, bad_path); + END_PROFILE(SMBctemp); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + + outsize = set_message(outbuf,1,0,True); + SSVAL(outbuf,smb_vwv0,fsp->fnum); + + /* the returned filename is relative to the directory */ + s = strrchr_m(fname, '/'); + if (!s) + s = fname; + else + s++; + + p = smb_buf(outbuf); + SSVALS(p, 0, -1); /* what is this? not in spec */ + SSVAL(p, 2, strlen(s)); + p += 4; + p += srvstr_push(outbuf, p, s, -1, STR_ASCII); + outsize = set_message_end(outbuf, p); + + if (oplock_request && lp_fake_oplocks(SNUM(conn))) + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); - if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) + SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); - DEBUG( 2, ( "created temp file %s\n", fname ) ); - DEBUG( 3, ( "ctemp %s fd=%d dmode=%d umode=%o\n", - fname, fsp->fd, createmode, (int)unixmode ) ); + DEBUG( 2, ( "created temp file %s\n", fname ) ); + DEBUG( 3, ( "ctemp %s fd=%d dmode=%d umode=%o\n", + fname, fsp->fd, createmode, (int)unixmode ) ); - END_PROFILE(SMBctemp); - return(outsize); + END_PROFILE(SMBctemp); + return(outsize); } /******************************************************************* @@ -2157,98 +2114,99 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - files_struct *fsp = file_fsp(inbuf,smb_vwv2); - SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); - size_t numtowrite = SVAL(inbuf,smb_vwv10); - BOOL write_through = BITSETW(inbuf+smb_vwv7,0); - ssize_t nwritten = -1; - unsigned int smb_doff = SVAL(inbuf,smb_vwv11); - unsigned int smblen = smb_len(inbuf); - char *data; - BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF)); - START_PROFILE(SMBwriteX); - - /* If it's an IPC, pass off the pipe handler. */ - if (IS_IPC(conn)) { - END_PROFILE(SMBwriteX); - return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize); - } - - CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); - - /* Deal with possible LARGE_WRITEX */ - if (large_writeX) - numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16); - - if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) { - END_PROFILE(SMBwriteX); - return ERROR_DOS(ERRDOS,ERRbadmem); - } - - data = smb_base(inbuf) + smb_doff; - - if(CVAL(inbuf,smb_wct) == 14) { + files_struct *fsp = file_fsp(inbuf,smb_vwv2); + SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); + size_t numtowrite = SVAL(inbuf,smb_vwv10); + BOOL write_through = BITSETW(inbuf+smb_vwv7,0); + ssize_t nwritten = -1; + unsigned int smb_doff = SVAL(inbuf,smb_vwv11); + unsigned int smblen = smb_len(inbuf); + char *data; + BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF)); + START_PROFILE(SMBwriteX); + + /* If it's an IPC, pass off the pipe handler. */ + if (IS_IPC(conn)) { + END_PROFILE(SMBwriteX); + return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize); + } + + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); + + /* Deal with possible LARGE_WRITEX */ + if (large_writeX) + numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16); + + if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) { + END_PROFILE(SMBwriteX); + return ERROR_DOS(ERRDOS,ERRbadmem); + } + + data = smb_base(inbuf) + smb_doff; + + if(CVAL(inbuf,smb_wct) == 14) { #ifdef LARGE_SMB_OFF_T - /* - * This is a large offset (64 bit) write. - */ - startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv12)) << 32); + /* + * This is a large offset (64 bit) write. + */ + startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv12)) << 32); #else /* !LARGE_SMB_OFF_T */ - /* - * Ensure we haven't been sent a >32 bit offset. - */ + /* + * Ensure we haven't been sent a >32 bit offset. + */ - if(IVAL(inbuf,smb_vwv12) != 0) { - DEBUG(0,("reply_write_and_X - large offset (%x << 32) used and we don't support \ + if(IVAL(inbuf,smb_vwv12) != 0) { + DEBUG(0,("reply_write_and_X - large offset (%x << 32) used and we don't support \ 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv12) )); - END_PROFILE(SMBwriteX); - return ERROR_DOS(ERRDOS,ERRbadaccess); - } + END_PROFILE(SMBwriteX); + return ERROR_DOS(ERRDOS,ERRbadaccess); + } #endif /* LARGE_SMB_OFF_T */ - } - - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { - END_PROFILE(SMBwriteX); - return ERROR_DOS(ERRDOS,ERRlock); - } - - /* X/Open SMB protocol says that, unlike SMBwrite - if the length is zero then NO truncation is - done, just a write of zero. To truncate a file, - use SMBwrite. */ - if(numtowrite == 0) - nwritten = 0; - else - nwritten = write_file(fsp,data,startpos,numtowrite); + } + + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { + END_PROFILE(SMBwriteX); + return ERROR_DOS(ERRDOS,ERRlock); + } + + /* X/Open SMB protocol says that, unlike SMBwrite + if the length is zero then NO truncation is + done, just a write of zero. To truncate a file, + use SMBwrite. */ + + if(numtowrite == 0) + nwritten = 0; + else + nwritten = write_file(fsp,data,startpos,numtowrite); - if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { - END_PROFILE(SMBwriteX); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } + if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { + END_PROFILE(SMBwriteX); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } - set_message(outbuf,6,0,True); + set_message(outbuf,6,0,True); - SSVAL(outbuf,smb_vwv2,nwritten); - if (large_writeX) - SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1); + SSVAL(outbuf,smb_vwv2,nwritten); + if (large_writeX) + SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1); - if (nwritten < (ssize_t)numtowrite) { - SCVAL(outbuf,smb_rcls,ERRHRD); - SSVAL(outbuf,smb_err,ERRdiskfull); - } + if (nwritten < (ssize_t)numtowrite) { + SCVAL(outbuf,smb_rcls,ERRHRD); + SSVAL(outbuf,smb_err,ERRdiskfull); + } - DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n", - fsp->fnum, (int)numtowrite, (int)nwritten)); + DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n", + fsp->fnum, (int)numtowrite, (int)nwritten)); - if (lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); + if (lp_syncalways(SNUM(conn)) || write_through) + sync_file(conn,fsp); - END_PROFILE(SMBwriteX); - return chain_reply(inbuf,outbuf,length,bufsize); + END_PROFILE(SMBwriteX); + return chain_reply(inbuf,outbuf,length,bufsize); } /**************************************************************************** @@ -2257,80 +2215,87 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - SMB_OFF_T startpos; - SMB_OFF_T res= -1; - int mode,umode; - int outsize = 0; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - START_PROFILE(SMBlseek); + SMB_OFF_T startpos; + SMB_OFF_T res= -1; + int mode,umode; + int outsize = 0; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + START_PROFILE(SMBlseek); - CHECK_FSP(fsp,conn); + CHECK_FSP(fsp,conn); - flush_write_cache(fsp, SEEK_FLUSH); + flush_write_cache(fsp, SEEK_FLUSH); - mode = SVAL(inbuf,smb_vwv1) & 3; - /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */ - startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2); + mode = SVAL(inbuf,smb_vwv1) & 3; + /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */ + startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2); - switch (mode) { - case 0: umode = SEEK_SET; break; - case 1: umode = SEEK_CUR; break; - case 2: umode = SEEK_END; break; - default: - umode = SEEK_SET; break; - } + switch (mode) { + case 0: + umode = SEEK_SET; + break; + case 1: + umode = SEEK_CUR; + break; + case 2: + umode = SEEK_END; + break; + default: + umode = SEEK_SET; + break; + } - if((res = conn->vfs_ops.lseek(fsp,fsp->fd,startpos,umode)) == -1) { - /* - * Check for the special case where a seek before the start - * of the file sets the offset to zero. Added in the CIFS spec, - * section 4.2.7. - */ + if((res = conn->vfs_ops.lseek(fsp,fsp->fd,startpos,umode)) == -1) { + /* + * Check for the special case where a seek before the start + * of the file sets the offset to zero. Added in the CIFS spec, + * section 4.2.7. + */ - if(errno == EINVAL) { - SMB_OFF_T current_pos = startpos; + if(errno == EINVAL) { + SMB_OFF_T current_pos = startpos; - if(umode == SEEK_CUR) { + if(umode == SEEK_CUR) { - if((current_pos = conn->vfs_ops.lseek(fsp,fsp->fd,0,SEEK_CUR)) == -1) { - END_PROFILE(SMBlseek); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } + if((current_pos = conn->vfs_ops.lseek(fsp,fsp->fd,0,SEEK_CUR)) == -1) { + END_PROFILE(SMBlseek); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } - current_pos += startpos; + current_pos += startpos; - } else if (umode == SEEK_END) { + } else if (umode == SEEK_END) { - SMB_STRUCT_STAT sbuf; + SMB_STRUCT_STAT sbuf; - if(vfs_fstat(fsp,fsp->fd, &sbuf) == -1) { - END_PROFILE(SMBlseek); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } + if(vfs_fstat(fsp,fsp->fd, &sbuf) == -1) { + END_PROFILE(SMBlseek); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } - current_pos += sbuf.st_size; - } + current_pos += sbuf.st_size; + } - if(current_pos < 0) - res = conn->vfs_ops.lseek(fsp,fsp->fd,0,SEEK_SET); - } + if(current_pos < 0) + res = conn->vfs_ops.lseek(fsp,fsp->fd,0,SEEK_SET); + } - if(res == -1) { - END_PROFILE(SMBlseek); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - } + if(res == -1) { + END_PROFILE(SMBlseek); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + } - fsp->pos = res; + fsp->pos = res; - outsize = set_message(outbuf,2,0,True); - SIVAL(outbuf,smb_vwv0,res); + outsize = set_message(outbuf,2,0,True); + SIVAL(outbuf,smb_vwv0,res); - DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n", - fsp->fnum, (double)startpos, (double)res, mode)); + DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n", + fsp->fnum, (double)startpos, (double)res, mode)); - END_PROFILE(SMBlseek); - return(outsize); + END_PROFILE(SMBlseek); + return(outsize); } /**************************************************************************** @@ -2696,6 +2661,7 @@ int reply_printopen(connection_struct *conn, /**************************************************************************** Reply to a printclose. ****************************************************************************/ + int reply_printclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { @@ -2803,32 +2769,33 @@ int reply_printqueue(connection_struct *conn, int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int numtowrite; - int outsize = set_message(outbuf,0,0,True); - char *data; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); - START_PROFILE(SMBsplwr); + int numtowrite; + int outsize = set_message(outbuf,0,0,True); + char *data; + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + + START_PROFILE(SMBsplwr); - if (!CAN_PRINT(conn)) { - END_PROFILE(SMBsplwr); - return ERROR_DOS(ERRDOS,ERRnoaccess); - } + if (!CAN_PRINT(conn)) { + END_PROFILE(SMBsplwr); + return ERROR_DOS(ERRDOS,ERRnoaccess); + } - CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); + CHECK_FSP(fsp,conn); + CHECK_WRITE(fsp); - numtowrite = SVAL(smb_buf(inbuf),1); - data = smb_buf(inbuf) + 3; + numtowrite = SVAL(smb_buf(inbuf),1); + data = smb_buf(inbuf) + 3; - if (write_file(fsp,data,-1,numtowrite) != numtowrite) { - END_PROFILE(SMBsplwr); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } + if (write_file(fsp,data,-1,numtowrite) != numtowrite) { + END_PROFILE(SMBsplwr); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } - DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) ); + DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) ); - END_PROFILE(SMBsplwr); - return(outsize); + END_PROFILE(SMBsplwr); + return(outsize); } /**************************************************************************** @@ -3024,38 +2991,36 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - pstring directory; - int outsize = 0; - BOOL ok = False; - BOOL bad_path = False; - SMB_STRUCT_STAT sbuf; - START_PROFILE(SMBrmdir); + pstring directory; + int outsize = 0; + BOOL ok = False; + BOOL bad_path = False; + SMB_STRUCT_STAT sbuf; + START_PROFILE(SMBrmdir); - srvstr_pull_buf(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), STR_TERMINATE); + srvstr_pull_buf(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), STR_TERMINATE); - RESOLVE_DFSPATH(directory, conn, inbuf, outbuf) + RESOLVE_DFSPATH(directory, conn, inbuf, outbuf) - unix_convert(directory,conn, NULL,&bad_path,&sbuf); + unix_convert(directory,conn, NULL,&bad_path,&sbuf); - if (check_name(directory,conn)) - { - dptr_closepath(directory,SVAL(inbuf,smb_pid)); - ok = rmdir_internals(conn, directory); - } + if (check_name(directory,conn)) { + dptr_closepath(directory,SVAL(inbuf,smb_pid)); + ok = rmdir_internals(conn, directory); + } - if (!ok) - { - set_bad_path_error(errno, bad_path); - END_PROFILE(SMBrmdir); - return(UNIXERROR(ERRDOS,ERRbadpath)); - } + if (!ok) { + set_bad_path_error(errno, bad_path); + END_PROFILE(SMBrmdir); + return(UNIXERROR(ERRDOS,ERRbadpath)); + } - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,True); - DEBUG( 3, ( "rmdir %s\n", directory ) ); + DEBUG( 3, ( "rmdir %s\n", directory ) ); - END_PROFILE(SMBrmdir); - return(outsize); + END_PROFILE(SMBrmdir); + return(outsize); } /******************************************************************* @@ -3064,63 +3029,66 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, static BOOL resolve_wildcards(char *name1,char *name2) { - fstring root1,root2; - fstring ext1,ext2; - char *p,*p2; + fstring root1,root2; + fstring ext1,ext2; + char *p,*p2; - name1 = strrchr_m(name1,'/'); - name2 = strrchr_m(name2,'/'); + name1 = strrchr_m(name1,'/'); + name2 = strrchr_m(name2,'/'); - if (!name1 || !name2) return(False); + if (!name1 || !name2) + return(False); - fstrcpy(root1,name1); - fstrcpy(root2,name2); - p = strrchr_m(root1,'.'); - if (p) { - *p = 0; - fstrcpy(ext1,p+1); - } else { - fstrcpy(ext1,""); - } - p = strrchr_m(root2,'.'); - if (p) { - *p = 0; - fstrcpy(ext2,p+1); - } else { - fstrcpy(ext2,""); - } - - p = root1; - p2 = root2; - while (*p2) { - if (*p2 == '?') { - *p2 = *p; - p2++; - } else { - p2++; - } - if (*p) p++; - } - - p = ext1; - p2 = ext2; - while (*p2) { - if (*p2 == '?') { - *p2 = *p; - p2++; - } else { - p2++; - } - if (*p) p++; - } - - pstrcpy(name2,root2); - if (ext2[0]) { - pstrcat(name2,"."); - pstrcat(name2,ext2); - } - - return(True); + fstrcpy(root1,name1); + fstrcpy(root2,name2); + p = strrchr_m(root1,'.'); + if (p) { + *p = 0; + fstrcpy(ext1,p+1); + } else { + fstrcpy(ext1,""); + } + p = strrchr_m(root2,'.'); + if (p) { + *p = 0; + fstrcpy(ext2,p+1); + } else { + fstrcpy(ext2,""); + } + + p = root1; + p2 = root2; + while (*p2) { + if (*p2 == '?') { + *p2 = *p; + p2++; + } else { + p2++; + } + if (*p) + p++; + } + + p = ext1; + p2 = ext2; + while (*p2) { + if (*p2 == '?') { + *p2 = *p; + p2++; + } else { + p2++; + } + if (*p) + p++; + } + + pstrcpy(name2,root2); + if (ext2[0]) { + pstrcat(name2,"."); + pstrcat(name2,ext2); + } + + return(True); } /**************************************************************************** @@ -3502,163 +3470,165 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = 0; - pstring name; - pstring directory; - pstring mask,newname; - char *p; - int count=0; - int error = ERRnoaccess; - int err = 0; - BOOL has_wild; - BOOL exists=False; - int tid2 = SVAL(inbuf,smb_vwv0); - int ofun = SVAL(inbuf,smb_vwv1); - int flags = SVAL(inbuf,smb_vwv2); - BOOL target_is_directory=False; - BOOL bad_path1 = False; - BOOL bad_path2 = False; - BOOL rc = True; - SMB_STRUCT_STAT sbuf1, sbuf2; - START_PROFILE(SMBcopy); - - *directory = *mask = 0; - - p = smb_buf(inbuf); - p += srvstr_pull_buf(inbuf, name, p, sizeof(name), STR_TERMINATE); - p += srvstr_pull_buf(inbuf, newname, p, sizeof(newname), STR_TERMINATE); + int outsize = 0; + pstring name; + pstring directory; + pstring mask,newname; + char *p; + int count=0; + int error = ERRnoaccess; + int err = 0; + BOOL has_wild; + BOOL exists=False; + int tid2 = SVAL(inbuf,smb_vwv0); + int ofun = SVAL(inbuf,smb_vwv1); + int flags = SVAL(inbuf,smb_vwv2); + BOOL target_is_directory=False; + BOOL bad_path1 = False; + BOOL bad_path2 = False; + BOOL rc = True; + SMB_STRUCT_STAT sbuf1, sbuf2; + + START_PROFILE(SMBcopy); + + *directory = *mask = 0; + + p = smb_buf(inbuf); + p += srvstr_pull_buf(inbuf, name, p, sizeof(name), STR_TERMINATE); + p += srvstr_pull_buf(inbuf, newname, p, sizeof(newname), STR_TERMINATE); - DEBUG(3,("reply_copy : %s -> %s\n",name,newname)); + DEBUG(3,("reply_copy : %s -> %s\n",name,newname)); - if (tid2 != conn->cnum) { - /* can't currently handle inter share copies XXXX */ - DEBUG(3,("Rejecting inter-share copy\n")); - END_PROFILE(SMBcopy); - return ERROR_DOS(ERRSRV,ERRinvdevice); - } - - RESOLVE_DFSPATH(name, conn, inbuf, outbuf); - RESOLVE_DFSPATH(newname, conn, inbuf, outbuf); - - rc = unix_convert(name,conn,0,&bad_path1,&sbuf1); - unix_convert(newname,conn,0,&bad_path2,&sbuf2); - - target_is_directory = VALID_STAT_OF_DIR(sbuf2); - - if ((flags&1) && target_is_directory) { - END_PROFILE(SMBcopy); - return ERROR_DOS(ERRDOS,ERRbadfile); - } - - if ((flags&2) && !target_is_directory) { - END_PROFILE(SMBcopy); - return ERROR_DOS(ERRDOS,ERRbadpath); - } - - if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) { - /* wants a tree copy! XXXX */ - DEBUG(3,("Rejecting tree copy\n")); - END_PROFILE(SMBcopy); - return ERROR_DOS(ERRSRV,ERRerror); - } - - p = strrchr_m(name,'/'); - if (!p) { - pstrcpy(directory,"./"); - pstrcpy(mask,name); - } else { - *p = 0; - pstrcpy(directory,name); - pstrcpy(mask,p+1); - } - - /* - * We should only check the mangled cache - * here if unix_convert failed. This means - * that the path in 'mask' doesn't exist - * on the file system and so we need to look - * for a possible mangle. This patch from - * Tine Smukavec . - */ - - if (!rc && mangle_is_mangled(mask)) - mangle_check_cache( mask ); - - has_wild = ms_has_wild(mask); - - if (!has_wild) { - pstrcat(directory,"/"); - pstrcat(directory,mask); - if (resolve_wildcards(directory,newname) && - copy_file(directory,newname,conn,ofun, - count,target_is_directory,&err)) count++; - if(!count && err) { - errno = err; + if (tid2 != conn->cnum) { + /* can't currently handle inter share copies XXXX */ + DEBUG(3,("Rejecting inter-share copy\n")); END_PROFILE(SMBcopy); - return(UNIXERROR(ERRHRD,ERRgeneral)); + return ERROR_DOS(ERRSRV,ERRinvdevice); } - if (!count) exists = vfs_file_exist(conn,directory,NULL); - } else { - void *dirptr = NULL; - char *dname; - pstring destname; - if (check_name(directory,conn)) - dirptr = OpenDir(conn, directory, True); + RESOLVE_DFSPATH(name, conn, inbuf, outbuf); + RESOLVE_DFSPATH(newname, conn, inbuf, outbuf); - if (dirptr) { - error = ERRbadfile; + rc = unix_convert(name,conn,0,&bad_path1,&sbuf1); + unix_convert(newname,conn,0,&bad_path2,&sbuf2); - if (strequal(mask,"????????.???")) - pstrcpy(mask,"*"); + target_is_directory = VALID_STAT_OF_DIR(sbuf2); - while ((dname = ReadDirName(dirptr))) { - pstring fname; - pstrcpy(fname,dname); - - if(!mask_match(fname, mask, case_sensitive)) - continue; + if ((flags&1) && target_is_directory) { + END_PROFILE(SMBcopy); + return ERROR_DOS(ERRDOS,ERRbadfile); + } - error = ERRnoaccess; - slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - pstrcpy(destname,newname); - if (resolve_wildcards(fname,destname) && - copy_file(fname,destname,conn,ofun, - count,target_is_directory,&err)) count++; - DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname)); - } - CloseDir(dirptr); - } - } + if ((flags&2) && !target_is_directory) { + END_PROFILE(SMBcopy); + return ERROR_DOS(ERRDOS,ERRbadpath); + } + + if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) { + /* wants a tree copy! XXXX */ + DEBUG(3,("Rejecting tree copy\n")); + END_PROFILE(SMBcopy); + return ERROR_DOS(ERRSRV,ERRerror); + } + + p = strrchr_m(name,'/'); + if (!p) { + pstrcpy(directory,"./"); + pstrcpy(mask,name); + } else { + *p = 0; + pstrcpy(directory,name); + pstrcpy(mask,p+1); + } + + /* + * We should only check the mangled cache + * here if unix_convert failed. This means + * that the path in 'mask' doesn't exist + * on the file system and so we need to look + * for a possible mangle. This patch from + * Tine Smukavec . + */ + + if (!rc && mangle_is_mangled(mask)) + mangle_check_cache( mask ); + + has_wild = ms_has_wild(mask); + + if (!has_wild) { + pstrcat(directory,"/"); + pstrcat(directory,mask); + if (resolve_wildcards(directory,newname) && + copy_file(directory,newname,conn,ofun, count,target_is_directory,&err)) + count++; + if(!count && err) { + errno = err; + END_PROFILE(SMBcopy); + return(UNIXERROR(ERRHRD,ERRgeneral)); + } + if (!count) { + exists = vfs_file_exist(conn,directory,NULL); + } + } else { + void *dirptr = NULL; + char *dname; + pstring destname; + + if (check_name(directory,conn)) + dirptr = OpenDir(conn, directory, True); + + if (dirptr) { + error = ERRbadfile; + + if (strequal(mask,"????????.???")) + pstrcpy(mask,"*"); + + while ((dname = ReadDirName(dirptr))) { + pstring fname; + pstrcpy(fname,dname); + + if(!mask_match(fname, mask, case_sensitive)) + continue; + + error = ERRnoaccess; + slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); + pstrcpy(destname,newname); + if (resolve_wildcards(fname,destname) && + copy_file(fname,destname,conn,ofun, + count,target_is_directory,&err)) + count++; + DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname)); + } + CloseDir(dirptr); + } + } - if (count == 0) { - if(err) { - /* Error on close... */ - errno = err; - END_PROFILE(SMBcopy); - return(UNIXERROR(ERRHRD,ERRgeneral)); - } - - if (exists) { - END_PROFILE(SMBcopy); - return ERROR_DOS(ERRDOS,error); - } else - { - if((errno == ENOENT) && (bad_path1 || bad_path2)) - { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; - } - END_PROFILE(SMBcopy); - return(UNIXERROR(ERRDOS,error)); - } - } + if (count == 0) { + if(err) { + /* Error on close... */ + errno = err; + END_PROFILE(SMBcopy); + return(UNIXERROR(ERRHRD,ERRgeneral)); + } + + if (exists) { + END_PROFILE(SMBcopy); + return ERROR_DOS(ERRDOS,error); + } else { + if((errno == ENOENT) && (bad_path1 || bad_path2)) { + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRbadpath; + } + END_PROFILE(SMBcopy); + return(UNIXERROR(ERRDOS,error)); + } + } - outsize = set_message(outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,count); + outsize = set_message(outbuf,1,0,True); + SSVAL(outbuf,smb_vwv0,count); - END_PROFILE(SMBcopy); - return(outsize); + END_PROFILE(SMBcopy); + return(outsize); } /**************************************************************************** @@ -3667,41 +3637,41 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int snum; - int outsize = 0; - BOOL ok = False; - pstring newdir; - START_PROFILE(pathworks_setdir); + int snum; + int outsize = 0; + BOOL ok = False; + pstring newdir; + + START_PROFILE(pathworks_setdir); - snum = SNUM(conn); - if (!CAN_SETDIR(snum)) { - END_PROFILE(pathworks_setdir); - return ERROR_DOS(ERRDOS,ERRnoaccess); - } + snum = SNUM(conn); + if (!CAN_SETDIR(snum)) { + END_PROFILE(pathworks_setdir); + return ERROR_DOS(ERRDOS,ERRnoaccess); + } - srvstr_pull_buf(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), STR_TERMINATE); + srvstr_pull_buf(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), STR_TERMINATE); - if (strlen(newdir) == 0) { - ok = True; - } else { - ok = vfs_directory_exist(conn,newdir,NULL); - if (ok) { - string_set(&conn->connectpath,newdir); - } - } + if (strlen(newdir) == 0) { + ok = True; + } else { + ok = vfs_directory_exist(conn,newdir,NULL); + if (ok) + string_set(&conn->connectpath,newdir); + } - if (!ok) { - END_PROFILE(pathworks_setdir); - return ERROR_DOS(ERRDOS,ERRbadpath); - } + if (!ok) { + END_PROFILE(pathworks_setdir); + return ERROR_DOS(ERRDOS,ERRbadpath); + } - outsize = set_message(outbuf,0,0,True); - SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh)); + outsize = set_message(outbuf,0,0,True); + SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh)); - DEBUG(3,("setdir %s\n", newdir)); + DEBUG(3,("setdir %s\n", newdir)); - END_PROFILE(pathworks_setdir); - return(outsize); + END_PROFILE(pathworks_setdir); + return(outsize); } /**************************************************************************** @@ -3722,36 +3692,36 @@ uint16 get_lock_pid( char *data, int data_offset, BOOL large_file_format) SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format) { - SMB_BIG_UINT count = 0; + SMB_BIG_UINT count = 0; - if(!large_file_format) { - count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset)); - } else { + if(!large_file_format) { + count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset)); + } else { #if defined(HAVE_LONGLONG) - count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) | - ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset))); + count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) | + ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset))); #else /* HAVE_LONGLONG */ - /* - * NT4.x seems to be broken in that it sends large file (64 bit) - * lockingX calls even if the CAP_LARGE_FILES was *not* - * negotiated. For boxes without large unsigned ints truncate the - * lock count by dropping the top 32 bits. - */ - - if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) { - DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n", - (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)), - (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) )); - SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0); - } - - count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)); + /* + * NT4.x seems to be broken in that it sends large file (64 bit) + * lockingX calls even if the CAP_LARGE_FILES was *not* + * negotiated. For boxes without large unsigned ints truncate the + * lock count by dropping the top 32 bits. + */ + + if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) { + DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n", + (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)), + (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) )); + SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0); + } + + count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)); #endif /* HAVE_LONGLONG */ - } + } - return count; + return count; } #if !defined(HAVE_LONGLONG) @@ -3794,47 +3764,47 @@ static uint32 map_lock_offset(uint32 high, uint32 low) SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err) { - SMB_BIG_UINT offset = 0; + SMB_BIG_UINT offset = 0; - *err = False; + *err = False; - if(!large_file_format) { - offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset)); - } else { + if(!large_file_format) { + offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset)); + } else { #if defined(HAVE_LONGLONG) - offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) | - ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset))); + offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) | + ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset))); #else /* HAVE_LONGLONG */ - /* - * NT4.x seems to be broken in that it sends large file (64 bit) - * lockingX calls even if the CAP_LARGE_FILES was *not* - * negotiated. For boxes without large unsigned ints mangle the - * lock offset by mapping the top 32 bits onto the lower 32. - */ + /* + * NT4.x seems to be broken in that it sends large file (64 bit) + * lockingX calls even if the CAP_LARGE_FILES was *not* + * negotiated. For boxes without large unsigned ints mangle the + * lock offset by mapping the top 32 bits onto the lower 32. + */ - if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) { - uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)); - uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)); - uint32 new_low = 0; - - if((new_low = map_lock_offset(high, low)) == 0) { - *err = True; - return (SMB_BIG_UINT)-1; - } - - DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n", - (unsigned int)high, (unsigned int)low, (unsigned int)new_low )); - SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0); - SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low); - } - - offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)); + if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) { + uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)); + uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)); + uint32 new_low = 0; + + if((new_low = map_lock_offset(high, low)) == 0) { + *err = True; + return (SMB_BIG_UINT)-1; + } + + DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n", + (unsigned int)high, (unsigned int)low, (unsigned int)new_low )); + SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0); + SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low); + } + + offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)); #endif /* HAVE_LONGLONG */ - } + } - return offset; + return offset; } /**************************************************************************** -- cgit From d4103a09918bf375804bb102ac29237345f59978 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 4 Dec 2002 22:48:13 +0000 Subject: Added Volker's directory fix - save the attributes from the first call. Jeremy. (This used to be commit b60a441b91dccdeadc125476ac3306b938941057) --- source3/smbd/reply.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index adcc8c989d..6c2698c297 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -689,6 +689,9 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_DOS(ERRDOS,ERRnofids); } dptr_set_wcard(dptr_num, strdup(mask)); + dptr_set_attr(dptr_num, dirtype); + } else { + dirtype = dptr_attr(dptr_num); } DEBUG(4,("dptr_num is %d\n",dptr_num)); -- cgit From 00a20ce45f11e62470e60a8d5fcacc6b0b1f90a2 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 5 Dec 2002 04:00:16 +0000 Subject: The element in fsp->print_job should be a RAP jobid, not a uint32 RPC jobid. This was causing Win9x client "set name" calls to fail. Still need one cleanup fix to finish. Jeremy. (This used to be commit 6c23d2030ab8dddff4c849903c529f0012b94027) --- source3/smbd/reply.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6c2698c297..96b7692b1a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -353,8 +353,7 @@ int reply_ioctl(connection_struct *conn, switch (ioctl_code) { case IOCTL_QUERY_JOB_INFO: { - uint16 rap_jobid = pjobid_to_rap(SNUM(fsp->conn), fsp->print_jobid); - SSVAL(p,0,rap_jobid); /* Job number */ + SSVAL(p,0,fsp->rap_print_jobid); /* Job number */ srvstr_push(outbuf, p+2, global_myname(), 15, STR_TERMINATE|STR_ASCII); srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII); break; -- cgit From ce2b200add7129eb67da18afc7f44f0cf93c33ec Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 13 Dec 2002 19:07:37 +0000 Subject: Fix for old DOS client when veto files is set to /.*/ Jeremy. (This used to be commit 8e9f3b1574cd51d6b9880d9c8a676e695cd86062) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 96b7692b1a..de15faec81 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -654,7 +654,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size *p = 0; if (strlen(directory) == 0) - pstrcpy(directory,"./"); + pstrcpy(directory,"."); memset((char *)status,'\0',21); SCVAL(status,0,(dirtype & 0x1F)); } else { -- cgit From 0747016dfc280d9eac3e388f7b705a4351b55513 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Tue, 31 Dec 2002 10:25:11 +0000 Subject: from HEAD: fix for bad check spotted by Ray Simard (This used to be commit bcc633c4097661447731bda24a38be62c69bbed5) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index de15faec81..4335728afc 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1888,7 +1888,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n", fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through)); - if (nwritten < numtowrite) { + if (nwritten < (ssize_t)numtowrite) { END_PROFILE(SMBwritebraw); return(UNIXERROR(ERRHRD,ERRdiskfull)); } -- cgit From 634c54310c92c48dd4eceec602e230a021bdcfc5 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 3 Jan 2003 08:28:12 +0000 Subject: Merge from HEAD - make Samba compile with -Wwrite-strings without additional warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4335728afc..beccc1bba6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -271,7 +271,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message_end(outbuf,p); } else { /* NT sets the fstype of IPC$ to the null string */ - char *fsname = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); + const char *fsname = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); set_message(outbuf,3,0,True); -- cgit From a2cce2f0757413a117f6f69568c0b392ecf3079c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 8 Jan 2003 23:49:21 +0000 Subject: Ensure we return disk full by default on short writes. Jeremy. (This used to be commit 2a974bc284b9d193c24972d073b966eb9b3b3ad0) --- source3/smbd/reply.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index beccc1bba6..ef5a090243 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2011,7 +2011,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwriteunlock); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return(UNIXERROR(ERRHRD,ERRdiskfull)); } status = do_unlock(fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtowrite, @@ -2092,7 +2092,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwrite); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return(UNIXERROR(ERRHRD,ERRdiskfull)); } outsize = set_message(outbuf,1,0,True); @@ -2187,7 +2187,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwriteX); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return(UNIXERROR(ERRHRD,ERRdiskfull)); } set_message(outbuf,6,0,True); @@ -2465,9 +2465,9 @@ int reply_writeclose(connection_struct *conn, fsp->fnum, (int)numtowrite, (int)nwritten, conn->num_files_open)); - if (nwritten <= 0) { + if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwriteclose); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return(UNIXERROR(ERRHRD,ERRdiskfull)); } if(close_err != 0) { @@ -2791,7 +2791,7 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ if (write_file(fsp,data,-1,numtowrite) != numtowrite) { END_PROFILE(SMBsplwr); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return(UNIXERROR(ERRHRD,ERRdiskfull)); } DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) ); -- cgit From 27b7e51a3cc619f879655a3230611457ac43b9e7 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 14 Jan 2003 08:53:59 +0000 Subject: Merge from HEAD: - fstring/pstring mixups - the detection code that found them (disabled) - a bit of whitespace - a static Andrew Bartlett (This used to be commit 9b70fa868e7d9481f584c83fc4046174e1dedfd9) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ef5a090243..580878fe32 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -669,7 +669,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!conn->dirptr) goto SearchEmpty; string_set(&conn->dirpath,dptr_path(dptr_num)); - fstrcpy(mask, dptr_wcard(dptr_num)); + pstrcpy(mask, dptr_wcard(dptr_num)); } if (can_open) { -- cgit From fb3e4b87973e9ad0c818e8d9dd60329c47f22afe Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 27 Feb 2003 01:04:34 +0000 Subject: Fix to allow blocking lock notification to be done rapidly (no wait for smb -> smb lock release). Adds new PENDING_LOCK type to lockdb (does not interfere with existing locks). Jeremy. (This used to be commit 766928bbba1e597c9c2b12458dd8d37e6080593e) --- source3/smbd/reply.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 580878fe32..71e880476c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1609,7 +1609,8 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * this smb into a queued request and push it * onto the blocking lock queue. */ - if(push_blocking_lock_request(inbuf, length, -1, 0)) { + if(push_blocking_lock_request(inbuf, length, -1, 0, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)startpos, + (SMB_BIG_UINT)numtoread)) { END_PROFILE(SMBlockread); return -1; } @@ -2514,7 +2515,7 @@ int reply_lock(connection_struct *conn, * this smb into a queued request and push it * onto the blocking lock queue. */ - if(push_blocking_lock_request(inbuf, length, -1, 0)) { + if(push_blocking_lock_request(inbuf, length, -1, 0, SVAL(inbuf,smb_pid), offset, count)) { END_PROFILE(SMBlock); return -1; } @@ -3955,7 +3956,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); * this smb into a queued request and push it * onto the blocking lock queue. */ - if(push_blocking_lock_request(inbuf, length, lock_timeout, i)) { + if(push_blocking_lock_request(inbuf, length, lock_timeout, i, lock_pid, offset, count)) { END_PROFILE(SMBlockingX); return -1; } -- cgit From ad0d6509a761154c113e040a82ad78e72a3ccf30 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 17 Mar 2003 22:56:13 +0000 Subject: Merge from HEAD: - Make ReadDirName return a const char*. - Consequential changes from that - mark our fstring/pstring assumptions in function prototypes Andrew Bartlett (This used to be commit 10b53d7c6fd77f23433dd2ef12bb14b227147a48) --- source3/smbd/reply.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 71e880476c..ff1c0e5a52 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1305,7 +1305,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) } } else { void *dirptr = NULL; - char *dname; + const char *dname; if (check_name(directory,conn)) dirptr = OpenDir(conn, directory, True); @@ -2861,7 +2861,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, static BOOL recursive_rmdir(connection_struct *conn, char *directory) { - char *dname = NULL; + const char *dname = NULL; BOOL ret = False; void *dirptr = OpenDir(conn, directory, False); @@ -2926,7 +2926,7 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) * do a recursive delete) then fail the rmdir. */ BOOL all_veto_files = True; - char *dname; + const char *dname; void *dirptr = OpenDir(conn, directory, False); if(dirptr != NULL) { @@ -3285,7 +3285,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", * Wildcards - process each file that matches. */ void *dirptr = NULL; - char *dname; + const char *dname; pstring destname; if (check_name(directory,conn)) @@ -3574,7 +3574,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } } else { void *dirptr = NULL; - char *dname; + const char *dname; pstring destname; if (check_name(directory,conn)) -- cgit From cdc6fc8acb24645ccd0f2862741c9ea9e1c02829 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 18 Mar 2003 09:52:55 +0000 Subject: Add an extra parameter to our 'set_remote_machine_name' and 'set_local_machine_name' so that the client can't change it from under us. (.NET RC2 and WinXP install calls the machine 'machinename' during NTLMSSP on the domain join). Andrew Bartlett (This used to be commit 4c7163e7c2cc09bd95faa05156ee480957a7a4d8) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ff1c0e5a52..a738baa9ff 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -87,8 +87,8 @@ int reply_special(char *inbuf,char *outbuf) name2[15] = 0; } - set_local_machine_name(name1); - set_remote_machine_name(name2); + set_local_machine_name(name1, True); + set_remote_machine_name(name2, True); DEBUG(2,("netbios connect: local=%s remote=%s\n", get_local_machine_name(), get_remote_machine_name() )); -- cgit From d5ee9b2f480ddbda0b8f69409698d27c99384f9c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 18 Mar 2003 11:22:52 +0000 Subject: Jeremy merged across my string parinoia fixes, but forgot to enable them! :-) This patch catches up on the rest of the work - as much string checking as is possible is done at compile time, and the rest at runtime. Lots of code converted to pstrcpy() etc, and other code reworked to correctly call sizeof(). Andrew Bartlett (This used to be commit c5b604e2ee67d74241ae2fa07ae904647d35a2be) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a738baa9ff..775b617df5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -161,7 +161,7 @@ int reply_tcon(connection_struct *conn, *service_buf = *password = *dev = 0; p = smb_buf(inbuf)+1; - p += srvstr_pull_buf(inbuf, service_buf, p, sizeof(service), STR_TERMINATE) + 1; + p += srvstr_pull_buf(inbuf, service_buf, p, sizeof(service_buf), STR_TERMINATE) + 1; pwlen = srvstr_pull_buf(inbuf, password, p, sizeof(password), STR_TERMINATE) + 1; p += pwlen; p += srvstr_pull_buf(inbuf, dev, p, sizeof(dev), STR_TERMINATE) + 1; -- cgit From 70788c30fb6503a94d83d36eec3dd51a8700c4be Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 20 Mar 2003 18:13:27 +0000 Subject: Merge from HEAD (This used to be commit d59a7bea6b22a4c3e6cacd1a4c5ee95f42b13a26) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 775b617df5..7990585ef4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -276,7 +276,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message(outbuf,3,0,True); p = smb_buf(outbuf); - p += srvstr_push(outbuf, p, devicename, -1, + p += srvstr_push(outbuf, p, IS_IPC(conn) ? "IPC" : devicename, -1, STR_TERMINATE|STR_ASCII); p += srvstr_push(outbuf, p, fsname, -1, STR_TERMINATE); -- cgit From 8460dc43406db90c169232ca5562d9bf4c7d34e8 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 25 Mar 2003 04:14:54 +0000 Subject: win9x was suffered a case of the blues during a domain logon. For some reason, explicitly setting the service type during the tcon&X fixes this. (This used to be commit 4dd81caeff96d2b7f08b4846a524f917a85407a4) --- source3/smbd/reply.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7990585ef4..052884480b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -272,11 +272,20 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } else { /* NT sets the fstype of IPC$ to the null string */ const char *fsname = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); + const char *devicetype; + set_message(outbuf,3,0,True); + if ( IS_IPC(conn) ) + devicetype = "IPC"; + else if ( IS_PRINT(conn) ) + devicetype = "LPT:"; + else + devicetype = "A:"; + p = smb_buf(outbuf); - p += srvstr_push(outbuf, p, IS_IPC(conn) ? "IPC" : devicename, -1, + p += srvstr_push(outbuf, p, IS_IPC(conn) ? "IPC" : devicetype, -1, STR_TERMINATE|STR_ASCII); p += srvstr_push(outbuf, p, fsname, -1, STR_TERMINATE); -- cgit From fa4b83ce922314892c90caaf5c7216be5e73ccd7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 26 Mar 2003 22:15:21 +0000 Subject: Fix DOS del command with widelinks = False. Jeremy. (This used to be commit ef1782121bc4ebcdd2731fd6863209352f815dbe) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 052884480b..acd8dbbc7c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -397,7 +397,8 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (check_name(name,conn)) { if (VALID_STAT(sbuf) || vfs_stat(conn,name,&sbuf) == 0) - ok = S_ISDIR(sbuf.st_mode); + if (!(ok = S_ISDIR(sbuf.st_mode))) + errno = ENOTDIR; } if (!ok) { -- cgit From 9676bf7e5c400dab8ee806ea77459e313fdbfe95 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 27 Mar 2003 22:27:53 +0000 Subject: cleanup the IPC/LPT:/A: mess I started (This used to be commit e6034a03d543d8672303f2b24982cfc03b124391) --- source3/smbd/reply.c | 35 +++++++++++++++++++---------------- 1 file changed, 19 insertions(+), 16 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index acd8dbbc7c..77f4c6783f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -204,16 +204,21 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt { fstring service; DATA_BLOB password; - pstring devicename; + + /* what the cleint thinks the device is */ + fstring client_devicetype; + /* what the server tells the client the share represents */ + const char *server_devicetype; NTSTATUS nt_status; uint16 vuid = SVAL(inbuf,smb_uid); int passlen = SVAL(inbuf,smb_vwv3); pstring path; char *p, *q; extern BOOL global_encrypted_passwords_negotiated; + START_PROFILE(SMBtconX); - *service = *devicename = 0; + *service = *client_devicetype = 0; /* we might have to close an old one */ if ((SVAL(inbuf,smb_vwv2) & 0x1) && conn) { @@ -250,11 +255,11 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt else fstrcpy(service,path); - p += srvstr_pull(inbuf, devicename, p, sizeof(devicename), 6, STR_ASCII); + p += srvstr_pull(inbuf, client_devicetype, p, sizeof(client_devicetype), 6, STR_ASCII); - DEBUG(4,("Got device type %s\n",devicename)); + DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service)); - conn = make_connection(service,password,devicename,vuid,&nt_status); + conn = make_connection(service,password,client_devicetype,vuid,&nt_status); data_blob_clear_free(&password); @@ -263,29 +268,27 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return ERROR_NT(nt_status); } + if ( IS_IPC(conn) ) + server_devicetype = "IPC"; + else if ( IS_PRINT(conn) ) + server_devicetype = "LPT:"; + else + server_devicetype = "A:"; + if (Protocol < PROTOCOL_NT1) { set_message(outbuf,2,0,True); p = smb_buf(outbuf); - p += srvstr_push(outbuf, p, devicename, -1, + p += srvstr_push(outbuf, p, server_devicetype, -1, STR_TERMINATE|STR_ASCII); set_message_end(outbuf,p); } else { /* NT sets the fstype of IPC$ to the null string */ const char *fsname = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); - const char *devicetype; - set_message(outbuf,3,0,True); - if ( IS_IPC(conn) ) - devicetype = "IPC"; - else if ( IS_PRINT(conn) ) - devicetype = "LPT:"; - else - devicetype = "A:"; - p = smb_buf(outbuf); - p += srvstr_push(outbuf, p, IS_IPC(conn) ? "IPC" : devicetype, -1, + p += srvstr_push(outbuf, p, server_devicetype, -1, STR_TERMINATE|STR_ASCII); p += srvstr_push(outbuf, p, fsname, -1, STR_TERMINATE); -- cgit From 045db5d0458b331e987d82d6e9a61a0b85957d17 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 9 Apr 2003 22:31:37 +0000 Subject: Ensure we have WinXP-like semantics for checking TIDs and FIDs. Jeremy. (This used to be commit 52e44dde4ef9717eae7cf454f56d309fdd4b7d1f) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 77f4c6783f..7da5c877a7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1464,6 +1464,7 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int dum_buffsize) { + extern struct current_user current_user; ssize_t maxcount,mincount; size_t nread = 0; SMB_OFF_T startpos; @@ -2361,6 +2362,7 @@ int reply_exit(connection_struct *conn, int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { + extern struct current_user current_user; int outsize = 0; time_t mtime; int32 eclass = 0, err = 0; @@ -2381,7 +2383,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * We can only use CHECK_FSP if we know it's not a directory. */ - if(!fsp || (fsp->conn != conn)) { + if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) { END_PROFILE(SMBclose); return ERROR_DOS(ERRDOS,ERRbadfid); } -- cgit From 14e03aed2970d75cba216741d74363fc353955d2 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 11 Apr 2003 23:28:15 +0000 Subject: cleanup lanman printing= for win98; device type is LPT1:; patch by Steve L. (This used to be commit 36d62e5667f3b9e39362fb3907bf69697fca3ea6) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7da5c877a7..c4147f78b1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -271,7 +271,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if ( IS_IPC(conn) ) server_devicetype = "IPC"; else if ( IS_PRINT(conn) ) - server_devicetype = "LPT:"; + server_devicetype = "LPT1:"; else server_devicetype = "A:"; -- cgit From e1ea87ff03f7029f309a119e6be726a11000ab34 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 11 Apr 2003 23:48:24 +0000 Subject: * We must return 0x2 as the majorversion for nt4 to upload drivers * fix bug found by clobber_region() (This used to be commit b2e29c7bd45f8f33d9ed58fe75bbf5ffc78350f5) --- source3/smbd/reply.c | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c4147f78b1..0ccb4d0e9d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3045,20 +3045,22 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, Resolve wildcards in a filename rename. ********************************************************************/ -static BOOL resolve_wildcards(char *name1,char *name2) +static BOOL resolve_wildcards(const char *name1, char *name2) { fstring root1,root2; fstring ext1,ext2; - char *p,*p2; + char *p,*p2, *pname1, *pname2; + int available_space; + - name1 = strrchr_m(name1,'/'); - name2 = strrchr_m(name2,'/'); + pname1 = strrchr_m(name1,'/'); + pname2 = strrchr_m(name2,'/'); - if (!name1 || !name2) + if (!pname1 || !pname2) return(False); - fstrcpy(root1,name1); - fstrcpy(root2,name2); + fstrcpy(root1,pname1); + fstrcpy(root2,pname2); p = strrchr_m(root1,'.'); if (p) { *p = 0; @@ -3100,10 +3102,13 @@ static BOOL resolve_wildcards(char *name1,char *name2) p++; } - pstrcpy(name2,root2); + available_space = sizeof(pstring) - PTR_DIFF(pname2, name2); + + StrnCpy(pname2, root2, available_space-1); + available_space -= strlen(root2); if (ext2[0]) { - pstrcat(name2,"."); - pstrcat(name2,ext2); + strncat(pname2, ".", available_space-1); + strncat(pname2, ext2, available_space-2); } return(True); -- cgit From c8cc8bb60c77a4908be2757c78972c51c2ff700d Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Sun, 13 Apr 2003 23:45:35 +0000 Subject: Merge of Simo's strncat -> StrnCpy fix. (This used to be commit a2b1a7533ed997848f9dc0fcd1ffc3d4b4e8117d) --- source3/smbd/reply.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0ccb4d0e9d..d655184042 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3104,11 +3104,10 @@ static BOOL resolve_wildcards(const char *name1, char *name2) available_space = sizeof(pstring) - PTR_DIFF(pname2, name2); - StrnCpy(pname2, root2, available_space-1); - available_space -= strlen(root2); if (ext2[0]) { - strncat(pname2, ".", available_space-1); - strncat(pname2, ext2, available_space-2); + snprintf(pname2, available_space - 1, "%s.%s", root2, ext2); + } else { + StrnCpy(pname2, root2, available_space - 1); } return(True); -- cgit From be86f6555a74ca8eb321e25aef618f6e9ced731c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 23 Apr 2003 11:11:02 +0000 Subject: Make the variable name match the comment. Andrew Bartlett (This used to be commit 5a577f8cafa7375bd8485763f163de939ddc4a39) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d655184042..3bb161e0cb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -283,14 +283,14 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message_end(outbuf,p); } else { /* NT sets the fstype of IPC$ to the null string */ - const char *fsname = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); + const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); set_message(outbuf,3,0,True); p = smb_buf(outbuf); p += srvstr_push(outbuf, p, server_devicetype, -1, STR_TERMINATE|STR_ASCII); - p += srvstr_push(outbuf, p, fsname, -1, + p += srvstr_push(outbuf, p, fstype, -1, STR_TERMINATE); set_message_end(outbuf,p); -- cgit From 2a3a9f0bf43c3bf99a71f7296bb5ff6199893fea Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 23 Apr 2003 13:27:35 +0000 Subject: Merge the 'safe' parts of my StrnCpy patch - many of the users really wanted a pstrcpy/fstrcpy or at most a safe_strcpy(). These have the advantage of being compiler-verifiable. Get these out of the way, along with a rewrite of 'get_short_archi' in the spoolss client and server. (This pushes around const string pointers, rather than copied strings). Andrew Bartlett (This used to be commit 32fb801ddc035e8971e9911ed4b6e51892e9d1cc) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3bb161e0cb..9577196bfe 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3107,7 +3107,7 @@ static BOOL resolve_wildcards(const char *name1, char *name2) if (ext2[0]) { snprintf(pname2, available_space - 1, "%s.%s", root2, ext2); } else { - StrnCpy(pname2, root2, available_space - 1); + pstrcpy_base(pname2, root2, name2); } return(True); -- cgit From e7c8c15888454043c73967635deb4d3419a489e9 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy Date: Sun, 11 May 2003 23:34:18 +0000 Subject: Fix VFS layer: 1. Finally work with cascaded modules with private data storage per module 2. Convert VFS API to macro calls to simplify cascading 3. Add quota support to VFS layer (prepare to NT quota support) Patch by Stefan (metze) Metzemacher, with review of Jelmer and me Tested in past few weeks. Documentation to new VFS API for third-party developers to follow (This used to be commit 91984ef5caa2d13c5d52e1f535bd3bbbae1ec978) --- source3/smbd/reply.c | 56 ++++++++++++++++++++++++++-------------------------- 1 file changed, 28 insertions(+), 28 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9577196bfe..49a9b934b0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -399,7 +399,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size mode = SVAL(inbuf,smb_vwv0); if (check_name(name,conn)) { - if (VALID_STAT(sbuf) || vfs_stat(conn,name,&sbuf) == 0) + if (VALID_STAT(sbuf) || VFS_STAT(conn,name,&sbuf) == 0) if (!(ok = S_ISDIR(sbuf.st_mode))) errno = ENOTDIR; } @@ -458,7 +458,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } else { unix_convert(fname,conn,0,&bad_path,&sbuf); if (check_name(fname,conn)) { - if (VALID_STAT(sbuf) || vfs_stat(conn,fname,&sbuf) == 0) { + if (VALID_STAT(sbuf) || VFS_STAT(conn,fname,&sbuf) == 0) { mode = dos_mode(conn,fname,&sbuf); size = sbuf.st_size; mtime = sbuf.st_mtime; @@ -553,7 +553,7 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz SMB_BIG_UINT dfree,dsize,bsize; START_PROFILE(SMBdskattr); - conn->vfs_ops.disk_free(conn,".",True,&bsize,&dfree,&dsize); + VFS_DISK_FREE(conn,".",True,&bsize,&dfree,&dsize); outsize = set_message(outbuf,5,0,True); @@ -1128,7 +1128,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRDOS,ERRnoaccess)); } - vfs_stat(conn,fname,&sbuf); + VFS_STAT(conn,fname,&sbuf); /* Open file in dos compatibility share mode. */ /* We should fail if file does not exist. */ @@ -1227,7 +1227,7 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) if (!CAN_WRITE(conn)) return NT_STATUS_MEDIA_WRITE_PROTECTED; - if (conn->vfs_ops.lstat(conn,fname,&sbuf) != 0) + if (VFS_LSTAT(conn,fname,&sbuf) != 0) return NT_STATUS_OBJECT_NAME_NOT_FOUND; fmode = dos_mode(conn,fname,&sbuf); @@ -1313,7 +1313,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) error = can_delete(directory,conn,dirtype); if (!NT_STATUS_IS_OK(error)) return error; - if (vfs_unlink(conn,directory) == 0) { + if (VFS_UNLINK(conn,directory) == 0) { count++; } } else { @@ -1343,7 +1343,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); error = can_delete(fname,conn,dirtype); if (!NT_STATUS_IS_OK(error)) continue; - if (vfs_unlink(conn,fname) == 0) count++; + if (VFS_UNLINK(conn,fname) == 0) count++; DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } CloseDir(dirptr); @@ -1429,7 +1429,7 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st header.length = 4; header.free = NULL; - if ( conn->vfs_ops.sendfile( smbd_server_fd(), fsp, fsp->fd, &header, startpos, nread) == -1) { + if ( VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, nread) == -1) { /* * Special hack for broken Linux with no 64 bit clean sendfile. If we * return ENOSYS then pretend we just got a normal read. @@ -1554,7 +1554,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if (size < sizeneeded) { SMB_STRUCT_STAT st; - if (vfs_fstat(fsp,fsp->fd,&st) == 0) + if (VFS_FSTAT(fsp,fsp->fd,&st) == 0) size = st.st_size; if (!fsp->can_write) fsp->size = size; @@ -1723,7 +1723,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length SMB_STRUCT_STAT sbuf; DATA_BLOB header; - if(vfs_fstat(fsp,fsp->fd, &sbuf) == -1) + if(VFS_FSTAT(fsp,fsp->fd, &sbuf) == -1) return(UNIXERROR(ERRDOS,ERRnoaccess)); if (startpos > sbuf.st_size) @@ -1750,7 +1750,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length header.length = data - outbuf; header.free = NULL; - if ( conn->vfs_ops.sendfile( smbd_server_fd(), fsp, fsp->fd, &header, startpos, smb_maxcnt) == -1) { + if ( VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, smb_maxcnt) == -1) { /* * Special hack for broken Linux with no 64 bit clean sendfile. If we * return ENOSYS then pretend we just got a normal read. @@ -2262,7 +2262,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int break; } - if((res = conn->vfs_ops.lseek(fsp,fsp->fd,startpos,umode)) == -1) { + if((res = VFS_LSEEK(fsp,fsp->fd,startpos,umode)) == -1) { /* * Check for the special case where a seek before the start * of the file sets the offset to zero. Added in the CIFS spec, @@ -2274,7 +2274,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int if(umode == SEEK_CUR) { - if((current_pos = conn->vfs_ops.lseek(fsp,fsp->fd,0,SEEK_CUR)) == -1) { + if((current_pos = VFS_LSEEK(fsp,fsp->fd,0,SEEK_CUR)) == -1) { END_PROFILE(SMBlseek); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -2285,7 +2285,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int SMB_STRUCT_STAT sbuf; - if(vfs_fstat(fsp,fsp->fd, &sbuf) == -1) { + if(VFS_FSTAT(fsp,fsp->fd, &sbuf) == -1) { END_PROFILE(SMBlseek); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -2294,7 +2294,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int } if(current_pos < 0) - res = conn->vfs_ops.lseek(fsp,fsp->fd,0,SEEK_SET); + res = VFS_LSEEK(fsp,fsp->fd,0,SEEK_SET); } if(res == -1) { @@ -2830,7 +2830,7 @@ NTSTATUS mkdir_internal(connection_struct *conn, pstring directory) unix_convert(directory,conn,0,&bad_path,&sbuf); if (check_name(directory, conn)) - ret = vfs_mkdir(conn,directory,unix_mode(conn,aDIR,directory)); + ret = vfs_MkDir(conn,directory,unix_mode(conn,aDIR,directory)); if (ret == -1) { NTSTATUS nterr = set_bad_path_error(errno, bad_path); @@ -2901,7 +2901,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(conn->vfs_ops.lstat(conn,fullname, &st) != 0) { + if(VFS_LSTAT(conn,fullname, &st) != 0) { ret = True; break; } @@ -2911,11 +2911,11 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) ret = True; break; } - if(vfs_rmdir(conn,fullname) != 0) { + if(VFS_RMDIR(conn,fullname) != 0) { ret = True; break; } - } else if(vfs_unlink(conn,fullname) != 0) { + } else if(VFS_UNLINK(conn,fullname) != 0) { ret = True; break; } @@ -2932,7 +2932,7 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) { BOOL ok; - ok = (vfs_rmdir(conn,directory) == 0); + ok = (VFS_RMDIR(conn,directory) == 0); if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) { /* * Check to see if the only thing in this directory are @@ -2974,21 +2974,21 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(conn->vfs_ops.lstat(conn,fullname, &st) != 0) + if(VFS_LSTAT(conn,fullname, &st) != 0) break; if(st.st_mode & S_IFDIR) { if(lp_recursive_veto_delete(SNUM(conn))) { if(recursive_rmdir(conn, fullname) != 0) break; } - if(vfs_rmdir(conn,fullname) != 0) + if(VFS_RMDIR(conn,fullname) != 0) break; - } else if(vfs_unlink(conn,fullname) != 0) + } else if(VFS_UNLINK(conn,fullname) != 0) break; } CloseDir(dirptr); /* Retry the rmdir */ - ok = (vfs_rmdir(conn,directory) == 0); + ok = (VFS_RMDIR(conn,directory) == 0); } else { CloseDir(dirptr); } @@ -3284,7 +3284,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", return NT_STATUS_OBJECT_NAME_COLLISION; } - if(conn->vfs_ops.rename(conn,directory, newname) == 0) { + if(VFS_RENAME(conn,directory, newname) == 0) { DEBUG(3,("rename_internals: succeeded doing rename on %s -> %s\n", directory,newname)); return NT_STATUS_OK; @@ -3351,7 +3351,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", continue; } - if (!conn->vfs_ops.rename(conn,fname,destname)) + if (!VFS_RENAME(conn,fname,destname)) count++; DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } @@ -3445,7 +3445,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, if (!target_is_directory && count) ofun = FILE_EXISTS_OPEN; - if (vfs_stat(conn,dest,&sbuf2) == -1) + if (VFS_STAT(conn,dest,&sbuf2) == -1) ZERO_STRUCTP(&sbuf2); fsp2 = open_file_shared(conn,dest,&sbuf2,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), @@ -3457,7 +3457,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if ((ofun&3) == 1) { - if(conn->vfs_ops.lseek(fsp2,fsp2->fd,0,SEEK_END) == -1) { + if(VFS_LSEEK(fsp2,fsp2->fd,0,SEEK_END) == -1) { DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) )); /* * Stop the copy from occurring. -- cgit From bc2a3748e9caa8f60f7c2387e7eecd7fb3fae899 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy Date: Wed, 14 May 2003 10:59:01 +0000 Subject: Prefix VFS API macros with SMB_ for consistency and to avoid problems with VFS_ macros at system side. We currently have one clash with AIX and its VFS_LOCK. Compiled and tested -- no new functionality or code, just plain rename of macros for yet-unreleased VFS API version. Needs to be done before a24 is out (This used to be commit c2689ed118b490e49497a76ed6a2251262018769) --- source3/smbd/reply.c | 54 ++++++++++++++++++++++++++-------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 49a9b934b0..7a0cc0287a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -399,7 +399,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size mode = SVAL(inbuf,smb_vwv0); if (check_name(name,conn)) { - if (VALID_STAT(sbuf) || VFS_STAT(conn,name,&sbuf) == 0) + if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,name,&sbuf) == 0) if (!(ok = S_ISDIR(sbuf.st_mode))) errno = ENOTDIR; } @@ -458,7 +458,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } else { unix_convert(fname,conn,0,&bad_path,&sbuf); if (check_name(fname,conn)) { - if (VALID_STAT(sbuf) || VFS_STAT(conn,fname,&sbuf) == 0) { + if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,fname,&sbuf) == 0) { mode = dos_mode(conn,fname,&sbuf); size = sbuf.st_size; mtime = sbuf.st_mtime; @@ -553,7 +553,7 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz SMB_BIG_UINT dfree,dsize,bsize; START_PROFILE(SMBdskattr); - VFS_DISK_FREE(conn,".",True,&bsize,&dfree,&dsize); + SMB_VFS_DISK_FREE(conn,".",True,&bsize,&dfree,&dsize); outsize = set_message(outbuf,5,0,True); @@ -1128,7 +1128,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRDOS,ERRnoaccess)); } - VFS_STAT(conn,fname,&sbuf); + SMB_VFS_STAT(conn,fname,&sbuf); /* Open file in dos compatibility share mode. */ /* We should fail if file does not exist. */ @@ -1227,7 +1227,7 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) if (!CAN_WRITE(conn)) return NT_STATUS_MEDIA_WRITE_PROTECTED; - if (VFS_LSTAT(conn,fname,&sbuf) != 0) + if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) return NT_STATUS_OBJECT_NAME_NOT_FOUND; fmode = dos_mode(conn,fname,&sbuf); @@ -1313,7 +1313,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) error = can_delete(directory,conn,dirtype); if (!NT_STATUS_IS_OK(error)) return error; - if (VFS_UNLINK(conn,directory) == 0) { + if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; } } else { @@ -1343,7 +1343,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); error = can_delete(fname,conn,dirtype); if (!NT_STATUS_IS_OK(error)) continue; - if (VFS_UNLINK(conn,fname) == 0) count++; + if (SMB_VFS_UNLINK(conn,fname) == 0) count++; DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } CloseDir(dirptr); @@ -1429,7 +1429,7 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st header.length = 4; header.free = NULL; - if ( VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, nread) == -1) { + if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, nread) == -1) { /* * Special hack for broken Linux with no 64 bit clean sendfile. If we * return ENOSYS then pretend we just got a normal read. @@ -1554,7 +1554,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s if (size < sizeneeded) { SMB_STRUCT_STAT st; - if (VFS_FSTAT(fsp,fsp->fd,&st) == 0) + if (SMB_VFS_FSTAT(fsp,fsp->fd,&st) == 0) size = st.st_size; if (!fsp->can_write) fsp->size = size; @@ -1723,7 +1723,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length SMB_STRUCT_STAT sbuf; DATA_BLOB header; - if(VFS_FSTAT(fsp,fsp->fd, &sbuf) == -1) + if(SMB_VFS_FSTAT(fsp,fsp->fd, &sbuf) == -1) return(UNIXERROR(ERRDOS,ERRnoaccess)); if (startpos > sbuf.st_size) @@ -1750,7 +1750,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length header.length = data - outbuf; header.free = NULL; - if ( VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, smb_maxcnt) == -1) { + if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, smb_maxcnt) == -1) { /* * Special hack for broken Linux with no 64 bit clean sendfile. If we * return ENOSYS then pretend we just got a normal read. @@ -2262,7 +2262,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int break; } - if((res = VFS_LSEEK(fsp,fsp->fd,startpos,umode)) == -1) { + if((res = SMB_VFS_LSEEK(fsp,fsp->fd,startpos,umode)) == -1) { /* * Check for the special case where a seek before the start * of the file sets the offset to zero. Added in the CIFS spec, @@ -2274,7 +2274,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int if(umode == SEEK_CUR) { - if((current_pos = VFS_LSEEK(fsp,fsp->fd,0,SEEK_CUR)) == -1) { + if((current_pos = SMB_VFS_LSEEK(fsp,fsp->fd,0,SEEK_CUR)) == -1) { END_PROFILE(SMBlseek); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -2285,7 +2285,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int SMB_STRUCT_STAT sbuf; - if(VFS_FSTAT(fsp,fsp->fd, &sbuf) == -1) { + if(SMB_VFS_FSTAT(fsp,fsp->fd, &sbuf) == -1) { END_PROFILE(SMBlseek); return(UNIXERROR(ERRDOS,ERRnoaccess)); } @@ -2294,7 +2294,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int } if(current_pos < 0) - res = VFS_LSEEK(fsp,fsp->fd,0,SEEK_SET); + res = SMB_VFS_LSEEK(fsp,fsp->fd,0,SEEK_SET); } if(res == -1) { @@ -2901,7 +2901,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(VFS_LSTAT(conn,fullname, &st) != 0) { + if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) { ret = True; break; } @@ -2911,11 +2911,11 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) ret = True; break; } - if(VFS_RMDIR(conn,fullname) != 0) { + if(SMB_VFS_RMDIR(conn,fullname) != 0) { ret = True; break; } - } else if(VFS_UNLINK(conn,fullname) != 0) { + } else if(SMB_VFS_UNLINK(conn,fullname) != 0) { ret = True; break; } @@ -2932,7 +2932,7 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) { BOOL ok; - ok = (VFS_RMDIR(conn,directory) == 0); + ok = (SMB_VFS_RMDIR(conn,directory) == 0); if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) { /* * Check to see if the only thing in this directory are @@ -2974,21 +2974,21 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) pstrcat(fullname, "/"); pstrcat(fullname, dname); - if(VFS_LSTAT(conn,fullname, &st) != 0) + if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) break; if(st.st_mode & S_IFDIR) { if(lp_recursive_veto_delete(SNUM(conn))) { if(recursive_rmdir(conn, fullname) != 0) break; } - if(VFS_RMDIR(conn,fullname) != 0) + if(SMB_VFS_RMDIR(conn,fullname) != 0) break; - } else if(VFS_UNLINK(conn,fullname) != 0) + } else if(SMB_VFS_UNLINK(conn,fullname) != 0) break; } CloseDir(dirptr); /* Retry the rmdir */ - ok = (VFS_RMDIR(conn,directory) == 0); + ok = (SMB_VFS_RMDIR(conn,directory) == 0); } else { CloseDir(dirptr); } @@ -3284,7 +3284,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", return NT_STATUS_OBJECT_NAME_COLLISION; } - if(VFS_RENAME(conn,directory, newname) == 0) { + if(SMB_VFS_RENAME(conn,directory, newname) == 0) { DEBUG(3,("rename_internals: succeeded doing rename on %s -> %s\n", directory,newname)); return NT_STATUS_OK; @@ -3351,7 +3351,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", continue; } - if (!VFS_RENAME(conn,fname,destname)) + if (!SMB_VFS_RENAME(conn,fname,destname)) count++; DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } @@ -3445,7 +3445,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, if (!target_is_directory && count) ofun = FILE_EXISTS_OPEN; - if (VFS_STAT(conn,dest,&sbuf2) == -1) + if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) ZERO_STRUCTP(&sbuf2); fsp2 = open_file_shared(conn,dest,&sbuf2,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), @@ -3457,7 +3457,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if ((ofun&3) == 1) { - if(VFS_LSEEK(fsp2,fsp2->fd,0,SEEK_END) == -1) { + if(SMB_VFS_LSEEK(fsp2,fsp2->fd,0,SEEK_END) == -1) { DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) )); /* * Stop the copy from occurring. -- cgit From e35917bb9337200edd0d92044f4d4817e9feb891 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 6 Jun 2003 05:32:36 +0000 Subject: make the allocation_size consistent between trans2 QFILEINFO and SMBgetattrE (This used to be commit 59f1a5e6fd783b977f787dae4ba4bb8b65c41e43) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7a0cc0287a..7f0ffd7577 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4385,8 +4385,9 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, SIVAL(outbuf,smb_vwv6,0); SIVAL(outbuf,smb_vwv8,0); } else { + uint32 allocation_size = get_allocation_size(fsp, &sbuf); SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size); - SIVAL(outbuf,smb_vwv8,SMB_ROUNDUP(sbuf.st_size,1024)); + SIVAL(outbuf,smb_vwv8,allocation_size); } SSVAL(outbuf,smb_vwv10, mode); -- cgit From 53f8d3f01aed0118bafa36c8eabfc558e29f91dd Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 6 Jun 2003 10:42:16 +0000 Subject: SMBlockingX timeouts are in units of 2 milliseconds, not 1 (This used to be commit 999cde3227210c90132ade3812e964087f04e541) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7f0ffd7577..be51a32891 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3941,7 +3941,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); /* Setup the timeout in seconds. */ - lock_timeout = ((lock_timeout == -1) ? -1 : (lock_timeout+999)/1000); + lock_timeout = ((lock_timeout == -1) ? -1 : (lock_timeout+499)/500); /* Now do any requested locks */ data += ((large_file_format ? 20 : 10)*num_ulocks); -- cgit From 3d0d8f609d08a41faa8607fa374816bcde48a62e Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Fri, 13 Jun 2003 17:49:03 +0000 Subject: Fix an spelling mistake. (This used to be commit 8e37c1d579ed801fd602d698174f981deff435d9) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index be51a32891..e7f01ad02f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -39,7 +39,7 @@ unsigned int smb_echo_count = 0; extern BOOL global_encrypted_passwords_negotiated; /**************************************************************************** - Reply to an special message. + Reply to a special message. ****************************************************************************/ int reply_special(char *inbuf,char *outbuf) -- cgit From 9ad4fbcf75df4ed89893ffb0379d95685560e466 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 17 Jul 2003 00:53:37 +0000 Subject: Don't allow read/write raw when signing is active. Jeremy. (This used to be commit 8d2a848052df03dad7bfeb5e7be96f8e9a509bbf) --- source3/smbd/reply.c | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e7f01ad02f..61323e8b56 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1472,6 +1472,10 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s files_struct *fsp; START_PROFILE(SMBreadbraw); + if (srv_signing_active()) { + exit_server("reply_readbraw: SMB signing is active - raw reads/writes are disallowed."); + } + /* * Special check if an oplock break has been issued * and the readraw request croses on the wire, we must @@ -1870,6 +1874,10 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int outsize = 0; START_PROFILE(SMBwritebraw); + if (srv_signing_active()) { + exit_server("reply_readbraw: SMB signing is active - raw reads/writes are disallowed."); + } + CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); -- cgit From 814e987c6241601fb03335b2ba9a633d65cc5e23 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 18 Jul 2003 00:53:34 +0000 Subject: Signing so far... the client code fails on a SMBtrans2 secondary transaction I think (my changes haven't affected this I believe). Initial support on the server side for smbclient. Still doesn't work for w2k clients I think... Work in progress..... (don't change). Jeremy. (This used to be commit e5714edc233424c2f74edb6d658f32f8e0ec9275) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 61323e8b56..44633b1db6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1472,7 +1472,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s files_struct *fsp; START_PROFILE(SMBreadbraw); - if (srv_signing_active()) { + if (srv_is_signing_active()) { exit_server("reply_readbraw: SMB signing is active - raw reads/writes are disallowed."); } @@ -1874,7 +1874,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int outsize = 0; START_PROFILE(SMBwritebraw); - if (srv_signing_active()) { + if (srv_is_signing_active()) { exit_server("reply_readbraw: SMB signing is active - raw reads/writes are disallowed."); } -- cgit From 5e252c86bd97305f3c6578afb29ccd148f985e60 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Fri, 18 Jul 2003 07:07:29 +0000 Subject: make sure we don't allow the creation of directories containing wildcard characters. I've only put this in mkdir at the moment, but I suspect this will apply to all places that can create new filenames. We need to allow the opening of existing filenames that contain wildcards, but not allow the creation of new ones. (This used to be commit 2fd5569938b8970f3e9d761eecad5bc0b8bb267e) --- source3/smbd/reply.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 44633b1db6..5f3d6fa10e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2836,7 +2836,11 @@ NTSTATUS mkdir_internal(connection_struct *conn, pstring directory) int ret= -1; unix_convert(directory,conn,0,&bad_path,&sbuf); - + + if (ms_has_wild(directory)) { + return NT_STATUS_OBJECT_NAME_INVALID; + } + if (check_name(directory, conn)) ret = vfs_MkDir(conn,directory,unix_mode(conn,aDIR,directory)); -- cgit From 1478bcd847cfe0fe8374f403f20761675d944413 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 27 Jul 2003 03:29:40 +0000 Subject: Try again to fix up 'session request' name exchange. This time we actualy get the names... Andrew Bartlett (This used to be commit 7c9e204f7eb15139532f2cc522ed87d0ac34d118) --- source3/smbd/reply.c | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5f3d6fa10e..eaaa4e2730 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -75,23 +75,16 @@ int reply_special(char *inbuf,char *outbuf) return(0); } name_extract(inbuf,4,name1); - name_extract(inbuf,4 + name_len(inbuf + 4),name2); + name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2); DEBUG(2,("netbios connect: name1=%s name2=%s\n", name1,name2)); - name1[15] = 0; - - len = strlen(name2); - if (len == 16) { - name_type = name2[15]; - name2[15] = 0; - } - set_local_machine_name(name1, True); set_remote_machine_name(name2, True); - DEBUG(2,("netbios connect: local=%s remote=%s\n", - get_local_machine_name(), get_remote_machine_name() )); + DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n", + get_local_machine_name(), get_remote_machine_name(), + name_type)); if (name_type == 'R') { /* We are being asked for a pathworks session --- -- cgit From 6070a519c2058224d6703e1b7fdff54986c621f5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 29 Jul 2003 19:16:59 +0000 Subject: Fix bug #226. Stop unmangle of name into a wildcard name from deleting more than was intended. Jeremy. (This used to be commit e2742e0d897a35820a7d8f184292c32a4c3952e3) --- source3/smbd/reply.c | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index eaaa4e2730..71312295f4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -48,8 +48,6 @@ int reply_special(char *inbuf,char *outbuf) int msg_type = CVAL(inbuf,0); int msg_flags = CVAL(inbuf,1); pstring name1,name2; - - int len; char name_type = 0; static BOOL already_got_session = False; @@ -1274,6 +1272,16 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) *directory = *mask = 0; + /* We must check for wildcards in the name given + * directly by the client - before any unmangling. + * This prevents an unmangling of a UNIX name containing + * a DOS wildcard like '*' or '?' from unmangling into + * a wildcard delete which was not intended. + * FIX for #226. JRA. + */ + + has_wild = ms_has_wild(name); + rc = unix_convert(name,conn,0,&bad_path,&sbuf); p = strrchr_m(name,'/'); @@ -1298,13 +1306,12 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) if (!rc && mangle_is_mangled(mask)) mangle_check_cache( mask ); - has_wild = ms_has_wild(mask); - if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); error = can_delete(directory,conn,dirtype); - if (!NT_STATUS_IS_OK(error)) return error; + if (!NT_STATUS_IS_OK(error)) + return error; if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; @@ -1331,12 +1338,15 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) pstring fname; pstrcpy(fname,dname); - if(!mask_match(fname, mask, case_sensitive)) continue; + if(!mask_match(fname, mask, case_sensitive)) + continue; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); error = can_delete(fname,conn,dirtype); - if (!NT_STATUS_IS_OK(error)) continue; - if (SMB_VFS_UNLINK(conn,fname) == 0) count++; + if (!NT_STATUS_IS_OK(error)) + continue; + if (SMB_VFS_UNLINK(conn,fname) == 0) + count++; DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } CloseDir(dirptr); @@ -1372,7 +1382,8 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(3,("reply_unlink : %s\n",name)); status = unlink_internals(conn, dirtype, name); - if (!NT_STATUS_IS_OK(status)) return ERROR_NT(status); + if (!NT_STATUS_IS_OK(status)) + return ERROR_NT(status); /* * Win2k needs a changenotify request response before it will -- cgit From 4511b334a8f68048d176dd381b9f1a3530a0a8cd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 12 Aug 2003 04:28:22 +0000 Subject: Test invalid map system, map hidden, create mask, force create mask parameters. Fix return code for Samba 4 torture tester. Jeremy. (This used to be commit c043835c878ff062cb6eede02334f9e0ebb01050) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 71312295f4..869123a1fe 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1229,7 +1229,7 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) return NT_STATUS_CANNOT_DELETE; } if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) - return NT_STATUS_CANNOT_DELETE; + return NT_STATUS_NO_SUCH_FILE; /* We need a better way to return NT status codes from open... */ unix_ERR_class = 0; -- cgit From df35fb074527d030a8758880b6c0f9960f4df205 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 12 Aug 2003 04:52:11 +0000 Subject: Fix another error code return against Samba4 test suite... Don't allow a path above root. Jeremy. (This used to be commit 9bc0e4fe04c4134add428c889d316bd5ee4fb6e9) --- source3/smbd/reply.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 869123a1fe..4ea1792885 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1218,6 +1218,10 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) if (!CAN_WRITE(conn)) return NT_STATUS_MEDIA_WRITE_PROTECTED; + /* Can't delete the root. */ + if (strequal(fname, "./..") || strequal(fname, "./../")) + return NT_STATUS_OBJECT_PATH_SYNTAX_BAD; + if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) return NT_STATUS_OBJECT_NAME_NOT_FOUND; -- cgit From a9975acc9255f1e047f680e424607479fcca6516 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 13 Aug 2003 00:31:23 +0000 Subject: Ensure we pass the Samba4 unlink test ! Jeremy. (This used to be commit 73aaf8094c2fed76b6650afbd8ff4f050f5e52d2) --- source3/smbd/reply.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4ea1792885..dcb07ab509 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1215,6 +1215,9 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) int access_mode; files_struct *fsp; + DEBUG(10,("can_delete: %s, dirtype = %d\n", + fname, dirtype )); + if (!CAN_WRITE(conn)) return NT_STATUS_MEDIA_WRITE_PROTECTED; @@ -1226,8 +1229,13 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) return NT_STATUS_OBJECT_NAME_NOT_FOUND; fmode = dos_mode(conn,fname,&sbuf); + + /* Can't delete a directory. */ if (fmode & aDIR) return NT_STATUS_FILE_IS_A_DIRECTORY; + else if (dirtype & aDIR) /* Asked for a directory and it isn't. */ + return NT_STATUS_OBJECT_NAME_INVALID; + if (!lp_delete_readonly(SNUM(conn))) { if (fmode & aRONLY) return NT_STATUS_CANNOT_DELETE; @@ -1333,7 +1341,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) */ if (dirptr) { - error = NT_STATUS_OBJECT_NAME_NOT_FOUND; + error = NT_STATUS_NO_SUCH_FILE; if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); -- cgit From db58f5141612ed8a3d3ae03cda03cb44cd22d6de Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 13 Aug 2003 02:31:22 +0000 Subject: More chkpth fixes from Samba4 tests. Jeremy. (This used to be commit a62cf6bf16e2f435f504e936c31992f5697a309a) --- source3/smbd/reply.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index dcb07ab509..4f3c12e984 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -401,8 +401,21 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size one at a time - if a component fails it expects ERRbadpath, not ERRbadfile. */ - if(errno == ENOENT) - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + if(errno == ENOENT) { + /* + * Windows returns different error codes if + * the parent directory is valid but not the + * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND + * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND + * if the path is invalid. + */ + if (bad_path) { + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + } else { + return ERROR_NT(NT_STATUS_OBJECT_NAME_NOT_FOUND); + } + } else if (errno == ENOTDIR) + return ERROR_NT(NT_STATUS_NOT_A_DIRECTORY); return(UNIXERROR(ERRDOS,ERRbadpath)); } -- cgit From 405135fdebd122d480130d0ce65a1536a57129f5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 13 Aug 2003 03:28:06 +0000 Subject: Better path checking for chkpth. We now pass Samba4 chkpath and unlink. Jeremy. (This used to be commit 00a57b0953c40a0ad6780eae84b4c558e21dbcfd) --- source3/smbd/reply.c | 29 +++++++++++++++++++++++++---- 1 file changed, 25 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4f3c12e984..8347daf26b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -38,6 +38,21 @@ unsigned int smb_echo_count = 0; extern BOOL global_encrypted_passwords_negotiated; +/**************************************************************************** + Ensure we check the path in the same way as W2K. +****************************************************************************/ + +static NTSTATUS check_path_syntax(const char *name) +{ + while (*name == '\\') + name++; + if (strequal(name, ".")) + return NT_STATUS_OBJECT_NAME_INVALID; + else if (strequal(name, "..")) + return NT_STATUS_OBJECT_PATH_SYNTAX_BAD; + return NT_STATUS_OK; +} + /**************************************************************************** Reply to a special message. ****************************************************************************/ @@ -379,10 +394,16 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL ok = False; BOOL bad_path = False; SMB_STRUCT_STAT sbuf; + NTSTATUS status; + START_PROFILE(SMBchkpth); srvstr_pull_buf(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), STR_TERMINATE); + status = check_path_syntax(name); + if (!NT_STATUS_IS_OK(status)) + return ERROR_NT(status); + RESOLVE_DFSPATH(name, conn, inbuf, outbuf); unix_convert(name,conn,0,&bad_path,&sbuf); @@ -1234,10 +1255,6 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) if (!CAN_WRITE(conn)) return NT_STATUS_MEDIA_WRITE_PROTECTED; - /* Can't delete the root. */ - if (strequal(fname, "./..") || strequal(fname, "./../")) - return NT_STATUS_OBJECT_PATH_SYNTAX_BAD; - if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) return NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -1402,6 +1419,10 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size srvstr_pull_buf(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), STR_TERMINATE); + status = check_path_syntax(name); + if (!NT_STATUS_IS_OK(status)) + return ERROR_NT(status); + RESOLVE_DFSPATH(name, conn, inbuf, outbuf); DEBUG(3,("reply_unlink : %s\n",name)); -- cgit From 4e8b36a5749f4801022617b8fec1fe5d48529fef Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 14 Aug 2003 21:16:06 +0000 Subject: Fix SMBseek and get/set position information SMBs. Works against Samba4 tester. You will need a make clean; make all after this ! Jeremy. (This used to be commit 10d90171ed58bee3e5ab6476341059b585034134) --- source3/smbd/reply.c | 33 +++++++++------------------------ 1 file changed, 9 insertions(+), 24 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8347daf26b..8df118ab16 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2308,39 +2308,25 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int switch (mode) { case 0: umode = SEEK_SET; + res = startpos; break; case 1: umode = SEEK_CUR; + res = fsp->pos + startpos; break; case 2: umode = SEEK_END; break; default: umode = SEEK_SET; + res = startpos; break; } - if((res = SMB_VFS_LSEEK(fsp,fsp->fd,startpos,umode)) == -1) { - /* - * Check for the special case where a seek before the start - * of the file sets the offset to zero. Added in the CIFS spec, - * section 4.2.7. - */ - - if(errno == EINVAL) { - SMB_OFF_T current_pos = startpos; - - if(umode == SEEK_CUR) { - - if((current_pos = SMB_VFS_LSEEK(fsp,fsp->fd,0,SEEK_CUR)) == -1) { - END_PROFILE(SMBlseek); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - - current_pos += startpos; - - } else if (umode == SEEK_END) { - + if (umode == SEEK_END) { + if((res = SMB_VFS_LSEEK(fsp,fsp->fd,startpos,umode)) == -1) { + if(errno == EINVAL) { + SMB_OFF_T current_pos = startpos; SMB_STRUCT_STAT sbuf; if(SMB_VFS_FSTAT(fsp,fsp->fd, &sbuf) == -1) { @@ -2349,10 +2335,9 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int } current_pos += sbuf.st_size; + if(current_pos < 0) + res = SMB_VFS_LSEEK(fsp,fsp->fd,0,SEEK_SET); } - - if(current_pos < 0) - res = SMB_VFS_LSEEK(fsp,fsp->fd,0,SEEK_SET); } if(res == -1) { -- cgit From 1699fadcdb86462c0b36f0479317dc52ae8a263a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 14 Aug 2003 23:15:02 +0000 Subject: Fix changing of attributes via setattr. Samba4 test fixes. Jeremy. (This used to be commit 97e1d5c9573513c9c9be9a709341bda54fbe44be) --- source3/smbd/reply.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8df118ab16..35d07d5bf7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -544,13 +544,18 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size mode = SVAL(inbuf,smb_vwv0); mtime = make_unix_date3(inbuf+smb_vwv1); - if (VALID_STAT_OF_DIR(sbuf)) - mode |= aDIR; - else - mode &= ~aDIR; + if (mode != FILE_ATTRIBUTE_NORMAL) { + if (VALID_STAT_OF_DIR(sbuf)) + mode |= aDIR; + else + mode &= ~aDIR; + + if (check_name(fname,conn)) + ok = (file_chmod(conn,fname,mode,NULL) == 0); + } else { + ok = True; + } - if (check_name(fname,conn)) - ok = (file_chmod(conn,fname,mode,NULL) == 0); if (ok) ok = set_filetime(conn,fname,mtime); -- cgit From 3a052c9e0a62c1f8ddf4c2e509cff52a4d157d21 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 16 Aug 2003 02:34:03 +0000 Subject: Implemented the level 1010 NT rename level. Many fixes for Samba4 test correctness. Jeremy. (This used to be commit f57429befa43d63ed9a6e19b854e22fd4151db40) --- source3/smbd/reply.c | 170 +++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 152 insertions(+), 18 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 35d07d5bf7..34200b0cab 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -497,9 +497,8 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } if (!ok) { - set_bad_path_error(errno, bad_path); END_PROFILE(SMBgetatr); - return(UNIXERROR(ERRDOS,ERRbadfile)); + return set_bad_path_error(errno, bad_path, outbuf, ERRDOS,ERRbadfile); } outsize = set_message(outbuf,10,0,True); @@ -560,9 +559,8 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size ok = set_filetime(conn,fname,mtime); if (!ok) { - set_bad_path_error(errno, bad_path); END_PROFILE(SMBsetatr); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); } outsize = set_message(outbuf,0,0,True); @@ -723,9 +721,8 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid)); if (dptr_num < 0) { if(dptr_num == -2) { - set_bad_path_error(errno, bad_path); END_PROFILE(SMBsearch); - return (UNIXERROR(ERRDOS,ERRnofids)); + return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnofids); } END_PROFILE(SMBsearch); return ERROR_DOS(ERRDOS,ERRnofids); @@ -890,9 +887,8 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unixmode, oplock_request,&rmode,NULL); if (!fsp) { - set_bad_path_error(errno, bad_path); END_PROFILE(SMBopen); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); } size = sbuf.st_size; @@ -978,9 +974,8 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt oplock_request, &rmode,&smb_action); if (!fsp) { - set_bad_path_error(errno, bad_path); END_PROFILE(SMBopenX); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); } size = sbuf.st_size; @@ -1102,9 +1097,8 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, ofun, unixmode, oplock_request, NULL, NULL); if (!fsp) { - set_bad_path_error(errno, bad_path); END_PROFILE(SMBcreate); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); } outsize = set_message(outbuf,1,0,True); @@ -1171,9 +1165,8 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, close(tmpfd); if (!fsp) { - set_bad_path_error(errno, bad_path); END_PROFILE(SMBctemp); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); } outsize = set_message(outbuf,1,0,True); @@ -1268,8 +1261,10 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) /* Can't delete a directory. */ if (fmode & aDIR) return NT_STATUS_FILE_IS_A_DIRECTORY; +#if 0 /* JRATEST */ else if (dirtype & aDIR) /* Asked for a directory and it isn't. */ return NT_STATUS_OBJECT_NAME_INVALID; +#endif /* JRATEST */ if (!lp_delete_readonly(SNUM(conn))) { if (fmode & aRONLY) @@ -2885,7 +2880,17 @@ NTSTATUS mkdir_internal(connection_struct *conn, pstring directory) ret = vfs_MkDir(conn,directory,unix_mode(conn,aDIR,directory)); if (ret == -1) { - NTSTATUS nterr = set_bad_path_error(errno, bad_path); + NTSTATUS nterr = NT_STATUS_OK; + if(errno == ENOENT) { + unix_ERR_class = ERRDOS; + if (bad_path) { + unix_ERR_code = ERRbadpath; + nterr = NT_STATUS_OBJECT_PATH_NOT_FOUND; + } else { + unix_ERR_code = ERRbadfile; + nterr = NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + } if (!NT_STATUS_IS_OK(nterr)) return nterr; return map_nt_error_from_unix(errno); @@ -3080,9 +3085,8 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } if (!ok) { - set_bad_path_error(errno, bad_path); END_PROFILE(SMBrmdir); - return(UNIXERROR(ERRDOS,ERRbadpath)); + return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRbadpath); } outsize = set_message(outbuf,0,0,True); @@ -3165,6 +3169,130 @@ static BOOL resolve_wildcards(const char *name1, char *name2) return(True); } +/**************************************************************************** + Ensure open files have their names updates. +****************************************************************************/ + +static void rename_open_files(connection_struct *conn, SMB_DEV_T dev, SMB_INO_T inode, char *newname) +{ + files_struct *fsp; + BOOL did_rename = False; + + for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) { + DEBUG(10,("rename_open_files: renaming file fnum %d (dev = %x, inode = %.0f) from %s -> %s\n", + fsp->fnum, (unsigned int)fsp->dev, (double)fsp->inode, + fsp->fsp_name, newname )); + string_set(&fsp->fsp_name, newname); + did_rename = True; + } + + if (!did_rename) + DEBUG(10,("rename_open_files: no open files on dev %x, inode %.0f for %s\n", + (unsigned int)dev, (double)inode, newname )); +} + +/**************************************************************************** + Rename an open file - given an fsp. +****************************************************************************/ + +NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char *newname, BOOL replace_if_exists) +{ + SMB_STRUCT_STAT sbuf; + BOOL bad_path = False; + pstring newname_last_component; + NTSTATUS error = NT_STATUS_OK; + BOOL dest_exists; + + ZERO_STRUCT(sbuf); + unix_convert(newname,conn,newname_last_component,&bad_path,&sbuf); + + /* Ensure newname contains a '/' */ + if(strrchr_m(newname,'/') == 0) { + pstring tmpstr; + + pstrcpy(tmpstr, "./"); + pstrcat(tmpstr, newname); + pstrcpy(newname, tmpstr); + } + + /* + * Check for special case with case preserving and not + * case sensitive. If the old last component differs from the original + * last component only by case, then we should allow + * the rename (user is trying to change the case of the + * filename). + */ + + if((case_sensitive == False) && (case_preserve == True) && + strequal(newname, fsp->fsp_name)) { + char *p; + pstring newname_modified_last_component; + + /* + * Get the last component of the modified name. + * Note that we guarantee that newname contains a '/' + * character above. + */ + p = strrchr_m(newname,'/'); + pstrcpy(newname_modified_last_component,p+1); + + if(strcsequal(newname_modified_last_component, + newname_last_component) == False) { + /* + * Replace the modified last component with + * the original. + */ + pstrcpy(p+1, newname_last_component); + } + } + + /* + * If the src and dest names are identical - including case, + * don't do the rename, just return success. + */ + + if (strcsequal(fsp->fsp_name, newname)) { + DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n", + newname)); + return NT_STATUS_OK; + } + + dest_exists = vfs_object_exist(conn,newname,NULL); + + if(!replace_if_exists && dest_exists) { + DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n", + fsp->fsp_name,newname)); + return NT_STATUS_OBJECT_NAME_COLLISION; + } + + error = can_rename(newname,conn,&sbuf); + + if (dest_exists && !NT_STATUS_IS_OK(error)) { + DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", + nt_errstr(error), fsp->fsp_name,newname)); + if (NT_STATUS_EQUAL(error,NT_STATUS_SHARING_VIOLATION)) + error = NT_STATUS_ACCESS_DENIED; + return error; + } + + if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) { + DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n", + fsp->fsp_name,newname)); + rename_open_files(conn, fsp->dev, fsp->inode, newname); + return NT_STATUS_OK; + } + + if (errno == ENOTDIR || errno == EISDIR) + error = NT_STATUS_OBJECT_NAME_COLLISION; + else + error = map_nt_error_from_unix(errno); + + DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n", + nt_errstr(error), fsp->fsp_name,newname)); + + return error; +} + /**************************************************************************** The guts of the rename command, split out so it may be called by the NT SMB code. @@ -3186,6 +3314,8 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BO *directory = *mask = 0; + ZERO_STRUCT(sbuf1); + ZERO_STRUCT(sbuf2); rc = unix_convert(name,conn,0,&bad_path1,&sbuf1); unix_convert(newname,conn,newname_last_component,&bad_path2,&sbuf2); @@ -3326,6 +3456,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", */ if (strcsequal(directory, newname)) { + rename_open_files(conn, sbuf1.st_dev, sbuf1.st_ino, newname); DEBUG(3,("rename_internals: identical names in rename %s - returning success\n", directory)); return NT_STATUS_OK; } @@ -3339,6 +3470,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", if(SMB_VFS_RENAME(conn,directory, newname) == 0) { DEBUG(3,("rename_internals: succeeded doing rename on %s -> %s\n", directory,newname)); + rename_open_files(conn, sbuf1.st_dev, sbuf1.st_ino, newname); return NT_STATUS_OK; } @@ -3403,8 +3535,10 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", continue; } - if (!SMB_VFS_RENAME(conn,fname,destname)) + if (!SMB_VFS_RENAME(conn,fname,destname)) { + rename_open_files(conn, sbuf1.st_dev, sbuf1.st_ino, newname); count++; + } DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } CloseDir(dirptr); -- cgit From e83a8a40c89491764d0658122800e05f3f75a7cd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 19 Aug 2003 01:02:41 +0000 Subject: Don't return DOS error on SMBsearch return if using NT error codes (NT1 protocol level). Fix for Samba4 tester. Jeremy. (This used to be commit 74486ab9efbb555f830b0e5d1c88f7bf065ae039) --- source3/smbd/reply.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 34200b0cab..32b9c39aed 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -768,21 +768,23 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SearchEmpty: - if (numentries == 0 || !ok) { - SCVAL(outbuf,smb_rcls,ERRDOS); - SSVAL(outbuf,smb_err,ERRnofiles); - dptr_close(&dptr_num); - } - /* If we were called as SMBffirst with smb_search_id == NULL and no entries were found then return error and close dirptr (X/Open spec) */ if(ok && expect_close && numentries == 0 && status_len == 0) { - SCVAL(outbuf,smb_rcls,ERRDOS); - SSVAL(outbuf,smb_err,ERRnofiles); + if (Protocol < PROTOCOL_NT1) { + SCVAL(outbuf,smb_rcls,ERRDOS); + SSVAL(outbuf,smb_err,ERRnofiles); + } /* Also close the dptr - we know it's gone */ dptr_close(&dptr_num); + } else if (numentries == 0 || !ok) { + if (Protocol < PROTOCOL_NT1) { + SCVAL(outbuf,smb_rcls,ERRDOS); + SSVAL(outbuf,smb_err,ERRnofiles); + } + dptr_close(&dptr_num); } /* If we were called as SMBfunique, then we can close the dirptr now ! */ -- cgit From c0236e8ae32af5480b14ac57677dc983e786d3d5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 19 Aug 2003 01:26:43 +0000 Subject: Fix flush of 0xFFFF - found by Samba4 tester. Jeremy. (This used to be commit 8a5c97fa07eacd4cecb5afd9c197352dfa613b9f) --- source3/smbd/reply.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 32b9c39aed..9577375475 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2367,10 +2367,12 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { int outsize = set_message(outbuf,0,0,True); + uint16 fnum = SVAL(inbuf,smb_vwv0); files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBflush); - CHECK_FSP(fsp,conn); + if (fnum != 0xFFFF) + CHECK_FSP(fsp,conn); if (!fsp) { file_sync_all(conn); @@ -2737,7 +2739,7 @@ int reply_printclose(connection_struct *conn, if (!CAN_PRINT(conn)) { END_PROFILE(SMBsplclose); - return ERROR_DOS(ERRDOS,ERRnoaccess); + return ERROR_NT(NT_STATUS_UNSUCCESSFUL); } DEBUG(3,("printclose fd=%d fnum=%d\n", -- cgit From 6d6401a67a9985c8c51175db520114dc2ef421ce Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 19 Aug 2003 01:53:45 +0000 Subject: Implement SMBexit properly. Found by Samba4 tester. You must do a make clean proto all; after this commit. Jeremy. (This used to be commit 27af1f9feab12542dc538bfceac4593e644ba3b4) --- source3/smbd/reply.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9577375475..5f2dd91232 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2394,6 +2394,9 @@ int reply_exit(connection_struct *conn, { int outsize; START_PROFILE(SMBexit); + + file_close_pid(SVAL(inbuf,smb_pid)); + outsize = set_message(outbuf,0,0,True); DEBUG(3,("exit\n")); -- cgit From 5daacc87b514ec4fe2e50f159a6a422a85a77324 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 8 Sep 2003 20:27:28 +0000 Subject: Protect against core dump if ioctl for print job sends invalid fid. Found by Iskantharajah T . Jeremy. (This used to be commit a9f9dd71da41801c975303a385ff229788c9498a) --- source3/smbd/reply.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5f2dd91232..6ac4cffddb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -348,7 +348,6 @@ int reply_ioctl(connection_struct *conn, uint32 ioctl_code = (device << 16) + function; int replysize, outsize; char *p; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBioctl); DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code)); @@ -371,6 +370,11 @@ int reply_ioctl(connection_struct *conn, switch (ioctl_code) { case IOCTL_QUERY_JOB_INFO: { + files_struct *fsp = file_fsp(inbuf,smb_vwv0); + if (!fsp) { + END_PROFILE(SMBioctl); + return(UNIXERROR(ERRDOS,ERRbadfid)); + } SSVAL(p,0,fsp->rap_print_jobid); /* Job number */ srvstr_push(outbuf, p+2, global_myname(), 15, STR_TERMINATE|STR_ASCII); srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII); -- cgit From 57c863190db9ac80529866ec6408bb03ef5e514c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 29 Sep 2003 23:35:41 +0000 Subject: Take care of condition where DOS and NT error codes must differ. Found by DOS program test by Amir Hardon . Jeremy. (This used to be commit c11a7e5846002b16d0cb2991b5a7df0636b070d5) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6ac4cffddb..303e33cc48 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -417,7 +417,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (check_name(name,conn)) { if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,name,&sbuf) == 0) if (!(ok = S_ISDIR(sbuf.st_mode))) - errno = ENOTDIR; + return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath); } if (!ok) { -- cgit From 52f63783bcc42cc4a1351ad9176d24a73a26c5eb Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 8 Oct 2003 23:21:36 +0000 Subject: Fixup error code returns from Samba4 tester. Ensure invalid paths are validated the same way. Jeremy. (This used to be commit 6ad2f0ba27566ab3928ccbbbb3c3a64b09ca139c) --- source3/smbd/reply.c | 160 ++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 128 insertions(+), 32 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 303e33cc48..2c8b768d70 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -39,20 +39,32 @@ unsigned int smb_echo_count = 0; extern BOOL global_encrypted_passwords_negotiated; /**************************************************************************** - Ensure we check the path in the same way as W2K. + Ensure we check the path in *exactly* the same way as W2K. ****************************************************************************/ -static NTSTATUS check_path_syntax(const char *name) +NTSTATUS check_path_syntax(const char *name) { - while (*name == '\\') + while (*name == '\\' || *name == '/') name++; - if (strequal(name, ".")) + if (name[0] == '.' && name[1] == '\0') return NT_STATUS_OBJECT_NAME_INVALID; - else if (strequal(name, "..")) + else if (name[0] == '.' && name[1] == '.' && + (name[2] == '\\' || name [2] == '/' || name[2] == '\0')) return NT_STATUS_OBJECT_PATH_SYNTAX_BAD; return NT_STATUS_OK; } +/**************************************************************************** + Pull a string and check the path - provide for error return. +****************************************************************************/ + +size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, int flags, NTSTATUS *err) +{ + size_t ret = srvstr_pull_buf( inbuf, dest, src, dest_len, flags); + *err = check_path_syntax(dest); + return ret; +} + /**************************************************************************** Reply to a special message. ****************************************************************************/ @@ -402,11 +414,11 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBchkpth); - srvstr_pull_buf(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), STR_TERMINATE); - - status = check_path_syntax(name); - if (!NT_STATUS_IS_OK(status)) + srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), STR_TERMINATE, &status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBchkpth); return ERROR_NT(status); + } RESOLVE_DFSPATH(name, conn, inbuf, outbuf); @@ -416,8 +428,10 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (check_name(name,conn)) { if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,name,&sbuf) == 0) - if (!(ok = S_ISDIR(sbuf.st_mode))) + if (!(ok = S_ISDIR(sbuf.st_mode))) { + END_PROFILE(SMBchkpth); return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath); + } } if (!ok) { @@ -435,13 +449,18 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size * if the path is invalid. */ if (bad_path) { + END_PROFILE(SMBchkpth); return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); } else { + END_PROFILE(SMBchkpth); return ERROR_NT(NT_STATUS_OBJECT_NAME_NOT_FOUND); } - } else if (errno == ENOTDIR) + } else if (errno == ENOTDIR) { + END_PROFILE(SMBchkpth); return ERROR_NT(NT_STATUS_NOT_A_DIRECTORY); + } + END_PROFILE(SMBchkpth); return(UNIXERROR(ERRDOS,ERRbadpath)); } @@ -468,10 +487,16 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size time_t mtime=0; BOOL bad_path = False; char *p; + NTSTATUS status; + START_PROFILE(SMBgetatr); p = smb_buf(inbuf) + 1; - p += srvstr_pull_buf(inbuf, fname, p, sizeof(fname), STR_TERMINATE); + p += srvstr_get_path(inbuf, fname, p, sizeof(fname), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBgetatr); + return ERROR_NT(status); + } RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -537,11 +562,17 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SMB_STRUCT_STAT sbuf; BOOL bad_path = False; char *p; + NTSTATUS status; START_PROFILE(SMBsetatr); p = smb_buf(inbuf) + 1; - p += srvstr_pull_buf(inbuf, fname, p, sizeof(fname), STR_TERMINATE); + p += srvstr_get_path(inbuf, fname, p, sizeof(fname), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBsetatr); + return ERROR_NT(status); + } + unix_convert(fname,conn,0,&bad_path,&sbuf); mode = SVAL(inbuf,smb_vwv0); @@ -652,6 +683,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL expect_close = False; BOOL can_open = True; BOOL bad_path = False; + NTSTATUS nt_status; START_PROFILE(SMBsearch); *mask = *directory = *fname = 0; @@ -664,7 +696,11 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size maxentries = SVAL(inbuf,smb_vwv0); dirtype = SVAL(inbuf,smb_vwv1); p = smb_buf(inbuf) + 1; - p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE); + p += srvstr_get_path(inbuf, path, p, sizeof(path), STR_TERMINATE,&nt_status); + if (!NT_STATUS_IS_OK(nt_status)) { + END_PROFILE(SMBsearch); + return ERROR_NT(nt_status); + } p++; status_len = SVAL(p, 0); p += 2; @@ -829,12 +865,17 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size char status[21]; int dptr_num= -2; char *p; + NTSTATUS err; START_PROFILE(SMBfclose); outsize = set_message(outbuf,1,0,True); p = smb_buf(inbuf) + 1; - p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE); + p += srvstr_get_path(inbuf, path, p, sizeof(path), STR_TERMINATE,&err); + if (!NT_STATUS_IS_OK(err)) { + END_PROFILE(SMBfclose); + return ERROR_NT(err); + } p++; status_len = SVAL(p,0); p += 2; @@ -877,11 +918,16 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + NTSTATUS status; START_PROFILE(SMBopen); share_mode = SVAL(inbuf,smb_vwv0); - srvstr_pull_buf(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), STR_TERMINATE); + srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBopen); + return ERROR_NT(status); + } RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -954,6 +1000,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt int smb_action = 0; BOOL bad_path = False; files_struct *fsp; + NTSTATUS status; START_PROFILE(SMBopenX); /* If it's an IPC, pass off the pipe handler. */ @@ -968,7 +1015,11 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } /* XXXX we need to handle passed times, sattr and flags */ - srvstr_pull_buf(inbuf, fname, smb_buf(inbuf), sizeof(fname), STR_TERMINATE); + srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBopenX); + return ERROR_NT(status); + } RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -1074,12 +1125,17 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); SMB_STRUCT_STAT sbuf; + NTSTATUS status; START_PROFILE(SMBcreate); com = SVAL(inbuf,smb_com); createmode = SVAL(inbuf,smb_vwv0); - srvstr_pull_buf(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), STR_TERMINATE); + srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBcreate); + return ERROR_NT(status); + } RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -1139,11 +1195,16 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int tmpfd; SMB_STRUCT_STAT sbuf; char *p, *s; + NTSTATUS status; START_PROFILE(SMBctemp); createmode = SVAL(inbuf,smb_vwv0); - srvstr_pull_buf(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), STR_TERMINATE); + srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBctemp); + return ERROR_NT(status); + } pstrcat(fname,"\\TMXXXXXX"); RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -1235,6 +1296,7 @@ static NTSTATUS can_rename(char *fname,connection_struct *conn, SMB_STRUCT_STAT ret = NT_STATUS_SHARING_VIOLATION; unix_ERR_class = 0; unix_ERR_code = 0; + unix_ERR_ntstatus = NT_STATUS_OK; return ret; } close_file(fsp,False); @@ -1423,12 +1485,12 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size dirtype = SVAL(inbuf,smb_vwv0); - srvstr_pull_buf(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), STR_TERMINATE); - - status = check_path_syntax(name); - if (!NT_STATUS_IS_OK(status)) + srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBunlink); return ERROR_NT(status); - + } + RESOLVE_DFSPATH(name, conn, inbuf, outbuf); DEBUG(3,("reply_unlink : %s\n",name)); @@ -2921,13 +2983,19 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, NTSTATUS status; START_PROFILE(SMBmkdir); - srvstr_pull_buf(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), STR_TERMINATE); + srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBmkdir); + return ERROR_NT(status); + } RESOLVE_DFSPATH(directory, conn, inbuf, outbuf); status = mkdir_internal(conn, directory); - if (!NT_STATUS_IS_OK(status)) + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBmkdir); return ERROR_NT(status); + } outsize = set_message(outbuf,0,0,True); @@ -3082,9 +3150,14 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL ok = False; BOOL bad_path = False; SMB_STRUCT_STAT sbuf; + NTSTATUS status; START_PROFILE(SMBrmdir); - srvstr_pull_buf(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), STR_TERMINATE); + srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBrmdir); + return ERROR_NT(status); + } RESOLVE_DFSPATH(directory, conn, inbuf, outbuf) @@ -3579,9 +3652,17 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBmv); p = smb_buf(inbuf) + 1; - p += srvstr_pull_buf(inbuf, name, p, sizeof(name), STR_TERMINATE); + p += srvstr_get_path(inbuf, name, p, sizeof(name), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBmv); + return ERROR_NT(status); + } p++; - p += srvstr_pull_buf(inbuf, newname, p, sizeof(newname), STR_TERMINATE); + p += srvstr_get_path(inbuf, newname, p, sizeof(newname), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBmv); + return ERROR_NT(status); + } RESOLVE_DFSPATH(name, conn, inbuf, outbuf); RESOLVE_DFSPATH(newname, conn, inbuf, outbuf); @@ -3590,6 +3671,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, status = rename_internals(conn, name, newname, False); if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBmv); return ERROR_NT(status); } @@ -3707,14 +3789,23 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL bad_path2 = False; BOOL rc = True; SMB_STRUCT_STAT sbuf1, sbuf2; + NTSTATUS status; START_PROFILE(SMBcopy); *directory = *mask = 0; p = smb_buf(inbuf); - p += srvstr_pull_buf(inbuf, name, p, sizeof(name), STR_TERMINATE); - p += srvstr_pull_buf(inbuf, newname, p, sizeof(newname), STR_TERMINATE); + p += srvstr_get_path(inbuf, name, p, sizeof(name), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBcopy); + return ERROR_NT(status); + } + p += srvstr_get_path(inbuf, newname, p, sizeof(newname), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBcopy); + return ERROR_NT(status); + } DEBUG(3,("reply_copy : %s -> %s\n",name,newname)); @@ -3860,6 +3951,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int outsize = 0; BOOL ok = False; pstring newdir; + NTSTATUS status; START_PROFILE(pathworks_setdir); @@ -3869,7 +3961,11 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_DOS(ERRDOS,ERRnoaccess); } - srvstr_pull_buf(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), STR_TERMINATE); + srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), STR_TERMINATE,&status); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(pathworks_setdir); + return ERROR_NT(status); + } if (strlen(newdir) == 0) { ok = True; -- cgit From 22c024157129e287a6e4bb4bc7232144c36d9604 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 9 Oct 2003 01:46:01 +0000 Subject: Changes to allow Samba3 to pass the Samba4 RAW-READ tests. Jeremy. (This used to be commit e7565dbba696adbb0fd8cca6b86a1a7e5a655f2e) --- source3/smbd/reply.c | 47 +++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 39 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2c8b768d70..5c1d7915c2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1567,8 +1567,13 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st if (nread > 0) { ret = read_file(fsp,outbuf+4,startpos,nread); +#if 0 /* mincount appears to be ignored in a W2K server. JRA. */ if (ret < mincount) ret = 0; +#else + if (ret < nread) + ret = 0; +#endif } _smb_setlen(outbuf,ret); @@ -1668,7 +1673,6 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s /* ensure we don't overrun the packet size */ maxcount = MIN(65535,maxcount); - maxcount = MAX(mincount,maxcount); if (!is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { SMB_OFF_T size = fsp->size; @@ -1688,8 +1692,10 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s nread = MIN(maxcount,(size - startpos)); } +#if 0 /* mincount appears to be ignored in a W2K server. JRA. */ if (nread < mincount) nread = 0; +#endif DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%d min=%d nread=%d\n", fsp->fnum, (double)startpos, (int)maxcount, (int)mincount, (int)nread ) ); @@ -1714,6 +1720,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length size_t numtoread; NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + BOOL my_lock_ctx = False; START_PROFILE(SMBlockread); CHECK_FSP(fsp,conn); @@ -1733,13 +1740,21 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * protocol request that predates the read/write lock concept. * Thus instead of asking for a read lock here we need to ask * for a write lock. JRA. + * Note that the requested lock size is unaffected by max_recv. */ status = do_lock_spin(fsp, conn, SVAL(inbuf,smb_pid), - (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK); + (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK, &my_lock_ctx); if (NT_STATUS_V(status)) { - if (lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { +#if 0 + /* + * We used to make lockread a blocking lock. It turns out + * that this isn't on W2k. Found by the Samba 4 RAW-READ torture + * tester. JRA. + */ + + if (lp_blocking_locks(SNUM(conn)) && !my_lock_ctx && ERROR_WAS_LOCK_DENIED(status)) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it @@ -1751,10 +1766,16 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length return -1; } } +#endif END_PROFILE(SMBlockread); return ERROR_NT(status); } + /* + * However the requested READ size IS affected by max_recv. Insanity.... JRA. + */ + + numtoread = MIN(numtoread,max_recv); nread = read_file(fsp,data,startpos,numtoread); if (nread < 0) { @@ -1796,6 +1817,11 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int outsize = set_message(outbuf,5,3,True); numtoread = MIN(BUFFER_SIZE-outsize,numtoread); + /* + * The requested read size cannot be greater than max_recv. JRA. + */ + numtoread = MIN(numtoread,max_recv); + data = smb_buf(outbuf) + 3; if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { @@ -1863,6 +1889,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length * correct amount of data). */ + SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ SSVAL(outbuf,smb_vwv5,smb_maxcnt); SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); SSVAL(smb_buf(outbuf),-2,smb_maxcnt); @@ -1901,6 +1928,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length return(UNIXERROR(ERRDOS,ERRnoaccess)); } + SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ SSVAL(outbuf,smb_vwv5,nread); SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); SSVAL(smb_buf(outbuf),-2,nread); @@ -1993,7 +2021,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, START_PROFILE(SMBwritebraw); if (srv_is_signing_active()) { - exit_server("reply_readbraw: SMB signing is active - raw reads/writes are disallowed."); + exit_server("reply_writebraw: SMB signing is active - raw reads/writes are disallowed."); } CHECK_FSP(fsp,conn); @@ -2626,6 +2654,8 @@ int reply_lock(connection_struct *conn, SMB_BIG_UINT count,offset; NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + BOOL my_lock_ctx = False; + START_PROFILE(SMBlock); CHECK_FSP(fsp,conn); @@ -2638,9 +2668,9 @@ int reply_lock(connection_struct *conn, DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fd, fsp->fnum, (double)offset, (double)count)); - status = do_lock_spin(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK); + status = do_lock_spin(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK, &my_lock_ctx); if (NT_STATUS_V(status)) { - if (lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { + if (lp_blocking_locks(SNUM(conn)) && !my_lock_ctx && ERROR_WAS_LOCK_DENIED(status)) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it @@ -4140,6 +4170,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, char *data; BOOL large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; BOOL err; + BOOL my_lock_ctx = False; NTSTATUS status; START_PROFILE(SMBlockingX); @@ -4260,9 +4291,9 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); fsp->fsp_name, (int)lock_timeout )); status = do_lock_spin(fsp,conn,lock_pid, count,offset, - ((locktype & 1) ? READ_LOCK : WRITE_LOCK)); + ((locktype & 1) ? READ_LOCK : WRITE_LOCK), &my_lock_ctx); if (NT_STATUS_V(status)) { - if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { + if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn)) && !my_lock_ctx && ERROR_WAS_LOCK_DENIED(status)) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it -- cgit From e74b6f41cffcb134e77edb75346af3148262401b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 9 Oct 2003 19:01:31 +0000 Subject: At least give a message if we're returning a short read for W2K compatibility. Jeremy. (This used to be commit 84c993d9cd0bc57a8b8b9aa716af1336620e2c87) --- source3/smbd/reply.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5c1d7915c2..5c9451cf37 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1775,7 +1775,12 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * However the requested READ size IS affected by max_recv. Insanity.... JRA. */ - numtoread = MIN(numtoread,max_recv); + if (numtoread > max_recv) { + DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \ +Returning short read of maximum allowed for compatibility with Windows 2000.\n", + (unsigned int)numtoread, (unsigned int)max_recv )); + numtoread = MIN(numtoread,max_recv); + } nread = read_file(fsp,data,startpos,numtoread); if (nread < 0) { @@ -1820,7 +1825,12 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int /* * The requested read size cannot be greater than max_recv. JRA. */ - numtoread = MIN(numtoread,max_recv); + if (numtoread > max_recv) { + DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \ +Returning short read of maximum allowed for compatibility with Windows 2000.\n", + (unsigned int)numtoread, (unsigned int)max_recv )); + numtoread = MIN(numtoread,max_recv); + } data = smb_buf(outbuf) + 3; -- cgit From 90b147022effcca1087a9963d46c250638bf8c46 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 9 Oct 2003 21:04:48 +0000 Subject: Match W2K insanty w.r.t. writelock and writeclose. Samba4 torture tester. Jeremy. (This used to be commit c682fae16a2fa18f951c69ba29b1a576f4e27d6b) --- source3/smbd/reply.c | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5c9451cf37..89bb5eeb94 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2159,7 +2159,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, size_t numtowrite; SMB_OFF_T startpos; char *data; - NTSTATUS status; + NTSTATUS status = NT_STATUS_OK; files_struct *fsp = file_fsp(inbuf,smb_vwv0); int outsize = 0; START_PROFILE(SMBwriteunlock); @@ -2171,7 +2171,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, + if (numtowrite && is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { END_PROFILE(SMBwriteunlock); return ERROR_DOS(ERRDOS,ERRlock); @@ -2193,11 +2193,13 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, return(UNIXERROR(ERRHRD,ERRdiskfull)); } - status = do_unlock(fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtowrite, - (SMB_BIG_UINT)startpos); - if (NT_STATUS_V(status)) { - END_PROFILE(SMBwriteunlock); - return ERROR_NT(status); + if (numtowrite) { + status = do_unlock(fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtowrite, + (SMB_BIG_UINT)startpos); + if (NT_STATUS_V(status)) { + END_PROFILE(SMBwriteunlock); + return ERROR_NT(status); + } } outsize = set_message(outbuf,1,0,True); @@ -2620,7 +2622,7 @@ int reply_writeclose(connection_struct *conn, mtime = make_unix_date3(inbuf+smb_vwv4); data = smb_buf(inbuf) + 1; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { + if (numtowrite && is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { END_PROFILE(SMBwriteclose); return ERROR_DOS(ERRDOS,ERRlock); } @@ -2629,7 +2631,16 @@ int reply_writeclose(connection_struct *conn, set_filetime(conn, fsp->fsp_name,mtime); - close_err = close_file(fsp,True); + /* + * More insanity. W2K only closes the file if writelen > 0. + * JRA. + */ + + if (numtowrite) { + DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n", + fsp->fsp_name )); + close_err = close_file(fsp,True); + } DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n", fsp->fnum, (int)numtowrite, (int)nwritten, -- cgit From e7d1e9a9b68d3bd7ad7328ed7dda6735eba025ae Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 10 Oct 2003 01:53:38 +0000 Subject: Make us pass Samba4 lock tester (with one different error message). Jeremy. (This used to be commit 7622a9dbbded8d07f976ec965adca5e92de3d2b0) --- source3/smbd/reply.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 89bb5eeb94..ec63be32b4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2691,6 +2691,8 @@ int reply_lock(connection_struct *conn, status = do_lock_spin(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK, &my_lock_ctx); if (NT_STATUS_V(status)) { +#if 0 + /* Tests using Samba4 against W2K show this call never creates a blocking lock. */ if (lp_blocking_locks(SNUM(conn)) && !my_lock_ctx && ERROR_WAS_LOCK_DENIED(status)) { /* * A blocking lock was requested. Package up @@ -2702,6 +2704,7 @@ int reply_lock(connection_struct *conn, return -1; } } +#endif END_PROFILE(SMBlock); return ERROR_NT(status); } -- cgit From 3a9510acaed2d5e28b17934a2d110998232565e2 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 16 Oct 2003 18:17:44 +0000 Subject: Fix buggy data_len calculation in echo. Add paranoia debug message. Jeremy. (This used to be commit 5332af1124077f49e84836f5cedfbde98336b142) --- source3/smbd/reply.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ec63be32b4..011186ba89 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2784,7 +2784,11 @@ int reply_echo(connection_struct *conn, int outsize = set_message(outbuf,1,data_len,True); START_PROFILE(SMBecho); - data_len = MIN(data_len, (sizeof(inbuf)-(smb_buf(inbuf)-inbuf))); + if (data_len > BUFFER_SIZE) { + DEBUG(0,("reply_echo: data_len too large.\n")); + END_PROFILE(SMBecho); + return -1; + } /* copy any incoming data back out */ if (data_len > 0) -- cgit From 231124ced9237cdbc3732a722c8f373ee760927b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 29 Oct 2003 21:28:00 +0000 Subject: Fixes to check for wraps which could cause coredumps. Jeremy. (This used to be commit ad06edd1bb58cc5e2c38a364b1af96a933b770af) --- source3/smbd/reply.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 011186ba89..3752507493 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -669,10 +669,9 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size time_t date; int dirtype; int outsize = 0; - int numentries = 0; + unsigned int numentries = 0; + unsigned int maxentries = 0; BOOL finished = False; - int maxentries; - int i; char *p; BOOL ok = False; int status_len; @@ -786,6 +785,9 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size numentries = 0; p += DIR_STRUCT_SIZE; } else { + unsigned int i; + maxentries = MIN(maxentries, ((BUFFER_SIZE - (p - outbuf))/DIR_STRUCT_SIZE)); + DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n", conn->dirpath,lp_dontdescend(SNUM(conn)))); if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) @@ -845,7 +847,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if ((! *directory) && dptr_path(dptr_num)) slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); - DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%d of %d\n", + DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%u of %u\n", smb_fn_name(CVAL(inbuf,smb_com)), mask, directory, dirtype, numentries, maxentries ) ); -- cgit From 575bc995c0d6d1381c02deebc1c45c0fd644f1c2 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Sat, 31 Jan 2004 18:25:57 +0000 Subject: * BUG 101: patch from j.lu@tiesse.com to set the SV_TYPE_PRINTQ_SERVER; * don't set the unix_ERR_XX code in mkdir_internal, let the error mapping handle it. (This used to be commit 87343fc15a385153c2205bd8bfe876504d38d9a1) --- source3/smbd/reply.c | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3752507493..c4ff77bd86 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3013,19 +3013,12 @@ NTSTATUS mkdir_internal(connection_struct *conn, pstring directory) ret = vfs_MkDir(conn,directory,unix_mode(conn,aDIR,directory)); if (ret == -1) { - NTSTATUS nterr = NT_STATUS_OK; if(errno == ENOENT) { - unix_ERR_class = ERRDOS; - if (bad_path) { - unix_ERR_code = ERRbadpath; - nterr = NT_STATUS_OBJECT_PATH_NOT_FOUND; - } else { - unix_ERR_code = ERRbadfile; - nterr = NT_STATUS_OBJECT_NAME_NOT_FOUND; - } + if (bad_path) + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + else + return NT_STATUS_OBJECT_NAME_NOT_FOUND; } - if (!NT_STATUS_IS_OK(nterr)) - return nterr; return map_nt_error_from_unix(errno); } -- cgit From 13dd3e60bdf9ea799a1c56ca7467f323922e636d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 24 Feb 2004 00:03:18 +0000 Subject: Fixup correct timeout values for blocking lock timeouts (tested at connectathon by Herb). Jeremy. (This used to be commit b38b3a554221a234127c740e6432048e69b7f5a3) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c4ff77bd86..ee47485126 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4288,7 +4288,7 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); /* Setup the timeout in seconds. */ - lock_timeout = ((lock_timeout == -1) ? -1 : (lock_timeout+499)/500); + lock_timeout = ((lock_timeout == -1) ? -1 : (lock_timeout+999)/1000); /* Now do any requested locks */ data += ((large_file_format ? 20 : 10)*num_ulocks); -- cgit From 5447f1f4677bd4a3b9da43a835dd8c662ed86bfa Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 24 Feb 2004 00:55:05 +0000 Subject: More gentest error fixups. Jeremy. (This used to be commit 00f71fc8361919b87b62389ada8bd9a73f9f98b5) --- source3/smbd/reply.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ee47485126..26c107e17a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3005,6 +3005,10 @@ NTSTATUS mkdir_internal(connection_struct *conn, pstring directory) unix_convert(directory,conn,0,&bad_path,&sbuf); + if( strchr_m(directory, ':')) { + return NT_STATUS_NOT_A_DIRECTORY; + } + if (ms_has_wild(directory)) { return NT_STATUS_OBJECT_NAME_INVALID; } -- cgit From f96e84c682bac64713841c8008193de5baf59993 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 24 Feb 2004 01:46:24 +0000 Subject: Ensure '.' and '..' don't match in delete requests. Jeremy. (This used to be commit 1b0d54170a2e3e61fc9bdedec6b10c8b7728a395) --- source3/smbd/reply.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 26c107e17a..0fe3be0752 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1449,7 +1449,10 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) while ((dname = ReadDirName(dirptr))) { pstring fname; pstrcpy(fname,dname); - + + if((strcmp(fname, ".") == 0) || (strcmp(fname, "..")==0)) + continue; + if(!mask_match(fname, mask, case_sensitive)) continue; -- cgit From 01cb68643c129729f3df2bdfcdc81bd3c7fef71a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 25 Feb 2004 00:48:35 +0000 Subject: More gentest fixes. Jeremy. (This used to be commit d34785194cbd7132fc3ca1f4d5561c2eee6009ab) --- source3/smbd/reply.c | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0fe3be0752..d0888fc682 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1309,7 +1309,7 @@ static NTSTATUS can_rename(char *fname,connection_struct *conn, SMB_STRUCT_STAT Check if a user is allowed to delete a file. ********************************************************************/ -static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) +static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype, BOOL bad_path) { SMB_STRUCT_STAT sbuf; int fmode; @@ -1323,8 +1323,15 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype) if (!CAN_WRITE(conn)) return NT_STATUS_MEDIA_WRITE_PROTECTED; - if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) - return NT_STATUS_OBJECT_NAME_NOT_FOUND; + if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) { + if(errno == ENOENT) { + if (bad_path) + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + else + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + return map_nt_error_from_unix(errno); + } fmode = dos_mode(conn,fname,&sbuf); @@ -1421,7 +1428,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - error = can_delete(directory,conn,dirtype); + error = can_delete(directory,conn,dirtype,bad_path); if (!NT_STATUS_IS_OK(error)) return error; @@ -1457,7 +1464,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) continue; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - error = can_delete(fname,conn,dirtype); + error = can_delete(fname,conn,dirtype,bad_path); if (!NT_STATUS_IS_OK(error)) continue; if (SMB_VFS_UNLINK(conn,fname) == 0) @@ -3639,7 +3646,8 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", dirptr = OpenDir(conn, directory, True); if (dirptr) { - error = NT_STATUS_OBJECT_NAME_NOT_FOUND; + error = NT_STATUS_NO_SUCH_FILE; +/* Was error = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */ if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); @@ -3649,6 +3657,9 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", pstrcpy(fname,dname); + if((strcmp(fname, ".") == 0) || (strcmp(fname, "..")==0)) + continue; + if(!mask_match(fname, mask, case_sensitive)) continue; -- cgit From 1d9f07735c67a29f4cf56aa376d7a1f034c967f6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 25 Feb 2004 01:35:14 +0000 Subject: More gentest fun :-). NB. I'm not fixing OpenX breakage 'cos if you look at what W2K3 accepts here it's COMPLETELY BROKEN ! :-). Jeremy. (This used to be commit 5107f6ee70a9300678ccb7b3c812e23ddf795c22) --- source3/smbd/reply.c | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d0888fc682..c729f22728 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1457,8 +1457,12 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) pstring fname; pstrcpy(fname,dname); - if((strcmp(fname, ".") == 0) || (strcmp(fname, "..")==0)) - continue; + /* Quick check for "." and ".." */ + if (fname[0] == '.') { + if (!fname[1] || (fname[1] == '.' && !fname[2])) { + continue; + } + } if(!mask_match(fname, mask, case_sensitive)) continue; @@ -3357,6 +3361,13 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * ZERO_STRUCT(sbuf); unix_convert(newname,conn,newname_last_component,&bad_path,&sbuf); + /* Quick check for "." and ".." */ + if (newname_last_component[0] == '.') { + if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) { + return NT_STATUS_ACCESS_DENIED; + } + } + /* Ensure newname contains a '/' */ if(strrchr_m(newname,'/') == 0) { pstring tmpstr; @@ -3470,6 +3481,13 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BO rc = unix_convert(name,conn,0,&bad_path1,&sbuf1); unix_convert(newname,conn,newname_last_component,&bad_path2,&sbuf2); + /* Quick check for "." and ".." */ + if (newname_last_component[0] == '.') { + if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) { + return NT_STATUS_ACCESS_DENIED; + } + } + /* * Split the old name into directory and last component * strings. Note that unix_convert may have stripped off a @@ -3478,7 +3496,7 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BO * name and newname contain a / character or neither of them do * as this is checked in resolve_wildcards(). */ - + p = strrchr_m(name,'/'); if (!p) { pstrcpy(directory,"."); @@ -3657,8 +3675,12 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", pstrcpy(fname,dname); - if((strcmp(fname, ".") == 0) || (strcmp(fname, "..")==0)) - continue; + /* Quick check for "." and ".." */ + if (fname[0] == '.') { + if (!fname[1] || (fname[1] == '.' && !fname[2])) { + continue; + } + } if(!mask_match(fname, mask, case_sensitive)) continue; -- cgit From fd6b9c02b91ea39e8c7575e1f5f106509940ba1f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 25 Feb 2004 21:37:22 +0000 Subject: Fixup strange rename error case (gentest). Jeremy. (This used to be commit d448fb801e175e11cfc0118325043eef836103f0) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c729f22728..49f4e97028 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3482,8 +3482,9 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BO unix_convert(newname,conn,newname_last_component,&bad_path2,&sbuf2); /* Quick check for "." and ".." */ - if (newname_last_component[0] == '.') { + if (!bad_path2 && newname_last_component[0] == '.') { if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) { + DEBUG(10,("rename_internals: newname_last_component = '.' or '..'\n")); return NT_STATUS_ACCESS_DENIED; } } -- cgit From fa81d1d7e7a86d13d10550aa20b07c7300d7b324 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 26 Feb 2004 01:31:10 +0000 Subject: Interesting fact found by IFSTEST /t LockOverlappedTest... Even if it's our own lock context, we need to wait here as there may be an unlock on the way. So I removed a "&& !my_lock_ctx" from the following if statement. if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { Jeremy. (This used to be commit 3f35e3975f1c46daad1456bc82163acd049d7be8) --- source3/smbd/reply.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 49f4e97028..643b7c2d08 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4357,7 +4357,14 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); status = do_lock_spin(fsp,conn,lock_pid, count,offset, ((locktype & 1) ? READ_LOCK : WRITE_LOCK), &my_lock_ctx); if (NT_STATUS_V(status)) { - if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn)) && !my_lock_ctx && ERROR_WAS_LOCK_DENIED(status)) { + /* + * Interesting fact found by IFSTEST /t LockOverlappedTest... + * Even if it's our own lock context, we need to wait here as + * there may be an unlock on the way. + * So I removed a "&& !my_lock_ctx" from the following + * if statement. JRA. + */ + if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it -- cgit From 3c1d00d12a2e3ef2c685c47313487dccae755294 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 28 Feb 2004 00:56:42 +0000 Subject: More gentest fixes. Fix up regression in IS_NAME_VALID and renames. Jeremy. (This used to be commit 367f5c3bc27aafb04f7589b3d4ac5b58189909fb) --- source3/smbd/reply.c | 41 ++++++++++++++++++++++++++++++----------- 1 file changed, 30 insertions(+), 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 643b7c2d08..836f95e179 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3357,16 +3357,20 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * pstring newname_last_component; NTSTATUS error = NT_STATUS_OK; BOOL dest_exists; + BOOL rcdest = True; ZERO_STRUCT(sbuf); - unix_convert(newname,conn,newname_last_component,&bad_path,&sbuf); + rcdest = unix_convert(newname,conn,newname_last_component,&bad_path,&sbuf); /* Quick check for "." and ".." */ - if (newname_last_component[0] == '.') { + if (!bad_path && newname_last_component[0] == '.') { if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) { return NT_STATUS_ACCESS_DENIED; } } + if (!rcdest && bad_path) { + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } /* Ensure newname contains a '/' */ if(strrchr_m(newname,'/') == 0) { @@ -3472,6 +3476,7 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BO int count=0; NTSTATUS error = NT_STATUS_OK; BOOL rc = True; + BOOL rcdest = True; SMB_STRUCT_STAT sbuf1, sbuf2; *directory = *mask = 0; @@ -3479,15 +3484,7 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BO ZERO_STRUCT(sbuf1); ZERO_STRUCT(sbuf2); rc = unix_convert(name,conn,0,&bad_path1,&sbuf1); - unix_convert(newname,conn,newname_last_component,&bad_path2,&sbuf2); - - /* Quick check for "." and ".." */ - if (!bad_path2 && newname_last_component[0] == '.') { - if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) { - DEBUG(10,("rename_internals: newname_last_component = '.' or '..'\n")); - return NT_STATUS_ACCESS_DENIED; - } - } + rcdest = unix_convert(newname,conn,newname_last_component,&bad_path2,&sbuf2); /* * Split the old name into directory and last component @@ -3612,6 +3609,17 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", return error; } + /* Quick check for "." and ".." */ + if (!bad_path2 && newname_last_component[0] == '.') { + if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) { + DEBUG(10,("rename_internals: newname_last_component = '.' or '..'\n")); + return NT_STATUS_ACCESS_DENIED; + } + } + if (!rcdest && bad_path2) { + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + error = can_rename(directory,conn,&sbuf1); if (!NT_STATUS_IS_OK(error)) { @@ -3661,6 +3669,17 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", const char *dname; pstring destname; + /* Quick check for "." and ".." */ + if (!bad_path2 && newname_last_component[0] == '.') { + if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) { + DEBUG(10,("rename_internals: newname_last_component = '.' or '..'\n")); + return NT_STATUS_ACCESS_DENIED; + } + } + if (!rcdest && bad_path2) { + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + if (check_name(directory,conn)) dirptr = OpenDir(conn, directory, True); -- cgit From fba5a722497c1e4577aa463921a0fec5f6d5fe55 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 3 Mar 2004 20:55:59 +0000 Subject: Use a common function to parse all pathnames from the wire. This allows much closer emulation of Win2k3 error return codes. Jeremy. (This used to be commit c9f31fafeda6ad79e590276f36e03ecd2e93f818) --- source3/smbd/reply.c | 253 ++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 189 insertions(+), 64 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 836f95e179..051aaafb45 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -40,28 +40,117 @@ extern BOOL global_encrypted_passwords_negotiated; /**************************************************************************** Ensure we check the path in *exactly* the same way as W2K. + We're assuming here that '/' is not the second byte in any multibyte char + set (a safe assumption). '\\' *may* be the second byte in a multibyte char + set. ****************************************************************************/ -NTSTATUS check_path_syntax(const char *name) +static NTSTATUS check_path_syntax(pstring destname, const pstring srcname) { - while (*name == '\\' || *name == '/') - name++; - if (name[0] == '.' && name[1] == '\0') - return NT_STATUS_OBJECT_NAME_INVALID; - else if (name[0] == '.' && name[1] == '.' && - (name[2] == '\\' || name [2] == '/' || name[2] == '\0')) - return NT_STATUS_OBJECT_PATH_SYNTAX_BAD; - return NT_STATUS_OK; + char *d = destname; + const char *s = srcname; + NTSTATUS ret = NT_STATUS_OK; + + while (*s) { + if (IS_DIRECTORY_SEP(*s)) { + /* + * Safe to assume is not the second part of a mb char as this is handled below. + */ + /* Eat multiple '/' or '\\' */ + while (IS_DIRECTORY_SEP(*s)) { + s++; + } + if ((d != destname) && (*s != '\0')) { + /* We only care about non-leading or trailing '/' or '\\' */ + *d++ = '/'; + } + } else if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) { + /* Uh oh - "../" or "..\\" or "..\0" ! */ + + /* + * No mb char starts with '.' so we're safe checking the directory separator here. + */ + + /* If we just added a '/', delete it. */ + + if ((d > destname) && (*(d-1) == '/')) { + *(d-1) = '\0'; + if (d == (destname + 1)) { + d--; + } else { + d -= 2; + } + } + /* Are we at the start ? Can't go back further if so. */ + if (d == destname) { + return NT_STATUS_OBJECT_PATH_SYNTAX_BAD; + } + /* Go back one level... */ + while (d > destname) { + if (*d == '/') + break; + d--; + } + s += 3; + } else if ((s[0] == '.') && IS_DIRECTORY_SEP(s[1])) { + + /* + * No mb char starts with '.' so we're safe checking the directory separator here. + */ + + /* "./" or ".\\" fails with a different error depending on where it is... */ + + if (s == srcname) { + ret = NT_STATUS_OBJECT_NAME_INVALID; + } else { + if (s[2] == '\0') { + return NT_STATUS_INVALID_PARAMETER; + } + ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + s++; + } else { + if ((*s & 0x80) && IS_DIRECTORY_SEP(s[1])) { + /* + * Potential mb char with second char a directory separator. + * All the encodings we care about are 2 byte only, so do a + * conversion to unicode. If the 2 byte char won't convert then + * it's probably a one byte char with a real directory separator + * following, so only copy one byte. If it will convert then + * copy both bytes. + */ + uint16 ucs2_val; + if (convert_string(CH_UNIX, CH_UCS2, s, 2, &ucs2_val, 2) == 2) { + *d++ = *s++; + } + } + /* Just copy the char (or the second byte of the mb char). */ + *d++ = *s++; + } + } + *d = '\0'; + return ret; } /**************************************************************************** Pull a string and check the path - provide for error return. ****************************************************************************/ -size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, int flags, NTSTATUS *err) +size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err) { - size_t ret = srvstr_pull_buf( inbuf, dest, src, dest_len, flags); - *err = check_path_syntax(dest); + pstring tmppath; + char *tmppath_ptr = tmppath; +#ifdef DEVELOPER + SMB_ASSERT(dest_len == sizeof(pstring)); +#endif + size_t ret; + + if (src_len == 0) { + ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags); + } else { + ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags); + } + *err = check_path_syntax(dest, tmppath); return ret; } @@ -414,7 +503,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBchkpth); - srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), STR_TERMINATE, &status); + srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBchkpth); return ERROR_NT(status); @@ -492,7 +581,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBgetatr); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, fname, p, sizeof(fname), STR_TERMINATE,&status); + p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBgetatr); return ERROR_NT(status); @@ -567,7 +656,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBsetatr); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, fname, p, sizeof(fname), STR_TERMINATE,&status); + p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBsetatr); return ERROR_NT(status); @@ -695,7 +784,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size maxentries = SVAL(inbuf,smb_vwv0); dirtype = SVAL(inbuf,smb_vwv1); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, path, p, sizeof(path), STR_TERMINATE,&nt_status); + p += srvstr_get_path(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &nt_status); if (!NT_STATUS_IS_OK(nt_status)) { END_PROFILE(SMBsearch); return ERROR_NT(nt_status); @@ -873,7 +962,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size outsize = set_message(outbuf,1,0,True); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, path, p, sizeof(path), STR_TERMINATE,&err); + p += srvstr_get_path(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err); if (!NT_STATUS_IS_OK(err)) { END_PROFILE(SMBfclose); return ERROR_NT(err); @@ -925,7 +1014,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, share_mode = SVAL(inbuf,smb_vwv0); - srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), STR_TERMINATE,&status); + srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopen); return ERROR_NT(status); @@ -1017,7 +1106,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } /* XXXX we need to handle passed times, sattr and flags */ - srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), STR_TERMINATE,&status); + srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); return ERROR_NT(status); @@ -1133,7 +1222,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, com = SVAL(inbuf,smb_com); createmode = SVAL(inbuf,smb_vwv0); - srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), STR_TERMINATE,&status); + srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); return ERROR_NT(status); @@ -1202,7 +1291,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBctemp); createmode = SVAL(inbuf,smb_vwv0); - srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), STR_TERMINATE,&status); + srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBctemp); return ERROR_NT(status); @@ -1456,17 +1545,27 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) while ((dname = ReadDirName(dirptr))) { pstring fname; pstrcpy(fname,dname); + BOOL sys_direntry = False; /* Quick check for "." and ".." */ if (fname[0] == '.') { if (!fname[1] || (fname[1] == '.' && !fname[2])) { - continue; + if ((dirtype & aDIR)) { + sys_direntry = True; + } else { + continue; + } } } if(!mask_match(fname, mask, case_sensitive)) continue; + if (sys_direntry) { + error = NT_STATUS_OBJECT_NAME_INVALID; + continue; + } + slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); error = can_delete(fname,conn,dirtype,bad_path); if (!NT_STATUS_IS_OK(error)) @@ -1501,7 +1600,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size dirtype = SVAL(inbuf,smb_vwv0); - srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), STR_TERMINATE,&status); + srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBunlink); return ERROR_NT(status); @@ -3054,7 +3153,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, NTSTATUS status; START_PROFILE(SMBmkdir); - srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), STR_TERMINATE,&status); + srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmkdir); return ERROR_NT(status); @@ -3224,7 +3323,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, NTSTATUS status; START_PROFILE(SMBrmdir); - srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), STR_TERMINATE,&status); + srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBrmdir); return ERROR_NT(status); @@ -3464,15 +3563,16 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * code. ****************************************************************************/ -NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BOOL replace_if_exists) +NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, uint16 attrs, BOOL replace_if_exists) { pstring directory; pstring mask; - pstring newname_last_component; + pstring last_component_src; + pstring last_component_dest; char *p; BOOL has_wild; - BOOL bad_path1 = False; - BOOL bad_path2 = False; + BOOL bad_path_src = False; + BOOL bad_path_dest = False; int count=0; NTSTATUS error = NT_STATUS_OK; BOOL rc = True; @@ -3483,8 +3583,29 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BO ZERO_STRUCT(sbuf1); ZERO_STRUCT(sbuf2); - rc = unix_convert(name,conn,0,&bad_path1,&sbuf1); - rcdest = unix_convert(newname,conn,newname_last_component,&bad_path2,&sbuf2); + + rc = unix_convert(name,conn,last_component_src,&bad_path_src,&sbuf1); + if (!rc && bad_path_src) { + if (ms_has_wild(last_component_src)) + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + + /* Quick check for "." and ".." */ + if (last_component_src[0] == '.') { + if (!last_component_src[1] || (last_component_src[1] == '.' && !last_component_src[2])) { + return NT_STATUS_OBJECT_NAME_INVALID; + } + } + + rcdest = unix_convert(newname,conn,last_component_dest,&bad_path_dest,&sbuf2); + + /* Quick check for "." and ".." */ + if (last_component_dest[0] == '.') { + if (!last_component_dest[1] || (last_component_dest[1] == '.' && !last_component_dest[2])) { + return NT_STATUS_OBJECT_NAME_INVALID; + } + } /* * Split the old name into directory and last component @@ -3540,9 +3661,9 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, BO } DEBUG(3,("rename_internals: case_sensitive = %d, case_preserve = %d, short case preserve = %d, \ -directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", +directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", case_sensitive, case_preserve, short_case_preserve, directory, - newname, newname_last_component, is_short_name)); + newname, last_component_dest, is_short_name)); /* * Check for special case with case preserving and not @@ -3558,7 +3679,7 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", ((short_case_preserve == True) && (is_short_name == True))) && strcsequal(directory, newname)) { - pstring newname_modified_last_component; + pstring modified_last_component; /* * Get the last component of the modified name. @@ -3566,15 +3687,15 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", * character above. */ p = strrchr_m(newname,'/'); - pstrcpy(newname_modified_last_component,p+1); + pstrcpy(modified_last_component,p+1); - if(strcsequal(newname_modified_last_component, - newname_last_component) == False) { + if(strcsequal(modified_last_component, + last_component_dest) == False) { /* * Replace the modified last component with * the original. */ - pstrcpy(p+1, newname_last_component); + pstrcpy(p+1, last_component_dest); } } @@ -3609,14 +3730,9 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", return error; } - /* Quick check for "." and ".." */ - if (!bad_path2 && newname_last_component[0] == '.') { - if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) { - DEBUG(10,("rename_internals: newname_last_component = '.' or '..'\n")); - return NT_STATUS_ACCESS_DENIED; - } - } - if (!rcdest && bad_path2) { + if (!rcdest && bad_path_dest) { + if (ms_has_wild(last_component_dest)) + return NT_STATUS_OBJECT_NAME_INVALID; return NT_STATUS_OBJECT_PATH_NOT_FOUND; } @@ -3669,17 +3785,6 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", const char *dname; pstring destname; - /* Quick check for "." and ".." */ - if (!bad_path2 && newname_last_component[0] == '.') { - if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) { - DEBUG(10,("rename_internals: newname_last_component = '.' or '..'\n")); - return NT_STATUS_ACCESS_DENIED; - } - } - if (!rcdest && bad_path2) { - return NT_STATUS_OBJECT_PATH_NOT_FOUND; - } - if (check_name(directory,conn)) dirptr = OpenDir(conn, directory, True); @@ -3692,19 +3797,29 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", while ((dname = ReadDirName(dirptr))) { pstring fname; + BOOL sysdir_entry = False; pstrcpy(fname,dname); /* Quick check for "." and ".." */ if (fname[0] == '.') { if (!fname[1] || (fname[1] == '.' && !fname[2])) { - continue; + if (attrs & aDIR) { + sysdir_entry = True; + } else { + continue; + } } } if(!mask_match(fname, mask, case_sensitive)) continue; + if (sysdir_entry) { + error = NT_STATUS_OBJECT_NAME_INVALID; + continue; + } + error = NT_STATUS_ACCESS_DENIED; slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); if (!vfs_object_exist(conn, fname, &sbuf1)) { @@ -3735,11 +3850,20 @@ directory = %s, newname = %s, newname_last_component = %s, is_8_3 = %d\n", if (!SMB_VFS_RENAME(conn,fname,destname)) { rename_open_files(conn, sbuf1.st_dev, sbuf1.st_ino, newname); count++; + error = NT_STATUS_OK; } DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } CloseDir(dirptr); } + + if (!NT_STATUS_EQUAL(error,NT_STATUS_NO_SUCH_FILE)) { + if (!rcdest && bad_path_dest) { + if (ms_has_wild(last_component_dest)) + return NT_STATUS_OBJECT_NAME_INVALID; + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + } } if (count == 0 && NT_STATUS_IS_OK(error)) { @@ -3760,18 +3884,19 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstring name; pstring newname; char *p; + uint16 attrs = SVAL(inbuf,smb_vwv0); NTSTATUS status; START_PROFILE(SMBmv); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, name, p, sizeof(name), STR_TERMINATE,&status); + p += srvstr_get_path(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); } p++; - p += srvstr_get_path(inbuf, newname, p, sizeof(newname), STR_TERMINATE,&status); + p += srvstr_get_path(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); @@ -3782,7 +3907,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - status = rename_internals(conn, name, newname, False); + status = rename_internals(conn, name, newname, attrs, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); @@ -3909,12 +4034,12 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, *directory = *mask = 0; p = smb_buf(inbuf); - p += srvstr_get_path(inbuf, name, p, sizeof(name), STR_TERMINATE,&status); + p += srvstr_get_path(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); return ERROR_NT(status); } - p += srvstr_get_path(inbuf, newname, p, sizeof(newname), STR_TERMINATE,&status); + p += srvstr_get_path(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); return ERROR_NT(status); @@ -4074,7 +4199,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_DOS(ERRDOS,ERRnoaccess); } - srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), STR_TERMINATE,&status); + srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(pathworks_setdir); return ERROR_NT(status); -- cgit From 7dc6dd58843cf1332964b7119fb683310fc4e3c7 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Thu, 4 Mar 2004 16:24:13 +0000 Subject: Fix build farm, older compilers won't let you declare variables right in the middle of the code. I just love catching jra on stuff like this, after all the crap I've done. :-) (This used to be commit dc7dc5175847243d821dd33c1678af1b785dfaf7) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 051aaafb45..c0d5234f47 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1544,8 +1544,8 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) while ((dname = ReadDirName(dirptr))) { pstring fname; - pstrcpy(fname,dname); BOOL sys_direntry = False; + pstrcpy(fname,dname); /* Quick check for "." and ".." */ if (fname[0] == '.') { -- cgit From 3f14e8eb9dd9893ed195853dd7cf46ee5c2d5133 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 8 Mar 2004 21:54:54 +0000 Subject: Fix assumption about following directory sep in check_path_syntax(). We need to try and convert 1 byte, then 2 bytes if that fails. Fixes bug reported by Simo. Jeremy. (This used to be commit 8702d0089619c7321b93e59d35f43ef32dce7b78) --- source3/smbd/reply.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c0d5234f47..1ff969493e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -114,14 +114,20 @@ static NTSTATUS check_path_syntax(pstring destname, const pstring srcname) /* * Potential mb char with second char a directory separator. * All the encodings we care about are 2 byte only, so do a - * conversion to unicode. If the 2 byte char won't convert then - * it's probably a one byte char with a real directory separator - * following, so only copy one byte. If it will convert then - * copy both bytes. + * conversion to unicode. If the one byte char converts then + * it really is a directory separator following. Otherwise if + * the two byte character converts (and it should or our assumption + * about character sets is broken and we panic) then copy both + * bytes as it's a MB character, not a directory separator. */ + uint16 ucs2_val; - if (convert_string(CH_UNIX, CH_UCS2, s, 2, &ucs2_val, 2) == 2) { + if (convert_string(CH_UNIX, CH_UCS2, s, 1, &ucs2_val, 2) == 2) { + ; + } else if (convert_string(CH_UNIX, CH_UCS2, s, 2, &ucs2_val, 2) == 2) { *d++ = *s++; + } else { + smb_panic("check_path_syntax: directory separator assumptions invalid !\n"); } } /* Just copy the char (or the second byte of the mb char). */ -- cgit From f089f978c22513fd88216b83a1b877cb8798c834 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 9 Mar 2004 15:29:16 +0000 Subject: fix build with gcc 2.96 and --with-developer (This used to be commit 11fc4da07f232c38e04c6443e5d0f829e16b0a18) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1ff969493e..5bf8ca0a2d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -146,10 +146,10 @@ size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len { pstring tmppath; char *tmppath_ptr = tmppath; + size_t ret; #ifdef DEVELOPER SMB_ASSERT(dest_len == sizeof(pstring)); #endif - size_t ret; if (src_len == 0) { ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags); -- cgit From 83560bfcfae6d2de0c29b7ac4e012e4bbe911c8f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 11 Mar 2004 00:31:47 +0000 Subject: Fix processing of pathnames with embedded '\\' characters (0x5c) in CP932 character set. Because of the allowing of "broken conversions" for people who have broken iconv libraries we can't rely on the return from convert_string() to be valid - we must check errno instead. This is ripe for revisiting at some stage. I prefer adding a bool parameter to all convert_string_XX varients to specify if we will allow broken conversions or not. With "allow_broken_conversions" set to false we could then rely on the return from convert_string rather than checking errno. Jeremy. (This used to be commit 74722f28659ac369676e898fda48d3d9ab265045) --- source3/smbd/reply.c | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5bf8ca0a2d..dc9f0be401 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -45,7 +45,7 @@ extern BOOL global_encrypted_passwords_negotiated; set. ****************************************************************************/ -static NTSTATUS check_path_syntax(pstring destname, const pstring srcname) +NTSTATUS check_path_syntax(pstring destname, const pstring srcname) { char *d = destname; const char *s = srcname; @@ -122,12 +122,30 @@ static NTSTATUS check_path_syntax(pstring destname, const pstring srcname) */ uint16 ucs2_val; - if (convert_string(CH_UNIX, CH_UCS2, s, 1, &ucs2_val, 2) == 2) { + + /* + * We know the following will return 2 bytes. What + * we need to know was if errno was set. + * Note that if CH_UNIX is utf8 a string may be 3 + * bytes, but this is ok as mb utf8 characters don't + * contain embedded directory separators. We are really checking + * for mb UNIX asian characters like Japanese (SJIS) here. + * JRA. + */ + + errno = 0; + convert_string(CH_UNIX, CH_UCS2, s, 1, &ucs2_val, 2); + if (errno == 0) { ; - } else if (convert_string(CH_UNIX, CH_UCS2, s, 2, &ucs2_val, 2) == 2) { - *d++ = *s++; } else { - smb_panic("check_path_syntax: directory separator assumptions invalid !\n"); + errno = 0; + convert_string(CH_UNIX, CH_UCS2, s, 2, &ucs2_val, 2); + if (errno == 0) { + *d++ = *s++; + } else { + DEBUG(0,("check_path_syntax: directory separator assumptions invalid !\n")); + return NT_STATUS_INVALID_PARAMETER; + } } } /* Just copy the char (or the second byte of the mb char). */ -- cgit From e3f5b542707e2328030b9d5eff0836a904eccde5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 11 Mar 2004 22:48:24 +0000 Subject: Restore the contract on all convert_stringXX() interfaces. Add a "allow_bad_conv" boolean parameter that allows broken iconv conversions to work. Gets rid of the nasty errno checks in mangle_hash2 and check_path_syntax and allows correct return code checking. Jeremy. (This used to be commit 7b96765c23637613f079d37566d95d5edd511f05) --- source3/smbd/reply.c | 28 ++++++---------------------- 1 file changed, 6 insertions(+), 22 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index dc9f0be401..4a0c06f442 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -117,35 +117,19 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) * conversion to unicode. If the one byte char converts then * it really is a directory separator following. Otherwise if * the two byte character converts (and it should or our assumption - * about character sets is broken and we panic) then copy both + * about character sets is broken and we return an error) then copy both * bytes as it's a MB character, not a directory separator. */ uint16 ucs2_val; - /* - * We know the following will return 2 bytes. What - * we need to know was if errno was set. - * Note that if CH_UNIX is utf8 a string may be 3 - * bytes, but this is ok as mb utf8 characters don't - * contain embedded directory separators. We are really checking - * for mb UNIX asian characters like Japanese (SJIS) here. - * JRA. - */ - - errno = 0; - convert_string(CH_UNIX, CH_UCS2, s, 1, &ucs2_val, 2); - if (errno == 0) { + if (convert_string(CH_UNIX, CH_UCS2, s, 1, &ucs2_val, 2, False) == 2) { ; + } else if (convert_string(CH_UNIX, CH_UCS2, s, 2, &ucs2_val, 2, False) == 2) { + *d++ = *s++; } else { - errno = 0; - convert_string(CH_UNIX, CH_UCS2, s, 2, &ucs2_val, 2); - if (errno == 0) { - *d++ = *s++; - } else { - DEBUG(0,("check_path_syntax: directory separator assumptions invalid !\n")); - return NT_STATUS_INVALID_PARAMETER; - } + DEBUG(0,("check_path_syntax: directory separator assumptions invalid !\n")); + return NT_STATUS_INVALID_PARAMETER; } } /* Just copy the char (or the second byte of the mb char). */ -- cgit From 6011a89e240ba8a51163baee51da98d2b32ab98c Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy Date: Fri, 12 Mar 2004 14:37:37 +0000 Subject: Fix problems with very long filenames in both smbd and smbclient. It appears that we pass filename through resolve_wildcards() as pstring and use fstring temporary buffer there. As result, a long filename in unix charset (UTF-8 by default) can easily expand over 255 bytes while Windows is able to send to us such names (e.g. Japanese name of ~190 mb chars) which we unable to process through this small fstring buffer. Tested with W2K and smbclient, Japanese and Cyrillics. (This used to be commit 83dac6571f99b854ac607d4313cc3f742c1fae2e) --- source3/smbd/reply.c | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4a0c06f442..aeac9e4c84 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3361,14 +3361,18 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, /******************************************************************* Resolve wildcards in a filename rename. + Note that name is in UNIX charset and thus potentially can be more + than fstring buffer (255 bytes) especially in default UTF-8 case. + Therefore, we use pstring inside and all calls should ensure that + name2 is at least pstring-long (they do already) ********************************************************************/ static BOOL resolve_wildcards(const char *name1, char *name2) { - fstring root1,root2; - fstring ext1,ext2; + pstring root1,root2; + pstring ext1,ext2; char *p,*p2, *pname1, *pname2; - int available_space; + int available_space, actual_space; pname1 = strrchr_m(name1,'/'); @@ -3377,21 +3381,21 @@ static BOOL resolve_wildcards(const char *name1, char *name2) if (!pname1 || !pname2) return(False); - fstrcpy(root1,pname1); - fstrcpy(root2,pname2); + pstrcpy(root1,pname1); + pstrcpy(root2,pname2); p = strrchr_m(root1,'.'); if (p) { *p = 0; - fstrcpy(ext1,p+1); + pstrcpy(ext1,p+1); } else { - fstrcpy(ext1,""); + pstrcpy(ext1,""); } p = strrchr_m(root2,'.'); if (p) { *p = 0; - fstrcpy(ext2,p+1); + pstrcpy(ext2,p+1); } else { - fstrcpy(ext2,""); + pstrcpy(ext2,""); } p = root1; @@ -3423,7 +3427,11 @@ static BOOL resolve_wildcards(const char *name1, char *name2) available_space = sizeof(pstring) - PTR_DIFF(pname2, name2); if (ext2[0]) { - snprintf(pname2, available_space - 1, "%s.%s", root2, ext2); + actual_space = snprintf(pname2, available_space - 1, "%s.%s", root2, ext2); + if (actual_space >= available_space - 1) { + DEBUG(1,("resolve_wildcards: can't fit resolved name into specified buffer (overrun by %d bytes)\n", + actual_space - available_space)); + } } else { pstrcpy_base(pname2, root2, name2); } -- cgit From fd2d4f87d440f24df0adc4cc29f22051536b0dee Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 13 Mar 2004 00:28:53 +0000 Subject: First part of patch from moriyama@miraclelinux.com (MORIYAMA Masayuki) to fix up netbios names with mb strings. Includes reformat of libsmb/nmblib.c so it's readable. Jeremy. (This used to be commit 966e49a48c352563cdd7f75fe2768f2d6612ec7e) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index aeac9e4c84..bca7a75fbb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -171,7 +171,7 @@ int reply_special(char *inbuf,char *outbuf) int outsize = 4; int msg_type = CVAL(inbuf,0); int msg_flags = CVAL(inbuf,1); - pstring name1,name2; + fstring name1,name2; char name_type = 0; static BOOL already_got_session = False; -- cgit From e2fd98af575a5c240593f21df442eb035f35e892 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy Date: Tue, 16 Mar 2004 17:18:57 +0000 Subject: Fix check_path_syntax() for multibyte encodings which have no '\' as second byte. This is intermediate fix as discussed with Jeremy until we move check_path_syntax() to UCS2 internally where all ambiguity is resolved. Please add other encodings into charcnv.c with such property.' ' (This used to be commit 2c404f6ba988d68c6f44df9409c0de319553de10) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bca7a75fbb..48894308d1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -33,6 +33,7 @@ extern char magic_char; extern BOOL case_sensitive; extern BOOL case_preserve; extern BOOL short_case_preserve; +extern BOOL is_unix_charset_unsafe; extern int global_oplock_break; unsigned int smb_echo_count = 0; @@ -110,7 +111,8 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) } s++; } else { - if ((*s & 0x80) && IS_DIRECTORY_SEP(s[1])) { + /* Activate this codepath only if we know that Unix charset may contain unsafe '\\' */ + if ((is_unix_charset_unsafe == True) && ((*s & 0x80) && IS_DIRECTORY_SEP(s[1]))) { /* * Potential mb char with second char a directory separator. * All the encodings we care about are 2 byte only, so do a -- cgit From acad182a3f13e55c2156994e599eb0b1e0f1960e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 16 Mar 2004 21:59:11 +0000 Subject: Add function next_mb_char_size() that returns a size_t of the number of bytes in the mb character at a pointer. Will be useful in fixing check_path_syntax() to not use a "blacklist". Also re-added my (C) to reply.c. I mean, really - I've been adding code to the file for over 10 years and I recognise many of the fuctions as mine ! :-). Jeremy. (This used to be commit d2b2a39fd2f2e06cc4aebf081876985f0b28b477) --- source3/smbd/reply.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 48894308d1..c470d15645 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3,6 +3,7 @@ Main SMB reply routines Copyright (C) Andrew Tridgell 1992-1998 Copyright (C) Andrew Bartlett 2001 + Copyright (C) Jeremy Allison 1992-2004. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by -- cgit From aa2e306a015ad070cf4bf8eb531f1871803bb016 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 17 Mar 2004 02:08:31 +0000 Subject: Change check_path_syntax() to use the new next_mb_char_size() function to make it generic. Remove the mb-codepage "blacklist". Alexander, please check this fix as it reverts your blacklist changes, but I'm hoping it fixes the problem in a more generic way for all charsets. I'm not trying to trample on your (excellent!) work here, just make things more generic without special cases. Jeremy. (This used to be commit 5a9324525acc02e6bf14528679816b35929a564e) --- source3/smbd/reply.c | 36 +++++++++++++----------------------- 1 file changed, 13 insertions(+), 23 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c470d15645..0fe73cddc2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -34,7 +34,6 @@ extern char magic_char; extern BOOL case_sensitive; extern BOOL case_preserve; extern BOOL short_case_preserve; -extern BOOL is_unix_charset_unsafe; extern int global_oplock_break; unsigned int smb_echo_count = 0; @@ -88,6 +87,8 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) return NT_STATUS_OBJECT_PATH_SYNTAX_BAD; } /* Go back one level... */ + /* We know this is safe as '/' cannot be part of a mb sequence. */ + /* NOTE - if this assumption is invalid we are not in good shape... */ while (d > destname) { if (*d == '/') break; @@ -112,31 +113,20 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) } s++; } else { - /* Activate this codepath only if we know that Unix charset may contain unsafe '\\' */ - if ((is_unix_charset_unsafe == True) && ((*s & 0x80) && IS_DIRECTORY_SEP(s[1]))) { - /* - * Potential mb char with second char a directory separator. - * All the encodings we care about are 2 byte only, so do a - * conversion to unicode. If the one byte char converts then - * it really is a directory separator following. Otherwise if - * the two byte character converts (and it should or our assumption - * about character sets is broken and we return an error) then copy both - * bytes as it's a MB character, not a directory separator. - */ - - uint16 ucs2_val; - - if (convert_string(CH_UNIX, CH_UCS2, s, 1, &ucs2_val, 2, False) == 2) { - ; - } else if (convert_string(CH_UNIX, CH_UCS2, s, 2, &ucs2_val, 2, False) == 2) { + switch(next_mb_char_size(s)) { + case 4: *d++ = *s++; - } else { - DEBUG(0,("check_path_syntax: directory separator assumptions invalid !\n")); + case 3: + *d++ = *s++; + case 2: + *d++ = *s++; + case 1: + *d++ = *s++; + break; + default: + DEBUG(0,("check_path_syntax: character length assumptions invalid !\n")); return NT_STATUS_INVALID_PARAMETER; - } } - /* Just copy the char (or the second byte of the mb char). */ - *d++ = *s++; } } *d = '\0'; -- cgit From 41ea0d35aeb984cbd3bc3baf96594ab6b67c70e2 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 17 Mar 2004 19:23:48 +0000 Subject: Remove excess logging when probing for the length of the next mb char. Jeremy. (This used to be commit 6339c4690aef7692571dd4c65dd0a12d56a7ffab) --- source3/smbd/reply.c | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0fe73cddc2..f5c4f25e40 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -113,19 +113,23 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) } s++; } else { - switch(next_mb_char_size(s)) { - case 4: - *d++ = *s++; - case 3: - *d++ = *s++; - case 2: - *d++ = *s++; - case 1: - *d++ = *s++; - break; - default: - DEBUG(0,("check_path_syntax: character length assumptions invalid !\n")); - return NT_STATUS_INVALID_PARAMETER; + if (!(*s & 0x80)) { + *d++ = *s++; + } else { + switch(next_mb_char_size(s)) { + case 4: + *d++ = *s++; + case 3: + *d++ = *s++; + case 2: + *d++ = *s++; + case 1: + *d++ = *s++; + break; + default: + DEBUG(0,("check_path_syntax: character length assumptions invalid !\n")); + return NT_STATUS_INVALID_PARAMETER; + } } } } -- cgit From 722aa118c66b020c2b9f2b595e1af50429f13986 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 2 Apr 2004 18:46:19 +0000 Subject: Added per-share parameter "store dos attributes". When set, will store dos attributes in an EA. Based on an original patch from tridge, but modified somewhat to cover all cases. Jeremy. (This used to be commit ed653cd468213e0be901bc654aa3748ce5837947) --- source3/smbd/reply.c | 48 ++++++++++++++++++++---------------------------- 1 file changed, 20 insertions(+), 28 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f5c4f25e40..fde4ee627f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -678,8 +678,9 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size else mode &= ~aDIR; - if (check_name(fname,conn)) - ok = (file_chmod(conn,fname,mode,NULL) == 0); + if (check_name(fname,conn)) { + ok = (file_set_dosmode(conn,fname,mode,NULL) == 0); + } } else { ok = True; } @@ -1008,12 +1009,12 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int share_mode; SMB_OFF_T size = 0; time_t mtime=0; - mode_t unixmode; int rmode=0; SMB_STRUCT_STAT sbuf; BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + uint16 dos_attr = SVAL(inbuf,smb_vwv1); NTSTATUS status; START_PROFILE(SMBopen); @@ -1029,10 +1030,8 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_convert(fname,conn,0,&bad_path,&sbuf); - unixmode = unix_mode(conn,aARCH,fname); - fsp = open_file_shared(conn,fname,&sbuf,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), - unixmode, oplock_request,&rmode,NULL); + (uint32)dos_attr, oplock_request,&rmode,NULL); if (!fsp) { END_PROFILE(SMBopen); @@ -1089,7 +1088,6 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt uint32 smb_time = make_unix_date3(inbuf+smb_vwv6); #endif int smb_ofun = SVAL(inbuf,smb_vwv8); - mode_t unixmode; SMB_OFF_T size=0; int fmode=0,mtime=0,rmode=0; SMB_STRUCT_STAT sbuf; @@ -1121,9 +1119,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt unix_convert(fname,conn,0,&bad_path,&sbuf); - unixmode = unix_mode(conn,smb_attr | aARCH, fname); - - fsp = open_file_shared(conn,fname,&sbuf,smb_mode,smb_ofun,unixmode, + fsp = open_file_shared(conn,fname,&sbuf,smb_mode,smb_ofun,(uint32)smb_attr, oplock_request, &rmode,&smb_action); if (!fsp) { @@ -1215,7 +1211,6 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int com; int outsize = 0; int createmode; - mode_t unixmode; int ofun = 0; BOOL bad_path = False; files_struct *fsp; @@ -1240,8 +1235,6 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (createmode & aVOLID) DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname)); - unixmode = unix_mode(conn,createmode,fname); - if(com == SMBmknew) { /* We should fail if file exists. */ ofun = FILE_CREATE_IF_NOT_EXIST; @@ -1252,7 +1245,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, /* Open file in dos compatibility share mode. */ fsp = open_file_shared(conn,fname,&sbuf,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), - ofun, unixmode, oplock_request, NULL, NULL); + ofun, (uint32)createmode, oplock_request, NULL, NULL); if (!fsp) { END_PROFILE(SMBcreate); @@ -1269,7 +1262,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); DEBUG( 2, ( "new file %s\n", fname ) ); - DEBUG( 3, ( "mknew %s fd=%d dmode=%d umode=%o\n", fname, fsp->fd, createmode, (int)unixmode ) ); + DEBUG( 3, ( "mknew %s fd=%d dmode=%d\n", fname, fsp->fd, createmode ) ); END_PROFILE(SMBcreate); return(outsize); @@ -1283,8 +1276,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, { pstring fname; int outsize = 0; - int createmode; - mode_t unixmode; + int createattr; BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); @@ -1295,7 +1287,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBctemp); - createmode = SVAL(inbuf,smb_vwv0); + createattr = SVAL(inbuf,smb_vwv0); srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBctemp); @@ -1307,8 +1299,6 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_convert(fname,conn,0,&bad_path,&sbuf); - unixmode = unix_mode(conn,createmode,fname); - tmpfd = smb_mkstemp(fname); if (tmpfd == -1) { END_PROFILE(SMBctemp); @@ -1322,7 +1312,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, fsp = open_file_shared(conn,fname,&sbuf, SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), FILE_EXISTS_OPEN|FILE_FAIL_IF_NOT_EXIST, - unixmode, oplock_request, NULL, NULL); + (uint32)createattr, oplock_request, NULL, NULL); /* close fd from smb_mkstemp() */ close(tmpfd); @@ -1356,8 +1346,8 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); DEBUG( 2, ( "created temp file %s\n", fname ) ); - DEBUG( 3, ( "ctemp %s fd=%d dmode=%d umode=%o\n", - fname, fsp->fd, createmode, (int)unixmode ) ); + DEBUG( 3, ( "ctemp %s fd=%d umode=%o\n", + fname, fsp->fd, sbuf.st_mode ) ); END_PROFILE(SMBctemp); return(outsize); @@ -1384,7 +1374,7 @@ static NTSTATUS can_rename(char *fname,connection_struct *conn, SMB_STRUCT_STAT unix_ERR_code = 0; fsp = open_file_shared1(conn, fname, pst, DELETE_ACCESS, SET_DENY_MODE(DENY_ALL), - (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, 0, &access_mode, &smb_action); + (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), FILE_ATTRIBUTE_NORMAL, 0, &access_mode, &smb_action); if (!fsp) { NTSTATUS ret = NT_STATUS_ACCESS_DENIED; @@ -1449,7 +1439,7 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype, BOO unix_ERR_code = 0; fsp = open_file_shared1(conn, fname, &sbuf, DELETE_ACCESS, SET_DENY_MODE(DENY_ALL), - (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), 0, 0, &access_mode, &smb_action); + (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), FILE_ATTRIBUTE_NORMAL, 0, &access_mode, &smb_action); if (!fsp) { NTSTATUS ret = NT_STATUS_ACCESS_DENIED; @@ -3949,7 +3939,8 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, SMB_OFF_T ret=-1; files_struct *fsp1,*fsp2; pstring dest; - + uint32 dosattrs; + *err_ret = 0; pstrcpy(dest,dest1); @@ -3967,7 +3958,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, return(False); fsp1 = open_file_shared(conn,src,&src_sbuf,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_RDONLY), - (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN),0,0,&Access,&action); + (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN),FILE_ATTRIBUTE_NORMAL,0,&Access,&action); if (!fsp1) return(False); @@ -3975,11 +3966,12 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, if (!target_is_directory && count) ofun = FILE_EXISTS_OPEN; + dosattrs = dos_mode(conn, src, &src_sbuf); if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) ZERO_STRUCTP(&sbuf2); fsp2 = open_file_shared(conn,dest,&sbuf2,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), - ofun,src_sbuf.st_mode,0,&Access,&action); + ofun,dosattrs,0,&Access,&action); if (!fsp2) { close_file(fsp1,False); -- cgit From ff469fb2b26e4edb52dd808e9d07c6cd51d2aab9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 2 Apr 2004 19:05:57 +0000 Subject: check_path improvements found by samba4 raw-checkpath tests. Jeremy. (This used to be commit 4081f7ce514635f3500d29a73a44bff2661b76b1) --- source3/smbd/reply.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fde4ee627f..3a11f162d2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -61,6 +61,10 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) while (IS_DIRECTORY_SEP(*s)) { s++; } + if ((s[0] == '.') && (s[1] == '\0')) { + ret = NT_STATUS_OBJECT_NAME_INVALID; + break; + } if ((d != destname) && (*s != '\0')) { /* We only care about non-leading or trailing '/' or '\\' */ *d++ = '/'; @@ -84,7 +88,8 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) } /* Are we at the start ? Can't go back further if so. */ if (d == destname) { - return NT_STATUS_OBJECT_PATH_SYNTAX_BAD; + ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD; + break; } /* Go back one level... */ /* We know this is safe as '/' cannot be part of a mb sequence. */ @@ -95,7 +100,7 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) d--; } s += 3; - } else if ((s[0] == '.') && IS_DIRECTORY_SEP(s[1])) { + } else if ((s[0] == '.') && (IS_DIRECTORY_SEP(s[1]) || s[2] == '\0')) { /* * No mb char starts with '.' so we're safe checking the directory separator here. @@ -105,11 +110,14 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) if (s == srcname) { ret = NT_STATUS_OBJECT_NAME_INVALID; + break; } else { - if (s[2] == '\0') { - return NT_STATUS_INVALID_PARAMETER; + if (s[1] != '\0' && s[2] == '\0') { + ret = NT_STATUS_INVALID_PARAMETER; + break; } ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; + break; } s++; } else { @@ -128,6 +136,7 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) break; default: DEBUG(0,("check_path_syntax: character length assumptions invalid !\n")); + *d = '\0'; return NT_STATUS_INVALID_PARAMETER; } } -- cgit From becfb420f743183caa49ff135948c13861fcc379 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 2 Apr 2004 19:51:27 +0000 Subject: Fix wildcard identical rename. Jeremy. (This used to be commit 610ae1126e227f45a1affa1030ee833a341a687f) --- source3/smbd/reply.c | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3a11f162d2..9f311c6d57 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3852,6 +3852,14 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", continue; } + if (strcsequal(fname,destname)) { + rename_open_files(conn, sbuf1.st_dev, sbuf1.st_ino, newname); + DEBUG(3,("rename_internals: identical names in wildcard rename %s - success\n", fname)); + count++; + error = NT_STATUS_OK; + continue; + } + if (!replace_if_exists && vfs_file_exist(conn,destname, NULL)) { DEBUG(6,("file_exist %s\n", destname)); -- cgit From f16c79732e263020af94aeed0fd03835921ea29a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 2 Apr 2004 22:11:08 +0000 Subject: Fix reply_ctemp - make compatible with w2k3. Jeremy. (This used to be commit ddb40a6b1cfed9022dadc627b38d3c3938e8e6b4) --- source3/smbd/reply.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9f311c6d57..130601cd9c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1293,6 +1293,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SMB_STRUCT_STAT sbuf; char *p, *s; NTSTATUS status; + unsigned int namelen; START_PROFILE(SMBctemp); @@ -1302,7 +1303,11 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, END_PROFILE(SMBctemp); return ERROR_NT(status); } - pstrcat(fname,"\\TMXXXXXX"); + if (*fname) { + pstrcat(fname,"/TMXXXXXX"); + } else { + pstrcat(fname,"TMXXXXXX"); + } RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); @@ -1342,10 +1347,13 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, s++; p = smb_buf(outbuf); +#if 0 + /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only + thing in the byte section. JRA */ SSVALS(p, 0, -1); /* what is this? not in spec */ - SSVAL(p, 2, strlen(s)); - p += 4; - p += srvstr_push(outbuf, p, s, -1, STR_ASCII); +#endif + namelen = srvstr_push(outbuf, p, s, -1, STR_ASCII|STR_TERMINATE); + p += namelen; outsize = set_message_end(outbuf, p); if (oplock_request && lp_fake_oplocks(SNUM(conn))) -- cgit From db44caf191157b5a223b6bb5f6636d6e530a69c9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 3 Apr 2004 00:04:31 +0000 Subject: Fix typo in check_path_syntax. Jeremy. (This used to be commit 018db85de4f380da9f8318ab72371185bb2ac5b4) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 130601cd9c..7498821185 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -100,7 +100,7 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) d--; } s += 3; - } else if ((s[0] == '.') && (IS_DIRECTORY_SEP(s[1]) || s[2] == '\0')) { + } else if ((s[0] == '.') && (IS_DIRECTORY_SEP(s[1]) || (s[1] == '\0'))) { /* * No mb char starts with '.' so we're safe checking the directory separator here. -- cgit From 3d5fdced72a70a658f684da2430e6b625c80540a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 3 Apr 2004 00:17:18 +0000 Subject: Fix wildcard unlink. Jeremy. (This used to be commit 6e9b4c57ccb385acb9feaf9f7412778474231a92) --- source3/smbd/reply.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7498821185..42167c6e81 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1575,13 +1575,14 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) if (sys_direntry) { error = NT_STATUS_OBJECT_NAME_INVALID; - continue; + break; } slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); error = can_delete(fname,conn,dirtype,bad_path); - if (!NT_STATUS_IS_OK(error)) + if (!NT_STATUS_IS_OK(error)) { continue; + } if (SMB_VFS_UNLINK(conn,fname) == 0) count++; DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); -- cgit From c2699d25462e8684bded32adada78addf88b6df5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 3 Apr 2004 01:21:13 +0000 Subject: Fix wildcard src with wildcard dest renames. Jeremy. (This used to be commit 58b39942444e62c9d0f98c2ba6f434d74c244a2b) --- source3/smbd/reply.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 42167c6e81..ac239c7e04 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3409,6 +3409,9 @@ static BOOL resolve_wildcards(const char *name1, char *name2) if (*p2 == '?') { *p2 = *p; p2++; + } else if (*p2 == '*') { + pstrcpy(p2, p); + break; } else { p2++; } @@ -3422,6 +3425,9 @@ static BOOL resolve_wildcards(const char *name1, char *name2) if (*p2 == '?') { *p2 = *p; p2++; + } else if (*p2 == '*') { + pstrcpy(p2, p); + break; } else { p2++; } @@ -3838,7 +3844,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", if (sysdir_entry) { error = NT_STATUS_OBJECT_NAME_INVALID; - continue; + break; } error = NT_STATUS_ACCESS_DENIED; -- cgit From e0da56a84808c522bc7324b5d636f1cbd317a2c5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 7 May 2004 18:37:47 +0000 Subject: r570: Remove lots of globals to handle case issues - move them to connection struct entries (as they should have been from the start). Jerry, once you've cut over to 3.0.4 release branch I'll add this to 3.0 also. - Jerry cut over :-). Jeremy. (This used to be commit 578a508509d21226ad3332fc54c3ab54cd8ae452) --- source3/smbd/reply.c | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ac239c7e04..2046f2370a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -31,9 +31,6 @@ extern int Protocol; extern int max_send; extern int max_recv; extern char magic_char; -extern BOOL case_sensitive; -extern BOOL case_preserve; -extern BOOL short_case_preserve; extern int global_oplock_break; unsigned int smb_echo_count = 0; @@ -881,7 +878,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (ok) { if ((dirtype&0x1F) == aVOLID) { memcpy(p,status,21); - make_dir_struct(p,"???????????",volume_label(SNUM(conn)),0,aVOLID,0); + make_dir_struct(p,"???????????",volume_label(SNUM(conn)),0,aVOLID,0,conn->case_sensitive); dptr_fill(p+12,dptr_num); if (dptr_zero(p+12) && (status_len==0)) numentries = 1; @@ -901,7 +898,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend); if (!finished) { memcpy(p,status,21); - make_dir_struct(p,mask,fname,size,mode,date); + make_dir_struct(p,mask,fname,size,mode,date,conn->case_sensitive); dptr_fill(p+12,dptr_num); numentries++; } @@ -1570,7 +1567,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) } } - if(!mask_match(fname, mask, case_sensitive)) + if(!mask_match(fname, mask, conn->case_sensitive)) continue; if (sys_direntry) { @@ -3515,7 +3512,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * * filename). */ - if((case_sensitive == False) && (case_preserve == True) && + if((conn->case_sensitive == False) && (conn->case_preserve == True) && strequal(newname, fsp->fsp_name)) { char *p; pstring newname_modified_last_component; @@ -3689,7 +3686,7 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, ui DEBUG(3,("rename_internals: case_sensitive = %d, case_preserve = %d, short case preserve = %d, \ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", - case_sensitive, case_preserve, short_case_preserve, directory, + conn->case_sensitive, conn->case_preserve, conn->short_case_preserve, directory, newname, last_component_dest, is_short_name)); /* @@ -3700,10 +3697,10 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", * the rename (user is trying to change the case of the * filename). */ - if((case_sensitive == False) && - (((case_preserve == True) && + if((conn->case_sensitive == False) && + (((conn->case_preserve == True) && (is_short_name == False)) || - ((short_case_preserve == True) && + ((conn->short_case_preserve == True) && (is_short_name == True))) && strcsequal(directory, newname)) { pstring modified_last_component; @@ -3839,7 +3836,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", } } - if(!mask_match(fname, mask, case_sensitive)) + if(!mask_match(fname, mask, conn->case_sensitive)) continue; if (sysdir_entry) { @@ -4172,7 +4169,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstring fname; pstrcpy(fname,dname); - if(!mask_match(fname, mask, case_sensitive)) + if(!mask_match(fname, mask, conn->case_sensitive)) continue; error = ERRnoaccess; -- cgit From 99d8aa8b17d6b6babdffbaf4f343375d58a88b5b Mon Sep 17 00:00:00 2001 From: Herb Lewis Date: Sat, 22 May 2004 05:01:25 +0000 Subject: r814: conn is 0 during ioctl (at least during smbtorture IOCTL test) fix smbd panic (This used to be commit 61da0bb1f6ea22df78ea7bd22a740c5868f62591) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2046f2370a..560208ae15 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -489,7 +489,9 @@ int reply_ioctl(connection_struct *conn, } SSVAL(p,0,fsp->rap_print_jobid); /* Job number */ srvstr_push(outbuf, p+2, global_myname(), 15, STR_TERMINATE|STR_ASCII); - srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII); + if (conn) { + srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII); + } break; } } -- cgit From 004618ffccbd679f3a2e3532871e8bac3be8f7da Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 28 May 2004 19:15:11 +0000 Subject: r942: If using DOS error codes, we need to return ERRDOS/ERRbadpath for chkpth even if only the last component failed. I'm not sure if all the other cases of NT_STATUS_OBJECT_NAME_NOT_FOUND also need to be fixed, this at least helps with 'copy test1.txt test2.txt' from DOS within a subdirectory. Yes, I do have someone who needs this :-) Jeremy, could you take a look at this? Thanks, Volker (This used to be commit 3093ab100653782bd8e029170d315c68b7f271af) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 560208ae15..fff5385171 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -555,7 +555,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); } else { END_PROFILE(SMBchkpth); - return ERROR_NT(NT_STATUS_OBJECT_NAME_NOT_FOUND); + return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath); } } else if (errno == ENOTDIR) { END_PROFILE(SMBchkpth); -- cgit From 2fc57c9a2ce3a266534dd20e6fed4883e052c557 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 8 Jun 2004 16:14:31 +0000 Subject: r1085: Now it's had some proper user testing, merge in the deferred open fix. I'm still doing more testing, but it fixes a behaviour that we've been wrong on ever since the start of Samba. Jeremy. (This used to be commit 894cc6d16296b934c112786eec896846156aee5d) --- source3/smbd/reply.c | 32 +++++++++++++++++++++++++++++--- 1 file changed, 29 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fff5385171..bf208b0fa4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1043,6 +1043,10 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!fsp) { END_PROFILE(SMBopen); + if (open_was_deferred(SVAL(inbuf,smb_mid))) { + /* We have re-scheduled this call. */ + return -1; + } return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); } @@ -1132,6 +1136,10 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (!fsp) { END_PROFILE(SMBopenX); + if (open_was_deferred(SVAL(inbuf,smb_mid))) { + /* We have re-scheduled this call. */ + return -1; + } return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); } @@ -1257,6 +1265,10 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!fsp) { END_PROFILE(SMBcreate); + if (open_was_deferred(SVAL(inbuf,smb_mid))) { + /* We have re-scheduled this call. */ + return -1; + } return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); } @@ -1332,6 +1344,10 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!fsp) { END_PROFILE(SMBctemp); + if (open_was_deferred(SVAL(inbuf,smb_mid))) { + /* We have re-scheduled this call. */ + return -1; + } return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); } @@ -1623,8 +1639,13 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(3,("reply_unlink : %s\n",name)); status = unlink_internals(conn, dirtype, name); - if (!NT_STATUS_IS_OK(status)) + if (!NT_STATUS_IS_OK(status)) { + if (open_was_deferred(SVAL(inbuf,smb_mid))) { + /* We have re-scheduled this call. */ + return -1; + } return ERROR_NT(status); + } /* * Win2k needs a changenotify request response before it will @@ -3944,6 +3965,10 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, status = rename_internals(conn, name, newname, attrs, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); + if (open_was_deferred(SVAL(inbuf,smb_mid))) { + /* We have re-scheduled this call. */ + return -1; + } return ERROR_NT(status); } @@ -3989,7 +4014,8 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, return(False); fsp1 = open_file_shared(conn,src,&src_sbuf,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_RDONLY), - (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN),FILE_ATTRIBUTE_NORMAL,0,&Access,&action); + (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN),FILE_ATTRIBUTE_NORMAL,INTERNAL_OPEN_ONLY, + &Access,&action); if (!fsp1) return(False); @@ -4002,7 +4028,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, ZERO_STRUCTP(&sbuf2); fsp2 = open_file_shared(conn,dest,&sbuf2,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), - ofun,dosattrs,0,&Access,&action); + ofun,dosattrs,INTERNAL_OPEN_ONLY,&Access,&action); if (!fsp2) { close_file(fsp1,False); -- cgit From b28d08cc14bd37c6263ed029a57f390687746bb9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 9 Jun 2004 00:43:43 +0000 Subject: r1093: Ensure we clear any cached errors on a deferred open call so we don't return the wrong error code on the next packet. Jeremy. (This used to be commit c1b06deb574d7b8e746bdf0d6f0eab16848a6cc1) --- source3/smbd/reply.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bf208b0fa4..5b30fe5b75 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1045,6 +1045,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, END_PROFILE(SMBopen); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ + clear_cached_errors(); return -1; } return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); @@ -1138,6 +1139,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt END_PROFILE(SMBopenX); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ + clear_cached_errors(); return -1; } return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); @@ -1267,6 +1269,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, END_PROFILE(SMBcreate); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ + clear_cached_errors(); return -1; } return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); @@ -1346,6 +1349,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, END_PROFILE(SMBctemp); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ + clear_cached_errors(); return -1; } return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); @@ -1642,6 +1646,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ + clear_cached_errors(); return -1; } return ERROR_NT(status); @@ -3967,6 +3972,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, END_PROFILE(SMBmv); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ + clear_cached_errors(); return -1; } return ERROR_NT(status); -- cgit From fddef6fc201ed127eaac737e725d1c2dd8c6926e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 11 Jun 2004 17:54:23 +0000 Subject: r1115: Fix for #1427. Catch bad path errors at the right point. Ensure all our pathname parsing is consistent. Jeremy. (This used to be commit 5e8237e306f0bb0e492f10fb6487938132899384) --- source3/smbd/reply.c | 114 +++++++++++++++++++++++++++++++++++---------------- 1 file changed, 78 insertions(+), 36 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5b30fe5b75..961f4d7f55 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -43,7 +43,7 @@ extern BOOL global_encrypted_passwords_negotiated; set. ****************************************************************************/ -NTSTATUS check_path_syntax(pstring destname, const pstring srcname) +NTSTATUS check_path_syntax(pstring destname, const pstring srcname, BOOL allow_wcard_names) { char *d = destname; const char *s = srcname; @@ -119,7 +119,21 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) s++; } else { if (!(*s & 0x80)) { - *d++ = *s++; + if (allow_wcard_names) { + *d++ = *s++; + } else { + switch (*s) { + case '*': + case '?': + case '<': + case '>': + case '"': + return NT_STATUS_OBJECT_NAME_INVALID; + default: + *d++ = *s++; + break; + } + } } else { switch(next_mb_char_size(s)) { case 4: @@ -147,7 +161,7 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) Pull a string and check the path - provide for error return. ****************************************************************************/ -size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err) +size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err, BOOL allow_wcard_names) { pstring tmppath; char *tmppath_ptr = tmppath; @@ -161,7 +175,7 @@ size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len } else { ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags); } - *err = check_path_syntax(dest, tmppath); + *err = check_path_syntax(dest, tmppath, allow_wcard_names); return ret; } @@ -516,7 +530,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBchkpth); - srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBchkpth); return ERROR_NT(status); @@ -525,6 +539,10 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size RESOLVE_DFSPATH(name, conn, inbuf, outbuf); unix_convert(name,conn,0,&bad_path,&sbuf); + if (bad_path) { + END_PROFILE(SMBchkpth); + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + } mode = SVAL(inbuf,smb_vwv0); @@ -548,18 +566,11 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size * the parent directory is valid but not the * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND - * if the path is invalid. + * if the path is invalid. This is different from set_bad_path_error() + * in the non-NT error case. */ - if (bad_path) { - END_PROFILE(SMBchkpth); - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); - } else { - END_PROFILE(SMBchkpth); - return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath); - } - } else if (errno == ENOTDIR) { END_PROFILE(SMBchkpth); - return ERROR_NT(NT_STATUS_NOT_A_DIRECTORY); + return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath); } END_PROFILE(SMBchkpth); @@ -594,7 +605,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBgetatr); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status); + p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBgetatr); return ERROR_NT(status); @@ -613,6 +624,10 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size ok = True; } else { unix_convert(fname,conn,0,&bad_path,&sbuf); + if (bad_path) { + END_PROFILE(SMBgetatr); + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + } if (check_name(fname,conn)) { if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,fname,&sbuf) == 0) { mode = dos_mode(conn,fname,&sbuf); @@ -669,13 +684,17 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBsetatr); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status); + p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBsetatr); return ERROR_NT(status); } unix_convert(fname,conn,0,&bad_path,&sbuf); + if (bad_path) { + END_PROFILE(SMBsetatr); + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + } mode = SVAL(inbuf,smb_vwv0); mtime = make_unix_date3(inbuf+smb_vwv1); @@ -798,7 +817,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size maxentries = SVAL(inbuf,smb_vwv0); dirtype = SVAL(inbuf,smb_vwv1); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &nt_status); + p += srvstr_get_path(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &nt_status, True); if (!NT_STATUS_IS_OK(nt_status)) { END_PROFILE(SMBsearch); return ERROR_NT(nt_status); @@ -976,7 +995,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size outsize = set_message(outbuf,1,0,True); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err); + p += srvstr_get_path(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, True); if (!NT_STATUS_IS_OK(err)) { END_PROFILE(SMBfclose); return ERROR_NT(err); @@ -1028,7 +1047,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, share_mode = SVAL(inbuf,smb_vwv0); - srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopen); return ERROR_NT(status); @@ -1037,6 +1056,10 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); unix_convert(fname,conn,0,&bad_path,&sbuf); + if (bad_path) { + END_PROFILE(SMBopen); + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + } fsp = open_file_shared(conn,fname,&sbuf,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), (uint32)dos_attr, oplock_request,&rmode,NULL); @@ -1122,7 +1145,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } /* XXXX we need to handle passed times, sattr and flags */ - srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); return ERROR_NT(status); @@ -1131,6 +1154,10 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); unix_convert(fname,conn,0,&bad_path,&sbuf); + if (bad_path) { + END_PROFILE(SMBopenX); + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + } fsp = open_file_shared(conn,fname,&sbuf,smb_mode,smb_ofun,(uint32)smb_attr, oplock_request, &rmode,&smb_action); @@ -1240,7 +1267,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, com = SVAL(inbuf,smb_com); createmode = SVAL(inbuf,smb_vwv0); - srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); return ERROR_NT(status); @@ -1249,6 +1276,10 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); unix_convert(fname,conn,0,&bad_path,&sbuf); + if (bad_path) { + END_PROFILE(SMBcreate); + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + } if (createmode & aVOLID) DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname)); @@ -1312,7 +1343,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBctemp); createattr = SVAL(inbuf,smb_vwv0); - srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBctemp); return ERROR_NT(status); @@ -1326,6 +1357,10 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); unix_convert(fname,conn,0,&bad_path,&sbuf); + if (bad_path) { + END_PROFILE(SMBctemp); + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + } tmpfd = smb_mkstemp(fname); if (tmpfd == -1) { @@ -1581,7 +1616,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) /* Quick check for "." and ".." */ if (fname[0] == '.') { if (!fname[1] || (fname[1] == '.' && !fname[2])) { - if ((dirtype & aDIR)) { + if ((dirtype & FILE_ATTRIBUTE_DIRECTORY) && (dirtype & FILE_ATTRIBUTE_SYSTEM)) { sys_direntry = True; } else { continue; @@ -1594,6 +1629,8 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) if (sys_direntry) { error = NT_STATUS_OBJECT_NAME_INVALID; + DEBUG(3,("unlink_internals: system directory delete denied [%s] mask [%s]\n", + fname, mask)); break; } @@ -1632,7 +1669,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size dirtype = SVAL(inbuf,smb_vwv0); - srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, True); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBunlink); return ERROR_NT(status); @@ -3164,15 +3201,16 @@ NTSTATUS mkdir_internal(connection_struct *conn, pstring directory) return NT_STATUS_OBJECT_NAME_INVALID; } + if (bad_path) { + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + if (check_name(directory, conn)) ret = vfs_MkDir(conn,directory,unix_mode(conn,aDIR,directory)); if (ret == -1) { if(errno == ENOENT) { - if (bad_path) - return NT_STATUS_OBJECT_PATH_NOT_FOUND; - else - return NT_STATUS_OBJECT_NAME_NOT_FOUND; + return NT_STATUS_OBJECT_NAME_NOT_FOUND; } return map_nt_error_from_unix(errno); } @@ -3191,7 +3229,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, NTSTATUS status; START_PROFILE(SMBmkdir); - srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmkdir); return ERROR_NT(status); @@ -3361,7 +3399,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, NTSTATUS status; START_PROFILE(SMBrmdir); - srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBrmdir); return ERROR_NT(status); @@ -3370,6 +3408,10 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(directory, conn, inbuf, outbuf) unix_convert(directory,conn, NULL,&bad_path,&sbuf); + if (bad_path) { + END_PROFILE(SMBrmdir); + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + } if (check_name(directory,conn)) { dptr_closepath(directory,SVAL(inbuf,smb_pid)); @@ -3950,13 +3992,13 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBmv); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status); + p += srvstr_get_path(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, True); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); } p++; - p += srvstr_get_path(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status); + p += srvstr_get_path(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, True); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); @@ -4102,12 +4144,12 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, *directory = *mask = 0; p = smb_buf(inbuf); - p += srvstr_get_path(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status); + p += srvstr_get_path(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, True); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); return ERROR_NT(status); } - p += srvstr_get_path(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status); + p += srvstr_get_path(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, True); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); return ERROR_NT(status); @@ -4267,7 +4309,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_DOS(ERRDOS,ERRnoaccess); } - srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(pathworks_setdir); return ERROR_NT(status); -- cgit From 073c542c5135d78f0ff5755ed62daf230292cec0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 25 Jun 2004 21:33:21 +0000 Subject: r1255: Ensure we check attributes correctly on rename request. Gets us further with Samba4 RAW-RENAME test. Jeremy. (This used to be commit f17382ad8ad7211bbd34c823d88936a83dceb940) --- source3/smbd/reply.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 961f4d7f55..6c20b97c4e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1428,15 +1428,20 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, Check if a user is allowed to rename a file. ********************************************************************/ -static NTSTATUS can_rename(char *fname,connection_struct *conn, SMB_STRUCT_STAT *pst) +static NTSTATUS can_rename(char *fname,connection_struct *conn, uint16 dirtype, SMB_STRUCT_STAT *pst) { int smb_action; int access_mode; files_struct *fsp; + uint16 fmode; if (!CAN_WRITE(conn)) return NT_STATUS_MEDIA_WRITE_PROTECTED; - + + fmode = dos_mode(conn,fname,pst); + if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) + return NT_STATUS_NO_SUCH_FILE; + if (S_ISDIR(pst->st_mode)) return NT_STATUS_OK; @@ -3543,7 +3548,7 @@ static void rename_open_files(connection_struct *conn, SMB_DEV_T dev, SMB_INO_T Rename an open file - given an fsp. ****************************************************************************/ -NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char *newname, BOOL replace_if_exists) +NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char *newname, uint16 attrs, BOOL replace_if_exists) { SMB_STRUCT_STAT sbuf; BOOL bad_path = False; @@ -3624,7 +3629,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * return NT_STATUS_OBJECT_NAME_COLLISION; } - error = can_rename(newname,conn,&sbuf); + error = can_rename(newname,conn,attrs,&sbuf); if (dest_exists && !NT_STATUS_IS_OK(error)) { DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", @@ -3830,7 +3835,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", return NT_STATUS_OBJECT_PATH_NOT_FOUND; } - error = can_rename(directory,conn,&sbuf1); + error = can_rename(directory,conn,attrs,&sbuf1); if (!NT_STATUS_IS_OK(error)) { DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", @@ -3921,7 +3926,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(error))); continue; } - error = can_rename(fname,conn,&sbuf1); + error = can_rename(fname,conn,attrs,&sbuf1); if (!NT_STATUS_IS_OK(error)) { DEBUG(6,("rename %s refused\n", fname)); continue; -- cgit From a003d0e5d258572aa135ccbbc91882df68c1b51b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 30 Jun 2004 23:00:40 +0000 Subject: r1311: Turn on sendfile for non-oplocked files. tridge proved this is the correct thing to do on a train in Germany :-). Turn on sendfile by default ! It's about time..... Jeremy. (This used to be commit ec614a8f7d158b57f5981c1515962aca3c3e6ef4) --- source3/smbd/reply.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6c20b97c4e..71efb793af 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1729,12 +1729,13 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st #if defined(WITH_SENDFILE) /* - * We can only use sendfile on a non-chained packet and on a file - * that is exclusively oplocked. reply_readbraw has already checked the length. + * We can only use sendfile on a non-chained packet + * but we can use on a non-oplocked file. tridge proved this + * on a train in Germany :-). JRA. + * reply_readbraw has already checked the length. */ - if ((nread > 0) && (lp_write_cache_size(SNUM(conn)) == 0) && - EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type) && lp_use_sendfile(SNUM(conn)) ) { + if ((nread > 0) && (lp_write_cache_size(SNUM(conn)) == 0) && lp_use_sendfile(SNUM(conn)) ) { DATA_BLOB header; _smb_setlen(outbuf,nread); @@ -2067,12 +2068,13 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length #if defined(WITH_SENDFILE) /* - * We can only use sendfile on a non-chained packet and on a file - * that is exclusively oplocked. + * We can only use sendfile on a non-chained packet + * but we can use on a non-oplocked file. tridge proved this + * on a train in Germany :-). JRA. */ - if ((CVAL(inbuf,smb_vwv0) == 0xFF) && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type) && - lp_use_sendfile(SNUM(conn)) && (lp_write_cache_size(SNUM(conn)) == 0) ) { + if ((CVAL(inbuf,smb_vwv0) == 0xFF) && lp_use_sendfile(SNUM(conn)) && + (lp_write_cache_size(SNUM(conn)) == 0) ) { SMB_STRUCT_STAT sbuf; DATA_BLOB header; -- cgit From 0c6d7f28d6c1066cc6b3055ebf6a8fcf685ca1f6 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 22 Jul 2004 13:39:43 +0000 Subject: r1570: merging changes from 3.0.5 (This used to be commit 430cf63b9148441bce42bfb15a8045de5da108f4) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 71efb793af..f3ab709df4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1583,7 +1583,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) */ if (!rc && mangle_is_mangled(mask)) - mangle_check_cache( mask ); + mangle_check_cache( mask, sizeof(pstring)-1 ); if (!has_wild) { pstrcat(directory,"/"); @@ -3738,7 +3738,7 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, ui */ if (!rc && mangle_is_mangled(mask)) - mangle_check_cache( mask ); + mangle_check_cache( mask, sizeof(pstring)-1 ); has_wild = ms_has_wild(mask); @@ -4216,7 +4216,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, */ if (!rc && mangle_is_mangled(mask)) - mangle_check_cache( mask ); + mangle_check_cache( mask, sizeof(pstring)-1 ); has_wild = ms_has_wild(mask); -- cgit From e0475afa8375eb27795aaecca16f8ae6f98666e7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 6 Aug 2004 17:49:00 +0000 Subject: r1665: Patch from James Peach @ SGI to stop using sendfile if it isn't supported by the underlying OS. Jeremy. (This used to be commit 1b0c70cf97aa45093fe5ef866a351b47ef1a5879) --- source3/smbd/reply.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f3ab709df4..4125d71b84 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1748,8 +1748,10 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st * Special hack for broken Linux with no 64 bit clean sendfile. If we * return ENOSYS then pretend we just got a normal read. */ - if (errno == ENOSYS) + if (errno == ENOSYS) { + set_use_sendfile(SNUM(conn), False); goto normal_read; + } DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n", fsp->fsp_name, strerror(errno) )); @@ -2111,8 +2113,10 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length * Special hack for broken Linux with no 64 bit clean sendfile. If we * return ENOSYS then pretend we just got a normal read. */ - if (errno == ENOSYS) + if (errno == ENOSYS) { + set_use_sendfile(SNUM(conn), False); goto normal_read; + } DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n", fsp->fsp_name, strerror(errno) )); -- cgit From f17922d537213fe1d15cebcd78a8df4068801e7f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 16 Aug 2004 21:27:26 +0000 Subject: r1841: Fix for #1606, can't launch dos exe's. 2 related problems - 1). DOS uses chained commands - when we are replying with sendfile we neglect to send the chained header. 2). Win9x and DOS TCP stacks blow up when getting data back from a Linux sendfile - "The engines canna take the strain cap'n". Don't use sendfile for anything less than NT1. Jeremy. (This used to be commit 3cd88f48afa589a189bb728d2d2660d058203d4d) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4125d71b84..74872eeea9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1735,7 +1735,7 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st * reply_readbraw has already checked the length. */ - if ((nread > 0) && (lp_write_cache_size(SNUM(conn)) == 0) && lp_use_sendfile(SNUM(conn)) ) { + if (chain_size ==0 && (nread > 0) && (lp_write_cache_size(SNUM(conn)) == 0) && lp_use_sendfile(SNUM(conn)) ) { DATA_BLOB header; _smb_setlen(outbuf,nread); @@ -2075,7 +2075,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length * on a train in Germany :-). JRA. */ - if ((CVAL(inbuf,smb_vwv0) == 0xFF) && lp_use_sendfile(SNUM(conn)) && + if (chain_size ==0 && (CVAL(inbuf,smb_vwv0) == 0xFF) && lp_use_sendfile(SNUM(conn)) && (lp_write_cache_size(SNUM(conn)) == 0) ) { SMB_STRUCT_STAT sbuf; DATA_BLOB header; -- cgit From 1842fde7d10a6faccae1a24ebc67f8452a5a828e Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 18 Aug 2004 13:55:58 +0000 Subject: r1885: tighten the cache consistency with the ntprinters.tdb entry an the in memory cache associated with open printer handles; also make sure that register_messages_flags() doesn't overwrite the originally registers flags (This used to be commit 540daf71d8ad189af5dd6d45aa1ce2b3d67da752) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 74872eeea9..611fb04c19 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -242,7 +242,7 @@ int reply_special(char *inbuf,char *outbuf) reload_services(True); reopen_logs(); - claim_connection(NULL,"",0,True,FLAG_MSG_GENERAL|FLAG_MSG_SMBD); + claim_connection(NULL,"",0,True,FLAG_MSG_GENERAL|FLAG_MSG_SMBD|FLAG_MSG_PRINT_GENERAL); already_got_session = True; break; -- cgit From e197fb368afd2e22d8a481b0d1adfbb74093ef06 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 31 Aug 2004 21:29:50 +0000 Subject: r2150: Fix parsing of names ending in dot and a few other error returns (commit to Samba4 smbtorture will exercise these fixes). Jeremy. (This used to be commit ff20dacc68c78b8d30993712366af30a64e960aa) --- source3/smbd/reply.c | 27 +++++++++++---------------- 1 file changed, 11 insertions(+), 16 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 611fb04c19..30616a66fb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -97,26 +97,25 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname, BOOL allow_w d--; } s += 3; - } else if ((s[0] == '.') && (IS_DIRECTORY_SEP(s[1]) || (s[1] == '\0'))) { - + } else if ((s[0] == '.') && (s[1] == '\0')) { + if (s == srcname) { + ret = NT_STATUS_OBJECT_NAME_INVALID; + break; + } + *d++ = *s++; + } else if ((s[0] == '.') && IS_DIRECTORY_SEP(s[1])) { /* * No mb char starts with '.' so we're safe checking the directory separator here. */ - /* "./" or ".\\" fails with a different error depending on where it is... */ + /* "./" or ".\\" fails with a different error depending on what is after it... */ - if (s == srcname) { + if (s[2] == '\0') { ret = NT_STATUS_OBJECT_NAME_INVALID; - break; } else { - if (s[1] != '\0' && s[2] == '\0') { - ret = NT_STATUS_INVALID_PARAMETER; - break; - } ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; - break; } - s++; + break; } else { if (!(*s & 0x80)) { if (allow_wcard_names) { @@ -521,7 +520,6 @@ int reply_ioctl(connection_struct *conn, int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; - int mode; pstring name; BOOL ok = False; BOOL bad_path = False; @@ -544,8 +542,6 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); } - mode = SVAL(inbuf,smb_vwv0); - if (check_name(name,conn)) { if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,name,&sbuf) == 0) if (!(ok = S_ISDIR(sbuf.st_mode))) { @@ -578,8 +574,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } outsize = set_message(outbuf,0,0,True); - - DEBUG(3,("chkpth %s mode=%d\n", name, mode)); + DEBUG(3,("chkpth %s mode=%d\n", name, (int)SVAL(inbuf,smb_vwv0))); END_PROFILE(SMBchkpth); return(outsize); -- cgit From 649e1274c7e5992b34125c5df507d5f50903729d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 2 Sep 2004 22:35:36 +0000 Subject: r2194: Here is the efforts of much pain reproducing W2K3 pathname parsing. :-(. One more check for CreateFile() needed. Jeremy. (This used to be commit 294e2021b34c806900ec65ecbf17d9038ac6229a) --- source3/smbd/reply.c | 154 +++++++++++++++++++++++++++------------------------ 1 file changed, 82 insertions(+), 72 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 30616a66fb..b20b0fe922 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -48,6 +48,7 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname, BOOL allow_w char *d = destname; const char *s = srcname; NTSTATUS ret = NT_STATUS_OK; + BOOL start_of_name_component = True; while (*s) { if (IS_DIRECTORY_SEP(*s)) { @@ -58,100 +59,109 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname, BOOL allow_w while (IS_DIRECTORY_SEP(*s)) { s++; } - if ((s[0] == '.') && (s[1] == '\0')) { - ret = NT_STATUS_OBJECT_NAME_INVALID; - break; - } if ((d != destname) && (*s != '\0')) { /* We only care about non-leading or trailing '/' or '\\' */ *d++ = '/'; } - } else if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) { - /* Uh oh - "../" or "..\\" or "..\0" ! */ - /* - * No mb char starts with '.' so we're safe checking the directory separator here. - */ + start_of_name_component = True; + continue; + } - /* If we just added a '/', delete it. */ + if (start_of_name_component) { + if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) { + /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */ - if ((d > destname) && (*(d-1) == '/')) { - *(d-1) = '\0'; - if (d == (destname + 1)) { + /* + * No mb char starts with '.' so we're safe checking the directory separator here. + */ + + /* If we just added a '/' - delete it */ + if ((d > destname) && (*(d-1) == '/')) { + *(d-1) = '\0'; d--; - } else { - d -= 2; } - } - /* Are we at the start ? Can't go back further if so. */ - if (d == destname) { - ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD; - break; - } - /* Go back one level... */ - /* We know this is safe as '/' cannot be part of a mb sequence. */ - /* NOTE - if this assumption is invalid we are not in good shape... */ - while (d > destname) { - if (*d == '/') + + /* Are we at the start ? Can't go back further if so. */ + if (d <= destname) { + ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD; break; - d--; - } - s += 3; - } else if ((s[0] == '.') && (s[1] == '\0')) { - if (s == srcname) { - ret = NT_STATUS_OBJECT_NAME_INVALID; + } + /* Go back one level... */ + /* We know this is safe as '/' cannot be part of a mb sequence. */ + /* NOTE - if this assumption is invalid we are not in good shape... */ + /* Decrement d first as d points to the *next* char to write into. */ + for (d--; d > destname; d--) { + if (*d == '/') + break; + } + s += 2; /* Else go past the .. */ + /* We're still at the start of a name component, just the previous one. */ + continue; + + } else if ((s[0] == '.') && (s[1] == '\0')) { + /* Component of pathname can't be "." only. */ + ret = NT_STATUS_OBJECT_NAME_INVALID; break; - } - *d++ = *s++; - } else if ((s[0] == '.') && IS_DIRECTORY_SEP(s[1])) { - /* - * No mb char starts with '.' so we're safe checking the directory separator here. - */ + } else if ((s[0] == '.') && IS_DIRECTORY_SEP(s[1])) { + /* + * No mb char starts with '.' so we're safe checking the directory separator here. + */ - /* "./" or ".\\" fails with a different error depending on what is after it... */ + /* Component of pathname can't be ".\\ANYTHING". */ - if (s[2] == '\0') { - ret = NT_STATUS_OBJECT_NAME_INVALID; - } else { - ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; - } - break; - } else { - if (!(*s & 0x80)) { - if (allow_wcard_names) { - *d++ = *s++; + /* "/./" or "\\.\\" fails with a different error depending on what is after it... */ + + /* Eat multiple '/' or '\\' */ + for (s++; IS_DIRECTORY_SEP(*s); s++) { + ; + } + + if (*s == '\0') { + ret = NT_STATUS_OBJECT_NAME_INVALID; } else { - switch (*s) { - case '*': - case '?': - case '<': - case '>': - case '"': - return NT_STATUS_OBJECT_NAME_INVALID; - default: - *d++ = *s++; - break; - } + ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; } + break; + } + } + + if (!(*s & 0x80)) { + if (allow_wcard_names) { + *d++ = *s++; } else { - switch(next_mb_char_size(s)) { - case 4: - *d++ = *s++; - case 3: - *d++ = *s++; - case 2: - *d++ = *s++; - case 1: + switch (*s) { + case '*': + case '?': + case '<': + case '>': + case '"': + return NT_STATUS_OBJECT_NAME_INVALID; + default: *d++ = *s++; break; - default: - DEBUG(0,("check_path_syntax: character length assumptions invalid !\n")); - *d = '\0'; - return NT_STATUS_INVALID_PARAMETER; } } + } else { + switch(next_mb_char_size(s)) { + case 4: + *d++ = *s++; + case 3: + *d++ = *s++; + case 2: + *d++ = *s++; + case 1: + *d++ = *s++; + break; + default: + DEBUG(0,("check_path_syntax: character length assumptions invalid !\n")); + *d = '\0'; + return NT_STATUS_INVALID_PARAMETER; + } } + start_of_name_component = False; } + *d = '\0'; return ret; } -- cgit From a34e4db047ae457fb79a84a520fc802b70268f4f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 3 Sep 2004 20:05:29 +0000 Subject: r2215: I think I'm really close now. The key is to count the number of bad components once you've hit one, and keep track of how many there are (going up a level removes one - maybe it needs to be ./ in order to be removed, need to check). And remember to change the error code return depending on whether you're called from ff or chkpath. Jeremy. (This used to be commit beda1aee795971fa600af65caa749694bb0dfea5) --- source3/smbd/reply.c | 51 +++++++++++++++++++++++++++++---------------------- 1 file changed, 29 insertions(+), 22 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b20b0fe922..d26ab654fa 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -49,6 +49,7 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname, BOOL allow_w const char *s = srcname; NTSTATUS ret = NT_STATUS_OK; BOOL start_of_name_component = True; + unsigned int num_bad_components = 0; while (*s) { if (IS_DIRECTORY_SEP(*s)) { @@ -97,32 +98,21 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname, BOOL allow_w } s += 2; /* Else go past the .. */ /* We're still at the start of a name component, just the previous one. */ + + if (num_bad_components) { + /* Hmmm. Should we only decrement the bad_components if + we're removing a bad component ? Need to check this. JRA. */ + num_bad_components--; + } + continue; - } else if ((s[0] == '.') && (s[1] == '\0')) { + } else if ((s[0] == '.') && ((s[1] == '\0') || IS_DIRECTORY_SEP(s[1]))) { /* Component of pathname can't be "." only. */ ret = NT_STATUS_OBJECT_NAME_INVALID; - break; - } else if ((s[0] == '.') && IS_DIRECTORY_SEP(s[1])) { - /* - * No mb char starts with '.' so we're safe checking the directory separator here. - */ - - /* Component of pathname can't be ".\\ANYTHING". */ - - /* "/./" or "\\.\\" fails with a different error depending on what is after it... */ - - /* Eat multiple '/' or '\\' */ - for (s++; IS_DIRECTORY_SEP(*s); s++) { - ; - } - - if (*s == '\0') { - ret = NT_STATUS_OBJECT_NAME_INVALID; - } else { - ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; - } - break; + num_bad_components++; + *d++ = *s++; + continue; } } @@ -160,6 +150,23 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname, BOOL allow_w } } start_of_name_component = False; + if (num_bad_components) { + num_bad_components++; + } + } + + if (NT_STATUS_EQUAL(ret, NT_STATUS_OBJECT_NAME_INVALID)) { + /* For some strange reason being called from findfirst changes + the num_components number to cause the error return to change. JRA. */ + if (allow_wcard_names) { + if (num_bad_components > 2) { + ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + } else { + if (num_bad_components > 1) { + ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + } } *d = '\0'; -- cgit From b755bdaa8eb7428e5da376762cd88ca416220682 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 3 Sep 2004 20:30:31 +0000 Subject: r2219: Remember to count bad_components only on pathname boundaries. Jeremy. (This used to be commit ee8ac9e51a0aefd41df56de4d6deac522bdee4a3) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d26ab654fa..565046061c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -149,10 +149,10 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname, BOOL allow_w return NT_STATUS_INVALID_PARAMETER; } } - start_of_name_component = False; - if (num_bad_components) { + if (start_of_name_component && num_bad_components) { num_bad_components++; } + start_of_name_component = False; } if (NT_STATUS_EQUAL(ret, NT_STATUS_OBJECT_NAME_INVALID)) { -- cgit From 8875124a61c63d2def8ec193a98732f6fcfaa6a1 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 24 Sep 2004 00:55:46 +0000 Subject: r2575: Return correct error codes on old SEARCH call (from Samba4 torture tester). Jeremy. (This used to be commit fc51c97ea86bd1a86830d4ab2c6c7c4ec9fccc88) --- source3/smbd/reply.c | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 565046061c..cdf607e273 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -934,8 +934,8 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size make_dir_struct(p,mask,fname,size,mode,date,conn->case_sensitive); dptr_fill(p+12,dptr_num); numentries++; + p += DIR_STRUCT_SIZE; } - p += DIR_STRUCT_SIZE; } } } /* if (ok ) */ @@ -949,18 +949,12 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size (X/Open spec) */ if(ok && expect_close && numentries == 0 && status_len == 0) { - if (Protocol < PROTOCOL_NT1) { - SCVAL(outbuf,smb_rcls,ERRDOS); - SSVAL(outbuf,smb_err,ERRnofiles); - } - /* Also close the dptr - we know it's gone */ + /* Close the dptr - we know it's gone */ dptr_close(&dptr_num); + return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles); } else if (numentries == 0 || !ok) { - if (Protocol < PROTOCOL_NT1) { - SCVAL(outbuf,smb_rcls,ERRDOS); - SSVAL(outbuf,smb_err,ERRnofiles); - } dptr_close(&dptr_num); + return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles); } /* If we were called as SMBfunique, then we can close the dirptr now ! */ -- cgit From 8c1c918c94b443c7154d535b1f99201dc1767f97 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 18 Oct 2004 22:01:10 +0000 Subject: r3050: Steal from Samba4 :-). Make us pass most of the new lock tests (except for the cancel lock which I have to add). Jeremy. (This used to be commit cf7f89999e0c6becd4617c812400d1e71b9c0a30) --- source3/smbd/reply.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index cdf607e273..845f058867 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4514,13 +4514,18 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, data = smb_buf(inbuf); - if (locktype & (LOCKING_ANDX_CANCEL_LOCK | LOCKING_ANDX_CHANGE_LOCKTYPE)) { + if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) { /* we don't support these - and CANCEL_LOCK makes w2k and XP reboot so I don't really want to be compatible! (tridge) */ return ERROR_NT(NT_STATUS_NOT_SUPPORTED); } + if (locktype & LOCKING_ANDX_CANCEL_LOCK) { + /* Need to make this like a cancel.... JRA. */ + return ERROR_NT(NT_STATUS_UNSUCCESSFUL); + } + /* Check if this is an oplock break on a file we have granted an oplock on. */ -- cgit From 44b5067e326fd26e5348495063045241d65293a5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 24 Nov 2004 03:42:01 +0000 Subject: r3934: Correctly check for the top length bit in LARGE_READX. Jeremy. (This used to be commit f9effa2af90245c0fe090d730c86a2a60d8570dc) --- source3/smbd/reply.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 845f058867..5d493d8716 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -33,6 +33,7 @@ extern int max_recv; extern char magic_char; extern int global_oplock_break; unsigned int smb_echo_count = 0; +extern uint32 global_client_caps; extern BOOL global_encrypted_passwords_negotiated; @@ -2183,6 +2184,10 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message(outbuf,12,0,True); + if (global_client_caps & CAP_LARGE_READX) { + smb_maxcnt |= ((((size_t)SVAL(inbuf,smb_vwv7)) & 1 )<<16); + } + if(CVAL(inbuf,smb_wct) == 12) { #ifdef LARGE_SMB_OFF_T /* -- cgit From 97bb32d61f825c524bd0e4caecce056088e13a6d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 24 Nov 2004 05:24:38 +0000 Subject: r3936: Ensure LARGE_READX response must fit within reply buffer. Jeremy. (This used to be commit 5541001cf98aa9afb8f98ebeb91561348d3f5d74) --- source3/smbd/reply.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5d493d8716..a3bb412578 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2186,6 +2186,12 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (global_client_caps & CAP_LARGE_READX) { smb_maxcnt |= ((((size_t)SVAL(inbuf,smb_vwv7)) & 1 )<<16); + if (smb_maxcnt > BUFFER_SIZE) { + DEBUG(0,("reply_read_and_X - read too large (%u) for reply buffer %u\n", + (unsigned int)smb_maxcnt, (unsigned int)BUFFER_SIZE)); + END_PROFILE(SMBreadX); + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + } } if(CVAL(inbuf,smb_wct) == 12) { -- cgit From 314ec086f3a015f97cc5dafc3038b3bf782d92af Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 24 Nov 2004 22:05:59 +0000 Subject: r3944: Fix the problem we get on Linux where sendfile fails, but we've already sent the header using send(). As our implementation of sendfile can't return EINTR (it restarts in that case) use an errno of EINTR to signal the linux sendfile fail after header case. When that happens send the rest of the data and then turn off sendfile. Sendfile should be safe to enable on all systems now (even though it may not help in all performance cases). Jeremy. (This used to be commit 78236382f7ffe08d7924907be49493779521837f) --- source3/smbd/reply.c | 82 ++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 67 insertions(+), 15 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a3bb412578..f8f6a14067 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1717,7 +1717,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size Fail for readbraw. ****************************************************************************/ -void fail_readraw(void) +static void fail_readraw(void) { pstring errstr; slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)", @@ -1725,12 +1725,46 @@ void fail_readraw(void) exit_server(errstr); } +#if defined(WITH_SENDFILE) +/**************************************************************************** + Fake (read/write) sendfile. Returns -1 on read or write fail. +****************************************************************************/ + +static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread, char *buf, int bufsize) +{ + ssize_t ret=0; + + /* Paranioa check... */ + if (nread > bufsize) { + fail_readraw(); + } + + if (nread > 0) { + ret = read_file(fsp,buf,startpos,nread); + if (ret == -1) { + return -1; + } + } + + /* If we had a short read, fill with zeros. */ + if (ret < nread) { + memset(buf, '\0', nread - ret); + } + + if (write_data(smbd_server_fd(),buf,nread) != nread) { + return -1; + } + + return (ssize_t)nread; +} +#endif + /**************************************************************************** Use sendfile in readbraw. ****************************************************************************/ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T startpos, size_t nread, - ssize_t mincount, char *outbuf) + ssize_t mincount, char *outbuf, int out_buffsize) { ssize_t ret=0; @@ -1752,12 +1786,21 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, nread) == -1) { /* - * Special hack for broken Linux with no 64 bit clean sendfile. If we - * return ENOSYS then pretend we just got a normal read. + * Special hack for broken Linux with no working sendfile. If we + * return EINTR we sent the header but not the rest of the data. + * Fake this up by doing read/write calls. */ - if (errno == ENOSYS) { + if (errno == EINTR) { + /* Ensure we don't do this again. */ set_use_sendfile(SNUM(conn), False); - goto normal_read; + DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n")); + + if (fake_sendfile(fsp, startpos, nread, outbuf + 4, out_buffsize - 4) == -1) { + DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n", + fsp->fsp_name, strerror(errno) )); + exit_server("send_file_readbraw fake_sendfile failed"); + } + return; } DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n", @@ -1767,7 +1810,6 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st } - normal_read: #endif if (nread > 0) { @@ -1790,7 +1832,7 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st Reply to a readbraw (core+ protocol). ****************************************************************************/ -int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int dum_buffsize) +int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int out_buffsize) { extern struct current_user current_user; ssize_t maxcount,mincount; @@ -1905,7 +1947,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%d min=%d nread=%d\n", fsp->fnum, (double)startpos, (int)maxcount, (int)mincount, (int)nread ) ); - send_file_readbraw(conn, fsp, startpos, nread, mincount, outbuf); + send_file_readbraw(conn, fsp, startpos, nread, mincount, outbuf, out_buffsize); DEBUG(5,("readbraw finished\n")); END_PROFILE(SMBreadbraw); @@ -2069,7 +2111,7 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", Reply to a read and X - possibly using sendfile. ****************************************************************************/ -int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length, +int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length, int len_outbuf, files_struct *fsp, SMB_OFF_T startpos, size_t smb_maxcnt) { ssize_t nread = -1; @@ -2117,12 +2159,22 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, smb_maxcnt) == -1) { /* - * Special hack for broken Linux with no 64 bit clean sendfile. If we - * return ENOSYS then pretend we just got a normal read. + * Special hack for broken Linux with no working sendfile. If we + * return EINTR we sent the header but not the rest of the data. + * Fake this up by doing read/write calls. */ - if (errno == ENOSYS) { + if (errno == EINTR) { + /* Ensure we don't do this again. */ set_use_sendfile(SNUM(conn), False); - goto normal_read; + DEBUG(0,("send_file_readX: sendfile not available. Faking..\n")); + + if ((nread = fake_sendfile(fsp, startpos, smb_maxcnt, data, + len_outbuf - (data-outbuf))) == -1) { + DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n", + fsp->fsp_name, strerror(errno) )); + exit_server("send_file_readX: fake_sendfile failed"); + } + return nread; } DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n", @@ -2223,7 +2275,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return ERROR_DOS(ERRDOS,ERRlock); } - nread = send_file_readX(conn, inbuf, outbuf, length, fsp, startpos, smb_maxcnt); + nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt); if (nread != -1) nread = chain_reply(inbuf,outbuf,length,bufsize); -- cgit From 482f14871d568a24006fec5af68d722b5fa70a0d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 25 Nov 2004 00:07:01 +0000 Subject: r3946: Fix for bugid #2085 reported by Jason Mader . Use consistent enum type for Protocol extern. Jeremy. (This used to be commit 65dfae7ea45d4c9452b2a08efa09b01d870142f3) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f8f6a14067..376ef24ff7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -27,7 +27,7 @@ #include "includes.h" /* look in server.c for some explanation of these variables */ -extern int Protocol; +extern enum protocol_types Protocol; extern int max_send; extern int max_recv; extern char magic_char; -- cgit From 46f546571bc2429c4ee6ef86866520c4b5d4bcc7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 30 Nov 2004 00:22:04 +0000 Subject: r4007: Fix bug #2088 - ensure inherit permissions is only applied on a new file, not an existing one. Jeremy. (This used to be commit fbbdb72cf1adfe567112556626f26b031747f440) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 376ef24ff7..2806b796b3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -719,7 +719,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size mode &= ~aDIR; if (check_name(fname,conn)) { - ok = (file_set_dosmode(conn,fname,mode,NULL) == 0); + ok = (file_set_dosmode(conn,fname,mode,&sbuf,False) == 0); } } else { ok = True; @@ -3286,7 +3286,7 @@ NTSTATUS mkdir_internal(connection_struct *conn, pstring directory) } if (check_name(directory, conn)) - ret = vfs_MkDir(conn,directory,unix_mode(conn,aDIR,directory)); + ret = vfs_MkDir(conn,directory,unix_mode(conn,aDIR,directory,True)); if (ret == -1) { if(errno == ENOENT) { -- cgit From 2fffc40b1ddcd8a89160db877bd868f6e7fa8b72 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 30 Nov 2004 15:52:46 +0000 Subject: r4018: * move claim_connection from the netbios session request reply code to the negprot reply code to cope with client connections on port 445. Fixes the spurious "register_message_flags: tdb fetch failed" errors. * don't run the backgroup LPQ daemon when we are running in interactive mode. (This used to be commit 88747a7da351261185222e78e9c8d470ff53a246) --- source3/smbd/reply.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2806b796b3..eda523e73a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -259,8 +259,6 @@ int reply_special(char *inbuf,char *outbuf) reload_services(True); reopen_logs(); - claim_connection(NULL,"",0,True,FLAG_MSG_GENERAL|FLAG_MSG_SMBD|FLAG_MSG_PRINT_GENERAL); - already_got_session = True; break; -- cgit From acf9d61421faa6c0055d57fdee7db300dc5431aa Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 7 Dec 2004 18:25:53 +0000 Subject: r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index eda523e73a..23657d3f1f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -899,7 +899,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size END_PROFILE(SMBsearch); return ERROR_DOS(ERRDOS,ERRnofids); } - dptr_set_wcard(dptr_num, strdup(mask)); + dptr_set_wcard(dptr_num, SMB_STRDUP(mask)); dptr_set_attr(dptr_num, dirtype); } else { dirtype = dptr_attr(dptr_num); @@ -4945,7 +4945,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, if(fsp->wbmpx_ptr != NULL) wbms = fsp->wbmpx_ptr; /* Use an existing struct */ else - wbms = (write_bmpx_struct *)malloc(sizeof(write_bmpx_struct)); + wbms = SMB_MALLOC_P(write_bmpx_struct); if(!wbms) { DEBUG(0,("Out of memory in reply_readmpx\n")); END_PROFILE(SMBwriteBmpx); -- cgit From 695188cc262c08807760670c2b6d8c70deda2cdc Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 9 Dec 2004 01:07:06 +0000 Subject: r4108: As check_self is *always* False in every invokation, remove the logic for it. We still pass Samba4 RAW-LOCK test. Jeremy. (This used to be commit 596f23051363f8cc8896119b3eca0663a61a38c3) --- source3/smbd/reply.c | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 23657d3f1f..507e4c1c37 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1919,7 +1919,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s /* ensure we don't overrun the packet size */ maxcount = MIN(65535,maxcount); - if (!is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { + if (!is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { SMB_OFF_T size = fsp->size; SMB_OFF_T sizeneeded = startpos + maxcount; @@ -2079,7 +2079,7 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", data = smb_buf(outbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) { END_PROFILE(SMBread); return ERROR_DOS(ERRDOS,ERRlock); } @@ -2268,7 +2268,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } - if (is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) { END_PROFILE(SMBreadX); return ERROR_DOS(ERRDOS,ERRlock); } @@ -2324,7 +2324,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, SCVAL(inbuf,smb_com,SMBwritec); SCVAL(outbuf,smb_com,SMBwritec); - if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwritebraw); return(ERROR_DOS(ERRDOS,ERRlock)); } @@ -2439,8 +2439,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (numtowrite && is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, - WRITE_LOCK,False)) { + if (numtowrite && is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwriteunlock); return ERROR_DOS(ERRDOS,ERRlock); } @@ -2508,7 +2507,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwrite); return ERROR_DOS(ERRDOS,ERRlock); } @@ -2619,7 +2618,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng #endif /* LARGE_SMB_OFF_T */ } - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwriteX); return ERROR_DOS(ERRDOS,ERRlock); } @@ -2890,7 +2889,7 @@ int reply_writeclose(connection_struct *conn, mtime = make_unix_date3(inbuf+smb_vwv4); data = smb_buf(inbuf) + 1; - if (numtowrite && is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK,False)) { + if (numtowrite && is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwriteclose); return ERROR_DOS(ERRDOS,ERRlock); } @@ -4794,7 +4793,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, tcount = maxcount; total_read = 0; - if (is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK,False)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { END_PROFILE(SMBreadBmpx); return ERROR_DOS(ERRDOS,ERRlock); } @@ -4920,7 +4919,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, not an SMBwritebmpx - set this up now so we don't forget */ SCVAL(outbuf,smb_com,SMBwritec); - if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK,False)) { + if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) { END_PROFILE(SMBwriteBmpx); return(ERROR_DOS(ERRDOS,ERRlock)); } -- cgit From 934566332835eed5a3b768e07642c569eca37001 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 11 Dec 2004 00:30:28 +0000 Subject: r4143: Make strict locking an enum. Auto means use oplock optimization. Jeremy. (This used to be commit 0dd4adeae2042d0ea64398a78b3f48eb0150c133) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 507e4c1c37..825f76fcd5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4578,7 +4578,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, /* we don't support these - and CANCEL_LOCK makes w2k and XP reboot so I don't really want to be compatible! (tridge) */ - return ERROR_NT(NT_STATUS_NOT_SUPPORTED); + return ERROR_NT(NT_STATUS_UNSUCCESSFUL); } if (locktype & LOCKING_ANDX_CANCEL_LOCK) { -- cgit From 5b713a206bf9c05faad750512886f4bbeebb21f8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 14 Dec 2004 00:25:11 +0000 Subject: r4186: Fix client & server to allow 127k READX calls. Jeremy. (This used to be commit 831cb21a874601e4536c2cf76c5351e1d0defcb5) --- source3/smbd/reply.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 825f76fcd5..3dae67efef 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2148,6 +2148,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ SSVAL(outbuf,smb_vwv5,smb_maxcnt); SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); + SSVAL(outbuf,smb_vwv7,((smb_maxcnt >> 16) & 1)); SSVAL(smb_buf(outbuf),-2,smb_maxcnt); SCVAL(outbuf,smb_vwv0,0xFF); set_message(outbuf,12,smb_maxcnt,False); @@ -2196,9 +2197,11 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length return(UNIXERROR(ERRDOS,ERRnoaccess)); } + set_message(outbuf,12,nread,False); SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ SSVAL(outbuf,smb_vwv5,nread); SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); + SSVAL(outbuf,smb_vwv7,((nread >> 16) & 1)); SSVAL(smb_buf(outbuf),-2,nread); DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", -- cgit From 32f9ee7c206138b2f26254d9b4b7b45f4490ef38 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 14 Dec 2004 01:11:22 +0000 Subject: r4190: When changing length calculations, get them right...... Jeremy. (This used to be commit 63cfa904ad186bb9d793584d319bd4a7107cc8b9) --- source3/smbd/reply.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3dae67efef..eead0bc1a1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2112,6 +2112,7 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length, int len_outbuf, files_struct *fsp, SMB_OFF_T startpos, size_t smb_maxcnt) { + int outsize = 0; ssize_t nread = -1; char *data = smb_buf(outbuf); @@ -2197,7 +2198,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length return(UNIXERROR(ERRDOS,ERRnoaccess)); } - set_message(outbuf,12,nread,False); + outsize = set_message(outbuf,12,nread,False); SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ SSVAL(outbuf,smb_vwv5,nread); SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); @@ -2207,7 +2208,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); - return nread; + return outsize; } /**************************************************************************** -- cgit From 9e3453459c9166e71f483d67c04be2e49da6c561 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 15 Dec 2004 01:25:24 +0000 Subject: r4212: Ensure we only look at the bottom bit of large_readx. Set the 14 word version of write if size > 0xffff as well as 64-bit offset. Jeremy. (This used to be commit 94779ccb39560bf5eecab77d70f1fa04bfcf1456) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index eead0bc1a1..22cbf45e21 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2239,7 +2239,9 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message(outbuf,12,0,True); if (global_client_caps & CAP_LARGE_READX) { - smb_maxcnt |= ((((size_t)SVAL(inbuf,smb_vwv7)) & 1 )<<16); + if (SVAL(inbuf,smb_vwv7) == 1) { + smb_maxcnt |= (1<<16); + } if (smb_maxcnt > BUFFER_SIZE) { DEBUG(0,("reply_read_and_X - read too large (%u) for reply buffer %u\n", (unsigned int)smb_maxcnt, (unsigned int)BUFFER_SIZE)); -- cgit From 50f3d8f249401f7c142ca785ef0f20585a38d3a3 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 20 Dec 2004 22:01:42 +0000 Subject: r4293: Fix inspired by debug trace from Rob Foehl - catch sendfile errors correctly and return the correct values we want the caller to return (-1 meaning none in correct cases). Jeremy. (This used to be commit 139c1c3488237d710ceda394c028b8dc9007bff1) --- source3/smbd/reply.c | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 22cbf45e21..c5ed0eb8ba 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1783,6 +1783,11 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st header.free = NULL; if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, nread) == -1) { + /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ + if (errno == ENOSYS) { + goto normal_readbraw; + } + /* * Special hack for broken Linux with no working sendfile. If we * return EINTR we sent the header but not the rest of the data. @@ -1808,6 +1813,8 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st } + normal_readbraw: + #endif if (nread > 0) { @@ -2157,12 +2164,18 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length header.length = data - outbuf; header.free = NULL; - if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, smb_maxcnt) == -1) { + if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, smb_maxcnt)) == -1) { + /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ + if (errno == ENOSYS) { + goto normal_read; + } + /* * Special hack for broken Linux with no working sendfile. If we * return EINTR we sent the header but not the rest of the data. * Fake this up by doing read/write calls. */ + if (errno == EINTR) { /* Ensure we don't do this again. */ set_use_sendfile(SNUM(conn), False); @@ -2174,7 +2187,10 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length fsp->fsp_name, strerror(errno) )); exit_server("send_file_readX: fake_sendfile failed"); } - return nread; + DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n", + fsp->fnum, (int)smb_maxcnt, (int)(nread + (data - outbuf)) ) ); + /* Returning -1 here means successful sendfile. */ + return -1; } DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n", @@ -2184,6 +2200,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); + /* Returning -1 here means successful sendfile. */ return -1; } @@ -2208,6 +2225,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); + /* Returning the number of bytes we want to send back - including header. */ return outsize; } -- cgit From 52d377b75f7740b529c337c2e8585826246bc148 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 20 Dec 2004 22:04:53 +0000 Subject: r4295: Don't include header len in data write debug. Jeremy. (This used to be commit 473babfecac87a7e1068246bddc171a464be59e5) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c5ed0eb8ba..26a0c9e7a9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2188,7 +2188,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length exit_server("send_file_readX: fake_sendfile failed"); } DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n", - fsp->fnum, (int)smb_maxcnt, (int)(nread + (data - outbuf)) ) ); + fsp->fnum, (int)smb_maxcnt, (int)nread ) ); /* Returning -1 here means successful sendfile. */ return -1; } -- cgit From de728fa81ae549b496f2ff26ebb082092aae2204 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 28 Jan 2005 21:01:58 +0000 Subject: r5063: Shamelessly steal the Samba4 logic (and some code :-) for directory evaluation. This stops us from reading the entire directory into memory at one go, and allows partial reads. It also keeps almost the same interface to the OpenDir/ReadDir etc. code (sorry James :-). Next I will optimise the findfirst with exact match code. This speeds up our interactive response for large directories, but not when a missing (ie. negative) findfirst is done. Jeremy (This used to be commit 0af1d2f6f24f238cb05e10d7d53dcd5b5e0f5f5d) --- source3/smbd/reply.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 26a0c9e7a9..86ee331e6b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1614,11 +1614,12 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) if (dirptr) { error = NT_STATUS_NO_SUCH_FILE; - + long offset = 0; + if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); - while ((dname = ReadDirName(dirptr))) { + while ((dname = ReadDirName(dirptr, &offset))) { pstring fname; BOOL sys_direntry = False; pstrcpy(fname,dname); @@ -3361,12 +3362,13 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) { const char *dname = NULL; BOOL ret = False; + long offset = 0; void *dirptr = OpenDir(conn, directory, False); if(dirptr == NULL) return True; - while((dname = ReadDirName(dirptr))) { + while((dname = ReadDirName(dirptr, &offset))) { pstring fullname; SMB_STRUCT_STAT st; @@ -3428,8 +3430,8 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) void *dirptr = OpenDir(conn, directory, False); if(dirptr != NULL) { - int dirpos = TellDir(dirptr); - while ((dname = ReadDirName(dirptr))) { + long dirpos = TellDir(dirptr); + while ((dname = ReadDirName(dirptr,&dirpos))) { if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) continue; if(!IS_VETO_PATH(conn, dname)) { @@ -3440,7 +3442,7 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) if(all_veto_files) { SeekDir(dirptr,dirpos); - while ((dname = ReadDirName(dirptr))) { + while ((dname = ReadDirName(dirptr,&dirpos))) { pstring fullname; SMB_STRUCT_STAT st; @@ -3984,13 +3986,14 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", dirptr = OpenDir(conn, directory, True); if (dirptr) { + long offset = 0; error = NT_STATUS_NO_SUCH_FILE; /* Was error = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */ if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); - while ((dname = ReadDirName(dirptr))) { + while ((dname = ReadDirName(dirptr, &offset))) { pstring fname; BOOL sysdir_entry = False; @@ -4337,12 +4340,13 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, dirptr = OpenDir(conn, directory, True); if (dirptr) { + long offset = 0; error = ERRbadfile; if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); - while ((dname = ReadDirName(dirptr))) { + while ((dname = ReadDirName(dirptr, &offset))) { pstring fname; pstrcpy(fname,dname); -- cgit From e612109aced3284033fc2e9170bbc290d8b5d6c6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 28 Jan 2005 23:17:12 +0000 Subject: r5069: Ensure we return the correct errors for old-style search requests. Jeremy. (This used to be commit ef73dfe0d6c3b7f71109e32115d528ecdbe562ea) --- source3/smbd/reply.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 86ee331e6b..85e66d5971 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -947,18 +947,21 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size and no entries were found then return error and close dirptr (X/Open spec) */ - if(ok && expect_close && numentries == 0 && status_len == 0) { - /* Close the dptr - we know it's gone */ + if (numentries == 0 || !ok) { dptr_close(&dptr_num); - return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles); - } else if (numentries == 0 || !ok) { + } else if(ok && expect_close && status_len == 0) { + /* Close the dptr - we know it's gone */ dptr_close(&dptr_num); - return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles); } /* If we were called as SMBfunique, then we can close the dirptr now ! */ - if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) + if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) { dptr_close(&dptr_num); + } + + if ((numentries == 0) && !ms_has_wild(mask)) { + return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles); + } SSVAL(outbuf,smb_vwv0,numentries); SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE); -- cgit From d225b74b6dd4fa4cc0795f3b46d34187ffc63a43 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 29 Jan 2005 10:05:46 +0000 Subject: r5098: Next round build-fixing (This used to be commit 175ec3ed518704920c7c55b050ec1cc00da7f560) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 85e66d5971..81e579e97c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1616,8 +1616,8 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) */ if (dirptr) { - error = NT_STATUS_NO_SUCH_FILE; long offset = 0; + error = NT_STATUS_NO_SUCH_FILE; if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); -- cgit From 91bf6cb6bfbc519773d0ffcd1d41100f14247d18 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sun, 30 Jan 2005 00:36:19 +0000 Subject: r5100: We should only care about case-sensitivity when *reading* an incoming filename, not returning one. Makes us pass one more Samba4 RAW-SEARCH test. Jeremy. (This used to be commit 228d1e1649a0b4952eb5603cb5e1851cdc8f0c72) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 81e579e97c..56d4271213 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -910,7 +910,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (ok) { if ((dirtype&0x1F) == aVOLID) { memcpy(p,status,21); - make_dir_struct(p,"???????????",volume_label(SNUM(conn)),0,aVOLID,0,conn->case_sensitive); + make_dir_struct(p,"???????????",volume_label(SNUM(conn)),0,aVOLID,0); dptr_fill(p+12,dptr_num); if (dptr_zero(p+12) && (status_len==0)) numentries = 1; @@ -930,7 +930,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend); if (!finished) { memcpy(p,status,21); - make_dir_struct(p,mask,fname,size,mode,date,conn->case_sensitive); + make_dir_struct(p,mask,fname,size,mode,date); dptr_fill(p+12,dptr_num); numentries++; p += DIR_STRUCT_SIZE; -- cgit From 784adfbcbb7f3e85b81b3df5a5c8823663bac8d5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 1 Feb 2005 00:28:20 +0000 Subject: r5152: Restructure the directory handling code, stop using void * pointers that just allow the wrong pointer to be assigned :-) and make the interface more consistent. Fix the FreeBSD directory problem. Last thing to do is to add the "singleton" directory concept from James Peach's code. Jeremy. (This used to be commit cfa8150fd9932470cb8f3b5e14c0156dda67125d) --- source3/smbd/reply.c | 57 ++++++++++++++++++++++++++-------------------------- 1 file changed, 28 insertions(+), 29 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 56d4271213..c9e35e6a6a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -899,8 +899,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size END_PROFILE(SMBsearch); return ERROR_DOS(ERRDOS,ERRnofids); } - dptr_set_wcard(dptr_num, SMB_STRDUP(mask)); - dptr_set_attr(dptr_num, dirtype); + dptr_set_wcard_and_attributes(dptr_num, SMB_STRDUP(mask), dirtype); } else { dirtype = dptr_attr(dptr_num); } @@ -1604,25 +1603,25 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) count++; } } else { - void *dirptr = NULL; + struct smb_Dir *dir_hnd = NULL; const char *dname; if (check_name(directory,conn)) - dirptr = OpenDir(conn, directory, True); + dir_hnd = OpenDir(conn, directory, True); /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then the pattern matches against the long name, otherwise the short name We don't implement this yet XXXX */ - if (dirptr) { + if (dir_hnd) { long offset = 0; error = NT_STATUS_NO_SUCH_FILE; if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); - while ((dname = ReadDirName(dirptr, &offset))) { + while ((dname = ReadDirName(dir_hnd, &offset))) { pstring fname; BOOL sys_direntry = False; pstrcpy(fname,dname); @@ -1657,7 +1656,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) count++; DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } - CloseDir(dirptr); + CloseDir(dir_hnd); } } @@ -3366,12 +3365,12 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) const char *dname = NULL; BOOL ret = False; long offset = 0; - void *dirptr = OpenDir(conn, directory, False); + struct smb_Dir *dir_hnd = OpenDir(conn, directory, False); - if(dirptr == NULL) + if(dir_hnd == NULL) return True; - while((dname = ReadDirName(dirptr, &offset))) { + while((dname = ReadDirName(dir_hnd, &offset))) { pstring fullname; SMB_STRUCT_STAT st; @@ -3408,7 +3407,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) break; } } - CloseDir(dirptr); + CloseDir(dir_hnd); return ret; } @@ -3430,11 +3429,11 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) */ BOOL all_veto_files = True; const char *dname; - void *dirptr = OpenDir(conn, directory, False); + struct smb_Dir *dir_hnd = OpenDir(conn, directory, False); - if(dirptr != NULL) { - long dirpos = TellDir(dirptr); - while ((dname = ReadDirName(dirptr,&dirpos))) { + if(dir_hnd != NULL) { + long dirpos = TellDir(dir_hnd); + while ((dname = ReadDirName(dir_hnd,&dirpos))) { if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) continue; if(!IS_VETO_PATH(conn, dname)) { @@ -3444,8 +3443,8 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) } if(all_veto_files) { - SeekDir(dirptr,dirpos); - while ((dname = ReadDirName(dirptr,&dirpos))) { + SeekDir(dir_hnd,dirpos); + while ((dname = ReadDirName(dir_hnd,&dirpos))) { pstring fullname; SMB_STRUCT_STAT st; @@ -3474,11 +3473,11 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) } else if(SMB_VFS_UNLINK(conn,fullname) != 0) break; } - CloseDir(dirptr); + CloseDir(dir_hnd); /* Retry the rmdir */ ok = (SMB_VFS_RMDIR(conn,directory) == 0); } else { - CloseDir(dirptr); + CloseDir(dir_hnd); } } else { errno = ENOTEMPTY; @@ -3981,14 +3980,14 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", /* * Wildcards - process each file that matches. */ - void *dirptr = NULL; + struct smb_Dir *dir_hnd = NULL; const char *dname; pstring destname; if (check_name(directory,conn)) - dirptr = OpenDir(conn, directory, True); + dir_hnd = OpenDir(conn, directory, True); - if (dirptr) { + if (dir_hnd) { long offset = 0; error = NT_STATUS_NO_SUCH_FILE; /* Was error = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */ @@ -3996,7 +3995,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); - while ((dname = ReadDirName(dirptr, &offset))) { + while ((dname = ReadDirName(dir_hnd, &offset))) { pstring fname; BOOL sysdir_entry = False; @@ -4063,7 +4062,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", } DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } - CloseDir(dirptr); + CloseDir(dir_hnd); } if (!NT_STATUS_EQUAL(error,NT_STATUS_NO_SUCH_FILE)) { @@ -4335,21 +4334,21 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, exists = vfs_file_exist(conn,directory,NULL); } } else { - void *dirptr = NULL; + struct smb_Dir *dir_hnd = NULL; const char *dname; pstring destname; if (check_name(directory,conn)) - dirptr = OpenDir(conn, directory, True); + dir_hnd = OpenDir(conn, directory, True); - if (dirptr) { + if (dir_hnd) { long offset = 0; error = ERRbadfile; if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); - while ((dname = ReadDirName(dirptr, &offset))) { + while ((dname = ReadDirName(dir_hnd, &offset))) { pstring fname; pstrcpy(fname,dname); @@ -4365,7 +4364,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, count++; DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname)); } - CloseDir(dirptr); + CloseDir(dir_hnd); } } -- cgit From c1d7588c74ecfb8cf613256629e272b81f154aa6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 1 Feb 2005 02:06:00 +0000 Subject: r5154: Tidy up interface a little. Jeremy. (This used to be commit a38eeb765f4c744ca7bf0aca86bb448240ad295d) --- source3/smbd/reply.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c9e35e6a6a..899dba56d8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -899,7 +899,10 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size END_PROFILE(SMBsearch); return ERROR_DOS(ERRDOS,ERRnofids); } - dptr_set_wcard_and_attributes(dptr_num, SMB_STRDUP(mask), dirtype); + if (!dptr_set_wcard_and_attributes(dptr_num, mask, dirtype)) { + END_PROFILE(SMBsearch); + return ERROR_DOS(ERRDOS,ERRnomem); + } } else { dirtype = dptr_attr(dptr_num); } -- cgit From 021011f90030f6f4c39c9ef27db17eec5d4536ad Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 1 Feb 2005 18:33:50 +0000 Subject: r5160: First cut at refactoring of directory code to handle non-wildcard directory match more efficiently. Passes RAW-SEARCH under valgrind but needs more testing (which I'll do later today :-). Jeremy. (This used to be commit 0b04dd9d0c6d1fe02d1b5e43f203577bf5466f33) --- source3/smbd/reply.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 899dba56d8..748d9958bc 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1610,7 +1610,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) const char *dname; if (check_name(directory,conn)) - dir_hnd = OpenDir(conn, directory, True); + dir_hnd = OpenDir(conn, directory); /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then the pattern matches against the long name, otherwise the short name @@ -1625,10 +1625,15 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) pstrcpy(mask,"*"); while ((dname = ReadDirName(dir_hnd, &offset))) { + SMB_STRUCT_STAT st; pstring fname; BOOL sys_direntry = False; pstrcpy(fname,dname); + if (!is_visible_file(conn, directory, dname, &st, True)) { + continue; + } + /* Quick check for "." and ".." */ if (fname[0] == '.') { if (!fname[1] || (fname[1] == '.' && !fname[2])) { @@ -3368,7 +3373,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) const char *dname = NULL; BOOL ret = False; long offset = 0; - struct smb_Dir *dir_hnd = OpenDir(conn, directory, False); + struct smb_Dir *dir_hnd = OpenDir(conn, directory); if(dir_hnd == NULL) return True; @@ -3380,6 +3385,9 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) continue; + if (!is_visible_file(conn, directory, dname, &st, False)) + continue; + /* Construct the full name. */ if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) { errno = ENOMEM; @@ -3421,6 +3429,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) BOOL rmdir_internals(connection_struct *conn, char *directory) { BOOL ok; + SMB_STRUCT_STAT st; ok = (SMB_VFS_RMDIR(conn,directory) == 0); if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) { @@ -3432,13 +3441,15 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) */ BOOL all_veto_files = True; const char *dname; - struct smb_Dir *dir_hnd = OpenDir(conn, directory, False); + struct smb_Dir *dir_hnd = OpenDir(conn, directory); if(dir_hnd != NULL) { long dirpos = TellDir(dir_hnd); while ((dname = ReadDirName(dir_hnd,&dirpos))) { if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) continue; + if (!is_visible_file(conn, directory, dname, &st, False)) + continue; if(!IS_VETO_PATH(conn, dname)) { all_veto_files = False; break; @@ -3449,10 +3460,11 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) SeekDir(dir_hnd,dirpos); while ((dname = ReadDirName(dir_hnd,&dirpos))) { pstring fullname; - SMB_STRUCT_STAT st; if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) continue; + if (!is_visible_file(conn, directory, dname, &st, False)) + continue; /* Construct the full name. */ if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) { @@ -3988,7 +4000,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", pstring destname; if (check_name(directory,conn)) - dir_hnd = OpenDir(conn, directory, True); + dir_hnd = OpenDir(conn, directory); if (dir_hnd) { long offset = 0; @@ -4015,6 +4027,9 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", } } + if (!is_visible_file(conn, directory, dname, &sbuf1, False)) + continue; + if(!mask_match(fname, mask, conn->case_sensitive)) continue; @@ -4342,7 +4357,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstring destname; if (check_name(directory,conn)) - dir_hnd = OpenDir(conn, directory, True); + dir_hnd = OpenDir(conn, directory); if (dir_hnd) { long offset = 0; @@ -4355,6 +4370,9 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstring fname; pstrcpy(fname,dname); + if (!is_visible_file(conn, directory, dname, &sbuf1, False)) + continue; + if(!mask_match(fname, mask, conn->case_sensitive)) continue; -- cgit From fbd9e4098333e7d121207ae6991e525768d411e0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 11 Feb 2005 02:14:49 +0000 Subject: r5324: In order to process DELETE_ACCESS correctly and return access denied to a WXPSP2 client we must do permission checking in userspace first (this is a race condition but what can you do...). Needed for bugid #2227. Jeremy. (This used to be commit da23577f162b6bdca7d631fca256a9b3b04043e4) --- source3/smbd/reply.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 748d9958bc..68705a8aea 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1438,7 +1438,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, Check if a user is allowed to rename a file. ********************************************************************/ -static NTSTATUS can_rename(char *fname,connection_struct *conn, uint16 dirtype, SMB_STRUCT_STAT *pst) +static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst) { int smb_action; int access_mode; @@ -1479,7 +1479,7 @@ static NTSTATUS can_rename(char *fname,connection_struct *conn, uint16 dirtype, Check if a user is allowed to delete a file. ********************************************************************/ -static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype, BOOL bad_path) +NTSTATUS can_delete(connection_struct *conn, char *fname, int dirtype, BOOL bad_path, BOOL check_is_at_open) { SMB_STRUCT_STAT sbuf; int fmode; @@ -1520,6 +1520,10 @@ static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype, BOO if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) return NT_STATUS_NO_SUCH_FILE; + if (check_is_at_open && !can_delete_file_in_directory(conn, fname)) { + return NT_STATUS_ACCESS_DENIED; + } + /* We need a better way to return NT status codes from open... */ unix_ERR_class = 0; unix_ERR_code = 0; @@ -1598,7 +1602,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - error = can_delete(directory,conn,dirtype,bad_path); + error = can_delete(conn,directory,dirtype,bad_path,False); if (!NT_STATUS_IS_OK(error)) return error; @@ -1656,7 +1660,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) } slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - error = can_delete(fname,conn,dirtype,bad_path); + error = can_delete(conn,fname,dirtype,bad_path,False); if (!NT_STATUS_IS_OK(error)) { continue; } @@ -3744,7 +3748,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * return NT_STATUS_OBJECT_NAME_COLLISION; } - error = can_rename(newname,conn,attrs,&sbuf); + error = can_rename(conn,newname,attrs,&sbuf); if (dest_exists && !NT_STATUS_IS_OK(error)) { DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", @@ -3950,7 +3954,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", return NT_STATUS_OBJECT_PATH_NOT_FOUND; } - error = can_rename(directory,conn,attrs,&sbuf1); + error = can_rename(conn,directory,attrs,&sbuf1); if (!NT_STATUS_IS_OK(error)) { DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", @@ -4045,7 +4049,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(error))); continue; } - error = can_rename(fname,conn,attrs,&sbuf1); + error = can_rename(conn,fname,attrs,&sbuf1); if (!NT_STATUS_IS_OK(error)) { DEBUG(6,("rename %s refused\n", fname)); continue; -- cgit From e2cc3f48162d7dec35fb3f256c031979cfa531f8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 23 Feb 2005 23:39:51 +0000 Subject: r5524: Don't do share mode checks on can_delete if open, the rest of the open code will do this correctly. More for bug #2201. Jeremy. (This used to be commit faecf639efdecf949e91184d041489aa54e8664f) --- source3/smbd/reply.c | 43 ++++++++++++++++++++++++------------------- 1 file changed, 24 insertions(+), 19 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 68705a8aea..89183aed34 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1520,29 +1520,34 @@ NTSTATUS can_delete(connection_struct *conn, char *fname, int dirtype, BOOL bad_ if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) return NT_STATUS_NO_SUCH_FILE; - if (check_is_at_open && !can_delete_file_in_directory(conn, fname)) { - return NT_STATUS_ACCESS_DENIED; - } - - /* We need a better way to return NT status codes from open... */ - unix_ERR_class = 0; - unix_ERR_code = 0; - - fsp = open_file_shared1(conn, fname, &sbuf, DELETE_ACCESS, SET_DENY_MODE(DENY_ALL), - (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), FILE_ATTRIBUTE_NORMAL, 0, &access_mode, &smb_action); + if (check_is_at_open) { + if (!can_delete_file_in_directory(conn, fname)) { + return NT_STATUS_ACCESS_DENIED; + } + } else { + /* On open checks the open itself will check the share mode, so + don't do it here as we'll get it wrong. */ - if (!fsp) { - NTSTATUS ret = NT_STATUS_ACCESS_DENIED; - if (!NT_STATUS_IS_OK(unix_ERR_ntstatus)) - ret = unix_ERR_ntstatus; - else if (unix_ERR_class == ERRDOS && unix_ERR_code == ERRbadshare) - ret = NT_STATUS_SHARING_VIOLATION; + /* We need a better way to return NT status codes from open... */ unix_ERR_class = 0; unix_ERR_code = 0; - unix_ERR_ntstatus = NT_STATUS_OK; - return ret; + + fsp = open_file_shared1(conn, fname, &sbuf, DELETE_ACCESS, SET_DENY_MODE(DENY_ALL), + (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), FILE_ATTRIBUTE_NORMAL, 0, &access_mode, &smb_action); + + if (!fsp) { + NTSTATUS ret = NT_STATUS_ACCESS_DENIED; + if (!NT_STATUS_IS_OK(unix_ERR_ntstatus)) + ret = unix_ERR_ntstatus; + else if (unix_ERR_class == ERRDOS && unix_ERR_code == ERRbadshare) + ret = NT_STATUS_SHARING_VIOLATION; + unix_ERR_class = 0; + unix_ERR_code = 0; + unix_ERR_ntstatus = NT_STATUS_OK; + return ret; + } + close_file(fsp,False); } - close_file(fsp,False); return NT_STATUS_OK; } -- cgit From c56d5cd4c4c0ddc2b9cb018b1cb1fceb1f2fc030 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 3 Mar 2005 04:03:36 +0000 Subject: r5637: Actually test and fix the crash bugs (sorry:-). Jeremy. (This used to be commit 4348ca48549ded8c056877befa216f0e768cb2c1) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 89183aed34..2dfeebbb9f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5176,7 +5176,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, SIVAL(outbuf,smb_vwv6,0); SIVAL(outbuf,smb_vwv8,0); } else { - uint32 allocation_size = get_allocation_size(fsp, &sbuf); + uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf); SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size); SIVAL(outbuf,smb_vwv8,allocation_size); } -- cgit From eb546db88d9d4ad8da3709b2edc4d455a88e6119 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 10 Mar 2005 01:30:14 +0000 Subject: r5720: Attempt to fix bug #2382 (Excel shared workbook stops working). Also incorporates part of the fix created by ke_miyata@itg.hitachi.co.jp for bug #2045 (MS-Office behavior of timestamp). Jeremy. (This used to be commit 4f3b12ac73487f4ccb37c17506af1abf5acc80cd) --- source3/smbd/reply.c | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2dfeebbb9f..f149b79f79 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2875,6 +2875,13 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, fsp->fd, fsp->fnum, conn->num_files_open)); + /* + * Take care of any time sent in the close. + */ + + mtime = make_unix_date3(inbuf+smb_vwv1); + fsp_set_pending_modtime(fsp, mtime); + /* * close_file() returns the unix errno if an error * was detected on close - normally this is due to @@ -2886,16 +2893,6 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, END_PROFILE(SMBclose); return (UNIXERROR(ERRHRD,ERRgeneral)); } - - /* - * Now take care of any time sent in the close. - */ - - mtime = make_unix_date3(inbuf+smb_vwv1); - - /* try and set the date */ - set_filetime(conn, file_name, mtime); - } /* We have a cached error */ @@ -4233,7 +4230,7 @@ static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, close_file(fsp1,False); /* Ensure the modtime is set correctly on the destination file. */ - fsp2->pending_modtime = src_sbuf.st_mtime; + fsp_set_pending_modtime( fsp2, src_sbuf.st_mtime); /* * As we are opening fsp1 read-only we only expect @@ -4917,7 +4914,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, * Sometimes times are sent as zero - ignore them. */ - if ((unix_times.actime == 0) && (unix_times.modtime == 0)) { + if (null_mtime(unix_times.actime) && null_mtime(unix_times.modtime)) { /* Ignore request */ if( DEBUGLVL( 3 ) ) { dbgtext( "reply_setattrE fnum=%d ", fsp->fnum); @@ -4925,12 +4922,13 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, } END_PROFILE(SMBsetattrE); return(outsize); - } else if ((unix_times.actime != 0) && (unix_times.modtime == 0)) { - /* set modify time = to access time if modify time was 0 */ + } else if (!null_mtime(unix_times.actime) && null_mtime(unix_times.modtime)) { + /* set modify time = to access time if modify time was unset */ unix_times.modtime = unix_times.actime; } /* Set the date on this file */ + /* Should we set pending modtime here ? JRA */ if(file_utime(conn, fsp->fsp_name, &unix_times)) { END_PROFILE(SMBsetattrE); return ERROR_DOS(ERRDOS,ERRnoaccess); @@ -5170,6 +5168,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn)))); put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime); + /* Should we check pending modtime here ? JRA */ put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime); if (mode & aDIR) { -- cgit From cc5ba986bf4c7b704ae5c3787f2f3881145e719c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 15 Mar 2005 01:19:58 +0000 Subject: r5792: Added new parameter "inherit owner". If set on a share, the created file/directory will be owned by the same uid as the containing directory. Doing this for directories in a race-free mannor has only been tested on Linux (it depends on being able to open a directory and then do a fchown on that file descriptor). If this functionality is not available then the code silently downgrades to not changing the ownership of a new directory. This new parameter (docs to follow) finally makes it possible to create "drop boxes" on Samba, which requires all files within a directory to be commonly owned. A HOWTO on how to use this will follow. Jeremy. (This used to be commit 2e1f727184b9d025d2e3413bdd3d01d5ca803a41) --- source3/smbd/reply.c | 63 +++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 52 insertions(+), 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f149b79f79..376b42e5fd 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3303,29 +3303,47 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ code. ****************************************************************************/ -NTSTATUS mkdir_internal(connection_struct *conn, pstring directory) +NTSTATUS mkdir_internal(connection_struct *conn, const pstring directory, BOOL bad_path) { - BOOL bad_path = False; - SMB_STRUCT_STAT sbuf; int ret= -1; - unix_convert(directory,conn,0,&bad_path,&sbuf); - - if( strchr_m(directory, ':')) { - return NT_STATUS_NOT_A_DIRECTORY; + if(!CAN_WRITE(conn)) { + DEBUG(5,("mkdir_internal: failing create on read-only share %s\n", lp_servicename(SNUM(conn)))); + errno = EACCES; + return map_nt_error_from_unix(errno); } + /* The following 2 clauses set explicit DOS error codes. JRA. */ if (ms_has_wild(directory)) { + DEBUG(5,("mkdir_internal: failing create on filename %s with wildcards\n", directory)); + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRinvalidname; return NT_STATUS_OBJECT_NAME_INVALID; } + if( strchr_m(directory, ':')) { + DEBUG(5,("mkdir_internal: failing create on filename %s with colon in name\n", directory)); + unix_ERR_class = ERRDOS; + unix_ERR_code = ERRinvalidname; + return NT_STATUS_NOT_A_DIRECTORY; + } + if (bad_path) { return NT_STATUS_OBJECT_PATH_NOT_FOUND; } - if (check_name(directory, conn)) - ret = vfs_MkDir(conn,directory,unix_mode(conn,aDIR,directory,True)); - + if (!check_name(directory, conn)) { + if(errno == ENOENT) { + if (bad_path) { + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } else { + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + } + return map_nt_error_from_unix(errno); + } + + ret = vfs_MkDir(conn,directory,unix_mode(conn,aDIR,directory,True)); if (ret == -1) { if(errno == ENOENT) { return NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -3345,6 +3363,9 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstring directory; int outsize; NTSTATUS status; + BOOL bad_path = False; + SMB_STRUCT_STAT sbuf; + START_PROFILE(SMBmkdir); srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status, False); @@ -3355,12 +3376,32 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(directory, conn, inbuf, outbuf); - status = mkdir_internal(conn, directory); + unix_convert(directory,conn,0,&bad_path,&sbuf); + + status = mkdir_internal(conn, directory,bad_path); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmkdir); return ERROR_NT(status); } + if (lp_inherit_owner(SNUM(conn))) { + /* Ensure we're checking for a symlink here.... */ + /* We don't want to get caught by a symlink racer. */ + + if(SMB_VFS_LSTAT(conn,directory, &sbuf) != 0) { + END_PROFILE(SMBmkdir); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + + if(!S_ISDIR(sbuf.st_mode)) { + DEBUG(0,("reply_mkdir: %s is not a directory !\n", directory )); + END_PROFILE(SMBmkdir); + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + + change_owner_to_parent(conn, NULL, directory, &sbuf); + } + outsize = set_message(outbuf,0,0,True); DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) ); -- cgit From cc944794c19b672fba1c77d43f198654c009dd55 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 15 Mar 2005 23:17:03 +0000 Subject: r5812: We missed some RESOLVE_DFSPATH calls on pathnames for older calls. Jeremy. (This used to be commit 0b0b8686f3c4261e9b1070f4b2968e6f4ed4bbd7) --- source3/smbd/reply.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 376b42e5fd..326dafd678 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -701,6 +701,8 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } + RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + unix_convert(fname,conn,0,&bad_path,&sbuf); if (bad_path) { END_PROFILE(SMBsetatr); @@ -833,6 +835,9 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size END_PROFILE(SMBsearch); return ERROR_NT(nt_status); } + + RESOLVE_DFSPATH(path, conn, inbuf, outbuf); + p++; status_len = SVAL(p, 0); p += 2; @@ -4490,6 +4495,8 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } + RESOLVE_DFSPATH(newdir, conn, inbuf, outbuf); + if (strlen(newdir) == 0) { ok = True; } else { -- cgit From 7dcbde86ae22379b67d0a571c93aa34b2a1311aa Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 16 Mar 2005 01:41:21 +0000 Subject: r5822: Actually return an error message if disk_free fails ! Pointed out by Ying Li . Jeremy. (This used to be commit b5d31b2caf5c4739607bf57cb7e4e0569b57012b) --- source3/smbd/reply.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 326dafd678..e8ee9ffe92 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -751,7 +751,10 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz SMB_BIG_UINT dfree,dsize,bsize; START_PROFILE(SMBdskattr); - SMB_VFS_DISK_FREE(conn,".",True,&bsize,&dfree,&dsize); + if (SMB_VFS_DISK_FREE(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) { + END_PROFILE(SMBdskattr); + return(UNIXERROR(ERRHRD,ERRgeneral)); + } outsize = set_message(outbuf,5,0,True); -- cgit From 27b84e5e5573cf922b77bdf935a715af2c4ce1c2 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 24 Mar 2005 22:32:52 +0000 Subject: r6048: Split out the check_path_syntax into a findfirst/next/wildcard version. The semantics are different with wildcards. Jeremy. (This used to be commit f8b67159fc1c8224a7caf41409b2654846f34a2d) --- source3/smbd/reply.c | 158 +++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 134 insertions(+), 24 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e8ee9ffe92..059af83001 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -38,13 +38,13 @@ extern uint32 global_client_caps; extern BOOL global_encrypted_passwords_negotiated; /**************************************************************************** - Ensure we check the path in *exactly* the same way as W2K. + Ensure we check the path in *exactly* the same way as W2K for regular pathnames. We're assuming here that '/' is not the second byte in any multibyte char set (a safe assumption). '\\' *may* be the second byte in a multibyte char set. ****************************************************************************/ -NTSTATUS check_path_syntax(pstring destname, const pstring srcname, BOOL allow_wcard_names) +NTSTATUS check_path_syntax(pstring destname, const pstring srcname) { char *d = destname; const char *s = srcname; @@ -118,20 +118,16 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname, BOOL allow_w } if (!(*s & 0x80)) { - if (allow_wcard_names) { - *d++ = *s++; - } else { - switch (*s) { - case '*': - case '?': - case '<': - case '>': - case '"': - return NT_STATUS_OBJECT_NAME_INVALID; - default: - *d++ = *s++; - break; - } + switch (*s) { + case '*': + case '?': + case '<': + case '>': + case '"': + return NT_STATUS_OBJECT_NAME_INVALID; + default: + *d++ = *s++; + break; } } else { switch(next_mb_char_size(s)) { @@ -157,17 +153,127 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname, BOOL allow_w } if (NT_STATUS_EQUAL(ret, NT_STATUS_OBJECT_NAME_INVALID)) { - /* For some strange reason being called from findfirst changes - the num_components number to cause the error return to change. JRA. */ - if (allow_wcard_names) { - if (num_bad_components > 2) { - ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; + if (num_bad_components > 1) { + ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + } + + *d = '\0'; + return ret; +} + +/**************************************************************************** + Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext + path or anything including wildcards. + We're assuming here that '/' is not the second byte in any multibyte char + set (a safe assumption). '\\' *may* be the second byte in a multibyte char + set. +****************************************************************************/ + +NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname) +{ + char *d = destname; + const char *s = srcname; + NTSTATUS ret = NT_STATUS_OK; + BOOL start_of_name_component = True; + unsigned int num_bad_components = 0; + + while (*s) { + if (IS_DIRECTORY_SEP(*s)) { + /* + * Safe to assume is not the second part of a mb char as this is handled below. + */ + /* Eat multiple '/' or '\\' */ + while (IS_DIRECTORY_SEP(*s)) { + s++; + } + if ((d != destname) && (*s != '\0')) { + /* We only care about non-leading or trailing '/' or '\\' */ + *d++ = '/'; + } + + start_of_name_component = True; + continue; + } + + if (start_of_name_component) { + if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) { + /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */ + + /* + * No mb char starts with '.' so we're safe checking the directory separator here. + */ + + /* If we just added a '/' - delete it */ + if ((d > destname) && (*(d-1) == '/')) { + *(d-1) = '\0'; + d--; + } + + /* Are we at the start ? Can't go back further if so. */ + if (d <= destname) { + ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD; + break; + } + /* Go back one level... */ + /* We know this is safe as '/' cannot be part of a mb sequence. */ + /* NOTE - if this assumption is invalid we are not in good shape... */ + /* Decrement d first as d points to the *next* char to write into. */ + for (d--; d > destname; d--) { + if (*d == '/') + break; + } + s += 2; /* Else go past the .. */ + /* We're still at the start of a name component, just the previous one. */ + + if (num_bad_components) { + /* Hmmm. Should we only decrement the bad_components if + we're removing a bad component ? Need to check this. JRA. */ + num_bad_components--; + } + + continue; + + } else if ((s[0] == '.') && ((s[1] == '\0') || IS_DIRECTORY_SEP(s[1]))) { + /* Component of pathname can't be "." only. */ + ret = NT_STATUS_OBJECT_NAME_INVALID; + num_bad_components++; + *d++ = *s++; + continue; } + } + + if (!(*s & 0x80)) { + *d++ = *s++; } else { - if (num_bad_components > 1) { - ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; + switch(next_mb_char_size(s)) { + case 4: + *d++ = *s++; + case 3: + *d++ = *s++; + case 2: + *d++ = *s++; + case 1: + *d++ = *s++; + break; + default: + DEBUG(0,("check_path_syntax_wcard: character length assumptions invalid !\n")); + *d = '\0'; + return NT_STATUS_INVALID_PARAMETER; } } + if (start_of_name_component && num_bad_components) { + num_bad_components++; + } + start_of_name_component = False; + } + + if (NT_STATUS_EQUAL(ret, NT_STATUS_OBJECT_NAME_INVALID)) { + /* For some strange reason being called from findfirst changes + the num_components number to cause the error return to change. JRA. */ + if (num_bad_components > 2) { + ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; + } } *d = '\0'; @@ -192,7 +298,11 @@ size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len } else { ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags); } - *err = check_path_syntax(dest, tmppath, allow_wcard_names); + if (allow_wcard_names) { + *err = check_path_syntax_wcard(dest, tmppath); + } else { + *err = check_path_syntax(dest, tmppath); + } return ret; } -- cgit From a5433c4bf7a256880725173b96af5405c3c2eb9c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 25 Mar 2005 00:58:15 +0000 Subject: r6053: Fixup dfs path with the new wildcard parser code split out. Jeremy. (This used to be commit e831cef618d55c362e8d3a8a4c2b9f2ed7d4d7bd) --- source3/smbd/reply.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 059af83001..17423c531d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -949,7 +949,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(nt_status); } - RESOLVE_DFSPATH(path, conn, inbuf, outbuf); + RESOLVE_DFSPATH_WCARD(path, conn, inbuf, outbuf); p++; status_len = SVAL(p, 0); @@ -1823,7 +1823,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } - RESOLVE_DFSPATH(name, conn, inbuf, outbuf); + RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf); DEBUG(3,("reply_unlink : %s\n",name)); @@ -4293,8 +4293,8 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - RESOLVE_DFSPATH(name, conn, inbuf, outbuf); - RESOLVE_DFSPATH(newname, conn, inbuf, outbuf); + RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf); + RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf); DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); @@ -4453,8 +4453,8 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_DOS(ERRSRV,ERRinvdevice); } - RESOLVE_DFSPATH(name, conn, inbuf, outbuf); - RESOLVE_DFSPATH(newname, conn, inbuf, outbuf); + RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf); + RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf); rc = unix_convert(name,conn,0,&bad_path1,&sbuf1); unix_convert(newname,conn,0,&bad_path2,&sbuf2); -- cgit From 10fe0ae721194157d87f306feab30b5f3f42c9b9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 25 Mar 2005 19:52:01 +0000 Subject: r6063: Fix for bug #2533 - ensure SMBsearch unsets UNICODE flags2 bit as this SMB is DOS codepage only. Jeremy. (This used to be commit 56cc756b9d14db23b2640c347f729fa90dad9b6a) --- source3/smbd/reply.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 17423c531d..6cc6a97afc 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1090,7 +1090,10 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (Protocol >= PROTOCOL_NT1) SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME); - + + /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */ + SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS))); + outsize += DIR_STRUCT_SIZE*numentries; smb_setlen(outbuf,outsize - 4); -- cgit From fa787af52093e14de4a472d2ccb50b9ec66b10d1 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 29 Mar 2005 00:36:30 +0000 Subject: r6106: Fix bug #2551. It turns out that the incoming flags2 flag FLAGS2_LONG_PATH_COMPONENTS determines if a reply is uppercased on a SMBsearch request, not the protocol level. This could clear up quite a few hacks going forward I think. Jeremy. (This used to be commit 8c64cd368fdd2c5a4b361904855c135ade3f449e) --- source3/smbd/reply.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6cc6a97afc..9a811c14a3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -931,6 +931,8 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL can_open = True; BOOL bad_path = False; NTSTATUS nt_status; + BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False; + START_PROFILE(SMBsearch); *mask = *directory = *fname = 0; @@ -1030,7 +1032,8 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (ok) { if ((dirtype&0x1F) == aVOLID) { memcpy(p,status,21); - make_dir_struct(p,"???????????",volume_label(SNUM(conn)),0,aVOLID,0); + make_dir_struct(p,"???????????",volume_label(SNUM(conn)), + 0,aVOLID,0,!allow_long_path_components); dptr_fill(p+12,dptr_num); if (dptr_zero(p+12) && (status_len==0)) numentries = 1; @@ -1050,7 +1053,8 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend); if (!finished) { memcpy(p,status,21); - make_dir_struct(p,mask,fname,size,mode,date); + make_dir_struct(p,mask,fname,size, mode,date, + !allow_long_path_components); dptr_fill(p+12,dptr_num); numentries++; p += DIR_STRUCT_SIZE; @@ -1088,8 +1092,11 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SCVAL(smb_buf(outbuf),0,5); SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE); - if (Protocol >= PROTOCOL_NT1) - SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME); + /* The replies here are never long name. */ + SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME)); + if (!allow_long_path_components) { + SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_LONG_PATH_COMPONENTS)); + } /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */ SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS))); -- cgit From 89fffb349f19708ab23d5fd11fb004ee2ba1fe29 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 1 Apr 2005 00:21:55 +0000 Subject: r6160: Ensure allocation size is correctly returned for OpenX. Only set allocation on create/truncate for nttrans. Jeremy. (This used to be commit fb05ac4c03eec21f3f18668610022ebfa6d6bf4a) --- source3/smbd/reply.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9a811c14a3..e2de97c478 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1311,6 +1311,21 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } size = sbuf.st_size; + + if ((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) { + SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv9); + if (allocation_size && (allocation_size > (SMB_BIG_UINT)size)) { + fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size); + if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) { + close_file(fsp,False); + END_PROFILE(SMBntcreateX); + return ERROR_NT(NT_STATUS_DISK_FULL); + } + } else { + fsp->initial_allocation_size = smb_roundup(fsp->conn,(SMB_BIG_UINT)size); + } + } + fmode = dos_mode(conn,fname,&sbuf); mtime = sbuf.st_mtime; if (fmode & aDIR) { @@ -1348,7 +1363,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt put_dos_date3(outbuf,smb_vwv4,mtime & ~1); else put_dos_date3(outbuf,smb_vwv4,mtime); - SIVAL(outbuf,smb_vwv6,(uint32)size); + SIVAL(outbuf,smb_vwv6,(uint32)get_allocation_size(conn,fsp,&sbuf)); SSVAL(outbuf,smb_vwv8,rmode); SSVAL(outbuf,smb_vwv11,smb_action); -- cgit From 0557c6cba2a21c9df547fbc8ff4db2899bc1c171 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 1 Apr 2005 23:11:28 +0000 Subject: r6172: Tidy up error processing significantly. Remove unix_ERR_XXX global nastyness. Jeremy. (This used to be commit d3379fe61bb934082b51a37adac232a96bafcf46) --- source3/smbd/reply.c | 78 +++++++++++++++++++++------------------------------- 1 file changed, 32 insertions(+), 46 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e2de97c478..aef9755122 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1206,7 +1206,6 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, END_PROFILE(SMBopen); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ - clear_cached_errors(); return -1; } return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); @@ -1304,7 +1303,6 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt END_PROFILE(SMBopenX); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ - clear_cached_errors(); return -1; } return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); @@ -1453,7 +1451,6 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, END_PROFILE(SMBcreate); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ - clear_cached_errors(); return -1; } return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); @@ -1537,7 +1534,6 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, END_PROFILE(SMBctemp); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ - clear_cached_errors(); return -1; } return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); @@ -1599,20 +1595,19 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, return NT_STATUS_OK; /* We need a better way to return NT status codes from open... */ - unix_ERR_class = 0; - unix_ERR_code = 0; + set_saved_error_triple(0, 0, NT_STATUS_OK); fsp = open_file_shared1(conn, fname, pst, DELETE_ACCESS, SET_DENY_MODE(DENY_ALL), (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), FILE_ATTRIBUTE_NORMAL, 0, &access_mode, &smb_action); if (!fsp) { - NTSTATUS ret = NT_STATUS_ACCESS_DENIED; - if (unix_ERR_class == ERRDOS && unix_ERR_code == ERRbadshare) - ret = NT_STATUS_SHARING_VIOLATION; - unix_ERR_class = 0; - unix_ERR_code = 0; - unix_ERR_ntstatus = NT_STATUS_OK; - return ret; + NTSTATUS ret; + if (get_saved_error_triple(NULL, NULL, &ret)) { + set_saved_error_triple(0, 0, NT_STATUS_OK); + return ret; + } + set_saved_error_triple(0, 0, NT_STATUS_OK); + return NT_STATUS_ACCESS_DENIED; } close_file(fsp,False); return NT_STATUS_OK; @@ -1672,22 +1667,19 @@ NTSTATUS can_delete(connection_struct *conn, char *fname, int dirtype, BOOL bad_ don't do it here as we'll get it wrong. */ /* We need a better way to return NT status codes from open... */ - unix_ERR_class = 0; - unix_ERR_code = 0; + set_saved_error_triple(0, 0, NT_STATUS_OK); fsp = open_file_shared1(conn, fname, &sbuf, DELETE_ACCESS, SET_DENY_MODE(DENY_ALL), (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), FILE_ATTRIBUTE_NORMAL, 0, &access_mode, &smb_action); if (!fsp) { - NTSTATUS ret = NT_STATUS_ACCESS_DENIED; - if (!NT_STATUS_IS_OK(unix_ERR_ntstatus)) - ret = unix_ERR_ntstatus; - else if (unix_ERR_class == ERRDOS && unix_ERR_code == ERRbadshare) - ret = NT_STATUS_SHARING_VIOLATION; - unix_ERR_class = 0; - unix_ERR_code = 0; - unix_ERR_ntstatus = NT_STATUS_OK; - return ret; + NTSTATUS ret; + if (get_saved_error_triple(NULL, NULL, &ret)) { + set_saved_error_triple(0, 0, NT_STATUS_OK); + return ret; + } + set_saved_error_triple(0, 0, NT_STATUS_OK); + return NT_STATUS_ACCESS_DENIED; } close_file(fsp,False); } @@ -1856,7 +1848,6 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ - clear_cached_errors(); return -1; } return ERROR_NT(status); @@ -3456,21 +3447,6 @@ NTSTATUS mkdir_internal(connection_struct *conn, const pstring directory, BOOL b return map_nt_error_from_unix(errno); } - /* The following 2 clauses set explicit DOS error codes. JRA. */ - if (ms_has_wild(directory)) { - DEBUG(5,("mkdir_internal: failing create on filename %s with wildcards\n", directory)); - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRinvalidname; - return NT_STATUS_OBJECT_NAME_INVALID; - } - - if( strchr_m(directory, ':')) { - DEBUG(5,("mkdir_internal: failing create on filename %s with colon in name\n", directory)); - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRinvalidname; - return NT_STATUS_NOT_A_DIRECTORY; - } - if (bad_path) { return NT_STATUS_OBJECT_PATH_NOT_FOUND; } @@ -3521,6 +3497,12 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_convert(directory,conn,0,&bad_path,&sbuf); + if( strchr_m(directory, ':')) { + DEBUG(5,("reply_mkdir: failing create on filename %s with colon in name\n", directory)); + END_PROFILE(SMBmkdir); + return ERROR_FORCE_DOS(ERRDOS, ERRinvalidname); + } + status = mkdir_internal(conn, directory,bad_path); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmkdir); @@ -3530,7 +3512,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (lp_inherit_owner(SNUM(conn))) { /* Ensure we're checking for a symlink here.... */ /* We don't want to get caught by a symlink racer. */ - + if(SMB_VFS_LSTAT(conn,directory, &sbuf) != 0) { END_PROFILE(SMBmkdir); return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -4328,7 +4310,6 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, END_PROFILE(SMBmv); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ - clear_cached_errors(); return -1; } return ERROR_NT(status); @@ -4592,8 +4573,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_DOS(ERRDOS,error); } else { if((errno == ENOENT) && (bad_path1 || bad_path2)) { - unix_ERR_class = ERRDOS; - unix_ERR_code = ERRbadpath; + set_saved_error_triple(ERRDOS, ERRbadpath, NT_STATUS_OK); } END_PROFILE(SMBcopy); return(UNIXERROR(ERRDOS,error)); @@ -5149,7 +5129,9 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); - CHECK_ERROR(fsp); + if (HAS_CACHED_ERROR(fsp)) { + return(CACHED_ERROR(fsp)); + } tcount = SVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); @@ -5292,8 +5274,12 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz END_PROFILE(SMBwriteBs); return(ERROR_DOS(ERRHRD,ERRdiskfull)); } + wbms->wr_errclass = ERRHRD; + wbms->wr_error = ERRdiskfull; + wbms->wr_status = NT_STATUS_DISK_FULL; + wbms->wr_discard = True; END_PROFILE(SMBwriteBs); - return(CACHE_ERROR(wbms,ERRHRD,ERRdiskfull)); + return -1; } /* Increment the total written, if this matches tcount -- cgit From 1045c786246658f5d8e289d46cb4bdfc87655c71 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 2 Apr 2005 00:13:27 +0000 Subject: r6174: Fixup T2 open call - we were returning 2 bytes short. Jeremy. (This used to be commit 0c7de7615bf0edbb36a3afee445db13a71e26d2e) --- source3/smbd/reply.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index aef9755122..22cb599195 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1295,7 +1295,17 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt END_PROFILE(SMBopenX); return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); } - + + /* Strange open mode mapping. */ + if (smb_ofun == 0) { + if (GET_OPEN_MODE(smb_mode) == DOS_OPEN_EXEC) { + smb_ofun = FILE_EXISTS_FAIL | FILE_CREATE_IF_NOT_EXIST; + } else { + END_PROFILE(SMBopenX); + return ERROR_FORCE_DOS(ERRDOS, ERRbadaccess); + } + } + fsp = open_file_shared(conn,fname,&sbuf,smb_mode,smb_ofun,(uint32)smb_attr, oplock_request, &rmode,&smb_action); -- cgit From 77fa234ffc71a62990d37e3d32c9d6733d60c17f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 5 Apr 2005 01:20:32 +0000 Subject: r6203: Fix attribute return on creating a directory with nttrans_create. Fix strange allocation semantics of openX. Jeremy. (This used to be commit da5a8b539d39d2765de22c3e55e9f284992ff966) --- source3/smbd/reply.c | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 22cb599195..0d1523ae3b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1268,6 +1268,9 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt BOOL bad_path = False; files_struct *fsp; NTSTATUS status; + SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv9); + ssize_t retval = -1; + START_PROFILE(SMBopenX); /* If it's an IPC, pass off the pipe handler. */ @@ -1320,18 +1323,22 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt size = sbuf.st_size; - if ((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) { - SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv9); - if (allocation_size && (allocation_size > (SMB_BIG_UINT)size)) { - fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size); - if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) { - close_file(fsp,False); - END_PROFILE(SMBntcreateX); - return ERROR_NT(NT_STATUS_DISK_FULL); - } - } else { - fsp->initial_allocation_size = smb_roundup(fsp->conn,(SMB_BIG_UINT)size); + /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size, + if the file is truncated or created. */ + if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) { + fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size); + if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) { + close_file(fsp,False); + END_PROFILE(SMBntcreateX); + return ERROR_NT(NT_STATUS_DISK_FULL); + } + retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size); + if (retval < 0) { + close_file(fsp,False); + END_PROFILE(SMBwrite); + return ERROR_NT(NT_STATUS_DISK_FULL); } + size = get_allocation_size(conn,fsp,&sbuf); } fmode = dos_mode(conn,fname,&sbuf); @@ -1371,7 +1378,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt put_dos_date3(outbuf,smb_vwv4,mtime & ~1); else put_dos_date3(outbuf,smb_vwv4,mtime); - SIVAL(outbuf,smb_vwv6,(uint32)get_allocation_size(conn,fsp,&sbuf)); + SIVAL(outbuf,smb_vwv6,(uint32)size); SSVAL(outbuf,smb_vwv8,rmode); SSVAL(outbuf,smb_vwv11,smb_action); -- cgit From 978ca8486031e43754a3c23757f361bf3a85f335 Mon Sep 17 00:00:00 2001 From: Herb Lewis Date: Wed, 6 Apr 2005 16:28:04 +0000 Subject: r6225: get rid of warnings from my compiler about nested externs (This used to be commit efea76ac71412f8622cd233912309e91b9ea52da) --- source3/smbd/reply.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0d1523ae3b..c3cb81ddfc 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -35,6 +35,7 @@ extern int global_oplock_break; unsigned int smb_echo_count = 0; extern uint32 global_client_caps; +extern struct current_user current_user; extern BOOL global_encrypted_passwords_negotiated; /**************************************************************************** @@ -471,7 +472,6 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt int passlen = SVAL(inbuf,smb_vwv3); pstring path; char *p, *q; - extern BOOL global_encrypted_passwords_negotiated; START_PROFILE(SMBtconX); @@ -2010,7 +2010,6 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int out_buffsize) { - extern struct current_user current_user; ssize_t maxcount,mincount; size_t nread = 0; SMB_OFF_T startpos; @@ -2980,7 +2979,6 @@ int reply_exit(connection_struct *conn, int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - extern struct current_user current_user; int outsize = 0; time_t mtime; int32 eclass = 0, err = 0; -- cgit From ed1f7121a39d863066ef47e985b77fe3dbedbc9b Mon Sep 17 00:00:00 2001 From: Herb Lewis Date: Wed, 27 Apr 2005 18:32:37 +0000 Subject: r6502: add LOCKING debug class - pull PRINTINGDB class definition from trunk so our numbers don't get out of sync (This used to be commit 58e307664e02ebf0415f19ed625d2f166d9cb1cc) --- source3/smbd/reply.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c3cb81ddfc..aa33e59b7e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2129,6 +2129,9 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s return -1; } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + /**************************************************************************** Reply to a lockread (core+ protocol). ****************************************************************************/ @@ -2222,6 +2225,9 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", return(outsize); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_ALL + /**************************************************************************** Reply to a read. ****************************************************************************/ @@ -2610,6 +2616,9 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, return(outsize); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + /**************************************************************************** Reply to a writeunlock (core+). ****************************************************************************/ @@ -2674,6 +2683,9 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, return outsize; } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_ALL + /**************************************************************************** Reply to a write. ****************************************************************************/ @@ -3121,6 +3133,9 @@ int reply_writeclose(connection_struct *conn, return(outsize); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + /**************************************************************************** Reply to a lock. ****************************************************************************/ @@ -3201,6 +3216,9 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, return(outsize); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_ALL + /**************************************************************************** Reply to a tdis. ****************************************************************************/ @@ -4652,6 +4670,9 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return(outsize); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + /**************************************************************************** Get a lock pid, dealing with large count requests. ****************************************************************************/ @@ -4989,6 +5010,9 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); return chain_reply(inbuf,outbuf,length,bufsize); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_ALL + /**************************************************************************** Reply to a SMBreadbmpx (read block multiplex) request. ****************************************************************************/ -- cgit From 02e3717ee9e045d197d845489e84ac40083ca868 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 6 May 2005 08:07:39 +0000 Subject: r6625: Remove another global variable left over from a long time ago (magic char). Jeremy. (This used to be commit b1bfa9cb37deb22d1d08bc60ba44d61334f6446e) --- source3/smbd/reply.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index aa33e59b7e..d39b9a20d3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -30,7 +30,6 @@ extern enum protocol_types Protocol; extern int max_send; extern int max_recv; -extern char magic_char; extern int global_oplock_break; unsigned int smb_echo_count = 0; extern uint32 global_client_caps; @@ -1753,7 +1752,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) * Tine Smukavec . */ - if (!rc && mangle_is_mangled(mask)) + if (!rc && mangle_is_mangled(mask,SNUM(conn))) mangle_check_cache( mask, sizeof(pstring)-1 ); if (!has_wild) { @@ -4055,7 +4054,7 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, ui * Tine Smukavec . */ - if (!rc && mangle_is_mangled(mask)) + if (!rc && mangle_is_mangled(mask,SNUM(conn))) mangle_check_cache( mask, sizeof(pstring)-1 ); has_wild = ms_has_wild(mask); @@ -4064,7 +4063,7 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, ui /* * No wildcards - just process the one file. */ - BOOL is_short_name = mangle_is_8_3(name, True); + BOOL is_short_name = mangle_is_8_3(name, True, SNUM(conn)); /* Add a terminating '/' to the directory name. */ pstrcat(directory,"/"); @@ -4536,7 +4535,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, * Tine Smukavec . */ - if (!rc && mangle_is_mangled(mask)) + if (!rc && mangle_is_mangled(mask, SNUM(conn))) mangle_check_cache( mask, sizeof(pstring)-1 ); has_wild = ms_has_wild(mask); -- cgit From af2437b269a175672dd093527e20cc7f719b1e16 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 6 May 2005 10:47:52 +0000 Subject: r6629: Fix stupid typo. Thanks Gunther. Jeremy. (This used to be commit 8693df2551fce145f7c919dee67a26d8fb8dfd1d) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d39b9a20d3..8cccd9b568 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1753,7 +1753,7 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) */ if (!rc && mangle_is_mangled(mask,SNUM(conn))) - mangle_check_cache( mask, sizeof(pstring)-1 ); + mangle_check_cache( mask, sizeof(pstring)-1, SNUM(conn)); if (!has_wild) { pstrcat(directory,"/"); @@ -4055,7 +4055,7 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, ui */ if (!rc && mangle_is_mangled(mask,SNUM(conn))) - mangle_check_cache( mask, sizeof(pstring)-1 ); + mangle_check_cache( mask, sizeof(pstring)-1, SNUM(conn)); has_wild = ms_has_wild(mask); @@ -4536,7 +4536,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, */ if (!rc && mangle_is_mangled(mask, SNUM(conn))) - mangle_check_cache( mask, sizeof(pstring)-1 ); + mangle_check_cache( mask, sizeof(pstring)-1, SNUM(conn)); has_wild = ms_has_wild(mask); -- cgit From bd688a9138a9ee8593a2eada158c2bcde2b59f4e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 6 May 2005 13:26:54 +0000 Subject: r6633: Added "check_path_syntax_posix()" in preparation for handling POSIX pathnames. Not yet used. Jeremy. (This used to be commit 381da9b55d6a3fda2ba4a3f12bee50853b7fd3b3) --- source3/smbd/reply.c | 96 +++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 95 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8cccd9b568..e1131c56ed 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -280,6 +280,100 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname) return ret; } +/**************************************************************************** + Check the path for a POSIX client. + We're assuming here that '/' is not the second byte in any multibyte char + set (a safe assumption). +****************************************************************************/ + +NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname) +{ + char *d = destname; + const char *s = srcname; + NTSTATUS ret = NT_STATUS_OK; + BOOL start_of_name_component = True; + + while (*s) { + if (*s == '/') { + /* + * Safe to assume is not the second part of a mb char as this is handled below. + */ + /* Eat multiple '/' or '\\' */ + while (*s == '/') { + s++; + } + if ((d != destname) && (*s != '\0')) { + /* We only care about non-leading or trailing '/' */ + *d++ = '/'; + } + + start_of_name_component = True; + continue; + } + + if (start_of_name_component) { + if ((s[0] == '.') && (s[1] == '.') && (s[2] == '/' || s[2] == '\0')) { + /* Uh oh - "/../" or "/..\0" ! */ + + /* + * No mb char starts with '.' so we're safe checking the directory separator here. + */ + + /* If we just added a '/' - delete it */ + if ((d > destname) && (*(d-1) == '/')) { + *(d-1) = '\0'; + d--; + } + + /* Are we at the start ? Can't go back further if so. */ + if (d <= destname) { + ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD; + break; + } + /* Go back one level... */ + /* We know this is safe as '/' cannot be part of a mb sequence. */ + /* NOTE - if this assumption is invalid we are not in good shape... */ + /* Decrement d first as d points to the *next* char to write into. */ + for (d--; d > destname; d--) { + if (*d == '/') + break; + } + s += 2; /* Else go past the .. */ + continue; + + } else if ((s[0] == '.') && ((s[1] == '\0') || (s[1] == '/'))) { + /* Eat the '.' */ + s++; + continue; + } + } + + if (!(*s & 0x80)) { + *d++ = *s++; + } else { + switch(next_mb_char_size(s)) { + case 4: + *d++ = *s++; + case 3: + *d++ = *s++; + case 2: + *d++ = *s++; + case 1: + *d++ = *s++; + break; + default: + DEBUG(0,("check_path_syntax_posix: character length assumptions invalid !\n")); + *d = '\0'; + return NT_STATUS_INVALID_PARAMETER; + } + } + start_of_name_component = False; + } + + *d = '\0'; + return ret; +} + /**************************************************************************** Pull a string and check the path - provide for error return. ****************************************************************************/ @@ -3529,7 +3623,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_convert(directory,conn,0,&bad_path,&sbuf); - if( strchr_m(directory, ':')) { + if( is_ntfs_stream_name(directory)) { DEBUG(5,("reply_mkdir: failing create on filename %s with colon in name\n", directory)); END_PROFILE(SMBmkdir); return ERROR_FORCE_DOS(ERRDOS, ERRinvalidname); -- cgit From 08355754151b2d02b2102bc76e94b63ffffdf408 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sun, 8 May 2005 23:16:28 +0000 Subject: r6673: Fix the write cache based on some VERY good detective work from Ingo Kilian . You must do a make clean after updating this. Jeremy. (This used to be commit 3b2cd19fcb8ce38578b122fd6ae722b73081dcda) --- source3/smbd/reply.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e1131c56ed..686f54c5e7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2190,21 +2190,18 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s maxcount = MIN(65535,maxcount); if (!is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { - SMB_OFF_T size = fsp->size; - SMB_OFF_T sizeneeded = startpos + maxcount; + SMB_STRUCT_STAT st; + SMB_OFF_T size = 0; - if (size < sizeneeded) { - SMB_STRUCT_STAT st; - if (SMB_VFS_FSTAT(fsp,fsp->fd,&st) == 0) - size = st.st_size; - if (!fsp->can_write) - fsp->size = size; + if (SMB_VFS_FSTAT(fsp,fsp->fd,&st) == 0) { + size = st.st_size; } - if (startpos >= size) + if (startpos >= size) { nread = 0; - else + } else { nread = MIN(maxcount,(size - startpos)); + } } #if 0 /* mincount appears to be ignored in a W2K server. JRA. */ -- cgit From 75f109bc81c0ff0d714070b3f324bce62c2f3984 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 25 May 2005 19:25:35 +0000 Subject: r6977: Fix bug #2735 (not mangling control characters) plus ensure we don't create files with control characters either. Jeremy. (This used to be commit 0ca2423c706423a07721e375345b6d45a45cbcf4) --- source3/smbd/reply.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 686f54c5e7..1c2e950836 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -118,6 +118,9 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) } if (!(*s & 0x80)) { + if (*s <= 0x1f) { + return NT_STATUS_OBJECT_NAME_INVALID; + } switch (*s) { case '*': case '?': @@ -244,6 +247,9 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname) } if (!(*s & 0x80)) { + if (*s <= 0x1f) { + return NT_STATUS_OBJECT_NAME_INVALID; + } *d++ = *s++; } else { switch(next_mb_char_size(s)) { -- cgit From db0b2f9ebe947a244ee4ec493e489d928ed5cb63 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 9 Jun 2005 18:15:23 +0000 Subject: r7447: Sync up a little between HEAD and 3.0 in preparation for moving the AIO code across. Jeremy. (This used to be commit e9604e65f4337a4163398f1f2c71e13da7993ed4) --- source3/smbd/reply.c | 35 ++++++++++++++++++++++++++++++----- 1 file changed, 30 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1c2e950836..f97bedef9b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2569,6 +2569,14 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return ERROR_DOS(ERRDOS,ERRlock); } +#if 0 + /* Enable when the AIO code is moved over. JRA. */ + if (schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt)) { + END_PROFILE(SMBreadX); + return -1; + } +#endif + nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt); if (nread != -1) nread = chain_reply(inbuf,outbuf,length,bufsize); @@ -2642,6 +2650,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, SCVAL(outbuf,smb_com,SMBwritebraw); SSVALS(outbuf,smb_vwv0,-1); outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); + show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) exit_server("reply_writebraw: send_smb failed."); @@ -2886,9 +2895,12 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng CHECK_FSP(fsp,conn); CHECK_WRITE(fsp); + set_message(outbuf,6,0,True); + /* Deal with possible LARGE_WRITEX */ - if (large_writeX) + if (large_writeX) { numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16); + } if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) { END_PROFILE(SMBwriteX); @@ -2930,18 +2942,28 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng done, just a write of zero. To truncate a file, use SMBwrite. */ - if(numtowrite == 0) + if(numtowrite == 0) { nwritten = 0; - else + } else { + +#if 0 + /* Enable when AIO code is moved over. JRA. */ + + if (schedule_aio_write_and_X(conn, inbuf, outbuf, length, bufsize, + fsp,data,startpos,numtowrite)) { + END_PROFILE(SMBwriteX); + return -1; + } +#endif + nwritten = write_file(fsp,data,startpos,numtowrite); + } if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwriteX); return(UNIXERROR(ERRHRD,ERRdiskfull)); } - set_message(outbuf,6,0,True); - SSVAL(outbuf,smb_vwv2,nwritten); if (large_writeX) SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1); @@ -3375,6 +3397,7 @@ int reply_echo(connection_struct *conn, smb_setlen(outbuf,outsize - 4); + show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) exit_server("reply_echo: send_smb failed."); } @@ -5173,6 +5196,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, SSVAL(outbuf,smb_vwv6,nread); SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf)); + show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) exit_server("reply_readbmpx: send_smb failed."); @@ -5333,6 +5357,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, if (write_through && tcount==nwritten) { /* We need to send both a primary and a secondary response */ smb_setlen(outbuf,outsize - 4); + show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) exit_server("reply_writebmpx: send_smb failed."); -- cgit From 741b0a97bbf3e2f7ed3292b9508b39edb00d97c1 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 15 Jun 2005 18:37:34 +0000 Subject: r7617: Fix for bug #2801 - delete veto files was broken with the new large directory code. Jeremy. (This used to be commit f397cc08b5628913af4d7f9c2c6d20c778e5d8ca) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f97bedef9b..c9adbf8fcf 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3768,7 +3768,7 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) struct smb_Dir *dir_hnd = OpenDir(conn, directory); if(dir_hnd != NULL) { - long dirpos = TellDir(dir_hnd); + long dirpos = 0; while ((dname = ReadDirName(dir_hnd,&dirpos))) { if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) continue; @@ -3781,7 +3781,7 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) } if(all_veto_files) { - SeekDir(dir_hnd,dirpos); + RewindDir(dir_hnd); while ((dname = ReadDirName(dir_hnd,&dirpos))) { pstring fullname; -- cgit From df4f8fc1c67e9d967f712ecd18d08035469a7a49 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 15 Jun 2005 18:49:43 +0000 Subject: r7618: Typo... Jeremy. (This used to be commit 65d1365700588949fc5576c7dd525fc530a15ff4) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c9adbf8fcf..95de3a3469 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3781,7 +3781,7 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) } if(all_veto_files) { - RewindDir(dir_hnd); + RewindDir(dir_hnd,&dirpos); while ((dname = ReadDirName(dir_hnd,&dirpos))) { pstring fullname; -- cgit From e9e00ee9c2e6dad86d57a858e71caf2066070c8f Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 15 Jun 2005 19:28:14 +0000 Subject: r7620: when adding a new printer driver, we should copy the files (not move) to the W32X86/{2,3}/ directory. Printmig.exe copies the driver files for all drivers to print$/W32X86 and the calls AddPrinterDriver() for each driver. If we move the file, then adding a driver which shares a file with a previous driver will fail. I can now restore drivers in bulk to a Samba 3 server. (This used to be commit 46cd95c9b48a00a51139d3654352d4399b774a9b) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 95de3a3469..d49823bea5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4482,7 +4482,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, Copy a file as part of a reply_copy. ******************************************************************/ -static BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, +BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, int count,BOOL target_is_directory, int *err_ret) { int Access,action; -- cgit From 7e509e9b99a18495bde01a990e37de70bae35aac Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 22 Jun 2005 21:20:41 +0000 Subject: r7842: With the patch I sent Steve yesterday this gives us complete POSIX pathnames. ie. files containing : and \ can be accessed from Linux. Jeremy. (This used to be commit e9b8d23d6138d909a65ea70b2e801881e8333b38) --- source3/smbd/reply.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d49823bea5..99e0d5d9a1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -398,7 +398,9 @@ size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len } else { ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags); } - if (allow_wcard_names) { + if (lp_posix_pathnames()) { + *err = check_path_syntax_posix(dest, tmppath); + } else if (allow_wcard_names) { *err = check_path_syntax_wcard(dest, tmppath); } else { *err = check_path_syntax(dest, tmppath); @@ -1032,6 +1034,10 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size NTSTATUS nt_status; BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False; + if (lp_posix_pathnames()) { + return reply_unknown(inbuf, outbuf); + } + START_PROFILE(SMBsearch); *mask = *directory = *fname = 0; @@ -1228,6 +1234,10 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size char *p; NTSTATUS err; + if (lp_posix_pathnames()) { + return reply_unknown(inbuf, outbuf); + } + START_PROFILE(SMBfclose); outsize = set_message(outbuf,1,0,True); -- cgit From ff7e5c26733c933d0ed71616c39e2d931ad1e597 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 25 Jun 2005 03:03:44 +0000 Subject: r7893: Add in the extra parameters to opendir() to fix the large directory/insane app problem. Rev vfs version. Doesn't change the normal codepath. Jeremy. (This used to be commit 0f03a6bdcdbdf60da81e0aeffa84ac6e48fc6a04) --- source3/smbd/reply.c | 52 ++++++++++++++++++++++++---------------------------- 1 file changed, 24 insertions(+), 28 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 99e0d5d9a1..9a7c22320c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1014,9 +1014,9 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstring directory; pstring fname; SMB_OFF_T size; - int mode; + uint32 mode; time_t date; - int dirtype; + uint32 dirtype; int outsize = 0; unsigned int numentries = 0; unsigned int maxentries = 0; @@ -1115,7 +1115,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size ok = True; if (status_len == 0) { - dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid)); + dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid), mask, dirtype); if (dptr_num < 0) { if(dptr_num == -2) { END_PROFILE(SMBsearch); @@ -1124,10 +1124,6 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size END_PROFILE(SMBsearch); return ERROR_DOS(ERRDOS,ERRnofids); } - if (!dptr_set_wcard_and_attributes(dptr_num, mask, dirtype)) { - END_PROFILE(SMBsearch); - return ERROR_DOS(ERRDOS,ERRnomem); - } } else { dirtype = dptr_attr(dptr_num); } @@ -1743,10 +1739,10 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, Check if a user is allowed to delete a file. ********************************************************************/ -NTSTATUS can_delete(connection_struct *conn, char *fname, int dirtype, BOOL bad_path, BOOL check_is_at_open) +NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL bad_path, BOOL check_is_at_open) { SMB_STRUCT_STAT sbuf; - int fmode; + uint32 fmode; int smb_action; int access_mode; files_struct *fsp; @@ -1817,7 +1813,7 @@ NTSTATUS can_delete(connection_struct *conn, char *fname, int dirtype, BOOL bad_ code. ****************************************************************************/ -NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) +NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name) { pstring directory; pstring mask; @@ -1879,8 +1875,11 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) struct smb_Dir *dir_hnd = NULL; const char *dname; + if (strequal(mask,"????????.???")) + pstrcpy(mask,"*"); + if (check_name(directory,conn)) - dir_hnd = OpenDir(conn, directory); + dir_hnd = OpenDir(conn, directory, mask, dirtype); /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then the pattern matches against the long name, otherwise the short name @@ -1891,9 +1890,6 @@ NTSTATUS unlink_internals(connection_struct *conn, int dirtype, char *name) long offset = 0; error = NT_STATUS_NO_SUCH_FILE; - if (strequal(mask,"????????.???")) - pstrcpy(mask,"*"); - while ((dname = ReadDirName(dir_hnd, &offset))) { SMB_STRUCT_STAT st; pstring fname; @@ -1954,7 +1950,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size { int outsize = 0; pstring name; - int dirtype; + uint32 dirtype; NTSTATUS status; START_PROFILE(SMBunlink); @@ -3707,7 +3703,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) const char *dname = NULL; BOOL ret = False; long offset = 0; - struct smb_Dir *dir_hnd = OpenDir(conn, directory); + struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0); if(dir_hnd == NULL) return True; @@ -3775,7 +3771,7 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) */ BOOL all_veto_files = True; const char *dname; - struct smb_Dir *dir_hnd = OpenDir(conn, directory); + struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0); if(dir_hnd != NULL) { long dirpos = 0; @@ -3997,7 +3993,7 @@ static void rename_open_files(connection_struct *conn, SMB_DEV_T dev, SMB_INO_T Rename an open file - given an fsp. ****************************************************************************/ -NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char *newname, uint16 attrs, BOOL replace_if_exists) +NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char *newname, uint32 attrs, BOOL replace_if_exists) { SMB_STRUCT_STAT sbuf; BOOL bad_path = False; @@ -4111,7 +4107,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * code. ****************************************************************************/ -NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, uint16 attrs, BOOL replace_if_exists) +NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, uint32 attrs, BOOL replace_if_exists) { pstring directory; pstring mask; @@ -4333,17 +4329,17 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", const char *dname; pstring destname; + if (strequal(mask,"????????.???")) + pstrcpy(mask,"*"); + if (check_name(directory,conn)) - dir_hnd = OpenDir(conn, directory); + dir_hnd = OpenDir(conn, directory, mask, attrs); if (dir_hnd) { long offset = 0; error = NT_STATUS_NO_SUCH_FILE; /* Was error = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */ - if (strequal(mask,"????????.???")) - pstrcpy(mask,"*"); - while ((dname = ReadDirName(dir_hnd, &offset))) { pstring fname; BOOL sysdir_entry = False; @@ -4444,7 +4440,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstring name; pstring newname; char *p; - uint16 attrs = SVAL(inbuf,smb_vwv0); + uint32 attrs = SVAL(inbuf,smb_vwv0); NTSTATUS status; START_PROFILE(SMBmv); @@ -4689,16 +4685,16 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, const char *dname; pstring destname; + if (strequal(mask,"????????.???")) + pstrcpy(mask,"*"); + if (check_name(directory,conn)) - dir_hnd = OpenDir(conn, directory); + dir_hnd = OpenDir(conn, directory, mask, 0); if (dir_hnd) { long offset = 0; error = ERRbadfile; - if (strequal(mask,"????????.???")) - pstrcpy(mask,"*"); - while ((dname = ReadDirName(dir_hnd, &offset))) { pstring fname; pstrcpy(fname,dname); -- cgit From f2f55d703d0dd549a83809d3e5cc5151569b48d6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 27 Jun 2005 22:53:56 +0000 Subject: r7963: Add aio support to 3.0. Jeremy. (This used to be commit 1de27da47051af08790317f5b48b02719d6b9934) --- source3/smbd/reply.c | 7 ------- 1 file changed, 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9a7c22320c..312a3ace23 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2575,13 +2575,10 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return ERROR_DOS(ERRDOS,ERRlock); } -#if 0 - /* Enable when the AIO code is moved over. JRA. */ if (schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt)) { END_PROFILE(SMBreadX); return -1; } -#endif nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt); if (nread != -1) @@ -2952,15 +2949,11 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng nwritten = 0; } else { -#if 0 - /* Enable when AIO code is moved over. JRA. */ - if (schedule_aio_write_and_X(conn, inbuf, outbuf, length, bufsize, fsp,data,startpos,numtowrite)) { END_PROFILE(SMBwriteX); return -1; } -#endif nwritten = write_file(fsp,data,startpos,numtowrite); } -- cgit From af8a691db11a5072865f8b03fd1cbd3aab5cb6d7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 8 Jul 2005 04:51:27 +0000 Subject: r8219: Merge the new open code from HEAD to 3.0. Haven't yet run the torture tests on this as it's very late NY time (just wanted to get this work into the tree). I'll test this over the weekend.... Jerry - in looking at the difference between the two trees there seem to be some printing/ntprinting.c and registry changes we might want to examine to try keep in sync. Jeremy. (This used to be commit c7fe18761e2c753afbffd3a78abff46472a9b8eb) --- source3/smbd/reply.c | 398 +++++++++++++++++++++++++++++++++------------------ 1 file changed, 260 insertions(+), 138 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 312a3ace23..bb583fb94b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1275,20 +1275,24 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, { pstring fname; int outsize = 0; - int fmode=0; - int share_mode; + uint32 fattr=0; SMB_OFF_T size = 0; time_t mtime=0; - int rmode=0; + int info; SMB_STRUCT_STAT sbuf; BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); - uint16 dos_attr = SVAL(inbuf,smb_vwv1); + int deny_mode; + uint32 dos_attr = SVAL(inbuf,smb_vwv1); + uint32 access_mask; + uint32 share_mode; + uint32 create_disposition; + uint32 create_options = 0; NTSTATUS status; START_PROFILE(SMBopen); - share_mode = SVAL(inbuf,smb_vwv0); + deny_mode = SVAL(inbuf,smb_vwv0); srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { @@ -1304,8 +1308,20 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); } - fsp = open_file_shared(conn,fname,&sbuf,share_mode,(FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), - (uint32)dos_attr, oplock_request,&rmode,NULL); + if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN, + &access_mask, &share_mode, &create_disposition, &create_options)) { + END_PROFILE(SMBopen); + return ERROR_DOS(ERRDOS, ERRbadaccess); + } + + fsp = open_file_ntcreate(conn,fname,&sbuf, + access_mask, + share_mode, + create_disposition, + create_options, + dos_attr, + oplock_request, + &info); if (!fsp) { END_PROFILE(SMBopen); @@ -1317,10 +1333,10 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } size = sbuf.st_size; - fmode = dos_mode(conn,fname,&sbuf); + fattr = dos_mode(conn,fname,&sbuf); mtime = sbuf.st_mtime; - if (fmode & aDIR) { + if (fattr & aDIR) { DEBUG(3,("attempt to open a directory %s\n",fname)); close_file(fsp,False); END_PROFILE(SMBopen); @@ -1329,19 +1345,22 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, outsize = set_message(outbuf,7,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); - SSVAL(outbuf,smb_vwv1,fmode); - if(lp_dos_filetime_resolution(SNUM(conn)) ) + SSVAL(outbuf,smb_vwv1,fattr); + if(lp_dos_filetime_resolution(SNUM(conn)) ) { put_dos_date3(outbuf,smb_vwv2,mtime & ~1); - else + } else { put_dos_date3(outbuf,smb_vwv2,mtime); + } SIVAL(outbuf,smb_vwv4,(uint32)size); - SSVAL(outbuf,smb_vwv6,rmode); + SSVAL(outbuf,smb_vwv6,FILE_WAS_OPENED); - if (oplock_request && lp_fake_oplocks(SNUM(conn))) + if (oplock_request && lp_fake_oplocks(SNUM(conn))) { SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + } - if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) + if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + } END_PROFILE(SMBopen); return(outsize); } @@ -1353,21 +1372,22 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { pstring fname; - int smb_mode = SVAL(inbuf,smb_vwv3); - int smb_attr = SVAL(inbuf,smb_vwv5); + uint16 open_flags = SVAL(inbuf,smb_vwv2); + int deny_mode = SVAL(inbuf,smb_vwv3); + uint32 smb_attr = SVAL(inbuf,smb_vwv5); /* Breakout the oplock request bits so we can set the reply bits separately. */ BOOL ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf); BOOL core_oplock_request = CORE_OPLOCK_REQUEST(inbuf); BOOL oplock_request = ex_oplock_request | core_oplock_request; #if 0 - int open_flags = SVAL(inbuf,smb_vwv2); int smb_sattr = SVAL(inbuf,smb_vwv4); uint32 smb_time = make_unix_date3(inbuf+smb_vwv6); #endif int smb_ofun = SVAL(inbuf,smb_vwv8); SMB_OFF_T size=0; - int fmode=0,mtime=0,rmode=0; + uint32 fattr=0; + int mtime=0; SMB_STRUCT_STAT sbuf; int smb_action = 0; BOOL bad_path = False; @@ -1375,6 +1395,10 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt NTSTATUS status; SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv9); ssize_t retval = -1; + uint32 access_mask; + uint32 share_mode; + uint32 create_disposition; + uint32 create_options = 0; START_PROFILE(SMBopenX); @@ -1404,18 +1428,23 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); } - /* Strange open mode mapping. */ - if (smb_ofun == 0) { - if (GET_OPEN_MODE(smb_mode) == DOS_OPEN_EXEC) { - smb_ofun = FILE_EXISTS_FAIL | FILE_CREATE_IF_NOT_EXIST; - } else { - END_PROFILE(SMBopenX); - return ERROR_FORCE_DOS(ERRDOS, ERRbadaccess); - } + if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun, + &access_mask, + &share_mode, + &create_disposition, + &create_options)) { + END_PROFILE(SMBopenX); + return ERROR_DOS(ERRDOS, ERRbadaccess); } - fsp = open_file_shared(conn,fname,&sbuf,smb_mode,smb_ofun,(uint32)smb_attr, - oplock_request, &rmode,&smb_action); + fsp = open_file_ntcreate(conn,fname,&sbuf, + access_mask, + share_mode, + create_disposition, + create_options, + smb_attr, + oplock_request, + &smb_action); if (!fsp) { END_PROFILE(SMBopenX); @@ -1446,9 +1475,9 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt size = get_allocation_size(conn,fsp,&sbuf); } - fmode = dos_mode(conn,fname,&sbuf); + fattr = dos_mode(conn,fname,&sbuf); mtime = sbuf.st_mtime; - if (fmode & aDIR) { + if (fattr & aDIR) { close_file(fsp,False); END_PROFILE(SMBopenX); return ERROR_DOS(ERRDOS,ERRnoaccess); @@ -1459,34 +1488,47 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt correct bit for extended oplock reply. */ - if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) + if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) { smb_action |= EXTENDED_OPLOCK_GRANTED; + } - if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) + if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { smb_action |= EXTENDED_OPLOCK_GRANTED; + } /* If the caller set the core oplock request bit and we granted one (by whatever means) - set the correct bit for core oplock reply. */ - if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) + if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) { SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + } - if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) + if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + } - set_message(outbuf,15,0,True); + if (open_flags & EXTENDED_RESPONSE_REQUIRED) { + set_message(outbuf,19,0,True); + } else { + set_message(outbuf,15,0,True); + } SSVAL(outbuf,smb_vwv2,fsp->fnum); - SSVAL(outbuf,smb_vwv3,fmode); - if(lp_dos_filetime_resolution(SNUM(conn)) ) + SSVAL(outbuf,smb_vwv3,fattr); + if(lp_dos_filetime_resolution(SNUM(conn)) ) { put_dos_date3(outbuf,smb_vwv4,mtime & ~1); - else + } else { put_dos_date3(outbuf,smb_vwv4,mtime); + } SIVAL(outbuf,smb_vwv6,(uint32)size); - SSVAL(outbuf,smb_vwv8,rmode); + SSVAL(outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode)); SSVAL(outbuf,smb_vwv11,smb_action); + if (open_flags & EXTENDED_RESPONSE_REQUIRED) { + SIVAL(outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS); + } + END_PROFILE(SMBopenX); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -1528,18 +1570,21 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstring fname; int com; int outsize = 0; - int createmode; - int ofun = 0; + uint32 fattr = SVAL(inbuf,smb_vwv0); BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); SMB_STRUCT_STAT sbuf; NTSTATUS status; + uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE; + uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE; + uint32 create_disposition; + uint32 create_options = 0; + START_PROFILE(SMBcreate); com = SVAL(inbuf,smb_com); - createmode = SVAL(inbuf,smb_vwv0); srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); @@ -1554,20 +1599,27 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); } - if (createmode & aVOLID) + if (fattr & aVOLID) { DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname)); - + } + if(com == SMBmknew) { /* We should fail if file exists. */ - ofun = FILE_CREATE_IF_NOT_EXIST; + create_disposition = FILE_CREATE; } else { - /* SMBcreate - Create if file doesn't exist, truncate if it does. */ - ofun = FILE_CREATE_IF_NOT_EXIST|FILE_EXISTS_TRUNCATE; - } - - /* Open file in dos compatibility share mode. */ - fsp = open_file_shared(conn,fname,&sbuf,SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), - ofun, (uint32)createmode, oplock_request, NULL, NULL); + /* Create if file doesn't exist, truncate if it does. */ + create_disposition = FILE_OPEN_IF; + } + + /* Open file using ntcreate. */ + fsp = open_file_ntcreate(conn,fname,&sbuf, + access_mask, + share_mode, + create_disposition, + create_options, + fattr, + oplock_request, + NULL); if (!fsp) { END_PROFILE(SMBcreate); @@ -1581,14 +1633,16 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); - if (oplock_request && lp_fake_oplocks(SNUM(conn))) + if (oplock_request && lp_fake_oplocks(SNUM(conn))) { SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + } - if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) + if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + } - DEBUG( 2, ( "new file %s\n", fname ) ); - DEBUG( 3, ( "mknew %s fd=%d dmode=%d\n", fname, fsp->fd, createmode ) ); + DEBUG( 2, ( "reply_mknew: file %s\n", fname ) ); + DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n", fname, fsp->fh->fd, (unsigned int)fattr ) ); END_PROFILE(SMBcreate); return(outsize); @@ -1602,7 +1656,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, { pstring fname; int outsize = 0; - int createattr; + uint32 fattr = SVAL(inbuf,smb_vwv0); BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); @@ -1614,7 +1668,6 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBctemp); - createattr = SVAL(inbuf,smb_vwv0); srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status, False); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBctemp); @@ -1642,12 +1695,15 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SMB_VFS_STAT(conn,fname,&sbuf); - /* Open file in dos compatibility share mode. */ /* We should fail if file does not exist. */ - fsp = open_file_shared(conn,fname,&sbuf, - SET_DENY_MODE(DENY_FCB)|SET_OPEN_MODE(DOS_OPEN_FCB), - FILE_EXISTS_OPEN|FILE_FAIL_IF_NOT_EXIST, - (uint32)createattr, oplock_request, NULL, NULL); + fsp = open_file_ntcreate(conn,fname,&sbuf, + FILE_GENERIC_READ | FILE_GENERIC_WRITE, + FILE_SHARE_READ|FILE_SHARE_WRITE, + FILE_OPEN, + 0, + fattr, + oplock_request, + NULL); /* close fd from smb_mkstemp() */ close(tmpfd); @@ -1666,10 +1722,11 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, /* the returned filename is relative to the directory */ s = strrchr_m(fname, '/'); - if (!s) + if (!s) { s = fname; - else + } else { s++; + } p = smb_buf(outbuf); #if 0 @@ -1681,15 +1738,17 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, p += namelen; outsize = set_message_end(outbuf, p); - if (oplock_request && lp_fake_oplocks(SNUM(conn))) + if (oplock_request && lp_fake_oplocks(SNUM(conn))) { SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + } - if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) + if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + } - DEBUG( 2, ( "created temp file %s\n", fname ) ); - DEBUG( 3, ( "ctemp %s fd=%d umode=%o\n", - fname, fsp->fd, sbuf.st_mode ) ); + DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) ); + DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fname, fsp->fh->fd, + (unsigned int)sbuf.st_mode ) ); END_PROFILE(SMBctemp); return(outsize); @@ -1701,26 +1760,33 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst) { - int smb_action; - int access_mode; files_struct *fsp; - uint16 fmode; + uint32 fmode; - if (!CAN_WRITE(conn)) + if (!CAN_WRITE(conn)) { return NT_STATUS_MEDIA_WRITE_PROTECTED; + } fmode = dos_mode(conn,fname,pst); - if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) + if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) { return NT_STATUS_NO_SUCH_FILE; + } - if (S_ISDIR(pst->st_mode)) + if (S_ISDIR(pst->st_mode)) { return NT_STATUS_OK; + } /* We need a better way to return NT status codes from open... */ set_saved_error_triple(0, 0, NT_STATUS_OK); - fsp = open_file_shared1(conn, fname, pst, DELETE_ACCESS, SET_DENY_MODE(DENY_ALL), - (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), FILE_ATTRIBUTE_NORMAL, 0, &access_mode, &smb_action); + fsp = open_file_ntcreate(conn, fname, pst, + DELETE_ACCESS, + FILE_SHARE_READ|FILE_SHARE_WRITE, + FILE_OPEN, + 0, + FILE_ATTRIBUTE_NORMAL, + 0, + NULL); if (!fsp) { NTSTATUS ret; @@ -1742,43 +1808,46 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL bad_path, BOOL check_is_at_open) { SMB_STRUCT_STAT sbuf; - uint32 fmode; - int smb_action; - int access_mode; + uint32 fattr; files_struct *fsp; - DEBUG(10,("can_delete: %s, dirtype = %d\n", - fname, dirtype )); + DEBUG(10,("can_delete: %s, dirtype = %d\n", fname, dirtype )); - if (!CAN_WRITE(conn)) + if (!CAN_WRITE(conn)) { return NT_STATUS_MEDIA_WRITE_PROTECTED; + } if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) { if(errno == ENOENT) { - if (bad_path) + if (bad_path) { return NT_STATUS_OBJECT_PATH_NOT_FOUND; - else + } else { return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } } return map_nt_error_from_unix(errno); } - fmode = dos_mode(conn,fname,&sbuf); + fattr = dos_mode(conn,fname,&sbuf); /* Can't delete a directory. */ - if (fmode & aDIR) + if (fattr & aDIR) { return NT_STATUS_FILE_IS_A_DIRECTORY; + } + #if 0 /* JRATEST */ else if (dirtype & aDIR) /* Asked for a directory and it isn't. */ return NT_STATUS_OBJECT_NAME_INVALID; #endif /* JRATEST */ if (!lp_delete_readonly(SNUM(conn))) { - if (fmode & aRONLY) + if (fattr & aRONLY) { return NT_STATUS_CANNOT_DELETE; + } } - if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) + if ((fattr & ~dirtype) & (aHIDDEN | aSYSTEM)) { return NT_STATUS_NO_SUCH_FILE; + } if (check_is_at_open) { if (!can_delete_file_in_directory(conn, fname)) { @@ -1791,8 +1860,14 @@ NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL b /* We need a better way to return NT status codes from open... */ set_saved_error_triple(0, 0, NT_STATUS_OK); - fsp = open_file_shared1(conn, fname, &sbuf, DELETE_ACCESS, SET_DENY_MODE(DENY_ALL), - (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN), FILE_ATTRIBUTE_NORMAL, 0, &access_mode, &smb_action); + fsp = open_file_ntcreate(conn, fname, &sbuf, + DELETE_ACCESS, + FILE_SHARE_NONE, + FILE_OPEN, + 0, + FILE_ATTRIBUTE_NORMAL, + 0, + NULL); if (!fsp) { NTSTATUS ret; @@ -2058,7 +2133,7 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st header.length = 4; header.free = NULL; - if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, nread) == -1) { + if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, nread) == -1) { /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ if (errno == ENOSYS) { goto normal_readbraw; @@ -2205,7 +2280,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s SMB_STRUCT_STAT st; SMB_OFF_T size = 0; - if (SMB_VFS_FSTAT(fsp,fsp->fd,&st) == 0) { + if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) { size = st.st_size; } @@ -2251,7 +2326,9 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length START_PROFILE(SMBlockread); CHECK_FSP(fsp,conn); - CHECK_READ(fsp); + if (!CHECK_READ(fsp,inbuf)) { + return(ERROR_DOS(ERRDOS,ERRbadaccess)); + } release_level_2_oplocks_on_change(fsp); @@ -2345,7 +2422,9 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int START_PROFILE(SMBread); CHECK_FSP(fsp,conn); - CHECK_READ(fsp); + if (!CHECK_READ(fsp,inbuf)) { + return(ERROR_DOS(ERRDOS,ERRbadaccess)); + } numtoread = SVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); @@ -2413,7 +2492,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length SMB_STRUCT_STAT sbuf; DATA_BLOB header; - if(SMB_VFS_FSTAT(fsp,fsp->fd, &sbuf) == -1) + if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) return(UNIXERROR(ERRDOS,ERRnoaccess)); if (startpos > sbuf.st_size) @@ -2442,7 +2521,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length header.length = data - outbuf; header.free = NULL; - if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fd, &header, startpos, smb_maxcnt)) == -1) { + if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) { /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ if (errno == ENOSYS) { goto normal_read; @@ -2530,7 +2609,9 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } CHECK_FSP(fsp,conn); - CHECK_READ(fsp); + if (!CHECK_READ(fsp,inbuf)) { + return(ERROR_DOS(ERRDOS,ERRbadaccess)); + } set_message(outbuf,12,0,True); @@ -2610,7 +2691,9 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, } CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); + if (!CHECK_WRITE(fsp)) { + return(ERROR_DOS(ERRDOS,ERRbadaccess)); + } tcount = IVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); @@ -2744,7 +2827,9 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, START_PROFILE(SMBwriteunlock); CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); + if (!CHECK_WRITE(fsp)) { + return(ERROR_DOS(ERRDOS,ERRbadaccess)); + } numtowrite = SVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); @@ -2758,10 +2843,11 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, /* The special X/Open SMB protocol handling of zero length writes is *NOT* done for this call */ - if(numtowrite == 0) + if(numtowrite == 0) { nwritten = 0; - else + } else { nwritten = write_file(fsp,data,startpos,numtowrite); + } if (lp_syncalways(SNUM(conn))) sync_file(conn,fsp); @@ -2815,7 +2901,9 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d } CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); + if (!CHECK_WRITE(fsp)) { + return(ERROR_DOS(ERRDOS,ERRbadaccess)); + } numtowrite = SVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); @@ -2896,7 +2984,9 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng } CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); + if (!CHECK_WRITE(fsp)) { + return(ERROR_DOS(ERRDOS,ERRbadaccess)); + } set_message(outbuf,6,0,True); @@ -3010,7 +3100,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int break; case 1: umode = SEEK_CUR; - res = fsp->pos + startpos; + res = fsp->fh->pos + startpos; break; case 2: umode = SEEK_END; @@ -3022,19 +3112,19 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int } if (umode == SEEK_END) { - if((res = SMB_VFS_LSEEK(fsp,fsp->fd,startpos,umode)) == -1) { + if((res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,startpos,umode)) == -1) { if(errno == EINVAL) { SMB_OFF_T current_pos = startpos; SMB_STRUCT_STAT sbuf; - if(SMB_VFS_FSTAT(fsp,fsp->fd, &sbuf) == -1) { + if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) { END_PROFILE(SMBlseek); return(UNIXERROR(ERRDOS,ERRnoaccess)); } current_pos += sbuf.st_size; if(current_pos < 0) - res = SMB_VFS_LSEEK(fsp,fsp->fd,0,SEEK_SET); + res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,0,SEEK_SET); } } @@ -3044,7 +3134,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int } } - fsp->pos = res; + fsp->fh->pos = res; outsize = set_message(outbuf,2,0,True); SIVAL(outbuf,smb_vwv0,res); @@ -3150,7 +3240,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, pstrcpy( file_name, fsp->fsp_name); DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n", - fsp->fd, fsp->fnum, + fsp->fh->fd, fsp->fnum, conn->num_files_open)); /* @@ -3201,7 +3291,9 @@ int reply_writeclose(connection_struct *conn, START_PROFILE(SMBwriteclose); CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); + if (!CHECK_WRITE(fsp)) { + return(ERROR_DOS(ERRDOS,ERRbadaccess)); + } numtowrite = SVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); @@ -3276,7 +3368,7 @@ int reply_lock(connection_struct *conn, offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", - fsp->fd, fsp->fnum, (double)offset, (double)count)); + fsp->fh->fd, fsp->fnum, (double)offset, (double)count)); status = do_lock_spin(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK, &my_lock_ctx); if (NT_STATUS_V(status)) { @@ -3327,7 +3419,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, } DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n", - fsp->fd, fsp->fnum, (double)offset, (double)count ) ); + fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) ); END_PROFILE(SMBunlock); return(outsize); @@ -3437,7 +3529,7 @@ int reply_printopen(connection_struct *conn, SSVAL(outbuf,smb_vwv0,fsp->fnum); DEBUG(3,("openprint fd=%d fnum=%d\n", - fsp->fd, fsp->fnum)); + fsp->fh->fd, fsp->fnum)); END_PROFILE(SMBsplopen); return(outsize); @@ -3463,7 +3555,7 @@ int reply_printclose(connection_struct *conn, } DEBUG(3,("printclose fd=%d fnum=%d\n", - fsp->fd,fsp->fnum)); + fsp->fh->fd,fsp->fnum)); close_err = close_file(fsp,True); @@ -3567,7 +3659,9 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ } CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); + if (!CHECK_WRITE(fsp)) { + return(ERROR_DOS(ERRDOS,ERRbadaccess)); + } numtowrite = SVAL(smb_buf(inbuf),1); data = smb_buf(inbuf) + 3; @@ -4484,45 +4578,66 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, int count,BOOL target_is_directory, int *err_ret) { - int Access,action; SMB_STRUCT_STAT src_sbuf, sbuf2; SMB_OFF_T ret=-1; files_struct *fsp1,*fsp2; pstring dest; uint32 dosattrs; + uint32 new_create_disposition; *err_ret = 0; pstrcpy(dest,dest1); if (target_is_directory) { char *p = strrchr_m(src,'/'); - if (p) + if (p) { p++; - else + } else { p = src; + } pstrcat(dest,"/"); pstrcat(dest,p); } - if (!vfs_file_exist(conn,src,&src_sbuf)) + if (!vfs_file_exist(conn,src,&src_sbuf)) { return(False); + } + + if (!target_is_directory && count) { + new_create_disposition = FILE_OPEN; + } else { + if (!map_open_params_to_ntcreate(dest1,0,ofun, + NULL, NULL, &new_create_disposition, NULL)) { + return(False); + } + } - fsp1 = open_file_shared(conn,src,&src_sbuf,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_RDONLY), - (FILE_FAIL_IF_NOT_EXIST|FILE_EXISTS_OPEN),FILE_ATTRIBUTE_NORMAL,INTERNAL_OPEN_ONLY, - &Access,&action); + fsp1 = open_file_ntcreate(conn,src,&src_sbuf, + FILE_GENERIC_READ, + FILE_SHARE_READ|FILE_SHARE_WRITE, + FILE_OPEN, + 0, + FILE_ATTRIBUTE_NORMAL, + INTERNAL_OPEN_ONLY, + NULL); - if (!fsp1) + if (!fsp1) { return(False); - - if (!target_is_directory && count) - ofun = FILE_EXISTS_OPEN; + } dosattrs = dos_mode(conn, src, &src_sbuf); - if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) + if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) { ZERO_STRUCTP(&sbuf2); + } - fsp2 = open_file_shared(conn,dest,&sbuf2,SET_DENY_MODE(DENY_NONE)|SET_OPEN_MODE(DOS_OPEN_WRONLY), - ofun,dosattrs,INTERNAL_OPEN_ONLY,&Access,&action); + fsp2 = open_file_ntcreate(conn,dest,&sbuf2, + FILE_GENERIC_WRITE, + FILE_SHARE_READ|FILE_SHARE_WRITE, + new_create_disposition, + 0, + dosattrs, + INTERNAL_OPEN_ONLY, + NULL); if (!fsp2) { close_file(fsp1,False); @@ -4530,7 +4645,7 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if ((ofun&3) == 1) { - if(SMB_VFS_LSEEK(fsp2,fsp2->fd,0,SEEK_END) == -1) { + if(SMB_VFS_LSEEK(fsp2,fsp2->fh->fd,0,SEEK_END) == -1) { DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) )); /* * Stop the copy from occurring. @@ -4540,8 +4655,9 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } } - if (src_sbuf.st_size) + if (src_sbuf.st_size) { ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size); + } close_file(fsp1,False); @@ -4955,7 +5071,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, /* we don't support these - and CANCEL_LOCK makes w2k and XP reboot so I don't really want to be compatible! (tridge) */ - return ERROR_NT(NT_STATUS_UNSUCCESSFUL); + return ERROR_DOS(ERRDOS, ERRnoatomiclocks); } if (locktype & LOCKING_ANDX_CANCEL_LOCK) { @@ -5158,7 +5274,9 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, outsize = set_message(outbuf,8,0,True); CHECK_FSP(fsp,conn); - CHECK_READ(fsp); + if (!CHECK_READ(fsp,inbuf)) { + return(ERROR_DOS(ERRDOS,ERRbadaccess)); + } startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1); maxcount = SVAL(inbuf,smb_vwv3); @@ -5286,7 +5404,9 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, START_PROFILE(SMBwriteBmpx); CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); + if (!CHECK_WRITE(fsp)) { + return(ERROR_DOS(ERRDOS,ERRbadaccess)); + } if (HAS_CACHED_ERROR(fsp)) { return(CACHED_ERROR(fsp)); } @@ -5390,7 +5510,9 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz START_PROFILE(SMBwriteBs); CHECK_FSP(fsp,conn); - CHECK_WRITE(fsp); + if (!CHECK_WRITE(fsp)) { + return(ERROR_DOS(ERRDOS,ERRbadaccess)); + } tcount = SVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); -- cgit From a5b39d1f74cd1b9271fed6017cb0708320339a14 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sun, 10 Jul 2005 16:37:32 +0000 Subject: r8290: Fix for bug in SMBwriteBraw where we incorrectly returned the number of bytes written. Patch from Marcel Müller . Jeremy. (This used to be commit 81e7a4a2cfd2d4764d757702f17635e5007e59de) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bb583fb94b..5e8c0ef296 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2751,7 +2751,6 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, /* Set up outbuf to return the correct return */ outsize = set_message(outbuf,1,0,True); SCVAL(outbuf,smb_com,SMBwritec); - SSVAL(outbuf,smb_vwv0,total_written); if (numtowrite != 0) { @@ -2783,6 +2782,8 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, total_written += nwritten; } + SSVAL(outbuf,smb_vwv0,total_written); + if ((lp_syncalways(SNUM(conn)) || write_through) && lp_strict_sync(SNUM(conn))) sync_file(conn,fsp); -- cgit From 0d8ef1cec4134521dc507bd27f256ed93084818c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 14 Jul 2005 08:51:48 +0000 Subject: r8457: Fix from Marcel Müller to ensure we correctly set the return packet size to include the pad bytes in reply_readbmpx(). Jeremy. (This used to be commit 3070ec288c64880485ed159d512e91346f5d1b4e) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5e8c0ef296..4ce93222f7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5308,7 +5308,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, if (nread < (ssize_t)N) tcount = total_read + nread; - set_message(outbuf,8,nread,False); + set_message(outbuf,8,nread+pad,False); SIVAL(outbuf,smb_vwv0,startpos); SSVAL(outbuf,smb_vwv2,tcount); SSVAL(outbuf,smb_vwv6,nread); -- cgit From 01822a7e054ed83fa4961498f530ede615ac7c24 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 18 Jul 2005 22:32:35 +0000 Subject: r8556: Fix bug #2878 - Norton commander not running on OS/2 client - we were not correctly returning the requested open mode. Thanks to alex@infobit.ru for reporting this. Jeremy. (This used to be commit 7ff7211b808e708c00a3b0f57be8d1af3c632bd7) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4ce93222f7..770e15f276 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1352,7 +1352,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, put_dos_date3(outbuf,smb_vwv2,mtime); } SIVAL(outbuf,smb_vwv4,(uint32)size); - SSVAL(outbuf,smb_vwv6,FILE_WAS_OPENED); + SSVAL(outbuf,smb_vwv6,GET_OPENX_MODE(deny_mode)); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); -- cgit From 87801bc387e60d8cac74a6fb59af30bfdcc7850d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 19 Jul 2005 17:38:38 +0000 Subject: r8609: Fix for bugid #2889. I think the problem is that the top 16 bits of the "server state" field must be non-zero. As we're using the 32 bit field as an offset then normally this field will be zero. W2K3 fills this field with a counter enumerating the number of SMBsearch calls on this directory - starting at 1. Add back the 1<<31 bit flag DPTR_MASK to ensure this is non-zero - with better checks on use. Jeremy. (This used to be commit 6415657942c49ea51d4e4f4ee2189c7d70b9c5fa) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 770e15f276..e96c3dc01f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1156,7 +1156,9 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size memcpy(p,status,21); make_dir_struct(p,mask,fname,size, mode,date, !allow_long_path_components); - dptr_fill(p+12,dptr_num); + if (!dptr_fill(p+12,dptr_num)) { + break; + } numentries++; p += DIR_STRUCT_SIZE; } -- cgit From 93954d6390370331731bda5fcf251dc0a796c744 Mon Sep 17 00:00:00 2001 From: James Peach Date: Sat, 3 Sep 2005 07:19:28 +0000 Subject: r9985: Move the all the strict sync logic into file_sync(). (This used to be commit cc680bbe22b8bfc5a1900f11c2cbaeca3a9f9922) --- source3/smbd/reply.c | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e96c3dc01f..9050006653 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2786,8 +2786,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, SSVAL(outbuf,smb_vwv0,total_written); - if ((lp_syncalways(SNUM(conn)) || write_through) && lp_strict_sync(SNUM(conn))) - sync_file(conn,fsp); + sync_file(conn, fsp, write_through); DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n", fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written)); @@ -2852,8 +2851,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, nwritten = write_file(fsp,data,startpos,numtowrite); } - if (lp_syncalways(SNUM(conn))) - sync_file(conn,fsp); + sync_file(conn, fsp, False /* write through */); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwriteunlock); @@ -2940,8 +2938,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d } else nwritten = write_file(fsp,data,startpos,numtowrite); - if (lp_syncalways(SNUM(conn))) - sync_file(conn,fsp); + sync_file(conn, fsp, False); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwrite); @@ -3068,8 +3065,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten)); - if (lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); + sync_file(conn, fsp, write_through); END_PROFILE(SMBwriteX); return chain_reply(inbuf,outbuf,length,bufsize); @@ -3166,7 +3162,7 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int if (!fsp) { file_sync_all(conn); } else { - sync_file(conn,fsp); + sync_file(conn,fsp, True); } DEBUG(3,("flush\n")); @@ -5433,8 +5429,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, nwritten = write_file(fsp,data,startpos,numtowrite); - if(lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); + sync_file(conn, fsp, write_through); if(nwritten < (ssize_t)numtowrite) { END_PROFILE(SMBwriteBmpx); @@ -5546,8 +5541,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz nwritten = write_file(fsp,data,startpos,numtowrite); - if(lp_syncalways(SNUM(conn)) || write_through) - sync_file(conn,fsp); + sync_file(conn, fsp, write_through); if (nwritten < (ssize_t)numtowrite) { if(write_through) { -- cgit From d99d15446acfc926a2375af6d681420781feffcb Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 10 Sep 2005 00:47:31 +0000 Subject: r10136: Fix for bug #3060 from Leo Weppelman . Ensure SMBcreate truncates the file if it exists. Jeremy. (This used to be commit 9014b0ddcbd87c98613f06033718e4091e3be21c) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9050006653..2d9a31032b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1610,7 +1610,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, create_disposition = FILE_CREATE; } else { /* Create if file doesn't exist, truncate if it does. */ - create_disposition = FILE_OPEN_IF; + create_disposition = FILE_OVERWRITE_IF; } /* Open file using ntcreate. */ -- cgit From a757c6d57fc5f24951ee00070f9b9471244cef05 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 27 Sep 2005 17:42:11 +0000 Subject: r10551: We need to check if the source path is a parent directory of the destination (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must refuse the rename with a sharing violation. Under UNIX the above call can *succeed* if /foo/bar/baz is a symlink to another area in the share. We probably need to check that the client is a Windows one before disallowing this as a UNIX client (one with UNIX extensions) can know the source is a symlink and make this decision intelligently. Found by an excellent bug report from . Jeremy. (This used to be commit fc311adc7964feef5bac85096727f54922d1186c) --- source3/smbd/reply.c | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2d9a31032b..5572f47e42 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4075,6 +4075,35 @@ static void rename_open_files(connection_struct *conn, SMB_DEV_T dev, SMB_INO_T (unsigned int)dev, (double)inode, newname )); } +/**************************************************************************** + We need to check if the source path is a parent directory of the destination + (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must + refuse the rename with a sharing violation. Under UNIX the above call can + *succeed* if /foo/bar/baz is a symlink to another area in the share. We + probably need to check that the client is a Windows one before disallowing + this as a UNIX client (one with UNIX extensions) can know the source is a + symlink and make this decision intelligently. Found by an excellent bug + report from . +****************************************************************************/ + +static BOOL rename_path_prefix_equal(const char *src, const char *dest) +{ + const char *psrc = src; + const char *pdst = dest; + size_t slen; + + if (psrc[0] == '.' && psrc[1] == '/') { + psrc += 2; + } + if (pdst[0] == '.' && pdst[1] == '/') { + pdst += 2; + } + if ((slen = strlen(psrc)) > strlen(pdst)) { + return False; + } + return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/'); +} + /**************************************************************************** Rename an open file - given an fsp. ****************************************************************************/ @@ -4170,6 +4199,10 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * return error; } + if (rename_path_prefix_equal(fsp->fsp_name, newname)) { + return NT_STATUS_ACCESS_DENIED; + } + if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) { DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n", fsp->fsp_name,newname)); @@ -4391,6 +4424,10 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", return NT_STATUS_OBJECT_NAME_COLLISION; } + if (rename_path_prefix_equal(directory, newname)) { + return NT_STATUS_SHARING_VIOLATION; + } + if(SMB_VFS_RENAME(conn,directory, newname) == 0) { DEBUG(3,("rename_internals: succeeded doing rename on %s -> %s\n", directory,newname)); @@ -4489,6 +4526,10 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", continue; } + if (rename_path_prefix_equal(fname, destname)) { + return NT_STATUS_SHARING_VIOLATION; + } + if (!SMB_VFS_RENAME(conn,fname,destname)) { rename_open_files(conn, sbuf1.st_dev, sbuf1.st_ino, newname); count++; -- cgit From 54abd2aa66069e6baf7769c496f46d9dba18db39 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 30 Sep 2005 17:13:37 +0000 Subject: r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3) --- source3/smbd/reply.c | 133 +++++++++++++++++++++++++++++---------------------- 1 file changed, 77 insertions(+), 56 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5572f47e42..ba22a56cfb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -30,7 +30,6 @@ extern enum protocol_types Protocol; extern int max_send; extern int max_recv; -extern int global_oplock_break; unsigned int smb_echo_count = 0; extern uint32 global_client_caps; @@ -1779,7 +1778,7 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, } /* We need a better way to return NT status codes from open... */ - set_saved_error_triple(0, 0, NT_STATUS_OK); + set_saved_ntstatus(NT_STATUS_OK); fsp = open_file_ntcreate(conn, fname, pst, DELETE_ACCESS, @@ -1791,12 +1790,12 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, NULL); if (!fsp) { - NTSTATUS ret; - if (get_saved_error_triple(NULL, NULL, &ret)) { - set_saved_error_triple(0, 0, NT_STATUS_OK); + NTSTATUS ret = get_saved_ntstatus(); + if (!NT_STATUS_IS_OK(ret)) { + set_saved_ntstatus(NT_STATUS_OK); return ret; } - set_saved_error_triple(0, 0, NT_STATUS_OK); + set_saved_ntstatus(NT_STATUS_OK); return NT_STATUS_ACCESS_DENIED; } close_file(fsp,False); @@ -1860,7 +1859,7 @@ NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL b don't do it here as we'll get it wrong. */ /* We need a better way to return NT status codes from open... */ - set_saved_error_triple(0, 0, NT_STATUS_OK); + set_saved_ntstatus(NT_STATUS_OK); fsp = open_file_ntcreate(conn, fname, &sbuf, DELETE_ACCESS, @@ -1872,12 +1871,12 @@ NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL b NULL); if (!fsp) { - NTSTATUS ret; - if (get_saved_error_triple(NULL, NULL, &ret)) { - set_saved_error_triple(0, 0, NT_STATUS_OK); + NTSTATUS ret = get_saved_ntstatus(); + if (!NT_STATUS_IS_OK(ret)) { + set_saved_ntstatus(NT_STATUS_OK); return ret; } - set_saved_error_triple(0, 0, NT_STATUS_OK); + set_saved_ntstatus(NT_STATUS_OK); return NT_STATUS_ACCESS_DENIED; } close_file(fsp,False); @@ -2209,15 +2208,6 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s * return a zero length response here. */ - if(global_oplock_break) { - _smb_setlen(header,0); - if (write_data(smbd_server_fd(),header,4) != 4) - fail_readraw(); - DEBUG(5,("readbraw - oplock break finished\n")); - END_PROFILE(SMBreadbraw); - return -1; - } - fsp = file_fsp(inbuf,smb_vwv0); if (!FNUM_OK(fsp,conn) || !fsp->can_read) { @@ -2298,8 +2288,8 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s nread = 0; #endif - DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%d min=%d nread=%d\n", fsp->fnum, (double)startpos, - (int)maxcount, (int)mincount, (int)nread ) ); + DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%lu min=%lu nread=%lu\n", fsp->fnum, (double)startpos, + (unsigned long)maxcount, (unsigned long)mincount, (unsigned long)nread ) ); send_file_readbraw(conn, fsp, startpos, nread, mincount, outbuf, out_buffsize); @@ -3744,7 +3734,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if( is_ntfs_stream_name(directory)) { DEBUG(5,("reply_mkdir: failing create on filename %s with colon in name\n", directory)); END_PROFILE(SMBmkdir); - return ERROR_FORCE_DOS(ERRDOS, ERRinvalidname); + return ERROR_NT(NT_STATUS_NOT_A_DIRECTORY); } status = mkdir_internal(conn, directory,bad_path); @@ -5084,7 +5074,8 @@ SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_forma Reply to a lockingX request. ****************************************************************************/ -int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) +int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, + int length, int bufsize) { files_struct *fsp = file_fsp(inbuf,smb_vwv2); unsigned char locktype = CVAL(inbuf,smb_vwv3); @@ -5096,7 +5087,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, int32 lock_timeout = IVAL(inbuf,smb_vwv4); int i; char *data; - BOOL large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; + BOOL large_file_format = + (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; BOOL err; BOOL my_lock_ctx = False; NTSTATUS status; @@ -5125,19 +5117,25 @@ int reply_lockingX(connection_struct *conn, char *inbuf,char *outbuf,int length, if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) { /* Client can insist on breaking to none. */ BOOL break_to_none = (oplocklevel == 0); - - DEBUG(5,("reply_lockingX: oplock break reply (%u) from client for fnum = %d\n", - (unsigned int)oplocklevel, fsp->fnum )); + BOOL result; + + DEBUG(5,("reply_lockingX: oplock break reply (%u) from client " + "for fnum = %d\n", (unsigned int)oplocklevel, + fsp->fnum )); /* - * Make sure we have granted an exclusive or batch oplock on this file. + * Make sure we have granted an exclusive or batch oplock on + * this file. */ - if(!EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { - DEBUG(0,("reply_lockingX: Error : oplock break from client for fnum = %d and \ -no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); - - /* if this is a pure oplock break request then don't send a reply */ + if (fsp->oplock_type == 0) { + DEBUG(0,("reply_lockingX: Error : oplock break from " + "client for fnum = %d (oplock=%d) and no " + "oplock granted on this file (%s).\n", + fsp->fnum, fsp->oplock_type, fsp->fsp_name)); + + /* if this is a pure oplock break request then don't + * send a reply */ if (num_locks == 0 && num_ulocks == 0) { END_PROFILE(SMBlockingX); return -1; @@ -5147,17 +5145,30 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); } } - if (remove_oplock(fsp, break_to_none) == False) { - DEBUG(0,("reply_lockingX: error in removing oplock on file %s\n", - fsp->fsp_name )); + if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) || + (break_to_none)) { + result = remove_oplock(fsp); + } else { + result = downgrade_oplock(fsp); } - /* if this is a pure oplock break request then don't send a reply */ + if (!result) { + DEBUG(0, ("reply_lockingX: error in removing " + "oplock on file %s\n", fsp->fsp_name)); + /* Hmmm. Is this panic justified? */ + smb_panic("internal tdb error"); + } + + reply_to_oplock_break_requests(fsp); + + /* if this is a pure oplock break request then don't send a + * reply */ if (num_locks == 0 && num_ulocks == 0) { /* Sanity check - ensure a pure oplock break is not a chained request. */ if(CVAL(inbuf,smb_vwv0) != 0xff) - DEBUG(0,("reply_lockingX: Error : pure oplock break is a chained %d request !\n", + DEBUG(0,("reply_lockingX: Error : pure oplock " + "break is a chained %d request !\n", (unsigned int)CVAL(inbuf,smb_vwv0) )); END_PROFILE(SMBlockingX); return -1; @@ -5186,8 +5197,9 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); return ERROR_DOS(ERRDOS,ERRnoaccess); } - DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for pid %u, file %s\n", - (double)offset, (double)count, (unsigned int)lock_pid, fsp->fsp_name )); + DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for " + "pid %u, file %s\n", (double)offset, (double)count, + (unsigned int)lock_pid, fsp->fsp_name )); status = do_unlock(fsp,conn,lock_pid,count,offset); if (NT_STATUS_V(status)) { @@ -5219,27 +5231,34 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); return ERROR_DOS(ERRDOS,ERRnoaccess); } - DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid %u, file %s timeout = %d\n", - (double)offset, (double)count, (unsigned int)lock_pid, - fsp->fsp_name, (int)lock_timeout )); + DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid " + "%u, file %s timeout = %d\n", (double)offset, + (double)count, (unsigned int)lock_pid, + fsp->fsp_name, (int)lock_timeout )); status = do_lock_spin(fsp,conn,lock_pid, count,offset, - ((locktype & 1) ? READ_LOCK : WRITE_LOCK), &my_lock_ctx); + ((locktype & 1) ? READ_LOCK:WRITE_LOCK), + &my_lock_ctx); if (NT_STATUS_V(status)) { /* - * Interesting fact found by IFSTEST /t LockOverlappedTest... - * Even if it's our own lock context, we need to wait here as - * there may be an unlock on the way. - * So I removed a "&& !my_lock_ctx" from the following - * if statement. JRA. + * Interesting fact found by IFSTEST /t + * LockOverlappedTest... Even if it's our own lock + * context, we need to wait here as there may be an + * unlock on the way. So I removed a "&& + * !my_lock_ctx" from the following if statement. JRA. */ - if ((lock_timeout != 0) && lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { + if ((lock_timeout != 0) && + lp_blocking_locks(SNUM(conn)) && + ERROR_WAS_LOCK_DENIED(status)) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it * onto the blocking lock queue. */ - if(push_blocking_lock_request(inbuf, length, lock_timeout, i, lock_pid, offset, count)) { + if(push_blocking_lock_request(inbuf, length, + lock_timeout, i, + lock_pid, offset, + count)) { END_PROFILE(SMBlockingX); return -1; } @@ -5259,10 +5278,12 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); for(i--; i >= 0; i--) { lock_pid = get_lock_pid( data, i, large_file_format); count = get_lock_count( data, i, large_file_format); - offset = get_lock_offset( data, i, large_file_format, &err); + offset = get_lock_offset( data, i, large_file_format, + &err); /* - * There is no error code marked "stupid client bug".... :-). + * There is no error code marked "stupid client + * bug".... :-). */ if(err) { END_PROFILE(SMBlockingX); @@ -5277,8 +5298,8 @@ no oplock granted on this file (%s).\n", fsp->fnum, fsp->fsp_name)); set_message(outbuf,2,0,True); - DEBUG( 3, ( "lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", - fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks ) ); + DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", + fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks)); END_PROFILE(SMBlockingX); return chain_reply(inbuf,outbuf,length,bufsize); -- cgit From 5b455c1755e0b23b96413bee7886c837b476620a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 6 Oct 2005 00:21:02 +0000 Subject: r10749: Remove one more Samba4 smbtorture RAW-OPEN difference from W2K3. Jeremy. (This used to be commit 0e8cf8eef59e38ba9a79f6c688abe9f1ac3bf64d) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ba22a56cfb..4d876d4289 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1353,7 +1353,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, put_dos_date3(outbuf,smb_vwv2,mtime); } SIVAL(outbuf,smb_vwv4,(uint32)size); - SSVAL(outbuf,smb_vwv6,GET_OPENX_MODE(deny_mode)); + SSVAL(outbuf,smb_vwv6,deny_mode); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); -- cgit From 8a1aa2c0034aa69d9a52f4adbb85485d3a0fa9cc Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 6 Oct 2005 03:41:01 +0000 Subject: r10750: Ensure we match W2K3 in forcing DOS errors in a couple of cases. Jeremy. (This used to be commit 62ba3454251daf59071a6b2663035b04c5438647) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4d876d4289..47da903256 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1312,7 +1312,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask, &share_mode, &create_disposition, &create_options)) { END_PROFILE(SMBopen); - return ERROR_DOS(ERRDOS, ERRbadaccess); + return ERROR_FORCE_DOS(ERRDOS, ERRbadaccess); } fsp = open_file_ntcreate(conn,fname,&sbuf, @@ -1435,7 +1435,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt &create_disposition, &create_options)) { END_PROFILE(SMBopenX); - return ERROR_DOS(ERRDOS, ERRbadaccess); + return ERROR_FORCE_DOS(ERRDOS, ERRbadaccess); } fsp = open_file_ntcreate(conn,fname,&sbuf, -- cgit From 8d7c88667190fe286971ac4fffb64ee5bd9eeeb0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Oct 2005 03:24:00 +0000 Subject: r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4 x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 47da903256..beed90f9aa 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2130,7 +2130,7 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st DATA_BLOB header; _smb_setlen(outbuf,nread); - header.data = outbuf; + header.data = (uint8 *)outbuf; header.length = 4; header.free = NULL; @@ -2509,7 +2509,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length SSVAL(smb_buf(outbuf),-2,smb_maxcnt); SCVAL(outbuf,smb_vwv0,0xFF); set_message(outbuf,12,smb_maxcnt,False); - header.data = outbuf; + header.data = (uint8 *)outbuf; header.length = data - outbuf; header.free = NULL; -- cgit From 6baec64a7370ff1871f0b806a623b1fc1a898acb Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 31 Oct 2005 20:11:58 +0000 Subject: r11420: Fix issue pointed out by Dina Fine . We can only tell at parse time from the wire if an incoming name has wildcards or not. If it's a mangled name and we demangle the demangled name may contain wildcard characters. Ensure these are ignored. Jeremy. (This used to be commit 4cd8e2a96b98ff711905e8c6f416b22440c16062) --- source3/smbd/reply.c | 122 ++++++++++++++++++++++++++++++++------------------- 1 file changed, 78 insertions(+), 44 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index beed90f9aa..f73eea3fa6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -172,7 +172,7 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) set. ****************************************************************************/ -NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname) +NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL *p_contains_wcard) { char *d = destname; const char *s = srcname; @@ -180,6 +180,8 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname) BOOL start_of_name_component = True; unsigned int num_bad_components = 0; + *p_contains_wcard = False; + while (*s) { if (IS_DIRECTORY_SEP(*s)) { /* @@ -249,6 +251,19 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname) if (*s <= 0x1f) { return NT_STATUS_OBJECT_NAME_INVALID; } + if (!*p_contains_wcard) { + switch (*s) { + case '*': + case '?': + case '<': + case '>': + case '"': + *p_contains_wcard = True; + break; + default: + break; + } + } *d++ = *s++; } else { switch(next_mb_char_size(s)) { @@ -379,11 +394,41 @@ NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname) return ret; } +/**************************************************************************** + Pull a string and check the path allowing a wilcard - provide for error return. +****************************************************************************/ + +size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, + NTSTATUS *err, BOOL *contains_wcard) +{ + pstring tmppath; + char *tmppath_ptr = tmppath; + size_t ret; +#ifdef DEVELOPER + SMB_ASSERT(dest_len == sizeof(pstring)); +#endif + + if (src_len == 0) { + ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags); + } else { + ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags); + } + + *contains_wcard = False; + + if (lp_posix_pathnames()) { + *err = check_path_syntax_posix(dest, tmppath); + } else { + *err = check_path_syntax_wcard(dest, tmppath, contains_wcard); + } + return ret; +} + /**************************************************************************** Pull a string and check the path - provide for error return. ****************************************************************************/ -size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err, BOOL allow_wcard_names) +size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err) { pstring tmppath; char *tmppath_ptr = tmppath; @@ -399,8 +444,6 @@ size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len } if (lp_posix_pathnames()) { *err = check_path_syntax_posix(dest, tmppath); - } else if (allow_wcard_names) { - *err = check_path_syntax_wcard(dest, tmppath); } else { *err = check_path_syntax(dest, tmppath); } @@ -754,7 +797,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBchkpth); - srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, False); + srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBchkpth); return ERROR_NT(status); @@ -826,7 +869,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBgetatr); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status, False); + p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBgetatr); return ERROR_NT(status); @@ -905,7 +948,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBsetatr); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status, False); + p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBsetatr); return ERROR_NT(status); @@ -1031,6 +1074,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL can_open = True; BOOL bad_path = False; NTSTATUS nt_status; + BOOL mask_contains_wcard = False; BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False; if (lp_posix_pathnames()) { @@ -1049,7 +1093,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size maxentries = SVAL(inbuf,smb_vwv0); dirtype = SVAL(inbuf,smb_vwv1); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &nt_status, True); + p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &nt_status, &mask_contains_wcard); if (!NT_STATUS_IS_OK(nt_status)) { END_PROFILE(SMBsearch); return ERROR_NT(nt_status); @@ -1114,7 +1158,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size ok = True; if (status_len == 0) { - dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid), mask, dirtype); + dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid), mask, mask_contains_wcard, dirtype); if (dptr_num < 0) { if(dptr_num == -2) { END_PROFILE(SMBsearch); @@ -1185,7 +1229,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size dptr_close(&dptr_num); } - if ((numentries == 0) && !ms_has_wild(mask)) { + if ((numentries == 0) && !mask_contains_wcard) { return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles); } @@ -1230,6 +1274,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int dptr_num= -2; char *p; NTSTATUS err; + BOOL path_contains_wcard = False; if (lp_posix_pathnames()) { return reply_unknown(inbuf, outbuf); @@ -1239,7 +1284,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size outsize = set_message(outbuf,1,0,True); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, True); + p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, &path_contains_wcard); if (!NT_STATUS_IS_OK(err)) { END_PROFILE(SMBfclose); return ERROR_NT(err); @@ -1295,7 +1340,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, deny_mode = SVAL(inbuf,smb_vwv0); - srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status, False); + srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopen); return ERROR_NT(status); @@ -1415,7 +1460,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } /* XXXX we need to handle passed times, sattr and flags */ - srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status, False); + srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); return ERROR_NT(status); @@ -1586,7 +1631,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, com = SVAL(inbuf,smb_com); - srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status, False); + srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); return ERROR_NT(status); @@ -1669,7 +1714,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBctemp); - srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status, False); + srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBctemp); return ERROR_NT(status); @@ -1889,30 +1934,19 @@ NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL b code. ****************************************************************************/ -NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name) +NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name, BOOL has_wild) { pstring directory; pstring mask; char *p; int count=0; NTSTATUS error = NT_STATUS_OK; - BOOL has_wild; BOOL bad_path = False; BOOL rc = True; SMB_STRUCT_STAT sbuf; *directory = *mask = 0; - /* We must check for wildcards in the name given - * directly by the client - before any unmangling. - * This prevents an unmangling of a UNIX name containing - * a DOS wildcard like '*' or '?' from unmangling into - * a wildcard delete which was not intended. - * FIX for #226. JRA. - */ - - has_wild = ms_has_wild(name); - rc = unix_convert(name,conn,0,&bad_path,&sbuf); p = strrchr_m(name,'/'); @@ -2029,10 +2063,11 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size uint32 dirtype; NTSTATUS status; START_PROFILE(SMBunlink); - + BOOL path_contains_wcard = False; + dirtype = SVAL(inbuf,smb_vwv0); - srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, True); + srvstr_get_path_wcard(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBunlink); return ERROR_NT(status); @@ -2042,7 +2077,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(3,("reply_unlink : %s\n",name)); - status = unlink_internals(conn, dirtype, name); + status = unlink_internals(conn, dirtype, name, path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ @@ -3721,7 +3756,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBmkdir); - srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status, False); + srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmkdir); return ERROR_NT(status); @@ -3925,7 +3960,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, NTSTATUS status; START_PROFILE(SMBrmdir); - srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status, False); + srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBrmdir); return ERROR_NT(status); @@ -4216,14 +4251,13 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * code. ****************************************************************************/ -NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, uint32 attrs, BOOL replace_if_exists) +NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, uint32 attrs, BOOL replace_if_exists, BOOL has_wild) { pstring directory; pstring mask; pstring last_component_src; pstring last_component_dest; char *p; - BOOL has_wild; BOOL bad_path_src = False; BOOL bad_path_dest = False; int count=0; @@ -4292,8 +4326,6 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, ui if (!rc && mangle_is_mangled(mask,SNUM(conn))) mangle_check_cache( mask, sizeof(pstring)-1, SNUM(conn)); - has_wild = ms_has_wild(mask); - if (!has_wild) { /* * No wildcards - just process the one file. @@ -4559,17 +4591,18 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, char *p; uint32 attrs = SVAL(inbuf,smb_vwv0); NTSTATUS status; + BOOL path_contains_wcard = False; START_PROFILE(SMBmv); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, True); + p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); } p++; - p += srvstr_get_path(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, True); + p += srvstr_get_path(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); @@ -4580,7 +4613,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - status = rename_internals(conn, name, newname, attrs, False); + status = rename_internals(conn, name, newname, attrs, False, path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); if (open_was_deferred(SVAL(inbuf,smb_mid))) { @@ -4727,21 +4760,22 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, BOOL target_is_directory=False; BOOL bad_path1 = False; BOOL bad_path2 = False; + BOOL path_contains_wcard1 = False; + BOOL path_contains_wcard2 = False; BOOL rc = True; SMB_STRUCT_STAT sbuf1, sbuf2; NTSTATUS status; - START_PROFILE(SMBcopy); *directory = *mask = 0; p = smb_buf(inbuf); - p += srvstr_get_path(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, True); + p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard1); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); return ERROR_NT(status); } - p += srvstr_get_path(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, True); + p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &path_contains_wcard2); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); return ERROR_NT(status); @@ -4803,7 +4837,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!rc && mangle_is_mangled(mask, SNUM(conn))) mangle_check_cache( mask, sizeof(pstring)-1, SNUM(conn)); - has_wild = ms_has_wild(mask); + has_wild = path_contains_wcard1; if (!has_wild) { pstrcat(directory,"/"); @@ -4904,7 +4938,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_DOS(ERRDOS,ERRnoaccess); } - srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, &status, False); + srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(pathworks_setdir); return ERROR_NT(status); -- cgit From 86909281c8e128c5aef08f51615b868e1c179964 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 31 Oct 2005 22:30:05 +0000 Subject: r11428: Fix bug #3192 by actually hooking up the dfree caching function. Oops. Jeremy. (This used to be commit 7edb26e7657fc01710abe563b941779749409ef2) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f73eea3fa6..8ca7c2a103 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1004,7 +1004,7 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz SMB_BIG_UINT dfree,dsize,bsize; START_PROFILE(SMBdskattr); - if (SMB_VFS_DISK_FREE(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) { + if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) { END_PROFILE(SMBdskattr); return(UNIXERROR(ERRHRD,ERRgeneral)); } -- cgit From a3d66dfef7025a9712f62cf3dda8ef910f848cf4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 1 Nov 2005 23:49:40 +0000 Subject: r11448: Move decl before code. Jeremy. (This used to be commit f22822790cdbbe7d5a237421c1eda73a504e488d) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8ca7c2a103..ae7710b48f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2062,9 +2062,10 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstring name; uint32 dirtype; NTSTATUS status; - START_PROFILE(SMBunlink); BOOL path_contains_wcard = False; + START_PROFILE(SMBunlink); + dirtype = SVAL(inbuf,smb_vwv0); srvstr_get_path_wcard(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard); -- cgit From c9effb004cb4bb9baa87fb429f22c834226708bb Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 2 Nov 2005 00:19:26 +0000 Subject: r11451: Fix -O1 "might be using uninitialized" errors. Jeremy. (This used to be commit cab76c3c33883aad444eefb6562ab1b27d9ca88a) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ae7710b48f..f83b0ff746 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5126,7 +5126,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; BOOL err; BOOL my_lock_ctx = False; - NTSTATUS status; + NTSTATUS status = NT_STATUS_UNSUCCESSFUL; START_PROFILE(SMBlockingX); -- cgit From 6d5757395a0e54245543794d0d6d6d6a32cd857a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 5 Nov 2005 04:21:55 +0000 Subject: r11511: A classic "friday night check-in" :-). This moves much of the Samba4 timezone handling code back into Samba3. Gets rid of "kludge-gmt" and removes the effectiveness of the parameter "time offset" (I can add this back in very easily if needed) - it's no longer being looked at. I'm hoping this will fix the problems people have been having with DST transitions. I'll start comprehensive testing tomorrow, but for now all modifications are done. Splits time get/set functions into srv_XXX and cli_XXX as they need to look at different timezone offsets. Get rid of much of the "efficiency" cruft that was added to Samba back in the day when the C library timezone handling functions were slow. Jeremy. (This used to be commit 414303bc0272f207046b471a0364fa296b67c1f8) --- source3/smbd/reply.c | 38 ++++++++++++++++++++------------------ 1 file changed, 20 insertions(+), 18 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f83b0ff746..81240fcb92 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -914,14 +914,16 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size outsize = set_message(outbuf,10,0,True); SSVAL(outbuf,smb_vwv0,mode); - if(lp_dos_filetime_resolution(SNUM(conn)) ) - put_dos_date3(outbuf,smb_vwv1,mtime & ~1); - else - put_dos_date3(outbuf,smb_vwv1,mtime); + if(lp_dos_filetime_resolution(SNUM(conn)) ) { + srv_put_dos_date3(outbuf,smb_vwv1,mtime & ~1); + } else { + srv_put_dos_date3(outbuf,smb_vwv1,mtime); + } SIVAL(outbuf,smb_vwv3,(uint32)size); - if (Protocol >= PROTOCOL_NT1) + if (Protocol >= PROTOCOL_NT1) { SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME); + } DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, (uint32)size ) ); @@ -963,7 +965,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } mode = SVAL(inbuf,smb_vwv0); - mtime = make_unix_date3(inbuf+smb_vwv1); + mtime = srv_make_unix_date3(inbuf+smb_vwv1); if (mode != FILE_ATTRIBUTE_NORMAL) { if (VALID_STAT_OF_DIR(sbuf)) @@ -1393,9 +1395,9 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SSVAL(outbuf,smb_vwv0,fsp->fnum); SSVAL(outbuf,smb_vwv1,fattr); if(lp_dos_filetime_resolution(SNUM(conn)) ) { - put_dos_date3(outbuf,smb_vwv2,mtime & ~1); + srv_put_dos_date3(outbuf,smb_vwv2,mtime & ~1); } else { - put_dos_date3(outbuf,smb_vwv2,mtime); + srv_put_dos_date3(outbuf,smb_vwv2,mtime); } SIVAL(outbuf,smb_vwv4,(uint32)size); SSVAL(outbuf,smb_vwv6,deny_mode); @@ -1563,9 +1565,9 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt SSVAL(outbuf,smb_vwv2,fsp->fnum); SSVAL(outbuf,smb_vwv3,fattr); if(lp_dos_filetime_resolution(SNUM(conn)) ) { - put_dos_date3(outbuf,smb_vwv4,mtime & ~1); + srv_put_dos_date3(outbuf,smb_vwv4,mtime & ~1); } else { - put_dos_date3(outbuf,smb_vwv4,mtime); + srv_put_dos_date3(outbuf,smb_vwv4,mtime); } SIVAL(outbuf,smb_vwv6,(uint32)size); SSVAL(outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode)); @@ -3272,7 +3274,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * Take care of any time sent in the close. */ - mtime = make_unix_date3(inbuf+smb_vwv1); + mtime = srv_make_unix_date3(inbuf+smb_vwv1); fsp_set_pending_modtime(fsp, mtime); /* @@ -3322,7 +3324,7 @@ int reply_writeclose(connection_struct *conn, numtowrite = SVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); - mtime = make_unix_date3(inbuf+smb_vwv4); + mtime = srv_make_unix_date3(inbuf+smb_vwv4); data = smb_buf(inbuf) + 1; if (numtowrite && is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { @@ -3639,7 +3641,7 @@ int reply_printqueue(connection_struct *conn, for (i=first;i @@ -5713,10 +5715,10 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, * this. */ - put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn)))); - put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime); + srv_put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn)))); + srv_put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime); /* Should we check pending modtime here ? JRA */ - put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime); + srv_put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime); if (mode & aDIR) { SIVAL(outbuf,smb_vwv6,0); -- cgit From fa4df827d0b7e6e280a1736fb45772ed27131e64 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 12 Dec 2005 18:21:59 +0000 Subject: r12194: Ensure that when we set a connection path we've canonicalized the name (must be abolute - start with /, must not end in /, must have ./ and ../ removed). Of course for realpath resolved paths this won't be the case but for others we need this name to be canonicalized. This name is going into the sharemode db for #3303 so needs to be in a normalized format. Jeremy. (This used to be commit 22e3300911809692b595f49e87d91e3111923e6a) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 81240fcb92..d3739c8847 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4954,7 +4954,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } else { ok = vfs_directory_exist(conn,newdir,NULL); if (ok) - string_set(&conn->connectpath,newdir); + set_conn_connectpath(conn,newdir); } if (!ok) { -- cgit From ab7a4f7e8e4b946a8acd0a205c16dbf6a3afecad Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 13 Dec 2005 18:11:50 +0000 Subject: r12213: Final fix for #3303 - send rename messages to smbd's that have open file handles to allow them to correctly implement delete on close. There is a further correctness fix I'm intending to add to this to cope with different share paths, but not right now... Jeremy. (This used to be commit 932e337db8788e75344e1c7cf1ef009d090cb039) --- source3/smbd/reply.c | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d3739c8847..5ddba4c2bf 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4082,13 +4082,15 @@ static BOOL resolve_wildcards(const char *name1, char *name2) } /**************************************************************************** - Ensure open files have their names updates. + Ensure open files have their names updated. Updated to notify other smbd's + asynchronously. ****************************************************************************/ -static void rename_open_files(connection_struct *conn, SMB_DEV_T dev, SMB_INO_T inode, char *newname) +static void rename_open_files(connection_struct *conn, SMB_DEV_T dev, SMB_INO_T inode, const char *newname) { files_struct *fsp; BOOL did_rename = False; + struct share_mode_lock *lck = NULL; for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) { DEBUG(10,("rename_open_files: renaming file fnum %d (dev = %x, inode = %.0f) from %s -> %s\n", @@ -4098,9 +4100,24 @@ static void rename_open_files(connection_struct *conn, SMB_DEV_T dev, SMB_INO_T did_rename = True; } - if (!did_rename) + if (!did_rename) { DEBUG(10,("rename_open_files: no open files on dev %x, inode %.0f for %s\n", (unsigned int)dev, (double)inode, newname )); + } + + /* Notify all remote smbd's. */ + lck = get_share_mode_lock(NULL, dev, inode, NULL, NULL); + if (lck == NULL) { + DEBUG(5,("rename_open_files: Could not get share mode lock for file %s\n", + fsp->fsp_name)); + return; + } + + /* Change the stored filename. */ + rename_share_filename(lck, conn->connectpath, newname); + + /* Send messages to all smbd's (not ourself) that the name has changed. */ + talloc_free(lck); } /**************************************************************************** @@ -4238,10 +4255,11 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * return NT_STATUS_OK; } - if (errno == ENOTDIR || errno == EISDIR) + if (errno == ENOTDIR || errno == EISDIR) { error = NT_STATUS_OBJECT_NAME_COLLISION; - else + } else { error = map_nt_error_from_unix(errno); + } DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n", nt_errstr(error), fsp->fsp_name,newname)); -- cgit From e7d2e311a293709c74a97d0e30665dadae510712 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 14 Dec 2005 17:46:29 +0000 Subject: r12234: Reduce the race condition for renames by holding the lock longer. Instigated by complaints on the fix for #3303 from SATOH Fumiyasu . Jeremy. (This used to be commit 855f5f8c32aa530dbad244805a40200824724618) --- source3/smbd/reply.c | 48 +++++++++++++++++++++++++++++------------------- 1 file changed, 29 insertions(+), 19 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5ddba4c2bf..063cdf2974 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4086,13 +4086,20 @@ static BOOL resolve_wildcards(const char *name1, char *name2) asynchronously. ****************************************************************************/ -static void rename_open_files(connection_struct *conn, SMB_DEV_T dev, SMB_INO_T inode, const char *newname) +static void rename_open_files(connection_struct *conn, struct share_mode_lock *lck, + SMB_DEV_T dev, SMB_INO_T inode, const char *newname) { files_struct *fsp; BOOL did_rename = False; - struct share_mode_lock *lck = NULL; for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) { + /* fsp_name is a relative path under the fsp. To change this for other + sharepaths we need to manipulate relative paths. */ + /* TODO - create the absolute path and manipulate the newname + relative to the sharepath. */ + if (fsp->conn != conn) { + continue; + } DEBUG(10,("rename_open_files: renaming file fnum %d (dev = %x, inode = %.0f) from %s -> %s\n", fsp->fnum, (unsigned int)fsp->dev, (double)fsp->inode, fsp->fsp_name, newname )); @@ -4105,19 +4112,8 @@ static void rename_open_files(connection_struct *conn, SMB_DEV_T dev, SMB_INO_T (unsigned int)dev, (double)inode, newname )); } - /* Notify all remote smbd's. */ - lck = get_share_mode_lock(NULL, dev, inode, NULL, NULL); - if (lck == NULL) { - DEBUG(5,("rename_open_files: Could not get share mode lock for file %s\n", - fsp->fsp_name)); - return; - } - - /* Change the stored filename. */ - rename_share_filename(lck, conn->connectpath, newname); - /* Send messages to all smbd's (not ourself) that the name has changed. */ - talloc_free(lck); + rename_share_filename(lck, conn->connectpath, newname); } /**************************************************************************** @@ -4161,6 +4157,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * NTSTATUS error = NT_STATUS_OK; BOOL dest_exists; BOOL rcdest = True; + struct share_mode_lock *lck = NULL; ZERO_STRUCT(sbuf); rcdest = unix_convert(newname,conn,newname_last_component,&bad_path,&sbuf); @@ -4248,13 +4245,18 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * return NT_STATUS_ACCESS_DENIED; } + lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode, NULL, NULL); + if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) { DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n", fsp->fsp_name,newname)); - rename_open_files(conn, fsp->dev, fsp->inode, newname); + rename_open_files(conn, lck, fsp->dev, fsp->inode, newname); + talloc_free(lck); return NT_STATUS_OK; } + talloc_free(lck); + if (errno == ENOTDIR || errno == EISDIR) { error = NT_STATUS_OBJECT_NAME_COLLISION; } else { @@ -4286,6 +4288,7 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, ui BOOL rc = True; BOOL rcdest = True; SMB_STRUCT_STAT sbuf1, sbuf2; + struct share_mode_lock *lck = NULL; *directory = *mask = 0; @@ -4456,7 +4459,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", */ if (strcsequal(directory, newname)) { - rename_open_files(conn, sbuf1.st_dev, sbuf1.st_ino, newname); + rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname); DEBUG(3,("rename_internals: identical names in rename %s - returning success\n", directory)); return NT_STATUS_OK; } @@ -4471,13 +4474,17 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", return NT_STATUS_SHARING_VIOLATION; } + lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL); + if(SMB_VFS_RENAME(conn,directory, newname) == 0) { DEBUG(3,("rename_internals: succeeded doing rename on %s -> %s\n", directory,newname)); - rename_open_files(conn, sbuf1.st_dev, sbuf1.st_ino, newname); + rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname); + talloc_free(lck); return NT_STATUS_OK; } + talloc_free(lck); if (errno == ENOTDIR || errno == EISDIR) error = NT_STATUS_OBJECT_NAME_COLLISION; else @@ -4555,7 +4562,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", } if (strcsequal(fname,destname)) { - rename_open_files(conn, sbuf1.st_dev, sbuf1.st_ino, newname); + rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname); DEBUG(3,("rename_internals: identical names in wildcard rename %s - success\n", fname)); count++; error = NT_STATUS_OK; @@ -4573,11 +4580,14 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", return NT_STATUS_SHARING_VIOLATION; } + lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL); + if (!SMB_VFS_RENAME(conn,fname,destname)) { - rename_open_files(conn, sbuf1.st_dev, sbuf1.st_ino, newname); + rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname); count++; error = NT_STATUS_OK; } + talloc_free(lck); DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } CloseDir(dir_hnd); -- cgit From c4ccc8f37ec4247a3a27277df14311389040fc25 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 26 Dec 2005 11:44:15 +0000 Subject: r12491: End profile fixes from SATOH Fumiyasu . Jeremy. (This used to be commit 2187502732e41690bf266f229312bb9c7177cf22) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 063cdf2974..d56e3c1f1c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5465,7 +5465,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, outsize = set_message(outbuf,0,0,True); if(!fsp || (fsp->conn != conn)) { - END_PROFILE(SMBgetattrE); + END_PROFILE(SMBsetattrE); return ERROR_DOS(ERRDOS,ERRbadfid); } -- cgit From 2dd7fd8f69ea06ad234c3354493052ef5a147c03 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 16 Jan 2006 05:47:39 +0000 Subject: r12956: Fix for bug #3035 from SATOH Fumiyasu On a Windows share, a file with read-only dosmode can be opened with DELETE_ACCESS. But on a Samba share (delete readonly = no), it fails with NT_STATUS_CANNOT_DELETE error. This semantic causes a problem that a user can not rename a file with read-only dosmode on a Samba share from a Windows command prompt (i.e. cmd.exe, but can rename from Windows Explorer). Jeremy. (This used to be commit dd185c7aa8de156dab58b065bf73905b2a29f40d) --- source3/smbd/reply.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d56e3c1f1c..69c71c74b5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1888,7 +1888,19 @@ NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL b return NT_STATUS_OBJECT_NAME_INVALID; #endif /* JRATEST */ - if (!lp_delete_readonly(SNUM(conn))) { + /* Fix for bug #3035 from SATOH Fumiyasu + + On a Windows share, a file with read-only dosmode can be opened with + DELETE_ACCESS. But on a Samba share (delete readonly = no), it + fails with NT_STATUS_CANNOT_DELETE error. + + This semantic causes a problem that a user can not + rename a file with read-only dosmode on a Samba share + from a Windows command prompt (i.e. cmd.exe, but can rename + from Windows Explorer). + */ + + if (!check_is_at_open && !lp_delete_readonly(SNUM(conn))) { if (fattr & aRONLY) { return NT_STATUS_CANNOT_DELETE; } -- cgit From d14af63e6ab600eb3ac705f2f425c860e927553a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 2 Feb 2006 20:44:50 +0000 Subject: r13293: Rather a big patch I'm afraid, but this should fix bug #3347 by saving the UNIX token used to set a delete on close flag, and using it when doing the delete. libsmbsharemodes.so still needs updating to cope with this change. Samba4 torture tests to follow. Jeremy. (This used to be commit 23f16cbc2e8cde97c486831e26bcafd4ab4a9654) --- source3/smbd/reply.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 69c71c74b5..89b98be1e7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1386,7 +1386,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (fattr & aDIR) { DEBUG(3,("attempt to open a directory %s\n",fname)); - close_file(fsp,False); + close_file(fsp,ERROR_CLOSE); END_PROFILE(SMBopen); return ERROR_DOS(ERRDOS,ERRnoaccess); } @@ -1510,13 +1510,13 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) { fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size); if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) { - close_file(fsp,False); + close_file(fsp,ERROR_CLOSE); END_PROFILE(SMBntcreateX); return ERROR_NT(NT_STATUS_DISK_FULL); } retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size); if (retval < 0) { - close_file(fsp,False); + close_file(fsp,ERROR_CLOSE); END_PROFILE(SMBwrite); return ERROR_NT(NT_STATUS_DISK_FULL); } @@ -1526,7 +1526,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt fattr = dos_mode(conn,fname,&sbuf); mtime = sbuf.st_mtime; if (fattr & aDIR) { - close_file(fsp,False); + close_file(fsp,ERROR_CLOSE); END_PROFILE(SMBopenX); return ERROR_DOS(ERRDOS,ERRnoaccess); } @@ -1845,7 +1845,7 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, set_saved_ntstatus(NT_STATUS_OK); return NT_STATUS_ACCESS_DENIED; } - close_file(fsp,False); + close_file(fsp,NORMAL_CLOSE); return NT_STATUS_OK; } @@ -1938,7 +1938,7 @@ NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL b set_saved_ntstatus(NT_STATUS_OK); return NT_STATUS_ACCESS_DENIED; } - close_file(fsp,False); + close_file(fsp,NORMAL_CLOSE); } return NT_STATUS_OK; } @@ -3267,7 +3267,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * Special case - close NT SMB directory handle. */ DEBUG(3,("close %s fnum=%d\n", fsp->is_directory ? "directory" : "stat file open", fsp->fnum)); - close_file(fsp,True); + close_file(fsp,NORMAL_CLOSE); } else { /* * Close ordinary file. @@ -3295,7 +3295,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * a disk full error. If not then it was probably an I/O error. */ - if((close_err = close_file(fsp,True)) != 0) { + if((close_err = close_file(fsp,NORMAL_CLOSE)) != 0) { errno = close_err; END_PROFILE(SMBclose); return (UNIXERROR(ERRHRD,ERRgeneral)); @@ -3356,7 +3356,7 @@ int reply_writeclose(connection_struct *conn, if (numtowrite) { DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n", fsp->fsp_name )); - close_err = close_file(fsp,True); + close_err = close_file(fsp,NORMAL_CLOSE); } DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n", @@ -3596,7 +3596,7 @@ int reply_printclose(connection_struct *conn, DEBUG(3,("printclose fd=%d fnum=%d\n", fsp->fh->fd,fsp->fnum)); - close_err = close_file(fsp,True); + close_err = close_file(fsp,NORMAL_CLOSE); if(close_err != 0) { errno = close_err; @@ -4746,7 +4746,7 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, NULL); if (!fsp2) { - close_file(fsp1,False); + close_file(fsp1,ERROR_CLOSE); return(False); } @@ -4765,7 +4765,7 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size); } - close_file(fsp1,False); + close_file(fsp1,NORMAL_CLOSE); /* Ensure the modtime is set correctly on the destination file. */ fsp_set_pending_modtime( fsp2, src_sbuf.st_mtime); @@ -4776,7 +4776,7 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, * Thus we don't look at the error return from the * close of fsp1. */ - *err_ret = close_file(fsp2,False); + *err_ret = close_file(fsp2,NORMAL_CLOSE); return(ret == (SMB_OFF_T)src_sbuf.st_size); } -- cgit From fb5362c069b5b6548478b2217a0519c56d856705 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 20 Feb 2006 17:59:58 +0000 Subject: r13571: Replace all calls to talloc_free() with thye TALLOC_FREE() macro which sets the freed pointer to NULL. (This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2) --- source3/smbd/reply.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 89b98be1e7..1ca9d39a4c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4263,11 +4263,11 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n", fsp->fsp_name,newname)); rename_open_files(conn, lck, fsp->dev, fsp->inode, newname); - talloc_free(lck); + TALLOC_FREE(lck); return NT_STATUS_OK; } - talloc_free(lck); + TALLOC_FREE(lck); if (errno == ENOTDIR || errno == EISDIR) { error = NT_STATUS_OBJECT_NAME_COLLISION; @@ -4492,11 +4492,11 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", DEBUG(3,("rename_internals: succeeded doing rename on %s -> %s\n", directory,newname)); rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname); - talloc_free(lck); + TALLOC_FREE(lck); return NT_STATUS_OK; } - talloc_free(lck); + TALLOC_FREE(lck); if (errno == ENOTDIR || errno == EISDIR) error = NT_STATUS_OBJECT_NAME_COLLISION; else @@ -4599,7 +4599,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", count++; error = NT_STATUS_OK; } - talloc_free(lck); + TALLOC_FREE(lck); DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } CloseDir(dir_hnd); -- cgit From f04d5530cc9ec849edc39c86dbe3946f054d8178 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 15 Mar 2006 22:52:59 +0000 Subject: r14460: SMBexit closes by pid and vuid. Tested with smbtorture. Jeremy. (This used to be commit 71e81580421225d5b35a25d46a7b6064a826685c) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1ca9d39a4c..83f527d326 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3220,7 +3220,7 @@ int reply_exit(connection_struct *conn, int outsize; START_PROFILE(SMBexit); - file_close_pid(SVAL(inbuf,smb_pid)); + file_close_pid(SVAL(inbuf,smb_pid),SVAL(inbuf,smb_uid)); outsize = set_message(outbuf,0,0,True); -- cgit From 1af229a8f822e3595e3282fc3187c2e7d705aac0 Mon Sep 17 00:00:00 2001 From: James Peach Date: Sun, 19 Mar 2006 23:32:50 +0000 Subject: r14574: Allow use of sendfile as long as the write cache has not been enabled on the particular file we are performing I/O on, irrespective of whether the write cache is globally enabled (This used to be commit 0809e2cb1dfff1cd0e8631b23b415cb2d8a67312) --- source3/smbd/reply.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 83f527d326..ce41266a1c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2176,7 +2176,8 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st * reply_readbraw has already checked the length. */ - if (chain_size ==0 && (nread > 0) && (lp_write_cache_size(SNUM(conn)) == 0) && lp_use_sendfile(SNUM(conn)) ) { + if ( (chain_size == 0) && (nread > 0) && + (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) { DATA_BLOB header; _smb_setlen(outbuf,nread); @@ -2529,8 +2530,8 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length * on a train in Germany :-). JRA. */ - if (chain_size ==0 && (CVAL(inbuf,smb_vwv0) == 0xFF) && lp_use_sendfile(SNUM(conn)) && - (lp_write_cache_size(SNUM(conn)) == 0) ) { + if ((chain_size == 0) && (CVAL(inbuf,smb_vwv0) == 0xFF) && + lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) { SMB_STRUCT_STAT sbuf; DATA_BLOB header; -- cgit From 22dbd67708f1651a2341d70ce576fac360affccf Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 10 Apr 2006 15:33:04 +0000 Subject: r15018: Merge Volker's ipc/trans2/nttrans changes over into 3.0. Also merge the new POSIX lock code - this is not enabled unless -DDEVELOPER is defined. This doesn't yet map onto underlying system POSIX locks. Updates vfs to allow lock queries. Jeremy. (This used to be commit 08e52ead03304ff04229e1bfe544ff40e2564fc7) --- source3/smbd/reply.c | 112 +++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 86 insertions(+), 26 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ce41266a1c..040f7710fd 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -269,10 +269,13 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL * switch(next_mb_char_size(s)) { case 4: *d++ = *s++; + /*fall through*/ case 3: *d++ = *s++; + /*fall through*/ case 2: *d++ = *s++; + /*fall through*/ case 1: *d++ = *s++; break; @@ -374,10 +377,13 @@ NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname) switch(next_mb_char_size(s)) { case 4: *d++ = *s++; + /*fall through*/ case 3: *d++ = *s++; + /*fall through*/ case 2: *d++ = *s++; + /*fall through*/ case 1: *d++ = *s++; break; @@ -2319,7 +2325,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s /* ensure we don't overrun the packet size */ maxcount = MIN(65535,maxcount); - if (!is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (!is_locked(fsp,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { SMB_STRUCT_STAT st; SMB_OFF_T size = 0; @@ -2390,8 +2396,13 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * Note that the requested lock size is unaffected by max_recv. */ - status = do_lock_spin(fsp, conn, SVAL(inbuf,smb_pid), - (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK, &my_lock_ctx); + status = do_lock_spin(fsp, + SVAL(inbuf,smb_pid), + (SMB_BIG_UINT)numtoread, + (SMB_BIG_UINT)startpos, + WRITE_LOCK, + WINDOWS_LOCK, + &my_lock_ctx); if (NT_STATUS_V(status)) { #if 0 @@ -2407,8 +2418,15 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * this smb into a queued request and push it * onto the blocking lock queue. */ - if(push_blocking_lock_request(inbuf, length, -1, 0, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)startpos, - (SMB_BIG_UINT)numtoread)) { + if(push_blocking_lock_request(inbuf, length, + fsp, + -1, + 0, + SVAL(inbuf,smb_pid), + WRITE_LOCK, + WINDOWS_LOCK, + (SMB_BIG_UINT)startpos, + (SMB_BIG_UINT)numtoread)) { END_PROFILE(SMBlockread); return -1; } @@ -2486,7 +2504,7 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", data = smb_buf(outbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (is_locked(fsp,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) { END_PROFILE(SMBread); return ERROR_DOS(ERRDOS,ERRlock); } @@ -2694,7 +2712,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } - if (is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (is_locked(fsp,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) { END_PROFILE(SMBreadX); return ERROR_DOS(ERRDOS,ERRlock); } @@ -2757,7 +2775,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, SCVAL(inbuf,smb_com,SMBwritec); SCVAL(outbuf,smb_com,SMBwritec); - if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwritebraw); return(ERROR_DOS(ERRDOS,ERRlock)); } @@ -2878,7 +2896,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (numtowrite && is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (numtowrite && is_locked(fsp,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwriteunlock); return ERROR_DOS(ERRDOS,ERRlock); } @@ -2900,8 +2918,12 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, } if (numtowrite) { - status = do_unlock(fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtowrite, - (SMB_BIG_UINT)startpos); + status = do_unlock(fsp, + SVAL(inbuf,smb_pid), + (SMB_BIG_UINT)numtowrite, + (SMB_BIG_UINT)startpos, + WINDOWS_LOCK); + if (NT_STATUS_V(status)) { END_PROFILE(SMBwriteunlock); return ERROR_NT(status); @@ -2951,7 +2973,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwrite); return ERROR_DOS(ERRDOS,ERRlock); } @@ -3066,7 +3088,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng #endif /* LARGE_SMB_OFF_T */ } - if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwriteX); return ERROR_DOS(ERRDOS,ERRlock); } @@ -3340,7 +3362,7 @@ int reply_writeclose(connection_struct *conn, mtime = srv_make_unix_date3(inbuf+smb_vwv4); data = smb_buf(inbuf) + 1; - if (numtowrite && is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (numtowrite && is_locked(fsp,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwriteclose); return ERROR_DOS(ERRDOS,ERRlock); } @@ -3410,7 +3432,13 @@ int reply_lock(connection_struct *conn, DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fh->fd, fsp->fnum, (double)offset, (double)count)); - status = do_lock_spin(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK, &my_lock_ctx); + status = do_lock_spin(fsp, + SVAL(inbuf,smb_pid), + count, + offset, + WRITE_LOCK, + WINDOWS_LOCK, + &my_lock_ctx); if (NT_STATUS_V(status)) { #if 0 /* Tests using Samba4 against W2K show this call never creates a blocking lock. */ @@ -3420,7 +3448,14 @@ int reply_lock(connection_struct *conn, * this smb into a queued request and push it * onto the blocking lock queue. */ - if(push_blocking_lock_request(inbuf, length, -1, 0, SVAL(inbuf,smb_pid), offset, count)) { + if(push_blocking_lock_request(inbuf, length, + fsp, + -1, + 0, + SVAL(inbuf,smb_pid), + WRITE_LOCK, + WINDOWS_LOCK, + offset, count)) { END_PROFILE(SMBlock); return -1; } @@ -3452,7 +3487,12 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1); offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); - status = do_unlock(fsp, conn, SVAL(inbuf,smb_pid), count, offset); + status = do_unlock(fsp, + SVAL(inbuf,smb_pid), + count, + offset, + WINDOWS_LOCK); + if (NT_STATUS_V(status)) { END_PROFILE(SMBunlock); return ERROR_NT(status); @@ -5279,7 +5319,12 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, "pid %u, file %s\n", (double)offset, (double)count, (unsigned int)lock_pid, fsp->fsp_name )); - status = do_unlock(fsp,conn,lock_pid,count,offset); + status = do_unlock(fsp, + lock_pid, + count, + offset, + WINDOWS_LOCK); + if (NT_STATUS_V(status)) { END_PROFILE(SMBlockingX); return ERROR_NT(status); @@ -5297,6 +5342,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, of smb_lkrng structs */ for(i = 0; i < (int)num_locks; i++) { + enum brl_type lock_type = ((locktype & 1) ? READ_LOCK:WRITE_LOCK); lock_pid = get_lock_pid( data, i, large_file_format); count = get_lock_count( data, i, large_file_format); offset = get_lock_offset( data, i, large_file_format, &err); @@ -5314,9 +5360,14 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, (double)count, (unsigned int)lock_pid, fsp->fsp_name, (int)lock_timeout )); - status = do_lock_spin(fsp,conn,lock_pid, count,offset, - ((locktype & 1) ? READ_LOCK:WRITE_LOCK), - &my_lock_ctx); + status = do_lock_spin(fsp, + lock_pid, + count, + offset, + lock_type, + WINDOWS_LOCK, + &my_lock_ctx); + if (NT_STATUS_V(status)) { /* * Interesting fact found by IFSTEST /t @@ -5334,8 +5385,13 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, * onto the blocking lock queue. */ if(push_blocking_lock_request(inbuf, length, - lock_timeout, i, - lock_pid, offset, + fsp, + lock_timeout, + i, + lock_pid, + lock_type, + WINDOWS_LOCK, + offset, count)) { END_PROFILE(SMBlockingX); return -1; @@ -5368,7 +5424,11 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, return ERROR_DOS(ERRDOS,ERRnoaccess); } - do_unlock(fsp,conn,lock_pid,count,offset); + do_unlock(fsp, + lock_pid, + count, + offset, + WINDOWS_LOCK); } END_PROFILE(SMBlockingX); return ERROR_NT(status); @@ -5430,7 +5490,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, tcount = maxcount; total_read = 0; - if (is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (is_locked(fsp,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { END_PROFILE(SMBreadBmpx); return ERROR_DOS(ERRDOS,ERRlock); } @@ -5562,7 +5622,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, not an SMBwritebmpx - set this up now so we don't forget */ SCVAL(outbuf,smb_com,SMBwritec); - if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) { + if (is_locked(fsp,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) { END_PROFILE(SMBwriteBmpx); return(ERROR_DOS(ERRDOS,ERRlock)); } -- cgit From 6c237e04b2b6be22465563cb77fd6de35f52fcc4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 10 Apr 2006 18:44:27 +0000 Subject: r15020: Fix issue with samba4 netbench torture tester, it sends break replies to "break to none from level2" requests and it shouldn't. Just don't log a debug level zero message. Jeremy. (This used to be commit dc6a13da33a031d0c2374b692737dbe9215f0f74) --- source3/smbd/reply.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 040f7710fd..3bad4829b9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5247,7 +5247,14 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, */ if (fsp->oplock_type == 0) { - DEBUG(0,("reply_lockingX: Error : oplock break from " + + /* The Samba4 nbench simulator doesn't understand + the difference between break to level2 and break + to none from level2 - it sends oplock break + replies in both cases. Don't keep logging an error + message here - just ignore it. JRA. */ + + DEBUG(5,("reply_lockingX: Error : oplock break from " "client for fnum = %d (oplock=%d) and no " "oplock granted on this file (%s).\n", fsp->fnum, fsp->oplock_type, fsp->fsp_name)); -- cgit From fc13f284179df5f3f3a1d475bf84da21dc89c970 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 11 Apr 2006 01:43:13 +0000 Subject: r15030: On a performace hunt... Remove as many extraneous memset's as possible. Jeremy. (This used to be commit 1217ed392b75aa8bfefa9c3f1ec5fa3bba841ee0) --- source3/smbd/reply.c | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3bad4829b9..0a3fc27be6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -848,7 +848,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return(UNIXERROR(ERRDOS,ERRbadpath)); } - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,False); DEBUG(3,("chkpth %s mode=%d\n", name, (int)SVAL(inbuf,smb_vwv0))); END_PROFILE(SMBchkpth); @@ -994,7 +994,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); } - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,False); DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) ); @@ -2113,7 +2113,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size */ process_pending_change_notify_queue((time_t)0); - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,False); END_PROFILE(SMBunlink); return outsize; @@ -3214,7 +3214,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,True); + int outsize = set_message(outbuf,0,0,False); uint16 fnum = SVAL(inbuf,smb_vwv0); files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBflush); @@ -3245,7 +3245,7 @@ int reply_exit(connection_struct *conn, file_close_pid(SVAL(inbuf,smb_pid),SVAL(inbuf,smb_uid)); - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,False); DEBUG(3,("exit\n")); @@ -3266,7 +3266,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, files_struct *fsp = NULL; START_PROFILE(SMBclose); - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,False); /* If it's an IPC, pass off to the pipe handler. */ if (IS_IPC(conn)) { @@ -3414,7 +3414,7 @@ int reply_writeclose(connection_struct *conn, int reply_lock(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,True); + int outsize = set_message(outbuf,0,0,False); SMB_BIG_UINT count,offset; NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -3476,7 +3476,7 @@ int reply_lock(connection_struct *conn, int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,True); + int outsize = set_message(outbuf,0,0,False); SMB_BIG_UINT count,offset; NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -3515,7 +3515,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int reply_tdis(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,True); + int outsize = set_message(outbuf,0,0,False); uint16 vuid; START_PROFILE(SMBtdis); @@ -3622,7 +3622,7 @@ int reply_printopen(connection_struct *conn, int reply_printclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,True); + int outsize = set_message(outbuf,0,0,False); files_struct *fsp = file_fsp(inbuf,smb_vwv0); int close_err = 0; START_PROFILE(SMBsplclose); @@ -3727,7 +3727,7 @@ int reply_printqueue(connection_struct *conn, int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int numtowrite; - int outsize = set_message(outbuf,0,0,True); + int outsize = set_message(outbuf,0,0,False); char *data; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -3852,7 +3852,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, change_owner_to_parent(conn, NULL, directory, &sbuf); } - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,False); DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) ); @@ -4040,7 +4040,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRbadpath); } - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,False); DEBUG( 3, ( "rmdir %s\n", directory ) ); @@ -4712,7 +4712,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, * update after a rename.. */ process_pending_change_notify_queue((time_t)0); - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,False); END_PROFILE(SMBmv); return(outsize); @@ -5043,7 +5043,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_DOS(ERRDOS,ERRbadpath); } - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,False); SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh)); DEBUG(3,("setdir %s\n", newdir)); @@ -5542,7 +5542,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBsetattrE); - outsize = set_message(outbuf,0,0,True); + outsize = set_message(outbuf,0,0,False); if(!fsp || (fsp->conn != conn)) { END_PROFILE(SMBsetattrE); -- cgit From 5445694eb9c7a5e64e7e58feb78c87bc627402b5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 17 Apr 2006 22:32:38 +0000 Subject: r15112: Move strict locking default to auto. Fix up the error return for one of the Samba4 torture tests. Jeremy. (This used to be commit 9db6617756ff155eb7549c3c622a9920189e577d) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0a3fc27be6..0524078310 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5221,7 +5221,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, /* we don't support these - and CANCEL_LOCK makes w2k and XP reboot so I don't really want to be compatible! (tridge) */ - return ERROR_DOS(ERRDOS, ERRnoatomiclocks); + return ERROR_FORCE_DOS(ERRDOS, ERRnoatomiclocks); } if (locktype & LOCKING_ANDX_CANCEL_LOCK) { -- cgit From 4d55a81958a67d5da3227d7af79a5c630f678424 Mon Sep 17 00:00:00 2001 From: James Peach Date: Fri, 5 May 2006 07:15:45 +0000 Subject: r15450: Change profiling data macros to use stack variables rather than globals. This catches mismatched start/end calls and removes the need for special nested profiling calls. (This used to be commit ee750498812190edd3ec52ca3c750258f3b8a97a) --- source3/smbd/reply.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0524078310..387ed4a47f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1085,12 +1085,13 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL mask_contains_wcard = False; BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False; + START_PROFILE(SMBsearch); + if (lp_posix_pathnames()) { + END_PROFILE(SMBsearch); return reply_unknown(inbuf, outbuf); } - START_PROFILE(SMBsearch); - *mask = *directory = *fname = 0; /* If we were called as SMBffirst then we must expect close. */ @@ -1284,12 +1285,13 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size NTSTATUS err; BOOL path_contains_wcard = False; + START_PROFILE(SMBfclose); + if (lp_posix_pathnames()) { + END_PROFILE(SMBfclose); return reply_unknown(inbuf, outbuf); } - START_PROFILE(SMBfclose); - outsize = set_message(outbuf,1,0,True); p = smb_buf(inbuf) + 1; p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, &path_contains_wcard); @@ -1517,13 +1519,13 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size); if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) { close_file(fsp,ERROR_CLOSE); - END_PROFILE(SMBntcreateX); + END_PROFILE(SMBopenX); return ERROR_NT(NT_STATUS_DISK_FULL); } retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size); if (retval < 0) { close_file(fsp,ERROR_CLOSE); - END_PROFILE(SMBwrite); + END_PROFILE(SMBopenX); return ERROR_NT(NT_STATUS_DISK_FULL); } size = get_allocation_size(conn,fsp,&sbuf); @@ -2629,7 +2631,6 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length nread = read_file(fsp,data,startpos,smb_maxcnt); if (nread < 0) { - END_PROFILE(SMBreadX); return(UNIXERROR(ERRDOS,ERRnoaccess)); } -- cgit From bef4969247da237e7b50fd2abd207de92e9bc980 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 30 May 2006 05:24:21 +0000 Subject: r15951: oplock_request must be an int, not a BOOL. We were getting away with mixing types. Not cool. Jeremy. (This used to be commit ad3bc112a21afd3a04449ec3f604e017d753c224) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 387ed4a47f..d333ebf32e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1433,9 +1433,9 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt uint32 smb_attr = SVAL(inbuf,smb_vwv5); /* Breakout the oplock request bits so we can set the reply bits separately. */ - BOOL ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf); - BOOL core_oplock_request = CORE_OPLOCK_REQUEST(inbuf); - BOOL oplock_request = ex_oplock_request | core_oplock_request; + int ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf); + int core_oplock_request = CORE_OPLOCK_REQUEST(inbuf); + int oplock_request = ex_oplock_request | core_oplock_request; #if 0 int smb_sattr = SVAL(inbuf,smb_vwv4); uint32 smb_time = make_unix_date3(inbuf+smb_vwv6); -- cgit From ce61fb21d948bd8e3c7733d542f8ecae1390cbfc Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 20 Jun 2006 02:38:28 +0000 Subject: r16397: Fix Klocwork #11767 and drasticly simplify the logic in smbd/process.c. All interested (Volker, Jerry, James etc). PLEASE REVIEW THIS CHANGE. The logic should be identical but *much* easier to follow and change (and shouldn't confuse Klockwork :-). Jeremy. (This used to be commit d357f8b33594472ffa78d0a112accccc2a8b1fe7) --- source3/smbd/reply.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d333ebf32e..e68e8662d7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -547,6 +547,7 @@ int reply_special(char *inbuf,char *outbuf) /**************************************************************************** Reply to a tcon. + conn POINTER CAN BE NULL HERE ! ****************************************************************************/ int reply_tcon(connection_struct *conn, @@ -605,6 +606,7 @@ int reply_tcon(connection_struct *conn, /**************************************************************************** Reply to a tcon and X. + conn POINTER CAN BE NULL HERE ! ****************************************************************************/ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) @@ -738,6 +740,7 @@ int reply_unknown(char *inbuf,char *outbuf) /**************************************************************************** Reply to an ioctl. + conn POINTER CAN BE NULL HERE ! ****************************************************************************/ int reply_ioctl(connection_struct *conn, @@ -1591,6 +1594,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt /**************************************************************************** Reply to a SMBulogoffX. + conn POINTER CAN BE NULL HERE ! ****************************************************************************/ int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) @@ -3236,6 +3240,7 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int /**************************************************************************** Reply to a exit. + conn POINTER CAN BE NULL HERE ! ****************************************************************************/ int reply_exit(connection_struct *conn, @@ -3511,6 +3516,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, /**************************************************************************** Reply to a tdis. + conn POINTER CAN BE NULL HERE ! ****************************************************************************/ int reply_tdis(connection_struct *conn, @@ -3538,6 +3544,7 @@ int reply_tdis(connection_struct *conn, /**************************************************************************** Reply to a echo. + conn POINTER CAN BE NULL HERE ! ****************************************************************************/ int reply_echo(connection_struct *conn, -- cgit From fbdcf2663b56007a438ac4f0d8d82436b1bfe688 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 11 Jul 2006 18:01:26 +0000 Subject: r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8) --- source3/smbd/reply.c | 172 +++++++++++++++++++++++++++------------------------ 1 file changed, 92 insertions(+), 80 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e68e8662d7..ff3c6832e4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -427,6 +427,7 @@ size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t de } else { *err = check_path_syntax_wcard(dest, tmppath, contains_wcard); } + return ret; } @@ -453,6 +454,7 @@ size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len } else { *err = check_path_syntax(dest, tmppath); } + return ret; } @@ -809,6 +811,14 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBchkpth); + + /* Strange DOS error code semantics only for chkpth... */ + if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) { + if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) { + /* We need to map to ERRbadpath */ + status = NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + } return ERROR_NT(status); } @@ -1370,25 +1380,25 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask, &share_mode, &create_disposition, &create_options)) { END_PROFILE(SMBopen); - return ERROR_FORCE_DOS(ERRDOS, ERRbadaccess); + return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess)); } - fsp = open_file_ntcreate(conn,fname,&sbuf, + status = open_file_ntcreate(conn,fname,&sbuf, access_mask, share_mode, create_disposition, create_options, dos_attr, oplock_request, - &info); + &info, &fsp); - if (!fsp) { + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopen); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ return -1; } - return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); + return ERROR_NT(status); } size = sbuf.st_size; @@ -1493,25 +1503,25 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt &create_disposition, &create_options)) { END_PROFILE(SMBopenX); - return ERROR_FORCE_DOS(ERRDOS, ERRbadaccess); + return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess)); } - fsp = open_file_ntcreate(conn,fname,&sbuf, + status = open_file_ntcreate(conn,fname,&sbuf, access_mask, share_mode, create_disposition, create_options, smb_attr, oplock_request, - &smb_action); + &smb_action, &fsp); - if (!fsp) { + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ return -1; } - return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); + return ERROR_NT(status); } size = sbuf.st_size; @@ -1672,22 +1682,22 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } /* Open file using ntcreate. */ - fsp = open_file_ntcreate(conn,fname,&sbuf, + status = open_file_ntcreate(conn,fname,&sbuf, access_mask, share_mode, create_disposition, create_options, fattr, oplock_request, - NULL); + NULL, &fsp); - if (!fsp) { + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ return -1; } - return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); + return ERROR_NT(status); } outsize = set_message(outbuf,1,0,True); @@ -1756,25 +1766,25 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SMB_VFS_STAT(conn,fname,&sbuf); /* We should fail if file does not exist. */ - fsp = open_file_ntcreate(conn,fname,&sbuf, + status = open_file_ntcreate(conn,fname,&sbuf, FILE_GENERIC_READ | FILE_GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, fattr, oplock_request, - NULL); + NULL, &fsp); /* close fd from smb_mkstemp() */ close(tmpfd); - if (!fsp) { + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBctemp); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ return -1; } - return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); + return ERROR_NT(status); } outsize = set_message(outbuf,1,0,True); @@ -1822,6 +1832,7 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, { files_struct *fsp; uint32 fmode; + NTSTATUS status; if (!CAN_WRITE(conn)) { return NT_STATUS_MEDIA_WRITE_PROTECTED; @@ -1836,25 +1847,16 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, return NT_STATUS_OK; } - /* We need a better way to return NT status codes from open... */ - set_saved_ntstatus(NT_STATUS_OK); - - fsp = open_file_ntcreate(conn, fname, pst, + status = open_file_ntcreate(conn, fname, pst, DELETE_ACCESS, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, FILE_ATTRIBUTE_NORMAL, 0, - NULL); + NULL, &fsp); - if (!fsp) { - NTSTATUS ret = get_saved_ntstatus(); - if (!NT_STATUS_IS_OK(ret)) { - set_saved_ntstatus(NT_STATUS_OK); - return ret; - } - set_saved_ntstatus(NT_STATUS_OK); + if (!NT_STATUS_IS_OK(status)) { return NT_STATUS_ACCESS_DENIED; } close_file(fsp,NORMAL_CLOSE); @@ -1870,6 +1872,7 @@ NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL b SMB_STRUCT_STAT sbuf; uint32 fattr; files_struct *fsp; + NTSTATUS status; DEBUG(10,("can_delete: %s, dirtype = %d\n", fname, dirtype )); @@ -1929,26 +1932,17 @@ NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL b /* On open checks the open itself will check the share mode, so don't do it here as we'll get it wrong. */ - /* We need a better way to return NT status codes from open... */ - set_saved_ntstatus(NT_STATUS_OK); - - fsp = open_file_ntcreate(conn, fname, &sbuf, + status = open_file_ntcreate(conn, fname, &sbuf, DELETE_ACCESS, FILE_SHARE_NONE, FILE_OPEN, 0, FILE_ATTRIBUTE_NORMAL, 0, - NULL); + NULL, &fsp); - if (!fsp) { - NTSTATUS ret = get_saved_ntstatus(); - if (!NT_STATUS_IS_OK(ret)) { - set_saved_ntstatus(NT_STATUS_OK); - return ret; - } - set_saved_ntstatus(NT_STATUS_OK); - return NT_STATUS_ACCESS_DENIED; + if (!NT_STATUS_IS_OK(status)) { + return status; } close_file(fsp,NORMAL_CLOSE); } @@ -1994,8 +1988,8 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name, B * Tine Smukavec . */ - if (!rc && mangle_is_mangled(mask,SNUM(conn))) - mangle_check_cache( mask, sizeof(pstring)-1, SNUM(conn)); + if (!rc && mangle_is_mangled(mask,conn->params)) + mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); if (!has_wild) { pstrcat(directory,"/"); @@ -2331,7 +2325,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s /* ensure we don't overrun the packet size */ maxcount = MIN(65535,maxcount); - if (!is_locked(fsp,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (!is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { SMB_STRUCT_STAT st; SMB_OFF_T size = 0; @@ -2403,7 +2397,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length */ status = do_lock_spin(fsp, - SVAL(inbuf,smb_pid), + (uint32)SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK, @@ -2510,7 +2504,7 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", data = smb_buf(outbuf) + 3; - if (is_locked(fsp,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) { END_PROFILE(SMBread); return ERROR_DOS(ERRDOS,ERRlock); } @@ -2717,7 +2711,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } - if (is_locked(fsp,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) { END_PROFILE(SMBreadX); return ERROR_DOS(ERRDOS,ERRlock); } @@ -2780,7 +2774,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, SCVAL(inbuf,smb_com,SMBwritec); SCVAL(outbuf,smb_com,SMBwritec); - if (is_locked(fsp,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwritebraw); return(ERROR_DOS(ERRDOS,ERRlock)); } @@ -2901,7 +2895,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (numtowrite && is_locked(fsp,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwriteunlock); return ERROR_DOS(ERRDOS,ERRlock); } @@ -2924,7 +2918,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, if (numtowrite) { status = do_unlock(fsp, - SVAL(inbuf,smb_pid), + (uint32)SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtowrite, (SMB_BIG_UINT)startpos, WINDOWS_LOCK); @@ -2978,7 +2972,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); data = smb_buf(inbuf) + 3; - if (is_locked(fsp,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwrite); return ERROR_DOS(ERRDOS,ERRlock); } @@ -3093,7 +3087,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng #endif /* LARGE_SMB_OFF_T */ } - if (is_locked(fsp,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwriteX); return ERROR_DOS(ERRDOS,ERRlock); } @@ -3368,7 +3362,7 @@ int reply_writeclose(connection_struct *conn, mtime = srv_make_unix_date3(inbuf+smb_vwv4); data = smb_buf(inbuf) + 1; - if (numtowrite && is_locked(fsp,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { END_PROFILE(SMBwriteclose); return ERROR_DOS(ERRDOS,ERRlock); } @@ -3439,7 +3433,7 @@ int reply_lock(connection_struct *conn, fsp->fh->fd, fsp->fnum, (double)offset, (double)count)); status = do_lock_spin(fsp, - SVAL(inbuf,smb_pid), + (uint32)SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK, @@ -3494,7 +3488,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); status = do_unlock(fsp, - SVAL(inbuf,smb_pid), + (uint32)SVAL(inbuf,smb_pid), count, offset, WINDOWS_LOCK); @@ -3598,6 +3592,8 @@ int reply_printopen(connection_struct *conn, { int outsize = 0; files_struct *fsp; + NTSTATUS status; + START_PROFILE(SMBsplopen); if (!CAN_PRINT(conn)) { @@ -3606,11 +3602,11 @@ int reply_printopen(connection_struct *conn, } /* Open for exclusive use, write only. */ - fsp = print_fsp_open(conn, NULL); + status = print_fsp_open(conn, NULL, &fsp); - if (!fsp) { + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBsplopen); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return(ERROR_NT(status)); } outsize = set_message(outbuf,1,0,True); @@ -3838,6 +3834,17 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, status = mkdir_internal(conn, directory,bad_path); if (!NT_STATUS_IS_OK(status)) { + + if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION) && + !use_nt_status()) { + /* + * Yes, in the DOS error code case we get a + * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR + * samba4 torture test. + */ + status = NT_STATUS_DOS(ERRDOS, ERRnoaccess); + } + END_PROFILE(SMBmkdir); return ERROR_NT(status); } @@ -4408,14 +4415,14 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, ui * Tine Smukavec . */ - if (!rc && mangle_is_mangled(mask,SNUM(conn))) - mangle_check_cache( mask, sizeof(pstring)-1, SNUM(conn)); + if (!rc && mangle_is_mangled(mask, conn->params)) + mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); if (!has_wild) { /* * No wildcards - just process the one file. */ - BOOL is_short_name = mangle_is_8_3(name, True, SNUM(conn)); + BOOL is_short_name = mangle_is_8_3(name, True, conn->params); /* Add a terminating '/' to the directory name. */ pstrcat(directory,"/"); @@ -4739,6 +4746,7 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, pstring dest; uint32 dosattrs; uint32 new_create_disposition; + NTSTATUS status; *err_ret = 0; @@ -4767,16 +4775,16 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } } - fsp1 = open_file_ntcreate(conn,src,&src_sbuf, + status = open_file_ntcreate(conn,src,&src_sbuf, FILE_GENERIC_READ, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, FILE_ATTRIBUTE_NORMAL, INTERNAL_OPEN_ONLY, - NULL); + NULL, &fsp1); - if (!fsp1) { + if (!NT_STATUS_IS_OK(status)) { return(False); } @@ -4785,16 +4793,16 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, ZERO_STRUCTP(&sbuf2); } - fsp2 = open_file_ntcreate(conn,dest,&sbuf2, + status = open_file_ntcreate(conn,dest,&sbuf2, FILE_GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE, new_create_disposition, 0, dosattrs, INTERNAL_OPEN_ONLY, - NULL); + NULL, &fsp2); - if (!fsp2) { + if (!NT_STATUS_IS_OK(status)) { close_file(fsp1,ERROR_CLOSE); return(False); } @@ -4926,8 +4934,8 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, * Tine Smukavec . */ - if (!rc && mangle_is_mangled(mask, SNUM(conn))) - mangle_check_cache( mask, sizeof(pstring)-1, SNUM(conn)); + if (!rc && mangle_is_mangled(mask, conn->params)) + mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); has_wild = path_contains_wcard1; @@ -4995,8 +5003,12 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, END_PROFILE(SMBcopy); return ERROR_DOS(ERRDOS,error); } else { - if((errno == ENOENT) && (bad_path1 || bad_path2)) { - set_saved_error_triple(ERRDOS, ERRbadpath, NT_STATUS_OK); + if((errno == ENOENT) && (bad_path1 || bad_path2) && + !use_nt_status()) { + /* Samba 3.0.22 has ERRDOS/ERRbadpath in the + * DOS error code case + */ + return ERROR_DOS(ERRDOS, ERRbadpath); } END_PROFILE(SMBcopy); return(UNIXERROR(ERRDOS,error)); @@ -5067,12 +5079,12 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size Get a lock pid, dealing with large count requests. ****************************************************************************/ -uint16 get_lock_pid( char *data, int data_offset, BOOL large_file_format) +uint32 get_lock_pid( char *data, int data_offset, BOOL large_file_format) { if(!large_file_format) - return SVAL(data,SMB_LPID_OFFSET(data_offset)); + return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset)); else - return SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset)); + return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset)); } /**************************************************************************** @@ -5209,7 +5221,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, uint16 num_ulocks = SVAL(inbuf,smb_vwv6); uint16 num_locks = SVAL(inbuf,smb_vwv7); SMB_BIG_UINT count = 0, offset = 0; - uint16 lock_pid; + uint32 lock_pid; int32 lock_timeout = IVAL(inbuf,smb_vwv4); int i; char *data; @@ -5229,7 +5241,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, /* we don't support these - and CANCEL_LOCK makes w2k and XP reboot so I don't really want to be compatible! (tridge) */ - return ERROR_FORCE_DOS(ERRDOS, ERRnoatomiclocks); + return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks)); } if (locktype & LOCKING_ANDX_CANCEL_LOCK) { @@ -5505,7 +5517,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, tcount = maxcount; total_read = 0; - if (is_locked(fsp,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { END_PROFILE(SMBreadBmpx); return ERROR_DOS(ERRDOS,ERRlock); } @@ -5637,7 +5649,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, not an SMBwritebmpx - set this up now so we don't forget */ SCVAL(outbuf,smb_com,SMBwritec); - if (is_locked(fsp,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) { + if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) { END_PROFILE(SMBwriteBmpx); return(ERROR_DOS(ERRDOS,ERRlock)); } -- cgit From e1da1fcf12164f50f3462c90f0bb785d18c59b0b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 17 Jul 2006 21:09:02 +0000 Subject: r17098: Samba3 now cleanly passes Samba4 RAW-LOCK torture test. Phew - that was painful :-). But what it means is that we now implement lock cancels and I can add lock cancels into POSIX lock handling which will fix the fast/slow system call issue with cifsfs ! Jeremy. (This used to be commit f1a9cf075b87c76c032d19da0168424c90f6cb3c) --- source3/smbd/reply.c | 123 +++++++++++++++++++++++++++++++-------------------- 1 file changed, 76 insertions(+), 47 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ff3c6832e4..ec618db3f8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2371,7 +2371,6 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length size_t numtoread; NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); - BOOL my_lock_ctx = False; START_PROFILE(SMBlockread); CHECK_FSP(fsp,conn); @@ -2396,13 +2395,13 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * Note that the requested lock size is unaffected by max_recv. */ - status = do_lock_spin(fsp, - (uint32)SVAL(inbuf,smb_pid), - (SMB_BIG_UINT)numtoread, - (SMB_BIG_UINT)startpos, - WRITE_LOCK, - WINDOWS_LOCK, - &my_lock_ctx); + status = do_lock(fsp, + (uint32)SVAL(inbuf,smb_pid), + (SMB_BIG_UINT)numtoread, + (SMB_BIG_UINT)startpos, + WRITE_LOCK, + WINDOWS_LOCK, + 0 /* zero timeout. */); if (NT_STATUS_V(status)) { #if 0 @@ -2412,7 +2411,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * tester. JRA. */ - if (lp_blocking_locks(SNUM(conn)) && !my_lock_ctx && ERROR_WAS_LOCK_DENIED(status)) { + if (lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it @@ -3418,7 +3417,6 @@ int reply_lock(connection_struct *conn, SMB_BIG_UINT count,offset; NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); - BOOL my_lock_ctx = False; START_PROFILE(SMBlock); @@ -3432,17 +3430,18 @@ int reply_lock(connection_struct *conn, DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fh->fd, fsp->fnum, (double)offset, (double)count)); - status = do_lock_spin(fsp, - (uint32)SVAL(inbuf,smb_pid), - count, - offset, - WRITE_LOCK, - WINDOWS_LOCK, - &my_lock_ctx); + status = do_lock(fsp, + (uint32)SVAL(inbuf,smb_pid), + count, + offset, + WRITE_LOCK, + WINDOWS_LOCK, + 0 /* zero timeout. */); + if (NT_STATUS_V(status)) { #if 0 /* Tests using Samba4 against W2K show this call never creates a blocking lock. */ - if (lp_blocking_locks(SNUM(conn)) && !my_lock_ctx && ERROR_WAS_LOCK_DENIED(status)) { + if (lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { /* * A blocking lock was requested. Package up * this smb into a queued request and push it @@ -5228,7 +5227,6 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, BOOL large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; BOOL err; - BOOL my_lock_ctx = False; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; START_PROFILE(SMBlockingX); @@ -5244,11 +5242,6 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks)); } - if (locktype & LOCKING_ANDX_CANCEL_LOCK) { - /* Need to make this like a cancel.... JRA. */ - return ERROR_NT(NT_STATUS_UNSUCCESSFUL); - } - /* Check if this is an oplock break on a file we have granted an oplock on. */ @@ -5360,7 +5353,11 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, /* Setup the timeout in seconds. */ - lock_timeout = ((lock_timeout == -1) ? -1 : (lock_timeout+999)/1000); + if (lp_blocking_locks(SNUM(conn))) { + lock_timeout = ((lock_timeout == -1) ? -1 : (lock_timeout+999)/1000); + } else { + lock_timeout = 0; + } /* Now do any requested locks */ data += ((large_file_format ? 20 : 10)*num_ulocks); @@ -5369,7 +5366,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, of smb_lkrng structs */ for(i = 0; i < (int)num_locks; i++) { - enum brl_type lock_type = ((locktype & 1) ? READ_LOCK:WRITE_LOCK); + enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ? + READ_LOCK:WRITE_LOCK); lock_pid = get_lock_pid( data, i, large_file_format); count = get_lock_count( data, i, large_file_format); offset = get_lock_offset( data, i, large_file_format, &err); @@ -5387,31 +5385,54 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, (double)count, (unsigned int)lock_pid, fsp->fsp_name, (int)lock_timeout )); - status = do_lock_spin(fsp, + if (locktype & LOCKING_ANDX_CANCEL_LOCK) { + if (lp_blocking_locks(SNUM(conn))) { + + /* Schedule a message to ourselves to + remove the blocking lock record and + return the right error. */ + + if (!blocking_lock_cancel(fsp, + lock_pid, + offset, + count, + WINDOWS_LOCK, + locktype, + NT_STATUS_FILE_LOCK_CONFLICT)) { + END_PROFILE(SMBlockingX); + return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRcancelviolation)); + } + } + /* Remove a matching pending lock. */ + status = do_lock_cancel(fsp, + lock_pid, + count, + offset, + WINDOWS_LOCK); + } else { + status = do_lock(fsp, lock_pid, count, offset, lock_type, WINDOWS_LOCK, - &my_lock_ctx); + lock_timeout); - if (NT_STATUS_V(status)) { - /* - * Interesting fact found by IFSTEST /t - * LockOverlappedTest... Even if it's our own lock - * context, we need to wait here as there may be an - * unlock on the way. So I removed a "&& - * !my_lock_ctx" from the following if statement. JRA. - */ - if ((lock_timeout != 0) && - lp_blocking_locks(SNUM(conn)) && - ERROR_WAS_LOCK_DENIED(status)) { + if (NT_STATUS_V(status)) { /* - * A blocking lock was requested. Package up - * this smb into a queued request and push it - * onto the blocking lock queue. + * Interesting fact found by IFSTEST /t + * LockOverlappedTest... Even if it's our own lock + * context, we need to wait here as there may be an + * unlock on the way. JRA. */ - if(push_blocking_lock_request(inbuf, length, + if ((lock_timeout != 0) && + ERROR_WAS_LOCK_DENIED(status)) { + /* + * A blocking lock was requested. Package up + * this smb into a queued request and push it + * onto the blocking lock queue. + */ + if(push_blocking_lock_request(inbuf, length, fsp, lock_timeout, i, @@ -5420,17 +5441,25 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, WINDOWS_LOCK, offset, count)) { - END_PROFILE(SMBlockingX); - return -1; + END_PROFILE(SMBlockingX); + return -1; + } } } - break; + } + + if (NT_STATUS_V(status)) { + END_PROFILE(SMBlockingX); + return ERROR_NT(status); } } /* If any of the above locks failed, then we must unlock all of the previous locks (X/Open spec). */ - if (i != num_locks && num_locks != 0) { + + if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) && + (i != num_locks) && + (num_locks != 0)) { /* * Ensure we don't do a remove on the lock that just failed, * as under POSIX rules, if we have a lock already there, we -- cgit From b737f26764cce935d9482335ece11c71a96720f4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Jul 2006 01:05:51 +0000 Subject: r17105: Fix the race Volker found - we had a non-locked region between detecting a pending lock was needed and when we added the blocking lock record. Make sure that we hold the lock over all this period. Removed the old code for doing blocking locks on SMB requests that never block (the old SMBlock and friends). Discovered something interesting about the strange NT_STATUS_FILE_LOCK_CONFLICT return. If we asked for a lock with zero timeout, and we got an error of NT_STATUS_FILE_LOCK_CONFLICT, treat it as though it was a blocking lock with a timeout of 150 - 300ms. This only happens when timeout is sent as zero and can be seen quite clearly in ethereal. This is the real replacement for old do_lock_spin() code. Re-worked the blocking lock select timeout to correctly use milliseconds instead of the old second level resolution (far too coarse for this work). Jeremy. (This used to be commit b81d6d1ae95a3d3e449dde629884b565eac289d9) --- source3/smbd/reply.c | 134 ++++++++++++++++++++------------------------------- 1 file changed, 53 insertions(+), 81 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ec618db3f8..6176edb52d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2371,6 +2371,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length size_t numtoread; NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + struct byte_range_lock *br_lck = NULL; START_PROFILE(SMBlockread); CHECK_FSP(fsp,conn); @@ -2395,42 +2396,17 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * Note that the requested lock size is unaffected by max_recv. */ - status = do_lock(fsp, + br_lck = do_lock(fsp, (uint32)SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK, WINDOWS_LOCK, - 0 /* zero timeout. */); + False, /* Non-blocking lock. */ + &status); + TALLOC_FREE(br_lck); if (NT_STATUS_V(status)) { -#if 0 - /* - * We used to make lockread a blocking lock. It turns out - * that this isn't on W2k. Found by the Samba 4 RAW-READ torture - * tester. JRA. - */ - - if (lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { - /* - * A blocking lock was requested. Package up - * this smb into a queued request and push it - * onto the blocking lock queue. - */ - if(push_blocking_lock_request(inbuf, length, - fsp, - -1, - 0, - SVAL(inbuf,smb_pid), - WRITE_LOCK, - WINDOWS_LOCK, - (SMB_BIG_UINT)startpos, - (SMB_BIG_UINT)numtoread)) { - END_PROFILE(SMBlockread); - return -1; - } - } -#endif END_PROFILE(SMBlockread); return ERROR_NT(status); } @@ -3417,6 +3393,7 @@ int reply_lock(connection_struct *conn, SMB_BIG_UINT count,offset; NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + struct byte_range_lock *br_lck = NULL; START_PROFILE(SMBlock); @@ -3430,36 +3407,18 @@ int reply_lock(connection_struct *conn, DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fh->fd, fsp->fnum, (double)offset, (double)count)); - status = do_lock(fsp, + br_lck = do_lock(fsp, (uint32)SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK, WINDOWS_LOCK, - 0 /* zero timeout. */); + False, /* Non-blocking lock. */ + &status); + + TALLOC_FREE(br_lck); if (NT_STATUS_V(status)) { -#if 0 - /* Tests using Samba4 against W2K show this call never creates a blocking lock. */ - if (lp_blocking_locks(SNUM(conn)) && ERROR_WAS_LOCK_DENIED(status)) { - /* - * A blocking lock was requested. Package up - * this smb into a queued request and push it - * onto the blocking lock queue. - */ - if(push_blocking_lock_request(inbuf, length, - fsp, - -1, - 0, - SVAL(inbuf,smb_pid), - WRITE_LOCK, - WINDOWS_LOCK, - offset, count)) { - END_PROFILE(SMBlock); - return -1; - } - } -#endif END_PROFILE(SMBlock); return ERROR_NT(status); } @@ -5353,9 +5312,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, /* Setup the timeout in seconds. */ - if (lp_blocking_locks(SNUM(conn))) { - lock_timeout = ((lock_timeout == -1) ? -1 : (lock_timeout+999)/1000); - } else { + if (!lp_blocking_locks(SNUM(conn))) { lock_timeout = 0; } @@ -5410,42 +5367,57 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, offset, WINDOWS_LOCK); } else { - status = do_lock(fsp, + BOOL blocking_lock = lock_timeout ? True : False; + BOOL defer_lock = False; + struct byte_range_lock *br_lck; + + br_lck = do_lock(fsp, lock_pid, count, offset, lock_type, WINDOWS_LOCK, - lock_timeout); + blocking_lock, + &status); - if (NT_STATUS_V(status)) { + if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) { + defer_lock = True; + } + + /* This heuristic seems to match W2K3 very well. If a + lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT + it pretends we asked for a timeout of between 150 - 300 milliseconds as + far as I can tell. Replacement for do_lock_spin(). JRA. */ + + if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock && + NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) { + defer_lock = True; + lock_timeout = 200; + } + + if (br_lck && defer_lock) { /* - * Interesting fact found by IFSTEST /t - * LockOverlappedTest... Even if it's our own lock - * context, we need to wait here as there may be an - * unlock on the way. JRA. + * A blocking lock was requested. Package up + * this smb into a queued request and push it + * onto the blocking lock queue. */ - if ((lock_timeout != 0) && - ERROR_WAS_LOCK_DENIED(status)) { - /* - * A blocking lock was requested. Package up - * this smb into a queued request and push it - * onto the blocking lock queue. - */ - if(push_blocking_lock_request(inbuf, length, - fsp, - lock_timeout, - i, - lock_pid, - lock_type, - WINDOWS_LOCK, - offset, - count)) { - END_PROFILE(SMBlockingX); - return -1; - } + if(push_blocking_lock_request(br_lck, + inbuf, length, + fsp, + lock_timeout, + i, + lock_pid, + lock_type, + WINDOWS_LOCK, + offset, + count)) { + TALLOC_FREE(br_lck); + END_PROFILE(SMBlockingX); + return -1; } } + + TALLOC_FREE(br_lck); } if (NT_STATUS_V(status)) { -- cgit From a456a3130925e946975620131f75b7c82e8a096b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Jul 2006 01:17:54 +0000 Subject: r17106: Match Windows timing values on locks. Jeremy. (This used to be commit b5aaff665937313370e0e87225e146f9af7b7e67) --- source3/smbd/reply.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6176edb52d..bb79918675 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5381,6 +5381,11 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, &status); if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) { + /* Windows internal resolution for blocking locks seems + to be about 200ms... Don't wait for less than that. JRA. */ + if (lock_timeout != -1 && lock_timeout < 200) { + lock_timeout = 200; + } defer_lock = True; } -- cgit From 38af904c314396091de1062ec19591326abddec6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Jul 2006 01:20:26 +0000 Subject: r17107: Make the 200 ms timeout value tunable in local.h... Might need to be a parameter ? Jeremy. (This used to be commit 98d8d9399bb287319578daaf2a2fb42f3c48f858) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bb79918675..f1ac098e7d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5383,8 +5383,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) { /* Windows internal resolution for blocking locks seems to be about 200ms... Don't wait for less than that. JRA. */ - if (lock_timeout != -1 && lock_timeout < 200) { - lock_timeout = 200; + if (lock_timeout != -1 && lock_timeout < WINDOWS_MINIMUM_LOCK_TIMEOUT_MS) { + lock_timeout = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; } defer_lock = True; } @@ -5397,7 +5397,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock && NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) { defer_lock = True; - lock_timeout = 200; + lock_timeout = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; } if (br_lck && defer_lock) { -- cgit From 1cd8d56fdab18a0bcedffba6476f8208d2185040 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Jul 2006 01:29:43 +0000 Subject: r17108: Make the default timeout parameter for lock waiting be lp_lock_spin(). lock spin count is no longer used. I'll update the man pages. Jeremy. (This used to be commit 0451a170c9be88399202abd225af35ddc45023f0) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f1ac098e7d..edaf5d8062 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5383,8 +5383,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) { /* Windows internal resolution for blocking locks seems to be about 200ms... Don't wait for less than that. JRA. */ - if (lock_timeout != -1 && lock_timeout < WINDOWS_MINIMUM_LOCK_TIMEOUT_MS) { - lock_timeout = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; + if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) { + lock_timeout = lp_lock_spin_time(); } defer_lock = True; } @@ -5397,7 +5397,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock && NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) { defer_lock = True; - lock_timeout = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; + lock_timeout = lp_lock_spin_time(); } if (br_lck && defer_lock) { -- cgit From 120422f7233446e8ca366ee7c4593cdbead79508 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 25 Jul 2006 00:16:45 +0000 Subject: r17220: If we're going to fail a write with an errno, make sure we return -1. Jeremy. (This used to be commit 89b83237b03066785ca4bf3b9d120519bddeffad) --- source3/smbd/reply.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index edaf5d8062..e38edadee4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2807,6 +2807,10 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, } nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite); + if (nwritten == -1) { + END_PROFILE(SMBwritebraw); + return(UNIXERROR(ERRHRD,ERRdiskfull)); + } if (nwritten < (ssize_t)numtowrite) { SCVAL(outbuf,smb_rcls,ERRHRD); -- cgit From f18c9365caaad75c0f4c9e26b89327a75cfcb3e6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 21 Sep 2006 17:00:07 +0000 Subject: r18787: Fix the strlen_m and strlen_m_term code by merging in (and using elsewhere) next_codepoint from Samba4. Jerry please test. Jeremy. (This used to be commit ece00b70a4621633f1ac9e576c4bbe332031de09) --- source3/smbd/reply.c | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e38edadee4..a0596643f8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -132,13 +132,22 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) break; } } else { - switch(next_mb_char_size(s)) { + size_t siz; + /* Get the size of the next MB character. */ + next_codepoint(s,&siz); + switch(siz) { + case 5: + *d++ = *s++; + /*fall through*/ case 4: *d++ = *s++; + /*fall through*/ case 3: *d++ = *s++; + /*fall through*/ case 2: *d++ = *s++; + /*fall through*/ case 1: *d++ = *s++; break; @@ -266,7 +275,13 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL * } *d++ = *s++; } else { - switch(next_mb_char_size(s)) { + size_t siz; + /* Get the size of the next MB character. */ + next_codepoint(s,&siz); + switch(siz) { + case 5: + *d++ = *s++; + /*fall through*/ case 4: *d++ = *s++; /*fall through*/ @@ -374,7 +389,13 @@ NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname) if (!(*s & 0x80)) { *d++ = *s++; } else { - switch(next_mb_char_size(s)) { + size_t siz; + /* Get the size of the next MB character. */ + next_codepoint(s,&siz); + switch(siz) { + case 5: + *d++ = *s++; + /*fall through*/ case 4: *d++ = *s++; /*fall through*/ -- cgit From 0379e088dc8220d7d9f0509a22ac39633f53f899 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 17 Dec 2006 18:41:44 +0000 Subject: r20229: Avoid a silly function call in mkdir_internal. None of the callers look at errno, all go straight to ERROR_NT(status). Volker (This used to be commit 9d8b48c0ef0af5792b879565915832ee141c853c) --- source3/smbd/reply.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a0596643f8..2e71607402 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3755,8 +3755,7 @@ NTSTATUS mkdir_internal(connection_struct *conn, const pstring directory, BOOL b if(!CAN_WRITE(conn)) { DEBUG(5,("mkdir_internal: failing create on read-only share %s\n", lp_servicename(SNUM(conn)))); - errno = EACCES; - return map_nt_error_from_unix(errno); + return NT_STATUS_ACCESS_DENIED; } if (bad_path) { -- cgit From 5bb49b08f3d79ef9ee17dbbd64ce90dc438d96df Mon Sep 17 00:00:00 2001 From: James Peach Date: Mon, 18 Dec 2006 04:25:21 +0000 Subject: r20237: Replace exit_server with exit_server_cleanly where appropriate. All send_smb failures should be clean exits. All times when we exit as a matter of policy should also be clean exits. (This used to be commit d6382092e72120a3c89ffe81975e8898d454bf06) --- source3/smbd/reply.c | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2e71607402..c069bd28b9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -503,7 +503,7 @@ int reply_special(char *inbuf,char *outbuf) case 0x81: /* session request */ if (already_got_session) { - exit_server("multiple session request not permitted"); + exit_server_cleanly("multiple session request not permitted"); } SCVAL(outbuf,0,0x82); @@ -2149,7 +2149,7 @@ static void fail_readraw(void) pstring errstr; slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)", strerror(errno) ); - exit_server(errstr); + exit_server_cleanly(errstr); } #if defined(WITH_SENDFILE) @@ -2231,14 +2231,14 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st if (fake_sendfile(fsp, startpos, nread, outbuf + 4, out_buffsize - 4) == -1) { DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n", fsp->fsp_name, strerror(errno) )); - exit_server("send_file_readbraw fake_sendfile failed"); + exit_server_cleanly("send_file_readbraw fake_sendfile failed"); } return; } DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n", fsp->fsp_name, strerror(errno) )); - exit_server("send_file_readbraw sendfile failed"); + exit_server_cleanly("send_file_readbraw sendfile failed"); } } @@ -2277,7 +2277,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s START_PROFILE(SMBreadbraw); if (srv_is_signing_active()) { - exit_server("reply_readbraw: SMB signing is active - raw reads/writes are disallowed."); + exit_server_cleanly("reply_readbraw: SMB signing is active - raw reads/writes are disallowed."); } /* @@ -2599,7 +2599,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length len_outbuf - (data-outbuf))) == -1) { DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n", fsp->fsp_name, strerror(errno) )); - exit_server("send_file_readX: fake_sendfile failed"); + exit_server_cleanly("send_file_readX: fake_sendfile failed"); } DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); @@ -2609,7 +2609,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n", fsp->fsp_name, strerror(errno) )); - exit_server("send_file_readX sendfile failed"); + exit_server_cleanly("send_file_readX sendfile failed"); } DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n", @@ -2743,7 +2743,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, START_PROFILE(SMBwritebraw); if (srv_is_signing_active()) { - exit_server("reply_writebraw: SMB signing is active - raw reads/writes are disallowed."); + exit_server_cleanly("reply_writebraw: SMB signing is active - raw reads/writes are disallowed."); } CHECK_FSP(fsp,conn); @@ -2794,11 +2794,11 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) - exit_server("reply_writebraw: send_smb failed."); + exit_server_cleanly("reply_writebraw: send_smb failed."); /* Now read the raw data into the buffer and write it */ if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) { - exit_server("secondary writebraw failed"); + exit_server_cleanly("secondary writebraw failed"); } /* Even though this is not an smb message, smb_len returns the generic length of an smb message */ @@ -2813,7 +2813,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, if (numtowrite > BUFFER_SIZE) { DEBUG(0,("reply_writebraw: Oversize secondary write raw requested (%u). Terminating\n", (unsigned int)numtowrite )); - exit_server("secondary writebraw failed"); + exit_server_cleanly("secondary writebraw failed"); } if (tcount > nwritten+numtowrite) { @@ -2824,7 +2824,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, if (read_data( smbd_server_fd(), inbuf+4, numtowrite) != numtowrite ) { DEBUG(0,("reply_writebraw: Oversize secondary write raw read failed (%s). Terminating\n", strerror(errno) )); - exit_server("secondary writebraw failed"); + exit_server_cleanly("secondary writebraw failed"); } nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite); @@ -2859,7 +2859,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA. */ if (!send_keepalive(smbd_server_fd())) - exit_server("reply_writebraw: send of keepalive failed"); + exit_server_cleanly("reply_writebraw: send of keepalive failed"); #endif return(-1); } @@ -3555,7 +3555,7 @@ int reply_echo(connection_struct *conn, show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) - exit_server("reply_echo: send_smb failed."); + exit_server_cleanly("reply_echo: send_smb failed."); } DEBUG(3,("echo %d times\n", smb_reverb)); @@ -5571,7 +5571,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) - exit_server("reply_readbmpx: send_smb failed."); + exit_server_cleanly("reply_readbmpx: send_smb failed."); total_read += nread; startpos += nread; @@ -5733,7 +5733,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, smb_setlen(outbuf,outsize - 4); show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) - exit_server("reply_writebmpx: send_smb failed."); + exit_server_cleanly("reply_writebmpx: send_smb failed."); /* Now the secondary */ outsize = set_message(outbuf,1,0,True); -- cgit From f4f1814f8c7135577c8b774aacb8eed042380788 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 19 Dec 2006 16:36:54 +0000 Subject: r20253: Reduce some code duplication, make reply_mkdir go through the same code paths ncreate does. This is a bit slower (about 10-20%), because it goes touches the share mode db, but I think not having to call change_owner_to_parent and friends in fewer places outweighs this. And, mkdir is not the way current Windows boxes create directories, they do it via the ncreate call. Volker (This used to be commit ddae494fbe36e4a74776f71c212b00cce61fbf81) --- source3/smbd/reply.c | 35 ++++++++++------------------------- 1 file changed, 10 insertions(+), 25 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c069bd28b9..a7804d3f43 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3795,6 +3795,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, NTSTATUS status; BOOL bad_path = False; SMB_STRUCT_STAT sbuf; + files_struct *fsp; START_PROFILE(SMBmkdir); @@ -3808,17 +3809,17 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_convert(directory,conn,0,&bad_path,&sbuf); - if( is_ntfs_stream_name(directory)) { - DEBUG(5,("reply_mkdir: failing create on filename %s with colon in name\n", directory)); - END_PROFILE(SMBmkdir); - return ERROR_NT(NT_STATUS_NOT_A_DIRECTORY); - } + status = open_directory(conn, directory, &sbuf, + FILE_READ_ATTRIBUTES, /* Just a stat open */ + FILE_SHARE_NONE, /* Ignored for stat opens */ + FILE_CREATE, 0, NULL, &fsp); + + DEBUG(1, ("open_directory returned %s\n", nt_errstr(status))); - status = mkdir_internal(conn, directory,bad_path); if (!NT_STATUS_IS_OK(status)) { - if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION) && - !use_nt_status()) { + if (NT_STATUS_EQUAL( + status, NT_STATUS_DOS(ERRDOS, ERRfilexists))) { /* * Yes, in the DOS error code case we get a * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR @@ -3831,23 +3832,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - if (lp_inherit_owner(SNUM(conn))) { - /* Ensure we're checking for a symlink here.... */ - /* We don't want to get caught by a symlink racer. */ - - if(SMB_VFS_LSTAT(conn,directory, &sbuf) != 0) { - END_PROFILE(SMBmkdir); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - - if(!S_ISDIR(sbuf.st_mode)) { - DEBUG(0,("reply_mkdir: %s is not a directory !\n", directory )); - END_PROFILE(SMBmkdir); - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } - - change_owner_to_parent(conn, NULL, directory, &sbuf); - } + close_file(fsp, NORMAL_CLOSE); outsize = set_message(outbuf,0,0,False); -- cgit From 9e41616b0667565e53bdff344165d0df6753b433 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 19 Dec 2006 22:13:10 +0000 Subject: r20264: Two lines above this we just checked if (fsp->is_directory) ... (This used to be commit 88ab54b3b7ec6c0ac1958fca435880e29eeefd69) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a7804d3f43..b8ee13043b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3289,7 +3289,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, /* * Special case - close NT SMB directory handle. */ - DEBUG(3,("close %s fnum=%d\n", fsp->is_directory ? "directory" : "stat file open", fsp->fnum)); + DEBUG(3,("close directory fnum=%d\n", fsp->fnum)); close_file(fsp,NORMAL_CLOSE); } else { /* -- cgit From 469b42c61f73c0bd5166c33a909b3c68c1fb9dde Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 24 Dec 2006 11:13:32 +0000 Subject: r20338: Restructure open_directory a bit. This gets rid of a race condition regarding error messages: We relied upon a stat that a directory did not exist to later on then do the mkdir or not. This does the mkdir directly and copes with a potential error. The second one is more important: It's possible with Samba 3 to do a ntcreate&x with NTCREATEX_OPTIONS_DIRECTORY and we happily do a NT_STATUS_OK. Also move up the use_nt_status() logic a bit. I think this does not belong into the core routines, the smb server as such should take care of it. Jeremy, do you think this should go to 3.0.24? I'll update samba4torture when the build farm has picked up this checkin. Volker (This used to be commit 472fb11f4968d30cedc9851215c63acd3132f3db) --- source3/smbd/reply.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b8ee13043b..282779fcd3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3818,8 +3818,9 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!NT_STATUS_IS_OK(status)) { - if (NT_STATUS_EQUAL( - status, NT_STATUS_DOS(ERRDOS, ERRfilexists))) { + if (!use_nt_status() + && NT_STATUS_EQUAL(status, + NT_STATUS_OBJECT_NAME_COLLISION)) { /* * Yes, in the DOS error code case we get a * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR -- cgit From d0c6f9b728936297efd002008b69a59da6bbfabc Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 24 Dec 2006 11:45:55 +0000 Subject: r20339: Make mkdir_internal static to open.c (This used to be commit 6dd0886b49969d0edfe16861f19d35275217b2af) --- source3/smbd/reply.c | 50 ++------------------------------------------------ 1 file changed, 2 insertions(+), 48 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 282779fcd3..a156409942 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3744,46 +3744,6 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ return(outsize); } -/**************************************************************************** - The guts of the mkdir command, split out so it may be called by the NT SMB - code. -****************************************************************************/ - -NTSTATUS mkdir_internal(connection_struct *conn, const pstring directory, BOOL bad_path) -{ - int ret= -1; - - if(!CAN_WRITE(conn)) { - DEBUG(5,("mkdir_internal: failing create on read-only share %s\n", lp_servicename(SNUM(conn)))); - return NT_STATUS_ACCESS_DENIED; - } - - if (bad_path) { - return NT_STATUS_OBJECT_PATH_NOT_FOUND; - } - - if (!check_name(directory, conn)) { - if(errno == ENOENT) { - if (bad_path) { - return NT_STATUS_OBJECT_PATH_NOT_FOUND; - } else { - return NT_STATUS_OBJECT_NAME_NOT_FOUND; - } - } - return map_nt_error_from_unix(errno); - } - - ret = vfs_MkDir(conn,directory,unix_mode(conn,aDIR,directory,True)); - if (ret == -1) { - if(errno == ENOENT) { - return NT_STATUS_OBJECT_NAME_NOT_FOUND; - } - return map_nt_error_from_unix(errno); - } - - return NT_STATUS_OK; -} - /**************************************************************************** Reply to a mkdir. ****************************************************************************/ @@ -3795,7 +3755,6 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, NTSTATUS status; BOOL bad_path = False; SMB_STRUCT_STAT sbuf; - files_struct *fsp; START_PROFILE(SMBmkdir); @@ -3809,12 +3768,9 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, unix_convert(directory,conn,0,&bad_path,&sbuf); - status = open_directory(conn, directory, &sbuf, - FILE_READ_ATTRIBUTES, /* Just a stat open */ - FILE_SHARE_NONE, /* Ignored for stat opens */ - FILE_CREATE, 0, NULL, &fsp); + status = create_directory(conn, directory); - DEBUG(1, ("open_directory returned %s\n", nt_errstr(status))); + DEBUG(1, ("create_directory returned %s\n", nt_errstr(status))); if (!NT_STATUS_IS_OK(status)) { @@ -3833,8 +3789,6 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - close_file(fsp, NORMAL_CLOSE); - outsize = set_message(outbuf,0,0,False); DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) ); -- cgit From 654f747e6df985b6b519925662bf1014b98d1670 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 28 Dec 2006 00:01:12 +0000 Subject: r20370: Now we've gone to the trouble of getting an NT status from open_file_ntcreate make sure we return it on rename error. Jeremy. (This used to be commit 633f02fb860223585f388e64c1a2d770db52d4f0) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a156409942..1bd87a5a13 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1878,7 +1878,7 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, NULL, &fsp); if (!NT_STATUS_IS_OK(status)) { - return NT_STATUS_ACCESS_DENIED; + return status; } close_file(fsp,NORMAL_CLOSE); return NT_STATUS_OK; -- cgit From 3430c1ddb825a458f294e48c351be010698bad69 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 28 Dec 2006 00:10:55 +0000 Subject: r20371: In renames (via SMBmv) both src and dest can contain wcards. I had forgotten this and had refused to allow dest to contain wcards. We now pass all the normal Samba4 smbtorture RAW-RENAME tests. Jeremy (This used to be commit 4183c1b49fd5a6107aa87249b7be236af092ed8b) --- source3/smbd/reply.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1bd87a5a13..ec588d4478 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4612,18 +4612,19 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, char *p; uint32 attrs = SVAL(inbuf,smb_vwv0); NTSTATUS status; - BOOL path_contains_wcard = False; + BOOL path1_contains_wcard = False; + BOOL path2_contains_wcard = False; START_PROFILE(SMBmv); p = smb_buf(inbuf) + 1; - p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard); + p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path1_contains_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); } p++; - p += srvstr_get_path(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status); + p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &path2_contains_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); @@ -4634,7 +4635,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - status = rename_internals(conn, name, newname, attrs, False, path_contains_wcard); + status = rename_internals(conn, name, newname, attrs, False, path1_contains_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); if (open_was_deferred(SVAL(inbuf,smb_mid))) { -- cgit From 143a364d6253125c27e229d533940a6822ce7575 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 28 Dec 2006 21:34:31 +0000 Subject: r20393: Debug level 1 is a bit excessive here (This used to be commit 48798b5e57fcb2ee7debfe9d5178adef37907f92) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ec588d4478..f6d5211310 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3770,7 +3770,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, status = create_directory(conn, directory); - DEBUG(1, ("create_directory returned %s\n", nt_errstr(status))); + DEBUG(5, ("create_directory returned %s\n", nt_errstr(status))); if (!NT_STATUS_IS_OK(status)) { -- cgit From 98c082489bec0a0ce4db1daf4390e785381f229a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 28 Dec 2006 21:50:31 +0000 Subject: r20394: This is a *VERY* early start of my work on notify. Checking in because Jeremy was bugging me. Potentially this becomes quite intrusive, I'm not sure if I should open a temporary branch for this. Jeremy, Jerry, do you think 3_0 is the right place for this? Volker (This used to be commit bcf5c751cbe203c00814642e26440cf88f300bce) --- source3/smbd/reply.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f6d5211310..f10b649bf1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3860,7 +3860,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) The internals of the rmdir code - called elsewhere. ****************************************************************************/ -BOOL rmdir_internals(connection_struct *conn, char *directory) +BOOL rmdir_internals(connection_struct *conn, const char *directory) { BOOL ok; SMB_STRUCT_STAT st; @@ -3933,10 +3933,25 @@ BOOL rmdir_internals(connection_struct *conn, char *directory) } } - if (!ok) - DEBUG(3,("rmdir_internals: couldn't remove directory %s : %s\n", directory,strerror(errno))); + if (!ok) { + DEBUG(3,("rmdir_internals: couldn't remove directory %s : " + "%s\n", directory,strerror(errno))); + return False; + } + + { + char *parent_dir; + const char *dirname; + + if (parent_dirname_talloc(tmp_talloc_ctx(), directory, + &parent_dir, &dirname)) { + notify_action(conn, parent_dir, dirname, + NOTIFY_ACTION_REMOVED); + TALLOC_FREE(parent_dir); /* Not strictly necessary */ + } + } - return ok; + return True; } /**************************************************************************** -- cgit From 165f5f3f40317c1e75d60a977270f903f7475f69 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 31 Dec 2006 10:16:03 +0000 Subject: r20433: Work in progress: Survive more of RAW-NOTIFY. call_nt_transact_notify_change() is now sync if there are changes around. A notify_message does a direct reply from within the message, so process_pending_change_notify_queue is not needed anymore for samba-generated events. Next step is to restructure the kernel-mechanisms to generate messages. Volker (This used to be commit c813f71d0036ec52c99a97e60fe33ee47d0635fa) --- source3/smbd/reply.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f10b649bf1..935e8033a5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1975,10 +1975,12 @@ NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL b code. ****************************************************************************/ -NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name, BOOL has_wild) +NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, + char *name, BOOL has_wild) { pstring directory; pstring mask; + pstring orig_name; char *p; int count=0; NTSTATUS error = NT_STATUS_OK; @@ -1989,6 +1991,11 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name, B *directory = *mask = 0; rc = unix_convert(name,conn,0,&bad_path,&sbuf); + + /* + * Feel my pain, this code needs rewriting *very* badly! -- vl + */ + pstrcpy(orig_name, name); p = strrchr_m(name,'/'); if (!p) { @@ -2089,6 +2096,18 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name, B error = map_nt_error_from_unix(errno); } + { + char *dir; + const char *fname; + + if (parent_dirname_talloc(tmp_talloc_ctx(), orig_name, + &dir, &fname)) { + notify_action(conn, dir, fname, + NOTIFY_ACTION_REMOVED); + TALLOC_FREE(dir); /* not strictly necessary */ + } + } + return error; } -- cgit From 200bd10b32107b4ce8fc72cc2abbf5a247708ba6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 31 Dec 2006 17:52:24 +0000 Subject: r20442: Slight rewrite of the change notify infrastructure. This now survives the first of the raw-notify subtests, the one-level test_notify_dir without any flags around yet. The tricky part was getting the data structures right, I hope the next tests don't let that fall over. fsp->notify is now by default NULL, meaning that nobody has issued a changenotify call. This means nobody is interested in changes for this directory. If that has happened, notify_change_buf collects the changes if no current request is outstanding, and it collects the requests if no change has happened since the last request. Happy New Year, somewhere on this planet it's already 2007 :-) Volker P.S: Jeremy, there's a question for you in smbd/files.c line 367. (This used to be commit ce0ad24988075465addcac0b9afc872e909135af) --- source3/smbd/reply.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 935e8033a5..c6b3c17c01 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2020,6 +2020,9 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); if (!has_wild) { + char *dir; + const char *fname; + pstrcat(directory,"/"); pstrcat(directory,mask); error = can_delete(conn,directory,dirtype,bad_path,False); @@ -2029,6 +2032,14 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; } + + if (parent_dirname_talloc(tmp_talloc_ctx(), orig_name, + &dir, &fname)) { + notify_action(conn, dir, fname, + NOTIFY_ACTION_REMOVED); + TALLOC_FREE(dir); /* not strictly necessary */ + } + } else { struct smb_Dir *dir_hnd = NULL; const char *dname; @@ -2086,6 +2097,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, } if (SMB_VFS_UNLINK(conn,fname) == 0) count++; + notify_action(conn, directory, dname, NOTIFY_ACTION_REMOVED); DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } CloseDir(dir_hnd); @@ -2096,18 +2108,6 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, error = map_nt_error_from_unix(errno); } - { - char *dir; - const char *fname; - - if (parent_dirname_talloc(tmp_talloc_ctx(), orig_name, - &dir, &fname)) { - notify_action(conn, dir, fname, - NOTIFY_ACTION_REMOVED); - TALLOC_FREE(dir); /* not strictly necessary */ - } - } - return error; } -- cgit From 92d02f7afe439a51f5a2eab3e1db8d628c170a6c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 1 Jan 2007 18:11:32 +0000 Subject: r20451: Survive the first of the filter-tests (mkdir). Add lots of TODOs :-) Volker (This used to be commit 0e953884a15873b0962ab1ab064d6b3a436726c0) --- source3/smbd/reply.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c6b3c17c01..ee930f20fb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2035,7 +2035,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (parent_dirname_talloc(tmp_talloc_ctx(), orig_name, &dir, &fname)) { - notify_action(conn, dir, fname, + notify_action(conn, dir, fname, -1, NOTIFY_ACTION_REMOVED); TALLOC_FREE(dir); /* not strictly necessary */ } @@ -2097,7 +2097,8 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, } if (SMB_VFS_UNLINK(conn,fname) == 0) count++; - notify_action(conn, directory, dname, NOTIFY_ACTION_REMOVED); + notify_action(conn, directory, dname, + -1, NOTIFY_ACTION_REMOVED); DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } CloseDir(dir_hnd); @@ -3964,7 +3965,7 @@ BOOL rmdir_internals(connection_struct *conn, const char *directory) if (parent_dirname_talloc(tmp_talloc_ctx(), directory, &parent_dir, &dirname)) { - notify_action(conn, parent_dir, dirname, + notify_action(conn, parent_dir, dirname, -1, NOTIFY_ACTION_REMOVED); TALLOC_FREE(parent_dir); /* Not strictly necessary */ } -- cgit From 495c3619071abc618bc1de06e44b2f994c8c4903 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 1 Jan 2007 21:37:02 +0000 Subject: r20454: Get rid of a bogus variable that was only assigned but never read. Jeremy, please check this. Thanks, Volker (This used to be commit 2becbb9e5f7d1b04962178e6f0c97c3ccf2b0f88) --- source3/smbd/reply.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ee930f20fb..e29ecab8ba 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3316,10 +3316,6 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * Close ordinary file. */ int close_err; - pstring file_name; - - /* Save the name for time set in close. */ - pstrcpy( file_name, fsp->fsp_name); DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n", fsp->fh->fd, fsp->fnum, -- cgit From 2c1b3a072061d40f112c3f1112fd9ae08b6038e4 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 2 Jan 2007 12:10:46 +0000 Subject: r20470: Jeremy, another one to check: The only error path of can_delete() that we're interested in ntcreate&x is the one of can_delete_file_in_directory(), so call that directly. The only other one where we might get a NT_STATUS_ACCESS_DENIED is from the lstat in can_delete, but this is covered later in the open_directory and open_file_ntcreate calls. open_directory does a stat() in the open case which also covers the (potential) symlink, and open_file_ntcreate does the open(2) itself, so this should also work. This makes can_delete() static to reply.c. Volker (This used to be commit d289037fdbc8bd3e0723784888946d5b39ffadef) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e29ecab8ba..607c12f8b1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1888,7 +1888,9 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, Check if a user is allowed to delete a file. ********************************************************************/ -NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL bad_path, BOOL check_is_at_open) +static NTSTATUS can_delete(connection_struct *conn, char *fname, + uint32 dirtype, BOOL bad_path, + BOOL check_is_at_open) { SMB_STRUCT_STAT sbuf; uint32 fattr; -- cgit From 58b63b65fcf3dbd14f985f99038733c8a0a2f14f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 2 Jan 2007 15:01:43 +0000 Subject: r20478: Make us survive & activate RAW-UNLINK (This used to be commit 4f0f917b344743e16e8bacf4e72529a2890590fe) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 607c12f8b1..cb25b69a31 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2074,7 +2074,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, /* Quick check for "." and ".." */ if (fname[0] == '.') { if (!fname[1] || (fname[1] == '.' && !fname[2])) { - if ((dirtype & FILE_ATTRIBUTE_DIRECTORY) && (dirtype & FILE_ATTRIBUTE_SYSTEM)) { + if (dirtype & FILE_ATTRIBUTE_DIRECTORY) { sys_direntry = True; } else { continue; -- cgit From 6edd999dc1fe4894b2fb9f02fb4c215adf3aa795 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 2 Jan 2007 15:07:27 +0000 Subject: r20479: Both remaining calls of can_delete called it with check_is_at_open==False, remove that parameter. Volker (This used to be commit e51b7648703f3a85b840501dd4199600a5a7e44f) --- source3/smbd/reply.c | 45 +++++++++++++++++++-------------------------- 1 file changed, 19 insertions(+), 26 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index cb25b69a31..a65979e804 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1889,8 +1889,7 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, ********************************************************************/ static NTSTATUS can_delete(connection_struct *conn, char *fname, - uint32 dirtype, BOOL bad_path, - BOOL check_is_at_open) + uint32 dirtype, BOOL bad_path) { SMB_STRUCT_STAT sbuf; uint32 fattr; @@ -1938,7 +1937,7 @@ static NTSTATUS can_delete(connection_struct *conn, char *fname, from Windows Explorer). */ - if (!check_is_at_open && !lp_delete_readonly(SNUM(conn))) { + if (!lp_delete_readonly(SNUM(conn))) { if (fattr & aRONLY) { return NT_STATUS_CANNOT_DELETE; } @@ -1947,29 +1946,22 @@ static NTSTATUS can_delete(connection_struct *conn, char *fname, return NT_STATUS_NO_SUCH_FILE; } - if (check_is_at_open) { - if (!can_delete_file_in_directory(conn, fname)) { - return NT_STATUS_ACCESS_DENIED; - } - } else { - /* On open checks the open itself will check the share mode, so - don't do it here as we'll get it wrong. */ - - status = open_file_ntcreate(conn, fname, &sbuf, - DELETE_ACCESS, - FILE_SHARE_NONE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - 0, - NULL, &fsp); - - if (!NT_STATUS_IS_OK(status)) { - return status; - } + /* On open checks the open itself will check the share mode, so + don't do it here as we'll get it wrong. */ + + status = open_file_ntcreate(conn, fname, &sbuf, + DELETE_ACCESS, + FILE_SHARE_NONE, + FILE_OPEN, + 0, + FILE_ATTRIBUTE_NORMAL, + 0, + NULL, &fsp); + + if (NT_STATUS_IS_OK(status)) { close_file(fsp,NORMAL_CLOSE); } - return NT_STATUS_OK; + return status; } /**************************************************************************** @@ -2027,7 +2019,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, pstrcat(directory,"/"); pstrcat(directory,mask); - error = can_delete(conn,directory,dirtype,bad_path,False); + error = can_delete(conn,directory,dirtype,bad_path); if (!NT_STATUS_IS_OK(error)) return error; @@ -2093,7 +2085,8 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, } slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - error = can_delete(conn,fname,dirtype,bad_path,False); + error = can_delete(conn, fname, dirtype, + bad_path); if (!NT_STATUS_IS_OK(error)) { continue; } -- cgit From b3ddd92ba2dfbf732b3e6e22812bca780713ed8f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 2 Jan 2007 16:40:41 +0000 Subject: r20482: Make us survive and activate RAW-CLOSE (This used to be commit 471c6e6a2142afbca36163bcdbb5b6fb4e7ac774) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a65979e804..6bda8fb7ee 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3629,7 +3629,7 @@ int reply_printclose(connection_struct *conn, if (!CAN_PRINT(conn)) { END_PROFILE(SMBsplclose); - return ERROR_NT(NT_STATUS_UNSUCCESSFUL); + return ERROR_NT(NT_STATUS_DOS(ERRSRV, ERRerror)); } DEBUG(3,("printclose fd=%d fnum=%d\n", -- cgit From 9985f25f0031cb1c91fd99cddf6f80bdf66b4dad Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 3 Jan 2007 06:19:11 +0000 Subject: r20496: Some changes to make Samba3 the RAW-OPEN test. Checking in to both 3_0 and 3_0_24 because I was explicitly asked to, although this needs close review. Jeremy, I'm sure you will check this thoroughly :-) In reply_open_and_X the separate "size" variable kills the calculation of the SPARSE flag returned to the client in the attrib field. In getpathinfo we do it correctly, and RAW-OPEN (correctly) complains about the difference. Add the "set the write time" to mknew and create. For trans2open we were missing the "ofun == 0" -> NT_STATUS_OBJECT_NAME_COLLISION case, and we dropped the status returned in favor of ACCESS_DENIED once too many. Last change is a fix to trans2open: We were returning the attributes given by the client, not the attributes of the new file. Volker (This used to be commit 84e6889632c7f98a7cb37036b0acdf538d50d16c) --- source3/smbd/reply.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6bda8fb7ee..9184a1a696 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1475,7 +1475,6 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt uint32 smb_time = make_unix_date3(inbuf+smb_vwv6); #endif int smb_ofun = SVAL(inbuf,smb_vwv8); - SMB_OFF_T size=0; uint32 fattr=0; int mtime=0; SMB_STRUCT_STAT sbuf; @@ -1545,8 +1544,6 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return ERROR_NT(status); } - size = sbuf.st_size; - /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size, if the file is truncated or created. */ if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) { @@ -1562,7 +1559,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt END_PROFILE(SMBopenX); return ERROR_NT(NT_STATUS_DISK_FULL); } - size = get_allocation_size(conn,fsp,&sbuf); + sbuf.st_size = get_allocation_size(conn,fsp,&sbuf); } fattr = dos_mode(conn,fname,&sbuf); @@ -1611,7 +1608,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } else { srv_put_dos_date3(outbuf,smb_vwv4,mtime); } - SIVAL(outbuf,smb_vwv6,(uint32)size); + SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size); SSVAL(outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode)); SSVAL(outbuf,smb_vwv11,smb_action); @@ -1662,6 +1659,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int com; int outsize = 0; uint32 fattr = SVAL(inbuf,smb_vwv0); + struct utimbuf times; BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); @@ -1676,6 +1674,8 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, com = SVAL(inbuf,smb_com); + times.modtime = srv_make_unix_date3(inbuf + smb_vwv1); + srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); @@ -1721,6 +1721,9 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } + times.actime = sbuf.st_atime; + file_utime(conn, fname, ×); + outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); -- cgit From bc20aac121edae8812e3c3392d2cd41dfdf258ec Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 3 Jan 2007 12:01:17 +0000 Subject: r20507: smbcli_setattr("") always returns ACCESS_DENIED, test extension to follow. Merge to 3.0.24? Volker (This used to be commit f2563ac98f8ec7af8083d2b62186753acba7a9dd) --- source3/smbd/reply.c | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9184a1a696..63f8d0bb61 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1004,6 +1004,15 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); } + if (strequal(fname, ".")) { + /* + * Not sure here is the right place to catch this + * condition. Might be moved to somewhere else later -- vl + */ + END_PROFILE(SMBsetatr); + return ERROR_NT(NT_STATUS_ACCESS_DENIED); + } + mode = SVAL(inbuf,smb_vwv0); mtime = srv_make_unix_date3(inbuf+smb_vwv1); -- cgit From 2b1760297f3c61aa5f71fc548c51dae8de3cc885 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 4 Jan 2007 22:01:36 +0000 Subject: r20532: From Volker... "smbcli_setattr("") always returns ACCESS_DENIED, test extension to follow. Merge to 3.0.24?" Yep (with slight optimization). Jeremy. (This used to be commit dcc7bca1adbc69f348d46291ec2cbfaf5d8486bc) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 63f8d0bb61..3ebab18434 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1004,7 +1004,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); } - if (strequal(fname, ".")) { + if (fname[0] == '.' && fname[1] == '\0') { /* * Not sure here is the right place to catch this * condition. Might be moved to somewhere else later -- vl -- cgit From 1307337aaf050fa51758b5b844986eddc06693b7 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 5 Jan 2007 13:13:15 +0000 Subject: r20544: Change copy_file() to return NTSTATUS. This is in preparation of turning close_file() to NTSTATUS as well. I'm not sure I got all the error codes right, but as I've never come across a smb_copy() call in all my Samba work, I'm leaving it at that. If I'm absolutely bored, I will write a thorough torture test. As far as I can see, Samba4 even does not have a libcli implementation for it... :-) Volker (This used to be commit 5ebdf02ba166df69e210e6f70c01a44e6205ecc1) --- source3/smbd/reply.c | 49 +++++++++++++++++++++++++++++++------------------ 1 file changed, 31 insertions(+), 18 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3ebab18434..b99cb54840 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4698,8 +4698,12 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, Copy a file as part of a reply_copy. ******************************************************************/ -BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, - int count,BOOL target_is_directory, int *err_ret) +/* + * TODO: check error codes on all callers + */ + +NTSTATUS copy_file(char *src, char *dest1,connection_struct *conn, int ofun, + int count, BOOL target_is_directory) { SMB_STRUCT_STAT src_sbuf, sbuf2; SMB_OFF_T ret=-1; @@ -4708,9 +4712,8 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, uint32 dosattrs; uint32 new_create_disposition; NTSTATUS status; + int close_err; - *err_ret = 0; - pstrcpy(dest,dest1); if (target_is_directory) { char *p = strrchr_m(src,'/'); @@ -4724,7 +4727,7 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } if (!vfs_file_exist(conn,src,&src_sbuf)) { - return(False); + return NT_STATUS_OBJECT_NAME_NOT_FOUND; } if (!target_is_directory && count) { @@ -4732,7 +4735,7 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, } else { if (!map_open_params_to_ntcreate(dest1,0,ofun, NULL, NULL, &new_create_disposition, NULL)) { - return(False); + return NT_STATUS_INVALID_PARAMETER; } } @@ -4746,7 +4749,7 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, NULL, &fsp1); if (!NT_STATUS_IS_OK(status)) { - return(False); + return status; } dosattrs = dos_mode(conn, src, &src_sbuf); @@ -4765,7 +4768,7 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, if (!NT_STATUS_IS_OK(status)) { close_file(fsp1,ERROR_CLOSE); - return(False); + return status; } if ((ofun&3) == 1) { @@ -4794,9 +4797,17 @@ BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun, * Thus we don't look at the error return from the * close of fsp1. */ - *err_ret = close_file(fsp2,NORMAL_CLOSE); + close_err = close_file(fsp2,NORMAL_CLOSE); - return(ret == (SMB_OFF_T)src_sbuf.st_size); + if (close_err != 0) { + return map_nt_error_from_unix(close_err); + } + + if (ret != (SMB_OFF_T)src_sbuf.st_size) { + return NT_STATUS_DISK_FULL; + } + + return NT_STATUS_OK; } /**************************************************************************** @@ -4903,13 +4914,14 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - if (resolve_wildcards(directory,newname) && - copy_file(directory,newname,conn,ofun, count,target_is_directory,&err)) + if (resolve_wildcards(directory,newname) + && NT_STATUS_IS_OK(status = copy_file( + directory,newname,conn,ofun, + count,target_is_directory))) count++; - if(!count && err) { - errno = err; + if(!count && !NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); - return(UNIXERROR(ERRHRD,ERRgeneral)); + return ERROR_NT(status); } if (!count) { exists = vfs_file_exist(conn,directory,NULL); @@ -4942,9 +4954,10 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); pstrcpy(destname,newname); - if (resolve_wildcards(fname,destname) && - copy_file(fname,destname,conn,ofun, - count,target_is_directory,&err)) + if (resolve_wildcards(fname,destname) + && NT_STATUS_IS_OK(status = copy_file( + fname,destname,conn,ofun, + count,target_is_directory))) count++; DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname)); } -- cgit From 0a8e3fd23632f0c77c4e165cf6070cb1fbcca381 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 5 Jan 2007 17:42:54 +0000 Subject: r20558: Refactor rmdir_internals to use early termination rather than lots of indented code. Change recursive_rmdir() to return the smbd standards of True on success, False on fail (it was doing the reverse, which was very confusing). Jeremy. (This used to be commit 27dc5bebda7ffbdcb2371638f6132063a953fba2) --- source3/smbd/reply.c | 111 ++++++++++++++++++++++++++------------------------- 1 file changed, 56 insertions(+), 55 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b99cb54840..793262f0af 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3822,18 +3822,18 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, /**************************************************************************** Static function used by reply_rmdir to delete an entire directory - tree recursively. Return False on ok, True on fail. + tree recursively. Return True on ok, False on fail. ****************************************************************************/ static BOOL recursive_rmdir(connection_struct *conn, char *directory) { const char *dname = NULL; - BOOL ret = False; + BOOL ret = True; long offset = 0; struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0); if(dir_hnd == NULL) - return True; + return False; while((dname = ReadDirName(dir_hnd, &offset))) { pstring fullname; @@ -3848,7 +3848,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) /* Construct the full name. */ if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) { errno = ENOMEM; - ret = True; + ret = False; break; } @@ -3857,21 +3857,21 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) pstrcat(fullname, dname); if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) { - ret = True; + ret = False; break; } if(st.st_mode & S_IFDIR) { - if(recursive_rmdir(conn, fullname)!=0) { - ret = True; + if(!recursive_rmdir(conn, fullname)) { + ret = False; break; } if(SMB_VFS_RMDIR(conn,fullname) != 0) { - ret = True; + ret = False; break; } } else if(SMB_VFS_UNLINK(conn,fullname) != 0) { - ret = True; + ret = False; break; } } @@ -3896,66 +3896,67 @@ BOOL rmdir_internals(connection_struct *conn, const char *directory) * retry. If we fail to delete any of them (and we *don't* * do a recursive delete) then fail the rmdir. */ - BOOL all_veto_files = True; const char *dname; + long dirpos = 0; struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0); - if(dir_hnd != NULL) { - long dirpos = 0; - while ((dname = ReadDirName(dir_hnd,&dirpos))) { - if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) - continue; - if (!is_visible_file(conn, directory, dname, &st, False)) - continue; - if(!IS_VETO_PATH(conn, dname)) { - all_veto_files = False; - break; - } + if(dir_hnd == NULL) { + errno = ENOTEMPTY; + goto err; + } + + while ((dname = ReadDirName(dir_hnd,&dirpos))) { + if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) + continue; + if (!is_visible_file(conn, directory, dname, &st, False)) + continue; + if(!IS_VETO_PATH(conn, dname)) { + CloseDir(dir_hnd); + errno = ENOTEMPTY; + goto err; } + } - if(all_veto_files) { - RewindDir(dir_hnd,&dirpos); - while ((dname = ReadDirName(dir_hnd,&dirpos))) { - pstring fullname; + /* We only have veto files/directories. Recursive delete. */ - if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) - continue; - if (!is_visible_file(conn, directory, dname, &st, False)) - continue; + RewindDir(dir_hnd,&dirpos); + while ((dname = ReadDirName(dir_hnd,&dirpos))) { + pstring fullname; - /* Construct the full name. */ - if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) { - errno = ENOMEM; - break; - } + if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) + continue; + if (!is_visible_file(conn, directory, dname, &st, False)) + continue; - pstrcpy(fullname, directory); - pstrcat(fullname, "/"); - pstrcat(fullname, dname); + /* Construct the full name. */ + if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) { + errno = ENOMEM; + break; + } + + pstrcpy(fullname, directory); + pstrcat(fullname, "/"); + pstrcat(fullname, dname); - if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) - break; - if(st.st_mode & S_IFDIR) { - if(lp_recursive_veto_delete(SNUM(conn))) { - if(recursive_rmdir(conn, fullname) != 0) - break; - } - if(SMB_VFS_RMDIR(conn,fullname) != 0) - break; - } else if(SMB_VFS_UNLINK(conn,fullname) != 0) + if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) + break; + if(st.st_mode & S_IFDIR) { + if(lp_recursive_veto_delete(SNUM(conn))) { + if(!recursive_rmdir(conn, fullname)) break; } - CloseDir(dir_hnd); - /* Retry the rmdir */ - ok = (SMB_VFS_RMDIR(conn,directory) == 0); - } else { - CloseDir(dir_hnd); - } - } else { - errno = ENOTEMPTY; + if(SMB_VFS_RMDIR(conn,fullname) != 0) + break; + } else if(SMB_VFS_UNLINK(conn,fullname) != 0) + break; } + CloseDir(dir_hnd); + /* Retry the rmdir */ + ok = (SMB_VFS_RMDIR(conn,directory) == 0); } + err: + if (!ok) { DEBUG(3,("rmdir_internals: couldn't remove directory %s : " "%s\n", directory,strerror(errno))); -- cgit From bb357a1617761177475a422008a14a1ac0435eb1 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 6 Jan 2007 18:59:02 +0000 Subject: r20589: Re-add lost bad_path handling, sorry. (This used to be commit 244f96388c843fd629478d0069f68550a2006d06) --- source3/smbd/reply.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 793262f0af..d33940aa64 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3790,6 +3790,10 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(directory, conn, inbuf, outbuf); unix_convert(directory,conn,0,&bad_path,&sbuf); + if (bad_path) { + END_PROFILE(SMBmkdir); + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + } status = create_directory(conn, directory); -- cgit From b2efff8fe5cdfd031a7b6f814993a9c234a66ee8 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 7 Jan 2007 18:08:50 +0000 Subject: r20597: Survive some of the notify mask tests. (This used to be commit e4a2e63272dc5b20413597179d06b0185c4a6817) --- source3/smbd/reply.c | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d33940aa64..62fd0ea686 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2026,9 +2026,6 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); if (!has_wild) { - char *dir; - const char *fname; - pstrcat(directory,"/"); pstrcat(directory,mask); error = can_delete(conn,directory,dirtype,bad_path); @@ -2039,12 +2036,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, count++; } - if (parent_dirname_talloc(tmp_talloc_ctx(), orig_name, - &dir, &fname)) { - notify_action(conn, dir, fname, -1, - NOTIFY_ACTION_REMOVED); - TALLOC_FREE(dir); /* not strictly necessary */ - } + notify_fname(conn, orig_name, -1, NOTIFY_ACTION_REMOVED); } else { struct smb_Dir *dir_hnd = NULL; -- cgit From ccc54da805983e6ba267a2ec1f50a68e4a9acfec Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 8 Jan 2007 13:05:36 +0000 Subject: r20605: Simplify logic in reply_setatr slightly (This used to be commit f19db8f33ed3749f6b72ae3a4cee83574c606e88) --- source3/smbd/reply.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 62fd0ea686..646cc79522 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -999,7 +999,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); unix_convert(fname,conn,0,&bad_path,&sbuf); - if (bad_path) { + if (bad_path || !check_name(fname, conn)) { END_PROFILE(SMBsetatr); return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); } @@ -1022,9 +1022,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size else mode &= ~aDIR; - if (check_name(fname,conn)) { - ok = (file_set_dosmode(conn,fname,mode,&sbuf,False) == 0); - } + ok = (file_set_dosmode(conn,fname,mode,&sbuf,False) == 0); } else { ok = True; } -- cgit From 21cc3895458100158f329786a89bc2a77fe1e8ce Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 8 Jan 2007 13:18:23 +0000 Subject: r20606: bad_path == True has been covered further up in reply_setatr. I'm checking in micro-steps to make them independently checkable. This code just very severely needs cleanup, but I don't want to break anything. So, be patient with me, please :-) Volker (This used to be commit c16775486baa89901f0d5126cb926c9e5a807743) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 646cc79522..66bbce064f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1032,7 +1032,8 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!ok) { END_PROFILE(SMBsetatr); - return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess); + return set_bad_path_error(errno, False, outbuf, + ERRDOS, ERRnoaccess); } outsize = set_message(outbuf,0,0,False); -- cgit From 72ecfaf32c2f6db114cff37dd1526a85722935fd Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 8 Jan 2007 13:21:43 +0000 Subject: r20607: Next micro-step for reply_setatr (This used to be commit cea9a01434490fb8a17c3f12db7a092efda21186) --- source3/smbd/reply.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 66bbce064f..e00d8d99a5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -979,7 +979,6 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size { pstring fname; int outsize = 0; - BOOL ok=False; int mode; time_t mtime; SMB_STRUCT_STAT sbuf; @@ -1022,15 +1021,14 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size else mode &= ~aDIR; - ok = (file_set_dosmode(conn,fname,mode,&sbuf,False) == 0); - } else { - ok = True; + if (file_set_dosmode(conn,fname,mode,&sbuf,False) != 0) { + END_PROFILE(SMBsetatr); + return set_bad_path_error(errno, False, outbuf, + ERRDOS, ERRnoaccess); + } } - if (ok) - ok = set_filetime(conn,fname,mtime); - - if (!ok) { + if (!set_filetime(conn,fname,mtime)) { END_PROFILE(SMBsetatr); return set_bad_path_error(errno, False, outbuf, ERRDOS, ERRnoaccess); -- cgit From 283c690e6efd9b51d63786fac089d7230a3d16ca Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 8 Jan 2007 15:26:17 +0000 Subject: r20611: All but one callers to set_bad_path_error have had the bad_path==True argument being handled further up. Volker (This used to be commit 358673c36697a16aa87f9cebbace34abf16ed28e) --- source3/smbd/reply.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e00d8d99a5..63a1889390 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -948,7 +948,8 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!ok) { END_PROFILE(SMBgetatr); - return set_bad_path_error(errno, bad_path, outbuf, ERRDOS,ERRbadfile); + return set_bad_path_error(errno, False, outbuf, + ERRDOS,ERRbadfile); } outsize = set_message(outbuf,10,0,True); @@ -4006,7 +4007,8 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!ok) { END_PROFILE(SMBrmdir); - return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRbadpath); + return set_bad_path_error(errno, False, outbuf, + ERRDOS, ERRbadpath); } outsize = set_message(outbuf,0,0,False); -- cgit From d10af0222623c3c76b19fe872adb6de1eeac6e1c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 8 Jan 2007 15:36:33 +0000 Subject: r20612: A checkin I've wanted to do for ages: For bad_path==False set_bad_path_error is equivalent to UNIX_ERROR. Expand the last reference. Lets see if I can kill that as well :-) Volker (This used to be commit 794d5d38f19601bb5b30b965b41b844aacf1caeb) --- source3/smbd/reply.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 63a1889390..ac0663d238 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -948,8 +948,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!ok) { END_PROFILE(SMBgetatr); - return set_bad_path_error(errno, False, outbuf, - ERRDOS,ERRbadfile); + return UNIXERROR(ERRDOS, ERRbadfile); } outsize = set_message(outbuf,10,0,True); @@ -1024,15 +1023,13 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (file_set_dosmode(conn,fname,mode,&sbuf,False) != 0) { END_PROFILE(SMBsetatr); - return set_bad_path_error(errno, False, outbuf, - ERRDOS, ERRnoaccess); + return UNIXERROR(ERRDOS, ERRnoaccess); } } if (!set_filetime(conn,fname,mtime)) { END_PROFILE(SMBsetatr); - return set_bad_path_error(errno, False, outbuf, - ERRDOS, ERRnoaccess); + return UNIXERROR(ERRDOS, ERRnoaccess); } outsize = set_message(outbuf,0,0,False); @@ -1212,7 +1209,10 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (dptr_num < 0) { if(dptr_num == -2) { END_PROFILE(SMBsearch); - return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnofids); + if ((errno == ENOENT) && bad_path) { + return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + } + return UNIXERROR(ERRDOS, ERRnofids); } END_PROFILE(SMBsearch); return ERROR_DOS(ERRDOS,ERRnofids); @@ -4007,8 +4007,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (!ok) { END_PROFILE(SMBrmdir); - return set_bad_path_error(errno, False, outbuf, - ERRDOS, ERRbadpath); + return UNIXERROR(ERRDOS, ERRbadpath); } outsize = set_message(outbuf,0,0,False); -- cgit From a9e3624bbcb240104af186233ba2de87586d77d3 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 8 Jan 2007 20:06:36 +0000 Subject: r20617: Do not notify if the delete failed (This used to be commit c86fbdf8cc8f6f17b23e647bd1f4714c6095b860) --- source3/smbd/reply.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ac0663d238..cc181223f2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2032,10 +2032,10 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; + notify_fname(conn, orig_name, -1, + NOTIFY_ACTION_REMOVED); } - notify_fname(conn, orig_name, -1, NOTIFY_ACTION_REMOVED); - } else { struct smb_Dir *dir_hnd = NULL; const char *dname; @@ -2092,10 +2092,12 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (!NT_STATUS_IS_OK(error)) { continue; } - if (SMB_VFS_UNLINK(conn,fname) == 0) + if (SMB_VFS_UNLINK(conn,fname) == 0) { count++; - notify_action(conn, directory, dname, - -1, NOTIFY_ACTION_REMOVED); + notify_action( + conn, directory, dname, + -1, NOTIFY_ACTION_REMOVED); + } DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } CloseDir(dir_hnd); -- cgit From 1b50bcc9c8af2a7b2a085078e2df62c4ff648d79 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 8 Jan 2007 21:08:31 +0000 Subject: r20618: Fix a bug in bad_path handling that also exists in 3.0.23: For reply_unlink under Linux we returned NT_STATUS_NOT_A_DIRECTORY. This is because in the bad_path==True condition lstat(2) returns ENOTDIR and not ENOENT. Not sure if we want to necessarily replicate the INVALID_PARAMETER here, but this is what W2k3 does. Jeremy, I tried to call you, but you were not around. So I'll leave it up to you to merge this. Volker (This used to be commit b1edc3d053104204b966eed67d070ad5da40f17b) --- source3/smbd/reply.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index cc181223f2..b3ee18befe 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1995,6 +1995,11 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, *directory = *mask = 0; rc = unix_convert(name,conn,0,&bad_path,&sbuf); + if (bad_path) { + return has_wild + ? NT_STATUS_INVALID_PARAMETER + : NT_STATUS_OBJECT_PATH_NOT_FOUND; + } /* * Feel my pain, this code needs rewriting *very* badly! -- vl -- cgit From dbac39f74ebd6a906b6c2b83e6f0a406788f5620 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 8 Jan 2007 21:13:27 +0000 Subject: r20619: bad_path is handled somewhere else, so can_delete does not need it anymore (This used to be commit 1798987128be579a1a4574294a7c3094040ebaf2) --- source3/smbd/reply.c | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b3ee18befe..dfea8bcc0f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1899,7 +1899,7 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, ********************************************************************/ static NTSTATUS can_delete(connection_struct *conn, char *fname, - uint32 dirtype, BOOL bad_path) + uint32 dirtype) { SMB_STRUCT_STAT sbuf; uint32 fattr; @@ -1913,13 +1913,6 @@ static NTSTATUS can_delete(connection_struct *conn, char *fname, } if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) { - if(errno == ENOENT) { - if (bad_path) { - return NT_STATUS_OBJECT_PATH_NOT_FOUND; - } else { - return NT_STATUS_OBJECT_NAME_NOT_FOUND; - } - } return map_nt_error_from_unix(errno); } @@ -2031,7 +2024,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - error = can_delete(conn,directory,dirtype,bad_path); + error = can_delete(conn,directory,dirtype); if (!NT_STATUS_IS_OK(error)) return error; @@ -2092,8 +2085,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, } slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - error = can_delete(conn, fname, dirtype, - bad_path); + error = can_delete(conn, fname, dirtype); if (!NT_STATUS_IS_OK(error)) { continue; } -- cgit From b5cad2c2a75ee614ec765d8bfb5b1ad9df984f57 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 9 Jan 2007 08:56:24 +0000 Subject: r20627: orig_name is not needed anymore, and slightly simplify logic by doing early returns. Volker (This used to be commit 614651c6a72742173de5fa8723403880acc37c09) --- source3/smbd/reply.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index dfea8bcc0f..d50a6e5224 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1977,7 +1977,6 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, { pstring directory; pstring mask; - pstring orig_name; char *p; int count=0; NTSTATUS error = NT_STATUS_OK; @@ -1994,11 +1993,6 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, : NT_STATUS_OBJECT_PATH_NOT_FOUND; } - /* - * Feel my pain, this code needs rewriting *very* badly! -- vl - */ - pstrcpy(orig_name, name); - p = strrchr_m(name,'/'); if (!p) { pstrcpy(directory,"."); @@ -2030,7 +2024,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; - notify_fname(conn, orig_name, -1, + notify_fname(conn, directory, -1, NOTIFY_ACTION_REMOVED); } @@ -2041,8 +2035,13 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); - if (check_name(directory,conn)) - dir_hnd = OpenDir(conn, directory, mask, dirtype); + if (!check_name(directory,conn)) { + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + + if (!(dir_hnd = OpenDir(conn, directory, mask, dirtype))) { + return NT_STATUS_NO_SUCH_FILE; + } /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then the pattern matches against the long name, otherwise the short name -- cgit From 45e7b954cdf7eb2efc970f01fee452e98aed00ee Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 9 Jan 2007 09:03:33 +0000 Subject: r20628: Looks bigger than it is. This is just re-indenting the if (dirname) that we've taken care of above. Volker (This used to be commit 5e1da363bb3f2675beb9fd9240301bb432e5239b) --- source3/smbd/reply.c | 78 +++++++++++++++++++++++++--------------------------- 1 file changed, 38 insertions(+), 40 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d50a6e5224..e0f074a7ca 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2031,6 +2031,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, } else { struct smb_Dir *dir_hnd = NULL; const char *dname; + long offset = 0; if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); @@ -2048,56 +2049,53 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, We don't implement this yet XXXX */ - if (dir_hnd) { - long offset = 0; - error = NT_STATUS_NO_SUCH_FILE; + error = NT_STATUS_NO_SUCH_FILE; - while ((dname = ReadDirName(dir_hnd, &offset))) { - SMB_STRUCT_STAT st; - pstring fname; - BOOL sys_direntry = False; - pstrcpy(fname,dname); + while ((dname = ReadDirName(dir_hnd, &offset))) { + SMB_STRUCT_STAT st; + pstring fname; + BOOL sys_direntry = False; + pstrcpy(fname,dname); - if (!is_visible_file(conn, directory, dname, &st, True)) { - continue; - } + if (!is_visible_file(conn, directory, dname, &st, True)) { + continue; + } - /* Quick check for "." and ".." */ - if (fname[0] == '.') { - if (!fname[1] || (fname[1] == '.' && !fname[2])) { - if (dirtype & FILE_ATTRIBUTE_DIRECTORY) { - sys_direntry = True; - } else { - continue; - } + /* Quick check for "." and ".." */ + if (fname[0] == '.') { + if (!fname[1] || (fname[1] == '.' && !fname[2])) { + if (dirtype & FILE_ATTRIBUTE_DIRECTORY) { + sys_direntry = True; + } else { + continue; } } + } - if(!mask_match(fname, mask, conn->case_sensitive)) - continue; + if(!mask_match(fname, mask, conn->case_sensitive)) + continue; - if (sys_direntry) { - error = NT_STATUS_OBJECT_NAME_INVALID; - DEBUG(3,("unlink_internals: system directory delete denied [%s] mask [%s]\n", - fname, mask)); - break; - } + if (sys_direntry) { + error = NT_STATUS_OBJECT_NAME_INVALID; + DEBUG(3,("unlink_internals: system directory delete denied [%s] mask [%s]\n", + fname, mask)); + break; + } - slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - error = can_delete(conn, fname, dirtype); - if (!NT_STATUS_IS_OK(error)) { - continue; - } - if (SMB_VFS_UNLINK(conn,fname) == 0) { - count++; - notify_action( - conn, directory, dname, - -1, NOTIFY_ACTION_REMOVED); - } - DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); + slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); + error = can_delete(conn, fname, dirtype); + if (!NT_STATUS_IS_OK(error)) { + continue; } - CloseDir(dir_hnd); + if (SMB_VFS_UNLINK(conn,fname) == 0) { + count++; + notify_action( + conn, directory, dname, + -1, NOTIFY_ACTION_REMOVED); + } + DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } + CloseDir(dir_hnd); } if (count == 0 && NT_STATUS_IS_OK(error)) { -- cgit From 87bd4d2723e806ac0bc751ccf36fcdb8ed01c03c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 9 Jan 2007 15:50:40 +0000 Subject: r20632: The extended RAW-SAMBA3BADPATH test led me to some wrong assumptions, in particular the NT_STATUS_INVALID_PARAMETER thing was badly wrong. Remove the changes based on it. Using gentest is much more effective in this respect, but it will take a while to figure out the wildcard error handling of W2k3. Volker (This used to be commit 58b8a242a7f08c1292d24fc73df170dbcd68c10d) --- source3/smbd/reply.c | 112 +++++++++++++++++++++++++++------------------------ 1 file changed, 59 insertions(+), 53 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e0f074a7ca..cc181223f2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1899,7 +1899,7 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, ********************************************************************/ static NTSTATUS can_delete(connection_struct *conn, char *fname, - uint32 dirtype) + uint32 dirtype, BOOL bad_path) { SMB_STRUCT_STAT sbuf; uint32 fattr; @@ -1913,6 +1913,13 @@ static NTSTATUS can_delete(connection_struct *conn, char *fname, } if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) { + if(errno == ENOENT) { + if (bad_path) { + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } else { + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + } return map_nt_error_from_unix(errno); } @@ -1977,6 +1984,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, { pstring directory; pstring mask; + pstring orig_name; char *p; int count=0; NTSTATUS error = NT_STATUS_OK; @@ -1987,12 +1995,12 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, *directory = *mask = 0; rc = unix_convert(name,conn,0,&bad_path,&sbuf); - if (bad_path) { - return has_wild - ? NT_STATUS_INVALID_PARAMETER - : NT_STATUS_OBJECT_PATH_NOT_FOUND; - } + /* + * Feel my pain, this code needs rewriting *very* badly! -- vl + */ + pstrcpy(orig_name, name); + p = strrchr_m(name,'/'); if (!p) { pstrcpy(directory,"."); @@ -2018,84 +2026,82 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - error = can_delete(conn,directory,dirtype); + error = can_delete(conn,directory,dirtype,bad_path); if (!NT_STATUS_IS_OK(error)) return error; if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; - notify_fname(conn, directory, -1, + notify_fname(conn, orig_name, -1, NOTIFY_ACTION_REMOVED); } } else { struct smb_Dir *dir_hnd = NULL; const char *dname; - long offset = 0; if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); - if (!check_name(directory,conn)) { - return NT_STATUS_OBJECT_PATH_NOT_FOUND; - } - - if (!(dir_hnd = OpenDir(conn, directory, mask, dirtype))) { - return NT_STATUS_NO_SUCH_FILE; - } + if (check_name(directory,conn)) + dir_hnd = OpenDir(conn, directory, mask, dirtype); /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then the pattern matches against the long name, otherwise the short name We don't implement this yet XXXX */ - error = NT_STATUS_NO_SUCH_FILE; + if (dir_hnd) { + long offset = 0; + error = NT_STATUS_NO_SUCH_FILE; - while ((dname = ReadDirName(dir_hnd, &offset))) { - SMB_STRUCT_STAT st; - pstring fname; - BOOL sys_direntry = False; - pstrcpy(fname,dname); + while ((dname = ReadDirName(dir_hnd, &offset))) { + SMB_STRUCT_STAT st; + pstring fname; + BOOL sys_direntry = False; + pstrcpy(fname,dname); - if (!is_visible_file(conn, directory, dname, &st, True)) { - continue; - } + if (!is_visible_file(conn, directory, dname, &st, True)) { + continue; + } - /* Quick check for "." and ".." */ - if (fname[0] == '.') { - if (!fname[1] || (fname[1] == '.' && !fname[2])) { - if (dirtype & FILE_ATTRIBUTE_DIRECTORY) { - sys_direntry = True; - } else { - continue; + /* Quick check for "." and ".." */ + if (fname[0] == '.') { + if (!fname[1] || (fname[1] == '.' && !fname[2])) { + if (dirtype & FILE_ATTRIBUTE_DIRECTORY) { + sys_direntry = True; + } else { + continue; + } } } - } - if(!mask_match(fname, mask, conn->case_sensitive)) - continue; + if(!mask_match(fname, mask, conn->case_sensitive)) + continue; - if (sys_direntry) { - error = NT_STATUS_OBJECT_NAME_INVALID; - DEBUG(3,("unlink_internals: system directory delete denied [%s] mask [%s]\n", - fname, mask)); - break; - } + if (sys_direntry) { + error = NT_STATUS_OBJECT_NAME_INVALID; + DEBUG(3,("unlink_internals: system directory delete denied [%s] mask [%s]\n", + fname, mask)); + break; + } - slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - error = can_delete(conn, fname, dirtype); - if (!NT_STATUS_IS_OK(error)) { - continue; - } - if (SMB_VFS_UNLINK(conn,fname) == 0) { - count++; - notify_action( - conn, directory, dname, - -1, NOTIFY_ACTION_REMOVED); + slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); + error = can_delete(conn, fname, dirtype, + bad_path); + if (!NT_STATUS_IS_OK(error)) { + continue; + } + if (SMB_VFS_UNLINK(conn,fname) == 0) { + count++; + notify_action( + conn, directory, dname, + -1, NOTIFY_ACTION_REMOVED); + } + DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } - DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); + CloseDir(dir_hnd); } - CloseDir(dir_hnd); } if (count == 0 && NT_STATUS_IS_OK(error)) { -- cgit From 46fdae1b6b1b8e3285447193cb10e5a2a444d431 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 9 Jan 2007 16:12:54 +0000 Subject: r20634: A *LOT* more work is necessary before touching notify remotely starts to make sense. Until then, remove it from the tree to keep the diff between 3_0_24 and 3_0 small. Volker (This used to be commit f146a85e74c84e78a11e616a1cbeaeef4693a0e0) --- source3/smbd/reply.c | 17 ----------------- 1 file changed, 17 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index cc181223f2..da7fadae3b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2032,8 +2032,6 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; - notify_fname(conn, orig_name, -1, - NOTIFY_ACTION_REMOVED); } } else { @@ -2094,9 +2092,6 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, } if (SMB_VFS_UNLINK(conn,fname) == 0) { count++; - notify_action( - conn, directory, dname, - -1, NOTIFY_ACTION_REMOVED); } DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } @@ -3959,18 +3954,6 @@ BOOL rmdir_internals(connection_struct *conn, const char *directory) return False; } - { - char *parent_dir; - const char *dirname; - - if (parent_dirname_talloc(tmp_talloc_ctx(), directory, - &parent_dir, &dirname)) { - notify_action(conn, parent_dir, dirname, -1, - NOTIFY_ACTION_REMOVED); - TALLOC_FREE(parent_dir); /* Not strictly necessary */ - } - } - return True; } -- cgit From b538c2b86b64220e0c105487a728cc5d0dacd633 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 9 Jan 2007 18:48:38 +0000 Subject: r20635: Add placeholder to ensure we don't go into the wcard unlink if bad_path was set. The error returned here is almost certainly incorrect and will need testing properly with smbtorture, but I don't want to forget about this path (yes Volker I know this is currently incorrect :-). Jeremy. (This used to be commit 06e20c287898d21e437ab117eb5eeeaf2420ba78) --- source3/smbd/reply.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index da7fadae3b..b3df8acf11 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2038,6 +2038,17 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, struct smb_Dir *dir_hnd = NULL; const char *dname; + /* Ensure we check bad_path in the wcard case. + * This may not be correct w.r.t. Windows (needs + * smbtorture test cases which will be forthcoming) + * but prevents us from continuing in the obvious + * bad path case. This is merely a placeholder. JRA. + */ + + if (!rc && bad_path) { + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); -- cgit From db0ad252a0622dfac17d44ca646168df4c1c22e5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 12 Jan 2007 23:47:16 +0000 Subject: r20718: Sync up the filename path parsing changes from SAMBA_3_0_24. The only difference between the two trees now w.r.t file serving are the changes to smbd/open.c in this branch I need to review. Jeremy. (This used to be commit f4474edf6a0c71001dbd01429ef70bafad6abd74) --- source3/smbd/reply.c | 685 ++++++++++++++++----------------------------------- 1 file changed, 219 insertions(+), 466 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b3df8acf11..5914a3b169 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3,7 +3,7 @@ Main SMB reply routines Copyright (C) Andrew Tridgell 1992-1998 Copyright (C) Andrew Bartlett 2001 - Copyright (C) Jeremy Allison 1992-2004. + Copyright (C) Jeremy Allison 1992-2007. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -36,143 +36,6 @@ extern uint32 global_client_caps; extern struct current_user current_user; extern BOOL global_encrypted_passwords_negotiated; -/**************************************************************************** - Ensure we check the path in *exactly* the same way as W2K for regular pathnames. - We're assuming here that '/' is not the second byte in any multibyte char - set (a safe assumption). '\\' *may* be the second byte in a multibyte char - set. -****************************************************************************/ - -NTSTATUS check_path_syntax(pstring destname, const pstring srcname) -{ - char *d = destname; - const char *s = srcname; - NTSTATUS ret = NT_STATUS_OK; - BOOL start_of_name_component = True; - unsigned int num_bad_components = 0; - - while (*s) { - if (IS_DIRECTORY_SEP(*s)) { - /* - * Safe to assume is not the second part of a mb char as this is handled below. - */ - /* Eat multiple '/' or '\\' */ - while (IS_DIRECTORY_SEP(*s)) { - s++; - } - if ((d != destname) && (*s != '\0')) { - /* We only care about non-leading or trailing '/' or '\\' */ - *d++ = '/'; - } - - start_of_name_component = True; - continue; - } - - if (start_of_name_component) { - if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) { - /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */ - - /* - * No mb char starts with '.' so we're safe checking the directory separator here. - */ - - /* If we just added a '/' - delete it */ - if ((d > destname) && (*(d-1) == '/')) { - *(d-1) = '\0'; - d--; - } - - /* Are we at the start ? Can't go back further if so. */ - if (d <= destname) { - ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD; - break; - } - /* Go back one level... */ - /* We know this is safe as '/' cannot be part of a mb sequence. */ - /* NOTE - if this assumption is invalid we are not in good shape... */ - /* Decrement d first as d points to the *next* char to write into. */ - for (d--; d > destname; d--) { - if (*d == '/') - break; - } - s += 2; /* Else go past the .. */ - /* We're still at the start of a name component, just the previous one. */ - - if (num_bad_components) { - /* Hmmm. Should we only decrement the bad_components if - we're removing a bad component ? Need to check this. JRA. */ - num_bad_components--; - } - - continue; - - } else if ((s[0] == '.') && ((s[1] == '\0') || IS_DIRECTORY_SEP(s[1]))) { - /* Component of pathname can't be "." only. */ - ret = NT_STATUS_OBJECT_NAME_INVALID; - num_bad_components++; - *d++ = *s++; - continue; - } - } - - if (!(*s & 0x80)) { - if (*s <= 0x1f) { - return NT_STATUS_OBJECT_NAME_INVALID; - } - switch (*s) { - case '*': - case '?': - case '<': - case '>': - case '"': - return NT_STATUS_OBJECT_NAME_INVALID; - default: - *d++ = *s++; - break; - } - } else { - size_t siz; - /* Get the size of the next MB character. */ - next_codepoint(s,&siz); - switch(siz) { - case 5: - *d++ = *s++; - /*fall through*/ - case 4: - *d++ = *s++; - /*fall through*/ - case 3: - *d++ = *s++; - /*fall through*/ - case 2: - *d++ = *s++; - /*fall through*/ - case 1: - *d++ = *s++; - break; - default: - DEBUG(0,("check_path_syntax: character length assumptions invalid !\n")); - *d = '\0'; - return NT_STATUS_INVALID_PARAMETER; - } - } - if (start_of_name_component && num_bad_components) { - num_bad_components++; - } - start_of_name_component = False; - } - - if (NT_STATUS_EQUAL(ret, NT_STATUS_OBJECT_NAME_INVALID)) { - if (num_bad_components > 1) { - ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; - } - } - - *d = '\0'; - return ret; -} - /**************************************************************************** Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext path or anything including wildcards. @@ -181,15 +44,19 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) set. ****************************************************************************/ -NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL *p_contains_wcard) +NTSTATUS check_path_syntax_internal(pstring destname, + const pstring srcname, + BOOL windows_path, BOOL + *p_last_component_contains_wcard) { char *d = destname; const char *s = srcname; NTSTATUS ret = NT_STATUS_OK; BOOL start_of_name_component = True; - unsigned int num_bad_components = 0; - *p_contains_wcard = False; + if (p_last_component_contains_wcard) { + *p_last_component_contains_wcard = False; + } while (*s) { if (IS_DIRECTORY_SEP(*s)) { @@ -206,6 +73,10 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL * } start_of_name_component = True; + /* New component. */ + if (p_last_component_contains_wcard) { + *p_last_component_contains_wcard = False; + } continue; } @@ -238,36 +109,32 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL * } s += 2; /* Else go past the .. */ /* We're still at the start of a name component, just the previous one. */ - - if (num_bad_components) { - /* Hmmm. Should we only decrement the bad_components if - we're removing a bad component ? Need to check this. JRA. */ - num_bad_components--; - } - continue; } else if ((s[0] == '.') && ((s[1] == '\0') || IS_DIRECTORY_SEP(s[1]))) { - /* Component of pathname can't be "." only. */ - ret = NT_STATUS_OBJECT_NAME_INVALID; - num_bad_components++; - *d++ = *s++; - continue; + if (!windows_path) { + /* Eat the '.' */ + s++; + continue; + } } + } if (!(*s & 0x80)) { - if (*s <= 0x1f) { - return NT_STATUS_OBJECT_NAME_INVALID; - } - if (!*p_contains_wcard) { + if (windows_path) { + if (*s <= 0x1f) { + return NT_STATUS_OBJECT_NAME_INVALID; + } switch (*s) { case '*': case '?': case '<': case '>': case '"': - *p_contains_wcard = True; + if (p_last_component_contains_wcard) { + *p_last_component_contains_wcard = True; + } break; default: break; @@ -295,130 +162,48 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL * *d++ = *s++; break; default: - DEBUG(0,("check_path_syntax_wcard: character length assumptions invalid !\n")); + DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n")); *d = '\0'; return NT_STATUS_INVALID_PARAMETER; } } - if (start_of_name_component && num_bad_components) { - num_bad_components++; - } start_of_name_component = False; } - if (NT_STATUS_EQUAL(ret, NT_STATUS_OBJECT_NAME_INVALID)) { - /* For some strange reason being called from findfirst changes - the num_components number to cause the error return to change. JRA. */ - if (num_bad_components > 2) { - ret = NT_STATUS_OBJECT_PATH_NOT_FOUND; - } - } - *d = '\0'; return ret; } /**************************************************************************** - Check the path for a POSIX client. - We're assuming here that '/' is not the second byte in any multibyte char - set (a safe assumption). + Ensure we check the path in *exactly* the same way as W2K for regular pathnames. + No wildcards allowed. ****************************************************************************/ -NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname) +NTSTATUS check_path_syntax(pstring destname, const pstring srcname) { - char *d = destname; - const char *s = srcname; - NTSTATUS ret = NT_STATUS_OK; - BOOL start_of_name_component = True; - - while (*s) { - if (*s == '/') { - /* - * Safe to assume is not the second part of a mb char as this is handled below. - */ - /* Eat multiple '/' or '\\' */ - while (*s == '/') { - s++; - } - if ((d != destname) && (*s != '\0')) { - /* We only care about non-leading or trailing '/' */ - *d++ = '/'; - } - - start_of_name_component = True; - continue; - } - - if (start_of_name_component) { - if ((s[0] == '.') && (s[1] == '.') && (s[2] == '/' || s[2] == '\0')) { - /* Uh oh - "/../" or "/..\0" ! */ - - /* - * No mb char starts with '.' so we're safe checking the directory separator here. - */ - - /* If we just added a '/' - delete it */ - if ((d > destname) && (*(d-1) == '/')) { - *(d-1) = '\0'; - d--; - } + return check_path_syntax_internal(destname, srcname, True, NULL); +} - /* Are we at the start ? Can't go back further if so. */ - if (d <= destname) { - ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD; - break; - } - /* Go back one level... */ - /* We know this is safe as '/' cannot be part of a mb sequence. */ - /* NOTE - if this assumption is invalid we are not in good shape... */ - /* Decrement d first as d points to the *next* char to write into. */ - for (d--; d > destname; d--) { - if (*d == '/') - break; - } - s += 2; /* Else go past the .. */ - continue; +/**************************************************************************** + Ensure we check the path in *exactly* the same way as W2K for regular pathnames. + Wildcards allowed - p_contains_wcard returns true if the last component contained + a wildcard. +****************************************************************************/ - } else if ((s[0] == '.') && ((s[1] == '\0') || (s[1] == '/'))) { - /* Eat the '.' */ - s++; - continue; - } - } +NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL *p_contains_wcard) +{ + return check_path_syntax_internal(destname, srcname, True, p_contains_wcard); +} - if (!(*s & 0x80)) { - *d++ = *s++; - } else { - size_t siz; - /* Get the size of the next MB character. */ - next_codepoint(s,&siz); - switch(siz) { - case 5: - *d++ = *s++; - /*fall through*/ - case 4: - *d++ = *s++; - /*fall through*/ - case 3: - *d++ = *s++; - /*fall through*/ - case 2: - *d++ = *s++; - /*fall through*/ - case 1: - *d++ = *s++; - break; - default: - DEBUG(0,("check_path_syntax_posix: character length assumptions invalid !\n")); - *d = '\0'; - return NT_STATUS_INVALID_PARAMETER; - } - } - start_of_name_component = False; - } +/**************************************************************************** + Check the path for a POSIX client. + We're assuming here that '/' is not the second byte in any multibyte char + set (a safe assumption). +****************************************************************************/ - *d = '\0'; - return ret; +static NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname) +{ + return check_path_syntax_internal(destname, srcname, False, NULL); } /**************************************************************************** @@ -823,7 +608,6 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int outsize = 0; pstring name; BOOL ok = False; - BOOL bad_path = False; SMB_STRUCT_STAT sbuf; NTSTATUS status; @@ -845,10 +629,10 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size RESOLVE_DFSPATH(name, conn, inbuf, outbuf); - unix_convert(name,conn,0,&bad_path,&sbuf); - if (bad_path) { + status = unix_convert(conn, name, False, NULL, &sbuf); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBchkpth); - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + return ERROR_NT(status); } if (check_name(name,conn)) { @@ -871,8 +655,7 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size * the parent directory is valid but not the * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND - * if the path is invalid. This is different from set_bad_path_error() - * in the non-NT error case. + * if the path is invalid. */ END_PROFILE(SMBchkpth); return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath); @@ -902,7 +685,6 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int mode=0; SMB_OFF_T size=0; time_t mtime=0; - BOOL bad_path = False; char *p; NTSTATUS status; @@ -927,10 +709,10 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size mtime = 0; ok = True; } else { - unix_convert(fname,conn,0,&bad_path,&sbuf); - if (bad_path) { + status = unix_convert(conn, fname, False, NULL,&sbuf); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBgetatr); - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + return ERROR_NT(status); } if (check_name(fname,conn)) { if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,fname,&sbuf) == 0) { @@ -948,7 +730,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (!ok) { END_PROFILE(SMBgetatr); - return UNIXERROR(ERRDOS, ERRbadfile); + return UNIXERROR(ERRDOS,ERRbadfile); } outsize = set_message(outbuf,10,0,True); @@ -982,7 +764,6 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size int mode; time_t mtime; SMB_STRUCT_STAT sbuf; - BOOL bad_path = False; char *p; NTSTATUS status; @@ -997,10 +778,10 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - unix_convert(fname,conn,0,&bad_path,&sbuf); - if (bad_path || !check_name(fname, conn)) { + status = unix_convert(conn, fname, False, NULL, &sbuf); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBsetatr); - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + return ERROR_NT(status); } if (fname[0] == '.' && fname[1] == '\0') { @@ -1012,6 +793,11 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(NT_STATUS_ACCESS_DENIED); } + if (!check_name(fname,conn)) { + END_PROFILE(SMBsetatr); + return UNIXERROR(ERRDOS, ERRnoaccess); + } + mode = SVAL(inbuf,smb_vwv0); mtime = srv_make_unix_date3(inbuf+smb_vwv1); @@ -1118,7 +904,6 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL check_descend = False; BOOL expect_close = False; BOOL can_open = True; - BOOL bad_path = False; NTSTATUS nt_status; BOOL mask_contains_wcard = False; BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False; @@ -1160,7 +945,11 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstrcpy(directory,path); pstrcpy(dir2,path); - unix_convert(directory,conn,0,&bad_path,&sbuf); + nt_status = unix_convert(conn, directory, mask_contains_wcard, NULL, &sbuf); + if (!NT_STATUS_IS_OK(nt_status)) { + END_PROFILE(SMBsearch); + return ERROR_NT(nt_status); + } unix_format(dir2); if (!check_name(directory,conn)) @@ -1209,9 +998,6 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (dptr_num < 0) { if(dptr_num == -2) { END_PROFILE(SMBsearch); - if ((errno == ENOENT) && bad_path) { - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); - } return UNIXERROR(ERRDOS, ERRnofids); } END_PROFILE(SMBsearch); @@ -1377,7 +1163,6 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, time_t mtime=0; int info; SMB_STRUCT_STAT sbuf; - BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); int deny_mode; @@ -1399,10 +1184,10 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - unix_convert(fname,conn,0,&bad_path,&sbuf); - if (bad_path) { + status = unix_convert(conn, fname, False, NULL, &sbuf); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopen); - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + return ERROR_NT(status); } if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN, @@ -1486,7 +1271,6 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt int mtime=0; SMB_STRUCT_STAT sbuf; int smb_action = 0; - BOOL bad_path = False; files_struct *fsp; NTSTATUS status; SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv9); @@ -1518,10 +1302,10 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - unix_convert(fname,conn,0,&bad_path,&sbuf); - if (bad_path) { + status = unix_convert(conn, fname, False, NULL, &sbuf); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + return ERROR_NT(status); } if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun, @@ -1667,7 +1451,6 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int outsize = 0; uint32 fattr = SVAL(inbuf,smb_vwv0); struct utimbuf times; - BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); SMB_STRUCT_STAT sbuf; @@ -1691,10 +1474,10 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - unix_convert(fname,conn,0,&bad_path,&sbuf); - if (bad_path) { + status = unix_convert(conn, fname, False, NULL, &sbuf); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + return ERROR_NT(status); } if (fattr & aVOLID) { @@ -1758,7 +1541,6 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstring fname; int outsize = 0; uint32 fattr = SVAL(inbuf,smb_vwv0); - BOOL bad_path = False; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); int tmpfd; @@ -1782,10 +1564,10 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); - unix_convert(fname,conn,0,&bad_path,&sbuf); - if (bad_path) { + status = unix_convert(conn, fname, False, NULL, &sbuf); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBctemp); - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + return ERROR_NT(status); } tmpfd = smb_mkstemp(fname); @@ -1898,12 +1680,12 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, Check if a user is allowed to delete a file. ********************************************************************/ -static NTSTATUS can_delete(connection_struct *conn, char *fname, - uint32 dirtype, BOOL bad_path) +static NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype) { SMB_STRUCT_STAT sbuf; uint32 fattr; files_struct *fsp; + uint32 dirtype_orig = dirtype; NTSTATUS status; DEBUG(10,("can_delete: %s, dirtype = %d\n", fname, dirtype )); @@ -1913,22 +1695,56 @@ static NTSTATUS can_delete(connection_struct *conn, char *fname, } if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) { - if(errno == ENOENT) { - if (bad_path) { - return NT_STATUS_OBJECT_PATH_NOT_FOUND; - } else { - return NT_STATUS_OBJECT_NAME_NOT_FOUND; - } - } return map_nt_error_from_unix(errno); } fattr = dos_mode(conn,fname,&sbuf); + if (dirtype & FILE_ATTRIBUTE_NORMAL) { + dirtype = aDIR|aARCH|aRONLY; + } + + dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM); + if (!dirtype) { + return NT_STATUS_NO_SUCH_FILE; + } + + if (!dir_check_ftype(conn, fattr, dirtype)) { + if (fattr & aDIR) { + return NT_STATUS_FILE_IS_A_DIRECTORY; + } + return NT_STATUS_NO_SUCH_FILE; + } + + if (dirtype_orig & 0x8000) { + /* These will never be set for POSIX. */ + return NT_STATUS_NO_SUCH_FILE; + } + +#if 0 + if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) { + return NT_STATUS_FILE_IS_A_DIRECTORY; + } + + if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) { + return NT_STATUS_NO_SUCH_FILE; + } + + if (dirtype & 0xFF00) { + /* These will never be set for POSIX. */ + return NT_STATUS_NO_SUCH_FILE; + } + + dirtype &= 0xFF; + if (!dirtype) { + return NT_STATUS_NO_SUCH_FILE; + } + /* Can't delete a directory. */ if (fattr & aDIR) { return NT_STATUS_FILE_IS_A_DIRECTORY; } +#endif #if 0 /* JRATEST */ else if (dirtype & aDIR) /* Asked for a directory and it isn't. */ @@ -1952,9 +1768,6 @@ static NTSTATUS can_delete(connection_struct *conn, char *fname, return NT_STATUS_CANNOT_DELETE; } } - if ((fattr & ~dirtype) & (aHIDDEN | aSYSTEM)) { - return NT_STATUS_NO_SUCH_FILE; - } /* On open checks the open itself will check the share mode, so don't do it here as we'll get it wrong. */ @@ -1979,27 +1792,21 @@ static NTSTATUS can_delete(connection_struct *conn, char *fname, code. ****************************************************************************/ -NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, - char *name, BOOL has_wild) +NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name, BOOL has_wild) { pstring directory; pstring mask; - pstring orig_name; char *p; int count=0; - NTSTATUS error = NT_STATUS_OK; - BOOL bad_path = False; - BOOL rc = True; + NTSTATUS status = NT_STATUS_OK; SMB_STRUCT_STAT sbuf; *directory = *mask = 0; - rc = unix_convert(name,conn,0,&bad_path,&sbuf); - - /* - * Feel my pain, this code needs rewriting *very* badly! -- vl - */ - pstrcpy(orig_name, name); + status = unix_convert(conn, name, has_wild, NULL, &sbuf); + if (!NT_STATUS_IS_OK(status)) { + return status; + } p = strrchr_m(name,'/'); if (!p) { @@ -2020,33 +1827,28 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, * Tine Smukavec . */ - if (!rc && mangle_is_mangled(mask,conn->params)) + if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params)) mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - error = can_delete(conn,directory,dirtype,bad_path); - if (!NT_STATUS_IS_OK(error)) - return error; + if (dirtype == 0) { + dirtype = FILE_ATTRIBUTE_NORMAL; + } + status = can_delete(conn,directory,dirtype); + if (!NT_STATUS_IS_OK(status)) + return status; if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; } - } else { struct smb_Dir *dir_hnd = NULL; const char *dname; - /* Ensure we check bad_path in the wcard case. - * This may not be correct w.r.t. Windows (needs - * smbtorture test cases which will be forthcoming) - * but prevents us from continuing in the obvious - * bad path case. This is merely a placeholder. JRA. - */ - - if (!rc && bad_path) { - return NT_STATUS_OBJECT_PATH_NOT_FOUND; + if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) { + return NT_STATUS_OBJECT_NAME_INVALID; } if (strequal(mask,"????????.???")) @@ -2062,12 +1864,11 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (dir_hnd) { long offset = 0; - error = NT_STATUS_NO_SUCH_FILE; + status = NT_STATUS_NO_SUCH_FILE; while ((dname = ReadDirName(dir_hnd, &offset))) { SMB_STRUCT_STAT st; pstring fname; - BOOL sys_direntry = False; pstrcpy(fname,dname); if (!is_visible_file(conn, directory, dname, &st, True)) { @@ -2077,44 +1878,31 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, /* Quick check for "." and ".." */ if (fname[0] == '.') { if (!fname[1] || (fname[1] == '.' && !fname[2])) { - if (dirtype & FILE_ATTRIBUTE_DIRECTORY) { - sys_direntry = True; - } else { - continue; - } + continue; } } if(!mask_match(fname, mask, conn->case_sensitive)) continue; - if (sys_direntry) { - error = NT_STATUS_OBJECT_NAME_INVALID; - DEBUG(3,("unlink_internals: system directory delete denied [%s] mask [%s]\n", - fname, mask)); - break; - } - slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - error = can_delete(conn, fname, dirtype, - bad_path); - if (!NT_STATUS_IS_OK(error)) { + status = can_delete(conn, fname, dirtype); + if (!NT_STATUS_IS_OK(status)) { continue; } - if (SMB_VFS_UNLINK(conn,fname) == 0) { + if (SMB_VFS_UNLINK(conn,fname) == 0) count++; - } DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } CloseDir(dir_hnd); } } - if (count == 0 && NT_STATUS_IS_OK(error)) { - error = map_nt_error_from_unix(errno); + if (count == 0 && NT_STATUS_IS_OK(status)) { + status = map_nt_error_from_unix(errno); } - return error; + return status; } /**************************************************************************** @@ -3774,7 +3562,6 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstring directory; int outsize; NTSTATUS status; - BOOL bad_path = False; SMB_STRUCT_STAT sbuf; START_PROFILE(SMBmkdir); @@ -3787,10 +3574,10 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(directory, conn, inbuf, outbuf); - unix_convert(directory,conn,0,&bad_path,&sbuf); - if (bad_path) { + status = unix_convert(conn, directory, False, NULL, &sbuf); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmkdir); - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + return ERROR_NT(status); } status = create_directory(conn, directory); @@ -3939,7 +3726,7 @@ BOOL rmdir_internals(connection_struct *conn, const char *directory) pstrcpy(fullname, directory); pstrcat(fullname, "/"); pstrcat(fullname, dname); - + if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) break; if(st.st_mode & S_IFDIR) { @@ -3977,7 +3764,6 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstring directory; int outsize = 0; BOOL ok = False; - BOOL bad_path = False; SMB_STRUCT_STAT sbuf; NTSTATUS status; START_PROFILE(SMBrmdir); @@ -3990,10 +3776,10 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH(directory, conn, inbuf, outbuf) - unix_convert(directory,conn, NULL,&bad_path,&sbuf); - if (bad_path) { + status = unix_convert(conn, directory, False, NULL, &sbuf); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBrmdir); - return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND); + return ERROR_NT(status); } if (check_name(directory,conn)) { @@ -4171,24 +3957,16 @@ static BOOL rename_path_prefix_equal(const char *src, const char *dest) NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char *newname, uint32 attrs, BOOL replace_if_exists) { SMB_STRUCT_STAT sbuf; - BOOL bad_path = False; pstring newname_last_component; - NTSTATUS error = NT_STATUS_OK; + NTSTATUS status = NT_STATUS_OK; BOOL dest_exists; - BOOL rcdest = True; struct share_mode_lock *lck = NULL; ZERO_STRUCT(sbuf); - rcdest = unix_convert(newname,conn,newname_last_component,&bad_path,&sbuf); - /* Quick check for "." and ".." */ - if (!bad_path && newname_last_component[0] == '.') { - if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) { - return NT_STATUS_ACCESS_DENIED; - } - } - if (!rcdest && bad_path) { - return NT_STATUS_OBJECT_PATH_NOT_FOUND; + status = unix_convert(conn, newname, False, newname_last_component, &sbuf); + if (!NT_STATUS_IS_OK(status)) { + return status; } /* Ensure newname contains a '/' */ @@ -4250,14 +4028,14 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * return NT_STATUS_OBJECT_NAME_COLLISION; } - error = can_rename(conn,newname,attrs,&sbuf); + status = can_rename(conn,newname,attrs,&sbuf); - if (dest_exists && !NT_STATUS_IS_OK(error)) { + if (dest_exists && !NT_STATUS_IS_OK(status)) { DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", - nt_errstr(error), fsp->fsp_name,newname)); - if (NT_STATUS_EQUAL(error,NT_STATUS_SHARING_VIOLATION)) - error = NT_STATUS_ACCESS_DENIED; - return error; + nt_errstr(status), fsp->fsp_name,newname)); + if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION)) + status = NT_STATUS_ACCESS_DENIED; + return status; } if (rename_path_prefix_equal(fsp->fsp_name, newname)) { @@ -4277,15 +4055,15 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * TALLOC_FREE(lck); if (errno == ENOTDIR || errno == EISDIR) { - error = NT_STATUS_OBJECT_NAME_COLLISION; + status = NT_STATUS_OBJECT_NAME_COLLISION; } else { - error = map_nt_error_from_unix(errno); + status = map_nt_error_from_unix(errno); } DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n", - nt_errstr(error), fsp->fsp_name,newname)); + nt_errstr(status), fsp->fsp_name,newname)); - return error; + return status; } /**************************************************************************** @@ -4300,12 +4078,8 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, ui pstring last_component_src; pstring last_component_dest; char *p; - BOOL bad_path_src = False; - BOOL bad_path_dest = False; int count=0; - NTSTATUS error = NT_STATUS_OK; - BOOL rc = True; - BOOL rcdest = True; + NTSTATUS status = NT_STATUS_OK; SMB_STRUCT_STAT sbuf1, sbuf2; struct share_mode_lock *lck = NULL; @@ -4314,27 +4088,14 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, ui ZERO_STRUCT(sbuf1); ZERO_STRUCT(sbuf2); - rc = unix_convert(name,conn,last_component_src,&bad_path_src,&sbuf1); - if (!rc && bad_path_src) { - if (ms_has_wild(last_component_src)) - return NT_STATUS_OBJECT_NAME_NOT_FOUND; - return NT_STATUS_OBJECT_PATH_NOT_FOUND; - } - - /* Quick check for "." and ".." */ - if (last_component_src[0] == '.') { - if (!last_component_src[1] || (last_component_src[1] == '.' && !last_component_src[2])) { - return NT_STATUS_OBJECT_NAME_INVALID; - } + status = unix_convert(conn, name, has_wild, last_component_src, &sbuf1); + if (!NT_STATUS_IS_OK(status)) { + return status; } - rcdest = unix_convert(newname,conn,last_component_dest,&bad_path_dest,&sbuf2); - - /* Quick check for "." and ".." */ - if (last_component_dest[0] == '.') { - if (!last_component_dest[1] || (last_component_dest[1] == '.' && !last_component_dest[2])) { - return NT_STATUS_OBJECT_NAME_INVALID; - } + status = unix_convert(conn, newname, True, last_component_dest, &sbuf2); + if (!NT_STATUS_IS_OK(status)) { + return status; } /* @@ -4366,7 +4127,7 @@ NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, ui * Tine Smukavec . */ - if (!rc && mangle_is_mangled(mask, conn->params)) + if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); if (!has_wild) { @@ -4451,25 +4212,19 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", return NT_STATUS_OBJECT_NAME_NOT_FOUND; return NT_STATUS_OBJECT_PATH_NOT_FOUND; } - error = map_nt_error_from_unix(errno); + status = map_nt_error_from_unix(errno); DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", - nt_errstr(error), directory,newname)); - - return error; - } + nt_errstr(status), directory,newname)); - if (!rcdest && bad_path_dest) { - if (ms_has_wild(last_component_dest)) - return NT_STATUS_OBJECT_NAME_INVALID; - return NT_STATUS_OBJECT_PATH_NOT_FOUND; + return status; } - error = can_rename(conn,directory,attrs,&sbuf1); + status = can_rename(conn,directory,attrs,&sbuf1); - if (!NT_STATUS_IS_OK(error)) { + if (!NT_STATUS_IS_OK(status)) { DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", - nt_errstr(error), directory,newname)); - return error; + nt_errstr(status), directory,newname)); + return status; } /* @@ -4505,14 +4260,14 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", TALLOC_FREE(lck); if (errno == ENOTDIR || errno == EISDIR) - error = NT_STATUS_OBJECT_NAME_COLLISION; + status = NT_STATUS_OBJECT_NAME_COLLISION; else - error = map_nt_error_from_unix(errno); + status = map_nt_error_from_unix(errno); DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", - nt_errstr(error), directory,newname)); + nt_errstr(status), directory,newname)); - return error; + return status; } else { /* * Wildcards - process each file that matches. @@ -4529,8 +4284,8 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", if (dir_hnd) { long offset = 0; - error = NT_STATUS_NO_SUCH_FILE; -/* Was error = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */ + status = NT_STATUS_NO_SUCH_FILE; +/* Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */ while ((dname = ReadDirName(dir_hnd, &offset))) { pstring fname; @@ -4556,19 +4311,19 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", continue; if (sysdir_entry) { - error = NT_STATUS_OBJECT_NAME_INVALID; + status = NT_STATUS_OBJECT_NAME_INVALID; break; } - error = NT_STATUS_ACCESS_DENIED; + status = NT_STATUS_ACCESS_DENIED; slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); if (!vfs_object_exist(conn, fname, &sbuf1)) { - error = NT_STATUS_OBJECT_NAME_NOT_FOUND; - DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(error))); + status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(status))); continue; } - error = can_rename(conn,fname,attrs,&sbuf1); - if (!NT_STATUS_IS_OK(error)) { + status = can_rename(conn,fname,attrs,&sbuf1); + if (!NT_STATUS_IS_OK(status)) { DEBUG(6,("rename %s refused\n", fname)); continue; } @@ -4584,14 +4339,14 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname); DEBUG(3,("rename_internals: identical names in wildcard rename %s - success\n", fname)); count++; - error = NT_STATUS_OK; + status = NT_STATUS_OK; continue; } if (!replace_if_exists && vfs_file_exist(conn,destname, NULL)) { DEBUG(6,("file_exist %s\n", destname)); - error = NT_STATUS_OBJECT_NAME_COLLISION; + status = NT_STATUS_OBJECT_NAME_COLLISION; continue; } @@ -4604,7 +4359,7 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", if (!SMB_VFS_RENAME(conn,fname,destname)) { rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname); count++; - error = NT_STATUS_OK; + status = NT_STATUS_OK; } TALLOC_FREE(lck); DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); @@ -4612,6 +4367,8 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", CloseDir(dir_hnd); } +#if 0 + /* Don't think needed any more - JRA. */ if (!NT_STATUS_EQUAL(error,NT_STATUS_NO_SUCH_FILE)) { if (!rcdest && bad_path_dest) { if (ms_has_wild(last_component_dest)) @@ -4619,13 +4376,15 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", return NT_STATUS_OBJECT_PATH_NOT_FOUND; } } +#endif + } - if (count == 0 && NT_STATUS_IS_OK(error)) { - error = map_nt_error_from_unix(errno); + if (count == 0 && NT_STATUS_IS_OK(status)) { + status = map_nt_error_from_unix(errno); } - return error; + return status; } /**************************************************************************** @@ -4821,11 +4580,8 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int ofun = SVAL(inbuf,smb_vwv1); int flags = SVAL(inbuf,smb_vwv2); BOOL target_is_directory=False; - BOOL bad_path1 = False; - BOOL bad_path2 = False; BOOL path_contains_wcard1 = False; BOOL path_contains_wcard2 = False; - BOOL rc = True; SMB_STRUCT_STAT sbuf1, sbuf2; NTSTATUS status; START_PROFILE(SMBcopy); @@ -4856,8 +4612,17 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf); RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf); - rc = unix_convert(name,conn,0,&bad_path1,&sbuf1); - unix_convert(newname,conn,0,&bad_path2,&sbuf2); + status = unix_convert(conn, name, path_contains_wcard1, NULL, &sbuf1); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBcopy); + return ERROR_NT(status); + } + + status = unix_convert(conn, newname, path_contains_wcard2, NULL, &sbuf2); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBcopy); + return ERROR_NT(status); + } target_is_directory = VALID_STAT_OF_DIR(sbuf2); @@ -4897,7 +4662,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, * Tine Smukavec . */ - if (!rc && mangle_is_mangled(mask, conn->params)) + if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); has_wild = path_contains_wcard1; @@ -4964,20 +4729,8 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(UNIXERROR(ERRHRD,ERRgeneral)); } - if (exists) { - END_PROFILE(SMBcopy); - return ERROR_DOS(ERRDOS,error); - } else { - if((errno == ENOENT) && (bad_path1 || bad_path2) && - !use_nt_status()) { - /* Samba 3.0.22 has ERRDOS/ERRbadpath in the - * DOS error code case - */ - return ERROR_DOS(ERRDOS, ERRbadpath); - } - END_PROFILE(SMBcopy); - return(UNIXERROR(ERRDOS,error)); - } + END_PROFILE(SMBcopy); + return ERROR_DOS(ERRDOS,error); } outsize = set_message(outbuf,1,0,True); -- cgit From 1a40a6e08a58d02e912aaa9f81dcff48477f3b81 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 13 Jan 2007 01:07:39 +0000 Subject: r20720: Fix the chkpath problem, still looking at findfirst. Jeremy. (This used to be commit c5be0082ef60cd041121a9c36f4af934cd60562d) --- source3/smbd/reply.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5914a3b169..e42c663cec 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -632,6 +632,13 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size status = unix_convert(conn, name, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBchkpth); + /* Strange DOS error code semantics only for chkpth... */ + if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) { + if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) { + /* We need to map to ERRbadpath */ + status = NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + } return ERROR_NT(status); } -- cgit From dd5e9e2ae7ba3c4f3d4d8e02c7a993dd8e164c5b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 13 Jan 2007 01:29:10 +0000 Subject: r20721: Fix the search unix_convert error returns. Only open to go... Jeremy. (This used to be commit 89f03a8db40365f99c6755ff19a4bfbf8d1bd316) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e42c663cec..21c8b13b5c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -952,7 +952,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstrcpy(directory,path); pstrcpy(dir2,path); - nt_status = unix_convert(conn, directory, mask_contains_wcard, NULL, &sbuf); + nt_status = unix_convert(conn, directory, True, NULL, &sbuf); if (!NT_STATUS_IS_OK(nt_status)) { END_PROFILE(SMBsearch); return ERROR_NT(nt_status); -- cgit From 165e08e8b1efa55b4548e1853a637e1696e4fd7b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 13 Jan 2007 20:26:53 +0000 Subject: r20740: Get rid of some if-statements (This used to be commit db93c1b98d5445071ad0af229afed1f11ab0a862) --- source3/smbd/reply.c | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 21c8b13b5c..7d89382a7d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -45,18 +45,16 @@ extern BOOL global_encrypted_passwords_negotiated; ****************************************************************************/ NTSTATUS check_path_syntax_internal(pstring destname, - const pstring srcname, - BOOL windows_path, BOOL - *p_last_component_contains_wcard) + const pstring srcname, + BOOL windows_path, + BOOL *p_last_component_contains_wcard) { char *d = destname; const char *s = srcname; NTSTATUS ret = NT_STATUS_OK; BOOL start_of_name_component = True; - if (p_last_component_contains_wcard) { - *p_last_component_contains_wcard = False; - } + *p_last_component_contains_wcard = False; while (*s) { if (IS_DIRECTORY_SEP(*s)) { @@ -74,9 +72,7 @@ NTSTATUS check_path_syntax_internal(pstring destname, start_of_name_component = True; /* New component. */ - if (p_last_component_contains_wcard) { - *p_last_component_contains_wcard = False; - } + *p_last_component_contains_wcard = False; continue; } @@ -132,9 +128,7 @@ NTSTATUS check_path_syntax_internal(pstring destname, case '<': case '>': case '"': - if (p_last_component_contains_wcard) { - *p_last_component_contains_wcard = True; - } + *p_last_component_contains_wcard = True; break; default: break; @@ -181,7 +175,8 @@ NTSTATUS check_path_syntax_internal(pstring destname, NTSTATUS check_path_syntax(pstring destname, const pstring srcname) { - return check_path_syntax_internal(destname, srcname, True, NULL); + BOOL ignore; + return check_path_syntax_internal(destname, srcname, True, &ignore); } /**************************************************************************** @@ -203,7 +198,8 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL * static NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname) { - return check_path_syntax_internal(destname, srcname, False, NULL); + BOOL ignore; + return check_path_syntax_internal(destname, srcname, False, &ignore); } /**************************************************************************** -- cgit From ab46f9cdd232cc08b4c2f57c3fe7add652f6ce38 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 13 Jan 2007 22:10:18 +0000 Subject: r20742: Rename chkpth -> checkpath for sanity's sake :-). Start removing unneeded "BOOL ok" from this reply.c (this logic is old, old, old..... :-). Jeremy. (This used to be commit 3d52268095c605a80dfcd371769198a332baa0a5) --- source3/smbd/reply.c | 70 ++++++++++++++++++++++++++-------------------------- 1 file changed, 35 insertions(+), 35 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7d89382a7d..9fa359de8c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -596,57 +596,58 @@ int reply_ioctl(connection_struct *conn, } /**************************************************************************** - Reply to a chkpth. + Strange checkpath NTSTATUS mapping. ****************************************************************************/ -int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status) +{ + /* Strange DOS error code semantics only for checkpath... */ + if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) { + if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) { + /* We need to map to ERRbadpath */ + return NT_STATUS_OBJECT_PATH_NOT_FOUND; + } + } + return status; +} + +/**************************************************************************** + Reply to a checkpath. +****************************************************************************/ + +int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = 0; pstring name; - BOOL ok = False; SMB_STRUCT_STAT sbuf; NTSTATUS status; - START_PROFILE(SMBchkpth); + START_PROFILE(SMBcheckpath); srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBchkpth); - - /* Strange DOS error code semantics only for chkpth... */ - if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) { - if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) { - /* We need to map to ERRbadpath */ - status = NT_STATUS_OBJECT_PATH_NOT_FOUND; - } - } + END_PROFILE(SMBcheckpath); + status = map_checkpath_error(inbuf, status); return ERROR_NT(status); } RESOLVE_DFSPATH(name, conn, inbuf, outbuf); + DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(inbuf,smb_vwv0))); + status = unix_convert(conn, name, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBchkpth); - /* Strange DOS error code semantics only for chkpth... */ - if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) { - if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) { - /* We need to map to ERRbadpath */ - status = NT_STATUS_OBJECT_PATH_NOT_FOUND; - } - } + END_PROFILE(SMBcheckpath); + status = map_checkpath_error(inbuf, status); return ERROR_NT(status); } - if (check_name(name,conn)) { - if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,name,&sbuf) == 0) - if (!(ok = S_ISDIR(sbuf.st_mode))) { - END_PROFILE(SMBchkpth); - return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath); - } - } - - if (!ok) { + if (check_name(name,conn) && (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,name,&sbuf) == 0)) { + if (!S_ISDIR(sbuf.st_mode)) { + END_PROFILE(SMBcheckpath); + return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath); + } + } else { /* We special case this - as when a Windows machine is parsing a path is steps through the components one at a time - if a component fails it expects @@ -660,19 +661,18 @@ int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND * if the path is invalid. */ - END_PROFILE(SMBchkpth); + END_PROFILE(SMBcheckpath); return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath); } - END_PROFILE(SMBchkpth); + END_PROFILE(SMBcheckpath); return(UNIXERROR(ERRDOS,ERRbadpath)); } outsize = set_message(outbuf,0,0,False); - DEBUG(3,("chkpth %s mode=%d\n", name, (int)SVAL(inbuf,smb_vwv0))); - END_PROFILE(SMBchkpth); - return(outsize); + END_PROFILE(SMBcheckpath); + return outsize; } /**************************************************************************** -- cgit From 78fbb597c2101c57c214e6ec0f83285bcf0954eb Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 13 Jan 2007 22:22:32 +0000 Subject: r20743: Remove another BOOL ok from reply_getatr. Jeremy. (This used to be commit c154f430710a4646fac42774817dfed7b936b087) --- source3/smbd/reply.c | 35 +++++++++++++++-------------------- 1 file changed, 15 insertions(+), 20 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9fa359de8c..af183b1fff 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -684,7 +684,6 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstring fname; int outsize = 0; SMB_STRUCT_STAT sbuf; - BOOL ok = False; int mode=0; SMB_OFF_T size=0; time_t mtime=0; @@ -704,38 +703,34 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ - if (! (*fname)) { + if (*fname == '\0') { mode = aHIDDEN | aDIR; - if (!CAN_WRITE(conn)) + if (!CAN_WRITE(conn)) { mode |= aRONLY; + } size = 0; mtime = 0; - ok = True; } else { status = unix_convert(conn, fname, False, NULL,&sbuf); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBgetatr); return ERROR_NT(status); } - if (check_name(fname,conn)) { - if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,fname,&sbuf) == 0) { - mode = dos_mode(conn,fname,&sbuf); - size = sbuf.st_size; - mtime = sbuf.st_mtime; - if (mode & aDIR) - size = 0; - ok = True; - } else { - DEBUG(3,("stat of %s failed (%s)\n",fname,strerror(errno))); + if (check_name(fname,conn) && + (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,fname,&sbuf) == 0)) { + mode = dos_mode(conn,fname,&sbuf); + size = sbuf.st_size; + mtime = sbuf.st_mtime; + if (mode & aDIR) { + size = 0; } + } else { + DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno))); + END_PROFILE(SMBgetatr); + return UNIXERROR(ERRDOS,ERRbadfile); } } - if (!ok) { - END_PROFILE(SMBgetatr); - return UNIXERROR(ERRDOS,ERRbadfile); - } - outsize = set_message(outbuf,10,0,True); SSVAL(outbuf,smb_vwv0,mode); @@ -750,7 +745,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME); } - DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, (uint32)size ) ); + DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) ); END_PROFILE(SMBgetatr); return(outsize); -- cgit From fb9a229643015fc6fea67bac9317f5d6a6283fc4 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 14 Jan 2007 11:25:42 +0000 Subject: r20759: Dummy checkin to let the build farm pick up the new smbtorture4 (This used to be commit 14c88b560e5c8fd59b84333e92337805620ccd7c) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index af183b1fff..02cada71aa 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -59,7 +59,8 @@ NTSTATUS check_path_syntax_internal(pstring destname, while (*s) { if (IS_DIRECTORY_SEP(*s)) { /* - * Safe to assume is not the second part of a mb char as this is handled below. + * Safe to assume is not the second part of a mb char + * as this is handled below. */ /* Eat multiple '/' or '\\' */ while (IS_DIRECTORY_SEP(*s)) { -- cgit From 0cfc6a8e11bf1d2dd80861cf5331f4cde78dd674 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 15 Jan 2007 09:17:11 +0000 Subject: r20796: Fix the same problem Jeremy has fixed (improper handling of deferred opens) for delete_driver_files. Proper fix pending... :-) Jeremy, please check. Volker (This used to be commit 21b8f15dd5ad567efeacf5ba22dc4d8c64b09b76) --- source3/smbd/reply.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 02cada71aa..3a1514f1aa 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1679,7 +1679,8 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, Check if a user is allowed to delete a file. ********************************************************************/ -static NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype) +static NTSTATUS can_delete(connection_struct *conn, char *fname, + uint32 dirtype, BOOL can_defer) { SMB_STRUCT_STAT sbuf; uint32 fattr; @@ -1777,7 +1778,7 @@ static NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype) FILE_OPEN, 0, FILE_ATTRIBUTE_NORMAL, - 0, + can_defer ? 0 : INTERNAL_OPEN_ONLY, NULL, &fsp); if (NT_STATUS_IS_OK(status)) { @@ -1791,7 +1792,8 @@ static NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype) code. ****************************************************************************/ -NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name, BOOL has_wild) +NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, + char *name, BOOL has_wild, BOOL can_defer) { pstring directory; pstring mask; @@ -1835,7 +1837,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name, B if (dirtype == 0) { dirtype = FILE_ATTRIBUTE_NORMAL; } - status = can_delete(conn,directory,dirtype); + status = can_delete(conn,directory,dirtype,can_defer); if (!NT_STATUS_IS_OK(status)) return status; @@ -1885,7 +1887,8 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name, B continue; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - status = can_delete(conn, fname, dirtype); + status = can_delete(conn, fname, dirtype, + can_defer); if (!NT_STATUS_IS_OK(status)) { continue; } @@ -1931,7 +1934,8 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(3,("reply_unlink : %s\n",name)); - status = unlink_internals(conn, dirtype, name, path_contains_wcard); + status = unlink_internals(conn, dirtype, name, path_contains_wcard, + True); if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ -- cgit From 6d16226a2d449ab7731bc686a742a2b31ccf41ae Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 16 Jan 2007 20:32:39 +0000 Subject: r20840: Keep removing the old BOOL ok logic. Jeremy. (This used to be commit 224ff059915b2c92ec86d2c3c4b10c3bc552ffa2) --- source3/smbd/reply.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3a1514f1aa..d48c081e21 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3677,11 +3677,15 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) BOOL rmdir_internals(connection_struct *conn, const char *directory) { - BOOL ok; + int ret; SMB_STRUCT_STAT st; - ok = (SMB_VFS_RMDIR(conn,directory) == 0); - if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) { + ret = SMB_VFS_RMDIR(conn,directory); + if (ret == 0) { + return True; + } + + if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) { /* * Check to see if the only thing in this directory are * vetoed files/directories. If so then delete them and @@ -3744,12 +3748,12 @@ BOOL rmdir_internals(connection_struct *conn, const char *directory) } CloseDir(dir_hnd); /* Retry the rmdir */ - ok = (SMB_VFS_RMDIR(conn,directory) == 0); + ret = SMB_VFS_RMDIR(conn,directory); } err: - if (!ok) { + if (ret != 0) { DEBUG(3,("rmdir_internals: couldn't remove directory %s : " "%s\n", directory,strerror(errno))); return False; -- cgit From 16f96517f1f51fb9a8fd75e513bb985bf152adae Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 16 Jan 2007 20:49:51 +0000 Subject: r20841: Remove more BOOL ok. Jeremy. (This used to be commit c6b651966039b1c21facd4c4789bf873b5b49426) --- source3/smbd/reply.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d48c081e21..f633be3740 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3770,7 +3770,6 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, { pstring directory; int outsize = 0; - BOOL ok = False; SMB_STRUCT_STAT sbuf; NTSTATUS status; START_PROFILE(SMBrmdir); @@ -3789,12 +3788,13 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - if (check_name(directory,conn)) { - dptr_closepath(directory,SVAL(inbuf,smb_pid)); - ok = rmdir_internals(conn, directory); + if (!check_name(directory,conn)) { + END_PROFILE(SMBrmdir); + return UNIXERROR(ERRDOS, ERRbadpath); } - - if (!ok) { + + dptr_closepath(directory,SVAL(inbuf,smb_pid)); + if (!rmdir_internals(conn, directory)) { END_PROFILE(SMBrmdir); return UNIXERROR(ERRDOS, ERRbadpath); } -- cgit From f065b42dcceb4eb64b26921aaa88d7a67bac3dc0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 16 Jan 2007 20:53:50 +0000 Subject: r20842: Only one more BOOL ok to go... Jeremy. (This used to be commit de0bf477dab1d57b5f7bc6bf70d8e76f9bfac63f) --- source3/smbd/reply.c | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f633be3740..c90c59698f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4755,7 +4755,6 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size { int snum; int outsize = 0; - BOOL ok = False; pstring newdir; NTSTATUS status; @@ -4775,17 +4774,12 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size RESOLVE_DFSPATH(newdir, conn, inbuf, outbuf); - if (strlen(newdir) == 0) { - ok = True; - } else { - ok = vfs_directory_exist(conn,newdir,NULL); - if (ok) - set_conn_connectpath(conn,newdir); - } - - if (!ok) { - END_PROFILE(pathworks_setdir); - return ERROR_DOS(ERRDOS,ERRbadpath); + if (strlen(newdir) != 0) { + if (!vfs_directory_exist(conn,newdir,NULL)) { + END_PROFILE(pathworks_setdir); + return ERROR_DOS(ERRDOS,ERRbadpath); + } + set_conn_connectpath(conn,newdir); } outsize = set_message(outbuf,0,0,False); -- cgit From 52a36db39fb96353702616dfac5004239c34cd2c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 16 Jan 2007 21:04:30 +0000 Subject: r20843: Get rid of last BOOL ok. Jeremy. (This used to be commit a36d446fb612f87654c645f6507d413b95efaf21) --- source3/smbd/reply.c | 117 ++++++++++++++++++++++++++------------------------- 1 file changed, 59 insertions(+), 58 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c90c59698f..9a0e544e38 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -895,14 +895,12 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size unsigned int maxentries = 0; BOOL finished = False; char *p; - BOOL ok = False; int status_len; pstring path; char status[21]; int dptr_num= -1; BOOL check_descend = False; BOOL expect_close = False; - BOOL can_open = True; NTSTATUS nt_status; BOOL mask_contains_wcard = False; BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False; @@ -917,8 +915,9 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size *mask = *directory = *fname = 0; /* If we were called as SMBffirst then we must expect close. */ - if(CVAL(inbuf,smb_com) == SMBffirst) + if(CVAL(inbuf,smb_com) == SMBffirst) { expect_close = True; + } outsize = set_message(outbuf,1,3,True); maxentries = SVAL(inbuf,smb_vwv0); @@ -951,8 +950,10 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } unix_format(dir2); - if (!check_name(directory,conn)) - can_open = False; + if (!check_name(directory,conn)) { + END_PROFILE(SMBsearch); + return UNIXERROR(ERRDOS, ERRnoaccess); + } p = strrchr_m(dir2,'/'); if (p == NULL) { @@ -964,13 +965,15 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } p = strrchr_m(directory,'/'); - if (!p) + if (!p) { *directory = 0; - else + } else { *p = 0; + } - if (strlen(directory) == 0) + if (strlen(directory) == 0) { pstrcpy(directory,"."); + } memset((char *)status,'\0',21); SCVAL(status,0,(dirtype & 0x1F)); } else { @@ -978,83 +981,81 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size memcpy(status,p,21); status_dirtype = CVAL(status,0) & 0x1F; - if (status_dirtype != (dirtype & 0x1F)) + if (status_dirtype != (dirtype & 0x1F)) { dirtype = status_dirtype; + } conn->dirptr = dptr_fetch(status+12,&dptr_num); - if (!conn->dirptr) + if (!conn->dirptr) { goto SearchEmpty; + } string_set(&conn->dirpath,dptr_path(dptr_num)); pstrcpy(mask, dptr_wcard(dptr_num)); } - if (can_open) { - p = smb_buf(outbuf) + 3; - ok = True; + p = smb_buf(outbuf) + 3; - if (status_len == 0) { - dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid), mask, mask_contains_wcard, dirtype); - if (dptr_num < 0) { - if(dptr_num == -2) { - END_PROFILE(SMBsearch); - return UNIXERROR(ERRDOS, ERRnofids); - } + if (status_len == 0) { + dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid), mask, mask_contains_wcard, dirtype); + if (dptr_num < 0) { + if(dptr_num == -2) { END_PROFILE(SMBsearch); - return ERROR_DOS(ERRDOS,ERRnofids); + return UNIXERROR(ERRDOS, ERRnofids); } + END_PROFILE(SMBsearch); + return ERROR_DOS(ERRDOS,ERRnofids); + } + } else { + dirtype = dptr_attr(dptr_num); + } + + DEBUG(4,("dptr_num is %d\n",dptr_num)); + + if ((dirtype&0x1F) == aVOLID) { + memcpy(p,status,21); + make_dir_struct(p,"???????????",volume_label(SNUM(conn)), + 0,aVOLID,0,!allow_long_path_components); + dptr_fill(p+12,dptr_num); + if (dptr_zero(p+12) && (status_len==0)) { + numentries = 1; } else { - dirtype = dptr_attr(dptr_num); + numentries = 0; } + p += DIR_STRUCT_SIZE; + } else { + unsigned int i; + maxentries = MIN(maxentries, ((BUFFER_SIZE - (p - outbuf))/DIR_STRUCT_SIZE)); - DEBUG(4,("dptr_num is %d\n",dptr_num)); + DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n", + conn->dirpath,lp_dontdescend(SNUM(conn)))); + if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) { + check_descend = True; + } - if (ok) { - if ((dirtype&0x1F) == aVOLID) { + for (i=numentries;(i dontdescend=<%s>\n", - conn->dirpath,lp_dontdescend(SNUM(conn)))); - if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) - check_descend = True; - - for (i=numentries;(i Date: Wed, 17 Jan 2007 02:09:37 +0000 Subject: r20844: Somewhat radical change - this may break the build (I will watch carefully - so I'm doing it in one transaction so I can roll back). Change check_name(), reduce_name() and dptr_create() to return NTSTATUS. This helps a lot in error path processing and especially in reduce_name() allows us to ditch the flaky and error-prone saving of errno and return errors directly. Jeremy. (This used to be commit 6133a694aa429d638320e39ffe1c49d172583ccf) --- source3/smbd/reply.c | 389 ++++++++++++++++++++++++++++----------------------- 1 file changed, 212 insertions(+), 177 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9a0e544e38..2d11b3db98 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -638,42 +638,53 @@ int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_s status = unix_convert(conn, name, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBcheckpath); - status = map_checkpath_error(inbuf, status); - return ERROR_NT(status); + goto path_err; } - if (check_name(name,conn) && (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,name,&sbuf) == 0)) { - if (!S_ISDIR(sbuf.st_mode)) { - END_PROFILE(SMBcheckpath); - return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath); - } - } else { - /* We special case this - as when a Windows machine - is parsing a path is steps through the components - one at a time - if a component fails it expects - ERRbadpath, not ERRbadfile. - */ - if(errno == ENOENT) { - /* - * Windows returns different error codes if - * the parent directory is valid but not the - * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND - * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND - * if the path is invalid. - */ - END_PROFILE(SMBcheckpath); - return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath); - } + status = check_name(conn, name); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status))); + goto path_err; + } + + if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) { + DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno))); + status = map_nt_error_from_unix(errno); + goto path_err; + } + if (!S_ISDIR(sbuf.st_mode)) { END_PROFILE(SMBcheckpath); - return(UNIXERROR(ERRDOS,ERRbadpath)); + return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath); } outsize = set_message(outbuf,0,0,False); END_PROFILE(SMBcheckpath); return outsize; + + path_err: + + END_PROFILE(SMBcheckpath); + + /* We special case this - as when a Windows machine + is parsing a path is steps through the components + one at a time - if a component fails it expects + ERRbadpath, not ERRbadfile. + */ + status = map_checkpath_error(inbuf, status); + if(NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) { + /* + * Windows returns different error codes if + * the parent directory is valid but not the + * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND + * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND + * if the path is invalid. + */ + return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath); + } + + return ERROR_NT(status); } /**************************************************************************** @@ -717,19 +728,23 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size END_PROFILE(SMBgetatr); return ERROR_NT(status); } - if (check_name(fname,conn) && - (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,fname,&sbuf) == 0)) { - mode = dos_mode(conn,fname,&sbuf); - size = sbuf.st_size; - mtime = sbuf.st_mtime; - if (mode & aDIR) { - size = 0; - } - } else { - DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno))); + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status))); END_PROFILE(SMBgetatr); + return ERROR_NT(status); + } + if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) { + DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno))); return UNIXERROR(ERRDOS,ERRbadfile); } + + mode = dos_mode(conn,fname,&sbuf); + size = sbuf.st_size; + mtime = sbuf.st_mtime; + if (mode & aDIR) { + size = 0; + } } outsize = set_message(outbuf,10,0,True); @@ -792,9 +807,10 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(NT_STATUS_ACCESS_DENIED); } - if (!check_name(fname,conn)) { + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBsetatr); - return UNIXERROR(ERRDOS, ERRnoaccess); + return ERROR_NT(status); } mode = SVAL(inbuf,smb_vwv0); @@ -950,9 +966,10 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } unix_format(dir2); - if (!check_name(directory,conn)) { + nt_status = check_name(conn, directory); + if (!NT_STATUS_IS_OK(nt_status)) { END_PROFILE(SMBsearch); - return UNIXERROR(ERRDOS, ERRnoaccess); + return ERROR_NT(nt_status); } p = strrchr_m(dir2,'/'); @@ -996,14 +1013,9 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size p = smb_buf(outbuf) + 3; if (status_len == 0) { - dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid), mask, mask_contains_wcard, dirtype); - if (dptr_num < 0) { - if(dptr_num == -2) { - END_PROFILE(SMBsearch); - return UNIXERROR(ERRDOS, ERRnofids); - } - END_PROFILE(SMBsearch); - return ERROR_DOS(ERRDOS,ERRnofids); + nt_status = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid), mask, mask_contains_wcard, dirtype,&dptr_num); + if (!NT_STATUS_IS_OK(nt_status)) { + return ERROR_NT(nt_status); } } else { dirtype = dptr_attr(dptr_num); @@ -1839,66 +1851,73 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, dirtype = FILE_ATTRIBUTE_NORMAL; } status = can_delete(conn,directory,dirtype,can_defer); - if (!NT_STATUS_IS_OK(status)) + if (!NT_STATUS_IS_OK(status)) { return status; + } if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; } } else { struct smb_Dir *dir_hnd = NULL; + long offset = 0; const char *dname; if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) { return NT_STATUS_OBJECT_NAME_INVALID; } - if (strequal(mask,"????????.???")) + if (strequal(mask,"????????.???")) { pstrcpy(mask,"*"); + } + + status = check_name(conn, directory); + if (!NT_STATUS_IS_OK(status)) { + return status; + } - if (check_name(directory,conn)) - dir_hnd = OpenDir(conn, directory, mask, dirtype); + dir_hnd = OpenDir(conn, directory, mask, dirtype); + if (dir_hnd == NULL) { + return map_nt_error_from_unix(errno); + } /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then the pattern matches against the long name, otherwise the short name We don't implement this yet XXXX */ - if (dir_hnd) { - long offset = 0; - status = NT_STATUS_NO_SUCH_FILE; + status = NT_STATUS_NO_SUCH_FILE; - while ((dname = ReadDirName(dir_hnd, &offset))) { - SMB_STRUCT_STAT st; - pstring fname; - pstrcpy(fname,dname); + while ((dname = ReadDirName(dir_hnd, &offset))) { + SMB_STRUCT_STAT st; + pstring fname; + pstrcpy(fname,dname); - if (!is_visible_file(conn, directory, dname, &st, True)) { - continue; - } + if (!is_visible_file(conn, directory, dname, &st, True)) { + continue; + } - /* Quick check for "." and ".." */ - if (fname[0] == '.') { - if (!fname[1] || (fname[1] == '.' && !fname[2])) { - continue; - } + /* Quick check for "." and ".." */ + if (fname[0] == '.') { + if (!fname[1] || (fname[1] == '.' && !fname[2])) { + continue; } + } - if(!mask_match(fname, mask, conn->case_sensitive)) - continue; + if(!mask_match(fname, mask, conn->case_sensitive)) { + continue; + } - slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - status = can_delete(conn, fname, dirtype, - can_defer); - if (!NT_STATUS_IS_OK(status)) { - continue; - } - if (SMB_VFS_UNLINK(conn,fname) == 0) - count++; - DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); + slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); + status = can_delete(conn, fname, dirtype, can_defer); + if (!NT_STATUS_IS_OK(status)) { + continue; } - CloseDir(dir_hnd); + if (SMB_VFS_UNLINK(conn,fname) == 0) + count++; + DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); } + CloseDir(dir_hnd); } if (count == 0 && NT_STATUS_IS_OK(status)) { @@ -3789,9 +3808,10 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - if (!check_name(directory,conn)) { + status = check_name(conn, directory); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBrmdir); - return UNIXERROR(ERRDOS, ERRbadpath); + return ERROR_NT(status); } dptr_closepath(directory,SVAL(inbuf,smb_pid)); @@ -4267,10 +4287,11 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", } TALLOC_FREE(lck); - if (errno == ENOTDIR || errno == EISDIR) + if (errno == ENOTDIR || errno == EISDIR) { status = NT_STATUS_OBJECT_NAME_COLLISION; - else + } else { status = map_nt_error_from_unix(errno); + } DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", nt_errstr(status), directory,newname)); @@ -4282,98 +4303,105 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", */ struct smb_Dir *dir_hnd = NULL; const char *dname; + long offset = 0; pstring destname; if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); - if (check_name(directory,conn)) - dir_hnd = OpenDir(conn, directory, mask, attrs); + status = check_name(conn, directory); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + dir_hnd = OpenDir(conn, directory, mask, attrs); + if (dir_hnd == NULL) { + return map_nt_error_from_unix(errno); + } - if (dir_hnd) { - long offset = 0; - status = NT_STATUS_NO_SUCH_FILE; -/* Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */ + status = NT_STATUS_NO_SUCH_FILE; +/* Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */ - while ((dname = ReadDirName(dir_hnd, &offset))) { - pstring fname; - BOOL sysdir_entry = False; + while ((dname = ReadDirName(dir_hnd, &offset))) { + pstring fname; + BOOL sysdir_entry = False; - pstrcpy(fname,dname); + pstrcpy(fname,dname); - /* Quick check for "." and ".." */ - if (fname[0] == '.') { - if (!fname[1] || (fname[1] == '.' && !fname[2])) { - if (attrs & aDIR) { - sysdir_entry = True; - } else { - continue; - } + /* Quick check for "." and ".." */ + if (fname[0] == '.') { + if (!fname[1] || (fname[1] == '.' && !fname[2])) { + if (attrs & aDIR) { + sysdir_entry = True; + } else { + continue; } } + } - if (!is_visible_file(conn, directory, dname, &sbuf1, False)) - continue; + if (!is_visible_file(conn, directory, dname, &sbuf1, False)) { + continue; + } - if(!mask_match(fname, mask, conn->case_sensitive)) - continue; + if(!mask_match(fname, mask, conn->case_sensitive)) { + continue; + } - if (sysdir_entry) { - status = NT_STATUS_OBJECT_NAME_INVALID; - break; - } + if (sysdir_entry) { + status = NT_STATUS_OBJECT_NAME_INVALID; + break; + } - status = NT_STATUS_ACCESS_DENIED; - slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); - if (!vfs_object_exist(conn, fname, &sbuf1)) { - status = NT_STATUS_OBJECT_NAME_NOT_FOUND; - DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(status))); - continue; - } - status = can_rename(conn,fname,attrs,&sbuf1); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(6,("rename %s refused\n", fname)); - continue; - } - pstrcpy(destname,newname); - - if (!resolve_wildcards(fname,destname)) { - DEBUG(6,("resolve_wildcards %s %s failed\n", - fname, destname)); - continue; - } + status = NT_STATUS_ACCESS_DENIED; + slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); + if (!vfs_object_exist(conn, fname, &sbuf1)) { + status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(status))); + continue; + } + status = can_rename(conn,fname,attrs,&sbuf1); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(6,("rename %s refused\n", fname)); + continue; + } + pstrcpy(destname,newname); + + if (!resolve_wildcards(fname,destname)) { + DEBUG(6,("resolve_wildcards %s %s failed\n", + fname, destname)); + continue; + } - if (strcsequal(fname,destname)) { - rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname); - DEBUG(3,("rename_internals: identical names in wildcard rename %s - success\n", fname)); - count++; - status = NT_STATUS_OK; - continue; - } + if (strcsequal(fname,destname)) { + rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname); + DEBUG(3,("rename_internals: identical names in wildcard rename %s - success\n", fname)); + count++; + status = NT_STATUS_OK; + continue; + } - if (!replace_if_exists && - vfs_file_exist(conn,destname, NULL)) { - DEBUG(6,("file_exist %s\n", destname)); - status = NT_STATUS_OBJECT_NAME_COLLISION; - continue; - } + if (!replace_if_exists && vfs_file_exist(conn,destname, NULL)) { + DEBUG(6,("file_exist %s\n", destname)); + status = NT_STATUS_OBJECT_NAME_COLLISION; + continue; + } - if (rename_path_prefix_equal(fname, destname)) { - return NT_STATUS_SHARING_VIOLATION; - } + if (rename_path_prefix_equal(fname, destname)) { + return NT_STATUS_SHARING_VIOLATION; + } - lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL); + lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL); - if (!SMB_VFS_RENAME(conn,fname,destname)) { - rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname); - count++; - status = NT_STATUS_OK; - } - TALLOC_FREE(lck); - DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); + if (!SMB_VFS_RENAME(conn,fname,destname)) { + rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname); + count++; + status = NT_STATUS_OK; } - CloseDir(dir_hnd); + TALLOC_FREE(lck); + DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); } + CloseDir(dir_hnd); + } #if 0 /* Don't think needed any more - JRA. */ @@ -4386,8 +4414,6 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", } #endif - } - if (count == 0 && NT_STATUS_IS_OK(status)) { status = map_nt_error_from_unix(errno); } @@ -4693,40 +4719,49 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } else { struct smb_Dir *dir_hnd = NULL; const char *dname; + long offset = 0; pstring destname; if (strequal(mask,"????????.???")) pstrcpy(mask,"*"); - if (check_name(directory,conn)) - dir_hnd = OpenDir(conn, directory, mask, 0); + status = check_name(conn, directory); + if (!NT_STATUS_IS_OK(status)) { + return ERROR_NT(status); + } + + dir_hnd = OpenDir(conn, directory, mask, 0); + if (dir_hnd == NULL) { + status = map_nt_error_from_unix(errno); + return ERROR_NT(status); + } - if (dir_hnd) { - long offset = 0; - error = ERRbadfile; + error = ERRbadfile; - while ((dname = ReadDirName(dir_hnd, &offset))) { - pstring fname; - pstrcpy(fname,dname); + while ((dname = ReadDirName(dir_hnd, &offset))) { + pstring fname; + pstrcpy(fname,dname); - if (!is_visible_file(conn, directory, dname, &sbuf1, False)) - continue; + if (!is_visible_file(conn, directory, dname, &sbuf1, False)) { + continue; + } - if(!mask_match(fname, mask, conn->case_sensitive)) - continue; + if(!mask_match(fname, mask, conn->case_sensitive)) { + continue; + } - error = ERRnoaccess; - slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - pstrcpy(destname,newname); - if (resolve_wildcards(fname,destname) - && NT_STATUS_IS_OK(status = copy_file( - fname,destname,conn,ofun, - count,target_is_directory))) - count++; - DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname)); + error = ERRnoaccess; + slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); + pstrcpy(destname,newname); + if (resolve_wildcards(fname,destname) && + NT_STATUS_IS_OK(status = copy_file( + fname,destname,conn,ofun, + count,target_is_directory))) { + count++; } - CloseDir(dir_hnd); + DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname)); } + CloseDir(dir_hnd); } if (count == 0) { -- cgit From 940192ddcc9d23e3bec806b4419d5845eeac0fd0 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 17 Jan 2007 16:23:45 +0000 Subject: r20854: Ok, now I think we're at a point where looking at notify starts to make sense again :-) Volker (This used to be commit 5533cdeec1b0cdee39b1d89e2320587dc9281ee6) --- source3/smbd/reply.c | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2d11b3db98..4d139be98f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1857,6 +1857,8 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; + notify_fname(conn, directory, -1, + NOTIFY_ACTION_REMOVED); } } else { struct smb_Dir *dir_hnd = NULL; @@ -1913,9 +1915,14 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (!NT_STATUS_IS_OK(status)) { continue; } - if (SMB_VFS_UNLINK(conn,fname) == 0) + if (SMB_VFS_UNLINK(conn,fname) == 0) { count++; - DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname)); + DEBUG(3,("unlink_internals: succesful unlink " + "[%s]\n",fname)); + notify_action(conn, directory, dname, + -1, NOTIFY_ACTION_REMOVED); + } + } CloseDir(dir_hnd); } @@ -3779,6 +3786,18 @@ BOOL rmdir_internals(connection_struct *conn, const char *directory) return False; } + { + char *parent_dir; + const char *dirname; + + if (parent_dirname_talloc(tmp_talloc_ctx(), directory, + &parent_dir, &dirname)) { + notify_action(conn, parent_dir, dirname, -1, + NOTIFY_ACTION_REMOVED); + TALLOC_FREE(parent_dir); /* Not strictly necessary */ + } + } + return True; } -- cgit From fd37f98158161406229b728a7c767121a30e254f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 18 Jan 2007 06:19:24 +0000 Subject: r20873: Some correctness fixes w.r.t. Samba4 torture BASE-DELETE. Allow us to correctly refuse to set delete on close on a non-empty directory. There are still some delete-on-close wrinkles to be fixed, but I understand how to do that better now. I'll fix this tomorrow. Jeremy. (This used to be commit 029635885825a5562e7974a6f5675cce3bf1b5dc) --- source3/smbd/reply.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4d139be98f..2075939f5b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1013,10 +1013,19 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size p = smb_buf(outbuf) + 3; if (status_len == 0) { - nt_status = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid), mask, mask_contains_wcard, dirtype,&dptr_num); + nt_status = dptr_create(conn, + directory, + True, + expect_close, + SVAL(inbuf,smb_pid), + mask, + mask_contains_wcard, + dirtype, + &conn->dirptr); if (!NT_STATUS_IS_OK(nt_status)) { return ERROR_NT(nt_status); } + dptr_num = dptr_dnum(conn->dirptr); } else { dirtype = dptr_attr(dptr_num); } -- cgit From 2958f467339913320e8593301127baef8a56beb1 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 18 Jan 2007 12:49:59 +0000 Subject: r20877: Random notify fixes (This used to be commit 2f1bfc53733ac3debc6a8b51642ab191869cd792) --- source3/smbd/reply.c | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2075939f5b..2763924d4f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1866,7 +1866,8 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; - notify_fname(conn, directory, -1, + notify_fname(conn, directory, + FILE_NOTIFY_CHANGE_FILE, NOTIFY_ACTION_REMOVED); } } else { @@ -1929,7 +1930,8 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, DEBUG(3,("unlink_internals: succesful unlink " "[%s]\n",fname)); notify_action(conn, directory, dname, - -1, NOTIFY_ACTION_REMOVED); + FILE_NOTIFY_CHANGE_FILE, + NOTIFY_ACTION_REMOVED); } } @@ -3718,6 +3720,8 @@ BOOL rmdir_internals(connection_struct *conn, const char *directory) ret = SMB_VFS_RMDIR(conn,directory); if (ret == 0) { + notify_fname(conn, directory, FILE_NOTIFY_CHANGE_DIR_NAME, + NOTIFY_ACTION_REMOVED); return True; } @@ -3795,17 +3799,8 @@ BOOL rmdir_internals(connection_struct *conn, const char *directory) return False; } - { - char *parent_dir; - const char *dirname; - - if (parent_dirname_talloc(tmp_talloc_ctx(), directory, - &parent_dir, &dirname)) { - notify_action(conn, parent_dir, dirname, -1, - NOTIFY_ACTION_REMOVED); - TALLOC_FREE(parent_dir); /* Not strictly necessary */ - } - } + notify_fname(conn, directory, FILE_NOTIFY_CHANGE_DIR_NAME, + NOTIFY_ACTION_REMOVED); return True; } -- cgit From d5206610cd67f88e2cc7d5b2b434e320e81c29d5 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 21 Jan 2007 11:49:00 +0000 Subject: r20931: This changes the notify infrastructure from a polling-based to an event-driven based approach. The only remaining hook into the backend is now void *(*notify_add)(TALLOC_CTX *mem_ctx, struct event_context *event_ctx, files_struct *fsp, uint32 *filter); (Should we put this through the VFS, so that others can more easily plug in?) The trick here is that the backend can pick filter bits that the main smbd should not handle anymore. Thanks to tridge for this idea. The backend can notify the main smbd process via void notify_fsp(files_struct *fsp, uint32 action, char *name); The core patch is not big, what makes this more than 1800 lines are the individual backends that are considerably changed but can be reviewed one by one. Based on this I'll continue with inotify now. Volker (This used to be commit 9cd6a8a82792b7b6967141565d043b6337836a5d) --- source3/smbd/reply.c | 11 ----------- 1 file changed, 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2763924d4f..7cb086841d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1982,12 +1982,6 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } - /* - * Win2k needs a changenotify request response before it will - * update after a rename.. - */ - process_pending_change_notify_queue((time_t)0); - outsize = set_message(outbuf,0,0,False); END_PROFILE(SMBunlink); @@ -4490,11 +4484,6 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - /* - * Win2k needs a changenotify request response before it will - * update after a rename.. - */ - process_pending_change_notify_queue((time_t)0); outsize = set_message(outbuf,0,0,False); END_PROFILE(SMBmv); -- cgit From 845647f4687431e321ee98a7b48cc324c345cbd4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 30 Jan 2007 18:16:51 +0000 Subject: r21057: More refactoring into functions. Jeremy. (This used to be commit fe2d7cb2dcd7c4d25d71f196aa557ce3e287bb4c) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7cb086841d..a1edce935d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3999,7 +3999,7 @@ static BOOL rename_path_prefix_equal(const char *src, const char *dest) Rename an open file - given an fsp. ****************************************************************************/ -NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char *newname, uint32 attrs, BOOL replace_if_exists) +NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstring newname, uint32 attrs, BOOL replace_if_exists) { SMB_STRUCT_STAT sbuf; pstring newname_last_component; @@ -4116,7 +4116,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char * code. ****************************************************************************/ -NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, uint32 attrs, BOOL replace_if_exists, BOOL has_wild) +NTSTATUS rename_internals(connection_struct *conn, pstring name, pstring newname, uint32 attrs, BOOL replace_if_exists, BOOL has_wild) { pstring directory; pstring mask; -- cgit From b0bf3ddb386f3c04b44c6e48867c222ae3a15c2e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 31 Jan 2007 12:42:24 +0000 Subject: r21079: Minimizing diff: Adopt the Samba4 style ChangeNotify flags. Volker (This used to be commit a3c1069b0c3da914e2ac7337fd9e924b1c811d39) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a1edce935d..b0bddc03f6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1867,7 +1867,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; notify_fname(conn, directory, - FILE_NOTIFY_CHANGE_FILE, + FILE_NOTIFY_CHANGE_FILE_NAME, NOTIFY_ACTION_REMOVED); } } else { @@ -1930,7 +1930,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, DEBUG(3,("unlink_internals: succesful unlink " "[%s]\n",fname)); notify_action(conn, directory, dname, - FILE_NOTIFY_CHANGE_FILE, + FILE_NOTIFY_CHANGE_FILE_NAME, NOTIFY_ACTION_REMOVED); } -- cgit From 434bf5fadd1bc7e7c4af0eb402457365860ec760 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 31 Jan 2007 12:55:39 +0000 Subject: r21080: Reformatting (This used to be commit 705f866a78ec3f1169543bf82fb48ea6580160a9) --- source3/smbd/reply.c | 105 +++++++++++++++++++++++++++++++++------------------ 1 file changed, 68 insertions(+), 37 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b0bddc03f6..37c8a46ed3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4116,7 +4116,9 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin code. ****************************************************************************/ -NTSTATUS rename_internals(connection_struct *conn, pstring name, pstring newname, uint32 attrs, BOOL replace_if_exists, BOOL has_wild) +NTSTATUS rename_internals(connection_struct *conn, pstring name, + pstring newname, uint32 attrs, + BOOL replace_if_exists, BOOL has_wild) { pstring directory; pstring mask; @@ -4133,12 +4135,14 @@ NTSTATUS rename_internals(connection_struct *conn, pstring name, pstring newname ZERO_STRUCT(sbuf1); ZERO_STRUCT(sbuf2); - status = unix_convert(conn, name, has_wild, last_component_src, &sbuf1); + status = unix_convert(conn, name, has_wild, last_component_src, + &sbuf1); if (!NT_STATUS_IS_OK(status)) { return status; } - status = unix_convert(conn, newname, True, last_component_dest, &sbuf2); + status = unix_convert(conn, newname, True, last_component_dest, + &sbuf2); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -4194,10 +4198,13 @@ NTSTATUS rename_internals(connection_struct *conn, pstring name, pstring newname pstrcpy(newname, tmpstr); } - DEBUG(3,("rename_internals: case_sensitive = %d, case_preserve = %d, short case preserve = %d, \ -directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", - conn->case_sensitive, conn->case_preserve, conn->short_case_preserve, directory, - newname, last_component_dest, is_short_name)); + DEBUG(3, ("rename_internals: case_sensitive = %d, " + "case_preserve = %d, short case preserve = %d, " + "directory = %s, newname = %s, " + "last_component_dest = %s, is_8_3 = %d\n", + conn->case_sensitive, conn->case_preserve, + conn->short_case_preserve, directory, + newname, last_component_dest, is_short_name)); /* * Check for special case with case preserving and not @@ -4240,13 +4247,16 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", */ if (!vfs_object_exist(conn, directory, &sbuf1)) { - DEBUG(3,("rename_internals: source doesn't exist doing rename %s -> %s\n", + DEBUG(3, ("rename_internals: source doesn't exist " + "doing rename %s -> %s\n", directory,newname)); - if (errno == ENOTDIR || errno == EISDIR || errno == ENOENT) { + if (errno == ENOTDIR || errno == EISDIR + || errno == ENOENT) { /* - * Must return different errors depending on whether the parent - * directory existed or not. + * Must return different errors depending on + * whether the parent directory existed or + * not. */ p = strrchr_m(directory, '/'); @@ -4258,8 +4268,9 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", return NT_STATUS_OBJECT_PATH_NOT_FOUND; } status = map_nt_error_from_unix(errno); - DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", - nt_errstr(status), directory,newname)); + DEBUG(3, ("rename_internals: Error %s rename %s -> " + "%s\n", nt_errstr(status), directory, + newname)); return status; } @@ -4267,8 +4278,9 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", status = can_rename(conn,directory,attrs,&sbuf1); if (!NT_STATUS_IS_OK(status)) { - DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", - nt_errstr(status), directory,newname)); + DEBUG(3,("rename_internals: Error %s rename %s -> " + "%s\n", nt_errstr(status), directory, + newname)); return status; } @@ -4278,14 +4290,17 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", */ if (strcsequal(directory, newname)) { - rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname); - DEBUG(3,("rename_internals: identical names in rename %s - returning success\n", directory)); + rename_open_files(conn, NULL, sbuf1.st_dev, + sbuf1.st_ino, newname); + DEBUG(3, ("rename_internals: identical names in " + "rename %s - returning success\n", + directory)); return NT_STATUS_OK; } if(!replace_if_exists && vfs_object_exist(conn,newname,NULL)) { - DEBUG(3,("rename_internals: dest exists doing rename %s -> %s\n", - directory,newname)); + DEBUG(3,("rename_internals: dest exists doing " + "rename %s -> %s\n", directory, newname)); return NT_STATUS_OBJECT_NAME_COLLISION; } @@ -4293,12 +4308,14 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", return NT_STATUS_SHARING_VIOLATION; } - lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL); + lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, + NULL, NULL); if(SMB_VFS_RENAME(conn,directory, newname) == 0) { - DEBUG(3,("rename_internals: succeeded doing rename on %s -> %s\n", - directory,newname)); - rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname); + DEBUG(3,("rename_internals: succeeded doing rename " + "on %s -> %s\n", directory, newname)); + rename_open_files(conn, lck, sbuf1.st_dev, + sbuf1.st_ino, newname); TALLOC_FREE(lck); return NT_STATUS_OK; } @@ -4337,7 +4354,10 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", } status = NT_STATUS_NO_SUCH_FILE; -/* Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */ + /* + * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + * - gentest fix. JRA + */ while ((dname = ReadDirName(dir_hnd, &offset))) { pstring fname; @@ -4347,7 +4367,8 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", /* Quick check for "." and ".." */ if (fname[0] == '.') { - if (!fname[1] || (fname[1] == '.' && !fname[2])) { + if (!fname[1] + || (fname[1] == '.' && !fname[2])) { if (attrs & aDIR) { sysdir_entry = True; } else { @@ -4356,7 +4377,8 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", } } - if (!is_visible_file(conn, directory, dname, &sbuf1, False)) { + if (!is_visible_file(conn, directory, dname, &sbuf1, + False)) { continue; } @@ -4370,34 +4392,40 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", } status = NT_STATUS_ACCESS_DENIED; - slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname); + slprintf(fname, sizeof(fname)-1, "%s/%s", directory, + dname); if (!vfs_object_exist(conn, fname, &sbuf1)) { status = NT_STATUS_OBJECT_NAME_NOT_FOUND; - DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(status))); + DEBUG(6, ("rename %s failed. Error %s\n", + fname, nt_errstr(status))); continue; } status = can_rename(conn,fname,attrs,&sbuf1); if (!NT_STATUS_IS_OK(status)) { - DEBUG(6,("rename %s refused\n", fname)); + DEBUG(6, ("rename %s refused\n", fname)); continue; } pstrcpy(destname,newname); if (!resolve_wildcards(fname,destname)) { - DEBUG(6,("resolve_wildcards %s %s failed\n", - fname, destname)); + DEBUG(6, ("resolve_wildcards %s %s failed\n", + fname, destname)); continue; } if (strcsequal(fname,destname)) { - rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname); - DEBUG(3,("rename_internals: identical names in wildcard rename %s - success\n", fname)); + rename_open_files(conn, NULL, sbuf1.st_dev, + sbuf1.st_ino, newname); + DEBUG(3,("rename_internals: identical names " + "in wildcard rename %s - success\n", + fname)); count++; status = NT_STATUS_OK; continue; } - if (!replace_if_exists && vfs_file_exist(conn,destname, NULL)) { + if (!replace_if_exists + && vfs_file_exist(conn,destname, NULL)) { DEBUG(6,("file_exist %s\n", destname)); status = NT_STATUS_OBJECT_NAME_COLLISION; continue; @@ -4407,15 +4435,18 @@ directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n", return NT_STATUS_SHARING_VIOLATION; } - lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL); + lck = get_share_mode_lock(NULL, sbuf1.st_dev, + sbuf1.st_ino, NULL, NULL); if (!SMB_VFS_RENAME(conn,fname,destname)) { - rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname); + rename_open_files(conn, lck, sbuf1.st_dev, + sbuf1.st_ino, newname); count++; status = NT_STATUS_OK; } TALLOC_FREE(lck); - DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname)); + DEBUG(3,("rename_internals: doing rename on %s -> " + "%s\n",fname,destname)); } CloseDir(dir_hnd); } -- cgit From 547f77778abc45bf329dcb53182127d72596c812 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 31 Jan 2007 14:14:57 +0000 Subject: r21087: Make the param list of notify_fname match notify_trigger (This used to be commit defa28f9c3eda85a072b972fffd2d5de8bcf01f7) --- source3/smbd/reply.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 37c8a46ed3..7ffebd9118 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1866,9 +1866,9 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (SMB_VFS_UNLINK(conn,directory) == 0) { count++; - notify_fname(conn, directory, + notify_fname(conn, NOTIFY_ACTION_REMOVED, FILE_NOTIFY_CHANGE_FILE_NAME, - NOTIFY_ACTION_REMOVED); + directory); } } else { struct smb_Dir *dir_hnd = NULL; @@ -3714,8 +3714,9 @@ BOOL rmdir_internals(connection_struct *conn, const char *directory) ret = SMB_VFS_RMDIR(conn,directory); if (ret == 0) { - notify_fname(conn, directory, FILE_NOTIFY_CHANGE_DIR_NAME, - NOTIFY_ACTION_REMOVED); + notify_fname(conn, NOTIFY_ACTION_REMOVED, + FILE_NOTIFY_CHANGE_DIR_NAME, + directory); return True; } @@ -3793,8 +3794,9 @@ BOOL rmdir_internals(connection_struct *conn, const char *directory) return False; } - notify_fname(conn, directory, FILE_NOTIFY_CHANGE_DIR_NAME, - NOTIFY_ACTION_REMOVED); + notify_fname(conn, NOTIFY_ACTION_REMOVED, + FILE_NOTIFY_CHANGE_DIR_NAME, + directory); return True; } -- cgit From 697ccab3f0c8d9cae7ce982009957a79254e4665 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 31 Jan 2007 14:24:29 +0000 Subject: r21089: Do notifies on rename (This used to be commit 2aadb95a7e58777ee7ff024cc9e14f4334970d50) --- source3/smbd/reply.c | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7ffebd9118..3c7b3c4e18 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4113,6 +4113,48 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin return status; } +/* + * Do the notify calls from a rename + */ + +static void notify_rename(connection_struct *conn, BOOL is_dir, + const char *oldpath, const char *newpath) +{ + char *olddir, *newdir; + const char *oldname, *newname; + uint32 mask; + + mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME + : FILE_NOTIFY_CHANGE_FILE_NAME; + + if (!parent_dirname_talloc(NULL, oldpath, &olddir, &oldname) + || !parent_dirname_talloc(NULL, newpath, &newdir, &newname)) { + TALLOC_FREE(olddir); + return; + } + + if (strcmp(olddir, newdir) == 0) { + notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath); + notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath); + } + else { + notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath); + notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath); + } + TALLOC_FREE(olddir); + TALLOC_FREE(newdir); + + /* this is a strange one. w2k3 gives an additional event for + CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming + files, but not directories */ + if (!is_dir) { + notify_fname(conn, NOTIFY_ACTION_MODIFIED, + FILE_NOTIFY_CHANGE_ATTRIBUTES + |FILE_NOTIFY_CHANGE_CREATION, + newpath); + } +} + /**************************************************************************** The guts of the rename command, split out so it may be called by the NT SMB code. @@ -4319,6 +4361,8 @@ NTSTATUS rename_internals(connection_struct *conn, pstring name, rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname); TALLOC_FREE(lck); + notify_rename(conn, S_ISDIR(sbuf1.st_mode), + directory, newname); return NT_STATUS_OK; } -- cgit From 9974656d3be3fb01af59bfefe592475e92bdceb0 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 31 Jan 2007 16:56:27 +0000 Subject: r21093: Remove the hash and dnotify backends. Disabling FAM for this checkin, I'm working on that right now. Volker (This used to be commit 01c9fb17281e99300b339d2cfc0acac7ca94843c) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3c7b3c4e18..655d78cd24 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1929,9 +1929,9 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, count++; DEBUG(3,("unlink_internals: succesful unlink " "[%s]\n",fname)); - notify_action(conn, directory, dname, - FILE_NOTIFY_CHANGE_FILE_NAME, - NOTIFY_ACTION_REMOVED); + notify_fname(conn, NOTIFY_ACTION_REMOVED, + FILE_NOTIFY_CHANGE_FILE_NAME, + fname); } } -- cgit From 7a5fa7f12ec439ef5a4af29aa86498f799b6b9a5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 6 Feb 2007 21:05:34 +0000 Subject: r21191: Add in the POSIX open/mkdir/unlink calls. Move more error code returns to NTSTATUS. Client test code to follow... See if this passes the build-farm before I add it into 3.0.25. Jeremy. (This used to be commit 83dbbdff345fa9e427c9579183f4380004bf3dd7) --- source3/smbd/reply.c | 54 ++++++++++++++++++++++------------------------------ 1 file changed, 23 insertions(+), 31 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 655d78cd24..8bccd45f4b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3108,9 +3108,9 @@ int reply_exit(connection_struct *conn, int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { + NTSTATUS status = NT_STATUS_OK; int outsize = 0; time_t mtime; - int32 eclass = 0, err = 0; files_struct *fsp = NULL; START_PROFILE(SMBclose); @@ -3138,12 +3138,11 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * Special case - close NT SMB directory handle. */ DEBUG(3,("close directory fnum=%d\n", fsp->fnum)); - close_file(fsp,NORMAL_CLOSE); + status = close_file(fsp,NORMAL_CLOSE); } else { /* * Close ordinary file. */ - int close_err; DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n", fsp->fh->fd, fsp->fnum, @@ -3162,17 +3161,12 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * a disk full error. If not then it was probably an I/O error. */ - if((close_err = close_file(fsp,NORMAL_CLOSE)) != 0) { - errno = close_err; - END_PROFILE(SMBclose); - return (UNIXERROR(ERRHRD,ERRgeneral)); - } + status = close_file(fsp,NORMAL_CLOSE); } - /* We have a cached error */ - if(eclass || err) { + if(!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBclose); - return ERROR_DOS(eclass,err); + return ERROR_NT(status); } END_PROFILE(SMBclose); @@ -3189,7 +3183,7 @@ int reply_writeclose(connection_struct *conn, size_t numtowrite; ssize_t nwritten = -1; int outsize = 0; - int close_err = 0; + NTSTATUS close_status = NT_STATUS_OK; SMB_OFF_T startpos; char *data; time_t mtime; @@ -3223,7 +3217,7 @@ int reply_writeclose(connection_struct *conn, if (numtowrite) { DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n", fsp->fsp_name )); - close_err = close_file(fsp,NORMAL_CLOSE); + close_status = close_file(fsp,NORMAL_CLOSE); } DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n", @@ -3235,10 +3229,9 @@ int reply_writeclose(connection_struct *conn, return(UNIXERROR(ERRHRD,ERRdiskfull)); } - if(close_err != 0) { - errno = close_err; + if(!NT_STATUS_IS_OK(close_status)) { END_PROFILE(SMBwriteclose); - return(UNIXERROR(ERRHRD,ERRgeneral)); + return ERROR_NT(close_status); } outsize = set_message(outbuf,1,0,True); @@ -3455,7 +3448,7 @@ int reply_printclose(connection_struct *conn, { int outsize = set_message(outbuf,0,0,False); files_struct *fsp = file_fsp(inbuf,smb_vwv0); - int close_err = 0; + NTSTATUS status; START_PROFILE(SMBsplclose); CHECK_FSP(fsp,conn); @@ -3468,12 +3461,11 @@ int reply_printclose(connection_struct *conn, DEBUG(3,("printclose fd=%d fnum=%d\n", fsp->fh->fd,fsp->fnum)); - close_err = close_file(fsp,NORMAL_CLOSE); + status = close_file(fsp,NORMAL_CLOSE); - if(close_err != 0) { - errno = close_err; + if(!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBsplclose); - return(UNIXERROR(ERRHRD,ERRgeneral)); + return ERROR_NT(status); } END_PROFILE(SMBsplclose); @@ -3707,7 +3699,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) The internals of the rmdir code - called elsewhere. ****************************************************************************/ -BOOL rmdir_internals(connection_struct *conn, const char *directory) +NTSTATUS rmdir_internals(connection_struct *conn, const char *directory) { int ret; SMB_STRUCT_STAT st; @@ -3717,7 +3709,7 @@ BOOL rmdir_internals(connection_struct *conn, const char *directory) notify_fname(conn, NOTIFY_ACTION_REMOVED, FILE_NOTIFY_CHANGE_DIR_NAME, directory); - return True; + return NT_STATUS_OK; } if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) { @@ -3791,14 +3783,14 @@ BOOL rmdir_internals(connection_struct *conn, const char *directory) if (ret != 0) { DEBUG(3,("rmdir_internals: couldn't remove directory %s : " "%s\n", directory,strerror(errno))); - return False; + return map_nt_error_from_unix(errno); } notify_fname(conn, NOTIFY_ACTION_REMOVED, FILE_NOTIFY_CHANGE_DIR_NAME, directory); - return True; + return NT_STATUS_OK; } /**************************************************************************** @@ -3834,9 +3826,10 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } dptr_closepath(directory,SVAL(inbuf,smb_pid)); - if (!rmdir_internals(conn, directory)) { + status = rmdir_internals(conn, directory); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBrmdir); - return UNIXERROR(ERRDOS, ERRbadpath); + return ERROR_NT(status); } outsize = set_message(outbuf,0,0,False); @@ -4585,7 +4578,6 @@ NTSTATUS copy_file(char *src, char *dest1,connection_struct *conn, int ofun, uint32 dosattrs; uint32 new_create_disposition; NTSTATUS status; - int close_err; pstrcpy(dest,dest1); if (target_is_directory) { @@ -4670,10 +4662,10 @@ NTSTATUS copy_file(char *src, char *dest1,connection_struct *conn, int ofun, * Thus we don't look at the error return from the * close of fsp1. */ - close_err = close_file(fsp2,NORMAL_CLOSE); + status = close_file(fsp2,NORMAL_CLOSE); - if (close_err != 0) { - return map_nt_error_from_unix(close_err); + if (!NT_STATUS_IS_OK(status)) { + return status; } if (ret != (SMB_OFF_T)src_sbuf.st_size) { -- cgit From 10ab7a3a78b5b4d38f93f13f5b91b5eea5308e86 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 3 Mar 2007 01:35:58 +0000 Subject: r21672: The cannonical file access pattern should look like this : srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { return ERROR_NT(status); } RESOLVE_DFSPATH(name, conn, inbuf, outbuf); status = unix_convert(conn, name, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { return ERROR_NT(status); } status = check_name(conn, name); if (!NT_STATUS_IS_OK(status)) { return ERROR_NT(status); } Make sure that every access pattern (including the wildcard generated paths from unlink, rename, and copy) do the same. Tidy things up a bit.... Jeremy. (This used to be commit b8327b21ddf518d34c6cd6c01bd7fc0fd3f63c0c) --- source3/smbd/reply.c | 417 +++++++++++++++++++++++++++++++-------------------- 1 file changed, 256 insertions(+), 161 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8bccd45f4b..25c2aaa4dc 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -798,6 +798,12 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBsetatr); + return ERROR_NT(status); + } + if (fname[0] == '.' && fname[1] == '\0') { /* * Not sure here is the right place to catch this @@ -807,12 +813,6 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(NT_STATUS_ACCESS_DENIED); } - status = check_name(conn, fname); - if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBsetatr); - return ERROR_NT(status); - } - mode = SVAL(inbuf,smb_vwv0); mtime = srv_make_unix_date3(inbuf+smb_vwv1); @@ -1211,6 +1211,12 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBopen); + return ERROR_NT(status); + } + if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask, &share_mode, &create_disposition, &create_options)) { END_PROFILE(SMBopen); @@ -1329,6 +1335,12 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return ERROR_NT(status); } + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBopenX); + return ERROR_NT(status); + } + if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun, &access_mask, &share_mode, @@ -1501,6 +1513,12 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBcreate); + return ERROR_NT(status); + } + if (fattr & aVOLID) { DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname)); } @@ -1590,6 +1608,12 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, END_PROFILE(SMBctemp); return ERROR_NT(status); } + + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBctemp); + return ERROR_NT(status); + } tmpfd = smb_mkstemp(fname); if (tmpfd == -1) { @@ -1859,6 +1883,12 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, if (dirtype == 0) { dirtype = FILE_ATTRIBUTE_NORMAL; } + + status = check_name(conn, directory); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + status = can_delete(conn,directory,dirtype,can_defer); if (!NT_STATUS_IS_OK(status)) { return status; @@ -1921,6 +1951,12 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, } slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); + + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + status = can_delete(conn, fname, dirtype, can_defer); if (!NT_STATUS_IS_OK(status)) { continue; @@ -3607,6 +3643,12 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } + status = check_name(conn, directory); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBmkdir); + return ERROR_NT(status); + } + status = create_directory(conn, directory); DEBUG(5, ("create_directory returned %s\n", nt_errstr(status))); @@ -3855,7 +3897,6 @@ static BOOL resolve_wildcards(const char *name1, char *name2) char *p,*p2, *pname1, *pname2; int available_space, actual_space; - pname1 = strrchr_m(name1,'/'); pname2 = strrchr_m(name2,'/'); @@ -4009,6 +4050,11 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin return status; } + status = check_name(conn, newname); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + /* Ensure newname contains a '/' */ if(strrchr_m(newname,'/') == 0) { pstring tmpstr; @@ -4153,9 +4199,13 @@ static void notify_rename(connection_struct *conn, BOOL is_dir, code. ****************************************************************************/ -NTSTATUS rename_internals(connection_struct *conn, pstring name, - pstring newname, uint32 attrs, - BOOL replace_if_exists, BOOL has_wild) +NTSTATUS rename_internals(connection_struct *conn, + pstring name, + pstring newname, + uint32 attrs, + BOOL replace_if_exists, + BOOL src_has_wild, + BOOL dest_has_wild) { pstring directory; pstring mask; @@ -4166,20 +4216,22 @@ NTSTATUS rename_internals(connection_struct *conn, pstring name, NTSTATUS status = NT_STATUS_OK; SMB_STRUCT_STAT sbuf1, sbuf2; struct share_mode_lock *lck = NULL; + struct smb_Dir *dir_hnd = NULL; + const char *dname; + long offset = 0; + pstring destname; *directory = *mask = 0; ZERO_STRUCT(sbuf1); ZERO_STRUCT(sbuf2); - status = unix_convert(conn, name, has_wild, last_component_src, - &sbuf1); + status = unix_convert(conn, name, src_has_wild, last_component_src, &sbuf1); if (!NT_STATUS_IS_OK(status)) { return status; } - status = unix_convert(conn, newname, True, last_component_dest, - &sbuf2); + status = unix_convert(conn, newname, dest_has_wild, last_component_dest, &sbuf2); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -4213,10 +4265,11 @@ NTSTATUS rename_internals(connection_struct *conn, pstring name, * Tine Smukavec . */ - if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) + if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) { mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); + } - if (!has_wild) { + if (!src_has_wild) { /* * No wildcards - just process the one file. */ @@ -4243,6 +4296,21 @@ NTSTATUS rename_internals(connection_struct *conn, pstring name, conn->short_case_preserve, directory, newname, last_component_dest, is_short_name)); + /* Ensure the source name is valid for us to access. */ + status = check_name(conn, directory); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + /* The dest name still may have wildcards. */ + if (dest_has_wild) { + if (!resolve_wildcards(directory,newname)) { + DEBUG(6, ("rename_internals: resolve_wildcards %s %s failed\n", + directory,newname)); + return NT_STATUS_NO_MEMORY; + } + } + /* * Check for special case with case preserving and not * case sensitive, if directory and newname are identical, @@ -4277,8 +4345,12 @@ NTSTATUS rename_internals(connection_struct *conn, pstring name, } } - resolve_wildcards(directory,newname); - + /* Ensure the dest name is valid for us to access. */ + status = check_name(conn, newname); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + /* * The source object must exist. */ @@ -4370,136 +4442,130 @@ NTSTATUS rename_internals(connection_struct *conn, pstring name, nt_errstr(status), directory,newname)); return status; - } else { - /* - * Wildcards - process each file that matches. - */ - struct smb_Dir *dir_hnd = NULL; - const char *dname; - long offset = 0; - pstring destname; - - if (strequal(mask,"????????.???")) - pstrcpy(mask,"*"); + } + + /* + * Wildcards - process each file that matches. + */ + if (strequal(mask,"????????.???")) { + pstrcpy(mask,"*"); + } - status = check_name(conn, directory); - if (!NT_STATUS_IS_OK(status)) { - return status; - } + status = check_name(conn, directory); + if (!NT_STATUS_IS_OK(status)) { + return status; + } - dir_hnd = OpenDir(conn, directory, mask, attrs); - if (dir_hnd == NULL) { - return map_nt_error_from_unix(errno); - } + dir_hnd = OpenDir(conn, directory, mask, attrs); + if (dir_hnd == NULL) { + return map_nt_error_from_unix(errno); + } - status = NT_STATUS_NO_SUCH_FILE; - /* - * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND; - * - gentest fix. JRA - */ + status = NT_STATUS_NO_SUCH_FILE; + /* + * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + * - gentest fix. JRA + */ - while ((dname = ReadDirName(dir_hnd, &offset))) { - pstring fname; - BOOL sysdir_entry = False; + while ((dname = ReadDirName(dir_hnd, &offset))) { + pstring fname; + BOOL sysdir_entry = False; - pstrcpy(fname,dname); + pstrcpy(fname,dname); - /* Quick check for "." and ".." */ - if (fname[0] == '.') { - if (!fname[1] - || (fname[1] == '.' && !fname[2])) { - if (attrs & aDIR) { - sysdir_entry = True; - } else { - continue; - } + /* Quick check for "." and ".." */ + if (fname[0] == '.') { + if (!fname[1] || (fname[1] == '.' && !fname[2])) { + if (attrs & aDIR) { + sysdir_entry = True; + } else { + continue; } } + } - if (!is_visible_file(conn, directory, dname, &sbuf1, - False)) { - continue; - } + if (!is_visible_file(conn, directory, dname, &sbuf1, False)) { + continue; + } - if(!mask_match(fname, mask, conn->case_sensitive)) { - continue; - } + if(!mask_match(fname, mask, conn->case_sensitive)) { + continue; + } - if (sysdir_entry) { - status = NT_STATUS_OBJECT_NAME_INVALID; - break; - } + if (sysdir_entry) { + status = NT_STATUS_OBJECT_NAME_INVALID; + break; + } - status = NT_STATUS_ACCESS_DENIED; - slprintf(fname, sizeof(fname)-1, "%s/%s", directory, - dname); - if (!vfs_object_exist(conn, fname, &sbuf1)) { - status = NT_STATUS_OBJECT_NAME_NOT_FOUND; - DEBUG(6, ("rename %s failed. Error %s\n", - fname, nt_errstr(status))); - continue; - } - status = can_rename(conn,fname,attrs,&sbuf1); - if (!NT_STATUS_IS_OK(status)) { - DEBUG(6, ("rename %s refused\n", fname)); - continue; - } - pstrcpy(destname,newname); + status = NT_STATUS_ACCESS_DENIED; + slprintf(fname, sizeof(fname)-1, "%s/%s", directory, dname); + + /* Ensure the source name is valid for us to access. */ + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + if (!vfs_object_exist(conn, fname, &sbuf1)) { + status = NT_STATUS_OBJECT_NAME_NOT_FOUND; + DEBUG(6, ("rename %s failed. Error %s\n", + fname, nt_errstr(status))); + continue; + } + status = can_rename(conn,fname,attrs,&sbuf1); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(6, ("rename %s refused\n", fname)); + continue; + } + pstrcpy(destname,newname); - if (!resolve_wildcards(fname,destname)) { - DEBUG(6, ("resolve_wildcards %s %s failed\n", - fname, destname)); - continue; - } + if (!resolve_wildcards(fname,destname)) { + DEBUG(6, ("resolve_wildcards %s %s failed\n", + fname, destname)); + continue; + } - if (strcsequal(fname,destname)) { - rename_open_files(conn, NULL, sbuf1.st_dev, - sbuf1.st_ino, newname); - DEBUG(3,("rename_internals: identical names " - "in wildcard rename %s - success\n", - fname)); - count++; - status = NT_STATUS_OK; - continue; - } + /* Ensure the dest name is valid for us to access. */ + status = check_name(conn, destname); + if (!NT_STATUS_IS_OK(status)) { + return status; + } - if (!replace_if_exists - && vfs_file_exist(conn,destname, NULL)) { - DEBUG(6,("file_exist %s\n", destname)); - status = NT_STATUS_OBJECT_NAME_COLLISION; - continue; - } + if (strcsequal(fname,destname)) { + rename_open_files(conn, NULL, sbuf1.st_dev, + sbuf1.st_ino, newname); + DEBUG(3,("rename_internals: identical names " + "in wildcard rename %s - success\n", + fname)); + count++; + status = NT_STATUS_OK; + continue; + } + + if (!replace_if_exists && vfs_file_exist(conn,destname, NULL)) { + DEBUG(6,("file_exist %s\n", destname)); + status = NT_STATUS_OBJECT_NAME_COLLISION; + continue; + } - if (rename_path_prefix_equal(fname, destname)) { - return NT_STATUS_SHARING_VIOLATION; - } + if (rename_path_prefix_equal(fname, destname)) { + return NT_STATUS_SHARING_VIOLATION; + } - lck = get_share_mode_lock(NULL, sbuf1.st_dev, - sbuf1.st_ino, NULL, NULL); + lck = get_share_mode_lock(NULL, sbuf1.st_dev, + sbuf1.st_ino, NULL, NULL); - if (!SMB_VFS_RENAME(conn,fname,destname)) { - rename_open_files(conn, lck, sbuf1.st_dev, - sbuf1.st_ino, newname); - count++; - status = NT_STATUS_OK; - } - TALLOC_FREE(lck); - DEBUG(3,("rename_internals: doing rename on %s -> " - "%s\n",fname,destname)); + if (!SMB_VFS_RENAME(conn,fname,destname)) { + rename_open_files(conn, lck, sbuf1.st_dev, + sbuf1.st_ino, newname); + count++; + status = NT_STATUS_OK; } - CloseDir(dir_hnd); + TALLOC_FREE(lck); + DEBUG(3,("rename_internals: doing rename on %s -> " + "%s\n",fname,destname)); } - -#if 0 - /* Don't think needed any more - JRA. */ - if (!NT_STATUS_EQUAL(error,NT_STATUS_NO_SUCH_FILE)) { - if (!rcdest && bad_path_dest) { - if (ms_has_wild(last_component_dest)) - return NT_STATUS_OBJECT_NAME_INVALID; - return NT_STATUS_OBJECT_PATH_NOT_FOUND; - } - } -#endif + CloseDir(dir_hnd); if (count == 0 && NT_STATUS_IS_OK(status)) { status = map_nt_error_from_unix(errno); @@ -4521,19 +4587,19 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, char *p; uint32 attrs = SVAL(inbuf,smb_vwv0); NTSTATUS status; - BOOL path1_contains_wcard = False; - BOOL path2_contains_wcard = False; + BOOL src_has_wcard = False; + BOOL dest_has_wcard = False; START_PROFILE(SMBmv); p = smb_buf(inbuf) + 1; - p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path1_contains_wcard); + p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &src_has_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); } p++; - p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &path2_contains_wcard); + p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); @@ -4544,7 +4610,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - status = rename_internals(conn, name, newname, attrs, False, path1_contains_wcard); + status = rename_internals(conn, name, newname, attrs, False, src_has_wcard, dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); if (open_was_deferred(SVAL(inbuf,smb_mid))) { @@ -4568,8 +4634,12 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, * TODO: check error codes on all callers */ -NTSTATUS copy_file(char *src, char *dest1,connection_struct *conn, int ofun, - int count, BOOL target_is_directory) +NTSTATUS copy_file(connection_struct *conn, + char *src, + char *dest1, + int ofun, + int count, + BOOL target_is_directory) { SMB_STRUCT_STAT src_sbuf, sbuf2; SMB_OFF_T ret=-1; @@ -4689,14 +4759,12 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int count=0; int error = ERRnoaccess; int err = 0; - BOOL has_wild; - BOOL exists=False; int tid2 = SVAL(inbuf,smb_vwv0); int ofun = SVAL(inbuf,smb_vwv1); int flags = SVAL(inbuf,smb_vwv2); BOOL target_is_directory=False; - BOOL path_contains_wcard1 = False; - BOOL path_contains_wcard2 = False; + BOOL source_has_wild = False; + BOOL dest_has_wild = False; SMB_STRUCT_STAT sbuf1, sbuf2; NTSTATUS status; START_PROFILE(SMBcopy); @@ -4704,12 +4772,12 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, *directory = *mask = 0; p = smb_buf(inbuf); - p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard1); + p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &source_has_wild); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); return ERROR_NT(status); } - p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &path_contains_wcard2); + p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &dest_has_wild); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); return ERROR_NT(status); @@ -4727,13 +4795,13 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf); RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf); - status = unix_convert(conn, name, path_contains_wcard1, NULL, &sbuf1); + status = unix_convert(conn, name, source_has_wild, NULL, &sbuf1); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); return ERROR_NT(status); } - status = unix_convert(conn, newname, path_contains_wcard2, NULL, &sbuf2); + status = unix_convert(conn, newname, dest_has_wild, NULL, &sbuf2); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); return ERROR_NT(status); @@ -4777,25 +4845,38 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, * Tine Smukavec . */ - if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) + if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) { mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); + } - has_wild = path_contains_wcard1; - - if (!has_wild) { + if (!source_has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); - if (resolve_wildcards(directory,newname) - && NT_STATUS_IS_OK(status = copy_file( - directory,newname,conn,ofun, - count,target_is_directory))) - count++; - if(!count && !NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBcopy); + if (dest_has_wild) { + if (!resolve_wildcards(directory,newname)) { + END_PROFILE(SMBcopy); + return ERROR_NT(NT_STATUS_NO_MEMORY); + } + } + + status = check_name(conn, directory); + if (!NT_STATUS_IS_OK(status)) { return ERROR_NT(status); } - if (!count) { - exists = vfs_file_exist(conn,directory,NULL); + + status = check_name(conn, newname); + if (!NT_STATUS_IS_OK(status)) { + return ERROR_NT(status); + } + + status = copy_file(conn,directory,newname,ofun, + count,target_is_directory); + + if(!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBcopy); + return ERROR_NT(status); + } else { + count++; } } else { struct smb_Dir *dir_hnd = NULL; @@ -4834,13 +4915,27 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); pstrcpy(destname,newname); - if (resolve_wildcards(fname,destname) && - NT_STATUS_IS_OK(status = copy_file( - fname,destname,conn,ofun, - count,target_is_directory))) { + if (!resolve_wildcards(fname,destname)) { + continue; + } + + status = check_name(conn, fname); + if (!NT_STATUS_IS_OK(status)) { + return ERROR_NT(status); + } + + status = check_name(conn, destname); + if (!NT_STATUS_IS_OK(status)) { + return ERROR_NT(status); + } + + DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname)); + + status = copy_file(conn,fname,destname,ofun, + count,target_is_directory); + if (NT_STATUS_IS_OK(status)) { count++; } - DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname)); } CloseDir(dir_hnd); } -- cgit From 4952fe368a40b239140b3035db6075427d237bb9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 5 Mar 2007 23:40:03 +0000 Subject: r21714: Change the VFS interface to use struct timespec for utimes - change the call to ntimes. This preserves nsec timestamps we get from stat (if the system supports it) and only maps back down to usec or sec resolution on time set. Looks bigger than it is as I had to move lots of internal code from using time_t and struct utimebuf to struct timespec. Jeremy. (This used to be commit 8f3d530c5a748ea90f42ed8fbe68ae92178d4875) --- source3/smbd/reply.c | 43 ++++++++++++++++++++++--------------------- 1 file changed, 22 insertions(+), 21 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 25c2aaa4dc..df560390c9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -828,7 +828,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } } - if (!set_filetime(conn,fname,mtime)) { + if (!set_filetime(conn,fname,convert_time_t_to_timespec(mtime))) { END_PROFILE(SMBsetatr); return UNIXERROR(ERRDOS, ERRnoaccess); } @@ -1483,7 +1483,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int com; int outsize = 0; uint32 fattr = SVAL(inbuf,smb_vwv0); - struct utimbuf times; + struct timespec ts[2]; files_struct *fsp; int oplock_request = CORE_OPLOCK_REQUEST(inbuf); SMB_STRUCT_STAT sbuf; @@ -1497,7 +1497,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, com = SVAL(inbuf,smb_com); - times.modtime = srv_make_unix_date3(inbuf + smb_vwv1); + ts[1] = convert_time_t_to_timespec(srv_make_unix_date3(inbuf + smb_vwv1)); /* mtime. */ srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { @@ -1550,8 +1550,8 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - times.actime = sbuf.st_atime; - file_utime(conn, fname, ×); + ts[0] = get_atimespec(&sbuf); /* atime. */ + file_ntimes(conn, fname, ts); outsize = set_message(outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); @@ -3146,7 +3146,6 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, { NTSTATUS status = NT_STATUS_OK; int outsize = 0; - time_t mtime; files_struct *fsp = NULL; START_PROFILE(SMBclose); @@ -3188,8 +3187,8 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * Take care of any time sent in the close. */ - mtime = srv_make_unix_date3(inbuf+smb_vwv1); - fsp_set_pending_modtime(fsp, mtime); + fsp_set_pending_modtime(fsp, + convert_time_t_to_timespec(srv_make_unix_date3(inbuf+smb_vwv1))); /* * close_file() returns the unix errno if an error @@ -3222,7 +3221,7 @@ int reply_writeclose(connection_struct *conn, NTSTATUS close_status = NT_STATUS_OK; SMB_OFF_T startpos; char *data; - time_t mtime; + struct timespec mtime; files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBwriteclose); @@ -3233,7 +3232,7 @@ int reply_writeclose(connection_struct *conn, numtowrite = SVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); - mtime = srv_make_unix_date3(inbuf+smb_vwv4); + mtime = convert_time_t_to_timespec(srv_make_unix_date3(inbuf+smb_vwv4)); data = smb_buf(inbuf) + 1; if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { @@ -3243,7 +3242,7 @@ int reply_writeclose(connection_struct *conn, nwritten = write_file(fsp,data,startpos,numtowrite); - set_filetime(conn, fsp->fsp_name,mtime); + set_filetime(conn, fsp->fsp_name, mtime); /* * More insanity. W2K only closes the file if writelen > 0. @@ -4724,7 +4723,7 @@ NTSTATUS copy_file(connection_struct *conn, close_file(fsp1,NORMAL_CLOSE); /* Ensure the modtime is set correctly on the destination file. */ - fsp_set_pending_modtime( fsp2, src_sbuf.st_mtime); + fsp_set_pending_modtime( fsp2, get_mtimespec(&src_sbuf)); /* * As we are opening fsp1 read-only we only expect @@ -5536,7 +5535,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - struct utimbuf unix_times; + struct timespec ts[2]; int outsize = 0; files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBsetattrE); @@ -5553,15 +5552,15 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, * time as UNIX can't set this. */ - unix_times.actime = srv_make_unix_date2(inbuf+smb_vwv3); - unix_times.modtime = srv_make_unix_date2(inbuf+smb_vwv5); + ts[0] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv3)); /* atime. */ + ts[1] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv5)); /* mtime. */ /* * Patch from Ray Frush * Sometimes times are sent as zero - ignore them. */ - if (null_mtime(unix_times.actime) && null_mtime(unix_times.modtime)) { + if (null_timespec(ts[0]) && null_timespec(ts[1])) { /* Ignore request */ if( DEBUGLVL( 3 ) ) { dbgtext( "reply_setattrE fnum=%d ", fsp->fnum); @@ -5569,20 +5568,22 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, } END_PROFILE(SMBsetattrE); return(outsize); - } else if (!null_mtime(unix_times.actime) && null_mtime(unix_times.modtime)) { + } else if (!null_timespec(ts[0]) && null_timespec(ts[1])) { /* set modify time = to access time if modify time was unset */ - unix_times.modtime = unix_times.actime; + ts[1] = ts[0]; } /* Set the date on this file */ /* Should we set pending modtime here ? JRA */ - if(file_utime(conn, fsp->fsp_name, &unix_times)) { + if(file_ntimes(conn, fsp->fsp_name, ts)) { END_PROFILE(SMBsetattrE); return ERROR_DOS(ERRDOS,ERRnoaccess); } - DEBUG( 3, ( "reply_setattrE fnum=%d actime=%d modtime=%d\n", - fsp->fnum, (int)unix_times.actime, (int)unix_times.modtime ) ); + DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n", + fsp->fnum, + (unsigned int)ts[0].tv_sec, + (unsigned int)ts[1].tv_sec)); END_PROFILE(SMBsetattrE); return(outsize); -- cgit From 7b2c2e415543aaee13193be1bd11706f2528c692 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 7 Mar 2007 22:12:58 +0000 Subject: r21754: Volker is completely correct. There's no need for the RESOLVE_DFSPATH macros and their varients any more. Fix reporting profile bug with all error returns. Jeremy. (This used to be commit cdf0fdb1049fd68b46885cbea887dc0e595fa524) --- source3/smbd/reply.c | 80 +++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 64 insertions(+), 16 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index df560390c9..f85f635d6b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -632,7 +632,10 @@ int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_s return ERROR_NT(status); } - RESOLVE_DFSPATH(name, conn, inbuf, outbuf); + if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name)) { + END_PROFILE(SMBcheckpath); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(inbuf,smb_vwv0))); @@ -711,7 +714,10 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } - RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname)) { + END_PROFILE(SMBgetatr); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ @@ -790,7 +796,10 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } - RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname)) { + END_PROFILE(SMBsetatr); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } status = unix_convert(conn, fname, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { @@ -945,7 +954,10 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(nt_status); } - RESOLVE_DFSPATH_WCARD(path, conn, inbuf, outbuf); + if (!resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, path)) { + END_PROFILE(SMBsearch); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } p++; status_len = SVAL(p, 0); @@ -1203,7 +1215,10 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname)) { + END_PROFILE(SMBopen); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } status = unix_convert(conn, fname, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { @@ -1327,7 +1342,10 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return ERROR_NT(status); } - RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname)) { + END_PROFILE(SMBopenX); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } status = unix_convert(conn, fname, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { @@ -1505,7 +1523,10 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname)) { + END_PROFILE(SMBcreate); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } status = unix_convert(conn, fname, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { @@ -1601,7 +1622,10 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstrcat(fname,"TMXXXXXX"); } - RESOLVE_DFSPATH(fname, conn, inbuf, outbuf); + if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname)) { + END_PROFILE(SMBctemp); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } status = unix_convert(conn, fname, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { @@ -2004,7 +2028,10 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } - RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf); + if (!resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name)) { + END_PROFILE(SMBunlink); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } DEBUG(3,("reply_unlink : %s\n",name)); @@ -3634,7 +3661,10 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - RESOLVE_DFSPATH(directory, conn, inbuf, outbuf); + if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, directory)) { + END_PROFILE(SMBmkdir); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } status = unix_convert(conn, directory, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { @@ -3852,7 +3882,10 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - RESOLVE_DFSPATH(directory, conn, inbuf, outbuf) + if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, directory)) { + END_PROFILE(SMBrmdir); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } status = unix_convert(conn, directory, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { @@ -4604,8 +4637,14 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf); - RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf); + if (!resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name)) { + END_PROFILE(SMBmv); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + if (!resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname)) { + END_PROFILE(SMBmv); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); @@ -4791,8 +4830,14 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_DOS(ERRSRV,ERRinvdevice); } - RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf); - RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf); + if (!resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name)) { + END_PROFILE(SMBcopy); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + if (!resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname)) { + END_PROFILE(SMBcopy); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } status = unix_convert(conn, name, source_has_wild, NULL, &sbuf1); if (!NT_STATUS_IS_OK(status)) { @@ -4983,7 +5028,10 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } - RESOLVE_DFSPATH(newdir, conn, inbuf, outbuf); + if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newdir)) { + END_PROFILE(pathworks_setdir); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } if (strlen(newdir) != 0) { if (!vfs_directory_exist(conn,newdir,NULL)) { -- cgit From 12c617af08bdded3a3a60196016e9cb207eedccf Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 9 Mar 2007 02:16:03 +0000 Subject: r21769: Attempt to fix bug #4384 in old search code. We were accessing a pathname that hadn't gone through unix_convert ! That's a big no-no... Jeremy. (This used to be commit 33a67fd39e1a51944bf0783350aa6ef95dfafb84) --- source3/smbd/reply.c | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f85f635d6b..a9c94b8163 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -967,16 +967,13 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size if (status_len == 0) { SMB_STRUCT_STAT sbuf; - pstring dir2; pstrcpy(directory,path); - pstrcpy(dir2,path); nt_status = unix_convert(conn, directory, True, NULL, &sbuf); if (!NT_STATUS_IS_OK(nt_status)) { END_PROFILE(SMBsearch); return ERROR_NT(nt_status); } - unix_format(dir2); nt_status = check_name(conn, directory); if (!NT_STATUS_IS_OK(nt_status)) { @@ -984,23 +981,16 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(nt_status); } - p = strrchr_m(dir2,'/'); - if (p == NULL) { - pstrcpy(mask,dir2); - *dir2 = 0; - } else { - *p = 0; - pstrcpy(mask,p+1); - } - p = strrchr_m(directory,'/'); if (!p) { - *directory = 0; + pstrcpy(mask,directory); + pstrcpy(directory,"."); } else { *p = 0; + pstrcpy(mask,p+1); } - if (strlen(directory) == 0) { + if (*directory == '\0') { pstrcpy(directory,"."); } memset((char *)status,'\0',21); -- cgit From dd011f453eed247a92973206239129bc21c26534 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 9 Mar 2007 02:40:49 +0000 Subject: r21770: For old DOS style searches we must remember if the initial search had a wildcard in order to correctly return no error on end of search. Found by Samba4 torture tester. Jeremy. (This used to be commit c74bcf7677123f273d44181ca053ba49b8c7ddae) --- source3/smbd/reply.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a9c94b8163..225e0e7407 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1010,6 +1010,11 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } string_set(&conn->dirpath,dptr_path(dptr_num)); pstrcpy(mask, dptr_wcard(dptr_num)); + /* + * For a 'continue' search we have no string. So + * check from the initial saved string. + */ + mask_contains_wcard = ms_has_wild(mask); } p = smb_buf(outbuf) + 3; -- cgit From 24cdd7c73389c9eed981313973df2c3595222781 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 12 Mar 2007 17:55:24 +0000 Subject: r21800: Check-in the DFS rewrite. I am still testing this but it works from smbclient and Windows, and I am promising to support and fix both client and server code moving forward. Still need to test the RPC admin support but I haven't changed that code. Jeremy. (This used to be commit 7a7862c01d07796ef206b255c676ad7dc2cc42fc) --- source3/smbd/reply.c | 180 ++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 135 insertions(+), 45 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 225e0e7407..c0a2e23c3d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -44,9 +44,12 @@ extern BOOL global_encrypted_passwords_negotiated; set. ****************************************************************************/ +/* Custom version for processing POSIX paths. */ +#define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\')) + NTSTATUS check_path_syntax_internal(pstring destname, const pstring srcname, - BOOL windows_path, + BOOL posix_path, BOOL *p_last_component_contains_wcard) { char *d = destname; @@ -57,13 +60,13 @@ NTSTATUS check_path_syntax_internal(pstring destname, *p_last_component_contains_wcard = False; while (*s) { - if (IS_DIRECTORY_SEP(*s)) { + if (IS_PATH_SEP(*s,posix_path)) { /* * Safe to assume is not the second part of a mb char * as this is handled below. */ /* Eat multiple '/' or '\\' */ - while (IS_DIRECTORY_SEP(*s)) { + while (IS_PATH_SEP(*s,posix_path)) { s++; } if ((d != destname) && (*s != '\0')) { @@ -78,7 +81,7 @@ NTSTATUS check_path_syntax_internal(pstring destname, } if (start_of_name_component) { - if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) { + if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) { /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */ /* @@ -108,8 +111,8 @@ NTSTATUS check_path_syntax_internal(pstring destname, /* We're still at the start of a name component, just the previous one. */ continue; - } else if ((s[0] == '.') && ((s[1] == '\0') || IS_DIRECTORY_SEP(s[1]))) { - if (!windows_path) { + } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) { + if (posix_path) { /* Eat the '.' */ s++; continue; @@ -119,7 +122,7 @@ NTSTATUS check_path_syntax_internal(pstring destname, } if (!(*s & 0x80)) { - if (windows_path) { + if (!posix_path) { if (*s <= 0x1f) { return NT_STATUS_OBJECT_NAME_INVALID; } @@ -177,7 +180,7 @@ NTSTATUS check_path_syntax_internal(pstring destname, NTSTATUS check_path_syntax(pstring destname, const pstring srcname) { BOOL ignore; - return check_path_syntax_internal(destname, srcname, True, &ignore); + return check_path_syntax_internal(destname, srcname, False, &ignore); } /**************************************************************************** @@ -188,7 +191,7 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL *p_contains_wcard) { - return check_path_syntax_internal(destname, srcname, True, p_contains_wcard); + return check_path_syntax_internal(destname, srcname, False, p_contains_wcard); } /**************************************************************************** @@ -197,10 +200,10 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL * set (a safe assumption). ****************************************************************************/ -static NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname) +NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname) { BOOL ignore; - return check_path_syntax_internal(destname, srcname, False, &ignore); + return check_path_syntax_internal(destname, srcname, True, &ignore); } /**************************************************************************** @@ -225,6 +228,16 @@ size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t de *contains_wcard = False; + if (SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES) { + /* + * For a DFS path the function parse_dfs_path() + * will do the path processing, just make a copy. + */ + pstrcpy(dest, tmppath); + *err = NT_STATUS_OK; + return ret; + } + if (lp_posix_pathnames()) { *err = check_path_syntax_posix(dest, tmppath); } else { @@ -252,6 +265,17 @@ size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len } else { ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags); } + + if (SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES) { + /* + * For a DFS path the function parse_dfs_path() + * will do the path processing, just make a copy. + */ + pstrcpy(dest, tmppath); + *err = NT_STATUS_OK; + return ret; + } + if (lp_posix_pathnames()) { *err = check_path_syntax_posix(dest, tmppath); } else { @@ -632,9 +656,13 @@ int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_s return ERROR_NT(status); } - if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name)) { - END_PROFILE(SMBcheckpath); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name); + if (!NT_STATUS_IS_OK(status)) { + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + END_PROFILE(SMBcheckpath); + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + goto path_err; } DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(inbuf,smb_vwv0))); @@ -714,9 +742,13 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } - if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname)) { + status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBgetatr); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } /* dos smetimes asks for a stat of "" - it returns a "hidden directory" @@ -796,9 +828,13 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } - if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname)) { + status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBsetatr); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } status = unix_convert(conn, fname, False, NULL, &sbuf); @@ -954,9 +990,13 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(nt_status); } - if (!resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, path)) { + nt_status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, path, &mask_contains_wcard); + if (!NT_STATUS_IS_OK(nt_status)) { END_PROFILE(SMBsearch); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(nt_status); } p++; @@ -1210,9 +1250,13 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname)) { + status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopen); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } status = unix_convert(conn, fname, False, NULL, &sbuf); @@ -1337,9 +1381,13 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return ERROR_NT(status); } - if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname)) { + status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } status = unix_convert(conn, fname, False, NULL, &sbuf); @@ -1518,9 +1566,13 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname)) { + status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } status = unix_convert(conn, fname, False, NULL, &sbuf); @@ -1617,9 +1669,13 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstrcat(fname,"TMXXXXXX"); } - if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname)) { + status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBctemp); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } status = unix_convert(conn, fname, False, NULL, &sbuf); @@ -2022,10 +2078,14 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size END_PROFILE(SMBunlink); return ERROR_NT(status); } - - if (!resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name)) { + + status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &path_contains_wcard); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBunlink); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } DEBUG(3,("reply_unlink : %s\n",name)); @@ -3656,9 +3716,13 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, directory)) { + status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, directory); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmkdir); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } status = unix_convert(conn, directory, False, NULL, &sbuf); @@ -3877,9 +3941,13 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, directory)) { + status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, directory); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBrmdir); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } status = unix_convert(conn, directory, False, NULL, &sbuf); @@ -4632,13 +4700,22 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - if (!resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name)) { + status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &src_has_wcard); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } - if (!resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname)) { + + status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wcard); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); @@ -4825,13 +4902,22 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_DOS(ERRSRV,ERRinvdevice); } - if (!resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name)) { + status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &source_has_wild); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } - if (!resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname)) { + + status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wild); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } status = unix_convert(conn, name, source_has_wild, NULL, &sbuf1); @@ -5023,9 +5109,13 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } - if (!resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newdir)) { + status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newdir); + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(pathworks_setdir); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + } + return ERROR_NT(status); } if (strlen(newdir) != 0) { -- cgit From 81c820d77dd8e4de90150a230a3c894e58444f8f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 12 Mar 2007 18:19:48 +0000 Subject: r21801: Fix Coverity ID # 342 (This used to be commit 8700cd71bb3af3a55f025b34b61062aa5b66b6bc) --- source3/smbd/reply.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c0a2e23c3d..5be086f749 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2029,6 +2029,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { + CloseDir(dir_hnd); return status; } -- cgit From bca29ddbba62320204ac9eb098cdaac9a6b03d80 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 7 Apr 2007 05:49:24 +0000 Subject: r22122: Start to fix csc issue with Vista. Make smbd support the extended 7 word response for tconX rather than the 3 word one we supported previously. Jeremy. (This used to be commit 137953226a2d691259e7e84d6ae0dc24755e5a3a) --- source3/smbd/reply.c | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5be086f749..d7b3a0fab1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -452,6 +452,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt int passlen = SVAL(inbuf,smb_vwv3); pstring path; char *p, *q; + uint16 tcon_flags = SVAL(inbuf,smb_vwv2); START_PROFILE(SMBtconX); @@ -522,7 +523,27 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt /* NT sets the fstype of IPC$ to the null string */ const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); - set_message(outbuf,3,0,True); + if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) { + /* Return permissions. */ + uint32 perm1 = 0; + uint32 perm2 = 0; + + set_message(outbuf,7,0,True); + + if (IS_IPC(conn)) { + perm1 = FILE_ALL_ACCESS; + perm2 = FILE_ALL_ACCESS; + } else { + perm1 = CAN_WRITE(conn) ? + SHARE_ALL_ACCESS : + SHARE_READ_ONLY; + } + + SIVAL(outbuf, smb_vwv3, perm1); + SIVAL(outbuf, smb_vwv5, perm2); + } else { + set_message(outbuf,3,0,True); + } p = smb_buf(outbuf); p += srvstr_push(outbuf, p, server_devicetype, -1, -- cgit From a0987247347e473e4802f9267773b0bff68f0187 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Apr 2007 21:01:46 +0000 Subject: r22145: Fix bug #4494 - reported by Kevin Jamieson . If returning a mapped UNIX error from sendfile, don't call chain_reply. Jeremy. (This used to be commit 38404c990db1436241c3a774c51196bc058d7576) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d7b3a0fab1..eb4106b0c1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2706,8 +2706,10 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt); - if (nread != -1) + /* Only call chain_reply if not an error. */ + if (nread != -1 && SVAL(outbuf,smb_rcls) == 0) { nread = chain_reply(inbuf,outbuf,length,bufsize); + } END_PROFILE(SMBreadX); return nread; -- cgit From 2da54a66b970917ca5290001af0f4ab7adf68460 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 17 Apr 2007 02:14:28 +0000 Subject: r22291: Fix off-by-one in tconX parsing. Jeremy. (This used to be commit bc6ac4feac8c62cda2b6151eb648d3d5979e8a95) --- source3/smbd/reply.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index eb4106b0c1..3d0f8a3ca8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -469,13 +469,22 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (global_encrypted_passwords_negotiated) { password = data_blob(smb_buf(inbuf),passlen); + if (lp_security() == SEC_SHARE) { + /* + * Security = share always has a pad byte + * after the password. + */ + p = smb_buf(inbuf) + passlen + 1; + } else { + p = smb_buf(inbuf) + passlen; + } } else { password = data_blob(smb_buf(inbuf),passlen+1); /* Ensure correct termination */ - password.data[passlen]=0; + password.data[passlen]=0; + p = smb_buf(inbuf) + passlen + 1; } - p = smb_buf(inbuf) + passlen; p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE); /* -- cgit From dc90cd89a7fef3b0a744ef1873193cf2c9d75cad Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 19 Apr 2007 20:50:49 +0000 Subject: r22389: Start preparing for multiple encryption contexts in the server. Allow server to reflect back to calling client the encryption context that was sent. Jeremy. (This used to be commit b49e90335d1e589916b5ab4992e3c4a2d221ca7e) --- source3/smbd/reply.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3d0f8a3ca8..1b6f861cb8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -303,7 +303,7 @@ int reply_special(char *inbuf,char *outbuf) memset(outbuf,'\0',smb_size); - smb_setlen(outbuf,0); + smb_setlen(outbuf,0,inbuf); switch (msg_type) { case 0x81: /* session request */ @@ -1182,7 +1182,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS))); outsize += DIR_STRUCT_SIZE*numentries; - smb_setlen(outbuf,outsize - 4); + smb_setlen(outbuf,outsize - 4,inbuf); if ((! *directory) && dptr_path(dptr_num)) slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); @@ -3538,7 +3538,7 @@ int reply_echo(connection_struct *conn, for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) { SSVAL(outbuf,smb_vwv0,seq_num); - smb_setlen(outbuf,outsize - 4); + smb_setlen(outbuf,outsize - 4,inbuf); show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) @@ -5846,7 +5846,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, if (write_through && tcount==nwritten) { /* We need to send both a primary and a secondary response */ - smb_setlen(outbuf,outsize - 4); + smb_setlen(outbuf,outsize - 4,inbuf); show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) exit_server_cleanly("reply_writebmpx: send_smb failed."); -- cgit From 0829e1ad1c3646efecf50729f493b9ee72ef0517 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 19 Apr 2007 22:40:32 +0000 Subject: r22391: Looks bigger than it is. Make "inbuf" available to all callers of smb_setlen (via set_message() calls). This will allow the server to reflect back the correct encryption context. Jeremy. (This used to be commit 2d80a96120a5fe2fe726f00746d36d85044c4bdb) --- source3/smbd/reply.c | 124 +++++++++++++++++++++++++-------------------------- 1 file changed, 62 insertions(+), 62 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1b6f861cb8..bf739aa643 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -303,7 +303,7 @@ int reply_special(char *inbuf,char *outbuf) memset(outbuf,'\0',smb_size); - smb_setlen(outbuf,0,inbuf); + smb_setlen(inbuf,outbuf,0); switch (msg_type) { case 0x81: /* session request */ @@ -421,7 +421,7 @@ int reply_tcon(connection_struct *conn, return ERROR_NT(nt_status); } - outsize = set_message(outbuf,2,0,True); + outsize = set_message(inbuf,outbuf,2,0,True); SSVAL(outbuf,smb_vwv0,max_recv); SSVAL(outbuf,smb_vwv1,conn->cnum); SSVAL(outbuf,smb_tid,conn->cnum); @@ -523,11 +523,11 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt server_devicetype = "A:"; if (Protocol < PROTOCOL_NT1) { - set_message(outbuf,2,0,True); + set_message(inbuf,outbuf,2,0,True); p = smb_buf(outbuf); p += srvstr_push(outbuf, p, server_devicetype, -1, STR_TERMINATE|STR_ASCII); - set_message_end(outbuf,p); + set_message_end(inbuf,outbuf,p); } else { /* NT sets the fstype of IPC$ to the null string */ const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); @@ -537,7 +537,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt uint32 perm1 = 0; uint32 perm2 = 0; - set_message(outbuf,7,0,True); + set_message(inbuf,outbuf,7,0,True); if (IS_IPC(conn)) { perm1 = FILE_ALL_ACCESS; @@ -551,7 +551,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt SIVAL(outbuf, smb_vwv3, perm1); SIVAL(outbuf, smb_vwv5, perm2); } else { - set_message(outbuf,3,0,True); + set_message(inbuf,outbuf,3,0,True); } p = smb_buf(outbuf); @@ -560,7 +560,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt p += srvstr_push(outbuf, p, fstype, -1, STR_TERMINATE); - set_message_end(outbuf,p); + set_message_end(inbuf,outbuf,p); /* what does setting this bit do? It is set by NT4 and may affect the ability to autorun mounted cdroms */ @@ -623,7 +623,7 @@ int reply_ioctl(connection_struct *conn, return(ERROR_DOS(ERRSRV,ERRnosupport)); } - outsize = set_message(outbuf,8,replysize+1,True); + outsize = set_message(inbuf,outbuf,8,replysize+1,True); SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */ SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */ SSVAL(outbuf,smb_vwv6,52); /* Offset to data */ @@ -719,7 +719,7 @@ int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_s return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); END_PROFILE(SMBcheckpath); return outsize; @@ -815,7 +815,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } } - outsize = set_message(outbuf,10,0,True); + outsize = set_message(inbuf,outbuf,10,0,True); SSVAL(outbuf,smb_vwv0,mode); if(lp_dos_filetime_resolution(SNUM(conn)) ) { @@ -908,7 +908,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return UNIXERROR(ERRDOS, ERRnoaccess); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) ); @@ -931,7 +931,7 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz return(UNIXERROR(ERRHRD,ERRgeneral)); } - outsize = set_message(outbuf,5,0,True); + outsize = set_message(inbuf,outbuf,5,0,True); if (Protocol <= PROTOCOL_LANMAN2) { double total_space, free_space; @@ -1010,7 +1010,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size expect_close = True; } - outsize = set_message(outbuf,1,3,True); + outsize = set_message(inbuf,outbuf,1,3,True); maxentries = SVAL(inbuf,smb_vwv0); dirtype = SVAL(inbuf,smb_vwv1); p = smb_buf(inbuf) + 1; @@ -1182,7 +1182,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS))); outsize += DIR_STRUCT_SIZE*numentries; - smb_setlen(outbuf,outsize - 4,inbuf); + smb_setlen(inbuf,outbuf,outsize - 4); if ((! *directory) && dptr_path(dptr_num)) slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); @@ -1217,7 +1217,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return reply_unknown(inbuf, outbuf); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); p = smb_buf(inbuf) + 1; p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, &path_contains_wcard); if (!NT_STATUS_IS_OK(err)) { @@ -1336,7 +1336,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_DOS(ERRDOS,ERRnoaccess); } - outsize = set_message(outbuf,7,0,True); + outsize = set_message(inbuf,outbuf,7,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); SSVAL(outbuf,smb_vwv1,fattr); if(lp_dos_filetime_resolution(SNUM(conn)) ) { @@ -1512,9 +1512,9 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } if (open_flags & EXTENDED_RESPONSE_REQUIRED) { - set_message(outbuf,19,0,True); + set_message(inbuf,outbuf,19,0,True); } else { - set_message(outbuf,15,0,True); + set_message(inbuf,outbuf,15,0,True); } SSVAL(outbuf,smb_vwv2,fsp->fnum); SSVAL(outbuf,smb_vwv3,fattr); @@ -1556,7 +1556,7 @@ int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length, invalidate_vuid(vuid); - set_message(outbuf,2,0,True); + set_message(inbuf,outbuf,2,0,True); DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) ); @@ -1651,7 +1651,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, ts[0] = get_atimespec(&sbuf); /* atime. */ file_ntimes(conn, fname, ts); - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { @@ -1750,7 +1750,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); /* the returned filename is relative to the directory */ @@ -1769,7 +1769,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, #endif namelen = srvstr_push(outbuf, p, s, -1, STR_ASCII|STR_TERMINATE); p += namelen; - outsize = set_message_end(outbuf, p); + outsize = set_message_end(inbuf,outbuf, p); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); @@ -2131,7 +2131,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); END_PROFILE(SMBunlink); return outsize; @@ -2402,7 +2402,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length numtoread = SVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); - outsize = set_message(outbuf,5,3,True); + outsize = set_message(inbuf,outbuf,5,3,True); numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; @@ -2483,7 +2483,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int numtoread = SVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); - outsize = set_message(outbuf,5,3,True); + outsize = set_message(inbuf,outbuf,5,3,True); numtoread = MIN(BUFFER_SIZE-outsize,numtoread); /* * The requested read size cannot be greater than max_recv. JRA. @@ -2570,7 +2570,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length SSVAL(outbuf,smb_vwv7,((smb_maxcnt >> 16) & 1)); SSVAL(smb_buf(outbuf),-2,smb_maxcnt); SCVAL(outbuf,smb_vwv0,0xFF); - set_message(outbuf,12,smb_maxcnt,False); + set_message(inbuf,outbuf,12,smb_maxcnt,False); header.data = (uint8 *)outbuf; header.length = data - outbuf; header.free = NULL; @@ -2625,7 +2625,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length return(UNIXERROR(ERRDOS,ERRnoaccess)); } - outsize = set_message(outbuf,12,nread,False); + outsize = set_message(inbuf,outbuf,12,nread,False); SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ SSVAL(outbuf,smb_vwv5,nread); SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); @@ -2666,7 +2666,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return(ERROR_DOS(ERRDOS,ERRbadaccess)); } - set_message(outbuf,12,0,True); + set_message(inbuf,outbuf,12,0,True); if (global_client_caps & CAP_LARGE_READX) { if (SVAL(inbuf,smb_vwv7) == 1) { @@ -2790,7 +2790,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, /* Return a message to the redirector to tell it to send more bytes */ SCVAL(outbuf,smb_com,SMBwritebraw); SSVALS(outbuf,smb_vwv0,-1); - outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); + outsize = set_message(inbuf,outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) exit_server_cleanly("reply_writebraw: send_smb failed."); @@ -2804,7 +2804,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, numtowrite = smb_len(inbuf); /* Set up outbuf to return the correct return */ - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SCVAL(outbuf,smb_com,SMBwritec); if (numtowrite != 0) { @@ -2928,7 +2928,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, } } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,nwritten); @@ -3006,7 +3006,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d return(UNIXERROR(ERRHRD,ERRdiskfull)); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,nwritten); @@ -3049,7 +3049,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng return(ERROR_DOS(ERRDOS,ERRbadaccess)); } - set_message(outbuf,6,0,True); + set_message(inbuf,outbuf,6,0,True); /* Deal with possible LARGE_WRITEX */ if (large_writeX) { @@ -3196,7 +3196,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int fsp->fh->pos = res; - outsize = set_message(outbuf,2,0,True); + outsize = set_message(inbuf,outbuf,2,0,True); SIVAL(outbuf,smb_vwv0,res); DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n", @@ -3212,7 +3212,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,False); + int outsize = set_message(inbuf,outbuf,0,0,False); uint16 fnum = SVAL(inbuf,smb_vwv0); files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBflush); @@ -3244,7 +3244,7 @@ int reply_exit(connection_struct *conn, file_close_pid(SVAL(inbuf,smb_pid),SVAL(inbuf,smb_uid)); - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); DEBUG(3,("exit\n")); @@ -3264,7 +3264,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, files_struct *fsp = NULL; START_PROFILE(SMBclose); - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); /* If it's an IPC, pass off to the pipe handler. */ if (IS_IPC(conn)) { @@ -3384,7 +3384,7 @@ int reply_writeclose(connection_struct *conn, return ERROR_NT(close_status); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,nwritten); END_PROFILE(SMBwriteclose); @@ -3401,7 +3401,7 @@ int reply_writeclose(connection_struct *conn, int reply_lock(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,False); + int outsize = set_message(inbuf,outbuf,0,0,False); SMB_BIG_UINT count,offset; NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -3446,7 +3446,7 @@ int reply_lock(connection_struct *conn, int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,False); + int outsize = set_message(inbuf,outbuf,0,0,False); SMB_BIG_UINT count,offset; NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -3486,7 +3486,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int reply_tdis(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,False); + int outsize = set_message(inbuf,outbuf,0,0,False); uint16 vuid; START_PROFILE(SMBtdis); @@ -3517,7 +3517,7 @@ int reply_echo(connection_struct *conn, int smb_reverb = SVAL(inbuf,smb_vwv0); int seq_num; unsigned int data_len = smb_buflen(inbuf); - int outsize = set_message(outbuf,1,data_len,True); + int outsize = set_message(inbuf,outbuf,1,data_len,True); START_PROFILE(SMBecho); if (data_len > BUFFER_SIZE) { @@ -3538,7 +3538,7 @@ int reply_echo(connection_struct *conn, for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) { SSVAL(outbuf,smb_vwv0,seq_num); - smb_setlen(outbuf,outsize - 4,inbuf); + smb_setlen(inbuf,outbuf,outsize - 4); show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) @@ -3579,7 +3579,7 @@ int reply_printopen(connection_struct *conn, return(ERROR_NT(status)); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); DEBUG(3,("openprint fd=%d fnum=%d\n", @@ -3596,7 +3596,7 @@ int reply_printopen(connection_struct *conn, int reply_printclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,False); + int outsize = set_message(inbuf,outbuf,0,0,False); files_struct *fsp = file_fsp(inbuf,smb_vwv0); NTSTATUS status; START_PROFILE(SMBsplclose); @@ -3629,7 +3629,7 @@ int reply_printclose(connection_struct *conn, int reply_printqueue(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = set_message(outbuf,2,3,True); + int outsize = set_message(inbuf,outbuf,2,3,True); int max_count = SVAL(inbuf,smb_vwv0); int start_index = SVAL(inbuf,smb_vwv1); START_PROFILE(SMBsplretq); @@ -3677,7 +3677,7 @@ int reply_printqueue(connection_struct *conn, } if (count > 0) { - outsize = set_message(outbuf,2,28*count+3,False); + outsize = set_message(inbuf,outbuf,2,28*count+3,False); SSVAL(outbuf,smb_vwv0,count); SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1)); SCVAL(smb_buf(outbuf),0,1); @@ -3700,7 +3700,7 @@ int reply_printqueue(connection_struct *conn, int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int numtowrite; - int outsize = set_message(outbuf,0,0,False); + int outsize = set_message(inbuf,outbuf,0,0,False); char *data; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -3791,7 +3791,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) ); @@ -4002,7 +4002,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); DEBUG( 3, ( "rmdir %s\n", directory ) ); @@ -4763,7 +4763,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); END_PROFILE(SMBmv); return(outsize); @@ -5110,7 +5110,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_DOS(ERRDOS,error); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,count); END_PROFILE(SMBcopy); @@ -5159,7 +5159,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size set_conn_connectpath(conn,newdir); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh)); DEBUG(3,("setdir %s\n", newdir)); @@ -5605,7 +5605,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, return ERROR_NT(status); } - set_message(outbuf,2,0,True); + set_message(inbuf,outbuf,2,0,True); DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks)); @@ -5641,7 +5641,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, return ERROR_DOS(ERRSRV,ERRuseSTD); } - outsize = set_message(outbuf,8,0,True); + outsize = set_message(inbuf,outbuf,8,0,True); CHECK_FSP(fsp,conn); if (!CHECK_READ(fsp,inbuf)) { @@ -5677,7 +5677,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, if (nread < (ssize_t)N) tcount = total_read + nread; - set_message(outbuf,8,nread+pad,False); + set_message(inbuf,outbuf,8,nread+pad,False); SIVAL(outbuf,smb_vwv0,startpos); SSVAL(outbuf,smb_vwv2,tcount); SSVAL(outbuf,smb_vwv6,nread); @@ -5706,7 +5706,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBsetattrE); - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); if(!fsp || (fsp->conn != conn)) { END_PROFILE(SMBsetattrE); @@ -5837,7 +5837,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, SMBwritebmpx */ SCVAL(outbuf,smb_com,SMBwriteBmpx); - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */ @@ -5846,13 +5846,13 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, if (write_through && tcount==nwritten) { /* We need to send both a primary and a secondary response */ - smb_setlen(outbuf,outsize - 4,inbuf); + smb_setlen(inbuf,outbuf,outsize - 4); show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) exit_server_cleanly("reply_writebmpx: send_smb failed."); /* Now the secondary */ - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SCVAL(outbuf,smb_com,SMBwritec); SSVAL(outbuf,smb_vwv0,nwritten); } @@ -5938,7 +5938,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz wbms->wr_total_written += nwritten; if(wbms->wr_total_written >= tcount) { if (write_through) { - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,wbms->wr_total_written); send_response = True; } @@ -5968,7 +5968,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBgetattrE); - outsize = set_message(outbuf,11,0,True); + outsize = set_message(inbuf,outbuf,11,0,True); if(!fsp || (fsp->conn != conn)) { END_PROFILE(SMBgetattrE); -- cgit From 2ad66881dfd0fb8a03efc409af7f5bb6d3d204b2 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 24 Apr 2007 12:56:23 +0000 Subject: r22502: Fix bug #4536 - delete symlinks to a directory correctly. Jeremy. (This used to be commit dcc6517d9d349c65b045160e8a1358af088ae97a) --- source3/smbd/reply.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bf739aa643..1acd78a106 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3867,7 +3867,23 @@ NTSTATUS rmdir_internals(connection_struct *conn, const char *directory) int ret; SMB_STRUCT_STAT st; - ret = SMB_VFS_RMDIR(conn,directory); + /* Might be a symlink. */ + if(SMB_VFS_LSTAT(conn, directory, &st) != 0) { + return map_nt_error_from_unix(errno); + } + + if (S_ISLNK(st.st_mode)) { + /* Is what it points to a directory ? */ + if(SMB_VFS_STAT(conn, directory, &st) != 0) { + return map_nt_error_from_unix(errno); + } + if (!(S_ISDIR(st.st_mode))) { + return NT_STATUS_NOT_A_DIRECTORY; + } + ret = SMB_VFS_UNLINK(conn,directory); + } else { + ret = SMB_VFS_RMDIR(conn,directory); + } if (ret == 0) { notify_fname(conn, NOTIFY_ACTION_REMOVED, FILE_NOTIFY_CHANGE_DIR_NAME, -- cgit From 1e6e3f82798d31bc7f5d33d84b5413c4d7f91e97 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 9 May 2007 00:52:46 +0000 Subject: r22765: Fix from Alison Winters for missing return in sendfilereadbraw. Jeremy. (This used to be commit b523e782b0f3a3899e5f448698fbecddd59f4369) --- source3/smbd/reply.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1acd78a106..8748c1cd23 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2238,6 +2238,7 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st exit_server_cleanly("send_file_readbraw sendfile failed"); } + return; } normal_readbraw: -- cgit From b92064fcfd804b861e2f5125078812d83b9120a6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 14 May 2007 13:01:28 +0000 Subject: r22846: Chunk one to replace message_send_pid with messaging_send: Deep inside locking/locking.c we have to send retry messages to timed lock holders. The majority of this patch passes a "struct messaging_context" down there. No functional change, survives make test. (This used to be commit bbb508414683eeddd2ee0d2d36fe620118180bbb) --- source3/smbd/reply.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8748c1cd23..5353e392b1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2415,7 +2415,8 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length * Note that the requested lock size is unaffected by max_recv. */ - br_lck = do_lock(fsp, + br_lck = do_lock(smbd_messaging_context(), + fsp, (uint32)SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, @@ -2917,7 +2918,8 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, } if (numtowrite) { - status = do_unlock(fsp, + status = do_unlock(smbd_messaging_context(), + fsp, (uint32)SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtowrite, (SMB_BIG_UINT)startpos, @@ -3420,7 +3422,8 @@ int reply_lock(connection_struct *conn, DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fh->fd, fsp->fnum, (double)offset, (double)count)); - br_lck = do_lock(fsp, + br_lck = do_lock(smbd_messaging_context(), + fsp, (uint32)SVAL(inbuf,smb_pid), count, offset, @@ -3458,7 +3461,8 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1); offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); - status = do_unlock(fsp, + status = do_unlock(smbd_messaging_context(), + fsp, (uint32)SVAL(inbuf,smb_pid), count, offset, @@ -4144,7 +4148,8 @@ static void rename_open_files(connection_struct *conn, struct share_mode_lock *l } /* Send messages to all smbd's (not ourself) that the name has changed. */ - rename_share_filename(lck, conn->connectpath, newname); + rename_share_filename(smbd_messaging_context(), lck, conn->connectpath, + newname); } /**************************************************************************** @@ -5453,7 +5458,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, "pid %u, file %s\n", (double)offset, (double)count, (unsigned int)lock_pid, fsp->fsp_name )); - status = do_unlock(fsp, + status = do_unlock(smbd_messaging_context(), + fsp, lock_pid, count, offset, @@ -5526,7 +5532,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, BOOL defer_lock = False; struct byte_range_lock *br_lck; - br_lck = do_lock(fsp, + br_lck = do_lock(smbd_messaging_context(), + fsp, lock_pid, count, offset, @@ -5612,7 +5619,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, return ERROR_DOS(ERRDOS,ERRnoaccess); } - do_unlock(fsp, + do_unlock(smbd_messaging_context(), + fsp, lock_pid, count, offset, -- cgit From 32106b23951e01fb17f814584ebbcc8d7288cb75 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 16 May 2007 00:07:38 +0000 Subject: r22920: Add in the UNIX capability for 24-bit readX, as discussed with the Apple guys and Linux kernel guys. Still looking at how to do writeX as there's no recvfile(). Jeremy. (This used to be commit a53268fb2082de586e2df250d8ddfcff53379102) --- source3/smbd/reply.c | 169 ++++++++++++++++++++++++++++++++------------------- 1 file changed, 107 insertions(+), 62 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5353e392b1..4285e0ea77 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2149,39 +2149,42 @@ static void fail_readraw(void) exit_server_cleanly(errstr); } -#if defined(WITH_SENDFILE) /**************************************************************************** Fake (read/write) sendfile. Returns -1 on read or write fail. ****************************************************************************/ -static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread, char *buf, int bufsize) +static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread, char *buf, size_t bufsize) { - ssize_t ret=0; + size_t tosend = nread; - /* Paranioa check... */ - if (nread > bufsize) { - fail_readraw(); - } + while (tosend > 0) { + ssize_t ret; + size_t cur_read; - if (nread > 0) { - ret = read_file(fsp,buf,startpos,nread); + if (tosend > bufsize) { + cur_read = bufsize; + } else { + cur_read = tosend; + } + ret = read_file(fsp,buf,startpos,cur_read); if (ret == -1) { return -1; } - } - /* If we had a short read, fill with zeros. */ - if (ret < nread) { - memset(buf, '\0', nread - ret); - } + /* If we had a short read, fill with zeros. */ + if (ret < cur_read) { + memset(buf, '\0', cur_read - ret); + } - if (write_data(smbd_server_fd(),buf,nread) != nread) { - return -1; - } + if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) { + return -1; + } + tosend -= cur_read; + startpos += cur_read; + } return (ssize_t)nread; } -#endif /**************************************************************************** Use sendfile in readbraw. @@ -2525,6 +2528,27 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", return(outsize); } +/**************************************************************************** + Setup readX header. +****************************************************************************/ + +static int setup_readX_header(char *inbuf, char *outbuf, size_t smb_maxcnt) +{ + int outsize; + char *data = smb_buf(outbuf); + + SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ + SSVAL(outbuf,smb_vwv5,smb_maxcnt); + SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); + SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16)); + SSVAL(smb_buf(outbuf),-2,smb_maxcnt); + SCVAL(outbuf,smb_vwv0,0xFF); + outsize = set_message(inbuf, outbuf,12,smb_maxcnt,False); + /* Reset the outgoing length, set_message truncates at 0x1FFFF. */ + _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4)); + return outsize; +} + /**************************************************************************** Reply to a read and X - possibly using sendfile. ****************************************************************************/ @@ -2532,10 +2556,27 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length, int len_outbuf, files_struct *fsp, SMB_OFF_T startpos, size_t smb_maxcnt) { + SMB_STRUCT_STAT sbuf; int outsize = 0; ssize_t nread = -1; char *data = smb_buf(outbuf); + if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) { + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } + + if (startpos > sbuf.st_size) { + smb_maxcnt = 0; + } + + if (smb_maxcnt > (sbuf.st_size - startpos)) { + smb_maxcnt = (sbuf.st_size - startpos); + } + + if (smb_maxcnt == 0) { + goto normal_read; + } + #if defined(WITH_SENDFILE) /* * We can only use sendfile on a non-chained packet @@ -2545,33 +2586,15 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length if ((chain_size == 0) && (CVAL(inbuf,smb_vwv0) == 0xFF) && lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) { - SMB_STRUCT_STAT sbuf; DATA_BLOB header; - if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) - return(UNIXERROR(ERRDOS,ERRnoaccess)); - - if (startpos > sbuf.st_size) - goto normal_read; - - if (smb_maxcnt > (sbuf.st_size - startpos)) - smb_maxcnt = (sbuf.st_size - startpos); - - if (smb_maxcnt == 0) - goto normal_read; - /* * Set up the packet header before send. We * assume here the sendfile will work (get the * correct amount of data). */ - SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ - SSVAL(outbuf,smb_vwv5,smb_maxcnt); - SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); - SSVAL(outbuf,smb_vwv7,((smb_maxcnt >> 16) & 1)); - SSVAL(smb_buf(outbuf),-2,smb_maxcnt); - SCVAL(outbuf,smb_vwv0,0xFF); + setup_readX_header(inbuf,outbuf,smb_maxcnt); set_message(inbuf,outbuf,12,smb_maxcnt,False); header.data = (uint8 *)outbuf; header.length = data - outbuf; @@ -2621,24 +2644,41 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length #endif - nread = read_file(fsp,data,startpos,smb_maxcnt); - - if (nread < 0) { - return(UNIXERROR(ERRDOS,ERRnoaccess)); - } + if ((smb_maxcnt && 0xFF0000) > 0x10000) { + int sendlen = setup_readX_header(inbuf,outbuf,smb_maxcnt) - smb_maxcnt; + /* Send out the header. */ + if (write_data(smbd_server_fd(),outbuf,sendlen) != sendlen) { + DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n", + fsp->fsp_name, strerror(errno) )); + exit_server_cleanly("send_file_readX sendfile failed"); + } + if ((nread = fake_sendfile(fsp, startpos, smb_maxcnt, data, + len_outbuf - (data-outbuf))) == -1) { + DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n", + fsp->fsp_name, strerror(errno) )); + exit_server_cleanly("send_file_readX: fake_sendfile failed"); + } + return -1; + } else { + nread = read_file(fsp,data,startpos,smb_maxcnt); - outsize = set_message(inbuf,outbuf,12,nread,False); - SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ - SSVAL(outbuf,smb_vwv5,nread); - SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); - SSVAL(outbuf,smb_vwv7,((nread >> 16) & 1)); - SSVAL(smb_buf(outbuf),-2,nread); - - DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", - fsp->fnum, (int)smb_maxcnt, (int)nread ) ); + if (nread < 0) { + return(UNIXERROR(ERRDOS,ERRnoaccess)); + } - /* Returning the number of bytes we want to send back - including header. */ - return outsize; + outsize = set_message(inbuf, outbuf,12,nread,False); + SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ + SSVAL(outbuf,smb_vwv5,nread); + SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); + SSVAL(outbuf,smb_vwv7,((nread >> 16) & 1)); + SSVAL(smb_buf(outbuf),-2,nread); + + DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", + fsp->fnum, (int)smb_maxcnt, (int)nread ) ); + + /* Returning the number of bytes we want to send back - including header. */ + return outsize; + } } /**************************************************************************** @@ -2651,6 +2691,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); ssize_t nread = -1; size_t smb_maxcnt = SVAL(inbuf,smb_vwv5); + BOOL big_readX = False; #if 0 size_t smb_mincnt = SVAL(inbuf,smb_vwv6); #endif @@ -2671,14 +2712,18 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt set_message(inbuf,outbuf,12,0,True); if (global_client_caps & CAP_LARGE_READX) { - if (SVAL(inbuf,smb_vwv7) == 1) { - smb_maxcnt |= (1<<16); - } - if (smb_maxcnt > BUFFER_SIZE) { - DEBUG(0,("reply_read_and_X - read too large (%u) for reply buffer %u\n", - (unsigned int)smb_maxcnt, (unsigned int)BUFFER_SIZE)); - END_PROFILE(SMBreadX); - return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + size_t upper_size = SVAL(inbuf,smb_vwv7); + smb_maxcnt |= (upper_size<<16); + if (upper_size > 1) { + /* Can't do this on a chained packet. */ + if ((CVAL(inbuf,smb_vwv0) != 0xFF)) { + return ERROR_NT(NT_STATUS_NOT_SUPPORTED); + } + /* We currently don't do this on signed or sealed data. */ + if (srv_is_signing_active() || srv_encryption_on()) { + return ERROR_NT(NT_STATUS_NOT_SUPPORTED); + } + big_readX = True; } } @@ -2711,7 +2756,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return ERROR_DOS(ERRDOS,ERRlock); } - if (schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt)) { + if (!big_readX && schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt)) { END_PROFILE(SMBreadX); return -1; } -- cgit From c3bde5a591b79682cba273e32229f6ffb9bdf531 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 16 May 2007 00:21:12 +0000 Subject: r22922: Move "normal_read:" label out of ifdef guard. Fix the build. Jeremy. (This used to be commit 3c1ccc68f03b02d2223ec745e241129766e0c15e) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4285e0ea77..51ac95caf9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2640,10 +2640,10 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length return -1; } - normal_read: - #endif + normal_read: + if ((smb_maxcnt && 0xFF0000) > 0x10000) { int sendlen = setup_readX_header(inbuf,outbuf,smb_maxcnt) - smb_maxcnt; /* Send out the header. */ -- cgit From 2b2eec4cfc0684009e135331f9e4e693a5def508 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 16 May 2007 01:36:23 +0000 Subject: r22925: Sync read_and_X with 3.0.26 code (use setup_readX_header()). Jeremy. (This used to be commit e1052c0e3d50473a9ded6092b6a85d78590a00e7) --- source3/smbd/reply.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 51ac95caf9..24fff5da52 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2666,12 +2666,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length return(UNIXERROR(ERRDOS,ERRnoaccess)); } - outsize = set_message(inbuf, outbuf,12,nread,False); - SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ - SSVAL(outbuf,smb_vwv5,nread); - SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); - SSVAL(outbuf,smb_vwv7,((nread >> 16) & 1)); - SSVAL(smb_buf(outbuf),-2,nread); + outsize = setup_readX_header(inbuf, outbuf,nread); DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); -- cgit From 63e74f305920a44606d1b0380c605e00fca14940 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 19 May 2007 01:27:34 +0000 Subject: r23007: Ensure we don't allow large read over the possible packet size. Jeremy. (This used to be commit 5d465dd2d559df29d18a844137c8e14ffbb1a269) --- source3/smbd/reply.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 24fff5da52..c71c7b8bea 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2718,6 +2718,10 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (srv_is_signing_active() || srv_encryption_on()) { return ERROR_NT(NT_STATUS_NOT_SUPPORTED); } + /* Is there room in the reply for this data ? */ + if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) { + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + } big_readX = True; } } -- cgit From 01a7017d7b0e0cbc3b0923c43b7fe3f0b01aac0b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 19 May 2007 20:57:12 +0000 Subject: r23014: For all branches, ensure that if we're blocked on a POSIX lock we know nothing about that we retry the lock every 10 seconds instead of waiting for the standard select timeout. This is how we used to (and are supposed to) work. Jeremy. (This used to be commit fa18fc25a50cf13c687ae88e7e5e2dda1120e017) --- source3/smbd/reply.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c71c7b8bea..ec110e7b21 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2426,7 +2426,8 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length WRITE_LOCK, WINDOWS_LOCK, False, /* Non-blocking lock. */ - &status); + &status, + NULL); TALLOC_FREE(br_lck); if (NT_STATUS_V(status)) { @@ -3474,7 +3475,8 @@ int reply_lock(connection_struct *conn, WRITE_LOCK, WINDOWS_LOCK, False, /* Non-blocking lock. */ - &status); + &status, + NULL); TALLOC_FREE(br_lck); @@ -5575,6 +5577,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, BOOL blocking_lock = lock_timeout ? True : False; BOOL defer_lock = False; struct byte_range_lock *br_lck; + uint32 block_smbpid; br_lck = do_lock(smbd_messaging_context(), fsp, @@ -5584,7 +5587,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, lock_type, WINDOWS_LOCK, blocking_lock, - &status); + &status, + &block_smbpid); if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) { /* Windows internal resolution for blocking locks seems @@ -5621,7 +5625,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, lock_type, WINDOWS_LOCK, offset, - count)) { + count, + block_smbpid)) { TALLOC_FREE(br_lck); END_PROFILE(SMBlockingX); return -1; -- cgit From e67c8d09fde8594c411702f6d32bb977d15c7445 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 19 May 2007 22:29:59 +0000 Subject: r23016: Remove extra & - thanks to Volker for spotting this. Jeremy. (This used to be commit c2c970fd50b293031390358d72aaa7bd94da6e6d) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ec110e7b21..364f571f4b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2645,7 +2645,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length normal_read: - if ((smb_maxcnt && 0xFF0000) > 0x10000) { + if ((smb_maxcnt & 0xFF0000) > 0x10000) { int sendlen = setup_readX_header(inbuf,outbuf,smb_maxcnt) - smb_maxcnt; /* Send out the header. */ if (write_data(smbd_server_fd(),outbuf,sendlen) != sendlen) { -- cgit From 918b6ea082562dd269c5f23941adb2f47a61dd59 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 22 May 2007 23:56:47 +0000 Subject: r23088: Fix rename for cifsfs client. This may be needed for 3.0.25a. Jeremy. (This used to be commit 02e4f6b0f1f1a1cc6bfe5fed7866eb5b18ab87e0) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 364f571f4b..fb042a6b1d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4310,10 +4310,10 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin return NT_STATUS_OBJECT_NAME_COLLISION; } - status = can_rename(conn,newname,attrs,&sbuf); + status = can_rename(conn,fsp->fsp_name,attrs,&sbuf); if (dest_exists && !NT_STATUS_IS_OK(status)) { - DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", + DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n", nt_errstr(status), fsp->fsp_name,newname)); if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION)) status = NT_STATUS_ACCESS_DENIED; -- cgit From dbfd6bf8c8cc9945c4ba7e22ac44b1f33f9c7ce6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 23 May 2007 21:32:10 +0000 Subject: r23100: Implement the delete on close semantics I've just tested for in Samba4 smbtorture. Fix rename on an open file handle. Needed for 3.0.25a. Jeremy. (This used to be commit a301467d5f645dada27093ddfd74890b88bb4ce8) --- source3/smbd/reply.c | 54 +++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 47 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fb042a6b1d..98976dd39d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1791,7 +1791,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, Check if a user is allowed to rename a file. ********************************************************************/ -static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst) +static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst, BOOL self_open) { files_struct *fsp; uint32 fmode; @@ -1812,7 +1812,10 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, status = open_file_ntcreate(conn, fname, pst, DELETE_ACCESS, - FILE_SHARE_READ|FILE_SHARE_WRITE, + /* If we're checking our fsp don't deny for delete. */ + self_open ? + FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE : + FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, FILE_ATTRIBUTE_NORMAL, @@ -4242,7 +4245,9 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin ZERO_STRUCT(sbuf); status = unix_convert(conn, newname, False, newname_last_component, &sbuf); - if (!NT_STATUS_IS_OK(status)) { + /* We expect this to be NT_STATUS_OBJECT_PATH_NOT_FOUND */ + if (!NT_STATUS_EQUAL(NT_STATUS_OBJECT_PATH_NOT_FOUND, status)) { + return NT_STATUS_OBJECT_NAME_COLLISION; return status; } @@ -4310,9 +4315,20 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin return NT_STATUS_OBJECT_NAME_COLLISION; } - status = can_rename(conn,fsp->fsp_name,attrs,&sbuf); + /* Ensure we have a valid stat struct for the source. */ + if (fsp->fh->fd != -1) { + if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) == -1) { + return map_nt_error_from_unix(errno); + } + } else { + if (SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf) == -1) { + return map_nt_error_from_unix(errno); + } + } - if (dest_exists && !NT_STATUS_IS_OK(status)) { + status = can_rename(conn,fsp->fsp_name,attrs,&sbuf,True); + + if (!NT_STATUS_IS_OK(status)) { DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n", nt_errstr(status), fsp->fsp_name,newname)); if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION)) @@ -4327,9 +4343,33 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode, NULL, NULL); if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) { + uint32 create_options = fsp->fh->private_options; + DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n", fsp->fsp_name,newname)); + rename_open_files(conn, lck, fsp->dev, fsp->inode, newname); + + /* + * A rename acts as a new file create w.r.t. allowing an initial delete + * on close, probably because in Windows there is a new handle to the + * new file. If initial delete on close was requested but not + * originally set, we need to set it here. This is probably not 100% correct, + * but will work for the CIFSFS client which in non-posix mode + * depends on these semantics. JRA. + */ + + set_allow_initial_delete_on_close(lck, fsp, True); + + if (create_options & FILE_DELETE_ON_CLOSE) { + status = can_set_delete_on_close(fsp, True, 0); + + if (NT_STATUS_IS_OK(status)) { + /* Note that here we set the *inital* delete on close flag, + * not the regular one. The magic gets handled in close. */ + fsp->initial_delete_on_close = True; + } + } TALLOC_FREE(lck); return NT_STATUS_OK; } @@ -4580,7 +4620,7 @@ NTSTATUS rename_internals(connection_struct *conn, return status; } - status = can_rename(conn,directory,attrs,&sbuf1); + status = can_rename(conn,directory,attrs,&sbuf1,False); if (!NT_STATUS_IS_OK(status)) { DEBUG(3,("rename_internals: Error %s rename %s -> " @@ -4708,7 +4748,7 @@ NTSTATUS rename_internals(connection_struct *conn, fname, nt_errstr(status))); continue; } - status = can_rename(conn,fname,attrs,&sbuf1); + status = can_rename(conn,fname,attrs,&sbuf1,False); if (!NT_STATUS_IS_OK(status)) { DEBUG(6, ("rename %s refused\n", fname)); continue; -- cgit From 4aa857d875663f39740b4667fc7852a530536660 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 24 May 2007 01:57:02 +0000 Subject: r23107: Fix renames on file descriptors that are supposed to overwrite the target. Needs merging for 3.0.25a (sorry). Jeremy. (This used to be commit a56bce3d44e89b4fd7806cc5b464c7481ec0197f) --- source3/smbd/reply.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 98976dd39d..40311758c9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4245,9 +4245,10 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin ZERO_STRUCT(sbuf); status = unix_convert(conn, newname, False, newname_last_component, &sbuf); - /* We expect this to be NT_STATUS_OBJECT_PATH_NOT_FOUND */ - if (!NT_STATUS_EQUAL(NT_STATUS_OBJECT_PATH_NOT_FOUND, status)) { - return NT_STATUS_OBJECT_NAME_COLLISION; + + /* If an error we expect this to be NT_STATUS_OBJECT_PATH_NOT_FOUND */ + + if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(NT_STATUS_OBJECT_PATH_NOT_FOUND, status)) { return status; } -- cgit From e8156439f24137b5418baad20a7f00f6949cfe29 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 29 May 2007 09:30:34 +0000 Subject: r23183: Check in a change made by Tridge: This replaces the internal explicit dev/ino file id representation by a "struct file_id". This is necessary as cluster file systems and NFS don't necessarily assign the same device number to the shared file system. With this structure in place we can now easily add different schemes to map a file to a unique 64-bit device node. Jeremy, you might note that I did not change the external interface of smb_share_modes.c. Volker (This used to be commit 9b10dbbd5de8813fc15ebbb6be9b18010ffe8139) --- source3/smbd/reply.c | 39 +++++++++++++++++++-------------------- 1 file changed, 19 insertions(+), 20 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 40311758c9..6d4c08b663 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4171,12 +4171,12 @@ static BOOL resolve_wildcards(const char *name1, char *name2) ****************************************************************************/ static void rename_open_files(connection_struct *conn, struct share_mode_lock *lck, - SMB_DEV_T dev, SMB_INO_T inode, const char *newname) + struct file_id id, const char *newname) { files_struct *fsp; BOOL did_rename = False; - for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) { + for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) { /* fsp_name is a relative path under the fsp. To change this for other sharepaths we need to manipulate relative paths. */ /* TODO - create the absolute path and manipulate the newname @@ -4184,16 +4184,16 @@ static void rename_open_files(connection_struct *conn, struct share_mode_lock *l if (fsp->conn != conn) { continue; } - DEBUG(10,("rename_open_files: renaming file fnum %d (dev = %x, inode = %.0f) from %s -> %s\n", - fsp->fnum, (unsigned int)fsp->dev, (double)fsp->inode, + DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n", + fsp->fnum, file_id_static_string(&fsp->file_id), fsp->fsp_name, newname )); string_set(&fsp->fsp_name, newname); did_rename = True; } if (!did_rename) { - DEBUG(10,("rename_open_files: no open files on dev %x, inode %.0f for %s\n", - (unsigned int)dev, (double)inode, newname )); + DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n", + file_id_static_string(&id), newname )); } /* Send messages to all smbd's (not ourself) that the name has changed. */ @@ -4341,7 +4341,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin return NT_STATUS_ACCESS_DENIED; } - lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode, NULL, NULL); + lck = get_share_mode_lock(NULL, fsp->file_id, NULL, NULL); if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) { uint32 create_options = fsp->fh->private_options; @@ -4349,7 +4349,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n", fsp->fsp_name,newname)); - rename_open_files(conn, lck, fsp->dev, fsp->inode, newname); + rename_open_files(conn, lck, fsp->file_id, newname); /* * A rename acts as a new file create w.r.t. allowing an initial delete @@ -4457,6 +4457,7 @@ NTSTATUS rename_internals(connection_struct *conn, const char *dname; long offset = 0; pstring destname; + struct file_id id; *directory = *mask = 0; @@ -4635,9 +4636,10 @@ NTSTATUS rename_internals(connection_struct *conn, * don't do the rename, just return success. */ + id = file_id_sbuf(&sbuf1); + if (strcsequal(directory, newname)) { - rename_open_files(conn, NULL, sbuf1.st_dev, - sbuf1.st_ino, newname); + rename_open_files(conn, NULL, id, newname); DEBUG(3, ("rename_internals: identical names in " "rename %s - returning success\n", directory)); @@ -4654,14 +4656,12 @@ NTSTATUS rename_internals(connection_struct *conn, return NT_STATUS_SHARING_VIOLATION; } - lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, - NULL, NULL); + lck = get_share_mode_lock(NULL, id, NULL, NULL); if(SMB_VFS_RENAME(conn,directory, newname) == 0) { DEBUG(3,("rename_internals: succeeded doing rename " "on %s -> %s\n", directory, newname)); - rename_open_files(conn, lck, sbuf1.st_dev, - sbuf1.st_ino, newname); + rename_open_files(conn, lck, id, newname); TALLOC_FREE(lck); notify_rename(conn, S_ISDIR(sbuf1.st_mode), directory, newname); @@ -4768,9 +4768,10 @@ NTSTATUS rename_internals(connection_struct *conn, return status; } + id = file_id_sbuf(&sbuf1); + if (strcsequal(fname,destname)) { - rename_open_files(conn, NULL, sbuf1.st_dev, - sbuf1.st_ino, newname); + rename_open_files(conn, NULL, id, newname); DEBUG(3,("rename_internals: identical names " "in wildcard rename %s - success\n", fname)); @@ -4789,12 +4790,10 @@ NTSTATUS rename_internals(connection_struct *conn, return NT_STATUS_SHARING_VIOLATION; } - lck = get_share_mode_lock(NULL, sbuf1.st_dev, - sbuf1.st_ino, NULL, NULL); + lck = get_share_mode_lock(NULL, id, NULL, NULL); if (!SMB_VFS_RENAME(conn,fname,destname)) { - rename_open_files(conn, lck, sbuf1.st_dev, - sbuf1.st_ino, newname); + rename_open_files(conn, lck, id, newname); count++; status = NT_STATUS_OK; } -- cgit From 7d48db6a622af587d2f3fa2541b77fa1179ca042 Mon Sep 17 00:00:00 2001 From: James Peach Date: Fri, 1 Jun 2007 19:34:08 +0000 Subject: r23299: Fix the build for !WITH_SENDFILE. (This used to be commit 87b92e7ebda018f1d6a588748e282dc1a2c50613) --- source3/smbd/reply.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6d4c08b663..3a80d9eaa6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2246,11 +2246,10 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st return; } - - normal_readbraw: - #endif +normal_readbraw: + if (nread > 0) { ret = read_file(fsp,outbuf+4,startpos,nread); #if 0 /* mincount appears to be ignored in a W2K server. JRA. */ @@ -2646,7 +2645,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length #endif - normal_read: +normal_read: if ((smb_maxcnt & 0xFF0000) > 0x10000) { int sendlen = setup_readX_header(inbuf,outbuf,smb_maxcnt) - smb_maxcnt; -- cgit From cacbe41945a8f40193981f4237e28e40b6932f1e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 12 Jun 2007 18:14:16 +0000 Subject: r23445: Fix suggested by Volker. Don't call rename_open_files if the name wasn't changed. Jeremy. (This used to be commit 7a9629365eb4eb2829982fe2b2bfffd840648e6f) --- source3/smbd/reply.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3a80d9eaa6..6490856f04 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4638,7 +4638,6 @@ NTSTATUS rename_internals(connection_struct *conn, id = file_id_sbuf(&sbuf1); if (strcsequal(directory, newname)) { - rename_open_files(conn, NULL, id, newname); DEBUG(3, ("rename_internals: identical names in " "rename %s - returning success\n", directory)); @@ -4770,7 +4769,6 @@ NTSTATUS rename_internals(connection_struct *conn, id = file_id_sbuf(&sbuf1); if (strcsequal(fname,destname)) { - rename_open_files(conn, NULL, id, newname); DEBUG(3,("rename_internals: identical names " "in wildcard rename %s - success\n", fname)); -- cgit From 062a411c12e032e14252cbfb261fd5b069de2bb8 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 13 Jun 2007 09:55:13 +0000 Subject: r23457: After Jeremy's ack: The attached patch removes a little race condition for people with real kernel oplock support, and reduces some code paths. It changes reply_unlink to open_file_ntcreate, set_delete_on_close and close_file. The race condition happens if we break the oplock in can_delete via open_file_ntcreate, we close the file, someone else gets a batch oplock and we try to unlink. It reduces code paths by calling SMB_VFS_UNLINK in 2 fewer places. (This used to be commit 0342ce7057045a362134281bcc7030111276dea0) --- source3/smbd/reply.c | 53 ++++++++++++++++++++++++++++------------------------ 1 file changed, 29 insertions(+), 24 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6490856f04..be35099470 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1830,11 +1830,11 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, } /******************************************************************* - Check if a user is allowed to delete a file. -********************************************************************/ + * unlink a file with all relevant access checks + *******************************************************************/ -static NTSTATUS can_delete(connection_struct *conn, char *fname, - uint32 dirtype, BOOL can_defer) +static NTSTATUS do_unlink(connection_struct *conn, char *fname, + uint32 dirtype, BOOL can_defer) { SMB_STRUCT_STAT sbuf; uint32 fattr; @@ -1935,10 +1935,19 @@ static NTSTATUS can_delete(connection_struct *conn, char *fname, can_defer ? 0 : INTERNAL_OPEN_ONLY, NULL, &fsp); - if (NT_STATUS_IS_OK(status)) { - close_file(fsp,NORMAL_CLOSE); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("open_file_ntcreate failed: %s\n", + nt_errstr(status))); + return status; } - return status; + + /* The set is across all open files on this dev/inode pair. */ + if (!set_delete_on_close(fsp, True, ¤t_user.ut)) { + close_file(fsp, NORMAL_CLOSE); + return NT_STATUS_ACCESS_DENIED; + } + + return close_file(fsp,NORMAL_CLOSE); } /**************************************************************************** @@ -1997,17 +2006,15 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, return status; } - status = can_delete(conn,directory,dirtype,can_defer); + status = do_unlink(conn,directory,dirtype,can_defer); if (!NT_STATUS_IS_OK(status)) { return status; } - if (SMB_VFS_UNLINK(conn,directory) == 0) { - count++; - notify_fname(conn, NOTIFY_ACTION_REMOVED, - FILE_NOTIFY_CHANGE_FILE_NAME, - directory); - } + count++; + notify_fname(conn, NOTIFY_ACTION_REMOVED, + FILE_NOTIFY_CHANGE_FILE_NAME, + directory); } else { struct smb_Dir *dir_hnd = NULL; long offset = 0; @@ -2066,19 +2073,17 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, return status; } - status = can_delete(conn, fname, dirtype, can_defer); + status = do_unlink(conn, fname, dirtype, can_defer); if (!NT_STATUS_IS_OK(status)) { continue; } - if (SMB_VFS_UNLINK(conn,fname) == 0) { - count++; - DEBUG(3,("unlink_internals: succesful unlink " - "[%s]\n",fname)); - notify_fname(conn, NOTIFY_ACTION_REMOVED, - FILE_NOTIFY_CHANGE_FILE_NAME, - fname); - } - + + count++; + DEBUG(3,("unlink_internals: succesful unlink [%s]\n", + fname)); + notify_fname(conn, NOTIFY_ACTION_REMOVED, + FILE_NOTIFY_CHANGE_FILE_NAME, + fname); } CloseDir(dir_hnd); } -- cgit From 719df44c03c54429504c9f58922f348a5cb5aafe Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 13 Jun 2007 11:32:46 +0000 Subject: r23466: Fix RAW-NOTIFY: by using delete on close the notify is triggered deep inside close_file() already. (This used to be commit 0b29e3ad0f2b1759eb195fb37f1f8667d87f5670) --- source3/smbd/reply.c | 6 ------ 1 file changed, 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index be35099470..f2ff0b85e0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2012,9 +2012,6 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, } count++; - notify_fname(conn, NOTIFY_ACTION_REMOVED, - FILE_NOTIFY_CHANGE_FILE_NAME, - directory); } else { struct smb_Dir *dir_hnd = NULL; long offset = 0; @@ -2081,9 +2078,6 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, count++; DEBUG(3,("unlink_internals: succesful unlink [%s]\n", fname)); - notify_fname(conn, NOTIFY_ACTION_REMOVED, - FILE_NOTIFY_CHANGE_FILE_NAME, - fname); } CloseDir(dir_hnd); } -- cgit From 0e0fed6f25520d31966a5b29429533397ee5e171 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 13 Jun 2007 12:52:36 +0000 Subject: r23467: Next little simplification: In rename_internals it's a bit pointless to first ask for existence of a file when we do the open_file_ntcreate in can_rename later on anyway. That also gets us the right error message in case the file is not there automatically. (This used to be commit f3d582cb908f95c1b557bda5d41b5a8aff75b124) --- source3/smbd/reply.c | 51 +++++++++++++-------------------------------------- 1 file changed, 13 insertions(+), 38 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f2ff0b85e0..14dbdcafbd 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4588,38 +4588,9 @@ NTSTATUS rename_internals(connection_struct *conn, } /* - * The source object must exist. + * The source object must exist, and it may not have a + * conflicting share mode. */ - - if (!vfs_object_exist(conn, directory, &sbuf1)) { - DEBUG(3, ("rename_internals: source doesn't exist " - "doing rename %s -> %s\n", - directory,newname)); - - if (errno == ENOTDIR || errno == EISDIR - || errno == ENOENT) { - /* - * Must return different errors depending on - * whether the parent directory existed or - * not. - */ - - p = strrchr_m(directory, '/'); - if (!p) - return NT_STATUS_OBJECT_NAME_NOT_FOUND; - *p = '\0'; - if (vfs_object_exist(conn, directory, NULL)) - return NT_STATUS_OBJECT_NAME_NOT_FOUND; - return NT_STATUS_OBJECT_PATH_NOT_FOUND; - } - status = map_nt_error_from_unix(errno); - DEBUG(3, ("rename_internals: Error %s rename %s -> " - "%s\n", nt_errstr(status), directory, - newname)); - - return status; - } - status = can_rename(conn,directory,attrs,&sbuf1,False); if (!NT_STATUS_IS_OK(status)) { @@ -4740,15 +4711,19 @@ NTSTATUS rename_internals(connection_struct *conn, return status; } - if (!vfs_object_exist(conn, fname, &sbuf1)) { - status = NT_STATUS_OBJECT_NAME_NOT_FOUND; - DEBUG(6, ("rename %s failed. Error %s\n", - fname, nt_errstr(status))); - continue; - } + /* + * can_rename does an open_file_ntcreate which needs a valid + * stat in case the file exists + */ + + ZERO_STRUCT(sbuf1); + SMB_VFS_STAT(conn, fname, &sbuf1); + status = can_rename(conn,fname,attrs,&sbuf1,False); + if (!NT_STATUS_IS_OK(status)) { - DEBUG(6, ("rename %s refused\n", fname)); + DEBUG(6, ("rename %s refused: %s\n", fname, + nt_errstr(status))); continue; } pstrcpy(destname,newname); -- cgit From 8b2637631e79112408cfce628d3b26aa701f78ef Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 13 Jun 2007 19:01:41 +0000 Subject: r23469: Fix a comment (This used to be commit 47cc9359aa1b4d5fcd9469be0b1378030ac388fc) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 14dbdcafbd..272c3966ba 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1842,7 +1842,7 @@ static NTSTATUS do_unlink(connection_struct *conn, char *fname, uint32 dirtype_orig = dirtype; NTSTATUS status; - DEBUG(10,("can_delete: %s, dirtype = %d\n", fname, dirtype )); + DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype )); if (!CAN_WRITE(conn)) { return NT_STATUS_MEDIA_WRITE_PROTECTED; -- cgit From c03c86232c0d32fd997a5cf52e632e7b159ab688 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 14 Jun 2007 09:45:39 +0000 Subject: r23482: Slightly simplify the rename code: Remove two local variables that are not really needed. (This used to be commit e068e38ef3b364f2c6477f9d8d6ef3b81a6207ca) --- source3/smbd/reply.c | 32 ++++++++++++++------------------ 1 file changed, 14 insertions(+), 18 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 272c3966ba..a183bb3952 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4168,13 +4168,15 @@ static BOOL resolve_wildcards(const char *name1, char *name2) asynchronously. ****************************************************************************/ -static void rename_open_files(connection_struct *conn, struct share_mode_lock *lck, - struct file_id id, const char *newname) +static void rename_open_files(connection_struct *conn, + struct share_mode_lock *lck, + const char *newname) { files_struct *fsp; BOOL did_rename = False; - for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) { + for(fsp = file_find_di_first(lck->id); fsp; + fsp = file_find_di_next(fsp)) { /* fsp_name is a relative path under the fsp. To change this for other sharepaths we need to manipulate relative paths. */ /* TODO - create the absolute path and manipulate the newname @@ -4191,7 +4193,7 @@ static void rename_open_files(connection_struct *conn, struct share_mode_lock *l if (!did_rename) { DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n", - file_id_static_string(&id), newname )); + file_id_static_string(&lck->id), newname )); } /* Send messages to all smbd's (not ourself) that the name has changed. */ @@ -4237,7 +4239,6 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin SMB_STRUCT_STAT sbuf; pstring newname_last_component; NTSTATUS status = NT_STATUS_OK; - BOOL dest_exists; struct share_mode_lock *lck = NULL; ZERO_STRUCT(sbuf); @@ -4306,9 +4307,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin return NT_STATUS_OK; } - dest_exists = vfs_object_exist(conn,newname,NULL); - - if(!replace_if_exists && dest_exists) { + if(!replace_if_exists && vfs_object_exist(conn, newname, NULL)) { DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n", fsp->fsp_name,newname)); return NT_STATUS_OBJECT_NAME_COLLISION; @@ -4347,7 +4346,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n", fsp->fsp_name,newname)); - rename_open_files(conn, lck, fsp->file_id, newname); + rename_open_files(conn, lck, newname); /* * A rename acts as a new file create w.r.t. allowing an initial delete @@ -4455,7 +4454,6 @@ NTSTATUS rename_internals(connection_struct *conn, const char *dname; long offset = 0; pstring destname; - struct file_id id; *directory = *mask = 0; @@ -4605,8 +4603,6 @@ NTSTATUS rename_internals(connection_struct *conn, * don't do the rename, just return success. */ - id = file_id_sbuf(&sbuf1); - if (strcsequal(directory, newname)) { DEBUG(3, ("rename_internals: identical names in " "rename %s - returning success\n", @@ -4624,12 +4620,13 @@ NTSTATUS rename_internals(connection_struct *conn, return NT_STATUS_SHARING_VIOLATION; } - lck = get_share_mode_lock(NULL, id, NULL, NULL); + lck = get_share_mode_lock(NULL, file_id_sbuf(&sbuf1), + NULL, NULL); if(SMB_VFS_RENAME(conn,directory, newname) == 0) { DEBUG(3,("rename_internals: succeeded doing rename " "on %s -> %s\n", directory, newname)); - rename_open_files(conn, lck, id, newname); + rename_open_files(conn, lck, newname); TALLOC_FREE(lck); notify_rename(conn, S_ISDIR(sbuf1.st_mode), directory, newname); @@ -4740,8 +4737,6 @@ NTSTATUS rename_internals(connection_struct *conn, return status; } - id = file_id_sbuf(&sbuf1); - if (strcsequal(fname,destname)) { DEBUG(3,("rename_internals: identical names " "in wildcard rename %s - success\n", @@ -4761,10 +4756,11 @@ NTSTATUS rename_internals(connection_struct *conn, return NT_STATUS_SHARING_VIOLATION; } - lck = get_share_mode_lock(NULL, id, NULL, NULL); + lck = get_share_mode_lock(NULL, file_id_sbuf(&sbuf1), NULL, + NULL); if (!SMB_VFS_RENAME(conn,fname,destname)) { - rename_open_files(conn, lck, id, newname); + rename_open_files(conn, lck, newname); count++; status = NT_STATUS_OK; } -- cgit From 4944a5227cedb52db3f08bfaa81cc4489efa6e28 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 14 Jun 2007 09:51:13 +0000 Subject: r23483: Revert 23482, I must have run 'make test' in the wrong subdir. (This used to be commit 1ce0c582bccc90e54a69b1e70973ed7ccb47cbbb) --- source3/smbd/reply.c | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a183bb3952..272c3966ba 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4168,15 +4168,13 @@ static BOOL resolve_wildcards(const char *name1, char *name2) asynchronously. ****************************************************************************/ -static void rename_open_files(connection_struct *conn, - struct share_mode_lock *lck, - const char *newname) +static void rename_open_files(connection_struct *conn, struct share_mode_lock *lck, + struct file_id id, const char *newname) { files_struct *fsp; BOOL did_rename = False; - for(fsp = file_find_di_first(lck->id); fsp; - fsp = file_find_di_next(fsp)) { + for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) { /* fsp_name is a relative path under the fsp. To change this for other sharepaths we need to manipulate relative paths. */ /* TODO - create the absolute path and manipulate the newname @@ -4193,7 +4191,7 @@ static void rename_open_files(connection_struct *conn, if (!did_rename) { DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n", - file_id_static_string(&lck->id), newname )); + file_id_static_string(&id), newname )); } /* Send messages to all smbd's (not ourself) that the name has changed. */ @@ -4239,6 +4237,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin SMB_STRUCT_STAT sbuf; pstring newname_last_component; NTSTATUS status = NT_STATUS_OK; + BOOL dest_exists; struct share_mode_lock *lck = NULL; ZERO_STRUCT(sbuf); @@ -4307,7 +4306,9 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin return NT_STATUS_OK; } - if(!replace_if_exists && vfs_object_exist(conn, newname, NULL)) { + dest_exists = vfs_object_exist(conn,newname,NULL); + + if(!replace_if_exists && dest_exists) { DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n", fsp->fsp_name,newname)); return NT_STATUS_OBJECT_NAME_COLLISION; @@ -4346,7 +4347,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n", fsp->fsp_name,newname)); - rename_open_files(conn, lck, newname); + rename_open_files(conn, lck, fsp->file_id, newname); /* * A rename acts as a new file create w.r.t. allowing an initial delete @@ -4454,6 +4455,7 @@ NTSTATUS rename_internals(connection_struct *conn, const char *dname; long offset = 0; pstring destname; + struct file_id id; *directory = *mask = 0; @@ -4603,6 +4605,8 @@ NTSTATUS rename_internals(connection_struct *conn, * don't do the rename, just return success. */ + id = file_id_sbuf(&sbuf1); + if (strcsequal(directory, newname)) { DEBUG(3, ("rename_internals: identical names in " "rename %s - returning success\n", @@ -4620,13 +4624,12 @@ NTSTATUS rename_internals(connection_struct *conn, return NT_STATUS_SHARING_VIOLATION; } - lck = get_share_mode_lock(NULL, file_id_sbuf(&sbuf1), - NULL, NULL); + lck = get_share_mode_lock(NULL, id, NULL, NULL); if(SMB_VFS_RENAME(conn,directory, newname) == 0) { DEBUG(3,("rename_internals: succeeded doing rename " "on %s -> %s\n", directory, newname)); - rename_open_files(conn, lck, newname); + rename_open_files(conn, lck, id, newname); TALLOC_FREE(lck); notify_rename(conn, S_ISDIR(sbuf1.st_mode), directory, newname); @@ -4737,6 +4740,8 @@ NTSTATUS rename_internals(connection_struct *conn, return status; } + id = file_id_sbuf(&sbuf1); + if (strcsequal(fname,destname)) { DEBUG(3,("rename_internals: identical names " "in wildcard rename %s - success\n", @@ -4756,11 +4761,10 @@ NTSTATUS rename_internals(connection_struct *conn, return NT_STATUS_SHARING_VIOLATION; } - lck = get_share_mode_lock(NULL, file_id_sbuf(&sbuf1), NULL, - NULL); + lck = get_share_mode_lock(NULL, id, NULL, NULL); if (!SMB_VFS_RENAME(conn,fname,destname)) { - rename_open_files(conn, lck, newname); + rename_open_files(conn, lck, id, newname); count++; status = NT_STATUS_OK; } -- cgit From 184eb775ffdd6f8afa8822a889b754e5e7050e45 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 14 Jun 2007 12:03:46 +0000 Subject: r23486: Ok, this time with a hopefully successful make test in the right place: Remove two local variables (This used to be commit 575e594e936c3cb197945063309f0b424dcdefc8) --- source3/smbd/reply.c | 51 +++++++++++++++++++++++++++++++++------------------ 1 file changed, 33 insertions(+), 18 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 272c3966ba..45c4b1d1df 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4168,13 +4168,15 @@ static BOOL resolve_wildcards(const char *name1, char *name2) asynchronously. ****************************************************************************/ -static void rename_open_files(connection_struct *conn, struct share_mode_lock *lck, - struct file_id id, const char *newname) +static void rename_open_files(connection_struct *conn, + struct share_mode_lock *lck, + const char *newname) { files_struct *fsp; BOOL did_rename = False; - for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) { + for(fsp = file_find_di_first(lck->id); fsp; + fsp = file_find_di_next(fsp)) { /* fsp_name is a relative path under the fsp. To change this for other sharepaths we need to manipulate relative paths. */ /* TODO - create the absolute path and manipulate the newname @@ -4191,7 +4193,7 @@ static void rename_open_files(connection_struct *conn, struct share_mode_lock *l if (!did_rename) { DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n", - file_id_static_string(&id), newname )); + file_id_static_string(&lck->id), newname )); } /* Send messages to all smbd's (not ourself) that the name has changed. */ @@ -4237,7 +4239,6 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin SMB_STRUCT_STAT sbuf; pstring newname_last_component; NTSTATUS status = NT_STATUS_OK; - BOOL dest_exists; struct share_mode_lock *lck = NULL; ZERO_STRUCT(sbuf); @@ -4306,9 +4307,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin return NT_STATUS_OK; } - dest_exists = vfs_object_exist(conn,newname,NULL); - - if(!replace_if_exists && dest_exists) { + if(!replace_if_exists && vfs_object_exist(conn, newname, NULL)) { DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n", fsp->fsp_name,newname)); return NT_STATUS_OBJECT_NAME_COLLISION; @@ -4341,13 +4340,20 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin lck = get_share_mode_lock(NULL, fsp->file_id, NULL, NULL); + /* + * We have the file open ourselves, so not being able to get the + * corresponding share mode lock is a fatal error. + */ + + SMB_ASSERT(lck != NULL); + if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) { uint32 create_options = fsp->fh->private_options; DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n", fsp->fsp_name,newname)); - rename_open_files(conn, lck, fsp->file_id, newname); + rename_open_files(conn, lck, newname); /* * A rename acts as a new file create w.r.t. allowing an initial delete @@ -4455,7 +4461,6 @@ NTSTATUS rename_internals(connection_struct *conn, const char *dname; long offset = 0; pstring destname; - struct file_id id; *directory = *mask = 0; @@ -4605,8 +4610,6 @@ NTSTATUS rename_internals(connection_struct *conn, * don't do the rename, just return success. */ - id = file_id_sbuf(&sbuf1); - if (strcsequal(directory, newname)) { DEBUG(3, ("rename_internals: identical names in " "rename %s - returning success\n", @@ -4624,12 +4627,19 @@ NTSTATUS rename_internals(connection_struct *conn, return NT_STATUS_SHARING_VIOLATION; } - lck = get_share_mode_lock(NULL, id, NULL, NULL); + lck = get_share_mode_lock(NULL, file_id_sbuf(&sbuf1), + NULL, NULL); if(SMB_VFS_RENAME(conn,directory, newname) == 0) { DEBUG(3,("rename_internals: succeeded doing rename " "on %s -> %s\n", directory, newname)); - rename_open_files(conn, lck, id, newname); + if (lck != NULL) { + /* + * Only in this case there are open files at + * all. + */ + rename_open_files(conn, lck, newname); + } TALLOC_FREE(lck); notify_rename(conn, S_ISDIR(sbuf1.st_mode), directory, newname); @@ -4740,8 +4750,6 @@ NTSTATUS rename_internals(connection_struct *conn, return status; } - id = file_id_sbuf(&sbuf1); - if (strcsequal(fname,destname)) { DEBUG(3,("rename_internals: identical names " "in wildcard rename %s - success\n", @@ -4761,10 +4769,17 @@ NTSTATUS rename_internals(connection_struct *conn, return NT_STATUS_SHARING_VIOLATION; } - lck = get_share_mode_lock(NULL, id, NULL, NULL); + lck = get_share_mode_lock(NULL, file_id_sbuf(&sbuf1), NULL, + NULL); if (!SMB_VFS_RENAME(conn,fname,destname)) { - rename_open_files(conn, lck, id, newname); + if (lck != NULL) { + /* + * Only in this case there are open files at + * all. + */ + rename_open_files(conn, lck, newname); + } count++; status = NT_STATUS_OK; } -- cgit From 9c4d185ef0740ea31da8718b9cb16dac7cddcc15 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 14 Jun 2007 14:45:37 +0000 Subject: r23500: Two changes to survive the now activated test for rename_internals_fsp: With the target being open we have to return NT_STATUS_ACCESS_DENIED and root_fid != 0 leads to NT_STATUS_INVALID_PARAMETER (This used to be commit b599e5b1e10bdf825b2ce53de4a6ec35726d00f6) --- source3/smbd/reply.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 45c4b1d1df..c20daae21b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4236,10 +4236,11 @@ static BOOL rename_path_prefix_equal(const char *src, const char *dest) NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstring newname, uint32 attrs, BOOL replace_if_exists) { - SMB_STRUCT_STAT sbuf; + SMB_STRUCT_STAT sbuf, sbuf1; pstring newname_last_component; NTSTATUS status = NT_STATUS_OK; struct share_mode_lock *lck = NULL; + BOOL dst_exists; ZERO_STRUCT(sbuf); @@ -4307,12 +4308,22 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin return NT_STATUS_OK; } - if(!replace_if_exists && vfs_object_exist(conn, newname, NULL)) { + /* + * Have vfs_object_exist also fill sbuf1 + */ + dst_exists = vfs_object_exist(conn, newname, &sbuf1); + + if(!replace_if_exists && dst_exists) { DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n", fsp->fsp_name,newname)); return NT_STATUS_OBJECT_NAME_COLLISION; } + if (file_find_di_first(file_id_sbuf(&sbuf1)) != NULL) { + DEBUG(3, ("rename_internals_fsp: Target file open\n")); + return NT_STATUS_ACCESS_DENIED; + } + /* Ensure we have a valid stat struct for the source. */ if (fsp->fh->fd != -1) { if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) == -1) { -- cgit From 59c872103dc82a1a9dcb743b39e4ca0f0205dad2 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 14 Jun 2007 15:50:47 +0000 Subject: r23501: Move notify_rename before rename_internals_fsp and call it from there. (This used to be commit 8d3828871c561cd05e6461e157db4c0ccddd5f22) --- source3/smbd/reply.c | 86 +++++++++++++++++++++++++++------------------------- 1 file changed, 44 insertions(+), 42 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c20daae21b..205374cff7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4230,6 +4230,48 @@ static BOOL rename_path_prefix_equal(const char *src, const char *dest) return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/'); } +/* + * Do the notify calls from a rename + */ + +static void notify_rename(connection_struct *conn, BOOL is_dir, + const char *oldpath, const char *newpath) +{ + char *olddir, *newdir; + const char *oldname, *newname; + uint32 mask; + + mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME + : FILE_NOTIFY_CHANGE_FILE_NAME; + + if (!parent_dirname_talloc(NULL, oldpath, &olddir, &oldname) + || !parent_dirname_talloc(NULL, newpath, &newdir, &newname)) { + TALLOC_FREE(olddir); + return; + } + + if (strcmp(olddir, newdir) == 0) { + notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath); + notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath); + } + else { + notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath); + notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath); + } + TALLOC_FREE(olddir); + TALLOC_FREE(newdir); + + /* this is a strange one. w2k3 gives an additional event for + CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming + files, but not directories */ + if (!is_dir) { + notify_fname(conn, NOTIFY_ACTION_MODIFIED, + FILE_NOTIFY_CHANGE_ATTRIBUTES + |FILE_NOTIFY_CHANGE_CREATION, + newpath); + } +} + /**************************************************************************** Rename an open file - given an fsp. ****************************************************************************/ @@ -4366,6 +4408,8 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin rename_open_files(conn, lck, newname); + notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname); + /* * A rename acts as a new file create w.r.t. allowing an initial delete * on close, probably because in Windows there is a new handle to the @@ -4404,48 +4448,6 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin return status; } -/* - * Do the notify calls from a rename - */ - -static void notify_rename(connection_struct *conn, BOOL is_dir, - const char *oldpath, const char *newpath) -{ - char *olddir, *newdir; - const char *oldname, *newname; - uint32 mask; - - mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME - : FILE_NOTIFY_CHANGE_FILE_NAME; - - if (!parent_dirname_talloc(NULL, oldpath, &olddir, &oldname) - || !parent_dirname_talloc(NULL, newpath, &newdir, &newname)) { - TALLOC_FREE(olddir); - return; - } - - if (strcmp(olddir, newdir) == 0) { - notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath); - notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath); - } - else { - notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath); - notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath); - } - TALLOC_FREE(olddir); - TALLOC_FREE(newdir); - - /* this is a strange one. w2k3 gives an additional event for - CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming - files, but not directories */ - if (!is_dir) { - notify_fname(conn, NOTIFY_ACTION_MODIFIED, - FILE_NOTIFY_CHANGE_ATTRIBUTES - |FILE_NOTIFY_CHANGE_CREATION, - newpath); - } -} - /**************************************************************************** The guts of the rename command, split out so it may be called by the NT SMB code. -- cgit From cc35d1300d487c65f1dc8a275140701ba276adaf Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 15 Jun 2007 19:24:04 +0000 Subject: r23508: Fix sync_file() to return NTSTATUS and return this on failure in the write path. Jeremy. (This used to be commit cd3f7dbee809fb40194af0e7509142166e02b252) --- source3/smbd/reply.c | 58 ++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 50 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 205374cff7..33ccb7f386 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2787,6 +2787,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, BOOL write_through; files_struct *fsp = file_fsp(inbuf,smb_vwv0); int outsize = 0; + NTSTATUS status; START_PROFILE(SMBwritebraw); if (srv_is_signing_active()) { @@ -2891,7 +2892,13 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, SSVAL(outbuf,smb_vwv0,total_written); - sync_file(conn, fsp, write_through); + status = sync_file(conn, fsp, write_through); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n", + fsp->fsp_name, nt_errstr(status) )); + END_PROFILE(SMBwritebraw); + return ERROR_NT(status); + } DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n", fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written)); @@ -2956,7 +2963,13 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, nwritten = write_file(fsp,data,startpos,numtowrite); } - sync_file(conn, fsp, False /* write through */); + status = sync_file(conn, fsp, False /* write through */); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBwriteunlock); + DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n", + fsp->fsp_name, nt_errstr(status) )); + return ERROR_NT(status); + } if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwriteunlock); @@ -3003,6 +3016,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d char *data; files_struct *fsp = file_fsp(inbuf,smb_vwv0); int outsize = 0; + NTSTATUS status; START_PROFILE(SMBwrite); /* If it's an IPC, pass off the pipe handler. */ @@ -3013,6 +3027,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d CHECK_FSP(fsp,conn); if (!CHECK_WRITE(fsp)) { + END_PROFILE(SMBwrite); return(ERROR_DOS(ERRDOS,ERRbadaccess)); } @@ -3048,7 +3063,13 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d } else nwritten = write_file(fsp,data,startpos,numtowrite); - sync_file(conn, fsp, False); + status = sync_file(conn, fsp, False); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBwrite); + DEBUG(5,("reply_write: sync_file for %s returned %s\n", + fsp->fsp_name, nt_errstr(status) )); + return ERROR_NT(status); + } if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { END_PROFILE(SMBwrite); @@ -3085,6 +3106,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng unsigned int smblen = smb_len(inbuf); char *data; BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF)); + NTSTATUS status; START_PROFILE(SMBwriteX); /* If it's an IPC, pass off the pipe handler. */ @@ -3175,7 +3197,13 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten)); - sync_file(conn, fsp, write_through); + status = sync_file(conn, fsp, write_through); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBwriteX); + DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n", + fsp->fsp_name, nt_errstr(status) )); + return ERROR_NT(status); + } END_PROFILE(SMBwriteX); return chain_reply(inbuf,outbuf,length,bufsize); @@ -3272,7 +3300,13 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int if (!fsp) { file_sync_all(conn); } else { - sync_file(conn,fsp, True); + NTSTATUS status = sync_file(conn, fsp, True); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBflush); + DEBUG(5,("reply_flush: sync_file for %s returned %s\n", + fsp->fsp_name, nt_errstr(status) )); + return ERROR_NT(status); + } } DEBUG(3,("flush\n")); @@ -5886,6 +5920,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int smb_doff; char *data; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + NTSTATUS status; START_PROFILE(SMBwriteBmpx); CHECK_FSP(fsp,conn); @@ -5915,7 +5950,13 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, nwritten = write_file(fsp,data,startpos,numtowrite); - sync_file(conn, fsp, write_through); + status = sync_file(conn, fsp, write_through); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBwriteBmpx); + DEBUG(5,("reply_writebmpx: sync_file for %s returned %s\n", + fsp->fsp_name, nt_errstr(status) )); + return ERROR_NT(status); + } if(nwritten < (ssize_t)numtowrite) { END_PROFILE(SMBwriteBmpx); @@ -5991,6 +6032,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz write_bmpx_struct *wbms; BOOL send_response = False; files_struct *fsp = file_fsp(inbuf,smb_vwv0); + NTSTATUS status; START_PROFILE(SMBwriteBs); CHECK_FSP(fsp,conn); @@ -6027,9 +6069,9 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz nwritten = write_file(fsp,data,startpos,numtowrite); - sync_file(conn, fsp, write_through); + status = sync_file(conn, fsp, write_through); - if (nwritten < (ssize_t)numtowrite) { + if (nwritten < (ssize_t)numtowrite || !NT_STATUS_IS_OK(status)) { if(write_through) { /* We are returning an error - we can delete the aux struct */ if (wbms) -- cgit From 80c085d8ef1619865710b2ceb2c13fc56fd1929c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 16 Jun 2007 10:02:51 +0000 Subject: r23517: After Jeremy has given is ack on irc: Change rename_internals to open the file/directory and then call rename_internals_fsp. Two reasons: Remove code duplication and remove a race condition. The race condition was due to the fact that in can_rename the share mode check closed the file and then after that did the rename. (This used to be commit aa16d8a649d1a38593edd5ca94ed2c7d4291911b) --- source3/smbd/reply.c | 240 +++++++++++++-------------------------------------- 1 file changed, 61 insertions(+), 179 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 33ccb7f386..72a3f5da8e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1791,17 +1791,16 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, Check if a user is allowed to rename a file. ********************************************************************/ -static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst, BOOL self_open) +static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp, + uint16 dirtype, SMB_STRUCT_STAT *pst) { - files_struct *fsp; uint32 fmode; - NTSTATUS status; if (!CAN_WRITE(conn)) { return NT_STATUS_MEDIA_WRITE_PROTECTED; } - fmode = dos_mode(conn,fname,pst); + fmode = dos_mode(conn, fsp->fsp_name, pst); if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) { return NT_STATUS_NO_SUCH_FILE; } @@ -1810,23 +1809,11 @@ static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, return NT_STATUS_OK; } - status = open_file_ntcreate(conn, fname, pst, - DELETE_ACCESS, - /* If we're checking our fsp don't deny for delete. */ - self_open ? - FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE : - FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - 0, - NULL, &fsp); - - if (!NT_STATUS_IS_OK(status)) { - return status; + if (fsp->access_mask & DELETE_ACCESS) { + return NT_STATUS_OK; } - close_file(fsp,NORMAL_CLOSE); - return NT_STATUS_OK; + + return NT_STATUS_ACCESS_DENIED; } /******************************************************************* @@ -4395,7 +4382,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin return NT_STATUS_OBJECT_NAME_COLLISION; } - if (file_find_di_first(file_id_sbuf(&sbuf1)) != NULL) { + if (dst_exists && file_find_di_first(file_id_sbuf(&sbuf1)) != NULL) { DEBUG(3, ("rename_internals_fsp: Target file open\n")); return NT_STATUS_ACCESS_DENIED; } @@ -4411,7 +4398,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin } } - status = can_rename(conn,fsp->fsp_name,attrs,&sbuf,True); + status = can_rename(conn, fsp, attrs, &sbuf); if (!NT_STATUS_IS_OK(status)) { DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n", @@ -4503,7 +4490,6 @@ NTSTATUS rename_internals(connection_struct *conn, int count=0; NTSTATUS status = NT_STATUS_OK; SMB_STRUCT_STAT sbuf1, sbuf2; - struct share_mode_lock *lck = NULL; struct smb_Dir *dir_hnd = NULL; const char *dname; long offset = 0; @@ -4558,6 +4544,8 @@ NTSTATUS rename_internals(connection_struct *conn, } if (!src_has_wild) { + files_struct *fsp; + /* * No wildcards - just process the one file. */ @@ -4584,12 +4572,6 @@ NTSTATUS rename_internals(connection_struct *conn, conn->short_case_preserve, directory, newname, last_component_dest, is_short_name)); - /* Ensure the source name is valid for us to access. */ - status = check_name(conn, directory); - if (!NT_STATUS_IS_OK(status)) { - return status; - } - /* The dest name still may have wildcards. */ if (dest_has_wild) { if (!resolve_wildcards(directory,newname)) { @@ -4599,109 +4581,34 @@ NTSTATUS rename_internals(connection_struct *conn, } } - /* - * Check for special case with case preserving and not - * case sensitive, if directory and newname are identical, - * and the old last component differs from the original - * last component only by case, then we should allow - * the rename (user is trying to change the case of the - * filename). - */ - if((conn->case_sensitive == False) && - (((conn->case_preserve == True) && - (is_short_name == False)) || - ((conn->short_case_preserve == True) && - (is_short_name == True))) && - strcsequal(directory, newname)) { - pstring modified_last_component; - - /* - * Get the last component of the modified name. - * Note that we guarantee that newname contains a '/' - * character above. - */ - p = strrchr_m(newname,'/'); - pstrcpy(modified_last_component,p+1); - - if(strcsequal(modified_last_component, - last_component_dest) == False) { - /* - * Replace the modified last component with - * the original. - */ - pstrcpy(p+1, last_component_dest); - } - } - - /* Ensure the dest name is valid for us to access. */ - status = check_name(conn, newname); - if (!NT_STATUS_IS_OK(status)) { - return status; - } - - /* - * The source object must exist, and it may not have a - * conflicting share mode. - */ - status = can_rename(conn,directory,attrs,&sbuf1,False); + ZERO_STRUCT(sbuf1); + SMB_VFS_STAT(conn, directory, &sbuf1); + + status = S_ISDIR(sbuf1.st_mode) ? + open_directory(conn, directory, &sbuf1, + DELETE_ACCESS, + FILE_SHARE_READ|FILE_SHARE_WRITE, + FILE_OPEN, 0, 0, NULL, + &fsp) + : open_file_ntcreate(conn, directory, &sbuf1, + DELETE_ACCESS, + FILE_SHARE_READ|FILE_SHARE_WRITE, + FILE_OPEN, 0, 0, 0, NULL, + &fsp); if (!NT_STATUS_IS_OK(status)) { - DEBUG(3,("rename_internals: Error %s rename %s -> " - "%s\n", nt_errstr(status), directory, - newname)); + DEBUG(3, ("Could not open rename source %s: %s\n", + directory, nt_errstr(status))); return status; } - /* - * If the src and dest names are identical - including case, - * don't do the rename, just return success. - */ - - if (strcsequal(directory, newname)) { - DEBUG(3, ("rename_internals: identical names in " - "rename %s - returning success\n", - directory)); - return NT_STATUS_OK; - } - - if(!replace_if_exists && vfs_object_exist(conn,newname,NULL)) { - DEBUG(3,("rename_internals: dest exists doing " - "rename %s -> %s\n", directory, newname)); - return NT_STATUS_OBJECT_NAME_COLLISION; - } - - if (rename_path_prefix_equal(directory, newname)) { - return NT_STATUS_SHARING_VIOLATION; - } - - lck = get_share_mode_lock(NULL, file_id_sbuf(&sbuf1), - NULL, NULL); + status = rename_internals_fsp(conn, fsp, newname, attrs, + replace_if_exists); - if(SMB_VFS_RENAME(conn,directory, newname) == 0) { - DEBUG(3,("rename_internals: succeeded doing rename " - "on %s -> %s\n", directory, newname)); - if (lck != NULL) { - /* - * Only in this case there are open files at - * all. - */ - rename_open_files(conn, lck, newname); - } - TALLOC_FREE(lck); - notify_rename(conn, S_ISDIR(sbuf1.st_mode), - directory, newname); - return NT_STATUS_OK; - } + close_file(fsp, NORMAL_CLOSE); - TALLOC_FREE(lck); - if (errno == ENOTDIR || errno == EISDIR) { - status = NT_STATUS_OBJECT_NAME_COLLISION; - } else { - status = map_nt_error_from_unix(errno); - } - - DEBUG(3,("rename_internals: Error %s rename %s -> %s\n", - nt_errstr(status), directory,newname)); + DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n", + nt_errstr(status), directory,newname)); return status; } @@ -4730,6 +4637,7 @@ NTSTATUS rename_internals(connection_struct *conn, */ while ((dname = ReadDirName(dir_hnd, &offset))) { + files_struct *fsp; pstring fname; BOOL sysdir_entry = False; @@ -4759,30 +4667,8 @@ NTSTATUS rename_internals(connection_struct *conn, break; } - status = NT_STATUS_ACCESS_DENIED; slprintf(fname, sizeof(fname)-1, "%s/%s", directory, dname); - /* Ensure the source name is valid for us to access. */ - status = check_name(conn, fname); - if (!NT_STATUS_IS_OK(status)) { - return status; - } - - /* - * can_rename does an open_file_ntcreate which needs a valid - * stat in case the file exists - */ - - ZERO_STRUCT(sbuf1); - SMB_VFS_STAT(conn, fname, &sbuf1); - - status = can_rename(conn,fname,attrs,&sbuf1,False); - - if (!NT_STATUS_IS_OK(status)) { - DEBUG(6, ("rename %s refused: %s\n", fname, - nt_errstr(status))); - continue; - } pstrcpy(destname,newname); if (!resolve_wildcards(fname,destname)) { @@ -4791,46 +4677,42 @@ NTSTATUS rename_internals(connection_struct *conn, continue; } - /* Ensure the dest name is valid for us to access. */ - status = check_name(conn, destname); + ZERO_STRUCT(sbuf1); + SMB_VFS_STAT(conn, fname, &sbuf1); + + status = S_ISDIR(sbuf1.st_mode) ? + open_directory(conn, fname, &sbuf1, + DELETE_ACCESS, + FILE_SHARE_READ|FILE_SHARE_WRITE, + FILE_OPEN, 0, 0, NULL, + &fsp) + : open_file_ntcreate(conn, fname, &sbuf1, + DELETE_ACCESS, + FILE_SHARE_READ|FILE_SHARE_WRITE, + FILE_OPEN, 0, 0, 0, NULL, + &fsp); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3,("rename_internals: open_file_ntcreate " + "returned %s rename %s -> %s\n", + nt_errstr(status), directory, newname)); return status; } - if (strcsequal(fname,destname)) { - DEBUG(3,("rename_internals: identical names " - "in wildcard rename %s - success\n", - fname)); - count++; - status = NT_STATUS_OK; - continue; - } + status = rename_internals_fsp(conn, fsp, destname, attrs, + replace_if_exists); - if (!replace_if_exists && vfs_file_exist(conn,destname, NULL)) { - DEBUG(6,("file_exist %s\n", destname)); - status = NT_STATUS_OBJECT_NAME_COLLISION; - continue; - } - - if (rename_path_prefix_equal(fname, destname)) { - return NT_STATUS_SHARING_VIOLATION; + close_file(fsp, NORMAL_CLOSE); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(3, ("rename_internals_fsp returned %s for " + "rename %s -> %s\n", nt_errstr(status), + directory, newname)); + return status; } - lck = get_share_mode_lock(NULL, file_id_sbuf(&sbuf1), NULL, - NULL); + count++; - if (!SMB_VFS_RENAME(conn,fname,destname)) { - if (lck != NULL) { - /* - * Only in this case there are open files at - * all. - */ - rename_open_files(conn, lck, newname); - } - count++; - status = NT_STATUS_OK; - } - TALLOC_FREE(lck); DEBUG(3,("rename_internals: doing rename on %s -> " "%s\n",fname,destname)); } -- cgit From 43e51b39892e1742a22c3fb61c4e8afc6a09edc0 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 16 Jun 2007 18:07:44 +0000 Subject: r23522: Save us a kilobyte stack space in a hot code path: I can't see a reason why check_path_syntax should not be able to run in-line. The destination pointer either walks side by side with the source pointer or is decremented. So as far as I can see s>=d is true throughout the whole routine. Jeremy, I'm checking this only into 3_0 for now. Please review and ack or directly merge this to 3_0_26. Thanks, Volker (This used to be commit 34a13c82a3b72d6900614b57c58fbaefeeca8fa7) --- source3/smbd/reply.c | 53 +++++++++++++++++++++++----------------------------- 1 file changed, 23 insertions(+), 30 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 72a3f5da8e..b826cc7bda 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -47,13 +47,12 @@ extern BOOL global_encrypted_passwords_negotiated; /* Custom version for processing POSIX paths. */ #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\')) -NTSTATUS check_path_syntax_internal(pstring destname, - const pstring srcname, - BOOL posix_path, - BOOL *p_last_component_contains_wcard) +static NTSTATUS check_path_syntax_internal(char *path, + BOOL posix_path, + BOOL *p_last_component_contains_wcard) { - char *d = destname; - const char *s = srcname; + char *d = path; + const char *s = path; NTSTATUS ret = NT_STATUS_OK; BOOL start_of_name_component = True; @@ -69,7 +68,7 @@ NTSTATUS check_path_syntax_internal(pstring destname, while (IS_PATH_SEP(*s,posix_path)) { s++; } - if ((d != destname) && (*s != '\0')) { + if ((d != path) && (*s != '\0')) { /* We only care about non-leading or trailing '/' or '\\' */ *d++ = '/'; } @@ -89,13 +88,13 @@ NTSTATUS check_path_syntax_internal(pstring destname, */ /* If we just added a '/' - delete it */ - if ((d > destname) && (*(d-1) == '/')) { + if ((d > path) && (*(d-1) == '/')) { *(d-1) = '\0'; d--; } /* Are we at the start ? Can't go back further if so. */ - if (d <= destname) { + if (d <= path) { ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD; break; } @@ -103,7 +102,7 @@ NTSTATUS check_path_syntax_internal(pstring destname, /* We know this is safe as '/' cannot be part of a mb sequence. */ /* NOTE - if this assumption is invalid we are not in good shape... */ /* Decrement d first as d points to the *next* char to write into. */ - for (d--; d > destname; d--) { + for (d--; d > path; d--) { if (*d == '/') break; } @@ -177,10 +176,10 @@ NTSTATUS check_path_syntax_internal(pstring destname, No wildcards allowed. ****************************************************************************/ -NTSTATUS check_path_syntax(pstring destname, const pstring srcname) +NTSTATUS check_path_syntax(char *path) { BOOL ignore; - return check_path_syntax_internal(destname, srcname, False, &ignore); + return check_path_syntax_internal(path, False, &ignore); } /**************************************************************************** @@ -189,9 +188,9 @@ NTSTATUS check_path_syntax(pstring destname, const pstring srcname) a wildcard. ****************************************************************************/ -NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL *p_contains_wcard) +NTSTATUS check_path_syntax_wcard(char *path, BOOL *p_contains_wcard) { - return check_path_syntax_internal(destname, srcname, False, p_contains_wcard); + return check_path_syntax_internal(path, False, p_contains_wcard); } /**************************************************************************** @@ -200,10 +199,10 @@ NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL * set (a safe assumption). ****************************************************************************/ -NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname) +NTSTATUS check_path_syntax_posix(char *name) { BOOL ignore; - return check_path_syntax_internal(destname, srcname, True, &ignore); + return check_path_syntax_internal(path, True, &ignore); } /**************************************************************************** @@ -213,17 +212,15 @@ NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname) size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err, BOOL *contains_wcard) { - pstring tmppath; - char *tmppath_ptr = tmppath; size_t ret; #ifdef DEVELOPER SMB_ASSERT(dest_len == sizeof(pstring)); #endif if (src_len == 0) { - ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags); + ret = srvstr_pull_buf( inbuf, dest, src, dest_len, flags); } else { - ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags); + ret = srvstr_pull( inbuf, dest, src, dest_len, src_len, flags); } *contains_wcard = False; @@ -233,15 +230,14 @@ size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t de * For a DFS path the function parse_dfs_path() * will do the path processing, just make a copy. */ - pstrcpy(dest, tmppath); *err = NT_STATUS_OK; return ret; } if (lp_posix_pathnames()) { - *err = check_path_syntax_posix(dest, tmppath); + *err = check_path_syntax_posix(dest); } else { - *err = check_path_syntax_wcard(dest, tmppath, contains_wcard); + *err = check_path_syntax_wcard(dest, contains_wcard); } return ret; @@ -253,17 +249,15 @@ size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t de size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err) { - pstring tmppath; - char *tmppath_ptr = tmppath; size_t ret; #ifdef DEVELOPER SMB_ASSERT(dest_len == sizeof(pstring)); #endif if (src_len == 0) { - ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags); + ret = srvstr_pull_buf( inbuf, dest, src, dest_len, flags); } else { - ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags); + ret = srvstr_pull( inbuf, dest, src, dest_len, src_len, flags); } if (SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES) { @@ -271,15 +265,14 @@ size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len * For a DFS path the function parse_dfs_path() * will do the path processing, just make a copy. */ - pstrcpy(dest, tmppath); *err = NT_STATUS_OK; return ret; } if (lp_posix_pathnames()) { - *err = check_path_syntax_posix(dest, tmppath); + *err = check_path_syntax_posix(dest); } else { - *err = check_path_syntax(dest, tmppath); + *err = check_path_syntax(dest); } return ret; -- cgit From c1a2e8f6da82b80a9d47bef633c17a8591c0cb3d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 16 Jun 2007 18:19:42 +0000 Subject: r23523: Gaa -- had renamed "name" to "path" and apparently not compiled after that.... Volker (This used to be commit 1a45ea28ced3775acd6127e05e844873ed23d40b) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b826cc7bda..e2b7084f11 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -199,7 +199,7 @@ NTSTATUS check_path_syntax_wcard(char *path, BOOL *p_contains_wcard) set (a safe assumption). ****************************************************************************/ -NTSTATUS check_path_syntax_posix(char *name) +NTSTATUS check_path_syntax_posix(char *path) { BOOL ignore; return check_path_syntax_internal(path, True, &ignore); -- cgit From 8908bd64eab93e763d8b943732bc19ed9d276eb2 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 18 Jun 2007 12:22:42 +0000 Subject: r23538: Fix for wild-card rename: We can't return directly on error, we need to CloseDir. (This used to be commit 48cdafc10a0eb615d79057ec9e235ffe9a85e016) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e2b7084f11..41665e1676 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4689,7 +4689,7 @@ NTSTATUS rename_internals(connection_struct *conn, DEBUG(3,("rename_internals: open_file_ntcreate " "returned %s rename %s -> %s\n", nt_errstr(status), directory, newname)); - return status; + break; } status = rename_internals_fsp(conn, fsp, destname, attrs, @@ -4701,7 +4701,7 @@ NTSTATUS rename_internals(connection_struct *conn, DEBUG(3, ("rename_internals_fsp returned %s for " "rename %s -> %s\n", nt_errstr(status), directory, newname)); - return status; + break; } count++; -- cgit From 0bc56a2e5ffd0e65e4770e10c80d9fec02950b36 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 5 Jul 2007 16:26:27 +0000 Subject: r23724: Reduce access to the global inbuf a tiny bit. Add a struct smb_request that contains some of the fields from the SMB header, removing the need to access inbuf directly. This right now is used only in the open file code & friends, and creating that header is only done when needed. This needs more work, but it is a start. Jeremy, I'm only checking this into 3_0, please review before I merge it to _26. Volker (This used to be commit ca988f4e79e977160d82e86486972afd15d4acf5) --- source3/smbd/reply.c | 64 ++++++++++++++++++++++++++++++++++------------------ 1 file changed, 42 insertions(+), 22 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 41665e1676..76265ed464 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1263,7 +1263,11 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, uint32 create_disposition; uint32 create_options = 0; NTSTATUS status; + struct smb_request req; + START_PROFILE(SMBopen); + + init_smb_request(&req, (uint8 *)inbuf); deny_mode = SVAL(inbuf,smb_vwv0); @@ -1300,7 +1304,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess)); } - status = open_file_ntcreate(conn,fname,&sbuf, + status = open_file_ntcreate(conn, &req, fname, &sbuf, access_mask, share_mode, create_disposition, @@ -1383,9 +1387,12 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt uint32 share_mode; uint32 create_disposition; uint32 create_options = 0; + struct smb_request req; START_PROFILE(SMBopenX); + init_smb_request(&req, (uint8 *)inbuf); + /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { if (lp_nt_pipe_support()) { @@ -1434,7 +1441,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess)); } - status = open_file_ntcreate(conn,fname,&sbuf, + status = open_file_ntcreate(conn, &req, fname, &sbuf, access_mask, share_mode, create_disposition, @@ -1576,8 +1583,11 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE; uint32 create_disposition; uint32 create_options = 0; + struct smb_request req; START_PROFILE(SMBcreate); + + init_smb_request(&req, (uint8 *)inbuf); com = SVAL(inbuf,smb_com); @@ -1623,7 +1633,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } /* Open file using ntcreate. */ - status = open_file_ntcreate(conn,fname,&sbuf, + status = open_file_ntcreate(conn, &req, fname, &sbuf, access_mask, share_mode, create_disposition, @@ -1678,9 +1688,12 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, char *p, *s; NTSTATUS status; unsigned int namelen; + struct smb_request req; START_PROFILE(SMBctemp); + init_smb_request(&req, (uint8 *)inbuf); + srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBctemp); @@ -1722,7 +1735,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, SMB_VFS_STAT(conn,fname,&sbuf); /* We should fail if file does not exist. */ - status = open_file_ntcreate(conn,fname,&sbuf, + status = open_file_ntcreate(conn, &req, fname, &sbuf, FILE_GENERIC_READ | FILE_GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, @@ -1813,8 +1826,8 @@ static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp, * unlink a file with all relevant access checks *******************************************************************/ -static NTSTATUS do_unlink(connection_struct *conn, char *fname, - uint32 dirtype, BOOL can_defer) +static NTSTATUS do_unlink(connection_struct *conn, struct smb_request *req, + char *fname, uint32 dirtype) { SMB_STRUCT_STAT sbuf; uint32 fattr; @@ -1906,13 +1919,13 @@ static NTSTATUS do_unlink(connection_struct *conn, char *fname, /* On open checks the open itself will check the share mode, so don't do it here as we'll get it wrong. */ - status = open_file_ntcreate(conn, fname, &sbuf, + status = open_file_ntcreate(conn, req, fname, &sbuf, DELETE_ACCESS, FILE_SHARE_NONE, FILE_OPEN, 0, FILE_ATTRIBUTE_NORMAL, - can_defer ? 0 : INTERNAL_OPEN_ONLY, + req != NULL ? 0 : INTERNAL_OPEN_ONLY, NULL, &fsp); if (!NT_STATUS_IS_OK(status)) { @@ -1935,8 +1948,8 @@ static NTSTATUS do_unlink(connection_struct *conn, char *fname, code. ****************************************************************************/ -NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, - char *name, BOOL has_wild, BOOL can_defer) +NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, + uint32 dirtype, char *name, BOOL has_wild) { pstring directory; pstring mask; @@ -1986,7 +1999,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, return status; } - status = do_unlink(conn,directory,dirtype,can_defer); + status = do_unlink(conn, req, directory, dirtype); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -2050,7 +2063,7 @@ NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, return status; } - status = do_unlink(conn, fname, dirtype, can_defer); + status = do_unlink(conn, req, fname, dirtype); if (!NT_STATUS_IS_OK(status)) { continue; } @@ -2081,9 +2094,12 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size uint32 dirtype; NTSTATUS status; BOOL path_contains_wcard = False; + struct smb_request req; START_PROFILE(SMBunlink); + init_smb_request(&req, (uint8 *)inbuf); + dirtype = SVAL(inbuf,smb_vwv0); srvstr_get_path_wcard(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard); @@ -2103,8 +2119,8 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(3,("reply_unlink : %s\n",name)); - status = unlink_internals(conn, dirtype, name, path_contains_wcard, - True); + status = unlink_internals(conn, &req, dirtype, name, + path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ @@ -4467,7 +4483,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin code. ****************************************************************************/ -NTSTATUS rename_internals(connection_struct *conn, +NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, pstring name, pstring newname, uint32 attrs, @@ -4578,12 +4594,12 @@ NTSTATUS rename_internals(connection_struct *conn, SMB_VFS_STAT(conn, directory, &sbuf1); status = S_ISDIR(sbuf1.st_mode) ? - open_directory(conn, directory, &sbuf1, + open_directory(conn, req, directory, &sbuf1, DELETE_ACCESS, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, 0, NULL, &fsp) - : open_file_ntcreate(conn, directory, &sbuf1, + : open_file_ntcreate(conn, req, directory, &sbuf1, DELETE_ACCESS, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, 0, 0, NULL, @@ -4674,12 +4690,12 @@ NTSTATUS rename_internals(connection_struct *conn, SMB_VFS_STAT(conn, fname, &sbuf1); status = S_ISDIR(sbuf1.st_mode) ? - open_directory(conn, fname, &sbuf1, + open_directory(conn, req, fname, &sbuf1, DELETE_ACCESS, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, 0, NULL, &fsp) - : open_file_ntcreate(conn, fname, &sbuf1, + : open_file_ntcreate(conn, req, fname, &sbuf1, DELETE_ACCESS, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, 0, 0, NULL, @@ -4733,9 +4749,12 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, NTSTATUS status; BOOL src_has_wcard = False; BOOL dest_has_wcard = False; + struct smb_request req; START_PROFILE(SMBmv); + init_smb_request(&req, (uint8 *)inbuf); + p = smb_buf(inbuf) + 1; p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &src_has_wcard); if (!NT_STATUS_IS_OK(status)) { @@ -4769,7 +4788,8 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - status = rename_internals(conn, name, newname, attrs, False, src_has_wcard, dest_has_wcard); + status = rename_internals(conn, &req, name, newname, attrs, False, + src_has_wcard, dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); if (open_was_deferred(SVAL(inbuf,smb_mid))) { @@ -4833,7 +4853,7 @@ NTSTATUS copy_file(connection_struct *conn, } } - status = open_file_ntcreate(conn,src,&src_sbuf, + status = open_file_ntcreate(conn, NULL, src, &src_sbuf, FILE_GENERIC_READ, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, @@ -4851,7 +4871,7 @@ NTSTATUS copy_file(connection_struct *conn, ZERO_STRUCTP(&sbuf2); } - status = open_file_ntcreate(conn,dest,&sbuf2, + status = open_file_ntcreate(conn, NULL, dest, &sbuf2, FILE_GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE, new_create_disposition, -- cgit From fcda5b589633b96415890c569bf23e3e284e0916 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 5 Jul 2007 16:33:37 +0000 Subject: r23726: Explicitly pass down the FLAGS2 field to srvstr_pull_buf. The next checkin will pull this up to srvstr_get_path. At that point we can get more independent of the inbuf, the base_ptr in pull_string will only be used to satisfy UCS2 alignment constraints. (This used to be commit 836782b07bf133e9b2598c4a089f1c810e4c7754) --- source3/smbd/reply.c | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 76265ed464..ac06f2fd6d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -218,9 +218,11 @@ size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t de #endif if (src_len == 0) { - ret = srvstr_pull_buf( inbuf, dest, src, dest_len, flags); + ret = srvstr_pull_buf(inbuf, SVAL(inbuf, smb_flg2), dest, src, + dest_len, flags); } else { - ret = srvstr_pull( inbuf, dest, src, dest_len, src_len, flags); + ret = srvstr_pull(inbuf, SVAL(inbuf, smb_flg2), dest, src, + dest_len, src_len, flags); } *contains_wcard = False; @@ -255,9 +257,11 @@ size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len #endif if (src_len == 0) { - ret = srvstr_pull_buf( inbuf, dest, src, dest_len, flags); + ret = srvstr_pull_buf(inbuf, SVAL(inbuf, smb_flg2), dest, src, + dest_len, flags); } else { - ret = srvstr_pull( inbuf, dest, src, dest_len, src_len, flags); + ret = srvstr_pull(inbuf, SVAL(inbuf, smb_flg2), dest, src, + dest_len, src_len, flags); } if (SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES) { @@ -391,10 +395,13 @@ int reply_tcon(connection_struct *conn, *service_buf = *password = *dev = 0; p = smb_buf(inbuf)+1; - p += srvstr_pull_buf(inbuf, service_buf, p, sizeof(service_buf), STR_TERMINATE) + 1; - pwlen = srvstr_pull_buf(inbuf, password, p, sizeof(password), STR_TERMINATE) + 1; + p += srvstr_pull_buf(inbuf, SVAL(inbuf, smb_flg2), service_buf, p, + sizeof(service_buf), STR_TERMINATE) + 1; + pwlen = srvstr_pull_buf(inbuf, SVAL(inbuf, smb_flg2), password, p, + sizeof(password), STR_TERMINATE) + 1; p += pwlen; - p += srvstr_pull_buf(inbuf, dev, p, sizeof(dev), STR_TERMINATE) + 1; + p += srvstr_pull_buf(inbuf, SVAL(inbuf, smb_flg2), dev, p, sizeof(dev), + STR_TERMINATE) + 1; p = strrchr_m(service_buf,'\\'); if (p) { @@ -478,7 +485,8 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt p = smb_buf(inbuf) + passlen + 1; } - p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE); + p += srvstr_pull_buf(inbuf, SVAL(inbuf, smb_flg2), path, p, + sizeof(path), STR_TERMINATE); /* * the service name can be either: \\server\share @@ -495,7 +503,8 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt else fstrcpy(service,path); - p += srvstr_pull(inbuf, client_devicetype, p, sizeof(client_devicetype), 6, STR_ASCII); + p += srvstr_pull(inbuf, SVAL(inbuf, smb_flg2), client_devicetype, p, + sizeof(client_devicetype), 6, STR_ASCII); DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service)); -- cgit From 8724dfe55155eef0fb612e547ecf0ebaee89adf4 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 5 Jul 2007 16:36:15 +0000 Subject: r23727: Explicitly pass down FLAGS2 to srvstr_get_path. Next step is to remove the bug that in the trans2 code we use the inbuf as the base pointer to decide whether we need ucs2 alignment where we need to use the beginning of the params buffer Jeremy, last one for today to reviw :-) (This used to be commit 18078b9faa3820fb34604063c9079c1ebe3ad47f) --- source3/smbd/reply.c | 80 ++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 55 insertions(+), 25 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ac06f2fd6d..e0442c143a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -209,8 +209,9 @@ NTSTATUS check_path_syntax_posix(char *path) Pull a string and check the path allowing a wilcard - provide for error return. ****************************************************************************/ -size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, - NTSTATUS *err, BOOL *contains_wcard) +size_t srvstr_get_path_wcard(char *inbuf, uint16 smb_flags2, char *dest, + const char *src, size_t dest_len, size_t src_len, + int flags, NTSTATUS *err, BOOL *contains_wcard) { size_t ret; #ifdef DEVELOPER @@ -218,10 +219,10 @@ size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t de #endif if (src_len == 0) { - ret = srvstr_pull_buf(inbuf, SVAL(inbuf, smb_flg2), dest, src, + ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src, dest_len, flags); } else { - ret = srvstr_pull(inbuf, SVAL(inbuf, smb_flg2), dest, src, + ret = srvstr_pull(inbuf, smb_flags2, dest, src, dest_len, src_len, flags); } @@ -249,7 +250,9 @@ size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t de Pull a string and check the path - provide for error return. ****************************************************************************/ -size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err) +size_t srvstr_get_path(char *inbuf, uint16 smb_flags2, char *dest, + const char *src, size_t dest_len, size_t src_len, + int flags, NTSTATUS *err) { size_t ret; #ifdef DEVELOPER @@ -257,14 +260,14 @@ size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len #endif if (src_len == 0) { - ret = srvstr_pull_buf(inbuf, SVAL(inbuf, smb_flg2), dest, src, + ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src, dest_len, flags); } else { - ret = srvstr_pull(inbuf, SVAL(inbuf, smb_flg2), dest, src, + ret = srvstr_pull(inbuf, smb_flags2, dest, src, dest_len, src_len, flags); } - if (SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES) { + if (smb_flags2 & FLAGS2_DFS_PATHNAMES) { /* * For a DFS path the function parse_dfs_path() * will do the path processing, just make a copy. @@ -681,7 +684,8 @@ int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_s START_PROFILE(SMBcheckpath); - srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), name, smb_buf(inbuf) + 1, + sizeof(name), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcheckpath); status = map_checkpath_error(inbuf, status); @@ -768,7 +772,8 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBgetatr); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status); + p += srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, p, + sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBgetatr); return ERROR_NT(status); @@ -854,7 +859,8 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBsetatr); p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status); + p += srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, p, + sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBsetatr); return ERROR_NT(status); @@ -1016,7 +1022,9 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size maxentries = SVAL(inbuf,smb_vwv0); dirtype = SVAL(inbuf,smb_vwv1); p = smb_buf(inbuf) + 1; - p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &nt_status, &mask_contains_wcard); + p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), path, p, + sizeof(path), 0, STR_TERMINATE, &nt_status, + &mask_contains_wcard); if (!NT_STATUS_IS_OK(nt_status)) { END_PROFILE(SMBsearch); return ERROR_NT(nt_status); @@ -1221,7 +1229,9 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size outsize = set_message(inbuf,outbuf,1,0,True); p = smb_buf(inbuf) + 1; - p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, &path_contains_wcard); + p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), path, p, + sizeof(path), 0, STR_TERMINATE, &err, + &path_contains_wcard); if (!NT_STATUS_IS_OK(err)) { END_PROFILE(SMBfclose); return ERROR_NT(err); @@ -1280,7 +1290,8 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, deny_mode = SVAL(inbuf,smb_vwv0); - srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1, + sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopen); return ERROR_NT(status); @@ -1414,7 +1425,8 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } /* XXXX we need to handle passed times, sattr and flags */ - srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf), + sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); return ERROR_NT(status); @@ -1602,7 +1614,8 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, ts[1] = convert_time_t_to_timespec(srv_make_unix_date3(inbuf + smb_vwv1)); /* mtime. */ - srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf) + 1, + sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); return ERROR_NT(status); @@ -1703,7 +1716,8 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, init_smb_request(&req, (uint8 *)inbuf); - srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1, + sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBctemp); return ERROR_NT(status); @@ -2111,7 +2125,9 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size dirtype = SVAL(inbuf,smb_vwv0); - srvstr_get_path_wcard(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard); + srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, + smb_buf(inbuf) + 1, sizeof(name), 0, + STR_TERMINATE, &status, &path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBunlink); return ERROR_NT(status); @@ -3834,7 +3850,9 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBmkdir); - srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), directory, + smb_buf(inbuf) + 1, sizeof(directory), 0, + STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmkdir); return ERROR_NT(status); @@ -4075,7 +4093,9 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, NTSTATUS status; START_PROFILE(SMBrmdir); - srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), directory, + smb_buf(inbuf) + 1, sizeof(directory), 0, + STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBrmdir); return ERROR_NT(status); @@ -4765,13 +4785,17 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, init_smb_request(&req, (uint8 *)inbuf); p = smb_buf(inbuf) + 1; - p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &src_has_wcard); + p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, p, + sizeof(name), 0, STR_TERMINATE, &status, + &src_has_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); } p++; - p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &dest_has_wcard); + p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), newname, p, + sizeof(newname), 0, STR_TERMINATE, &status, + &dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBmv); return ERROR_NT(status); @@ -4960,12 +4984,16 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, *directory = *mask = 0; p = smb_buf(inbuf); - p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &source_has_wild); + p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, p, + sizeof(name), 0, STR_TERMINATE, &status, + &source_has_wild); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); return ERROR_NT(status); } - p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &dest_has_wild); + p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), newname, p, + sizeof(newname), 0, STR_TERMINATE, &status, + &dest_has_wild); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcopy); return ERROR_NT(status); @@ -5181,7 +5209,9 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_DOS(ERRDOS,ERRnoaccess); } - srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, &status); + srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), newdir, + smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, + &status); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(pathworks_setdir); return ERROR_NT(status); -- cgit From 6821e39e4b64301af96f74d7afd9abccca4bc2e2 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 6 Jul 2007 16:39:58 +0000 Subject: r23731: Forgot one reference to inbuf (This used to be commit b02115f2ca6aca8655a4ebd1bd0adaa1e50578ce) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e0442c143a..6e41de4ec9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -228,7 +228,7 @@ size_t srvstr_get_path_wcard(char *inbuf, uint16 smb_flags2, char *dest, *contains_wcard = False; - if (SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES) { + if (smb_flags2 & FLAGS2_DFS_PATHNAMES) { /* * For a DFS path the function parse_dfs_path() * will do the path processing, just make a copy. -- cgit From 59590a1c4dc9bebc0e3a4ff6b0db9beb6ea81fef Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Jul 2007 00:48:07 +0000 Subject: r23752: Fix bug introduced by checkin 22920, allow large readX. Fix from Dmitry Shatrov . "In send_file_readX(), if startpos > sbuf.st_size, then smb_maxcnt is set to an invalid large value due to integer overflow. As for me, this resulted in MS Word hanging while trying to save a 1.5Mb document." This isn't in shipping code. Jeremy. (This used to be commit af715c602a8ef6038e6272c7cc6a08501617ae67) --- source3/smbd/reply.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6e41de4ec9..b17fa1949b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2590,9 +2590,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length if (startpos > sbuf.st_size) { smb_maxcnt = 0; - } - - if (smb_maxcnt > (sbuf.st_size - startpos)) { + } else if (smb_maxcnt > (sbuf.st_size - startpos)) { smb_maxcnt = (sbuf.st_size - startpos); } -- cgit From d824b98f80ba186030cbb70b3a1e5daf80469ecd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Jul 2007 19:25:36 +0000 Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b17fa1949b..73fe08f589 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -7,7 +7,7 @@ This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or + the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, -- cgit From 5e54558c6dea67b56bbfaba5698f3a434d3dffb6 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 00:52:41 +0000 Subject: r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text (This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07) --- source3/smbd/reply.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 73fe08f589..9a2dc19fa1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -16,8 +16,7 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + along with this program. If not, see . */ /* This file handles most of the reply_ calls that the server -- cgit From e8dc2ea03d212bc4b4facc2a900f6a443365c390 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 13 Jul 2007 01:22:09 +0000 Subject: r23858: Added srvstr_pull_buf_talloc() and srvstr_pull_talloc() calls and converted reply_tcon and reply_tconX to use them - to show the boilerplate usage (valgrind tested). In conjunction with Volker's srvstr_get_path_talloc() work this should allow us to start eliminating all pstrings/fstrings out of the main path processing code. I'll watch the build farm tonight... Jeremy. (This used to be commit b4eff3f68089f082781afcf90d43faa317949566) --- source3/smbd/reply.c | 115 ++++++++++++++++++++++++++++++++------------------- 1 file changed, 73 insertions(+), 42 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9a2dc19fa1..8b6a164a66 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -381,30 +381,40 @@ int reply_special(char *inbuf,char *outbuf) int reply_tcon(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { + TALLOC_CTX *ctx; const char *service; - pstring service_buf; - pstring password; - pstring dev; + char *service_buf = NULL; + char *password = NULL; + char *dev = NULL; int outsize = 0; uint16 vuid = SVAL(inbuf,smb_uid); int pwlen=0; NTSTATUS nt_status; char *p; DATA_BLOB password_blob; - + START_PROFILE(SMBtcon); - *service_buf = *password = *dev = 0; + ctx = talloc_init("reply_tcon"); + if (!ctx) { + END_PROFILE(SMBtcon); + return ERROR_NT(NT_STATUS_NO_MEMORY); + } p = smb_buf(inbuf)+1; - p += srvstr_pull_buf(inbuf, SVAL(inbuf, smb_flg2), service_buf, p, - sizeof(service_buf), STR_TERMINATE) + 1; - pwlen = srvstr_pull_buf(inbuf, SVAL(inbuf, smb_flg2), password, p, - sizeof(password), STR_TERMINATE) + 1; + p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2), + &service_buf, p, STR_TERMINATE) + 1; + pwlen = srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2), + &password, p, STR_TERMINATE) + 1; p += pwlen; - p += srvstr_pull_buf(inbuf, SVAL(inbuf, smb_flg2), dev, p, sizeof(dev), - STR_TERMINATE) + 1; + p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2), + &dev, p, STR_TERMINATE) + 1; + if (service_buf == NULL || password == NULL || dev == NULL) { + TALLOC_FREE(ctx); + END_PROFILE(SMBtcon); + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + } p = strrchr_m(service_buf,'\\'); if (p) { service = p+1; @@ -417,21 +427,23 @@ int reply_tcon(connection_struct *conn, conn = make_connection(service,password_blob,dev,vuid,&nt_status); data_blob_clear_free(&password_blob); - + if (!conn) { + TALLOC_FREE(ctx); END_PROFILE(SMBtcon); return ERROR_NT(nt_status); } - + outsize = set_message(inbuf,outbuf,2,0,True); SSVAL(outbuf,smb_vwv0,max_recv); SSVAL(outbuf,smb_vwv1,conn->cnum); SSVAL(outbuf,smb_tid,conn->cnum); - + DEBUG(3,("tcon service=%s cnum=%d\n", service, conn->cnum)); - + END_PROFILE(SMBtcon); + TALLOC_FREE(ctx); return(outsize); } @@ -442,23 +454,22 @@ int reply_tcon(connection_struct *conn, int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - fstring service; + char *service = NULL; DATA_BLOB password; + TALLOC_CTX *ctx = NULL; /* what the cleint thinks the device is */ - fstring client_devicetype; + char *client_devicetype = NULL; /* what the server tells the client the share represents */ const char *server_devicetype; NTSTATUS nt_status; uint16 vuid = SVAL(inbuf,smb_uid); int passlen = SVAL(inbuf,smb_vwv3); - pstring path; + char *path = NULL; char *p, *q; uint16 tcon_flags = SVAL(inbuf,smb_vwv2); - - START_PROFILE(SMBtconX); - *service = *client_devicetype = 0; + START_PROFILE(SMBtconX); /* we might have to close an old one */ if ((SVAL(inbuf,smb_vwv2) & 0x1) && conn) { @@ -468,7 +479,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (passlen > MAX_PASS_LEN) { return ERROR_DOS(ERRDOS,ERRbuftoosmall); } - + if (global_encrypted_passwords_negotiated) { password = data_blob(smb_buf(inbuf),passlen); if (lp_security() == SEC_SHARE) { @@ -487,34 +498,53 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt p = smb_buf(inbuf) + passlen + 1; } - p += srvstr_pull_buf(inbuf, SVAL(inbuf, smb_flg2), path, p, - sizeof(path), STR_TERMINATE); + ctx = talloc_init("reply_tcon_and_X"); + if (!ctx) { + END_PROFILE(SMBtconX); + return ERROR_NT(NT_STATUS_NO_MEMORY); + } + p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2), &path, p, + STR_TERMINATE); + + if (path == NULL) { + TALLOC_FREE(ctx); + END_PROFILE(SMBtconX); + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + } /* * the service name can be either: \\server\share * or share directly like on the DELL PowerVault 705 */ - if (*path=='\\') { + if (*path=='\\') { q = strchr_m(path+2,'\\'); if (!q) { + TALLOC_FREE(ctx); END_PROFILE(SMBtconX); return(ERROR_DOS(ERRDOS,ERRnosuchshare)); } - fstrcpy(service,q+1); + service = q+1; + } else { + service = path; + } + + p += srvstr_pull_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2), &client_devicetype, p, + 6, STR_ASCII); + + if (client_devicetype == NULL) { + TALLOC_FREE(ctx); + END_PROFILE(SMBtconX); + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } - else - fstrcpy(service,path); - - p += srvstr_pull(inbuf, SVAL(inbuf, smb_flg2), client_devicetype, p, - sizeof(client_devicetype), 6, STR_ASCII); DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service)); conn = make_connection(service,password,client_devicetype,vuid,&nt_status); - + data_blob_clear_free(&password); if (!conn) { + TALLOC_FREE(ctx); END_PROFILE(SMBtconX); return ERROR_NT(nt_status); } @@ -523,19 +553,19 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt server_devicetype = "IPC"; else if ( IS_PRINT(conn) ) server_devicetype = "LPT1:"; - else + else server_devicetype = "A:"; if (Protocol < PROTOCOL_NT1) { set_message(inbuf,outbuf,2,0,True); p = smb_buf(outbuf); - p += srvstr_push(outbuf, p, server_devicetype, -1, + p += srvstr_push(outbuf, p, server_devicetype, -1, STR_TERMINATE|STR_ASCII); set_message_end(inbuf,outbuf,p); } else { /* NT sets the fstype of IPC$ to the null string */ const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); - + if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) { /* Return permissions. */ uint32 perm1 = 0; @@ -559,29 +589,30 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } p = smb_buf(outbuf); - p += srvstr_push(outbuf, p, server_devicetype, -1, + p += srvstr_push(outbuf, p, server_devicetype, -1, STR_TERMINATE|STR_ASCII); - p += srvstr_push(outbuf, p, fstype, -1, + p += srvstr_push(outbuf, p, fstype, -1, STR_TERMINATE); - + set_message_end(inbuf,outbuf,p); - + /* what does setting this bit do? It is set by NT4 and may affect the ability to autorun mounted cdroms */ SSVAL(outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS| (lp_csc_policy(SNUM(conn)) << 2)); - + init_dfsroot(conn, inbuf, outbuf); } - + DEBUG(3,("tconX service=%s \n", service)); - + /* set the incoming and outgoing tid to the just created one */ SSVAL(inbuf,smb_tid,conn->cnum); SSVAL(outbuf,smb_tid,conn->cnum); + TALLOC_FREE(ctx); END_PROFILE(SMBtconX); return chain_reply(inbuf,outbuf,length,bufsize); } -- cgit From b4366f6c37457d082478e72f05040eb13df94b64 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 16 Jul 2007 18:17:19 +0000 Subject: r23902: Fix uninitialized read in devicetype noticed by Volker. Jeremy (This used to be commit 98c23939731654440d2f008e44e11371eaddf014) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8b6a164a66..2421e2ffd9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -529,7 +529,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } p += srvstr_pull_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2), &client_devicetype, p, - 6, STR_ASCII); + MIN(6,smb_bufrem(inbuf, p)), STR_ASCII); if (client_devicetype == NULL) { TALLOC_FREE(ctx); -- cgit From f798837c23415653fc83cddeab3285b6f1563526 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 16 Jul 2007 21:17:26 +0000 Subject: r23904: Remove an unused variable reference (This used to be commit 7f4ceb1bf0c7aad50d93bb963c49dbc405e9524a) --- source3/smbd/reply.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2421e2ffd9..d6b0dcab2e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -27,7 +27,6 @@ /* look in server.c for some explanation of these variables */ extern enum protocol_types Protocol; -extern int max_send; extern int max_recv; unsigned int smb_echo_count = 0; extern uint32 global_client_caps; -- cgit From 5e3e15f754a9bc6412f6172d454f815e5b71307b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 17 Jul 2007 02:06:38 +0000 Subject: r23909: Get closer to passing the cthon tests for delete open file. It matters how the target is open. Jeremy. (This used to be commit 0989877fd191f7c9e195dc6e45dda5fd026f09dd) --- source3/smbd/reply.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d6b0dcab2e..e3ae0ef7f6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4447,9 +4447,12 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin return NT_STATUS_OBJECT_NAME_COLLISION; } - if (dst_exists && file_find_di_first(file_id_sbuf(&sbuf1)) != NULL) { - DEBUG(3, ("rename_internals_fsp: Target file open\n")); - return NT_STATUS_ACCESS_DENIED; + if (dst_exists) { + files_struct *dst_fsp = file_find_di_first(file_id_sbuf(&sbuf1)); + if (dst_fsp && !(dst_fsp->share_access & FILE_SHARE_DELETE)) { + DEBUG(3, ("rename_internals_fsp: Target file open\n")); + return NT_STATUS_ACCESS_DENIED; + } } /* Ensure we have a valid stat struct for the source. */ -- cgit From cfb7c04696f0ac4306a6e1847212fed44f6b2cd5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 17 Jul 2007 02:17:23 +0000 Subject: r23910: We used to deny renames on the source open for non-delete open. Turns out this is not the case. VL please test but this matches Windows behaviour. (I'll add a torture test tomorrow). Jeremy. (This used to be commit 03e3d587468ce66044814a8a58308b2fe9ab5499) --- source3/smbd/reply.c | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e3ae0ef7f6..2135299df0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1863,6 +1863,12 @@ static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp, return NT_STATUS_NO_SUCH_FILE; } +#if 0 + /* We used to deny renames on the + * source open for non-delete open. + * Turns out this is not the case. + * VL please test but this matches + * Windows behaviour. JRA. */ if (S_ISDIR(pst->st_mode)) { return NT_STATUS_OK; } @@ -1872,6 +1878,9 @@ static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp, } return NT_STATUS_ACCESS_DENIED; +#else + return NT_STATUS_OK; +#endif } /******************************************************************* -- cgit From 02730aa86cf187cfcdcb71b07197e0071afd60cd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 17 Jul 2007 04:47:36 +0000 Subject: r23911: Revert r23910 to try and fix the build farm. I need to look at this more closely tomorrow. Stevef's cthon tests definately show we're not matching Windows behaviour (as his tests pass against Windows but not SAMBA_3_2) but this isn't the fix. Jeremy. (This used to be commit 90bbc077e15de0493dccda50be9bcdf6e2649137) --- source3/smbd/reply.c | 9 --------- 1 file changed, 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2135299df0..e3ae0ef7f6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1863,12 +1863,6 @@ static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp, return NT_STATUS_NO_SUCH_FILE; } -#if 0 - /* We used to deny renames on the - * source open for non-delete open. - * Turns out this is not the case. - * VL please test but this matches - * Windows behaviour. JRA. */ if (S_ISDIR(pst->st_mode)) { return NT_STATUS_OK; } @@ -1878,9 +1872,6 @@ static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp, } return NT_STATUS_ACCESS_DENIED; -#else - return NT_STATUS_OK; -#endif } /******************************************************************* -- cgit From 1ffa14ff923ab5790e55bcedee9f10203cf8dfad Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 17 Jul 2007 05:55:10 +0000 Subject: r23913: Revert back to Volker's original logic to fix the RAW-SFILEINFO-RENAME until I can figure out what is different from the way CIFSFS drives this in the cthon tests and the way smbtorture drives it. Jeremy. (This used to be commit 99f72dd9af82921de4827b9b9d90d75127332295) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e3ae0ef7f6..0062ca18da 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4449,7 +4449,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin if (dst_exists) { files_struct *dst_fsp = file_find_di_first(file_id_sbuf(&sbuf1)); - if (dst_fsp && !(dst_fsp->share_access & FILE_SHARE_DELETE)) { + if (dst_fsp) { DEBUG(3, ("rename_internals_fsp: Target file open\n")); return NT_STATUS_ACCESS_DENIED; } -- cgit From 530f6a927baae8eb5c8b1b03295c8ff5ddbc70be Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 22 Jul 2007 17:13:46 +0000 Subject: r23992: Some const (This used to be commit bc106cf50732ed6c169dcf593797501fcb3ae675) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0062ca18da..f8d3bb8c48 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -207,7 +207,7 @@ NTSTATUS check_path_syntax_posix(char *path) Pull a string and check the path allowing a wilcard - provide for error return. ****************************************************************************/ -size_t srvstr_get_path_wcard(char *inbuf, uint16 smb_flags2, char *dest, +size_t srvstr_get_path_wcard(const char *inbuf, uint16 smb_flags2, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err, BOOL *contains_wcard) { @@ -248,7 +248,7 @@ size_t srvstr_get_path_wcard(char *inbuf, uint16 smb_flags2, char *dest, Pull a string and check the path - provide for error return. ****************************************************************************/ -size_t srvstr_get_path(char *inbuf, uint16 smb_flags2, char *dest, +size_t srvstr_get_path(const char *inbuf, uint16 smb_flags2, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err) { -- cgit From cc6a41017c577742af73b4bc60993d8d415ea580 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 23 Jul 2007 09:36:09 +0000 Subject: r23997: Check in the infrastructure for getting rid of the global InBuffer/OutBuffer The complete history of this patch can be found under http://www.samba.org/~vlendec/inbuf-checkin/. Jeremy, Jerry: If possible I would like to see this in 3.2.0. I'm only checking into 3_2 at the moment, as it currently will slow down operations for all non-converted (i.e. all at this moment) operations, as it will copy the talloc'ed inbuf over the global InBuffer. It will need quite a bit of effort to convert everything necessary for the normal operations an XP box does. I have patches for negprot, session setup, tcon_and_X, open_and_X, close. More to come, but I would appreciate some help here. Volker (This used to be commit 5594af2b208c860d3f4b453af6a649d9e4295d1c) --- source3/smbd/reply.c | 43 +++++++++++++++++++++++++++++-------------- 1 file changed, 29 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f8d3bb8c48..00e2bf5984 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -284,22 +284,28 @@ size_t srvstr_get_path(const char *inbuf, uint16 smb_flags2, char *dest, } /**************************************************************************** - Reply to a special message. + Reply to a (netbios-level) special message. ****************************************************************************/ -int reply_special(char *inbuf,char *outbuf) +void reply_special(char *inbuf) { - int outsize = 4; int msg_type = CVAL(inbuf,0); int msg_flags = CVAL(inbuf,1); fstring name1,name2; char name_type = 0; + + /* + * We only really use 4 bytes of the outbuf, but for the smb_setlen + * calculation & friends (send_smb uses that) we need the full smb + * header. + */ + char outbuf[smb_size]; static BOOL already_got_session = False; *name1 = *name2 = 0; - memset(outbuf,'\0',smb_size); + memset(outbuf, '\0', sizeof(outbuf)); smb_setlen(inbuf,outbuf,0); @@ -315,7 +321,7 @@ int reply_special(char *inbuf,char *outbuf) if (name_len(inbuf+4) > 50 || name_len(inbuf+4 + name_len(inbuf + 4)) > 50) { DEBUG(0,("Invalid name length in session request\n")); - return(0); + return; } name_extract(inbuf,4,name1); name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2); @@ -363,13 +369,14 @@ int reply_special(char *inbuf,char *outbuf) case SMBkeepalive: /* session keepalive */ default: - return(0); + return; } DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n", msg_type, msg_flags)); - - return(outsize); + + send_smb(smbd_server_fd(), outbuf); + return; } /**************************************************************************** @@ -613,7 +620,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt TALLOC_FREE(ctx); END_PROFILE(SMBtconX); - return chain_reply(inbuf,outbuf,length,bufsize); + return chain_reply(inbuf,&outbuf,length,bufsize); } /**************************************************************************** @@ -631,6 +638,14 @@ int reply_unknown(char *inbuf,char *outbuf) return(ERROR_DOS(ERRSRV,ERRunknownsmb)); } +void reply_unknown_new(struct smb_request *req, uint8 type) +{ + DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n", + smb_fn_name(type), type, type)); + reply_doserror(req, ERRSRV, ERRunknownsmb); + return; +} + /**************************************************************************** Reply to an ioctl. conn POINTER CAN BE NULL HERE ! @@ -1582,7 +1597,7 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } END_PROFILE(SMBopenX); - return chain_reply(inbuf,outbuf,length,bufsize); + return chain_reply(inbuf,&outbuf,length,bufsize); } /**************************************************************************** @@ -1611,7 +1626,7 @@ int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length, DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) ); END_PROFILE(SMBulogoffX); - return chain_reply(inbuf,outbuf,length,bufsize); + return chain_reply(inbuf,&outbuf,length,bufsize); } /**************************************************************************** @@ -2813,7 +2828,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt); /* Only call chain_reply if not an error. */ if (nread != -1 && SVAL(outbuf,smb_rcls) == 0) { - nread = chain_reply(inbuf,outbuf,length,bufsize); + nread = chain_reply(inbuf,&outbuf,length,bufsize); } END_PROFILE(SMBreadX); @@ -3254,7 +3269,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng } END_PROFILE(SMBwriteX); - return chain_reply(inbuf,outbuf,length,bufsize); + return chain_reply(inbuf,&outbuf,length,bufsize); } /**************************************************************************** @@ -5722,7 +5737,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks)); END_PROFILE(SMBlockingX); - return chain_reply(inbuf,outbuf,length,bufsize); + return chain_reply(inbuf,&outbuf,length,bufsize); } #undef DBGC_CLASS -- cgit From 47cdfc0413886780f51fb98b7fca18d7c83b7c23 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 23 Jul 2007 09:53:06 +0000 Subject: r23998: Convert reply_close to the new API (This used to be commit dbf74cb747d34dac571d85d6bae9398558086456) --- source3/smbd/reply.c | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 00e2bf5984..98a2f6ee5e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3402,31 +3402,35 @@ int reply_exit(connection_struct *conn, Reply to a close - has to deal with closing a directory opened by NT SMB's. ****************************************************************************/ -int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, - int dum_buffsize) +void reply_close(connection_struct *conn, struct smb_request *req) { NTSTATUS status = NT_STATUS_OK; - int outsize = 0; files_struct *fsp = NULL; START_PROFILE(SMBclose); - outsize = set_message(inbuf,outbuf,0,0,False); + if (req->wct < 3) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBclose); + return; + } /* If it's an IPC, pass off to the pipe handler. */ if (IS_IPC(conn)) { + reply_pipe_close(conn, req); END_PROFILE(SMBclose); - return reply_pipe_close(conn, inbuf,outbuf); + return; } - fsp = file_fsp(inbuf,smb_vwv0); + fsp = file_fsp((char *)req->inbuf,smb_vwv0); /* * We can only use CHECK_FSP if we know it's not a directory. */ if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) { + reply_doserror(req, ERRDOS, ERRbadfid); END_PROFILE(SMBclose); - return ERROR_DOS(ERRDOS,ERRbadfid); + return; } if(fsp->is_directory) { @@ -3448,8 +3452,9 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, * Take care of any time sent in the close. */ - fsp_set_pending_modtime(fsp, - convert_time_t_to_timespec(srv_make_unix_date3(inbuf+smb_vwv1))); + fsp_set_pending_modtime(fsp, convert_time_t_to_timespec( + srv_make_unix_date3( + req->inbuf+smb_vwv1))); /* * close_file() returns the unix errno if an error @@ -3460,13 +3465,15 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, status = close_file(fsp,NORMAL_CLOSE); } - if(!NT_STATUS_IS_OK(status)) { + if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBclose); - return ERROR_NT(status); + return; } + reply_outbuf(req, 0, 0); END_PROFILE(SMBclose); - return(outsize); + return; } /**************************************************************************** -- cgit From 9e40557047b32dae012b0b5a3450c2c23b7895e5 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 23 Jul 2007 09:54:36 +0000 Subject: r23999: Convert reply_open_and_X This is an example of chained code that is executed in make test (This used to be commit e3a10e9ffb06f429208f8b8e8482bbfd56dace91) --- source3/smbd/reply.c | 127 +++++++++++++++++++++++++++++++-------------------- 1 file changed, 78 insertions(+), 49 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 98a2f6ee5e..9eca450dc4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1423,78 +1423,98 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, Reply to an open and X. ****************************************************************************/ -int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) +void reply_open_and_X(connection_struct *conn, struct smb_request *req) { pstring fname; - uint16 open_flags = SVAL(inbuf,smb_vwv2); - int deny_mode = SVAL(inbuf,smb_vwv3); - uint32 smb_attr = SVAL(inbuf,smb_vwv5); + uint16 open_flags; + int deny_mode; + uint32 smb_attr; /* Breakout the oplock request bits so we can set the reply bits separately. */ - int ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf); - int core_oplock_request = CORE_OPLOCK_REQUEST(inbuf); - int oplock_request = ex_oplock_request | core_oplock_request; + int ex_oplock_request; + int core_oplock_request; + int oplock_request; #if 0 - int smb_sattr = SVAL(inbuf,smb_vwv4); - uint32 smb_time = make_unix_date3(inbuf+smb_vwv6); + int smb_sattr = SVAL(req->inbuf,smb_vwv4); + uint32 smb_time = make_unix_date3(req->inbuf+smb_vwv6); #endif - int smb_ofun = SVAL(inbuf,smb_vwv8); + int smb_ofun; uint32 fattr=0; int mtime=0; SMB_STRUCT_STAT sbuf; int smb_action = 0; files_struct *fsp; NTSTATUS status; - SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv9); + SMB_BIG_UINT allocation_size; ssize_t retval = -1; uint32 access_mask; uint32 share_mode; uint32 create_disposition; uint32 create_options = 0; - struct smb_request req; START_PROFILE(SMBopenX); - init_smb_request(&req, (uint8 *)inbuf); + if (req->wct < 15) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBopenX); + return; + } + + open_flags = SVAL(req->inbuf,smb_vwv2); + deny_mode = SVAL(req->inbuf,smb_vwv3); + smb_attr = SVAL(req->inbuf,smb_vwv5); + ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf); + core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf); + oplock_request = ex_oplock_request | core_oplock_request; + smb_ofun = SVAL(req->inbuf,smb_vwv8); + allocation_size = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv9); /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { if (lp_nt_pipe_support()) { - END_PROFILE(SMBopenX); - return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize); + reply_open_pipe_and_X(conn, req); } else { - END_PROFILE(SMBopenX); - return ERROR_DOS(ERRSRV,ERRaccess); + reply_doserror(req, ERRSRV, ERRaccess); } + END_PROFILE(SMBopenX); + return; } /* XXXX we need to handle passed times, sattr and flags */ - srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf), - sizeof(fname), 0, STR_TERMINATE, &status); + srvstr_get_path((char *)req->inbuf, req->flags2, fname, + smb_buf(req->inbuf), sizeof(fname), 0, STR_TERMINATE, + &status); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBopenX); - return ERROR_NT(status); + return; } - status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname); + status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, + fname); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + return; } status = unix_convert(conn, fname, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBopenX); - return ERROR_NT(status); + return; } status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBopenX); - return ERROR_NT(status); + return; } if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun, @@ -1502,11 +1522,12 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt &share_mode, &create_disposition, &create_options)) { + reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess)); END_PROFILE(SMBopenX); - return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess)); + return; } - status = open_file_ntcreate(conn, &req, fname, &sbuf, + status = open_file_ntcreate(conn, req, fname, &sbuf, access_mask, share_mode, create_disposition, @@ -1517,11 +1538,12 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); - if (open_was_deferred(SVAL(inbuf,smb_mid))) { + if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ - return -1; + return; } - return ERROR_NT(status); + reply_nterror(req, status); + return; } /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size, @@ -1530,14 +1552,16 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size); if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) { close_file(fsp,ERROR_CLOSE); + reply_nterror(req, NT_STATUS_DISK_FULL); END_PROFILE(SMBopenX); - return ERROR_NT(NT_STATUS_DISK_FULL); + return; } retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size); if (retval < 0) { close_file(fsp,ERROR_CLOSE); + reply_nterror(req, NT_STATUS_DISK_FULL); END_PROFILE(SMBopenX); - return ERROR_NT(NT_STATUS_DISK_FULL); + return; } sbuf.st_size = get_allocation_size(conn,fsp,&sbuf); } @@ -1546,8 +1570,9 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt mtime = sbuf.st_mtime; if (fattr & aDIR) { close_file(fsp,ERROR_CLOSE); + reply_doserror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBopenX); - return ERROR_DOS(ERRDOS,ERRnoaccess); + return; } /* If the caller set the extended oplock request bit @@ -1568,36 +1593,40 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt correct bit for core oplock reply. */ + if (open_flags & EXTENDED_RESPONSE_REQUIRED) { + reply_outbuf(req, 19, 0); + } else { + reply_outbuf(req, 15, 0); + } + if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + SCVAL(req->outbuf, smb_flg, + CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + SCVAL(req->outbuf, smb_flg, + CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } - if (open_flags & EXTENDED_RESPONSE_REQUIRED) { - set_message(inbuf,outbuf,19,0,True); - } else { - set_message(inbuf,outbuf,15,0,True); - } - SSVAL(outbuf,smb_vwv2,fsp->fnum); - SSVAL(outbuf,smb_vwv3,fattr); + SSVAL(req->outbuf,smb_vwv2,fsp->fnum); + SSVAL(req->outbuf,smb_vwv3,fattr); if(lp_dos_filetime_resolution(SNUM(conn)) ) { - srv_put_dos_date3(outbuf,smb_vwv4,mtime & ~1); + srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1); } else { - srv_put_dos_date3(outbuf,smb_vwv4,mtime); + srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime); } - SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size); - SSVAL(outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode)); - SSVAL(outbuf,smb_vwv11,smb_action); + SIVAL(req->outbuf,smb_vwv6,(uint32)sbuf.st_size); + SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode)); + SSVAL(req->outbuf,smb_vwv11,smb_action); if (open_flags & EXTENDED_RESPONSE_REQUIRED) { - SIVAL(outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS); + SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS); } END_PROFILE(SMBopenX); - return chain_reply(inbuf,&outbuf,length,bufsize); + chain_reply_new(req); + return; } /**************************************************************************** -- cgit From db9f25c1c58cbf17b5b94d598126b019d9e7507e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 23 Jul 2007 11:38:29 +0000 Subject: r24003: Convert reply_tcon_and_X to the new API (This used to be commit 9422385d9c018a0b1f2a0b2edd82dc574a9fb403) --- source3/smbd/reply.c | 116 ++++++++++++++++++++++++++++++++------------------- 1 file changed, 72 insertions(+), 44 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9eca450dc4..725dd416f2 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -458,7 +458,7 @@ int reply_tcon(connection_struct *conn, conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) +void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) { char *service = NULL; DATA_BLOB password; @@ -469,53 +469,67 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt /* what the server tells the client the share represents */ const char *server_devicetype; NTSTATUS nt_status; - uint16 vuid = SVAL(inbuf,smb_uid); - int passlen = SVAL(inbuf,smb_vwv3); + int passlen; char *path = NULL; char *p, *q; - uint16 tcon_flags = SVAL(inbuf,smb_vwv2); + uint16 tcon_flags; START_PROFILE(SMBtconX); + if (req->wct < 4) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBtconX); + return; + } + + passlen = SVAL(req->inbuf,smb_vwv3); + tcon_flags = SVAL(req->inbuf,smb_vwv2); + /* we might have to close an old one */ - if ((SVAL(inbuf,smb_vwv2) & 0x1) && conn) { - close_cnum(conn,vuid); + if ((tcon_flags & 0x1) && conn) { + close_cnum(conn,req->vuid); } - if (passlen > MAX_PASS_LEN) { - return ERROR_DOS(ERRDOS,ERRbuftoosmall); + if ((passlen > MAX_PASS_LEN) || (passlen >= smb_buflen(req->inbuf))) { + reply_doserror(req, ERRDOS, ERRbuftoosmall); + END_PROFILE(SMBtconX); + return; } if (global_encrypted_passwords_negotiated) { - password = data_blob(smb_buf(inbuf),passlen); + password = data_blob(smb_buf(req->inbuf),passlen); if (lp_security() == SEC_SHARE) { /* * Security = share always has a pad byte * after the password. */ - p = smb_buf(inbuf) + passlen + 1; + p = smb_buf(req->inbuf) + passlen + 1; } else { - p = smb_buf(inbuf) + passlen; + p = smb_buf(req->inbuf) + passlen; } } else { - password = data_blob(smb_buf(inbuf),passlen+1); + password = data_blob(smb_buf(req->inbuf),passlen+1); /* Ensure correct termination */ password.data[passlen]=0; - p = smb_buf(inbuf) + passlen + 1; + p = smb_buf(req->inbuf) + passlen + 1; } ctx = talloc_init("reply_tcon_and_X"); if (!ctx) { + data_blob_clear_free(&password); + reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBtconX); - return ERROR_NT(NT_STATUS_NO_MEMORY); + return; } - p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2), &path, p, + p += srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2, &path, p, STR_TERMINATE); if (path == NULL) { + data_blob_clear_free(&password); TALLOC_FREE(ctx); + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBtconX); - return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + return; } /* @@ -525,34 +539,41 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt if (*path=='\\') { q = strchr_m(path+2,'\\'); if (!q) { + data_blob_clear_free(&password); TALLOC_FREE(ctx); + reply_doserror(req, ERRDOS, ERRnosuchshare); END_PROFILE(SMBtconX); - return(ERROR_DOS(ERRDOS,ERRnosuchshare)); + return; } service = q+1; } else { service = path; } - p += srvstr_pull_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2), &client_devicetype, p, - MIN(6,smb_bufrem(inbuf, p)), STR_ASCII); + p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2, + &client_devicetype, p, + MIN(6,smb_bufrem(req->inbuf, p)), STR_ASCII); if (client_devicetype == NULL) { + data_blob_clear_free(&password); TALLOC_FREE(ctx); + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBtconX); - return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + return; } DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service)); - conn = make_connection(service,password,client_devicetype,vuid,&nt_status); + conn = make_connection(service, password, client_devicetype, + req->vuid, &nt_status); data_blob_clear_free(&password); if (!conn) { TALLOC_FREE(ctx); + reply_nterror(req, nt_status); END_PROFILE(SMBtconX); - return ERROR_NT(nt_status); + return; } if ( IS_IPC(conn) ) @@ -563,11 +584,14 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt server_devicetype = "A:"; if (Protocol < PROTOCOL_NT1) { - set_message(inbuf,outbuf,2,0,True); - p = smb_buf(outbuf); - p += srvstr_push(outbuf, p, server_devicetype, -1, - STR_TERMINATE|STR_ASCII); - set_message_end(inbuf,outbuf,p); + reply_outbuf(req, 2, 0); + if (message_push_string(&req->outbuf, server_devicetype, + STR_TERMINATE|STR_ASCII) == -1) { + TALLOC_FREE(ctx); + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBtconX); + return; + } } else { /* NT sets the fstype of IPC$ to the null string */ const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); @@ -577,7 +601,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt uint32 perm1 = 0; uint32 perm2 = 0; - set_message(inbuf,outbuf,7,0,True); + reply_outbuf(req, 7, 0); if (IS_IPC(conn)) { perm1 = FILE_ALL_ACCESS; @@ -588,26 +612,28 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt SHARE_READ_ONLY; } - SIVAL(outbuf, smb_vwv3, perm1); - SIVAL(outbuf, smb_vwv5, perm2); + SIVAL(req->outbuf, smb_vwv3, perm1); + SIVAL(req->outbuf, smb_vwv5, perm2); } else { - set_message(inbuf,outbuf,3,0,True); + reply_outbuf(req, 3, 0); } - p = smb_buf(outbuf); - p += srvstr_push(outbuf, p, server_devicetype, -1, - STR_TERMINATE|STR_ASCII); - p += srvstr_push(outbuf, p, fstype, -1, - STR_TERMINATE); - - set_message_end(inbuf,outbuf,p); + if ((message_push_string(&req->outbuf, server_devicetype, + STR_TERMINATE|STR_ASCII) == -1) + || (message_push_string(&req->outbuf, fstype, + STR_TERMINATE) == -1)) { + TALLOC_FREE(ctx); + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBtconX); + return; + } /* what does setting this bit do? It is set by NT4 and may affect the ability to autorun mounted cdroms */ - SSVAL(outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS| - (lp_csc_policy(SNUM(conn)) << 2)); + SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS| + (lp_csc_policy(SNUM(conn)) << 2)); - init_dfsroot(conn, inbuf, outbuf); + init_dfsroot(conn, req->inbuf, req->outbuf); } @@ -615,12 +641,14 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt service)); /* set the incoming and outgoing tid to the just created one */ - SSVAL(inbuf,smb_tid,conn->cnum); - SSVAL(outbuf,smb_tid,conn->cnum); + SSVAL(req->inbuf,smb_tid,conn->cnum); + SSVAL(req->outbuf,smb_tid,conn->cnum); TALLOC_FREE(ctx); END_PROFILE(SMBtconX); - return chain_reply(inbuf,&outbuf,length,bufsize); + + chain_reply_new(req); + return; } /**************************************************************************** -- cgit From 01d5091c26b9edd54023b5d3b0ab00ad93608654 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 23 Jul 2007 12:03:58 +0000 Subject: r24004: Convert reply_checkpath to the new API (This used to be commit e5c7c6406af5552b3060f03a09b5e6c9a42e531c) --- source3/smbd/reply.c | 39 +++++++++++++++++++++++---------------- 1 file changed, 23 insertions(+), 16 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 725dd416f2..fd9fc09e5a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -747,33 +747,36 @@ static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status) Reply to a checkpath. ****************************************************************************/ -int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_checkpath(connection_struct *conn, struct smb_request *req) { - int outsize = 0; pstring name; SMB_STRUCT_STAT sbuf; NTSTATUS status; START_PROFILE(SMBcheckpath); - srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), name, smb_buf(inbuf) + 1, - sizeof(name), 0, STR_TERMINATE, &status); + srvstr_get_path((char *)req->inbuf, req->flags2, name, + smb_buf(req->inbuf) + 1, sizeof(name), 0, + STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { + status = map_checkpath_error((char *)req->inbuf, status); + reply_nterror(req, status); END_PROFILE(SMBcheckpath); - status = map_checkpath_error(inbuf, status); - return ERROR_NT(status); + return; } - status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name); + status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, name); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); END_PROFILE(SMBcheckpath); - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + return; } goto path_err; } - DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(inbuf,smb_vwv0))); + DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->inbuf,smb_vwv0))); status = unix_convert(conn, name, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { @@ -793,14 +796,16 @@ int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_s } if (!S_ISDIR(sbuf.st_mode)) { + reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY, + ERRDOS, ERRbadpath); END_PROFILE(SMBcheckpath); - return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath); + return; } - outsize = set_message(inbuf,outbuf,0,0,False); + reply_outbuf(req, 0, 0); END_PROFILE(SMBcheckpath); - return outsize; + return; path_err: @@ -811,8 +816,8 @@ int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_s one at a time - if a component fails it expects ERRbadpath, not ERRbadfile. */ - status = map_checkpath_error(inbuf, status); - if(NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) { + status = map_checkpath_error((char *)req->inbuf, status); + if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) { /* * Windows returns different error codes if * the parent directory is valid but not the @@ -820,10 +825,12 @@ int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_s * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND * if the path is invalid. */ - return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath); + reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND, + ERRDOS, ERRbadpath); + return; } - return ERROR_NT(status); + reply_nterror(req, status); } /**************************************************************************** -- cgit From dd98820185b4cdaef7c4e247039b6c1da6600105 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 30 Jul 2007 07:50:24 +0000 Subject: r24071: Fix a missing END_PROFILE call (This used to be commit c9f12326dd1c090bd0ef9bb97c82926c2efd6ae8) --- source3/smbd/reply.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index fd9fc09e5a..c347182b99 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2255,6 +2255,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size status = unlink_internals(conn, &req, dirtype, name, path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBunlink); if (open_was_deferred(SVAL(inbuf,smb_mid))) { /* We have re-scheduled this call. */ return -1; -- cgit From 09b3d2525249fd832b7d46a19921a87a13b71407 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 30 Jul 2007 10:20:52 +0000 Subject: r24077: Convert reply_tdis to the new API (This used to be commit bd0cb48dde401f48dec98fa7ca794a912e0244f1) --- source3/smbd/reply.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c347182b99..7af0807c0a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3704,27 +3704,24 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -int reply_tdis(connection_struct *conn, - char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_tdis(connection_struct *conn, struct smb_request *req) { - int outsize = set_message(inbuf,outbuf,0,0,False); - uint16 vuid; START_PROFILE(SMBtdis); - vuid = SVAL(inbuf,smb_uid); - if (!conn) { DEBUG(4,("Invalid connection in tdis\n")); + reply_doserror(req, ERRSRV, ERRinvnid); END_PROFILE(SMBtdis); - return ERROR_DOS(ERRSRV,ERRinvnid); + return; } conn->used = False; - close_cnum(conn,vuid); - + close_cnum(conn,req->vuid); + + reply_outbuf(req, 0, 0); END_PROFILE(SMBtdis); - return outsize; + return; } /**************************************************************************** -- cgit From ef97e2dece55d84e64bdcbb922939ea28199a2e6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 30 Jul 2007 10:30:19 +0000 Subject: r24079: Convert reply_dskattr to the new API (This used to be commit c8e0aa5752fde34f7271a4fad758dfae0991722d) --- source3/smbd/reply.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7af0807c0a..13f1c1ce58 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1007,18 +1007,18 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size Reply to a dskattr. ****************************************************************************/ -int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_dskattr(connection_struct *conn, struct smb_request *req) { - int outsize = 0; SMB_BIG_UINT dfree,dsize,bsize; START_PROFILE(SMBdskattr); if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) { + reply_unixerror(req, ERRHRD, ERRgeneral); END_PROFILE(SMBdskattr); - return(UNIXERROR(ERRHRD,ERRgeneral)); + return; } - - outsize = set_message(inbuf,outbuf,5,0,True); + + reply_outbuf(req, 5, 0); if (Protocol <= PROTOCOL_LANMAN2) { double total_space, free_space; @@ -1037,21 +1037,21 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz if (dsize > 0xFFFF) dsize = 0xFFFF; if (dfree > 0xFFFF) dfree = 0xFFFF; - SSVAL(outbuf,smb_vwv0,dsize); - SSVAL(outbuf,smb_vwv1,64); /* this must be 64 for dos systems */ - SSVAL(outbuf,smb_vwv2,512); /* and this must be 512 */ - SSVAL(outbuf,smb_vwv3,dfree); + SSVAL(req->outbuf,smb_vwv0,dsize); + SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */ + SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */ + SSVAL(req->outbuf,smb_vwv3,dfree); } else { - SSVAL(outbuf,smb_vwv0,dsize); - SSVAL(outbuf,smb_vwv1,bsize/512); - SSVAL(outbuf,smb_vwv2,512); - SSVAL(outbuf,smb_vwv3,dfree); + SSVAL(req->outbuf,smb_vwv0,dsize); + SSVAL(req->outbuf,smb_vwv1,bsize/512); + SSVAL(req->outbuf,smb_vwv2,512); + SSVAL(req->outbuf,smb_vwv3,dfree); } DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree)); END_PROFILE(SMBdskattr); - return(outsize); + return; } /**************************************************************************** -- cgit From 68513d521d930188bb381b1737d3a7130ef2088f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 30 Jul 2007 11:35:39 +0000 Subject: r24084: Convert reply_mkdir to the new API (This used to be commit e93f3996fcdde6f0fbba3fb9e1e97407e9ccdd62) --- source3/smbd/reply.c | 39 ++++++++++++++++++++++++--------------- 1 file changed, 24 insertions(+), 15 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 13f1c1ce58..b1e2f00067 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3952,42 +3952,50 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ Reply to a mkdir. ****************************************************************************/ -int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_mkdir(connection_struct *conn, struct smb_request *req) { pstring directory; - int outsize; NTSTATUS status; SMB_STRUCT_STAT sbuf; START_PROFILE(SMBmkdir); - srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), directory, - smb_buf(inbuf) + 1, sizeof(directory), 0, + srvstr_get_path((char *)req->inbuf, req->flags2, directory, + smb_buf(req->inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBmkdir); - return ERROR_NT(status); + return; } - status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, directory); + status = resolve_dfspath(conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + directory); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBmkdir); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + END_PROFILE(SMBmkdir); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBmkdir); + return; } status = unix_convert(conn, directory, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBmkdir); - return ERROR_NT(status); + return; } status = check_name(conn, directory); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBmkdir); - return ERROR_NT(status); + return; } status = create_directory(conn, directory); @@ -4007,16 +4015,17 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, status = NT_STATUS_DOS(ERRDOS, ERRnoaccess); } + reply_nterror(req, status); END_PROFILE(SMBmkdir); - return ERROR_NT(status); + return; } - outsize = set_message(inbuf,outbuf,0,0,False); + reply_outbuf(req, 0, 0); - DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) ); + DEBUG( 3, ( "mkdir %s\n", directory ) ); END_PROFILE(SMBmkdir); - return(outsize); + return; } /**************************************************************************** -- cgit From 4694e757ba084e68e6f5bc3bf2d3714474c215cd Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 30 Jul 2007 14:07:29 +0000 Subject: r24085: Convert reply_rmdir to the new API (This used to be commit 7689048d71cc4adbdaee5521cc57890518e7090a) --- source3/smbd/reply.c | 39 ++++++++++++++++++++++++--------------- 1 file changed, 24 insertions(+), 15 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b1e2f00067..64e63abdf1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4205,56 +4205,65 @@ NTSTATUS rmdir_internals(connection_struct *conn, const char *directory) Reply to a rmdir. ****************************************************************************/ -int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_rmdir(connection_struct *conn, struct smb_request *req) { pstring directory; - int outsize = 0; SMB_STRUCT_STAT sbuf; NTSTATUS status; START_PROFILE(SMBrmdir); - srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), directory, - smb_buf(inbuf) + 1, sizeof(directory), 0, + srvstr_get_path((char *)req->inbuf, req->flags2, directory, + smb_buf(req->inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBrmdir); - return ERROR_NT(status); + return; } - status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, directory); + status = resolve_dfspath(conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + directory); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBrmdir); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + END_PROFILE(SMBrmdir); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBrmdir); + return; } status = unix_convert(conn, directory, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBrmdir); - return ERROR_NT(status); + return; } status = check_name(conn, directory); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBrmdir); - return ERROR_NT(status); + return; } - dptr_closepath(directory,SVAL(inbuf,smb_pid)); + dptr_closepath(directory, req->smbpid); status = rmdir_internals(conn, directory); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBrmdir); - return ERROR_NT(status); + return; } - outsize = set_message(inbuf,outbuf,0,0,False); + reply_outbuf(req, 0, 0); DEBUG( 3, ( "rmdir %s\n", directory ) ); END_PROFILE(SMBrmdir); - return(outsize); + return; } /******************************************************************* -- cgit From 8084a39ce0a2b2535c537115a08dd57dec82a102 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 30 Jul 2007 19:53:57 +0000 Subject: r24086: Convert reply_ulogoffX to the new API (This used to be commit bbc99e1c3b764bc2adf620553b7fa85efdf8ac53) --- source3/smbd/reply.c | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 64e63abdf1..90f713a948 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1669,28 +1669,33 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) +void reply_ulogoffX(connection_struct *conn, struct smb_request *req) { - uint16 vuid = SVAL(inbuf,smb_uid); - user_struct *vuser = get_valid_user_struct(vuid); + user_struct *vuser; + START_PROFILE(SMBulogoffX); - if(vuser == 0) - DEBUG(3,("ulogoff, vuser id %d does not map to user.\n", vuid)); + vuser = get_valid_user_struct(req->vuid); + + if(vuser == NULL) { + DEBUG(3,("ulogoff, vuser id %d does not map to user.\n", + req->vuid)); + } /* in user level security we are supposed to close any files open by this user */ - if ((vuser != 0) && (lp_security() != SEC_SHARE)) - file_close_user(vuid); + if ((vuser != NULL) && (lp_security() != SEC_SHARE)) { + file_close_user(req->vuid); + } - invalidate_vuid(vuid); + invalidate_vuid(req->vuid); - set_message(inbuf,outbuf,2,0,True); + reply_outbuf(req, 2, 0); - DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) ); + DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) ); END_PROFILE(SMBulogoffX); - return chain_reply(inbuf,&outbuf,length,bufsize); + chain_reply_new(req); } /**************************************************************************** -- cgit From 4254af71803b122449887258ac0e721f67ed39a3 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 31 Jul 2007 07:57:33 +0000 Subject: r24088: Convert reply_unlink to the new API (This used to be commit fb0a1b7bd0a195dbedb3b0c02d8a4ec25c21b9bf) --- source3/smbd/reply.c | 52 +++++++++++++++++++++++++++++++--------------------- 1 file changed, 31 insertions(+), 21 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 90f713a948..c703a4d72b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2222,56 +2222,66 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, Reply to a unlink ****************************************************************************/ -int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, - int dum_buffsize) +void reply_unlink(connection_struct *conn, struct smb_request *req) { - int outsize = 0; pstring name; uint32 dirtype; NTSTATUS status; BOOL path_contains_wcard = False; - struct smb_request req; START_PROFILE(SMBunlink); - init_smb_request(&req, (uint8 *)inbuf); + if (req->wct < 1) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBunlink); + return; + } - dirtype = SVAL(inbuf,smb_vwv0); + dirtype = SVAL(req->inbuf,smb_vwv0); - srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, - smb_buf(inbuf) + 1, sizeof(name), 0, + srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name, + smb_buf(req->inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBunlink); - return ERROR_NT(status); + return; } - status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &path_contains_wcard); + status = resolve_dfspath_wcard(conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + name, &path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBunlink); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + END_PROFILE(SMBunlink); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBunlink); + return; } DEBUG(3,("reply_unlink : %s\n",name)); - status = unlink_internals(conn, &req, dirtype, name, + status = unlink_internals(conn, req, dirtype, name, path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBunlink); - if (open_was_deferred(SVAL(inbuf,smb_mid))) { + if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ - return -1; + END_PROFILE(SMBunlink); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBunlink); + return; } - outsize = set_message(inbuf,outbuf,0,0,False); - + reply_outbuf(req, 0, 0); END_PROFILE(SMBunlink); - return outsize; + + return; } /**************************************************************************** -- cgit From a2d6aa829faa65df14ee566e455e807693cc2bd9 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 31 Jul 2007 12:05:40 +0000 Subject: r24102: Pass the fid instead of inbuf and an offset to file_fsp. This removes the buf==NULL condition in file_fsp(), but wherever it is called we do have a buffer anyway. Volker (This used to be commit d70a1f82fed64fa332f16407bea7c6671f48c59a) --- source3/smbd/reply.c | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c703a4d72b..385a47bbf3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -709,7 +709,7 @@ int reply_ioctl(connection_struct *conn, switch (ioctl_code) { case IOCTL_QUERY_JOB_INFO: { - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); if (!fsp) { END_PROFILE(SMBioctl); return(UNIXERROR(ERRDOS,ERRbadfid)); @@ -2433,7 +2433,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s * return a zero length response here. */ - fsp = file_fsp(inbuf,smb_vwv0); + fsp = file_fsp(SVAL(inbuf,smb_vwv0)); if (!FNUM_OK(fsp,conn) || !fsp->can_read) { /* @@ -2538,7 +2538,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length SMB_OFF_T startpos; size_t numtoread; NTSTATUS status; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); struct byte_range_lock *br_lck = NULL; START_PROFILE(SMBlockread); @@ -2624,7 +2624,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int char *data; SMB_OFF_T startpos; int outsize = 0; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); START_PROFILE(SMBread); CHECK_FSP(fsp,conn); @@ -2827,7 +2827,7 @@ normal_read: int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - files_struct *fsp = file_fsp(inbuf,smb_vwv2); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv2)); SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); ssize_t nread = -1; size_t smb_maxcnt = SVAL(inbuf,smb_vwv5); @@ -2928,7 +2928,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, SMB_OFF_T startpos; char *data=NULL; BOOL write_through; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); int outsize = 0; NTSTATUS status; START_PROFILE(SMBwritebraw); @@ -3079,7 +3079,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, SMB_OFF_T startpos; char *data; NTSTATUS status = NT_STATUS_OK; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); int outsize = 0; START_PROFILE(SMBwriteunlock); @@ -3157,7 +3157,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d ssize_t nwritten = -1; SMB_OFF_T startpos; char *data; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); int outsize = 0; NTSTATUS status; START_PROFILE(SMBwrite); @@ -3240,7 +3240,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - files_struct *fsp = file_fsp(inbuf,smb_vwv2); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv2)); SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); size_t numtowrite = SVAL(inbuf,smb_vwv10); BOOL write_through = BITSETW(inbuf+smb_vwv7,0); @@ -3362,7 +3362,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int SMB_OFF_T res= -1; int mode,umode; int outsize = 0; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); START_PROFILE(SMBlseek); CHECK_FSP(fsp,conn); @@ -3434,7 +3434,7 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int { int outsize = set_message(inbuf,outbuf,0,0,False); uint16 fnum = SVAL(inbuf,smb_vwv0); - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); START_PROFILE(SMBflush); if (fnum != 0xFFFF) @@ -3501,7 +3501,7 @@ void reply_close(connection_struct *conn, struct smb_request *req) return; } - fsp = file_fsp((char *)req->inbuf,smb_vwv0); + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); /* * We can only use CHECK_FSP if we know it's not a directory. @@ -3570,7 +3570,7 @@ int reply_writeclose(connection_struct *conn, SMB_OFF_T startpos; char *data; struct timespec mtime; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); START_PROFILE(SMBwriteclose); CHECK_FSP(fsp,conn); @@ -3637,7 +3637,7 @@ int reply_lock(connection_struct *conn, int outsize = set_message(inbuf,outbuf,0,0,False); SMB_BIG_UINT count,offset; NTSTATUS status; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); struct byte_range_lock *br_lck = NULL; START_PROFILE(SMBlock); @@ -3684,7 +3684,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int outsize = set_message(inbuf,outbuf,0,0,False); SMB_BIG_UINT count,offset; NTSTATUS status; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); START_PROFILE(SMBunlock); CHECK_FSP(fsp,conn); @@ -3830,7 +3830,7 @@ int reply_printclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int outsize = set_message(inbuf,outbuf,0,0,False); - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); NTSTATUS status; START_PROFILE(SMBsplclose); @@ -3935,7 +3935,7 @@ int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_ int numtowrite; int outsize = set_message(inbuf,outbuf,0,0,False); char *data; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); START_PROFILE(SMBsplwr); @@ -5533,7 +5533,7 @@ SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_forma int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize) { - files_struct *fsp = file_fsp(inbuf,smb_vwv2); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv2)); unsigned char locktype = CVAL(inbuf,smb_vwv3); unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1); uint16 num_ulocks = SVAL(inbuf,smb_vwv6); @@ -5860,7 +5860,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, int max_per_packet; size_t tcount; int pad; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); START_PROFILE(SMBreadBmpx); /* this function doesn't seem to work - disable by default */ @@ -5931,7 +5931,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, { struct timespec ts[2]; int outsize = 0; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); START_PROFILE(SMBsetattrE); outsize = set_message(inbuf,outbuf,0,0,False); @@ -6000,7 +6000,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, BOOL write_through; int smb_doff; char *data; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); NTSTATUS status; START_PROFILE(SMBwriteBmpx); @@ -6112,7 +6112,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz char *data; write_bmpx_struct *wbms; BOOL send_response = False; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); NTSTATUS status; START_PROFILE(SMBwriteBs); @@ -6201,7 +6201,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, SMB_STRUCT_STAT sbuf; int outsize = 0; int mode; - files_struct *fsp = file_fsp(inbuf,smb_vwv0); + files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); START_PROFILE(SMBgetattrE); outsize = set_message(inbuf,outbuf,11,0,True); -- cgit From a0a9a301d258ffdd6e1f35a9d4d32c555237556c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 2 Aug 2007 05:50:40 +0000 Subject: r24119: Convert reply_exit to the new API (This used to be commit d4d550aa2ba20d704d2ab1265732b03405e8819c) --- source3/smbd/reply.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 385a47bbf3..ec27450593 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3462,20 +3462,18 @@ int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -int reply_exit(connection_struct *conn, - char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_exit(connection_struct *conn, struct smb_request *req) { - int outsize; START_PROFILE(SMBexit); - file_close_pid(SVAL(inbuf,smb_pid),SVAL(inbuf,smb_uid)); + file_close_pid(req->smbpid, req->vuid); - outsize = set_message(inbuf,outbuf,0,0,False); + reply_outbuf(req, 0, 0); DEBUG(3,("exit\n")); END_PROFILE(SMBexit); - return(outsize); + return; } /**************************************************************************** -- cgit From 4b15f31f106f1dd69fdda721b5c3b787f5245a80 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 2 Aug 2007 08:53:24 +0000 Subject: r24120: add a file_id_create() hook into the VFS layer it's needed for some cluster filesystems to overload this function. metze (This used to be commit cdaa24e8047399002e4b287a31a8340a665e580f) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ec27450593..cebb905a9e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4563,7 +4563,8 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstrin } if (dst_exists) { - files_struct *dst_fsp = file_find_di_first(file_id_sbuf(&sbuf1)); + struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1); + files_struct *dst_fsp = file_find_di_first(fileid); if (dst_fsp) { DEBUG(3, ("rename_internals_fsp: Target file open\n")); return NT_STATUS_ACCESS_DENIED; -- cgit From 6c6fed5e656d64df9c9c12d7909f2c2289208bf7 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 2 Aug 2007 17:37:38 +0000 Subject: r24130: Explicitly pass flags2 to srvstr_push This is in preparation of the trans2 conversion: srvstr_push should not look at inbuf directly. (This used to be commit 5fd7e6a3821bea26d352e3edc23b7a216b1200e5) --- source3/smbd/reply.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index cebb905a9e..4fbf179797 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -715,9 +715,13 @@ int reply_ioctl(connection_struct *conn, return(UNIXERROR(ERRDOS,ERRbadfid)); } SSVAL(p,0,fsp->rap_print_jobid); /* Job number */ - srvstr_push(outbuf, p+2, global_myname(), 15, STR_TERMINATE|STR_ASCII); + srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p+2, + global_myname(), 15, + STR_TERMINATE|STR_ASCII); if (conn) { - srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII); + srvstr_push(outbuf, SVAL(outbuf, smb_flg2), + p+18, lp_servicename(SNUM(conn)), + 13, STR_TERMINATE|STR_ASCII); } break; } @@ -1909,7 +1913,8 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, thing in the byte section. JRA */ SSVALS(p, 0, -1); /* what is this? not in spec */ #endif - namelen = srvstr_push(outbuf, p, s, -1, STR_ASCII|STR_TERMINATE); + namelen = srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p, s, -1, + STR_ASCII|STR_TERMINATE); p += namelen; outsize = set_message_end(inbuf,outbuf, p); @@ -3903,7 +3908,8 @@ int reply_printqueue(connection_struct *conn, SSVAL(p,5, queue[i].job); SIVAL(p,7,queue[i].size); SCVAL(p,11,0); - srvstr_push(outbuf, p+12, queue[i].fs_user, 16, STR_ASCII); + srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p+12, + queue[i].fs_user, 16, STR_ASCII); p += 28; } -- cgit From b91704d47b7946d561a0021a08c14f8923d59e3a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 2 Aug 2007 18:28:41 +0000 Subject: r24135: Convert call_trans2open to the new API This itself won't help much, because send_trans2_replies_new still allocates the big buffers, but stay tuned :-) Also add/update my copyright on stuff I recently touched. Volker (This used to be commit 248f15ff143474db2493cef89ba446892342a361) --- source3/smbd/reply.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4fbf179797..0bb9d9ca7d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4,6 +4,7 @@ Copyright (C) Andrew Tridgell 1992-1998 Copyright (C) Andrew Bartlett 2001 Copyright (C) Jeremy Allison 1992-2007. + Copyright (C) Volker Lendecke 2007 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by -- cgit From 2945d4492d10d83acd2d345339da941db5d7fc53 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 2 Aug 2007 19:50:56 +0000 Subject: r24141: Add check_fsp as a replacement for CHECK_FSP (This used to be commit a3d77a576f863c4d9f95a1a898f70ae5b5bbc471) --- source3/smbd/reply.c | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 0bb9d9ca7d..91e4274814 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -284,6 +284,33 @@ size_t srvstr_get_path(const char *inbuf, uint16 smb_flags2, char *dest, return ret; } +/**************************************************************************** + Check if we have a correct fsp pointing to a file. Replacement for the + CHECK_FSP macro. +****************************************************************************/ +BOOL check_fsp(connection_struct *conn, struct smb_request *req, + files_struct *fsp, struct current_user *user) +{ + if (!(fsp) || !(conn)) { + reply_nterror(req, NT_STATUS_INVALID_HANDLE); + return False; + } + if (((conn) != (fsp)->conn) || current_user.vuid != (fsp)->vuid) { + reply_nterror(req, NT_STATUS_INVALID_HANDLE); + return False; + } + if ((fsp)->is_directory) { + reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST); + return False; + } + if ((fsp)->fh->fd == -1) { + reply_nterror(req, NT_STATUS_ACCESS_DENIED); + return False; + } + (fsp)->num_smb_operations++; + return True; +} + /**************************************************************************** Reply to a (netbios-level) special message. ****************************************************************************/ -- cgit From c847b2afe7f4c979499c20869563439e25f0cb7e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 4 Aug 2007 20:08:35 +0000 Subject: r24223: Convert reply_echo to the new API (This used to be commit 4863ff2899419e791ed0e340821072d004fb1d17) --- source3/smbd/reply.c | 39 +++++++++++++++++++++++++-------------- 1 file changed, 25 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 91e4274814..94f18641bf 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3775,24 +3775,35 @@ void reply_tdis(connection_struct *conn, struct smb_request *req) conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -int reply_echo(connection_struct *conn, - char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_echo(connection_struct *conn, struct smb_request *req) { - int smb_reverb = SVAL(inbuf,smb_vwv0); + int smb_reverb; int seq_num; - unsigned int data_len = smb_buflen(inbuf); - int outsize = set_message(inbuf,outbuf,1,data_len,True); + unsigned int data_len = smb_buflen(req->inbuf); + START_PROFILE(SMBecho); + if (req->wct < 1) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBecho); + return; + } + if (data_len > BUFFER_SIZE) { DEBUG(0,("reply_echo: data_len too large.\n")); + reply_nterror(req, NT_STATUS_INSUFFICIENT_RESOURCES); END_PROFILE(SMBecho); - return -1; + return; } + smb_reverb = SVAL(req->inbuf,smb_vwv0); + + reply_outbuf(req, 1, data_len); + /* copy any incoming data back out */ - if (data_len > 0) - memcpy(smb_buf(outbuf),smb_buf(inbuf),data_len); + if (data_len > 0) { + memcpy(smb_buf(req->outbuf),smb_buf(req->inbuf),data_len); + } if (smb_reverb > 100) { DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb)); @@ -3800,21 +3811,21 @@ int reply_echo(connection_struct *conn, } for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) { - SSVAL(outbuf,smb_vwv0,seq_num); - - smb_setlen(inbuf,outbuf,outsize - 4); + SSVAL(req->outbuf,smb_vwv0,seq_num); - show_msg(outbuf); - if (!send_smb(smbd_server_fd(),outbuf)) + show_msg((char *)req->outbuf); + if (!send_smb(smbd_server_fd(),(char *)req->outbuf)) exit_server_cleanly("reply_echo: send_smb failed."); } DEBUG(3,("echo %d times\n", smb_reverb)); + TALLOC_FREE(req->outbuf); + smb_echo_count++; END_PROFILE(SMBecho); - return -1; + return; } /**************************************************************************** -- cgit From 5d2031915e9fa56cb1ccdc55a489bd62225ce739 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 4 Aug 2007 20:44:33 +0000 Subject: r24225: Convert reply_flush to the new API (This used to be commit f843c02f0794964eba02ab983f9c0701801f415c) --- source3/smbd/reply.c | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 94f18641bf..2b54c636a5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3463,31 +3463,43 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int Reply to a flush. ****************************************************************************/ -int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) +void reply_flush(connection_struct *conn, struct smb_request *req) { - int outsize = set_message(inbuf,outbuf,0,0,False); - uint16 fnum = SVAL(inbuf,smb_vwv0); - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + uint16 fnum; + files_struct *fsp; + START_PROFILE(SMBflush); - if (fnum != 0xFFFF) - CHECK_FSP(fsp,conn); + if (req->wct < 1) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + return; + } + + fnum = SVAL(req->inbuf,smb_vwv0); + fsp = file_fsp(fnum); + + if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp, ¤t_user)) { + return; + } if (!fsp) { file_sync_all(conn); } else { NTSTATUS status = sync_file(conn, fsp, True); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBflush); DEBUG(5,("reply_flush: sync_file for %s returned %s\n", fsp->fsp_name, nt_errstr(status) )); - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBflush); + return; } } + reply_outbuf(req, 0, 0); + DEBUG(3,("flush\n")); END_PROFILE(SMBflush); - return(outsize); + return; } /**************************************************************************** -- cgit From bb9664302b354c46041f58549d5adf0a241eb6c1 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 7 Aug 2007 13:12:46 +0000 Subject: r24269: Check wct in reply_write_and_X (This used to be commit 1297fac11778cb910d1bcd12b6d9d3a6269972db) --- source3/smbd/reply.c | 29 +++++++++++++++++++++-------- 1 file changed, 21 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2b54c636a5..8007a769ec 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3273,18 +3273,31 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv2)); - SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); - size_t numtowrite = SVAL(inbuf,smb_vwv10); - BOOL write_through = BITSETW(inbuf+smb_vwv7,0); - ssize_t nwritten = -1; - unsigned int smb_doff = SVAL(inbuf,smb_vwv11); - unsigned int smblen = smb_len(inbuf); + files_struct *fsp; + SMB_OFF_T startpos; + size_t numtowrite; + BOOL write_through; + ssize_t nwritten; + unsigned int smb_doff; + unsigned int smblen; char *data; - BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF)); + BOOL large_writeX; NTSTATUS status; + START_PROFILE(SMBwriteX); + if ((CVAL(inbuf, smb_wct) != 12) && (CVAL(inbuf, smb_wct) != 14)) { + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + } + + fsp = file_fsp(SVAL(inbuf,smb_vwv2)); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); + numtowrite = SVAL(inbuf,smb_vwv10); + write_through = BITSETW(inbuf+smb_vwv7,0); + smb_doff = SVAL(inbuf,smb_vwv11); + smblen = smb_len(inbuf); + large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF)); + /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { END_PROFILE(SMBwriteX); -- cgit From 1f67efab7c40ad440d6919d71bdee29d7bf7d175 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 7 Aug 2007 13:14:49 +0000 Subject: r24270: Fix some END_PROFILE(SMBwriteX) (This used to be commit 36f2347561ab06b5d8175ad0a9c4da2817e759f9) --- source3/smbd/reply.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8007a769ec..d7b30fd72d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3287,6 +3287,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng START_PROFILE(SMBwriteX); if ((CVAL(inbuf, smb_wct) != 12) && (CVAL(inbuf, smb_wct) != 14)) { + END_PROFILE(SMBwriteX); return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } @@ -3306,6 +3307,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng CHECK_FSP(fsp,conn); if (!CHECK_WRITE(fsp)) { + END_PROFILE(SMBwriteX); return(ERROR_DOS(ERRDOS,ERRbadaccess)); } @@ -3388,9 +3390,9 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng status = sync_file(conn, fsp, write_through); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBwriteX); DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n", fsp->fsp_name, nt_errstr(status) )); + END_PROFILE(SMBwriteX); return ERROR_NT(status); } -- cgit From b0dc209c190b90cef64d5fdea0623567e42c5a85 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 7 Aug 2007 13:43:02 +0000 Subject: r24271: Push reply_prep_legacy into reply_write_and_X (This used to be commit 607e7d2447bf19eea872a3a4d1ad499a53f0a935) --- source3/smbd/reply.c | 62 ++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 46 insertions(+), 16 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d7b30fd72d..30b90a6459 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3271,7 +3271,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d Reply to a write and X. ****************************************************************************/ -int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) +void reply_write_and_X(connection_struct *conn, struct smb_request *req) { files_struct *fsp; SMB_OFF_T startpos; @@ -3284,11 +3284,21 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng BOOL large_writeX; NTSTATUS status; + char *inbuf, *outbuf; + int length, bufsize; + START_PROFILE(SMBwriteX); + if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBwriteX); + return; + } + if ((CVAL(inbuf, smb_wct) != 12) && (CVAL(inbuf, smb_wct) != 14)) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBwriteX); - return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + return; } fsp = file_fsp(SVAL(inbuf,smb_vwv2)); @@ -3301,17 +3311,25 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { + reply_post_legacy( + req, + reply_pipe_write_and_X(inbuf,outbuf,length,bufsize)); END_PROFILE(SMBwriteX); - return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize); + return; + } + + if (!check_fsp(conn, req, fsp, ¤t_user)) { + END_PROFILE(SMBwriteX); + return; } - CHECK_FSP(fsp,conn); if (!CHECK_WRITE(fsp)) { + reply_doserror(req, ERRDOS, ERRbadaccess); END_PROFILE(SMBwriteX); - return(ERROR_DOS(ERRDOS,ERRbadaccess)); + return; } - set_message(inbuf,outbuf,6,0,True); + set_message(inbuf, outbuf, 6, 0, True); /* Deal with possible LARGE_WRITEX */ if (large_writeX) { @@ -3319,8 +3337,9 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng } if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) { + reply_doserror(req, ERRDOS, ERRbadmem); END_PROFILE(SMBwriteX); - return ERROR_DOS(ERRDOS,ERRbadmem); + return; } data = smb_base(inbuf) + smb_doff; @@ -3339,18 +3358,23 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng */ if(IVAL(inbuf,smb_vwv12) != 0) { - DEBUG(0,("reply_write_and_X - large offset (%x << 32) used and we don't support \ -64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv12) )); + DEBUG(0,("reply_write_and_X - large offset (%x << 32) " + "used and we don't support 64 bit offsets.\n", + (unsigned int)IVAL(inbuf,smb_vwv12) )); + reply_doserror(req, ERRDOS, ERRbadaccess); END_PROFILE(SMBwriteX); - return ERROR_DOS(ERRDOS,ERRbadaccess); + return; } #endif /* LARGE_SMB_OFF_T */ } - if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid), + (SMB_BIG_UINT)numtowrite, + (SMB_BIG_UINT)startpos, WRITE_LOCK)) { + reply_doserror(req, ERRDOS, ERRlock); END_PROFILE(SMBwriteX); - return ERROR_DOS(ERRDOS,ERRlock); + return; } /* X/Open SMB protocol says that, unlike SMBwrite @@ -3364,16 +3388,18 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng if (schedule_aio_write_and_X(conn, inbuf, outbuf, length, bufsize, fsp,data,startpos,numtowrite)) { + reply_post_legacy(req, -1); END_PROFILE(SMBwriteX); - return -1; + return; } nwritten = write_file(fsp,data,startpos,numtowrite); } if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { + reply_unixerror(req, ERRHRD, ERRdiskfull); END_PROFILE(SMBwriteX); - return(UNIXERROR(ERRHRD,ERRdiskfull)); + return; } SSVAL(outbuf,smb_vwv2,nwritten); @@ -3392,12 +3418,16 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng if (!NT_STATUS_IS_OK(status)) { DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n", fsp->fsp_name, nt_errstr(status) )); + reply_nterror(req, status); END_PROFILE(SMBwriteX); - return ERROR_NT(status); + return; } + reply_post_legacy(req, smb_len(req->outbuf)); + END_PROFILE(SMBwriteX); - return chain_reply(inbuf,&outbuf,length,bufsize); + chain_reply_new(req); + return; } /**************************************************************************** -- cgit From a6810cb9a303d31dfedfb4bdc52f4d4df7e4eb90 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 8 Aug 2007 18:40:26 +0000 Subject: r24278: Push down reply_prep_legacy in reply_write_and_X Remove the need for reply_prep_legacy for reply_pipe_write_and_X (This used to be commit de143d5fa61aa487613dda729a43dc3d59a72899) --- source3/smbd/reply.c | 47 +++++++++++++++++++++++------------------------ 1 file changed, 23 insertions(+), 24 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 30b90a6459..e4fbc839ff 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3289,35 +3289,39 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) START_PROFILE(SMBwriteX); - if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { - reply_nterror(req, NT_STATUS_NO_MEMORY); + if ((req->wct != 12) && (req->wct != 14)) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBwriteX); return; } - if ((CVAL(inbuf, smb_wct) != 12) && (CVAL(inbuf, smb_wct) != 14)) { - reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + numtowrite = SVAL(req->inbuf,smb_vwv10); + smb_doff = SVAL(req->inbuf,smb_vwv11); + smblen = smb_len(req->inbuf); + large_writeX = ((req->wct == 14) && (smblen > 0xFFFF)); + + /* Deal with possible LARGE_WRITEX */ + if (large_writeX) { + numtowrite |= ((((size_t)SVAL(req->inbuf,smb_vwv9)) & 1 )<<16); + } + + if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) { + reply_doserror(req, ERRDOS, ERRbadmem); END_PROFILE(SMBwriteX); return; } - fsp = file_fsp(SVAL(inbuf,smb_vwv2)); - startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); - numtowrite = SVAL(inbuf,smb_vwv10); - write_through = BITSETW(inbuf+smb_vwv7,0); - smb_doff = SVAL(inbuf,smb_vwv11); - smblen = smb_len(inbuf); - large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF)); - /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { - reply_post_legacy( - req, - reply_pipe_write_and_X(inbuf,outbuf,length,bufsize)); + reply_pipe_write_and_X(req); END_PROFILE(SMBwriteX); return; } + fsp = file_fsp(SVAL(req->inbuf,smb_vwv2)); + startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3); + write_through = BITSETW(req->inbuf+smb_vwv7,0); + if (!check_fsp(conn, req, fsp, ¤t_user)) { END_PROFILE(SMBwriteX); return; @@ -3329,19 +3333,14 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) return; } - set_message(inbuf, outbuf, 6, 0, True); - - /* Deal with possible LARGE_WRITEX */ - if (large_writeX) { - numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16); - } - - if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) { - reply_doserror(req, ERRDOS, ERRbadmem); + if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBwriteX); return; } + set_message(inbuf, outbuf, 6, 0, True); + data = smb_base(inbuf) + smb_doff; if(CVAL(inbuf,smb_wct) == 14) { -- cgit From 12d94f77f919851989da8dbcc12eb632258a2084 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 8 Aug 2007 19:05:30 +0000 Subject: r24279: Remove reply_prep_legacy from reply_write_and_X (This used to be commit f18b7a9a282ebb5c31a89a601798f9a0db51867e) --- source3/smbd/reply.c | 37 ++++++++++++------------------------- 1 file changed, 12 insertions(+), 25 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e4fbc839ff..17bcab12fd 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3284,9 +3284,6 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) BOOL large_writeX; NTSTATUS status; - char *inbuf, *outbuf; - int length, bufsize; - START_PROFILE(SMBwriteX); if ((req->wct != 12) && (req->wct != 14)) { @@ -3333,22 +3330,14 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) return; } - if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { - reply_nterror(req, NT_STATUS_NO_MEMORY); - END_PROFILE(SMBwriteX); - return; - } - - set_message(inbuf, outbuf, 6, 0, True); + data = smb_base(req->inbuf) + smb_doff; - data = smb_base(inbuf) + smb_doff; - - if(CVAL(inbuf,smb_wct) == 14) { + if(req->wct == 14) { #ifdef LARGE_SMB_OFF_T /* * This is a large offset (64 bit) write. */ - startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv12)) << 32); + startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv12)) << 32); #else /* !LARGE_SMB_OFF_T */ @@ -3356,7 +3345,7 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) * Ensure we haven't been sent a >32 bit offset. */ - if(IVAL(inbuf,smb_vwv12) != 0) { + if(IVAL(req->inbuf,smb_vwv12) != 0) { DEBUG(0,("reply_write_and_X - large offset (%x << 32) " "used and we don't support 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv12) )); @@ -3368,7 +3357,7 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) #endif /* LARGE_SMB_OFF_T */ } - if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid), + if (is_locked(fsp,(uint32)req->smbpid, (SMB_BIG_UINT)numtowrite, (SMB_BIG_UINT)startpos, WRITE_LOCK)) { reply_doserror(req, ERRDOS, ERRlock); @@ -3385,14 +3374,14 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) nwritten = 0; } else { - if (schedule_aio_write_and_X(conn, inbuf, outbuf, length, bufsize, - fsp,data,startpos,numtowrite)) { - reply_post_legacy(req, -1); + if (schedule_aio_write_and_X(conn, req, fsp, data, startpos, + numtowrite)) { END_PROFILE(SMBwriteX); return; } nwritten = write_file(fsp,data,startpos,numtowrite); + reply_outbuf(req, 6, 0); } if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { @@ -3401,13 +3390,13 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) return; } - SSVAL(outbuf,smb_vwv2,nwritten); + SSVAL(req->outbuf,smb_vwv2,nwritten); if (large_writeX) - SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1); + SSVAL(req->outbuf,smb_vwv4,(nwritten>>16)&1); if (nwritten < (ssize_t)numtowrite) { - SCVAL(outbuf,smb_rcls,ERRHRD); - SSVAL(outbuf,smb_err,ERRdiskfull); + SCVAL(req->outbuf,smb_rcls,ERRHRD); + SSVAL(req->outbuf,smb_err,ERRdiskfull); } DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n", @@ -3422,8 +3411,6 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) return; } - reply_post_legacy(req, smb_len(req->outbuf)); - END_PROFILE(SMBwriteX); chain_reply_new(req); return; -- cgit From 9239b8e8d3f490ee1452820c61742f455d67e095 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 10 Aug 2007 09:53:42 +0000 Subject: r24306: the check_fsp() function has an explicit user argument so use it... metze (This used to be commit 4154bee0d91dd2ace9a7a627418f652d0d11b959) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 17bcab12fd..c02bbc8719 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -295,7 +295,7 @@ BOOL check_fsp(connection_struct *conn, struct smb_request *req, reply_nterror(req, NT_STATUS_INVALID_HANDLE); return False; } - if (((conn) != (fsp)->conn) || current_user.vuid != (fsp)->vuid) { + if (((conn) != (fsp)->conn) || user->vuid != (fsp)->vuid) { reply_nterror(req, NT_STATUS_INVALID_HANDLE); return False; } -- cgit From d465b468c1bd1e43fc1bf1622415ed98dafa6627 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 10 Aug 2007 21:33:58 +0000 Subject: r24319: Check wct in reply_read_and_X (This used to be commit 9ddacdfa131c4a4a852b3d30db1ee22d1852d0c2) --- source3/smbd/reply.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c02bbc8719..3e35c0064b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2860,10 +2860,10 @@ normal_read: int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) { - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv2)); - SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); + files_struct *fsp; + SMB_OFF_T startpos; ssize_t nread = -1; - size_t smb_maxcnt = SVAL(inbuf,smb_vwv5); + size_t smb_maxcnt; BOOL big_readX = False; #if 0 size_t smb_mincnt = SVAL(inbuf,smb_vwv6); @@ -2871,6 +2871,14 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt START_PROFILE(SMBreadX); + if ((CVAL(inbuf, smb_wct) != 10) && (CVAL(inbuf, smb_wct) != 12)) { + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + } + + fsp = file_fsp(SVAL(inbuf,smb_vwv2)); + startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); + smb_maxcnt = SVAL(inbuf,smb_vwv5); + /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { END_PROFILE(SMBreadX); -- cgit From 61ee2d37200f8cc00d4b0291683f4b3fb8992457 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 11 Aug 2007 10:26:40 +0000 Subject: r24322: Wrap reply_read_and_X in reply_prep_legacy (This used to be commit 7926b5dfb8d05ad2fe40c3f7658a492f0450e505) --- source3/smbd/reply.c | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3e35c0064b..7cfcecbf2f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2858,7 +2858,9 @@ normal_read: Reply to a read and X. ****************************************************************************/ -int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) +static int reply_read_and_X_old(connection_struct *conn, + char *inbuf, char *outbuf, + int length,int bufsize) { files_struct *fsp; SMB_OFF_T startpos; @@ -2956,6 +2958,31 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return nread; } +void reply_read_and_X(connection_struct *conn, struct smb_request *req) +{ + char *inbuf, *outbuf; + int length, bufsize; + int outsize; + + if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; + } + + outsize = reply_read_and_X_old(conn, inbuf, outbuf, length, bufsize); + + DEBUG(10, ("outsize = %d\n", outsize)); + + /* + * Can't use reply_post_legacy here, setup_readX_header has set up its + * size itself already. + */ + + if (outsize == -1) { + TALLOC_FREE(req->outbuf); + } +} + /**************************************************************************** Reply to a writebraw (core+ or LANMAN1.0 protocol). ****************************************************************************/ -- cgit From 8d6dcd94eba51a39f510fc2351fb9e2b7fcbc3ce Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 11 Aug 2007 10:40:35 +0000 Subject: r24323: Remove the reply_read_and_X wrapper function (This used to be commit 96b218789401bb9e512339e7c6d9e0c9d9724420) --- source3/smbd/reply.c | 112 +++++++++++++++++++++++++++++---------------------- 1 file changed, 63 insertions(+), 49 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7cfcecbf2f..5d47e532cf 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2858,9 +2858,7 @@ normal_read: Reply to a read and X. ****************************************************************************/ -static int reply_read_and_X_old(connection_struct *conn, - char *inbuf, char *outbuf, - int length,int bufsize) +void reply_read_and_X(connection_struct *conn, struct smb_request *req) { files_struct *fsp; SMB_OFF_T startpos; @@ -2868,28 +2866,46 @@ static int reply_read_and_X_old(connection_struct *conn, size_t smb_maxcnt; BOOL big_readX = False; #if 0 - size_t smb_mincnt = SVAL(inbuf,smb_vwv6); + size_t smb_mincnt = SVAL(req->inbuf,smb_vwv6); #endif + char *inbuf, *outbuf; + int length, bufsize; START_PROFILE(SMBreadX); - if ((CVAL(inbuf, smb_wct) != 10) && (CVAL(inbuf, smb_wct) != 12)) { - return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + if ((req->wct != 10) && (req->wct != 12)) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + return; } - fsp = file_fsp(SVAL(inbuf,smb_vwv2)); - startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); - smb_maxcnt = SVAL(inbuf,smb_vwv5); + fsp = file_fsp(SVAL(req->inbuf,smb_vwv2)); + startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3); + smb_maxcnt = SVAL(req->inbuf,smb_vwv5); + + if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBreadX); + return; + } /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { + reply_post_legacy( + req, + reply_pipe_read_and_X(inbuf,outbuf,length,bufsize)); END_PROFILE(SMBreadX); - return reply_pipe_read_and_X(inbuf,outbuf,length,bufsize); + return; } - CHECK_FSP(fsp,conn); - if (!CHECK_READ(fsp,inbuf)) { - return(ERROR_DOS(ERRDOS,ERRbadaccess)); + if (!check_fsp(conn, req, fsp, ¤t_user)) { + END_PROFILE(SMBreadX); + return; + } + + if (!CHECK_READ(fsp,req->inbuf)) { + reply_doserror(req, ERRDOS,ERRbadaccess); + END_PROFILE(SMBreadX); + return; } set_message(inbuf,outbuf,12,0,True); @@ -2900,15 +2916,22 @@ static int reply_read_and_X_old(connection_struct *conn, if (upper_size > 1) { /* Can't do this on a chained packet. */ if ((CVAL(inbuf,smb_vwv0) != 0xFF)) { - return ERROR_NT(NT_STATUS_NOT_SUPPORTED); + reply_nterror(req, NT_STATUS_NOT_SUPPORTED); + END_PROFILE(SMBreadX); + return; } /* We currently don't do this on signed or sealed data. */ if (srv_is_signing_active() || srv_encryption_on()) { - return ERROR_NT(NT_STATUS_NOT_SUPPORTED); + reply_nterror(req, NT_STATUS_NOT_SUPPORTED); + END_PROFILE(SMBreadX); + return; } /* Is there room in the reply for this data ? */ if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) { - return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + reply_nterror(req, + NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBreadX); + return; } big_readX = True; } @@ -2928,59 +2951,50 @@ static int reply_read_and_X_old(connection_struct *conn, */ if(IVAL(inbuf,smb_vwv10) != 0) { - DEBUG(0,("reply_read_and_X - large offset (%x << 32) used and we don't support \ -64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv10) )); + DEBUG(0,("reply_read_and_X - large offset (%x << 32) " + "used and we don't support 64 bit offsets.\n", + (unsigned int)IVAL(inbuf,smb_vwv10) )); END_PROFILE(SMBreadX); - return ERROR_DOS(ERRDOS,ERRbadaccess); + reply_doserror(req, ERRDOS, ERRbadaccess); + return; } #endif /* LARGE_SMB_OFF_T */ } - if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)smb_maxcnt, + (SMB_BIG_UINT)startpos, READ_LOCK)) { END_PROFILE(SMBreadX); - return ERROR_DOS(ERRDOS,ERRlock); + reply_doserror(req, ERRDOS, ERRlock); + return; } - if (!big_readX && schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt)) { + if (!big_readX + && schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, + fsp, startpos, smb_maxcnt)) { END_PROFILE(SMBreadX); - return -1; + reply_post_legacy(req, -1); + return; } - nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt); + nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, + startpos, smb_maxcnt); /* Only call chain_reply if not an error. */ if (nread != -1 && SVAL(outbuf,smb_rcls) == 0) { nread = chain_reply(inbuf,&outbuf,length,bufsize); } - END_PROFILE(SMBreadX); - return nread; -} - -void reply_read_and_X(connection_struct *conn, struct smb_request *req) -{ - char *inbuf, *outbuf; - int length, bufsize; - int outsize; - - if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { - reply_nterror(req, NT_STATUS_NO_MEMORY); - return; - } - - outsize = reply_read_and_X_old(conn, inbuf, outbuf, length, bufsize); - - DEBUG(10, ("outsize = %d\n", outsize)); - - /* - * Can't use reply_post_legacy here, setup_readX_header has set up its - * size itself already. - */ - - if (outsize == -1) { + if (nread == -1) { + /* + * Can't use reply_post_legacy here, setup_readX_header has + * set up its (potentially LARGE) size itself already. + */ TALLOC_FREE(req->outbuf); } + + END_PROFILE(SMBreadX); + return; } /**************************************************************************** -- cgit From 8e146e4b7b284a4e89eea11272407c57090af395 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 11 Aug 2007 10:53:36 +0000 Subject: r24324: No reply_prep_legacy() in reply_pipe_read_and_X (This used to be commit 304843315c5457ff0288d66d31f1ddb1ef2796f4) --- source3/smbd/reply.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5d47e532cf..cf30c183fa 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2882,17 +2882,9 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3); smb_maxcnt = SVAL(req->inbuf,smb_vwv5); - if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { - reply_nterror(req, NT_STATUS_NO_MEMORY); - END_PROFILE(SMBreadX); - return; - } - /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { - reply_post_legacy( - req, - reply_pipe_read_and_X(inbuf,outbuf,length,bufsize)); + reply_pipe_read_and_X(req); END_PROFILE(SMBreadX); return; } @@ -2908,6 +2900,12 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) return; } + if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBreadX); + return; + } + set_message(inbuf,outbuf,12,0,True); if (global_client_caps & CAP_LARGE_READX) { -- cgit From bb373dbd6c1d68d42d664351ee36f5ca4a9272c6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 11 Aug 2007 11:20:21 +0000 Subject: r24325: Push down reply_prep_legacy in reply_read_and_X (This used to be commit 9d2354129dad1d4d015d463f138a196f9f72af2f) --- source3/smbd/reply.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index cf30c183fa..7b981e1c8a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2900,20 +2900,12 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) return; } - if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { - reply_nterror(req, NT_STATUS_NO_MEMORY); - END_PROFILE(SMBreadX); - return; - } - - set_message(inbuf,outbuf,12,0,True); - if (global_client_caps & CAP_LARGE_READX) { - size_t upper_size = SVAL(inbuf,smb_vwv7); + size_t upper_size = SVAL(req->inbuf,smb_vwv7); smb_maxcnt |= (upper_size<<16); if (upper_size > 1) { /* Can't do this on a chained packet. */ - if ((CVAL(inbuf,smb_vwv0) != 0xFF)) { + if ((CVAL(req->inbuf,smb_vwv0) != 0xFF)) { reply_nterror(req, NT_STATUS_NOT_SUPPORTED); END_PROFILE(SMBreadX); return; @@ -2935,12 +2927,12 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) } } - if(CVAL(inbuf,smb_wct) == 12) { + if (req->wct == 12) { #ifdef LARGE_SMB_OFF_T /* * This is a large offset (64 bit) read. */ - startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv10)) << 32); + startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv10)) << 32); #else /* !LARGE_SMB_OFF_T */ @@ -2948,10 +2940,10 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) * Ensure we haven't been sent a >32 bit offset. */ - if(IVAL(inbuf,smb_vwv10) != 0) { + if(IVAL(req->inbuf,smb_vwv10) != 0) { DEBUG(0,("reply_read_and_X - large offset (%x << 32) " "used and we don't support 64 bit offsets.\n", - (unsigned int)IVAL(inbuf,smb_vwv10) )); + (unsigned int)IVAL(req->inbuf,smb_vwv10) )); END_PROFILE(SMBreadX); reply_doserror(req, ERRDOS, ERRbadaccess); return; @@ -2968,6 +2960,14 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) return; } + if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBreadX); + return; + } + + set_message(inbuf,outbuf,12,0,True); + if (!big_readX && schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt)) { -- cgit From 921fbb25eb4a6097a1e960abadc4dc4b11d32cf6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 11 Aug 2007 16:28:10 +0000 Subject: r24332: schedule_aio_read_and_X does not need InBuf/OutBuf (This used to be commit 9ad91bd20592850d7b6393e1ac7f0e0919d69668) --- source3/smbd/reply.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7b981e1c8a..a62b54550e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2960,22 +2960,21 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) return; } - if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { - reply_nterror(req, NT_STATUS_NO_MEMORY); + if (!big_readX + && schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) { END_PROFILE(SMBreadX); + reply_post_legacy(req, -1); return; } - set_message(inbuf,outbuf,12,0,True); - - if (!big_readX - && schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, - fsp, startpos, smb_maxcnt)) { + if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBreadX); - reply_post_legacy(req, -1); return; } + set_message(inbuf,outbuf,12,0,True); + nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt); /* Only call chain_reply if not an error. */ -- cgit From d198962d14d417bf191ce45ad8e9034bc943a865 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 12 Aug 2007 09:16:54 +0000 Subject: r24346: Push reply_prep_legacy into send_file_readX (This used to be commit cded66a7dc72d41e4d6ea90edd8b03ed080c042f) --- source3/smbd/reply.c | 71 +++++++++++++++++++++++----------------------------- 1 file changed, 32 insertions(+), 39 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a62b54550e..93e2aaf0be 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2733,16 +2733,28 @@ static int setup_readX_header(char *inbuf, char *outbuf, size_t smb_maxcnt) Reply to a read and X - possibly using sendfile. ****************************************************************************/ -int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length, int len_outbuf, - files_struct *fsp, SMB_OFF_T startpos, size_t smb_maxcnt) +static void send_file_readX(connection_struct *conn, struct smb_request *req, + files_struct *fsp, SMB_OFF_T startpos, + size_t smb_maxcnt) { SMB_STRUCT_STAT sbuf; - int outsize = 0; ssize_t nread = -1; - char *data = smb_buf(outbuf); + char *data; + char *inbuf, *outbuf; + int length, len_outbuf; + + if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &len_outbuf)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; + } + + set_message(inbuf, outbuf, 12, 0, True); + + data = smb_buf(outbuf); if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) { - return(UNIXERROR(ERRDOS,ERRnoaccess)); + reply_unixerror(req, ERRDOS, ERRnoaccess); + return; } if (startpos > sbuf.st_size) { @@ -2803,8 +2815,9 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length } DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); - /* Returning -1 here means successful sendfile. */ - return -1; + /* No outbuf here means successful sendfile. */ + TALLOC_FREE(req->outbuf); + return; } DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n", @@ -2814,8 +2827,9 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); - /* Returning -1 here means successful sendfile. */ - return -1; + /* No outbuf here means successful sendfile. */ + TALLOC_FREE(req->outbuf); + return; } #endif @@ -2836,21 +2850,24 @@ normal_read: fsp->fsp_name, strerror(errno) )); exit_server_cleanly("send_file_readX: fake_sendfile failed"); } - return -1; + TALLOC_FREE(req->outbuf); + return; } else { nread = read_file(fsp,data,startpos,smb_maxcnt); if (nread < 0) { - return(UNIXERROR(ERRDOS,ERRnoaccess)); + reply_unixerror(req, ERRDOS, ERRnoaccess); + return; } - outsize = setup_readX_header(inbuf, outbuf,nread); + setup_readX_header(inbuf, outbuf,nread); DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); - /* Returning the number of bytes we want to send back - including header. */ - return outsize; + chain_reply_new(req); + + return; } } @@ -2862,14 +2879,11 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) { files_struct *fsp; SMB_OFF_T startpos; - ssize_t nread = -1; size_t smb_maxcnt; BOOL big_readX = False; #if 0 size_t smb_mincnt = SVAL(req->inbuf,smb_vwv6); #endif - char *inbuf, *outbuf; - int length, bufsize; START_PROFILE(SMBreadX); @@ -2967,28 +2981,7 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) return; } - if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { - reply_nterror(req, NT_STATUS_NO_MEMORY); - END_PROFILE(SMBreadX); - return; - } - - set_message(inbuf,outbuf,12,0,True); - - nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, - startpos, smb_maxcnt); - /* Only call chain_reply if not an error. */ - if (nread != -1 && SVAL(outbuf,smb_rcls) == 0) { - nread = chain_reply(inbuf,&outbuf,length,bufsize); - } - - if (nread == -1) { - /* - * Can't use reply_post_legacy here, setup_readX_header has - * set up its (potentially LARGE) size itself already. - */ - TALLOC_FREE(req->outbuf); - } + send_file_readX(conn, req, fsp, startpos, smb_maxcnt); END_PROFILE(SMBreadX); return; -- cgit From 6dcf0c64cfcf905e55e46b423d8e153918da862c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 12 Aug 2007 11:22:26 +0000 Subject: r24347: fake_sendfile does not need Inbuf/Outbuf In the future, we might put the new Linux splice(2) syscall here. This should also work for reply_write, but getting that in is a bit trickier. We need to decide very early before fetching the whole buffer that we have a write call. (This used to be commit 32921c878a7f60251a9217173951065784077077) --- source3/smbd/reply.c | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 93e2aaf0be..9119ec1e0b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2333,9 +2333,22 @@ static void fail_readraw(void) Fake (read/write) sendfile. Returns -1 on read or write fail. ****************************************************************************/ -static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread, char *buf, size_t bufsize) +static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, + size_t nread) { + size_t bufsize; size_t tosend = nread; + char *buf; + + if (nread == 0) { + return 0; + } + + bufsize = MIN(nread, 65536); + + if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) { + return -1; + } while (tosend > 0) { ssize_t ret; @@ -2348,6 +2361,7 @@ static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread } ret = read_file(fsp,buf,startpos,cur_read); if (ret == -1) { + SAFE_FREE(buf); return -1; } @@ -2357,12 +2371,14 @@ static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread } if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) { + SAFE_FREE(buf); return -1; } tosend -= cur_read; startpos += cur_read; } + SAFE_FREE(buf); return (ssize_t)nread; } @@ -2408,7 +2424,7 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st set_use_sendfile(SNUM(conn), False); DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n")); - if (fake_sendfile(fsp, startpos, nread, outbuf + 4, out_buffsize - 4) == -1) { + if (fake_sendfile(fsp, startpos, nread) == -1) { DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n", fsp->fsp_name, strerror(errno) )); exit_server_cleanly("send_file_readbraw fake_sendfile failed"); @@ -2806,9 +2822,9 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, /* Ensure we don't do this again. */ set_use_sendfile(SNUM(conn), False); DEBUG(0,("send_file_readX: sendfile not available. Faking..\n")); - - if ((nread = fake_sendfile(fsp, startpos, smb_maxcnt, data, - len_outbuf - (data-outbuf))) == -1) { + nread = fake_sendfile(fsp, startpos, + smb_maxcnt); + if (nread == -1) { DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n", fsp->fsp_name, strerror(errno) )); exit_server_cleanly("send_file_readX: fake_sendfile failed"); @@ -2844,8 +2860,8 @@ normal_read: fsp->fsp_name, strerror(errno) )); exit_server_cleanly("send_file_readX sendfile failed"); } - if ((nread = fake_sendfile(fsp, startpos, smb_maxcnt, data, - len_outbuf - (data-outbuf))) == -1) { + nread = fake_sendfile(fsp, startpos, smb_maxcnt); + if (nread == -1) { DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n", fsp->fsp_name, strerror(errno) )); exit_server_cleanly("send_file_readX: fake_sendfile failed"); -- cgit From a0ad547ccbf5316862bd8f7b8ae9e76c4386b62c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 12 Aug 2007 11:40:27 +0000 Subject: r24348: Do not use inbuf/outbuf in the sendfile path of read_and_X (This used to be commit 595ea708ee8c9b6f86648dfdb5ff5a3feafe1f07) --- source3/smbd/reply.c | 36 +++++++++++++++++++----------------- 1 file changed, 19 insertions(+), 17 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9119ec1e0b..1698a0e7b1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2731,7 +2731,10 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", static int setup_readX_header(char *inbuf, char *outbuf, size_t smb_maxcnt) { int outsize; - char *data = smb_buf(outbuf); + char *data; + + outsize = set_message(inbuf, outbuf,12,smb_maxcnt,False); + data = smb_buf(outbuf); SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ SSVAL(outbuf,smb_vwv5,smb_maxcnt); @@ -2739,7 +2742,6 @@ static int setup_readX_header(char *inbuf, char *outbuf, size_t smb_maxcnt) SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16)); SSVAL(smb_buf(outbuf),-2,smb_maxcnt); SCVAL(outbuf,smb_vwv0,0xFF); - outsize = set_message(inbuf, outbuf,12,smb_maxcnt,False); /* Reset the outgoing length, set_message truncates at 0x1FFFF. */ _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4)); return outsize; @@ -2759,15 +2761,6 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, char *inbuf, *outbuf; int length, len_outbuf; - if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &len_outbuf)) { - reply_nterror(req, NT_STATUS_NO_MEMORY); - return; - } - - set_message(inbuf, outbuf, 12, 0, True); - - data = smb_buf(outbuf); - if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) { reply_unixerror(req, ERRDOS, ERRnoaccess); return; @@ -2790,8 +2783,9 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, * on a train in Germany :-). JRA. */ - if ((chain_size == 0) && (CVAL(inbuf,smb_vwv0) == 0xFF) && + if ((chain_size == 0) && (CVAL(req->inbuf,smb_vwv0) == 0xFF) && lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) { + char headerbuf[smb_size + 12 * 2]; DATA_BLOB header; /* @@ -2800,11 +2794,10 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, * correct amount of data). */ - setup_readX_header(inbuf,outbuf,smb_maxcnt); - set_message(inbuf,outbuf,12,smb_maxcnt,False); - header.data = (uint8 *)outbuf; - header.length = data - outbuf; - header.free = NULL; + header = data_blob_const(headerbuf, sizeof(headerbuf)); + + construct_reply_common((char *)req->inbuf, headerbuf); + setup_readX_header((char *)req->inbuf, headerbuf, smb_maxcnt); if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) { /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ @@ -2852,6 +2845,15 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, normal_read: + if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &len_outbuf)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; + } + + set_message(inbuf, outbuf, 12, 0, True); + + data = smb_buf(outbuf); + if ((smb_maxcnt & 0xFF0000) > 0x10000) { int sendlen = setup_readX_header(inbuf,outbuf,smb_maxcnt) - smb_maxcnt; /* Send out the header. */ -- cgit From 5d39acf2f8cdee9e70a470a638909db7ceb219b2 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 12 Aug 2007 12:57:56 +0000 Subject: r24351: Remove reply_prep_legacy from reply_read_and_X (This used to be commit 8f3e3a21008a2cb6ed73d8629aaf1fa565f19e79) --- source3/smbd/reply.c | 37 +++++++++++++++++-------------------- 1 file changed, 17 insertions(+), 20 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1698a0e7b1..bf09180529 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2728,12 +2728,14 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", Setup readX header. ****************************************************************************/ -static int setup_readX_header(char *inbuf, char *outbuf, size_t smb_maxcnt) +static int setup_readX_header(const uint8 *inbuf, uint8 *outbuf, + size_t smb_maxcnt) { int outsize; char *data; - outsize = set_message(inbuf, outbuf,12,smb_maxcnt,False); + outsize = set_message((char *)inbuf, (char *)outbuf,12,smb_maxcnt, + False); data = smb_buf(outbuf); SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ @@ -2757,9 +2759,6 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, { SMB_STRUCT_STAT sbuf; ssize_t nread = -1; - char *data; - char *inbuf, *outbuf; - int length, len_outbuf; if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) { reply_unixerror(req, ERRDOS, ERRnoaccess); @@ -2785,7 +2784,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, if ((chain_size == 0) && (CVAL(req->inbuf,smb_vwv0) == 0xFF) && lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) { - char headerbuf[smb_size + 12 * 2]; + uint8 headerbuf[smb_size + 12 * 2]; DATA_BLOB header; /* @@ -2796,8 +2795,8 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, header = data_blob_const(headerbuf, sizeof(headerbuf)); - construct_reply_common((char *)req->inbuf, headerbuf); - setup_readX_header((char *)req->inbuf, headerbuf, smb_maxcnt); + construct_reply_common((char *)req->inbuf, (char *)headerbuf); + setup_readX_header(req->inbuf, headerbuf, smb_maxcnt); if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) { /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ @@ -2845,19 +2844,15 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, normal_read: - if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &len_outbuf)) { - reply_nterror(req, NT_STATUS_NO_MEMORY); - return; - } - - set_message(inbuf, outbuf, 12, 0, True); + if ((smb_maxcnt & 0xFF0000) > 0x10000) { + uint8 headerbuf[smb_size + 2*12]; - data = smb_buf(outbuf); + construct_reply_common((char *)req->inbuf, (char *)headerbuf); + setup_readX_header(req->inbuf, headerbuf, smb_maxcnt); - if ((smb_maxcnt & 0xFF0000) > 0x10000) { - int sendlen = setup_readX_header(inbuf,outbuf,smb_maxcnt) - smb_maxcnt; /* Send out the header. */ - if (write_data(smbd_server_fd(),outbuf,sendlen) != sendlen) { + if (write_data(smbd_server_fd(), (char *)headerbuf, + sizeof(headerbuf)) != sizeof(headerbuf)) { DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n", fsp->fsp_name, strerror(errno) )); exit_server_cleanly("send_file_readX sendfile failed"); @@ -2871,14 +2866,16 @@ normal_read: TALLOC_FREE(req->outbuf); return; } else { - nread = read_file(fsp,data,startpos,smb_maxcnt); + reply_outbuf(req, 12, smb_maxcnt); + nread = read_file(fsp, smb_buf(req->outbuf), startpos, + smb_maxcnt); if (nread < 0) { reply_unixerror(req, ERRDOS, ERRnoaccess); return; } - setup_readX_header(inbuf, outbuf,nread); + setup_readX_header(req->inbuf, req->outbuf, nread); DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); -- cgit From 5af3e2d613f55ab7289b85d22a0e9fa115de4549 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 13 Aug 2007 07:20:19 +0000 Subject: r24355: move reply_outbuf() to the place where it's used metze (This used to be commit c7ed550483233851d395edb4b8443b3296b45fb7) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bf09180529..26ddde7a65 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3435,7 +3435,6 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) } nwritten = write_file(fsp,data,startpos,numtowrite); - reply_outbuf(req, 6, 0); } if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { @@ -3444,6 +3443,7 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) return; } + reply_outbuf(req, 6, 0); SSVAL(req->outbuf,smb_vwv2,nwritten); if (large_writeX) SSVAL(req->outbuf,smb_vwv4,(nwritten>>16)&1); -- cgit From 89dfa3883f0f4766af33f880a331512ec6970a7d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 13 Aug 2007 19:58:28 +0000 Subject: r24383: Convert call_nt_transact_ioctl to the new API (This used to be commit 8e6485e0782e9ab31b07dd9f662bd845f58faf4a) --- source3/smbd/reply.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 26ddde7a65..ea86cd03d8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -311,6 +311,22 @@ BOOL check_fsp(connection_struct *conn, struct smb_request *req, return True; } +/**************************************************************************** + Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro +****************************************************************************/ + +BOOL fsp_belongs_conn(connection_struct *conn, struct smb_request *req, + files_struct *fsp, struct current_user *user) +{ + if ((fsp) && (conn) && ((conn)==(fsp)->conn) + && (current_user.vuid==(fsp)->vuid)) { + return True; + } + + reply_nterror(req, NT_STATUS_INVALID_HANDLE); + return False; +} + /**************************************************************************** Reply to a (netbios-level) special message. ****************************************************************************/ -- cgit From 5cc0a6b43c32f2a118c0b7995a74c99ccca6ca64 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 13 Aug 2007 20:29:24 +0000 Subject: r24386: Piss off Volker (not deliberately) by checking in a reply_mknew -> conversion. Sorry vl, remove one of your 15 patches :-). Jeremy. (This used to be commit a7648ed9d40d6f61362e1488dc30216363870694) --- source3/smbd/reply.c | 84 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 52 insertions(+), 32 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ea86cd03d8..48b100764a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1750,61 +1750,76 @@ void reply_ulogoffX(connection_struct *conn, struct smb_request *req) Reply to a mknew or a create. ****************************************************************************/ -int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_mknew(connection_struct *conn, struct smb_request *req) { pstring fname; int com; - int outsize = 0; - uint32 fattr = SVAL(inbuf,smb_vwv0); + uint32 fattr = 0; struct timespec ts[2]; files_struct *fsp; - int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + int oplock_request = 0; SMB_STRUCT_STAT sbuf; NTSTATUS status; uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE; uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE; uint32 create_disposition; uint32 create_options = 0; - struct smb_request req; START_PROFILE(SMBcreate); - init_smb_request(&req, (uint8 *)inbuf); - - com = SVAL(inbuf,smb_com); + if (req->wct < 3) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBcreate); + return; + } - ts[1] = convert_time_t_to_timespec(srv_make_unix_date3(inbuf + smb_vwv1)); /* mtime. */ + fattr = SVAL(req->inbuf,smb_vwv0); + oplock_request = CORE_OPLOCK_REQUEST(req->inbuf); + com = SVAL(req->inbuf,smb_com); - srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf) + 1, - sizeof(fname), 0, STR_TERMINATE, &status); + ts[1] =convert_time_t_to_timespec( + srv_make_unix_date3(req->inbuf + smb_vwv1)); + /* mtime. */ + + srvstr_get_path((char *)req->inbuf, req->flags2, fname, + smb_buf(req->inbuf) + 1, sizeof(fname), 0, + STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBcreate); - return ERROR_NT(status); + return; } - status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname); + status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, + fname); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + return; } status = unix_convert(conn, fname, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBcreate); - return ERROR_NT(status); + return; } status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBcreate); - return ERROR_NT(status); + return; } if (fattr & aVOLID) { - DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname)); + DEBUG(0,("Attempt to create file (%s) with volid set - " + "please report this\n", fname)); } if(com == SMBmknew) { @@ -1816,7 +1831,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, } /* Open file using ntcreate. */ - status = open_file_ntcreate(conn, &req, fname, &sbuf, + status = open_file_ntcreate(conn, req, fname, &sbuf, access_mask, share_mode, create_disposition, @@ -1824,35 +1839,40 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, fattr, oplock_request, NULL, &fsp); - + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); - if (open_was_deferred(SVAL(inbuf,smb_mid))) { + if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ - return -1; + return; } - return ERROR_NT(status); + reply_nterror(req, status); + return; } - + ts[0] = get_atimespec(&sbuf); /* atime. */ file_ntimes(conn, fname, ts); - outsize = set_message(inbuf,outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,fsp->fnum); + reply_outbuf(req, 1, 0); + + SSVAL(req->outbuf,smb_vwv0,fsp->fnum); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + SCVAL(req->outbuf,smb_flg, + CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } - + if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + SCVAL(req->outbuf,smb_flg, + CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } - + DEBUG( 2, ( "reply_mknew: file %s\n", fname ) ); - DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n", fname, fsp->fh->fd, (unsigned int)fattr ) ); + DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n", + fname, fsp->fh->fd, (unsigned int)fattr ) ); END_PROFILE(SMBcreate); - return(outsize); + return; } /**************************************************************************** -- cgit From d701a47c736b058af9308cfb031b9862948c86a9 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 14 Aug 2007 01:45:26 +0000 Subject: r24387: Convert readbraw to the new api. Volker, keep checking in your patches please :-). I'll work on SMBreadBmpx tomorrow. Jeremy. (This used to be commit 27e183afa8d23dca6aada1f3810dc53aa8c55ccd) --- source3/smbd/reply.c | 177 +++++++++++++++++++++++++++++++++++---------------- 1 file changed, 121 insertions(+), 56 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 48b100764a..43e702803f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -288,6 +288,7 @@ size_t srvstr_get_path(const char *inbuf, uint16 smb_flags2, char *dest, Check if we have a correct fsp pointing to a file. Replacement for the CHECK_FSP macro. ****************************************************************************/ + BOOL check_fsp(connection_struct *conn, struct smb_request *req, files_struct *fsp, struct current_user *user) { @@ -2418,13 +2419,30 @@ static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, return (ssize_t)nread; } +/**************************************************************************** + Return a readbraw error (4 bytes of zero). +****************************************************************************/ + +static void reply_readbraw_error(void) +{ + char header[4]; + SIVAL(header,0,0); + if (write_data(smbd_server_fd(),header,4) != 4) { + fail_readraw(); + } +} + /**************************************************************************** Use sendfile in readbraw. ****************************************************************************/ -void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T startpos, size_t nread, - ssize_t mincount, char *outbuf, int out_buffsize) +void send_file_readbraw(connection_struct *conn, + files_struct *fsp, + SMB_OFF_T startpos, + size_t nread, + ssize_t mincount) { + char *outbuf = NULL; ssize_t ret=0; #if defined(WITH_SENDFILE) @@ -2437,15 +2455,18 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st if ( (chain_size == 0) && (nread > 0) && (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) { - DATA_BLOB header; - - _smb_setlen(outbuf,nread); - header.data = (uint8 *)outbuf; - header.length = 4; - header.free = NULL; - - if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, nread) == -1) { - /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ + char header[4]; + DATA_BLOB header_blob; + + _smb_setlen(header,nread); + header_blob.data = (uint8 *)header; + header_blob.length = 4; + header_blob.free = NULL; + + if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, + &header_blob, startpos, nread) == -1) { + /* Returning ENOSYS means no data at all was sent. + * Do this as a normal read. */ if (errno == ENOSYS) { goto normal_readbraw; } @@ -2479,6 +2500,14 @@ void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T st normal_readbraw: + outbuf = TALLOC_ARRAY(NULL, char, nread+4); + if (!outbuf) { + DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n", + nread+4)); + reply_readbraw_error(); + return; + } + if (nread > 0) { ret = read_file(fsp,outbuf+4,startpos,nread); #if 0 /* mincount appears to be ignored in a W2K server. JRA. */ @@ -2493,23 +2522,34 @@ normal_readbraw: _smb_setlen(outbuf,ret); if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret) fail_readraw(); + + TALLOC_FREE(outbuf); } /**************************************************************************** Reply to a readbraw (core+ protocol). ****************************************************************************/ -int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int out_buffsize) +void reply_readbraw(connection_struct *conn, struct smb_request *req) { ssize_t maxcount,mincount; size_t nread = 0; SMB_OFF_T startpos; - char *header = outbuf; files_struct *fsp; + SMB_STRUCT_STAT st; + SMB_OFF_T size = 0; + START_PROFILE(SMBreadbraw); if (srv_is_signing_active()) { - exit_server_cleanly("reply_readbraw: SMB signing is active - raw reads/writes are disallowed."); + exit_server_cleanly("reply_readbraw: SMB signing is active - " + "raw reads/writes are disallowed."); + } + + if (req->wct < 8) { + reply_readbraw_error(); + END_PROFILE(SMBreadbraw); + return; } /* @@ -2518,32 +2558,49 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s * return a zero length response here. */ - fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - if (!FNUM_OK(fsp,conn) || !fsp->can_read) { + /* + * We have to do a check_fsp by hand here, as + * we must always return 4 zero bytes on error, + * not a NTSTATUS. + */ + + if (!fsp || !conn || conn != fsp->conn || + current_user.vuid != fsp->vuid || + fsp->is_directory || fsp->fh->fd == -1) { /* * fsp could be NULL here so use the value from the packet. JRA. */ - DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0))); - _smb_setlen(header,0); - if (write_data(smbd_server_fd(),header,4) != 4) - fail_readraw(); + DEBUG(3,("reply_readbraw: fnum %d not valid " + "- cache prime?\n", + (int)SVAL(req->inbuf,smb_vwv0))); + reply_readbraw_error(); END_PROFILE(SMBreadbraw); - return(-1); + return; } - CHECK_FSP(fsp,conn); + /* Do a "by hand" version of CHECK_READ. */ + if (!(fsp->can_read || + ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) && + (fsp->access_mask & FILE_EXECUTE)))) { + DEBUG(3,("reply_readbraw: fnum %d not readable.\n", + (int)SVAL(req->inbuf,smb_vwv0))); + reply_readbraw_error(); + END_PROFILE(SMBreadbraw); + return; + } flush_write_cache(fsp, READRAW_FLUSH); - startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1); - if(CVAL(inbuf,smb_wct) == 10) { + startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv1); + if(CVAL(req->inbuf,smb_wct) == 10) { /* * This is a large offset (64 bit) read. */ #ifdef LARGE_SMB_OFF_T - startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv8)) << 32); + startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv8)) << 32); #else /* !LARGE_SMB_OFF_T */ @@ -2551,46 +2608,51 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s * Ensure we haven't been sent a >32 bit offset. */ - if(IVAL(inbuf,smb_vwv8) != 0) { - DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \ -64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) )); - _smb_setlen(header,0); - if (write_data(smbd_server_fd(),header,4) != 4) - fail_readraw(); + if(IVAL(req->inbuf,smb_vwv8) != 0) { + DEBUG(0,("reply_readbraw: large offset " + "(%x << 32) used and we don't support " + "64 bit offsets.\n", + (unsigned int)IVAL(req->inbuf,smb_vwv8) )); + reply_readbraw_error(); END_PROFILE(SMBreadbraw); - return(-1); + return; } #endif /* LARGE_SMB_OFF_T */ if(startpos < 0) { - DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", (double)startpos )); - _smb_setlen(header,0); - if (write_data(smbd_server_fd(),header,4) != 4) - fail_readraw(); + DEBUG(0,("reply_readbraw: negative 64 bit " + "readraw offset (%.0f) !\n", + (double)startpos )); + reply_readbraw_error(); END_PROFILE(SMBreadbraw); - return(-1); + return; } } - maxcount = (SVAL(inbuf,smb_vwv3) & 0xFFFF); - mincount = (SVAL(inbuf,smb_vwv4) & 0xFFFF); + + maxcount = (SVAL(req->inbuf,smb_vwv3) & 0xFFFF); + mincount = (SVAL(req->inbuf,smb_vwv4) & 0xFFFF); /* ensure we don't overrun the packet size */ maxcount = MIN(65535,maxcount); - if (!is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { - SMB_STRUCT_STAT st; - SMB_OFF_T size = 0; - - if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) { - size = st.st_size; - } + if (is_locked(fsp,(uint32)req->smbpid, + (SMB_BIG_UINT)maxcount, + (SMB_BIG_UINT)startpos, + READ_LOCK)) { + reply_readbraw_error(); + END_PROFILE(SMBreadbraw); + return; + } - if (startpos >= size) { - nread = 0; - } else { - nread = MIN(maxcount,(size - startpos)); - } + if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) { + size = st.st_size; + } + + if (startpos >= size) { + nread = 0; + } else { + nread = MIN(maxcount,(size - startpos)); } #if 0 /* mincount appears to be ignored in a W2K server. JRA. */ @@ -2598,14 +2660,17 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s nread = 0; #endif - DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%lu min=%lu nread=%lu\n", fsp->fnum, (double)startpos, - (unsigned long)maxcount, (unsigned long)mincount, (unsigned long)nread ) ); + DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu " + "min=%lu nread=%lu\n", + fsp->fnum, (double)startpos, + (unsigned long)maxcount, + (unsigned long)mincount, + (unsigned long)nread ) ); - send_file_readbraw(conn, fsp, startpos, nread, mincount, outbuf, out_buffsize); + send_file_readbraw(conn, fsp, startpos, nread, mincount); - DEBUG(5,("readbraw finished\n")); + DEBUG(5,("reply_readbraw finished\n")); END_PROFILE(SMBreadbraw); - return -1; } #undef DBGC_CLASS -- cgit From 3038f27a5916b650b024e60bf9ff3decd7378505 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 06:18:55 +0000 Subject: r24392: Minor simplifications (This used to be commit 96a943587418e07019974b45c368e749a5ef82c2) --- source3/smbd/reply.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 43e702803f..826306c883 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2459,9 +2459,7 @@ void send_file_readbraw(connection_struct *conn, DATA_BLOB header_blob; _smb_setlen(header,nread); - header_blob.data = (uint8 *)header; - header_blob.length = 4; - header_blob.free = NULL; + header_blob = data_blob_const(header, 4); if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header_blob, startpos, nread) == -1) { @@ -2594,7 +2592,7 @@ void reply_readbraw(connection_struct *conn, struct smb_request *req) flush_write_cache(fsp, READRAW_FLUSH); startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv1); - if(CVAL(req->inbuf,smb_wct) == 10) { + if(req->wct == 10) { /* * This is a large offset (64 bit) read. */ -- cgit From df6edb0d3cc739dedd5edbc5398535923df5df92 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 08:29:36 +0000 Subject: r24402: Fix a 64-bit warning (This used to be commit 73d99d6f9a5554d957ae737ff617b6a2e88b52bc) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 826306c883..d42d6399fb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2501,7 +2501,7 @@ normal_readbraw: outbuf = TALLOC_ARRAY(NULL, char, nread+4); if (!outbuf) { DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n", - nread+4)); + (unsigned)(nread+4))); reply_readbraw_error(); return; } -- cgit From 439d6020e9b1994ad8e9b4080ba73dde6da93037 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 10:27:27 +0000 Subject: r24405: Check wct in reply_lockingX (This used to be commit c4972632f8b41c87a4c0fdfc6c98515c42eafda5) --- source3/smbd/reply.c | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d42d6399fb..a9af46bb69 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5773,23 +5773,34 @@ SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_forma int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize) { - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv2)); - unsigned char locktype = CVAL(inbuf,smb_vwv3); - unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1); - uint16 num_ulocks = SVAL(inbuf,smb_vwv6); - uint16 num_locks = SVAL(inbuf,smb_vwv7); + files_struct *fsp; + unsigned char locktype; + unsigned char oplocklevel; + uint16 num_ulocks; + uint16 num_locks; SMB_BIG_UINT count = 0, offset = 0; uint32 lock_pid; - int32 lock_timeout = IVAL(inbuf,smb_vwv4); + int32 lock_timeout; int i; char *data; - BOOL large_file_format = - (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; + BOOL large_file_format; BOOL err; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; START_PROFILE(SMBlockingX); + + if (CVAL(inbuf, smb_wct) < 8) { + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + } + fsp = file_fsp(SVAL(inbuf,smb_vwv2)); + locktype = CVAL(inbuf,smb_vwv3); + oplocklevel = CVAL(inbuf,smb_vwv3+1); + num_ulocks = SVAL(inbuf,smb_vwv6); + num_locks = SVAL(inbuf,smb_vwv7); + lock_timeout = IVAL(inbuf,smb_vwv4); + large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; + CHECK_FSP(fsp,conn); data = smb_buf(inbuf); -- cgit From 29df25351df5ce5987334318e7f3507aa01c7ebe Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 10:47:47 +0000 Subject: r24406: Push reply_prep_legacy into reply_lockingX (This used to be commit bce87ebdc00b9086dcdcc55442b57b92345971ac) --- source3/smbd/reply.c | 65 ++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 48 insertions(+), 17 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a9af46bb69..c5dd5a6dbf 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5770,8 +5770,7 @@ SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_forma Reply to a lockingX request. ****************************************************************************/ -int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, - int length, int bufsize) +void reply_lockingX(connection_struct *conn, struct smb_request *req) { files_struct *fsp; unsigned char locktype; @@ -5787,10 +5786,21 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, BOOL err; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; + char *inbuf, *outbuf; + int length, bufsize; + START_PROFILE(SMBlockingX); + if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBlockingX); + return; + } + if (CVAL(inbuf, smb_wct) < 8) { - return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBlockingX); + return; } fsp = file_fsp(SVAL(inbuf,smb_vwv2)); @@ -5801,7 +5811,9 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, lock_timeout = IVAL(inbuf,smb_vwv4); large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; - CHECK_FSP(fsp,conn); + if (!check_fsp(conn, req, fsp, ¤t_user)) { + return; + } data = smb_buf(inbuf); @@ -5809,7 +5821,9 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, /* we don't support these - and CANCEL_LOCK makes w2k and XP reboot so I don't really want to be compatible! (tridge) */ - return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks)); + reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks)); + END_PROFILE(SMBlockingX); + return; } /* Check if this is an oplock break on a file @@ -5846,10 +5860,12 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, * send a reply */ if (num_locks == 0 && num_ulocks == 0) { END_PROFILE(SMBlockingX); - return -1; + reply_post_legacy(req, -1); + return; } else { END_PROFILE(SMBlockingX); - return ERROR_DOS(ERRDOS,ERRlock); + reply_doserror(req, ERRDOS, ERRlock); + return; } } @@ -5879,7 +5895,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, "break is a chained %d request !\n", (unsigned int)CVAL(inbuf,smb_vwv0) )); END_PROFILE(SMBlockingX); - return -1; + reply_post_legacy(req, -1); + return; } } @@ -5902,7 +5919,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, */ if(err) { END_PROFILE(SMBlockingX); - return ERROR_DOS(ERRDOS,ERRnoaccess); + reply_doserror(req, ERRDOS, ERRnoaccess); + return; } DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for " @@ -5918,7 +5936,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, if (NT_STATUS_V(status)) { END_PROFILE(SMBlockingX); - return ERROR_NT(status); + reply_nterror(req, status); + return; } } @@ -5946,7 +5965,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, */ if(err) { END_PROFILE(SMBlockingX); - return ERROR_DOS(ERRDOS,ERRnoaccess); + reply_doserror(req, ERRDOS, ERRnoaccess); + return; } DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid " @@ -5969,7 +5989,12 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, locktype, NT_STATUS_FILE_LOCK_CONFLICT)) { END_PROFILE(SMBlockingX); - return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRcancelviolation)); + reply_nterror( + req, + NT_STATUS_DOS( + ERRDOS, + ERRcancelviolation)); + return; } } /* Remove a matching pending lock. */ @@ -6034,7 +6059,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, block_smbpid)) { TALLOC_FREE(br_lck); END_PROFILE(SMBlockingX); - return -1; + reply_post_legacy(req, -1); + return; } } @@ -6043,7 +6069,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, if (NT_STATUS_V(status)) { END_PROFILE(SMBlockingX); - return ERROR_NT(status); + reply_nterror(req, status); + return; } } @@ -6070,7 +6097,8 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, */ if(err) { END_PROFILE(SMBlockingX); - return ERROR_DOS(ERRDOS,ERRnoaccess); + reply_doserror(req, ERRDOS, ERRnoaccess); + return; } do_unlock(smbd_messaging_context(), @@ -6081,16 +6109,19 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, WINDOWS_LOCK); } END_PROFILE(SMBlockingX); - return ERROR_NT(status); + reply_nterror(req, status); + return; } set_message(inbuf,outbuf,2,0,True); + + reply_post_legacy(req, smb_len(outbuf)+4); DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks)); END_PROFILE(SMBlockingX); - return chain_reply(inbuf,&outbuf,length,bufsize); + chain_reply_new(req); } #undef DBGC_CLASS -- cgit From ec5b2a718192f5d5a26c44ff9c6714515d42ea47 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 13:38:14 +0000 Subject: r24408: Remove reply_prep_legacy from reply_lockingX (This used to be commit e0db5fd11bd5e0a3aca801a14509fddd6a625a84) --- source3/smbd/reply.c | 46 ++++++++++++++++++++++------------------------ 1 file changed, 22 insertions(+), 24 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c5dd5a6dbf..4a8ecb86e9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5786,36 +5786,28 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) BOOL err; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - char *inbuf, *outbuf; - int length, bufsize; - START_PROFILE(SMBlockingX); - if (!reply_prep_legacy(req, &inbuf, &outbuf, &length, &bufsize)) { - reply_nterror(req, NT_STATUS_NO_MEMORY); - END_PROFILE(SMBlockingX); - return; - } - - if (CVAL(inbuf, smb_wct) < 8) { + if (req->wct < 8) { reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBlockingX); return; } - fsp = file_fsp(SVAL(inbuf,smb_vwv2)); - locktype = CVAL(inbuf,smb_vwv3); - oplocklevel = CVAL(inbuf,smb_vwv3+1); - num_ulocks = SVAL(inbuf,smb_vwv6); - num_locks = SVAL(inbuf,smb_vwv7); - lock_timeout = IVAL(inbuf,smb_vwv4); + fsp = file_fsp(SVAL(req->inbuf,smb_vwv2)); + locktype = CVAL(req->inbuf,smb_vwv3); + oplocklevel = CVAL(req->inbuf,smb_vwv3+1); + num_ulocks = SVAL(req->inbuf,smb_vwv6); + num_locks = SVAL(req->inbuf,smb_vwv7); + lock_timeout = IVAL(req->inbuf,smb_vwv4); large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; if (!check_fsp(conn, req, fsp, ¤t_user)) { + END_PROFILE(SMBlockingX); return; } - data = smb_buf(inbuf); + data = smb_buf(req->inbuf); if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) { /* we don't support these - and CANCEL_LOCK makes w2k @@ -5890,12 +5882,12 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) if (num_locks == 0 && num_ulocks == 0) { /* Sanity check - ensure a pure oplock break is not a chained request. */ - if(CVAL(inbuf,smb_vwv0) != 0xff) + if(CVAL(req->inbuf,smb_vwv0) != 0xff) DEBUG(0,("reply_lockingX: Error : pure oplock " "break is a chained %d request !\n", - (unsigned int)CVAL(inbuf,smb_vwv0) )); + (unsigned int)CVAL(req->inbuf, + smb_vwv0) )); END_PROFILE(SMBlockingX); - reply_post_legacy(req, -1); return; } } @@ -5906,6 +5898,13 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) */ release_level_2_oplocks_on_change(fsp); + + if (smb_buflen(req->inbuf) < + (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBlockingX); + return; + } /* Data now points at the beginning of the list of smb_unlkrng structs */ @@ -6047,7 +6046,8 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) * onto the blocking lock queue. */ if(push_blocking_lock_request(br_lck, - inbuf, length, + (char *)req->inbuf, + smb_len(req->inbuf)+4, fsp, lock_timeout, i, @@ -6113,9 +6113,7 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) return; } - set_message(inbuf,outbuf,2,0,True); - - reply_post_legacy(req, smb_len(outbuf)+4); + reply_outbuf(req, 2, 0); DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks)); -- cgit From a12e7ef30a45c155c0f211d02445ef0ad46acde0 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 13:57:36 +0000 Subject: r24409: Check wct in reply_open (This used to be commit ee6f212ed0b332e6886056e6d254d0c0da7c5046) --- source3/smbd/reply.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4a8ecb86e9..6acee164c6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1402,9 +1402,9 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int info; SMB_STRUCT_STAT sbuf; files_struct *fsp; - int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + int oplock_request; int deny_mode; - uint32 dos_attr = SVAL(inbuf,smb_vwv1); + uint32 dos_attr; uint32 access_mask; uint32 share_mode; uint32 create_disposition; @@ -1415,8 +1415,14 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, START_PROFILE(SMBopen); init_smb_request(&req, (uint8 *)inbuf); + + if (req.wct < 2) { + return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + } + oplock_request = CORE_OPLOCK_REQUEST(inbuf); deny_mode = SVAL(inbuf,smb_vwv0); + dos_attr = SVAL(inbuf,smb_vwv1); srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status); -- cgit From 2da44a2dee1ad425a25f9a188896ce031356630c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 14:31:55 +0000 Subject: r24412: Convert reply_open to the new API (This used to be commit 394987f5224086cb379ea8d0364924679b8a0214) --- source3/smbd/reply.c | 87 ++++++++++++++++++++++++++++++---------------------- 1 file changed, 50 insertions(+), 37 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 6acee164c6..40b9630ecf 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1392,10 +1392,9 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size Reply to an open. ****************************************************************************/ -int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_open(connection_struct *conn, struct smb_request *req) { pstring fname; - int outsize = 0; uint32 fattr=0; SMB_OFF_T size = 0; time_t mtime=0; @@ -1410,55 +1409,64 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, uint32 create_disposition; uint32 create_options = 0; NTSTATUS status; - struct smb_request req; START_PROFILE(SMBopen); - init_smb_request(&req, (uint8 *)inbuf); - - if (req.wct < 2) { - return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + if (req->wct < 2) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBopen); + return; } - oplock_request = CORE_OPLOCK_REQUEST(inbuf); - deny_mode = SVAL(inbuf,smb_vwv0); - dos_attr = SVAL(inbuf,smb_vwv1); + oplock_request = CORE_OPLOCK_REQUEST(req->inbuf); + deny_mode = SVAL(req->inbuf,smb_vwv0); + dos_attr = SVAL(req->inbuf,smb_vwv1); - srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1, - sizeof(fname), 0, STR_TERMINATE, &status); + srvstr_get_path((char *)req->inbuf, req->flags2, fname, + smb_buf(req->inbuf)+1, sizeof(fname), 0, + STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBopen); - return ERROR_NT(status); + return; } - status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname); + status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, + fname); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBopen); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + END_PROFILE(SMBopen); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBopen); + return; } status = unix_convert(conn, fname, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBopen); - return ERROR_NT(status); + return; } status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBopen); - return ERROR_NT(status); + return; } if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask, &share_mode, &create_disposition, &create_options)) { + reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess)); END_PROFILE(SMBopen); - return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess)); + return; } - status = open_file_ntcreate(conn, &req, fname, &sbuf, + status = open_file_ntcreate(conn, req, fname, &sbuf, access_mask, share_mode, create_disposition, @@ -1468,12 +1476,14 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, &info, &fsp); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBopen); - if (open_was_deferred(SVAL(inbuf,smb_mid))) { + if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ - return -1; + END_PROFILE(SMBopen); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBopen); + return; } size = sbuf.st_size; @@ -1483,30 +1493,33 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (fattr & aDIR) { DEBUG(3,("attempt to open a directory %s\n",fname)); close_file(fsp,ERROR_CLOSE); + reply_doserror(req, ERRDOS,ERRnoaccess); END_PROFILE(SMBopen); - return ERROR_DOS(ERRDOS,ERRnoaccess); + return; } - - outsize = set_message(inbuf,outbuf,7,0,True); - SSVAL(outbuf,smb_vwv0,fsp->fnum); - SSVAL(outbuf,smb_vwv1,fattr); + + reply_outbuf(req, 7, 0); + SSVAL(req->outbuf,smb_vwv0,fsp->fnum); + SSVAL(req->outbuf,smb_vwv1,fattr); if(lp_dos_filetime_resolution(SNUM(conn)) ) { - srv_put_dos_date3(outbuf,smb_vwv2,mtime & ~1); + srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1); } else { - srv_put_dos_date3(outbuf,smb_vwv2,mtime); + srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime); } - SIVAL(outbuf,smb_vwv4,(uint32)size); - SSVAL(outbuf,smb_vwv6,deny_mode); + SIVAL(req->outbuf,smb_vwv4,(uint32)size); + SSVAL(req->outbuf,smb_vwv6,deny_mode); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + SCVAL(req->outbuf,smb_flg, + CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + SCVAL(req->outbuf,smb_flg, + CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } END_PROFILE(SMBopen); - return(outsize); + return; } /**************************************************************************** -- cgit From 5fe4384cd98237c7e426de8508dfb2b7b29f757f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 14:50:49 +0000 Subject: r24414: Convert reply_mv to the new API (This used to be commit fa341e4840d422cee389c06112e0b2df43a31f45) --- source3/smbd/reply.c | 71 +++++++++++++++++++++++++++++++++------------------- 1 file changed, 45 insertions(+), 26 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 40b9630ecf..a6d06cfa7e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5173,75 +5173,94 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, Reply to a mv. ****************************************************************************/ -int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, - int dum_buffsize) +void reply_mv(connection_struct *conn, struct smb_request *req) { - int outsize = 0; pstring name; pstring newname; char *p; - uint32 attrs = SVAL(inbuf,smb_vwv0); + uint32 attrs; NTSTATUS status; BOOL src_has_wcard = False; BOOL dest_has_wcard = False; - struct smb_request req; START_PROFILE(SMBmv); - init_smb_request(&req, (uint8 *)inbuf); + if (req->wct < 1) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBmv); + return; + } - p = smb_buf(inbuf) + 1; - p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, p, + attrs = SVAL(req->inbuf,smb_vwv0); + + p = smb_buf(req->inbuf) + 1; + p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name, p, sizeof(name), 0, STR_TERMINATE, &status, &src_has_wcard); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBmv); - return ERROR_NT(status); + return; } p++; - p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), newname, p, + p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBmv); - return ERROR_NT(status); + return; } - status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &src_has_wcard); + status = resolve_dfspath_wcard(conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + name, &src_has_wcard); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBmv); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + END_PROFILE(SMBmv); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBmv); + return; } - status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wcard); + status = resolve_dfspath_wcard(conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + newname, &dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBmv); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + END_PROFILE(SMBmv); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBmv); + return; } DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - status = rename_internals(conn, &req, name, newname, attrs, False, + status = rename_internals(conn, req, name, newname, attrs, False, src_has_wcard, dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBmv); - if (open_was_deferred(SVAL(inbuf,smb_mid))) { + if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ - return -1; + END_PROFILE(SMBmv); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBmv); + return; } - outsize = set_message(inbuf,outbuf,0,0,False); + reply_outbuf(req, 0, 0); END_PROFILE(SMBmv); - return(outsize); + return; } /******************************************************************* -- cgit From 73b3ae9c55c5c1b3d20c69ce3571d066556881ed Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 15:09:49 +0000 Subject: r24415: Convert reply_getatr to the new API (This used to be commit 1a08b97a933e25362707cb0d8ba09d733af4cbbf) --- source3/smbd/reply.c | 50 ++++++++++++++++++++++++++++++-------------------- 1 file changed, 30 insertions(+), 20 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a6d06cfa7e..94f1843191 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -886,10 +886,9 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) Reply to a getatr. ****************************************************************************/ -int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_getatr(connection_struct *conn, struct smb_request *req) { pstring fname; - int outsize = 0; SMB_STRUCT_STAT sbuf; int mode=0; SMB_OFF_T size=0; @@ -899,21 +898,27 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBgetatr); - p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, p, + p = smb_buf(req->inbuf) + 1; + p += srvstr_get_path((char *)req->inbuf, req->flags2, fname, p, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBgetatr); - return ERROR_NT(status); + return; } - status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname); + status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, + fname); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBgetatr); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + END_PROFILE(SMBgetatr); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBgetatr); + return; } /* dos smetimes asks for a stat of "" - it returns a "hidden directory" @@ -928,18 +933,22 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } else { status = unix_convert(conn, fname, False, NULL,&sbuf); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBgetatr); - return ERROR_NT(status); + return; } status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status))); + reply_nterror(req, status); END_PROFILE(SMBgetatr); - return ERROR_NT(status); + return; } if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) { DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno))); - return UNIXERROR(ERRDOS,ERRbadfile); + reply_unixerror(req, ERRDOS,ERRbadfile); + END_PROFILE(SMBgetatr); + return; } mode = dos_mode(conn,fname,&sbuf); @@ -949,25 +958,26 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size size = 0; } } - - outsize = set_message(inbuf,outbuf,10,0,True); - SSVAL(outbuf,smb_vwv0,mode); + reply_outbuf(req, 10, 0); + + SSVAL(req->outbuf,smb_vwv0,mode); if(lp_dos_filetime_resolution(SNUM(conn)) ) { - srv_put_dos_date3(outbuf,smb_vwv1,mtime & ~1); + srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1); } else { - srv_put_dos_date3(outbuf,smb_vwv1,mtime); + srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime); } - SIVAL(outbuf,smb_vwv3,(uint32)size); + SIVAL(req->outbuf,smb_vwv3,(uint32)size); if (Protocol >= PROTOCOL_NT1) { - SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME); + SSVAL(req->outbuf, smb_flg2, + SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME); } DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) ); END_PROFILE(SMBgetatr); - return(outsize); + return; } /**************************************************************************** -- cgit From 06ed827edf3fa210aebeea2e1e059fde090159fa Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 15:26:54 +0000 Subject: r24417: Convert reply_setatr to the new API (This used to be commit 56bab5ea4cbcf8e46101053bd68f66691fd737c5) --- source3/smbd/reply.c | 53 +++++++++++++++++++++++++++++++++------------------- 1 file changed, 34 insertions(+), 19 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 94f1843191..864125fd04 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -984,10 +984,9 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) Reply to a setatr. ****************************************************************************/ -int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_setatr(connection_struct *conn, struct smb_request *req) { pstring fname; - int outsize = 0; int mode; time_t mtime; SMB_STRUCT_STAT sbuf; @@ -996,33 +995,46 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBsetatr); - p = smb_buf(inbuf) + 1; - p += srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, p, + if (req->wct < 2) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + return; + } + + p = smb_buf(req->inbuf) + 1; + p += srvstr_get_path((char *)req->inbuf, req->flags2, fname, p, sizeof(fname), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBsetatr); - return ERROR_NT(status); + return; } - status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname); + status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, + fname); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBsetatr); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + END_PROFILE(SMBsetatr); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBsetatr); + return; } status = unix_convert(conn, fname, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBsetatr); - return ERROR_NT(status); + return; } status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBsetatr); - return ERROR_NT(status); + return; } if (fname[0] == '.' && fname[1] == '\0') { @@ -1030,12 +1042,13 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size * Not sure here is the right place to catch this * condition. Might be moved to somewhere else later -- vl */ + reply_nterror(req, NT_STATUS_ACCESS_DENIED); END_PROFILE(SMBsetatr); - return ERROR_NT(NT_STATUS_ACCESS_DENIED); + return; } - mode = SVAL(inbuf,smb_vwv0); - mtime = srv_make_unix_date3(inbuf+smb_vwv1); + mode = SVAL(req->inbuf,smb_vwv0); + mtime = srv_make_unix_date3(req->inbuf+smb_vwv1); if (mode != FILE_ATTRIBUTE_NORMAL) { if (VALID_STAT_OF_DIR(sbuf)) @@ -1044,22 +1057,24 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size mode &= ~aDIR; if (file_set_dosmode(conn,fname,mode,&sbuf,False) != 0) { + reply_unixerror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBsetatr); - return UNIXERROR(ERRDOS, ERRnoaccess); + return; } } if (!set_filetime(conn,fname,convert_time_t_to_timespec(mtime))) { + reply_unixerror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBsetatr); - return UNIXERROR(ERRDOS, ERRnoaccess); + return; } + + reply_outbuf(req, 0, 0); - outsize = set_message(inbuf,outbuf,0,0,False); - DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) ); END_PROFILE(SMBsetatr); - return(outsize); + return; } /**************************************************************************** -- cgit From dee4ab15338841469729c794275eea158079e076 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 15:42:39 +0000 Subject: r24422: Convert reply_ctemp to the new API (This used to be commit 3cc22fd74f0ffc72f4340a963b4eca7178be2192) --- source3/smbd/reply.c | 85 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 52 insertions(+), 33 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 864125fd04..87e3e29a4a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1924,29 +1924,35 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) Reply to a create temporary file. ****************************************************************************/ -int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_ctemp(connection_struct *conn, struct smb_request *req) { pstring fname; - int outsize = 0; - uint32 fattr = SVAL(inbuf,smb_vwv0); + uint32 fattr; files_struct *fsp; - int oplock_request = CORE_OPLOCK_REQUEST(inbuf); + int oplock_request; int tmpfd; SMB_STRUCT_STAT sbuf; - char *p, *s; + char *s; NTSTATUS status; - unsigned int namelen; - struct smb_request req; START_PROFILE(SMBctemp); - init_smb_request(&req, (uint8 *)inbuf); + if (req->wct < 3) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBctemp); + return; + } - srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1, - sizeof(fname), 0, STR_TERMINATE, &status); + fattr = SVAL(req->inbuf,smb_vwv0); + oplock_request = CORE_OPLOCK_REQUEST(req->inbuf); + + srvstr_get_path((char *)req->inbuf, req->flags2, fname, + smb_buf(req->inbuf)+1, sizeof(fname), 0, STR_TERMINATE, + &status); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBctemp); - return ERROR_NT(status); + return; } if (*fname) { pstrcat(fname,"/TMXXXXXX"); @@ -1954,37 +1960,45 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstrcat(fname,"TMXXXXXX"); } - status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname); + status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, + fname); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBctemp); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + END_PROFILE(SMBctemp); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBctemp); + return; } status = unix_convert(conn, fname, False, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBctemp); - return ERROR_NT(status); + return; } status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBctemp); - return ERROR_NT(status); + return; } tmpfd = smb_mkstemp(fname); if (tmpfd == -1) { + reply_unixerror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBctemp); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return; } SMB_VFS_STAT(conn,fname,&sbuf); /* We should fail if file does not exist. */ - status = open_file_ntcreate(conn, &req, fname, &sbuf, + status = open_file_ntcreate(conn, req, fname, &sbuf, FILE_GENERIC_READ | FILE_GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, @@ -1997,16 +2011,18 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, close(tmpfd); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBctemp); - if (open_was_deferred(SVAL(inbuf,smb_mid))) { + if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ - return -1; + END_PROFILE(SMBctemp); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBctemp); + return; } - outsize = set_message(inbuf,outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,fsp->fnum); + reply_outbuf(req, 1, 0); + SSVAL(req->outbuf,smb_vwv0,fsp->fnum); /* the returned filename is relative to the directory */ s = strrchr_m(fname, '/'); @@ -2016,23 +2032,26 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, s++; } - p = smb_buf(outbuf); #if 0 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only thing in the byte section. JRA */ SSVALS(p, 0, -1); /* what is this? not in spec */ #endif - namelen = srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p, s, -1, - STR_ASCII|STR_TERMINATE); - p += namelen; - outsize = set_message_end(inbuf,outbuf, p); + if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE) + == -1) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBctemp); + return; + } if (oplock_request && lp_fake_oplocks(SNUM(conn))) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + SCVAL(req->outbuf, smb_flg, + CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) { - SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); + SCVAL(req->outbuf, smb_flg, + CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) ); @@ -2040,7 +2059,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, (unsigned int)sbuf.st_mode ) ); END_PROFILE(SMBctemp); - return(outsize); + return; } /******************************************************************* -- cgit From fe502551c32263ef6faed26ee691aa1586f75104 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 16:04:31 +0000 Subject: r24423: Convert reply_lseek to the new API (This used to be commit bd228853863ce5b4b9b974347c50c956d7f2e055) --- source3/smbd/reply.c | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 87e3e29a4a..80a2e9ff14 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3636,22 +3636,32 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) Reply to a lseek. ****************************************************************************/ -int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) +void reply_lseek(connection_struct *conn, struct smb_request *req) { SMB_OFF_T startpos; SMB_OFF_T res= -1; int mode,umode; - int outsize = 0; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + files_struct *fsp; + START_PROFILE(SMBlseek); - CHECK_FSP(fsp,conn); + if (req->wct < 4) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBlseek); + return; + } + + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); + + if (!check_fsp(conn, req, fsp, ¤t_user)) { + return; + } flush_write_cache(fsp, SEEK_FLUSH); - mode = SVAL(inbuf,smb_vwv1) & 3; + mode = SVAL(req->inbuf,smb_vwv1) & 3; /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */ - startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2); + startpos = (SMB_OFF_T)IVALS(req->inbuf,smb_vwv2); switch (mode) { case 0: @@ -3678,8 +3688,10 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int SMB_STRUCT_STAT sbuf; if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) { + reply_unixerror(req, ERRDOS, + ERRnoaccess); END_PROFILE(SMBlseek); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return; } current_pos += sbuf.st_size; @@ -3689,21 +3701,22 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int } if(res == -1) { + reply_unixerror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBlseek); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return; } } fsp->fh->pos = res; - - outsize = set_message(inbuf,outbuf,2,0,True); - SIVAL(outbuf,smb_vwv0,res); + + reply_outbuf(req, 2, 0); + SIVAL(req->outbuf,smb_vwv0,res); DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n", fsp->fnum, (double)startpos, (double)res, mode)); END_PROFILE(SMBlseek); - return(outsize); + return; } /**************************************************************************** -- cgit From 7c25bf4511161cb7d3da8c27ca74b73c02b8841f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 18:16:04 +0000 Subject: r24425: Convert reply_write to the new API (This used to be commit 244965f7b67becb85774311e6ce84318d554384d) --- source3/smbd/reply.c | 61 ++++++++++++++++++++++++++++++++++------------------ 1 file changed, 40 insertions(+), 21 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 80a2e9ff14..3805994fb5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3400,36 +3400,51 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, Reply to a write. ****************************************************************************/ -int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize) +void reply_write(connection_struct *conn, struct smb_request *req) { size_t numtowrite; ssize_t nwritten = -1; SMB_OFF_T startpos; char *data; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); - int outsize = 0; + files_struct *fsp; NTSTATUS status; + START_PROFILE(SMBwrite); + if (req->wct < 5) { + END_PROFILE(SMBwrite); + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + return; + } + /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { + reply_pipe_write(req); END_PROFILE(SMBwrite); - return reply_pipe_write(inbuf,outbuf,size,dum_buffsize); + return; + } + + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); + + if (!check_fsp(conn, req, fsp, ¤t_user)) { + return; } - CHECK_FSP(fsp,conn); if (!CHECK_WRITE(fsp)) { + reply_doserror(req, ERRDOS, ERRbadaccess); END_PROFILE(SMBwrite); - return(ERROR_DOS(ERRDOS,ERRbadaccess)); + return; } - numtowrite = SVAL(inbuf,smb_vwv1); - startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); - data = smb_buf(inbuf) + 3; + numtowrite = SVAL(req->inbuf,smb_vwv1); + startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2); + data = smb_buf(req->inbuf) + 3; - if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)numtowrite, + (SMB_BIG_UINT)startpos, WRITE_LOCK)) { + reply_doserror(req, ERRDOS, ERRlock); END_PROFILE(SMBwrite); - return ERROR_DOS(ERRDOS,ERRlock); + return; } /* @@ -3444,43 +3459,47 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d */ nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos); if (nwritten < 0) { + reply_nterror(req, NT_STATUS_DISK_FULL); END_PROFILE(SMBwrite); - return ERROR_NT(NT_STATUS_DISK_FULL); + return; } nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos); if (nwritten < 0) { + reply_nterror(req, NT_STATUS_DISK_FULL); END_PROFILE(SMBwrite); - return ERROR_NT(NT_STATUS_DISK_FULL); + return; } } else nwritten = write_file(fsp,data,startpos,numtowrite); status = sync_file(conn, fsp, False); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBwrite); DEBUG(5,("reply_write: sync_file for %s returned %s\n", fsp->fsp_name, nt_errstr(status) )); - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBwrite); + return; } if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { + reply_unixerror(req, ERRHRD, ERRdiskfull); END_PROFILE(SMBwrite); - return(UNIXERROR(ERRHRD,ERRdiskfull)); + return; } - outsize = set_message(inbuf,outbuf,1,0,True); + reply_outbuf(req, 1, 0); - SSVAL(outbuf,smb_vwv0,nwritten); + SSVAL(req->outbuf,smb_vwv0,nwritten); if (nwritten < (ssize_t)numtowrite) { - SCVAL(outbuf,smb_rcls,ERRHRD); - SSVAL(outbuf,smb_err,ERRdiskfull); + SCVAL(req->outbuf,smb_rcls,ERRHRD); + SSVAL(req->outbuf,smb_err,ERRdiskfull); } DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten)); END_PROFILE(SMBwrite); - return(outsize); + return; } /**************************************************************************** -- cgit From 4c7212b4e4099c03049853cd211085030128ffd9 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 18:33:29 +0000 Subject: r24426: Convert reply_read to the new API (This used to be commit 30aada0ef8e16ce94035039b63ab140d158009d9) --- source3/smbd/reply.c | 59 +++++++++++++++++++++++++++++++++++----------------- 1 file changed, 40 insertions(+), 19 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 3805994fb5..37d13bfa96 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2828,26 +2828,41 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", Reply to a read. ****************************************************************************/ -int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) +void reply_read(connection_struct *conn, struct smb_request *req) { size_t numtoread; ssize_t nread = 0; char *data; SMB_OFF_T startpos; int outsize = 0; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + files_struct *fsp; + START_PROFILE(SMBread); - CHECK_FSP(fsp,conn); - if (!CHECK_READ(fsp,inbuf)) { - return(ERROR_DOS(ERRDOS,ERRbadaccess)); + if (req->wct < 3) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBread); + return; } - numtoread = SVAL(inbuf,smb_vwv1); - startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); + + if (!check_fsp(conn, req, fsp, ¤t_user)) { + END_PROFILE(SMBread); + return; + } + + if (!CHECK_READ(fsp,req->inbuf)) { + reply_doserror(req, ERRDOS, ERRbadaccess); + END_PROFILE(SMBread); + return; + } + + numtoread = SVAL(req->inbuf,smb_vwv1); + startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2); - outsize = set_message(inbuf,outbuf,5,3,True); numtoread = MIN(BUFFER_SIZE-outsize,numtoread); + /* * The requested read size cannot be greater than max_recv. JRA. */ @@ -2858,32 +2873,38 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", numtoread = MIN(numtoread,max_recv); } - data = smb_buf(outbuf) + 3; + reply_outbuf(req, 5, numtoread+3); + + data = smb_buf(req->outbuf) + 3; - if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) { + if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)numtoread, + (SMB_BIG_UINT)startpos, READ_LOCK)) { + reply_doserror(req, ERRDOS,ERRlock); END_PROFILE(SMBread); - return ERROR_DOS(ERRDOS,ERRlock); + return; } if (numtoread > 0) nread = read_file(fsp,data,startpos,numtoread); if (nread < 0) { + reply_unixerror(req, ERRDOS,ERRnoaccess); END_PROFILE(SMBread); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return; } - - outsize += nread; - SSVAL(outbuf,smb_vwv0,nread); - SSVAL(outbuf,smb_vwv5,nread+3); - SCVAL(smb_buf(outbuf),0,1); - SSVAL(smb_buf(outbuf),1,nread); + + set_message(NULL, (char *)req->outbuf, 5, nread+3, False); + + SSVAL(req->outbuf,smb_vwv0,nread); + SSVAL(req->outbuf,smb_vwv5,nread+3); + SCVAL(smb_buf(req->outbuf),0,1); + SSVAL(smb_buf(req->outbuf),1,nread); DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n", fsp->fnum, (int)numtoread, (int)nread ) ); END_PROFILE(SMBread); - return(outsize); + return; } /**************************************************************************** -- cgit From ca70ea9310fdf904011ce55cf1122043e2b42b4a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 18:52:58 +0000 Subject: r24427: Convert reply_lock to the new API (This used to be commit 212f43ddeaa6369e5437ed3915eb066a37bc9014) --- source3/smbd/reply.c | 32 ++++++++++++++++++++++---------- 1 file changed, 22 insertions(+), 10 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 37d13bfa96..00b3e514c6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3974,30 +3974,39 @@ int reply_writeclose(connection_struct *conn, Reply to a lock. ****************************************************************************/ -int reply_lock(connection_struct *conn, - char *inbuf,char *outbuf, int length, int dum_buffsize) +void reply_lock(connection_struct *conn, struct smb_request *req) { - int outsize = set_message(inbuf,outbuf,0,0,False); SMB_BIG_UINT count,offset; NTSTATUS status; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + files_struct *fsp; struct byte_range_lock *br_lck = NULL; START_PROFILE(SMBlock); - CHECK_FSP(fsp,conn); + if (req->wct < 5) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBlock); + return; + } + + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); + + if (!check_fsp(conn, req, fsp, ¤t_user)) { + END_PROFILE(SMBlock); + return; + } release_level_2_oplocks_on_change(fsp); - count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1); - offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); + count = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv1); + offset = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv3); DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fh->fd, fsp->fnum, (double)offset, (double)count)); br_lck = do_lock(smbd_messaging_context(), fsp, - (uint32)SVAL(inbuf,smb_pid), + req->smbpid, count, offset, WRITE_LOCK, @@ -4009,12 +4018,15 @@ int reply_lock(connection_struct *conn, TALLOC_FREE(br_lck); if (NT_STATUS_V(status)) { + reply_nterror(req, status); END_PROFILE(SMBlock); - return ERROR_NT(status); + return; } + reply_outbuf(req, 0, 0); + END_PROFILE(SMBlock); - return(outsize); + return; } /**************************************************************************** -- cgit From 0f73d64f7dcabffa7b2e512d4c2b5750f6799090 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 19:09:37 +0000 Subject: r24428: Convert reply_unlock to the new API (This used to be commit 01c7426fc0e2af6a955dcb37111ca439fc913d5f) --- source3/smbd/reply.c | 35 ++++++++++++++++++++++++----------- 1 file changed, 24 insertions(+), 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 00b3e514c6..e16d8d4f6b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4033,37 +4033,50 @@ void reply_lock(connection_struct *conn, struct smb_request *req) Reply to a unlock. ****************************************************************************/ -int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, - int dum_buffsize) +void reply_unlock(connection_struct *conn, struct smb_request *req) { - int outsize = set_message(inbuf,outbuf,0,0,False); SMB_BIG_UINT count,offset; NTSTATUS status; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + files_struct *fsp; + START_PROFILE(SMBunlock); - CHECK_FSP(fsp,conn); + if (req->wct < 5) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBunlock); + return; + } + + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); + + if (!check_fsp(conn, req, fsp, ¤t_user)) { + END_PROFILE(SMBunlock); + return; + } - count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1); - offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3); + count = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv1); + offset = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv3); status = do_unlock(smbd_messaging_context(), fsp, - (uint32)SVAL(inbuf,smb_pid), + req->smbpid, count, offset, WINDOWS_LOCK); if (NT_STATUS_V(status)) { + reply_nterror(req, status); END_PROFILE(SMBunlock); - return ERROR_NT(status); + return; } DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n", fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) ); - + + reply_outbuf(req, 0, 0); + END_PROFILE(SMBunlock); - return(outsize); + return; } #undef DBGC_CLASS -- cgit From 3f172071d4eb34a462fd481cee53276a9c2b675b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 19:20:25 +0000 Subject: r24429: reply_setdir is not used... (This used to be commit ca27a718b07949959efaeb49f310123de76af9a0) --- source3/smbd/reply.c | 53 ---------------------------------------------------- 1 file changed, 53 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e16d8d4f6b..59a5caad1a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5737,59 +5737,6 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(outsize); } -/**************************************************************************** - Reply to a setdir. -****************************************************************************/ - -int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) -{ - int snum; - int outsize = 0; - pstring newdir; - NTSTATUS status; - - START_PROFILE(pathworks_setdir); - - snum = SNUM(conn); - if (!CAN_SETDIR(snum)) { - END_PROFILE(pathworks_setdir); - return ERROR_DOS(ERRDOS,ERRnoaccess); - } - - srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), newdir, - smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, - &status); - if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(pathworks_setdir); - return ERROR_NT(status); - } - - status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newdir); - if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(pathworks_setdir); - if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); - } - return ERROR_NT(status); - } - - if (strlen(newdir) != 0) { - if (!vfs_directory_exist(conn,newdir,NULL)) { - END_PROFILE(pathworks_setdir); - return ERROR_DOS(ERRDOS,ERRbadpath); - } - set_conn_connectpath(conn,newdir); - } - - outsize = set_message(inbuf,outbuf,0,0,False); - SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh)); - - DEBUG(3,("setdir %s\n", newdir)); - - END_PROFILE(pathworks_setdir); - return(outsize); -} - #undef DBGC_CLASS #define DBGC_CLASS DBGC_LOCKING -- cgit From 4a989dac81372a8829d3769633c46fcba6e798f3 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 19:29:02 +0000 Subject: r24430: Convert reply_writeclose to the new API (This used to be commit 6def2ee03bb3510f000b1977c4d5293cad4ae364) --- source3/smbd/reply.c | 54 ++++++++++++++++++++++++++++++++++------------------ 1 file changed, 36 insertions(+), 18 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 59a5caad1a..9313f3883c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3903,32 +3903,48 @@ void reply_close(connection_struct *conn, struct smb_request *req) Reply to a writeclose (Core+ protocol). ****************************************************************************/ -int reply_writeclose(connection_struct *conn, - char *inbuf,char *outbuf, int size, int dum_buffsize) +void reply_writeclose(connection_struct *conn, struct smb_request *req) { size_t numtowrite; ssize_t nwritten = -1; - int outsize = 0; NTSTATUS close_status = NT_STATUS_OK; SMB_OFF_T startpos; char *data; struct timespec mtime; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + files_struct *fsp; + START_PROFILE(SMBwriteclose); - CHECK_FSP(fsp,conn); + if (req->wct < 6) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBwriteclose); + return; + } + + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); + + if (!check_fsp(conn, req, fsp, ¤t_user)) { + END_PROFILE(SMBwriteclose); + return; + } if (!CHECK_WRITE(fsp)) { - return(ERROR_DOS(ERRDOS,ERRbadaccess)); + reply_doserror(req, ERRDOS,ERRbadaccess); + END_PROFILE(SMBwriteclose); + return; } - numtowrite = SVAL(inbuf,smb_vwv1); - startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); - mtime = convert_time_t_to_timespec(srv_make_unix_date3(inbuf+smb_vwv4)); - data = smb_buf(inbuf) + 1; + numtowrite = SVAL(req->inbuf,smb_vwv1); + startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2); + mtime = convert_time_t_to_timespec(srv_make_unix_date3( + req->inbuf+smb_vwv4)); + data = smb_buf(req->inbuf) + 1; - if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (numtowrite + && is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)numtowrite, + (SMB_BIG_UINT)startpos, WRITE_LOCK)) { + reply_doserror(req, ERRDOS,ERRlock); END_PROFILE(SMBwriteclose); - return ERROR_DOS(ERRDOS,ERRlock); + return; } nwritten = write_file(fsp,data,startpos,numtowrite); @@ -3951,20 +3967,22 @@ int reply_writeclose(connection_struct *conn, conn->num_files_open)); if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { + reply_doserror(req, ERRHRD, ERRdiskfull); END_PROFILE(SMBwriteclose); - return(UNIXERROR(ERRHRD,ERRdiskfull)); + return; } if(!NT_STATUS_IS_OK(close_status)) { + reply_nterror(req, close_status); END_PROFILE(SMBwriteclose); - return ERROR_NT(close_status); + return; } - - outsize = set_message(inbuf,outbuf,1,0,True); + + reply_outbuf(req, 1, 0); - SSVAL(outbuf,smb_vwv0,nwritten); + SSVAL(req->outbuf,smb_vwv0,nwritten); END_PROFILE(SMBwriteclose); - return(outsize); + return; } #undef DBGC_CLASS -- cgit From 591669ba066cde377c0c14e3473f23b35530b4ba Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 19:45:24 +0000 Subject: r24431: Convert the reply_printXX calls to the new API (This used to be commit e528479f56bc936cc60eb95c9738a48de48dbd05) --- source3/smbd/reply.c | 154 +++++++++++++++++++++++++++++++++++---------------- 1 file changed, 107 insertions(+), 47 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 9313f3883c..1d0791a899 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4187,55 +4187,72 @@ void reply_echo(connection_struct *conn, struct smb_request *req) Reply to a printopen. ****************************************************************************/ -int reply_printopen(connection_struct *conn, - char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_printopen(connection_struct *conn, struct smb_request *req) { - int outsize = 0; files_struct *fsp; NTSTATUS status; START_PROFILE(SMBsplopen); - + + if (req->wct < 2) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBsplopen); + return; + } + if (!CAN_PRINT(conn)) { + reply_doserror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBsplopen); - return ERROR_DOS(ERRDOS,ERRnoaccess); + return; } /* Open for exclusive use, write only. */ status = print_fsp_open(conn, NULL, &fsp); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBsplopen); - return(ERROR_NT(status)); + return; } - outsize = set_message(inbuf,outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,fsp->fnum); + reply_outbuf(req, 1, 0); + SSVAL(req->outbuf,smb_vwv0,fsp->fnum); DEBUG(3,("openprint fd=%d fnum=%d\n", fsp->fh->fd, fsp->fnum)); END_PROFILE(SMBsplopen); - return(outsize); + return; } /**************************************************************************** Reply to a printclose. ****************************************************************************/ -int reply_printclose(connection_struct *conn, - char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_printclose(connection_struct *conn, struct smb_request *req) { - int outsize = set_message(inbuf,outbuf,0,0,False); - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + files_struct *fsp; NTSTATUS status; + START_PROFILE(SMBsplclose); - CHECK_FSP(fsp,conn); + if (req->wct < 3) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBsplclose); + return; + } + + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); + + if (!check_fsp(conn, req, fsp, ¤t_user)) { + END_PROFILE(SMBsplclose); + return; + } if (!CAN_PRINT(conn)) { + reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRerror)); END_PROFILE(SMBsplclose); - return ERROR_NT(NT_STATUS_DOS(ERRSRV, ERRerror)); + return; } DEBUG(3,("printclose fd=%d fnum=%d\n", @@ -4244,39 +4261,50 @@ int reply_printclose(connection_struct *conn, status = close_file(fsp,NORMAL_CLOSE); if(!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBsplclose); - return ERROR_NT(status); + return; } END_PROFILE(SMBsplclose); - return(outsize); + return; } /**************************************************************************** Reply to a printqueue. ****************************************************************************/ -int reply_printqueue(connection_struct *conn, - char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_printqueue(connection_struct *conn, struct smb_request *req) { - int outsize = set_message(inbuf,outbuf,2,3,True); - int max_count = SVAL(inbuf,smb_vwv0); - int start_index = SVAL(inbuf,smb_vwv1); + int max_count; + int start_index; + START_PROFILE(SMBsplretq); + if (req->wct < 2) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBsplretq); + return; + } + + max_count = SVAL(req->inbuf,smb_vwv0); + start_index = SVAL(req->inbuf,smb_vwv1); + /* we used to allow the client to get the cnum wrong, but that is really quite gross and only worked when there was only one printer - I think we should now only accept it if they get it right (tridge) */ if (!CAN_PRINT(conn)) { + reply_doserror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBsplretq); - return ERROR_DOS(ERRDOS,ERRnoaccess); + return; } - SSVAL(outbuf,smb_vwv0,0); - SSVAL(outbuf,smb_vwv1,0); - SCVAL(smb_buf(outbuf),0,1); - SSVAL(smb_buf(outbuf),1,0); + reply_outbuf(req, 2, 3); + SSVAL(req->outbuf,smb_vwv0,0); + SSVAL(req->outbuf,smb_vwv1,0); + SCVAL(smb_buf(req->outbuf),0,1); + SSVAL(smb_buf(req->outbuf),1,0); DEBUG(3,("printqueue start_index=%d max_count=%d\n", start_index, max_count)); @@ -4284,7 +4312,6 @@ int reply_printqueue(connection_struct *conn, { print_queue_struct *queue = NULL; print_status_struct status; - char *p = smb_buf(outbuf) + 3; int count = print_queue_status(SNUM(conn), &queue, &status); int num_to_get = ABS(max_count); int first = (max_count>0?start_index:start_index+max_count+1); @@ -4297,22 +4324,33 @@ int reply_printqueue(connection_struct *conn, for (i=first;iflags2, p+12, queue[i].fs_user, 16, STR_ASCII); - p += 28; + + if (message_push_blob( + &req->outbuf, + data_blob_const( + blob, sizeof(blob))) == -1) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBsplretq); + return; + } } if (count > 0) { - outsize = set_message(inbuf,outbuf,2,28*count+3,False); - SSVAL(outbuf,smb_vwv0,count); - SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1)); - SCVAL(smb_buf(outbuf),0,1); - SSVAL(smb_buf(outbuf),1,28*count); + SSVAL(req->outbuf,smb_vwv0,count); + SSVAL(req->outbuf,smb_vwv1, + (max_count>0?first+count:first-1)); + SCVAL(smb_buf(req->outbuf),0,1); + SSVAL(smb_buf(req->outbuf),1,28*count); } SAFE_FREE(queue); @@ -4321,44 +4359,66 @@ int reply_printqueue(connection_struct *conn, } END_PROFILE(SMBsplretq); - return(outsize); + return; } /**************************************************************************** Reply to a printwrite. ****************************************************************************/ -int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_printwrite(connection_struct *conn, struct smb_request *req) { int numtowrite; - int outsize = set_message(inbuf,outbuf,0,0,False); char *data; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + files_struct *fsp; START_PROFILE(SMBsplwr); + + if (req->wct < 1) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBsplwr); + return; + } + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); + + if (!check_fsp(conn, req, fsp, ¤t_user)) { + END_PROFILE(SMBsplwr); + return; + } + if (!CAN_PRINT(conn)) { + reply_doserror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBsplwr); - return ERROR_DOS(ERRDOS,ERRnoaccess); + return; } - CHECK_FSP(fsp,conn); if (!CHECK_WRITE(fsp)) { - return(ERROR_DOS(ERRDOS,ERRbadaccess)); + reply_doserror(req, ERRDOS, ERRbadaccess); + END_PROFILE(SMBsplwr); + return; } - numtowrite = SVAL(smb_buf(inbuf),1); - data = smb_buf(inbuf) + 3; - + numtowrite = SVAL(smb_buf(req->inbuf),1); + + if (smb_buflen(req->inbuf) < numtowrite + 3) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBsplwr); + return; + } + + data = smb_buf(req->inbuf) + 3; + if (write_file(fsp,data,-1,numtowrite) != numtowrite) { + reply_unixerror(req, ERRHRD, ERRdiskfull); END_PROFILE(SMBsplwr); - return(UNIXERROR(ERRHRD,ERRdiskfull)); + return; } DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) ); END_PROFILE(SMBsplwr); - return(outsize); + return; } /**************************************************************************** -- cgit From 05fafc1df28e7848a1e6869d0103ea96dc21f0e4 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 20:20:51 +0000 Subject: r24436: Convert reply_lockread/writeunlock to the new API (This used to be commit 1b6add251ca1db565a03407db30884132dd93e7d) --- source3/smbd/reply.c | 118 ++++++++++++++++++++++++++++++++++----------------- 1 file changed, 78 insertions(+), 40 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1d0791a899..f41387fb68 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2741,31 +2741,47 @@ void reply_readbraw(connection_struct *conn, struct smb_request *req) Reply to a lockread (core+ protocol). ****************************************************************************/ -int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz) +void reply_lockread(connection_struct *conn, struct smb_request *req) { ssize_t nread = -1; char *data; - int outsize = 0; SMB_OFF_T startpos; size_t numtoread; NTSTATUS status; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + files_struct *fsp; struct byte_range_lock *br_lck = NULL; + START_PROFILE(SMBlockread); - CHECK_FSP(fsp,conn); - if (!CHECK_READ(fsp,inbuf)) { - return(ERROR_DOS(ERRDOS,ERRbadaccess)); + if (req->wct < 5) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBlockread); + return; + } + + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); + + if (!check_fsp(conn, req, fsp, ¤t_user)) { + END_PROFILE(SMBlockread); + return; + } + + if (!CHECK_READ(fsp,req->inbuf)) { + reply_doserror(req, ERRDOS, ERRbadaccess); + END_PROFILE(SMBlockread); + return; } release_level_2_oplocks_on_change(fsp); - numtoread = SVAL(inbuf,smb_vwv1); - startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); - - outsize = set_message(inbuf,outbuf,5,3,True); - numtoread = MIN(BUFFER_SIZE-outsize,numtoread); - data = smb_buf(outbuf) + 3; + numtoread = SVAL(req->inbuf,smb_vwv1); + startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2); + + numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread); + + reply_outbuf(req, 5, numtoread + 3); + + data = smb_buf(req->outbuf) + 3; /* * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+ @@ -2777,7 +2793,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length br_lck = do_lock(smbd_messaging_context(), fsp, - (uint32)SVAL(inbuf,smb_pid), + req->smbpid, (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK, @@ -2788,8 +2804,9 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length TALLOC_FREE(br_lck); if (NT_STATUS_V(status)) { + reply_nterror(req, status); END_PROFILE(SMBlockread); - return ERROR_NT(status); + return; } /* @@ -2805,20 +2822,22 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", nread = read_file(fsp,data,startpos,numtoread); if (nread < 0) { + reply_unixerror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBlockread); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return; } - outsize += nread; - SSVAL(outbuf,smb_vwv0,nread); - SSVAL(outbuf,smb_vwv5,nread+3); - SSVAL(smb_buf(outbuf),1,nread); + set_message(NULL, (char *)req->outbuf, 5, nread+3, False); + + SSVAL(req->outbuf,smb_vwv0,nread); + SSVAL(req->outbuf,smb_vwv5,nread+3); + SSVAL(smb_buf(req->outbuf),1,nread); DEBUG(3,("lockread fnum=%d num=%d nread=%d\n", fsp->fnum, (int)numtoread, (int)nread)); END_PROFILE(SMBlockread); - return(outsize); + return; } #undef DBGC_CLASS @@ -3341,30 +3360,46 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, Reply to a writeunlock (core+). ****************************************************************************/ -int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, - int size, int dum_buffsize) +void reply_writeunlock(connection_struct *conn, struct smb_request *req) { ssize_t nwritten = -1; size_t numtowrite; SMB_OFF_T startpos; char *data; NTSTATUS status = NT_STATUS_OK; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); - int outsize = 0; + files_struct *fsp; + START_PROFILE(SMBwriteunlock); + + if (req->wct < 5) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBwriteunlock); + return; + } - CHECK_FSP(fsp,conn); + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); + + if (!check_fsp(conn, req, fsp, ¤t_user)) { + END_PROFILE(SMBwriteunlock); + return; + } + if (!CHECK_WRITE(fsp)) { - return(ERROR_DOS(ERRDOS,ERRbadaccess)); + reply_doserror(req, ERRDOS,ERRbadaccess); + END_PROFILE(SMBwriteunlock); + return; } - numtowrite = SVAL(inbuf,smb_vwv1); - startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); - data = smb_buf(inbuf) + 3; + numtowrite = SVAL(req->inbuf,smb_vwv1); + startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2); + data = smb_buf(req->inbuf) + 3; - if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (numtowrite + && is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)numtowrite, + (SMB_BIG_UINT)startpos, WRITE_LOCK)) { + reply_doserror(req, ERRDOS, ERRlock); END_PROFILE(SMBwriteunlock); - return ERROR_DOS(ERRDOS,ERRlock); + return; } /* The special X/Open SMB protocol handling of @@ -3378,40 +3413,43 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, status = sync_file(conn, fsp, False /* write through */); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBwriteunlock); DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n", fsp->fsp_name, nt_errstr(status) )); - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBwriteunlock); + return; } if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { + reply_unixerror(req, ERRHRD, ERRdiskfull); END_PROFILE(SMBwriteunlock); - return(UNIXERROR(ERRHRD,ERRdiskfull)); + return; } if (numtowrite) { status = do_unlock(smbd_messaging_context(), fsp, - (uint32)SVAL(inbuf,smb_pid), + req->smbpid, (SMB_BIG_UINT)numtowrite, (SMB_BIG_UINT)startpos, WINDOWS_LOCK); if (NT_STATUS_V(status)) { + reply_nterror(req, status); END_PROFILE(SMBwriteunlock); - return ERROR_NT(status); + return; } } + + reply_outbuf(req, 1, 0); - outsize = set_message(inbuf,outbuf,1,0,True); - - SSVAL(outbuf,smb_vwv0,nwritten); + SSVAL(req->outbuf,smb_vwv0,nwritten); DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten)); END_PROFILE(SMBwriteunlock); - return outsize; + return; } #undef DBGC_CLASS -- cgit From 90741da80bf99fea22d9ee3a03a0f0994d0da6a3 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 20:55:24 +0000 Subject: r24439: Convert reply_get/setattrE to the new API (This used to be commit 6b0ad071d85ddd8fbf24386db11688bde49baf81) --- source3/smbd/reply.c | 75 ++++++++++++++++++++++++++++++++++------------------ 1 file changed, 50 insertions(+), 25 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f41387fb68..2b2fc7c895 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -6430,28 +6430,40 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, Reply to a SMBsetattrE. ****************************************************************************/ -int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) +void reply_setattrE(connection_struct *conn, struct smb_request *req) { struct timespec ts[2]; - int outsize = 0; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + files_struct *fsp; + START_PROFILE(SMBsetattrE); - outsize = set_message(inbuf,outbuf,0,0,False); + if (req->wct < 7) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBsetattrE); + return; + } + + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); if(!fsp || (fsp->conn != conn)) { + reply_doserror(req, ERRDOS, ERRbadfid); END_PROFILE(SMBsetattrE); - return ERROR_DOS(ERRDOS,ERRbadfid); + return; } + /* * Convert the DOS times into unix times. Ignore create * time as UNIX can't set this. */ - ts[0] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv3)); /* atime. */ - ts[1] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv5)); /* mtime. */ + ts[0] = convert_time_t_to_timespec( + srv_make_unix_date2(req->inbuf+smb_vwv3)); /* atime. */ + ts[1] = convert_time_t_to_timespec( + srv_make_unix_date2(req->inbuf+smb_vwv5)); /* mtime. */ + reply_outbuf(req, 0, 0); + /* * Patch from Ray Frush * Sometimes times are sent as zero - ignore them. @@ -6464,7 +6476,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, dbgtext( "ignoring zero request - not setting timestamps of 0\n" ); } END_PROFILE(SMBsetattrE); - return(outsize); + return; } else if (!null_timespec(ts[0]) && null_timespec(ts[1])) { /* set modify time = to access time if modify time was unset */ ts[1] = ts[0]; @@ -6473,8 +6485,9 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, /* Set the date on this file */ /* Should we set pending modtime here ? JRA */ if(file_ntimes(conn, fsp->fsp_name, ts)) { + reply_doserror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBsetattrE); - return ERROR_DOS(ERRDOS,ERRnoaccess); + return; } DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n", @@ -6483,7 +6496,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, (unsigned int)ts[1].tv_sec)); END_PROFILE(SMBsetattrE); - return(outsize); + return; } @@ -6699,25 +6712,33 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz Reply to a SMBgetattrE. ****************************************************************************/ -int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) +void reply_getattrE(connection_struct *conn, struct smb_request *req) { SMB_STRUCT_STAT sbuf; - int outsize = 0; int mode; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + files_struct *fsp; + START_PROFILE(SMBgetattrE); - outsize = set_message(inbuf,outbuf,11,0,True); + if (req->wct < 1) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBgetattrE); + return; + } + + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); if(!fsp || (fsp->conn != conn)) { + reply_doserror(req, ERRDOS, ERRbadfid); END_PROFILE(SMBgetattrE); - return ERROR_DOS(ERRDOS,ERRbadfid); + return; } /* Do an fstat on this file */ if(fsp_stat(fsp, &sbuf)) { + reply_unixerror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBgetattrE); - return(UNIXERROR(ERRDOS,ERRnoaccess)); + return; } mode = dos_mode(conn,fsp->fsp_name,&sbuf); @@ -6728,23 +6749,27 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, * this. */ - srv_put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn)))); - srv_put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime); + reply_outbuf(req, 11, 0); + + srv_put_dos_date2((char *)req->outbuf, smb_vwv0, + get_create_time(&sbuf, + lp_fake_dir_create_times(SNUM(conn)))); + srv_put_dos_date2((char *)req->outbuf, smb_vwv2, sbuf.st_atime); /* Should we check pending modtime here ? JRA */ - srv_put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime); + srv_put_dos_date2((char *)req->outbuf, smb_vwv4, sbuf.st_mtime); if (mode & aDIR) { - SIVAL(outbuf,smb_vwv6,0); - SIVAL(outbuf,smb_vwv8,0); + SIVAL(req->outbuf, smb_vwv6, 0); + SIVAL(req->outbuf, smb_vwv8, 0); } else { uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf); - SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size); - SIVAL(outbuf,smb_vwv8,allocation_size); + SIVAL(req->outbuf, smb_vwv6, (uint32)sbuf.st_size); + SIVAL(req->outbuf, smb_vwv8, allocation_size); } - SSVAL(outbuf,smb_vwv10, mode); + SSVAL(req->outbuf,smb_vwv10, mode); DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum)); END_PROFILE(SMBgetattrE); - return(outsize); + return; } -- cgit From 9c2bfffecec108c5ffaf0308390dfd8093881adb Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 21:13:05 +0000 Subject: r24441: Convert reply_ioctl to the new API (This used to be commit a5af7ebb7f1d869659fbab187652e68ec4fafbb8) --- source3/smbd/reply.c | 56 +++++++++++++++++++++++++++++++++------------------- 1 file changed, 36 insertions(+), 20 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2b2fc7c895..f079ef4b21 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -724,56 +724,72 @@ void reply_unknown_new(struct smb_request *req, uint8 type) conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -int reply_ioctl(connection_struct *conn, - char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_ioctl(connection_struct *conn, struct smb_request *req) { - uint16 device = SVAL(inbuf,smb_vwv1); - uint16 function = SVAL(inbuf,smb_vwv2); - uint32 ioctl_code = (device << 16) + function; - int replysize, outsize; + uint16 device; + uint16 function; + uint32 ioctl_code; + int replysize; char *p; + START_PROFILE(SMBioctl); + if (req->wct < 3) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBioctl); + return; + } + + device = SVAL(req->inbuf,smb_vwv1); + function = SVAL(req->inbuf,smb_vwv2); + ioctl_code = (device << 16) + function; + DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code)); switch (ioctl_code) { case IOCTL_QUERY_JOB_INFO: - replysize = 32; - break; + replysize = 32; + break; default: - END_PROFILE(SMBioctl); - return(ERROR_DOS(ERRSRV,ERRnosupport)); + reply_doserror(req, ERRSRV, ERRnosupport); + END_PROFILE(SMBioctl); + return; } - outsize = set_message(inbuf,outbuf,8,replysize+1,True); - SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */ - SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */ - SSVAL(outbuf,smb_vwv6,52); /* Offset to data */ - p = smb_buf(outbuf) + 1; /* Allow for alignment */ + reply_outbuf(req, 8, replysize+1); + SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */ + SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */ + SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */ + p = smb_buf(req->outbuf) + 1; /* Allow for alignment */ switch (ioctl_code) { case IOCTL_QUERY_JOB_INFO: { - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); + files_struct *fsp = file_fsp(SVAL(req->inbuf, + smb_vwv0)); if (!fsp) { + reply_doserror(req, ERRDOS, ERRbadfid); END_PROFILE(SMBioctl); - return(UNIXERROR(ERRDOS,ERRbadfid)); + return; } SSVAL(p,0,fsp->rap_print_jobid); /* Job number */ - srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p+2, + srvstr_push((char *)req->outbuf, req->flags2, p+2, global_myname(), 15, STR_TERMINATE|STR_ASCII); if (conn) { - srvstr_push(outbuf, SVAL(outbuf, smb_flg2), + srvstr_push((char *)req->outbuf, req->flags2, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII); } + else { + memset(p+18, 0, 13); + } break; } } END_PROFILE(SMBioctl); - return outsize; + return; } /**************************************************************************** -- cgit From f93b093d5f3a2cc7b72e1ddff8d84fe70267c23c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 21:21:52 +0000 Subject: r24442: Convert reply_copy to the new API (This used to be commit 0cb00c54750837ab2d2dc12e4947fedb7d38e878) --- source3/smbd/reply.c | 122 +++++++++++++++++++++++++++++++++++---------------- 1 file changed, 84 insertions(+), 38 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f079ef4b21..831c376e08 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5640,9 +5640,8 @@ NTSTATUS copy_file(connection_struct *conn, Reply to a file copy. ****************************************************************************/ -int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_copy(connection_struct *conn, struct smb_request *req) { - int outsize = 0; pstring name; pstring directory; pstring mask,newname; @@ -5650,32 +5649,45 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int count=0; int error = ERRnoaccess; int err = 0; - int tid2 = SVAL(inbuf,smb_vwv0); - int ofun = SVAL(inbuf,smb_vwv1); - int flags = SVAL(inbuf,smb_vwv2); + int tid2; + int ofun; + int flags; BOOL target_is_directory=False; BOOL source_has_wild = False; BOOL dest_has_wild = False; SMB_STRUCT_STAT sbuf1, sbuf2; NTSTATUS status; + START_PROFILE(SMBcopy); + if (req->wct < 3) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBcopy); + return; + } + + tid2 = SVAL(req->inbuf,smb_vwv0); + ofun = SVAL(req->inbuf,smb_vwv1); + flags = SVAL(req->inbuf,smb_vwv2); + *directory = *mask = 0; - p = smb_buf(inbuf); - p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, p, + p = smb_buf(req->inbuf); + p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name, p, sizeof(name), 0, STR_TERMINATE, &status, &source_has_wild); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBcopy); - return ERROR_NT(status); + return; } - p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), newname, p, + p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &dest_has_wild); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBcopy); - return ERROR_NT(status); + return; } DEBUG(3,("reply_copy : %s -> %s\n",name,newname)); @@ -5683,57 +5695,75 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if (tid2 != conn->cnum) { /* can't currently handle inter share copies XXXX */ DEBUG(3,("Rejecting inter-share copy\n")); + reply_doserror(req, ERRSRV, ERRinvdevice); END_PROFILE(SMBcopy); - return ERROR_DOS(ERRSRV,ERRinvdevice); + return; } - status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &source_has_wild); + status = resolve_dfspath_wcard(conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + name, &source_has_wild); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBcopy); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + END_PROFILE(SMBcopy); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBcopy); + return; } - status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wild); + status = resolve_dfspath_wcard(conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + newname, &dest_has_wild); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBcopy); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + END_PROFILE(SMBcopy); + return; } - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBcopy); + return; } status = unix_convert(conn, name, source_has_wild, NULL, &sbuf1); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBcopy); - return ERROR_NT(status); + return; } status = unix_convert(conn, newname, dest_has_wild, NULL, &sbuf2); if (!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBcopy); - return ERROR_NT(status); + return; } target_is_directory = VALID_STAT_OF_DIR(sbuf2); if ((flags&1) && target_is_directory) { + reply_doserror(req, ERRDOS, ERRbadfile); END_PROFILE(SMBcopy); - return ERROR_DOS(ERRDOS,ERRbadfile); + return; } if ((flags&2) && !target_is_directory) { + reply_doserror(req, ERRDOS, ERRbadpath); END_PROFILE(SMBcopy); - return ERROR_DOS(ERRDOS,ERRbadpath); + return; } if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) { /* wants a tree copy! XXXX */ DEBUG(3,("Rejecting tree copy\n")); + reply_doserror(req, ERRSRV, ERRerror); END_PROFILE(SMBcopy); - return ERROR_DOS(ERRSRV,ERRerror); + return; } p = strrchr_m(name,'/'); @@ -5764,27 +5794,33 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, pstrcat(directory,mask); if (dest_has_wild) { if (!resolve_wildcards(directory,newname)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBcopy); - return ERROR_NT(NT_STATUS_NO_MEMORY); + return; } } status = check_name(conn, directory); if (!NT_STATUS_IS_OK(status)) { - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBcopy); + return; } status = check_name(conn, newname); if (!NT_STATUS_IS_OK(status)) { - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBcopy); + return; } status = copy_file(conn,directory,newname,ofun, count,target_is_directory); if(!NT_STATUS_IS_OK(status)) { + reply_nterror(req, status); END_PROFILE(SMBcopy); - return ERROR_NT(status); + return; } else { count++; } @@ -5799,13 +5835,17 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, status = check_name(conn, directory); if (!NT_STATUS_IS_OK(status)) { - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBcopy); + return; } dir_hnd = OpenDir(conn, directory, mask, 0); if (dir_hnd == NULL) { status = map_nt_error_from_unix(errno); - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBcopy); + return; } error = ERRbadfile; @@ -5831,12 +5871,16 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBcopy); + return; } status = check_name(conn, destname); if (!NT_STATUS_IS_OK(status)) { - return ERROR_NT(status); + reply_nterror(req, status); + END_PROFILE(SMBcopy); + return; } DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname)); @@ -5854,19 +5898,21 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, if(err) { /* Error on close... */ errno = err; + reply_unixerror(req, ERRHRD, ERRgeneral); END_PROFILE(SMBcopy); - return(UNIXERROR(ERRHRD,ERRgeneral)); + return; } + reply_doserror(req, ERRDOS, error); END_PROFILE(SMBcopy); - return ERROR_DOS(ERRDOS,error); + return; } - - outsize = set_message(inbuf,outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,count); + + reply_outbuf(req, 1, 0); + SSVAL(req->outbuf,smb_vwv0,count); END_PROFILE(SMBcopy); - return(outsize); + return; } #undef DBGC_CLASS -- cgit From 5edcc342c6b24e41fed826c13a257929f4071668 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 14 Aug 2007 21:32:52 +0000 Subject: r24443: Convert reply_search/fclose to the new API (This used to be commit a8a33c377e38046b4103cf1d59032b97ab6bac9a) --- source3/smbd/reply.c | 152 ++++++++++++++++++++++++++++++++------------------- 1 file changed, 95 insertions(+), 57 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 831c376e08..7ab503906d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1149,7 +1149,7 @@ void reply_dskattr(connection_struct *conn, struct smb_request *req) Can be called from SMBsearch, SMBffirst or SMBfunique. ****************************************************************************/ -int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_search(connection_struct *conn, struct smb_request *req) { pstring mask; pstring directory; @@ -1158,7 +1158,6 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size uint32 mode; time_t date; uint32 dirtype; - int outsize = 0; unsigned int numentries = 0; unsigned int maxentries = 0; BOOL finished = False; @@ -1171,41 +1170,55 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size BOOL expect_close = False; NTSTATUS nt_status; BOOL mask_contains_wcard = False; - BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False; + BOOL allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False; START_PROFILE(SMBsearch); + if (req->wct < 2) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBsearch); + return; + } + if (lp_posix_pathnames()) { + reply_unknown_new(req, CVAL(req->inbuf, smb_com)); END_PROFILE(SMBsearch); - return reply_unknown(inbuf, outbuf); + return; } *mask = *directory = *fname = 0; /* If we were called as SMBffirst then we must expect close. */ - if(CVAL(inbuf,smb_com) == SMBffirst) { + if(CVAL(req->inbuf,smb_com) == SMBffirst) { expect_close = True; } - - outsize = set_message(inbuf,outbuf,1,3,True); - maxentries = SVAL(inbuf,smb_vwv0); - dirtype = SVAL(inbuf,smb_vwv1); - p = smb_buf(inbuf) + 1; - p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), path, p, + + reply_outbuf(req, 1, 3); + maxentries = SVAL(req->inbuf,smb_vwv0); + dirtype = SVAL(req->inbuf,smb_vwv1); + p = smb_buf(req->inbuf) + 1; + p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, path, p, sizeof(path), 0, STR_TERMINATE, &nt_status, &mask_contains_wcard); if (!NT_STATUS_IS_OK(nt_status)) { + reply_nterror(req, nt_status); END_PROFILE(SMBsearch); - return ERROR_NT(nt_status); + return; } - nt_status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, path, &mask_contains_wcard); + nt_status = resolve_dfspath_wcard(conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + path, &mask_contains_wcard); if (!NT_STATUS_IS_OK(nt_status)) { - END_PROFILE(SMBsearch); if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) { - return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath); + reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, + ERRSRV, ERRbadpath); + END_PROFILE(SMBsearch); + return; } - return ERROR_NT(nt_status); + reply_nterror(req, nt_status); + END_PROFILE(SMBsearch); + return; } p++; @@ -1220,14 +1233,16 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size pstrcpy(directory,path); nt_status = unix_convert(conn, directory, True, NULL, &sbuf); if (!NT_STATUS_IS_OK(nt_status)) { + reply_nterror(req, nt_status); END_PROFILE(SMBsearch); - return ERROR_NT(nt_status); + return; } nt_status = check_name(conn, directory); if (!NT_STATUS_IS_OK(nt_status)) { + reply_nterror(req, nt_status); END_PROFILE(SMBsearch); - return ERROR_NT(nt_status); + return; } p = strrchr_m(directory,'/'); @@ -1266,20 +1281,20 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size mask_contains_wcard = ms_has_wild(mask); } - p = smb_buf(outbuf) + 3; - if (status_len == 0) { nt_status = dptr_create(conn, directory, True, expect_close, - SVAL(inbuf,smb_pid), + req->smbpid, mask, mask_contains_wcard, dirtype, &conn->dirptr); if (!NT_STATUS_IS_OK(nt_status)) { - return ERROR_NT(nt_status); + reply_nterror(req, nt_status); + END_PROFILE(SMBsearch); + return; } dptr_num = dptr_dnum(conn->dirptr); } else { @@ -1288,20 +1303,31 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size DEBUG(4,("dptr_num is %d\n",dptr_num)); - if ((dirtype&0x1F) == aVOLID) { - memcpy(p,status,21); - make_dir_struct(p,"???????????",volume_label(SNUM(conn)), + if ((dirtype&0x1F) == aVOLID) { + char buf[DIR_STRUCT_SIZE]; + memcpy(buf,status,21); + make_dir_struct(buf,"???????????",volume_label(SNUM(conn)), 0,aVOLID,0,!allow_long_path_components); - dptr_fill(p+12,dptr_num); - if (dptr_zero(p+12) && (status_len==0)) { + dptr_fill(buf+12,dptr_num); + if (dptr_zero(buf+12) && (status_len==0)) { numentries = 1; } else { numentries = 0; } - p += DIR_STRUCT_SIZE; + if (message_push_blob(&req->outbuf, + data_blob_const(buf, sizeof(buf))) + == -1) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBsearch); + return; + } } else { unsigned int i; - maxentries = MIN(maxentries, ((BUFFER_SIZE - (p - outbuf))/DIR_STRUCT_SIZE)); + maxentries = MIN( + maxentries, + ((BUFFER_SIZE - + ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf)) + /DIR_STRUCT_SIZE)); DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n", conn->dirpath,lp_dontdescend(SNUM(conn)))); @@ -1312,14 +1338,21 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size for (i=numentries;(ioutbuf, + data_blob_const(buf, sizeof(buf))) + == -1) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBsearch); + return; + } numentries++; - p += DIR_STRUCT_SIZE; } } } @@ -1338,49 +1371,51 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } /* If we were called as SMBfunique, then we can close the dirptr now ! */ - if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) { + if(dptr_num >= 0 && CVAL(req->inbuf,smb_com) == SMBfunique) { dptr_close(&dptr_num); } if ((numentries == 0) && !mask_contains_wcard) { - return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles); + reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles); + END_PROFILE(SMBsearch); + return; } - SSVAL(outbuf,smb_vwv0,numentries); - SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE); - SCVAL(smb_buf(outbuf),0,5); - SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE); + SSVAL(req->outbuf,smb_vwv0,numentries); + SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE); + SCVAL(smb_buf(req->outbuf),0,5); + SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE); /* The replies here are never long name. */ - SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME)); + SSVAL(req->outbuf, smb_flg2, + SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME)); if (!allow_long_path_components) { - SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_LONG_PATH_COMPONENTS)); + SSVAL(req->outbuf, smb_flg2, + SVAL(req->outbuf, smb_flg2) + & (~FLAGS2_LONG_PATH_COMPONENTS)); } /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */ - SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS))); + SSVAL(req->outbuf, smb_flg2, + (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS))); - outsize += DIR_STRUCT_SIZE*numentries; - smb_setlen(inbuf,outbuf,outsize - 4); - if ((! *directory) && dptr_path(dptr_num)) slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%u of %u\n", - smb_fn_name(CVAL(inbuf,smb_com)), + smb_fn_name(CVAL(req->inbuf,smb_com)), mask, directory, dirtype, numentries, maxentries ) ); END_PROFILE(SMBsearch); - return(outsize); + return; } /**************************************************************************** Reply to a fclose (stop directory search). ****************************************************************************/ -int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_fclose(connection_struct *conn, struct smb_request *req) { - int outsize = 0; int status_len; pstring path; char status[21]; @@ -1392,26 +1427,28 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size START_PROFILE(SMBfclose); if (lp_posix_pathnames()) { + reply_unknown_new(req, CVAL(req->inbuf, smb_com)); END_PROFILE(SMBfclose); - return reply_unknown(inbuf, outbuf); + return; } - outsize = set_message(inbuf,outbuf,1,0,True); - p = smb_buf(inbuf) + 1; - p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), path, p, + p = smb_buf(req->inbuf) + 1; + p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, path, p, sizeof(path), 0, STR_TERMINATE, &err, &path_contains_wcard); if (!NT_STATUS_IS_OK(err)) { + reply_nterror(req, err); END_PROFILE(SMBfclose); - return ERROR_NT(err); + return; } p++; status_len = SVAL(p,0); p += 2; if (status_len == 0) { + reply_doserror(req, ERRSRV, ERRsrverror); END_PROFILE(SMBfclose); - return ERROR_DOS(ERRSRV,ERRsrverror); + return; } memcpy(status,p,21); @@ -1421,12 +1458,13 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size dptr_close(&dptr_num); } - SSVAL(outbuf,smb_vwv0,0); + reply_outbuf(req, 1, 0); + SSVAL(req->outbuf,smb_vwv0,0); DEBUG(3,("search close\n")); END_PROFILE(SMBfclose); - return(outsize); + return; } /**************************************************************************** -- cgit From 2823bf10b520996a20688190d784f45851e1ba24 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 15 Aug 2007 01:54:37 +0000 Subject: r24445: Convert SMBwritebraw. No test suite unfortunately.... I need to write one for this. Jeremy (This used to be commit edc17dfcbd21cccaffb76f4ae67fe4b06520f1a9) --- source3/smbd/reply.c | 211 ++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 150 insertions(+), 61 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7ab503906d..1a14d6c594 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3258,12 +3258,28 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) return; } +/**************************************************************************** + Error replies to writebraw must have smb_wct == 1. Fix this up. +****************************************************************************/ + +void error_to_writebrawerr(struct smb_request *req) +{ + uint8 *old_outbuf = req->outbuf; + + reply_outbuf(req, 1, 0); + + memcpy(req->outbuf, old_outbuf, smb_size); + TALLOC_FREE(old_outbuf); +} + /**************************************************************************** Reply to a writebraw (core+ or LANMAN1.0 protocol). ****************************************************************************/ -int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) +void reply_writebraw(connection_struct *conn, struct smb_request *req) { + int outsize = 0; + char *buf = NULL; ssize_t nwritten=0; ssize_t total_written=0; size_t numtowrite=0; @@ -3271,140 +3287,212 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, SMB_OFF_T startpos; char *data=NULL; BOOL write_through; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); - int outsize = 0; + files_struct *fsp; NTSTATUS status; + START_PROFILE(SMBwritebraw); + /* + * If we ever reply with an error, it must have the SMB command + * type of SMBwritec, not SMBwriteBraw, as this tells the client + * we're finished. + */ + SCVAL(req->inbuf,smb_com,SMBwritec); + if (srv_is_signing_active()) { - exit_server_cleanly("reply_writebraw: SMB signing is active - raw reads/writes are disallowed."); + END_PROFILE(SMBwritebraw); + exit_server_cleanly("reply_writebraw: SMB signing is active - " + "raw reads/writes are disallowed."); + } + + if (req->wct < 12) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + error_to_writebrawerr(req); + END_PROFILE(SMBwritebraw); + return; + } + + fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); + if (!check_fsp(conn, req, fsp, ¤t_user)) { + error_to_writebrawerr(req); + END_PROFILE(SMBwritebraw); + return; } - CHECK_FSP(fsp,conn); if (!CHECK_WRITE(fsp)) { - return(ERROR_DOS(ERRDOS,ERRbadaccess)); + reply_doserror(req, ERRDOS, ERRbadaccess); + error_to_writebrawerr(req); + END_PROFILE(SMBwritebraw); + return; } - - tcount = IVAL(inbuf,smb_vwv1); - startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); - write_through = BITSETW(inbuf+smb_vwv7,0); + + tcount = IVAL(req->inbuf,smb_vwv1); + startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3); + write_through = BITSETW(req->inbuf+smb_vwv7,0); /* We have to deal with slightly different formats depending on whether we are using the core+ or lanman1.0 protocol */ if(Protocol <= PROTOCOL_COREPLUS) { - numtowrite = SVAL(smb_buf(inbuf),-2); - data = smb_buf(inbuf); + numtowrite = SVAL(smb_buf(req->inbuf),-2); + data = smb_buf(req->inbuf); } else { - numtowrite = SVAL(inbuf,smb_vwv10); - data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11); + numtowrite = SVAL(req->inbuf,smb_vwv10); + data = smb_base(req->inbuf) + SVAL(req->inbuf, smb_vwv11); } - /* force the error type */ - SCVAL(inbuf,smb_com,SMBwritec); - SCVAL(outbuf,smb_com,SMBwritec); + /* Ensure we don't write bytes past the end of this packet. */ + if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + error_to_writebrawerr(req); + END_PROFILE(SMBwritebraw); + return; + } - if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) { + if (is_locked(fsp,(uint32)req->smbpid,(SMB_BIG_UINT)tcount, + (SMB_BIG_UINT)startpos, WRITE_LOCK)) { + reply_doserror(req, ERRDOS, ERRlock); + error_to_writebrawerr(req); END_PROFILE(SMBwritebraw); - return(ERROR_DOS(ERRDOS,ERRlock)); + return; } - if (numtowrite>0) + if (numtowrite>0) { nwritten = write_file(fsp,data,startpos,numtowrite); - - DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n", - fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through)); + } + + DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d " + "wrote=%d sync=%d\n", + fsp->fnum, (double)startpos, (int)numtowrite, + (int)nwritten, (int)write_through)); if (nwritten < (ssize_t)numtowrite) { + reply_unixerror(req, ERRHRD, ERRdiskfull); + error_to_writebrawerr(req); END_PROFILE(SMBwritebraw); - return(UNIXERROR(ERRHRD,ERRdiskfull)); + return; } total_written = nwritten; - /* Return a message to the redirector to tell it to send more bytes */ - SCVAL(outbuf,smb_com,SMBwritebraw); - SSVALS(outbuf,smb_vwv0,-1); - outsize = set_message(inbuf,outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); - show_msg(outbuf); - if (!send_smb(smbd_server_fd(),outbuf)) - exit_server_cleanly("reply_writebraw: send_smb failed."); - + /* Allocate a buffer of 64k + length. */ + buf = TALLOC_ARRAY(NULL, char, 65540); + if (!buf) { + reply_doserror(req, ERRDOS, ERRnomem); + error_to_writebrawerr(req); + END_PROFILE(SMBwritebraw); + return; + } + + /* Return a SMBwritebraw message to the redirector to tell + * it to send more bytes */ + + memcpy(buf, req->inbuf, smb_size); + outsize = set_message(NULL,buf, + Protocol>PROTOCOL_COREPLUS?1:0,0,True); + SCVAL(buf,smb_com,SMBwritebraw); + SSVALS(buf,smb_vwv0,0xFFFF); + show_msg(buf); + if (!send_smb(smbd_server_fd(),buf)) { + exit_server_cleanly("reply_writebraw: send_smb " + "failed."); + } + /* Now read the raw data into the buffer and write it */ - if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) { + if (read_smb_length(smbd_server_fd(),buf,SMB_SECONDARY_WAIT) == -1) { exit_server_cleanly("secondary writebraw failed"); } - - /* Even though this is not an smb message, smb_len returns the generic length of an smb message */ - numtowrite = smb_len(inbuf); - /* Set up outbuf to return the correct return */ - outsize = set_message(inbuf,outbuf,1,0,True); - SCVAL(outbuf,smb_com,SMBwritec); + /* + * Even though this is not an smb message, + * smb_len returns the generic length of a packet. + */ + + numtowrite = smb_len(buf); + + /* Set up outbuf to return the correct size */ + reply_outbuf(req, 1, 0); if (numtowrite != 0) { - if (numtowrite > BUFFER_SIZE) { - DEBUG(0,("reply_writebraw: Oversize secondary write raw requested (%u). Terminating\n", + if (numtowrite > 0xFFFF) { + DEBUG(0,("reply_writebraw: Oversize secondary write " + "raw requested (%u). Terminating\n", (unsigned int)numtowrite )); exit_server_cleanly("secondary writebraw failed"); } if (tcount > nwritten+numtowrite) { - DEBUG(3,("Client overestimated the write %d %d %d\n", + DEBUG(3,("reply_writebraw: Client overestimated the " + "write %d %d %d\n", (int)tcount,(int)nwritten,(int)numtowrite)); } - if (read_data( smbd_server_fd(), inbuf+4, numtowrite) != numtowrite ) { - DEBUG(0,("reply_writebraw: Oversize secondary write raw read failed (%s). Terminating\n", + if (read_data(smbd_server_fd(), buf+4, numtowrite) + != numtowrite ) { + DEBUG(0,("reply_writebraw: Oversize secondary write " + "raw read failed (%s). Terminating\n", strerror(errno) )); exit_server_cleanly("secondary writebraw failed"); } - nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite); + nwritten = write_file(fsp,buf+4,startpos+nwritten,numtowrite); if (nwritten == -1) { + TALLOC_FREE(buf); + reply_unixerror(req, ERRHRD, ERRdiskfull); + error_to_writebrawerr(req); END_PROFILE(SMBwritebraw); - return(UNIXERROR(ERRHRD,ERRdiskfull)); + return; } if (nwritten < (ssize_t)numtowrite) { - SCVAL(outbuf,smb_rcls,ERRHRD); - SSVAL(outbuf,smb_err,ERRdiskfull); + SCVAL(req->outbuf,smb_rcls,ERRHRD); + SSVAL(req->outbuf,smb_err,ERRdiskfull); } - if (nwritten > 0) + if (nwritten > 0) { total_written += nwritten; + } } - - SSVAL(outbuf,smb_vwv0,total_written); + + TALLOC_FREE(buf); + SSVAL(req->outbuf,smb_vwv0,total_written); status = sync_file(conn, fsp, write_through); if (!NT_STATUS_IS_OK(status)) { DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n", fsp->fsp_name, nt_errstr(status) )); + reply_nterror(req, status); + error_to_writebrawerr(req); END_PROFILE(SMBwritebraw); - return ERROR_NT(status); + return; } - DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n", - fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written)); + DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d " + "wrote=%d\n", + fsp->fnum, (double)startpos, (int)numtowrite, + (int)total_written)); - /* we won't return a status if write through is not selected - this follows what WfWg does */ + /* We won't return a status if write through is not selected - this + * follows what WfWg does */ END_PROFILE(SMBwritebraw); + if (!write_through && total_written==tcount) { #if RABBIT_PELLET_FIX /* * Fix for "rabbit pellet" mode, trigger an early TCP ack by - * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA. + * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. + * JRA. */ - if (!send_keepalive(smbd_server_fd())) - exit_server_cleanly("reply_writebraw: send of keepalive failed"); + if (!send_keepalive(smbd_server_fd())) { + exit_server_cleanly("reply_writebraw: send of " + "keepalive failed"); + } #endif - return(-1); + TALLOC_FREE(req->outbuf); } - - return(outsize); + return; } #undef DBGC_CLASS @@ -3540,6 +3628,7 @@ void reply_write(connection_struct *conn, struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); if (!check_fsp(conn, req, fsp, ¤t_user)) { + END_PROFILE(SMBwrite); return; } -- cgit From 24f42c5cefff01cc69118cb714a053cddb68e4d9 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 15 Aug 2007 09:52:09 +0000 Subject: r24453: Remove the read and write bmpx calls Talked to both Tridge and Jeremy about this, Tridge said that there is a special error message persuading OS/2 to fall back to other methods. The calls now checked in always return the error message we used to return when "read bmpx = False" was set (the default): ERRSRV, ERRuseSTD. If someone has a reproducable test case where this is really needed, we can always dig it up from version control and convert it to the new API. But that time without that silly parameter, and with a torture test case for "make test" please :-) Volker (This used to be commit d941aae2dfd11609e807bf4ce712571a2e354627) --- source3/smbd/reply.c | 284 +++++---------------------------------------------- 1 file changed, 28 insertions(+), 256 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1a14d6c594..c7040278a5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -6539,80 +6539,30 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) /**************************************************************************** Reply to a SMBreadbmpx (read block multiplex) request. + Always reply with an error, if someone has a platform really needs this, + please contact vl@samba.org ****************************************************************************/ -int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize) +void reply_readbmpx(connection_struct *conn, struct smb_request *req) { - ssize_t nread = -1; - ssize_t total_read; - char *data; - SMB_OFF_T startpos; - int outsize; - size_t maxcount; - int max_per_packet; - size_t tcount; - int pad; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); START_PROFILE(SMBreadBmpx); + reply_doserror(req, ERRSRV, ERRuseSTD); + END_PROFILE(SMBreadBmpx); + return; +} - /* this function doesn't seem to work - disable by default */ - if (!lp_readbmpx()) { - END_PROFILE(SMBreadBmpx); - return ERROR_DOS(ERRSRV,ERRuseSTD); - } - - outsize = set_message(inbuf,outbuf,8,0,True); - - CHECK_FSP(fsp,conn); - if (!CHECK_READ(fsp,inbuf)) { - return(ERROR_DOS(ERRDOS,ERRbadaccess)); - } - - startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1); - maxcount = SVAL(inbuf,smb_vwv3); - - data = smb_buf(outbuf); - pad = ((long)data)%4; - if (pad) - pad = 4 - pad; - data += pad; - - max_per_packet = bufsize-(outsize+pad); - tcount = maxcount; - total_read = 0; - - if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) { - END_PROFILE(SMBreadBmpx); - return ERROR_DOS(ERRDOS,ERRlock); - } - - do { - size_t N = MIN(max_per_packet,tcount-total_read); - - nread = read_file(fsp,data,startpos,N); - - if (nread <= 0) - nread = 0; - - if (nread < (ssize_t)N) - tcount = total_read + nread; - - set_message(inbuf,outbuf,8,nread+pad,False); - SIVAL(outbuf,smb_vwv0,startpos); - SSVAL(outbuf,smb_vwv2,tcount); - SSVAL(outbuf,smb_vwv6,nread); - SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf)); - - show_msg(outbuf); - if (!send_smb(smbd_server_fd(),outbuf)) - exit_server_cleanly("reply_readbmpx: send_smb failed."); - - total_read += nread; - startpos += nread; - } while (total_read < (ssize_t)tcount); +/**************************************************************************** + Reply to a SMBreadbs (read block multiplex secondary) request. + Always reply with an error, if someone has a platform really needs this, + please contact vl@samba.org +****************************************************************************/ - END_PROFILE(SMBreadBmpx); - return(-1); +void reply_readbs(connection_struct *conn, struct smb_request *req) +{ + START_PROFILE(SMBreadBs); + reply_doserror(req, ERRSRV, ERRuseSTD); + END_PROFILE(SMBreadBs); + return; } /**************************************************************************** @@ -6693,208 +6643,30 @@ void reply_setattrE(connection_struct *conn, struct smb_request *req) /**************************************************************************** Reply to a SMBwritebmpx (write block multiplex primary) request. + Always reply with an error, if someone has a platform really needs this, + please contact vl@samba.org ****************************************************************************/ -int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) +void reply_writebmpx(connection_struct *conn, struct smb_request *req) { - size_t numtowrite; - ssize_t nwritten = -1; - int outsize = 0; - SMB_OFF_T startpos; - size_t tcount; - BOOL write_through; - int smb_doff; - char *data; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); - NTSTATUS status; START_PROFILE(SMBwriteBmpx); - - CHECK_FSP(fsp,conn); - if (!CHECK_WRITE(fsp)) { - return(ERROR_DOS(ERRDOS,ERRbadaccess)); - } - if (HAS_CACHED_ERROR(fsp)) { - return(CACHED_ERROR(fsp)); - } - - tcount = SVAL(inbuf,smb_vwv1); - startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3); - write_through = BITSETW(inbuf+smb_vwv7,0); - numtowrite = SVAL(inbuf,smb_vwv10); - smb_doff = SVAL(inbuf,smb_vwv11); - - data = smb_base(inbuf) + smb_doff; - - /* If this fails we need to send an SMBwriteC response, - not an SMBwritebmpx - set this up now so we don't forget */ - SCVAL(outbuf,smb_com,SMBwritec); - - if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) { - END_PROFILE(SMBwriteBmpx); - return(ERROR_DOS(ERRDOS,ERRlock)); - } - - nwritten = write_file(fsp,data,startpos,numtowrite); - - status = sync_file(conn, fsp, write_through); - if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBwriteBmpx); - DEBUG(5,("reply_writebmpx: sync_file for %s returned %s\n", - fsp->fsp_name, nt_errstr(status) )); - return ERROR_NT(status); - } - - if(nwritten < (ssize_t)numtowrite) { - END_PROFILE(SMBwriteBmpx); - return(UNIXERROR(ERRHRD,ERRdiskfull)); - } - - /* If the maximum to be written to this file - is greater than what we just wrote then set - up a secondary struct to be attached to this - fd, we will use this to cache error messages etc. */ - - if((ssize_t)tcount > nwritten) { - write_bmpx_struct *wbms; - if(fsp->wbmpx_ptr != NULL) - wbms = fsp->wbmpx_ptr; /* Use an existing struct */ - else - wbms = SMB_MALLOC_P(write_bmpx_struct); - if(!wbms) { - DEBUG(0,("Out of memory in reply_readmpx\n")); - END_PROFILE(SMBwriteBmpx); - return(ERROR_DOS(ERRSRV,ERRnoresource)); - } - wbms->wr_mode = write_through; - wbms->wr_discard = False; /* No errors yet */ - wbms->wr_total_written = nwritten; - wbms->wr_errclass = 0; - wbms->wr_error = 0; - fsp->wbmpx_ptr = wbms; - } - - /* We are returning successfully, set the message type back to - SMBwritebmpx */ - SCVAL(outbuf,smb_com,SMBwriteBmpx); - - outsize = set_message(inbuf,outbuf,1,0,True); - - SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */ - - DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n", - fsp->fnum, (int)numtowrite, (int)nwritten ) ); - - if (write_through && tcount==nwritten) { - /* We need to send both a primary and a secondary response */ - smb_setlen(inbuf,outbuf,outsize - 4); - show_msg(outbuf); - if (!send_smb(smbd_server_fd(),outbuf)) - exit_server_cleanly("reply_writebmpx: send_smb failed."); - - /* Now the secondary */ - outsize = set_message(inbuf,outbuf,1,0,True); - SCVAL(outbuf,smb_com,SMBwritec); - SSVAL(outbuf,smb_vwv0,nwritten); - } - + reply_doserror(req, ERRSRV, ERRuseSTD); END_PROFILE(SMBwriteBmpx); - return(outsize); + return; } /**************************************************************************** Reply to a SMBwritebs (write block multiplex secondary) request. + Always reply with an error, if someone has a platform really needs this, + please contact vl@samba.org ****************************************************************************/ -int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_writebs(connection_struct *conn, struct smb_request *req) { - size_t numtowrite; - ssize_t nwritten = -1; - int outsize = 0; - SMB_OFF_T startpos; - size_t tcount; - BOOL write_through; - int smb_doff; - char *data; - write_bmpx_struct *wbms; - BOOL send_response = False; - files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0)); - NTSTATUS status; START_PROFILE(SMBwriteBs); - - CHECK_FSP(fsp,conn); - if (!CHECK_WRITE(fsp)) { - return(ERROR_DOS(ERRDOS,ERRbadaccess)); - } - - tcount = SVAL(inbuf,smb_vwv1); - startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); - numtowrite = SVAL(inbuf,smb_vwv6); - smb_doff = SVAL(inbuf,smb_vwv7); - - data = smb_base(inbuf) + smb_doff; - - /* We need to send an SMBwriteC response, not an SMBwritebs */ - SCVAL(outbuf,smb_com,SMBwritec); - - /* This fd should have an auxiliary struct attached, - check that it does */ - wbms = fsp->wbmpx_ptr; - if(!wbms) { - END_PROFILE(SMBwriteBs); - return(-1); - } - - /* If write through is set we can return errors, else we must cache them */ - write_through = wbms->wr_mode; - - /* Check for an earlier error */ - if(wbms->wr_discard) { - END_PROFILE(SMBwriteBs); - return -1; /* Just discard the packet */ - } - - nwritten = write_file(fsp,data,startpos,numtowrite); - - status = sync_file(conn, fsp, write_through); - - if (nwritten < (ssize_t)numtowrite || !NT_STATUS_IS_OK(status)) { - if(write_through) { - /* We are returning an error - we can delete the aux struct */ - if (wbms) - free((char *)wbms); - fsp->wbmpx_ptr = NULL; - END_PROFILE(SMBwriteBs); - return(ERROR_DOS(ERRHRD,ERRdiskfull)); - } - wbms->wr_errclass = ERRHRD; - wbms->wr_error = ERRdiskfull; - wbms->wr_status = NT_STATUS_DISK_FULL; - wbms->wr_discard = True; - END_PROFILE(SMBwriteBs); - return -1; - } - - /* Increment the total written, if this matches tcount - we can discard the auxiliary struct (hurrah !) and return a writeC */ - wbms->wr_total_written += nwritten; - if(wbms->wr_total_written >= tcount) { - if (write_through) { - outsize = set_message(inbuf,outbuf,1,0,True); - SSVAL(outbuf,smb_vwv0,wbms->wr_total_written); - send_response = True; - } - - free((char *)wbms); - fsp->wbmpx_ptr = NULL; - } - - if(send_response) { - END_PROFILE(SMBwriteBs); - return(outsize); - } - + reply_doserror(req, ERRSRV, ERRuseSTD); END_PROFILE(SMBwriteBs); - return(-1); + return; } /**************************************************************************** -- cgit From 716e01d97e91227a0d03cbd5e74e4a36efc223eb Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 15 Aug 2007 10:29:47 +0000 Subject: r24457: Convert reply_tcon to the new API Jeremy, I really apologize for doing this, but I just wanted to enjoy converting the last SMB call :-) I've left one little task for you there, I'm not certain that checking the inbuf length is correct here. Volker (This used to be commit 1e08fddafda11961f8855423b29c1f8a9a6b4457) --- source3/smbd/reply.c | 54 ++++++++++++++++++++++++---------------------------- 1 file changed, 25 insertions(+), 29 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c7040278a5..a95f2ec87e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -429,16 +429,12 @@ void reply_special(char *inbuf) conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -int reply_tcon(connection_struct *conn, - char *inbuf,char *outbuf, int dum_size, int dum_buffsize) +void reply_tcon(connection_struct *conn, struct smb_request *req) { - TALLOC_CTX *ctx; const char *service; char *service_buf = NULL; char *password = NULL; char *dev = NULL; - int outsize = 0; - uint16 vuid = SVAL(inbuf,smb_uid); int pwlen=0; NTSTATUS nt_status; char *p; @@ -446,25 +442,26 @@ int reply_tcon(connection_struct *conn, START_PROFILE(SMBtcon); - ctx = talloc_init("reply_tcon"); - if (!ctx) { - END_PROFILE(SMBtcon); - return ERROR_NT(NT_STATUS_NO_MEMORY); - } - - p = smb_buf(inbuf)+1; - p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2), - &service_buf, p, STR_TERMINATE) + 1; - pwlen = srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2), - &password, p, STR_TERMINATE) + 1; + /******************************************************************** + * Warning! I'm not sure that the inbuf length check is actually + * correct here. -- vl + * + * Jeremy, please check and remove this comment :-) + ********************************************************************/ + + p = smb_buf(req->inbuf)+1; + p += srvstr_pull_buf_talloc(req, req->inbuf, req->flags2, + &service_buf, p, STR_TERMINATE) + 1; + pwlen = srvstr_pull_buf_talloc(req, req->inbuf, req->flags2, + &password, p, STR_TERMINATE) + 1; p += pwlen; - p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2), - &dev, p, STR_TERMINATE) + 1; + p += srvstr_pull_buf_talloc(req, req->inbuf, req->flags2, + &dev, p, STR_TERMINATE) + 1; if (service_buf == NULL || password == NULL || dev == NULL) { - TALLOC_FREE(ctx); + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBtcon); - return ERROR_NT(NT_STATUS_INVALID_PARAMETER); + return; } p = strrchr_m(service_buf,'\\'); if (p) { @@ -475,27 +472,26 @@ int reply_tcon(connection_struct *conn, password_blob = data_blob(password, pwlen+1); - conn = make_connection(service,password_blob,dev,vuid,&nt_status); + conn = make_connection(service,password_blob,dev,req->vuid,&nt_status); data_blob_clear_free(&password_blob); if (!conn) { - TALLOC_FREE(ctx); + reply_nterror(req, nt_status); END_PROFILE(SMBtcon); - return ERROR_NT(nt_status); + return; } - outsize = set_message(inbuf,outbuf,2,0,True); - SSVAL(outbuf,smb_vwv0,max_recv); - SSVAL(outbuf,smb_vwv1,conn->cnum); - SSVAL(outbuf,smb_tid,conn->cnum); + reply_outbuf(req, 2, 0); + SSVAL(req->outbuf,smb_vwv0,max_recv); + SSVAL(req->outbuf,smb_vwv1,conn->cnum); + SSVAL(req->outbuf,smb_tid,conn->cnum); DEBUG(3,("tcon service=%s cnum=%d\n", service, conn->cnum)); END_PROFILE(SMBtcon); - TALLOC_FREE(ctx); - return(outsize); + return; } /**************************************************************************** -- cgit From 6051d516547813d48b58d0519ee9f52b291c1ed2 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 15 Aug 2007 13:44:34 +0000 Subject: r24461: Fix Bug 4852, thank to anto for reporting it. (This used to be commit 0fecd8a0c3aaa64e137d2efd3f9cc7705837ea2a) --- source3/smbd/reply.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a95f2ec87e..786fe9c6a1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1718,9 +1718,23 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBopenX); if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ + END_PROFILE(SMBopenX); + return; + } + if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) { + /* + * We hit an existing file, and if we're returning DOS + * error codes OBJECT_NAME_COLLISION would map to + * ERRDOS/183, we need to return ERRDOS/80, see bug + * 4852. + */ + reply_botherror(req, NT_STATUS_OBJECT_NAME_COLLISION, + ERRDOS, ERRfilexists); + END_PROFILE(SMBopenX); return; } reply_nterror(req, status); + END_PROFILE(SMBopenX); return; } -- cgit From 622abf53f9de8a0230d71fcdb3724e1be31a2cc7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 16 Aug 2007 00:37:07 +0000 Subject: r24476: Fix the mappings in reply_opeXXX calls. Now to test renames. Jeremy. (This used to be commit 74d10b09a68f5c06d6b3ceffe0a40818dc84106e) --- source3/smbd/reply.c | 31 ++++++++++++++++++++++++------- 1 file changed, 24 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 786fe9c6a1..1b0785285d 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1551,13 +1551,23 @@ void reply_open(connection_struct *conn, struct smb_request *req) &info, &fsp); if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBopen); if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ - END_PROFILE(SMBopen); + return; + } + if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) { + /* + * We hit an existing file, and if we're returning DOS + * error codes OBJECT_NAME_COLLISION would map to + * ERRDOS/183, we need to return ERRDOS/80, see bug + * 4852. + */ + reply_botherror(req, NT_STATUS_OBJECT_NAME_COLLISION, + ERRDOS, ERRfilexists); return; } reply_nterror(req, status); - END_PROFILE(SMBopen); return; } @@ -1718,7 +1728,6 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBopenX); if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ - END_PROFILE(SMBopenX); return; } if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) { @@ -1730,11 +1739,9 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) */ reply_botherror(req, NT_STATUS_OBJECT_NAME_COLLISION, ERRDOS, ERRfilexists); - END_PROFILE(SMBopenX); return; } reply_nterror(req, status); - END_PROFILE(SMBopenX); return; } @@ -2075,13 +2082,23 @@ void reply_ctemp(connection_struct *conn, struct smb_request *req) close(tmpfd); if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBctemp); if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ - END_PROFILE(SMBctemp); + return; + } + if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) { + /* + * We hit an existing file, and if we're returning DOS + * error codes OBJECT_NAME_COLLISION would map to + * ERRDOS/183, we need to return ERRDOS/80, see bug + * 4852. + */ + reply_botherror(req, NT_STATUS_OBJECT_NAME_COLLISION, + ERRDOS, ERRfilexists); return; } reply_nterror(req, status); - END_PROFILE(SMBctemp); return; } -- cgit From 077d5d2e369e4fcb3e8c8fec862da9e450398ef3 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 16 Aug 2007 17:42:34 +0000 Subject: r24498: More extra code into a function, reply_openerror. Jeremy. (This used to be commit 43ddfb8c918bd27e2efd3b54077db815da80a53a) --- source3/smbd/reply.c | 43 +++++-------------------------------------- 1 file changed, 5 insertions(+), 38 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1b0785285d..a2ea35b115 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1556,18 +1556,7 @@ void reply_open(connection_struct *conn, struct smb_request *req) /* We have re-scheduled this call. */ return; } - if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) { - /* - * We hit an existing file, and if we're returning DOS - * error codes OBJECT_NAME_COLLISION would map to - * ERRDOS/183, we need to return ERRDOS/80, see bug - * 4852. - */ - reply_botherror(req, NT_STATUS_OBJECT_NAME_COLLISION, - ERRDOS, ERRfilexists); - return; - } - reply_nterror(req, status); + reply_openerror(req, status); return; } @@ -1723,25 +1712,14 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) smb_attr, oplock_request, &smb_action, &fsp); - + if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ return; } - if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) { - /* - * We hit an existing file, and if we're returning DOS - * error codes OBJECT_NAME_COLLISION would map to - * ERRDOS/183, we need to return ERRDOS/80, see bug - * 4852. - */ - reply_botherror(req, NT_STATUS_OBJECT_NAME_COLLISION, - ERRDOS, ERRfilexists); - return; - } - reply_nterror(req, status); + reply_openerror(req, status); return; } @@ -2087,18 +2065,7 @@ void reply_ctemp(connection_struct *conn, struct smb_request *req) /* We have re-scheduled this call. */ return; } - if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) { - /* - * We hit an existing file, and if we're returning DOS - * error codes OBJECT_NAME_COLLISION would map to - * ERRDOS/183, we need to return ERRDOS/80, see bug - * 4852. - */ - reply_botherror(req, NT_STATUS_OBJECT_NAME_COLLISION, - ERRDOS, ERRfilexists); - return; - } - reply_nterror(req, status); + reply_openerror(req, status); return; } @@ -4678,7 +4645,7 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBmkdir); return; } - + status = create_directory(conn, directory); DEBUG(5, ("create_directory returned %s\n", nt_errstr(status))); -- cgit From 891fa216ead2c5001bc8c671639ae59be79b968b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 17 Aug 2007 01:55:58 +0000 Subject: r24501: Added bcc test for reply_tcon & removed Vl's comment :-). Jeremy. (This used to be commit 9d9ed41f2139051578c35f80112640cffb5f7608) --- source3/smbd/reply.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a2ea35b115..ce3eebff99 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -442,12 +442,11 @@ void reply_tcon(connection_struct *conn, struct smb_request *req) START_PROFILE(SMBtcon); - /******************************************************************** - * Warning! I'm not sure that the inbuf length check is actually - * correct here. -- vl - * - * Jeremy, please check and remove this comment :-) - ********************************************************************/ + if (smb_buflen(req->inbuf) < 4) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBtcon); + return; + } p = smb_buf(req->inbuf)+1; p += srvstr_pull_buf_talloc(req, req->inbuf, req->flags2, -- cgit From 2efabbbf4b97a62247aa080249d3de21f044b1cb Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 19 Aug 2007 19:57:55 +0000 Subject: r24548: Fix the case-changing renames This was broken when I changed reply_mv to wrap in a open_file_ntcreate call, unix_convert on the destination was called twice (This used to be commit fddc9db91175bdb0b7ac6a636f8bef918bd7c1b4) --- source3/smbd/reply.c | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ce3eebff99..b3c4717b0b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5111,24 +5111,18 @@ static void notify_rename(connection_struct *conn, BOOL is_dir, Rename an open file - given an fsp. ****************************************************************************/ -NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstring newname, uint32 attrs, BOOL replace_if_exists) +NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, + pstring newname, + const char *newname_last_component, + uint32 attrs, BOOL replace_if_exists) { SMB_STRUCT_STAT sbuf, sbuf1; - pstring newname_last_component; NTSTATUS status = NT_STATUS_OK; struct share_mode_lock *lck = NULL; BOOL dst_exists; ZERO_STRUCT(sbuf); - status = unix_convert(conn, newname, False, newname_last_component, &sbuf); - - /* If an error we expect this to be NT_STATUS_OBJECT_PATH_NOT_FOUND */ - - if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(NT_STATUS_OBJECT_PATH_NOT_FOUND, status)) { - return status; - } - status = check_name(conn, newname); if (!NT_STATUS_IS_OK(status)) { return status; @@ -5420,8 +5414,9 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, return status; } - status = rename_internals_fsp(conn, fsp, newname, attrs, - replace_if_exists); + status = rename_internals_fsp(conn, fsp, newname, + last_component_dest, + attrs, replace_if_exists); close_file(fsp, NORMAL_CLOSE); @@ -5517,8 +5512,8 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, break; } - status = rename_internals_fsp(conn, fsp, destname, attrs, - replace_if_exists); + status = rename_internals_fsp(conn, fsp, destname, dname, + attrs, replace_if_exists); close_file(fsp, NORMAL_CLOSE); -- cgit From 5993ddf240a945ae770754454a201c3f7a0ad7d8 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 25 Aug 2007 19:47:57 +0000 Subject: r24659: Some formatting changes helping to minimize the 3_2_0 diff (This used to be commit c5caea43af154671448df82881efe09a5c982386) --- source3/smbd/reply.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b3c4717b0b..c3ae4ef61f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -486,7 +486,7 @@ void reply_tcon(connection_struct *conn, struct smb_request *req) SSVAL(req->outbuf,smb_vwv1,conn->cnum); SSVAL(req->outbuf,smb_tid,conn->cnum); - DEBUG(3,("tcon service=%s cnum=%d\n", + DEBUG(3,("tcon service=%s cnum=%d\n", service, conn->cnum)); END_PROFILE(SMBtcon); @@ -1550,12 +1550,13 @@ void reply_open(connection_struct *conn, struct smb_request *req) &info, &fsp); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBopen); if (open_was_deferred(req->mid)) { + END_PROFILE(SMBopen); /* We have re-scheduled this call. */ return; } reply_openerror(req, status); + END_PROFILE(SMBopen); return; } @@ -1876,7 +1877,7 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) srvstr_get_path((char *)req->inbuf, req->flags2, fname, smb_buf(req->inbuf) + 1, sizeof(fname), 0, - STR_TERMINATE, &status); + STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcreate); @@ -1947,7 +1948,6 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) file_ntimes(conn, fname, ts); reply_outbuf(req, 1, 0); - SSVAL(req->outbuf,smb_vwv0,fsp->fnum); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { @@ -2059,12 +2059,13 @@ void reply_ctemp(connection_struct *conn, struct smb_request *req) close(tmpfd); if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBctemp); if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ + END_PROFILE(SMBctemp); return; } reply_openerror(req, status); + END_PROFILE(SMBctemp); return; } @@ -2668,7 +2669,7 @@ void reply_readbraw(connection_struct *conn, struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - /* + /* * We have to do a check_fsp by hand here, as * we must always return 4 zero bytes on error, * not a NTSTATUS. @@ -2760,7 +2761,7 @@ void reply_readbraw(connection_struct *conn, struct smb_request *req) if (startpos >= size) { nread = 0; } else { - nread = MIN(maxcount,(size - startpos)); + nread = MIN(maxcount,(size - startpos)); } #if 0 /* mincount appears to be ignored in a W2K server. JRA. */ @@ -3088,7 +3089,6 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, TALLOC_FREE(req->outbuf); return; } - #endif normal_read: -- cgit From b578db69e91a088f158c1cd78a71d00045fc1da6 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 27 Aug 2007 12:04:09 +0000 Subject: r24702: Remove the old API pointers (This used to be commit 17df313db42199e26d7d2044f6a1d845aacd1a90) --- source3/smbd/reply.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c3ae4ef61f..2694176ca7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -687,7 +687,7 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) TALLOC_FREE(ctx); END_PROFILE(SMBtconX); - chain_reply_new(req); + chain_reply(req); return; } @@ -1802,7 +1802,7 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) } END_PROFILE(SMBopenX); - chain_reply_new(req); + chain_reply(req); return; } @@ -1837,7 +1837,7 @@ void reply_ulogoffX(connection_struct *conn, struct smb_request *req) DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) ); END_PROFILE(SMBulogoffX); - chain_reply_new(req); + chain_reply(req); } /**************************************************************************** @@ -3129,7 +3129,7 @@ normal_read: DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); - chain_reply_new(req); + chain_reply(req); return; } @@ -3241,7 +3241,6 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) if (!big_readX && schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) { END_PROFILE(SMBreadX); - reply_post_legacy(req, -1); return; } @@ -3842,7 +3841,7 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) } END_PROFILE(SMBwriteX); - chain_reply_new(req); + chain_reply(req); return; } @@ -6252,7 +6251,6 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) * send a reply */ if (num_locks == 0 && num_ulocks == 0) { END_PROFILE(SMBlockingX); - reply_post_legacy(req, -1); return; } else { END_PROFILE(SMBlockingX); @@ -6459,7 +6457,6 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) block_smbpid)) { TALLOC_FREE(br_lck); END_PROFILE(SMBlockingX); - reply_post_legacy(req, -1); return; } } @@ -6519,7 +6516,7 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks)); END_PROFILE(SMBlockingX); - chain_reply_new(req); + chain_reply(req); } #undef DBGC_CLASS -- cgit From 132ee3990af5d31573978f5a3abf43db2303880b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 7 Sep 2007 20:57:01 +0000 Subject: r25009: Large patch discussed with Volker. Move unix_convert to a talloc-based interface. More development will come on top of this. Remove the "mangled map" parameter. Jeremy. (This used to be commit dee8beba7a92b8a3f68bbcc59fd0a827f68c7736) --- source3/smbd/reply.c | 489 ++++++++++++++++++++++++++++++++------------------- 1 file changed, 312 insertions(+), 177 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2694176ca7..dec0e26c41 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -285,11 +285,10 @@ size_t srvstr_get_path(const char *inbuf, uint16 smb_flags2, char *dest, } /**************************************************************************** - Check if we have a correct fsp pointing to a file. Replacement for the - CHECK_FSP macro. + Check if we have a correct fsp pointing to a file. Basic check for open fsp. ****************************************************************************/ -BOOL check_fsp(connection_struct *conn, struct smb_request *req, +BOOL check_fsp_open(connection_struct *conn, struct smb_request *req, files_struct *fsp, struct current_user *user) { if (!(fsp) || !(conn)) { @@ -300,6 +299,20 @@ BOOL check_fsp(connection_struct *conn, struct smb_request *req, reply_nterror(req, NT_STATUS_INVALID_HANDLE); return False; } + return True; +} + +/**************************************************************************** + Check if we have a correct fsp pointing to a file. Replacement for the + CHECK_FSP macro. +****************************************************************************/ + +BOOL check_fsp(connection_struct *conn, struct smb_request *req, + files_struct *fsp, struct current_user *user) +{ + if (!check_fsp_open(conn, req, fsp, user)) { + return False; + } if ((fsp)->is_directory) { reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST); return False; @@ -755,7 +768,9 @@ void reply_ioctl(connection_struct *conn, struct smb_request *req) SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */ SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */ SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */ - p = smb_buf(req->outbuf) + 1; /* Allow for alignment */ + p = smb_buf(req->outbuf); + memset(p, '\0', replysize+1); /* valgrind-safe. */ + p += 1; /* Allow for alignment */ switch (ioctl_code) { case IOCTL_QUERY_JOB_INFO: @@ -775,8 +790,7 @@ void reply_ioctl(connection_struct *conn, struct smb_request *req) srvstr_push((char *)req->outbuf, req->flags2, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII); - } - else { + } else { memset(p+18, 0, 13); } break; @@ -809,14 +823,15 @@ static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status) void reply_checkpath(connection_struct *conn, struct smb_request *req) { - pstring name; + pstring name_in; + char *name = NULL; SMB_STRUCT_STAT sbuf; NTSTATUS status; START_PROFILE(SMBcheckpath); - srvstr_get_path((char *)req->inbuf, req->flags2, name, - smb_buf(req->inbuf) + 1, sizeof(name), 0, + srvstr_get_path((char *)req->inbuf, req->flags2, name_in, + smb_buf(req->inbuf) + 1, sizeof(name_in), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { status = map_checkpath_error((char *)req->inbuf, status); @@ -825,7 +840,7 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, name); + status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, name_in); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -836,9 +851,9 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) goto path_err; } - DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->inbuf,smb_vwv0))); + DEBUG(3,("reply_checkpath %s mode=%d\n", name_in, (int)SVAL(req->inbuf,smb_vwv0))); - status = unix_convert(conn, name, False, NULL, &sbuf); + status = unix_convert(conn, name_in, False, &name, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { goto path_err; } @@ -899,7 +914,8 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) void reply_getatr(connection_struct *conn, struct smb_request *req) { - pstring fname; + pstring fname_in; + char *fname = NULL; SMB_STRUCT_STAT sbuf; int mode=0; SMB_OFF_T size=0; @@ -910,8 +926,8 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) START_PROFILE(SMBgetatr); p = smb_buf(req->inbuf) + 1; - p += srvstr_get_path((char *)req->inbuf, req->flags2, fname, p, - sizeof(fname), 0, STR_TERMINATE, &status); + p += srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, p, + sizeof(fname_in), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBgetatr); @@ -919,7 +935,7 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) } status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname); + fname_in); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -934,7 +950,7 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ - if (*fname == '\0') { + if (*fname_in == '\0') { mode = aHIDDEN | aDIR; if (!CAN_WRITE(conn)) { mode |= aRONLY; @@ -942,7 +958,7 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) size = 0; mtime = 0; } else { - status = unix_convert(conn, fname, False, NULL,&sbuf); + status = unix_convert(conn, fname_in, False, &fname, NULL,&sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBgetatr); @@ -997,7 +1013,8 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) void reply_setatr(connection_struct *conn, struct smb_request *req) { - pstring fname; + pstring fname_in; + char *fname = NULL; int mode; time_t mtime; SMB_STRUCT_STAT sbuf; @@ -1012,8 +1029,8 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) } p = smb_buf(req->inbuf) + 1; - p += srvstr_get_path((char *)req->inbuf, req->flags2, fname, p, - sizeof(fname), 0, STR_TERMINATE, &status); + p += srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, p, + sizeof(fname_in), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBsetatr); @@ -1021,7 +1038,7 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) } status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname); + fname_in); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -1034,7 +1051,7 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname, False, NULL, &sbuf); + status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBsetatr); @@ -1147,7 +1164,7 @@ void reply_dskattr(connection_struct *conn, struct smb_request *req) void reply_search(connection_struct *conn, struct smb_request *req) { pstring mask; - pstring directory; + char *directory = NULL; pstring fname; SMB_OFF_T size; uint32 mode; @@ -1181,7 +1198,7 @@ void reply_search(connection_struct *conn, struct smb_request *req) return; } - *mask = *directory = *fname = 0; + *mask = *fname = 0; /* If we were called as SMBffirst then we must expect close. */ if(CVAL(req->inbuf,smb_com) == SMBffirst) { @@ -1225,8 +1242,7 @@ void reply_search(connection_struct *conn, struct smb_request *req) if (status_len == 0) { SMB_STRUCT_STAT sbuf; - pstrcpy(directory,path); - nt_status = unix_convert(conn, directory, True, NULL, &sbuf); + nt_status = unix_convert(conn, path, True, &directory, NULL, &sbuf); if (!NT_STATUS_IS_OK(nt_status)) { reply_nterror(req, nt_status); END_PROFILE(SMBsearch); @@ -1243,17 +1259,43 @@ void reply_search(connection_struct *conn, struct smb_request *req) p = strrchr_m(directory,'/'); if (!p) { pstrcpy(mask,directory); - pstrcpy(directory,"."); + directory = talloc_strdup(talloc_tos(),"."); + if (!directory) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBsearch); + return; + } } else { *p = 0; pstrcpy(mask,p+1); } if (*directory == '\0') { - pstrcpy(directory,"."); + directory = talloc_strdup(talloc_tos(),"."); + if (!directory) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBsearch); + return; + } } memset((char *)status,'\0',21); SCVAL(status,0,(dirtype & 0x1F)); + + nt_status = dptr_create(conn, + directory, + True, + expect_close, + req->smbpid, + mask, + mask_contains_wcard, + dirtype, + &conn->dirptr); + if (!NT_STATUS_IS_OK(nt_status)) { + reply_nterror(req, nt_status); + END_PROFILE(SMBsearch); + return; + } + dptr_num = dptr_dnum(conn->dirptr); } else { int status_dirtype; @@ -1263,7 +1305,7 @@ void reply_search(connection_struct *conn, struct smb_request *req) dirtype = status_dirtype; } - conn->dirptr = dptr_fetch(status+12,&dptr_num); + conn->dirptr = dptr_fetch(status+12,&dptr_num); if (!conn->dirptr) { goto SearchEmpty; } @@ -1274,25 +1316,6 @@ void reply_search(connection_struct *conn, struct smb_request *req) * check from the initial saved string. */ mask_contains_wcard = ms_has_wild(mask); - } - - if (status_len == 0) { - nt_status = dptr_create(conn, - directory, - True, - expect_close, - req->smbpid, - mask, - mask_contains_wcard, - dirtype, - &conn->dirptr); - if (!NT_STATUS_IS_OK(nt_status)) { - reply_nterror(req, nt_status); - END_PROFILE(SMBsearch); - return; - } - dptr_num = dptr_dnum(conn->dirptr); - } else { dirtype = dptr_attr(dptr_num); } @@ -1393,13 +1416,18 @@ void reply_search(connection_struct *conn, struct smb_request *req) /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */ SSVAL(req->outbuf, smb_flg2, (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS))); - - if ((! *directory) && dptr_path(dptr_num)) - slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); - DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%u of %u\n", + if (!directory) { + directory = dptr_path(dptr_num); + } + + DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n", smb_fn_name(CVAL(req->inbuf,smb_com)), - mask, directory, dirtype, numentries, maxentries ) ); + mask, + directory ? directory : "./", + dirtype, + numentries, + maxentries )); END_PROFILE(SMBsearch); return; @@ -1468,7 +1496,8 @@ void reply_fclose(connection_struct *conn, struct smb_request *req) void reply_open(connection_struct *conn, struct smb_request *req) { - pstring fname; + pstring fname_in; + char *fname = NULL; uint32 fattr=0; SMB_OFF_T size = 0; time_t mtime=0; @@ -1496,8 +1525,8 @@ void reply_open(connection_struct *conn, struct smb_request *req) deny_mode = SVAL(req->inbuf,smb_vwv0); dos_attr = SVAL(req->inbuf,smb_vwv1); - srvstr_get_path((char *)req->inbuf, req->flags2, fname, - smb_buf(req->inbuf)+1, sizeof(fname), 0, + srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, + smb_buf(req->inbuf)+1, sizeof(fname_in), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -1506,7 +1535,7 @@ void reply_open(connection_struct *conn, struct smb_request *req) } status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname); + fname_in); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -1519,7 +1548,7 @@ void reply_open(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname, False, NULL, &sbuf); + status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBopen); @@ -1602,7 +1631,8 @@ void reply_open(connection_struct *conn, struct smb_request *req) void reply_open_and_X(connection_struct *conn, struct smb_request *req) { - pstring fname; + pstring fname_in; + char *fname = NULL; uint16 open_flags; int deny_mode; uint32 smb_attr; @@ -1658,8 +1688,8 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) } /* XXXX we need to handle passed times, sattr and flags */ - srvstr_get_path((char *)req->inbuf, req->flags2, fname, - smb_buf(req->inbuf), sizeof(fname), 0, STR_TERMINATE, + srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, + smb_buf(req->inbuf), sizeof(fname_in), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -1668,7 +1698,7 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) } status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname); + fname_in); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { @@ -1680,7 +1710,7 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname, False, NULL, &sbuf); + status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBopenX); @@ -1846,7 +1876,8 @@ void reply_ulogoffX(connection_struct *conn, struct smb_request *req) void reply_mknew(connection_struct *conn, struct smb_request *req) { - pstring fname; + pstring fname_in; + char *fname = NULL; int com; uint32 fattr = 0; struct timespec ts[2]; @@ -1875,8 +1906,8 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) srv_make_unix_date3(req->inbuf + smb_vwv1)); /* mtime. */ - srvstr_get_path((char *)req->inbuf, req->flags2, fname, - smb_buf(req->inbuf) + 1, sizeof(fname), 0, + srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, + smb_buf(req->inbuf) + 1, sizeof(fname_in), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -1885,7 +1916,7 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) } status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname); + fname_in); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { @@ -1897,7 +1928,7 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname, False, NULL, &sbuf); + status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcreate); @@ -1974,7 +2005,8 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) void reply_ctemp(connection_struct *conn, struct smb_request *req) { - pstring fname; + pstring fname_in; + char *fname = NULL; uint32 fattr; files_struct *fsp; int oplock_request; @@ -1994,22 +2026,22 @@ void reply_ctemp(connection_struct *conn, struct smb_request *req) fattr = SVAL(req->inbuf,smb_vwv0); oplock_request = CORE_OPLOCK_REQUEST(req->inbuf); - srvstr_get_path((char *)req->inbuf, req->flags2, fname, - smb_buf(req->inbuf)+1, sizeof(fname), 0, STR_TERMINATE, + srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, + smb_buf(req->inbuf)+1, sizeof(fname_in), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBctemp); return; } - if (*fname) { - pstrcat(fname,"/TMXXXXXX"); + if (*fname_in) { + pstrcat(fname_in,"/TMXXXXXX"); } else { - pstrcat(fname,"TMXXXXXX"); + pstrcat(fname_in,"TMXXXXXX"); } status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname); + fname_in); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -2022,7 +2054,7 @@ void reply_ctemp(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname, False, NULL, &sbuf); + status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBctemp); @@ -2266,22 +2298,23 @@ static NTSTATUS do_unlink(connection_struct *conn, struct smb_request *req, ****************************************************************************/ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, - uint32 dirtype, char *name, BOOL has_wild) + uint32 dirtype, const char *name_in, BOOL has_wild) { pstring directory; pstring mask; + char *name = NULL; char *p; int count=0; NTSTATUS status = NT_STATUS_OK; SMB_STRUCT_STAT sbuf; - + *directory = *mask = 0; - - status = unix_convert(conn, name, has_wild, NULL, &sbuf); + + status = unix_convert(conn, name_in, has_wild, &name, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { return status; } - + p = strrchr_m(name,'/'); if (!p) { pstrcpy(directory,"."); @@ -2291,7 +2324,7 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, pstrcpy(directory,name); pstrcpy(mask,p+1); } - + /* * We should only check the mangled cache * here if unix_convert failed. This means @@ -2300,10 +2333,18 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, * for a possible mangle. This patch from * Tine Smukavec . */ - - if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params)) - mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); - + + if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params)) { + char *new_mask = NULL; + mangle_lookup_name_from_8_3(talloc_tos(), + mask, + &new_mask, + conn->params ); + if (new_mask) { + pstrcpy(mask, new_mask); + } + } + if (!has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); @@ -2326,7 +2367,7 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, struct smb_Dir *dir_hnd = NULL; long offset = 0; const char *dname; - + if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) { return NT_STATUS_OBJECT_NAME_INVALID; } @@ -2798,6 +2839,7 @@ void reply_lockread(connection_struct *conn, struct smb_request *req) NTSTATUS status; files_struct *fsp; struct byte_range_lock *br_lck = NULL; + char *p = NULL; START_PROFILE(SMBlockread); @@ -2879,7 +2921,9 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", SSVAL(req->outbuf,smb_vwv0,nread); SSVAL(req->outbuf,smb_vwv5,nread+3); - SSVAL(smb_buf(req->outbuf),1,nread); + p = smb_buf(req->outbuf); + SCVAL(p,0,0); /* pad byte. */ + SSVAL(p,1,nread); DEBUG(3,("lockread fnum=%d num=%d nread=%d\n", fsp->fnum, (int)numtoread, (int)nread)); @@ -4600,14 +4644,15 @@ void reply_printwrite(connection_struct *conn, struct smb_request *req) void reply_mkdir(connection_struct *conn, struct smb_request *req) { - pstring directory; + pstring directory_in; + char *directory = NULL; NTSTATUS status; SMB_STRUCT_STAT sbuf; START_PROFILE(SMBmkdir); - srvstr_get_path((char *)req->inbuf, req->flags2, directory, - smb_buf(req->inbuf) + 1, sizeof(directory), 0, + srvstr_get_path((char *)req->inbuf, req->flags2, directory_in, + smb_buf(req->inbuf) + 1, sizeof(directory_in), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -4617,7 +4662,7 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req) status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - directory); + directory_in); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -4630,7 +4675,7 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, directory, False, NULL, &sbuf); + status = unix_convert(conn, directory_in, False, &directory, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBmkdir); @@ -4853,13 +4898,14 @@ NTSTATUS rmdir_internals(connection_struct *conn, const char *directory) void reply_rmdir(connection_struct *conn, struct smb_request *req) { - pstring directory; + pstring directory_in; + char *directory = NULL; SMB_STRUCT_STAT sbuf; NTSTATUS status; START_PROFILE(SMBrmdir); - srvstr_get_path((char *)req->inbuf, req->flags2, directory, - smb_buf(req->inbuf) + 1, sizeof(directory), 0, + srvstr_get_path((char *)req->inbuf, req->flags2, directory_in, + smb_buf(req->inbuf) + 1, sizeof(directory_in), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -4869,7 +4915,7 @@ void reply_rmdir(connection_struct *conn, struct smb_request *req) status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - directory); + directory_in); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -4882,7 +4928,8 @@ void reply_rmdir(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, directory, False, NULL, &sbuf); + status = unix_convert(conn, directory_in, False, &directory, + NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBrmdir); @@ -4914,87 +4961,129 @@ void reply_rmdir(connection_struct *conn, struct smb_request *req) /******************************************************************* Resolve wildcards in a filename rename. - Note that name is in UNIX charset and thus potentially can be more - than fstring buffer (255 bytes) especially in default UTF-8 case. - Therefore, we use pstring inside and all calls should ensure that - name2 is at least pstring-long (they do already) ********************************************************************/ -static BOOL resolve_wildcards(const char *name1, char *name2) +static BOOL resolve_wildcards(TALLOC_CTX *ctx, + const char *name1, + const char *name2, + char **pp_newname) { - pstring root1,root2; - pstring ext1,ext2; + char *name2_copy = NULL; + char *root1 = NULL; + char *root2 = NULL; + char *ext1 = NULL; + char *ext2 = NULL; char *p,*p2, *pname1, *pname2; - int available_space, actual_space; + name2_copy = talloc_strdup(ctx, name2); + if (!name2_copy) { + return False; + } + pname1 = strrchr_m(name1,'/'); - pname2 = strrchr_m(name2,'/'); + pname2 = strrchr_m(name2_copy,'/'); - if (!pname1 || !pname2) - return(False); + if (!pname1 || !pname2) { + return False; + } - pstrcpy(root1,pname1); - pstrcpy(root2,pname2); + /* Truncate the copy of name2 at the last '/' */ + *pname2 = '\0'; + + /* Now go past the '/' */ + pname1++; + pname2++; + + root1 = talloc_strdup(ctx, pname1); + root2 = talloc_strdup(ctx, pname2); + + if (!root1 || !root2) { + return False; + } + p = strrchr_m(root1,'.'); if (p) { *p = 0; - pstrcpy(ext1,p+1); + ext1 = talloc_strdup(ctx, p+1); } else { - pstrcpy(ext1,""); + ext1 = talloc_strdup(ctx, ""); } p = strrchr_m(root2,'.'); if (p) { *p = 0; - pstrcpy(ext2,p+1); + ext2 = talloc_strdup(ctx, p+1); } else { - pstrcpy(ext2,""); + ext2 = talloc_strdup(ctx, ""); + } + + if (!ext1 || !ext2) { + return False; } p = root1; p2 = root2; while (*p2) { if (*p2 == '?') { + /* Hmmm. Should this be mb-aware ? */ *p2 = *p; p2++; } else if (*p2 == '*') { - pstrcpy(p2, p); + *p2 = '\0'; + root2 = talloc_asprintf(ctx, "%s%s", + root2, + p); + if (!root2) { + return False; + } break; } else { p2++; } - if (*p) + if (*p) { p++; + } } p = ext1; p2 = ext2; while (*p2) { if (*p2 == '?') { + /* Hmmm. Should this be mb-aware ? */ *p2 = *p; p2++; } else if (*p2 == '*') { - pstrcpy(p2, p); + *p2 = '\0'; + ext2 = talloc_asprintf(ctx, "%s%s", + ext2, + p); + if (!ext2) { + return False; + } break; } else { p2++; } - if (*p) + if (*p) { p++; + } } - available_space = sizeof(pstring) - PTR_DIFF(pname2, name2); - - if (ext2[0]) { - actual_space = snprintf(pname2, available_space - 1, "%s.%s", root2, ext2); - if (actual_space >= available_space - 1) { - DEBUG(1,("resolve_wildcards: can't fit resolved name into specified buffer (overrun by %d bytes)\n", - actual_space - available_space)); - } + if (*ext2) { + *pp_newname = talloc_asprintf(ctx, "%s/%s.%s", + name2_copy, + root2, + ext2); } else { - pstrcpy_base(pname2, root2, name2); + *pp_newname = talloc_asprintf(ctx, "%s/%s", + name2_copy, + root2); } - return(True); + if (!*pp_newname) { + return False; + } + + return True; } /**************************************************************************** @@ -5110,11 +5199,14 @@ static void notify_rename(connection_struct *conn, BOOL is_dir, Rename an open file - given an fsp. ****************************************************************************/ -NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, - pstring newname, - const char *newname_last_component, - uint32 attrs, BOOL replace_if_exists) +NTSTATUS rename_internals_fsp(connection_struct *conn, + files_struct *fsp, + char *newname, + const char *newname_last_component, + uint32 attrs, + BOOL replace_if_exists) { + TALLOC_CTX *ctx = talloc_tos(); SMB_STRUCT_STAT sbuf, sbuf1; NTSTATUS status = NT_STATUS_OK; struct share_mode_lock *lck = NULL; @@ -5126,14 +5218,15 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, if (!NT_STATUS_IS_OK(status)) { return status; } - + /* Ensure newname contains a '/' */ if(strrchr_m(newname,'/') == 0) { - pstring tmpstr; - - pstrcpy(tmpstr, "./"); - pstrcat(tmpstr, newname); - pstrcpy(newname, tmpstr); + newname = talloc_asprintf(ctx, + "./%s", + newname); + if (!newname) { + return NT_STATUS_NO_MEMORY; + } } /* @@ -5147,7 +5240,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, if((conn->case_sensitive == False) && (conn->case_preserve == True) && strequal(newname, fsp->fsp_name)) { char *p; - pstring newname_modified_last_component; + char *newname_modified_last_component = NULL; /* * Get the last component of the modified name. @@ -5155,15 +5248,23 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, * character above. */ p = strrchr_m(newname,'/'); - pstrcpy(newname_modified_last_component,p+1); - - if(strcsequal(newname_modified_last_component, + newname_modified_last_component = talloc_strdup(ctx, + p+1); + if (!newname_modified_last_component) { + return NT_STATUS_NO_MEMORY; + } + + if(strcsequal(newname_modified_last_component, newname_last_component) == False) { /* * Replace the modified last component with * the original. */ - pstrcpy(p+1, newname_last_component); + *p = '\0'; /* Truncate at the '/' */ + newname = talloc_asprintf(ctx, + "%s/%s", + newname, + newname_last_component); } } @@ -5263,7 +5364,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, } } TALLOC_FREE(lck); - return NT_STATUS_OK; + return NT_STATUS_OK; } TALLOC_FREE(lck); @@ -5273,7 +5374,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, } else { status = map_nt_error_from_unix(errno); } - + DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n", nt_errstr(status), fsp->fsp_name,newname)); @@ -5286,8 +5387,8 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, ****************************************************************************/ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, - pstring name, - pstring newname, + const char *name_in, + const char *newname_in, uint32 attrs, BOOL replace_if_exists, BOOL src_has_wild, @@ -5295,8 +5396,10 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, { pstring directory; pstring mask; - pstring last_component_src; - pstring last_component_dest; + char *last_component_src = NULL; + char *last_component_dest = NULL; + char *name = NULL; + char *newname = NULL; char *p; int count=0; NTSTATUS status = NT_STATUS_OK; @@ -5311,12 +5414,14 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, ZERO_STRUCT(sbuf1); ZERO_STRUCT(sbuf2); - status = unix_convert(conn, name, src_has_wild, last_component_src, &sbuf1); + status = unix_convert(conn, name_in, src_has_wild, &name, + &last_component_src, &sbuf1); if (!NT_STATUS_IS_OK(status)) { return status; } - status = unix_convert(conn, newname, dest_has_wild, last_component_dest, &sbuf2); + status = unix_convert(conn, newname_in, dest_has_wild, &newname, + &last_component_dest, &sbuf2); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -5351,7 +5456,14 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, */ if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) { - mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); + char *new_mask = NULL; + mangle_lookup_name_from_8_3(talloc_tos(), + mask, + &new_mask, + conn->params ); + if (new_mask) { + pstrcpy(mask, new_mask); + } } if (!src_has_wild) { @@ -5365,16 +5477,17 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, /* Add a terminating '/' to the directory name. */ pstrcat(directory,"/"); pstrcat(directory,mask); - + /* Ensure newname contains a '/' also */ if(strrchr_m(newname,'/') == 0) { - pstring tmpstr; - - pstrcpy(tmpstr, "./"); - pstrcat(tmpstr, newname); - pstrcpy(newname, tmpstr); + newname = talloc_asprintf(talloc_tos(), + "./%s", + newname); + if (!newname) { + return NT_STATUS_NO_MEMORY; + } } - + DEBUG(3, ("rename_internals: case_sensitive = %d, " "case_preserve = %d, short case preserve = %d, " "directory = %s, newname = %s, " @@ -5385,11 +5498,14 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, /* The dest name still may have wildcards. */ if (dest_has_wild) { - if (!resolve_wildcards(directory,newname)) { + char *mod_newname = NULL; + if (!resolve_wildcards(talloc_tos(), + directory,newname,&mod_newname)) { DEBUG(6, ("rename_internals: resolve_wildcards %s %s failed\n", directory,newname)); return NT_STATUS_NO_MEMORY; } + newname = mod_newname; } ZERO_STRUCT(sbuf1); @@ -5452,6 +5568,7 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, files_struct *fsp; pstring fname; BOOL sysdir_entry = False; + char *mod_destname = NULL; pstrcpy(fname,dname); @@ -5483,11 +5600,13 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, pstrcpy(destname,newname); - if (!resolve_wildcards(fname,destname)) { + if (!resolve_wildcards(talloc_tos(), + fname,destname,&mod_destname)) { DEBUG(6, ("resolve_wildcards %s %s failed\n", fname, destname)); continue; } + pstrcpy(destname,mod_destname); ZERO_STRUCT(sbuf1); SMB_VFS_STAT(conn, fname, &sbuf1); @@ -5756,9 +5875,12 @@ NTSTATUS copy_file(connection_struct *conn, void reply_copy(connection_struct *conn, struct smb_request *req) { - pstring name; + pstring name_in; + char *name = NULL; + pstring newname_in; + char *newname = NULL; pstring directory; - pstring mask,newname; + pstring mask; char *p; int count=0; int error = ERRnoaccess; @@ -5787,16 +5909,16 @@ void reply_copy(connection_struct *conn, struct smb_request *req) *directory = *mask = 0; p = smb_buf(req->inbuf); - p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name, p, - sizeof(name), 0, STR_TERMINATE, &status, + p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name_in, p, + sizeof(name_in), 0, STR_TERMINATE, &status, &source_has_wild); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcopy); return; } - p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, newname, p, - sizeof(newname), 0, STR_TERMINATE, &status, + p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, newname_in, p, + sizeof(newname_in), 0, STR_TERMINATE, &status, &dest_has_wild); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -5804,7 +5926,7 @@ void reply_copy(connection_struct *conn, struct smb_request *req) return; } - DEBUG(3,("reply_copy : %s -> %s\n",name,newname)); + DEBUG(3,("reply_copy : %s -> %s\n",name_in,newname_in)); if (tid2 != conn->cnum) { /* can't currently handle inter share copies XXXX */ @@ -5816,7 +5938,7 @@ void reply_copy(connection_struct *conn, struct smb_request *req) status = resolve_dfspath_wcard(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - name, &source_has_wild); + name_in, &source_has_wild); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -5831,7 +5953,7 @@ void reply_copy(connection_struct *conn, struct smb_request *req) status = resolve_dfspath_wcard(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - newname, &dest_has_wild); + newname_in, &dest_has_wild); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -5844,14 +5966,14 @@ void reply_copy(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, name, source_has_wild, NULL, &sbuf1); + status = unix_convert(conn, name_in, source_has_wild, &name, NULL, &sbuf1); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcopy); return; } - status = unix_convert(conn, newname, dest_has_wild, NULL, &sbuf2); + status = unix_convert(conn, newname_in, dest_has_wild, &newname, NULL, &sbuf2); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcopy); @@ -5900,18 +6022,28 @@ void reply_copy(connection_struct *conn, struct smb_request *req) */ if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) { - mangle_check_cache( mask, sizeof(pstring)-1, conn->params ); + char *new_mask = NULL; + mangle_lookup_name_from_8_3( talloc_tos(), + mask, + &new_mask, + conn->params ); + if (new_mask) { + pstrcpy(mask, new_mask); + } } if (!source_has_wild) { pstrcat(directory,"/"); pstrcat(directory,mask); if (dest_has_wild) { - if (!resolve_wildcards(directory,newname)) { + char *mod_newname = NULL; + if (!resolve_wildcards(talloc_tos(), + directory,newname,&mod_newname)) { reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBcopy); return; } + newname = mod_newname; } status = check_name(conn, directory); @@ -5965,6 +6097,7 @@ void reply_copy(connection_struct *conn, struct smb_request *req) error = ERRbadfile; while ((dname = ReadDirName(dir_hnd, &offset))) { + char *mod_destname = NULL; pstring fname; pstrcpy(fname,dname); @@ -5979,9 +6112,11 @@ void reply_copy(connection_struct *conn, struct smb_request *req) error = ERRnoaccess; slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); pstrcpy(destname,newname); - if (!resolve_wildcards(fname,destname)) { + if (!resolve_wildcards(talloc_tos(), + fname,destname,&mod_destname)) { continue; } + pstrcpy(destname,mod_destname); status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { -- cgit From 4ee8b2937d48308c6089fb539fdbd8625dfde360 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 10 Sep 2007 10:56:07 +0000 Subject: r25055: Add file_id_string_tos This removes file_id_string_static and file_id_string_static2 (This used to be commit 638c848c9afe374feb30e34c494f89b2a6c64f7b) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index dec0e26c41..e3c3e8dff0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5108,7 +5108,7 @@ static void rename_open_files(connection_struct *conn, continue; } DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n", - fsp->fnum, file_id_static_string(&fsp->file_id), + fsp->fnum, file_id_string_tos(&fsp->file_id), fsp->fsp_name, newname )); string_set(&fsp->fsp_name, newname); did_rename = True; @@ -5116,7 +5116,7 @@ static void rename_open_files(connection_struct *conn, if (!did_rename) { DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n", - file_id_static_string(&lck->id), newname )); + file_id_string_tos(&lck->id), newname )); } /* Send messages to all smbd's (not ourself) that the name has changed. */ -- cgit From 351eb37a2555ce474ee02758f2f2cfee33d4d434 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 11 Sep 2007 18:31:29 +0000 Subject: r25102: Rewrite msdfs code to use talloced filenames. Passes make test and make valgrindtest. Final step will be to change srvstr_get_path() to return talloced memory in the major codepaths. Jeremy. (This used to be commit cf6b6f9c3a38b68d2671c753f412772344506742) --- source3/smbd/reply.c | 213 +++++++++++++++++++++++++++++---------------------- 1 file changed, 123 insertions(+), 90 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e3c3e8dff0..672c683309 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -452,6 +452,7 @@ void reply_tcon(connection_struct *conn, struct smb_request *req) NTSTATUS nt_status; char *p; DATA_BLOB password_blob; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBtcon); @@ -462,12 +463,12 @@ void reply_tcon(connection_struct *conn, struct smb_request *req) } p = smb_buf(req->inbuf)+1; - p += srvstr_pull_buf_talloc(req, req->inbuf, req->flags2, + p += srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2, &service_buf, p, STR_TERMINATE) + 1; - pwlen = srvstr_pull_buf_talloc(req, req->inbuf, req->flags2, + pwlen = srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2, &password, p, STR_TERMINATE) + 1; p += pwlen; - p += srvstr_pull_buf_talloc(req, req->inbuf, req->flags2, + p += srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2, &dev, p, STR_TERMINATE) + 1; if (service_buf == NULL || password == NULL || dev == NULL) { @@ -515,8 +516,7 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) { char *service = NULL; DATA_BLOB password; - - TALLOC_CTX *ctx = NULL; + TALLOC_CTX *ctx = talloc_tos(); /* what the cleint thinks the device is */ char *client_devicetype = NULL; /* what the server tells the client the share represents */ @@ -567,19 +567,11 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) p = smb_buf(req->inbuf) + passlen + 1; } - ctx = talloc_init("reply_tcon_and_X"); - if (!ctx) { - data_blob_clear_free(&password); - reply_nterror(req, NT_STATUS_NO_MEMORY); - END_PROFILE(SMBtconX); - return; - } p += srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2, &path, p, STR_TERMINATE); if (path == NULL) { data_blob_clear_free(&password); - TALLOC_FREE(ctx); reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBtconX); return; @@ -593,7 +585,6 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) q = strchr_m(path+2,'\\'); if (!q) { data_blob_clear_free(&password); - TALLOC_FREE(ctx); reply_doserror(req, ERRDOS, ERRnosuchshare); END_PROFILE(SMBtconX); return; @@ -609,7 +600,6 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) if (client_devicetype == NULL) { data_blob_clear_free(&password); - TALLOC_FREE(ctx); reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBtconX); return; @@ -623,7 +613,6 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) data_blob_clear_free(&password); if (!conn) { - TALLOC_FREE(ctx); reply_nterror(req, nt_status); END_PROFILE(SMBtconX); return; @@ -640,7 +629,6 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) reply_outbuf(req, 2, 0); if (message_push_string(&req->outbuf, server_devicetype, STR_TERMINATE|STR_ASCII) == -1) { - TALLOC_FREE(ctx); reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBtconX); return; @@ -675,7 +663,6 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) STR_TERMINATE|STR_ASCII) == -1) || (message_push_string(&req->outbuf, fstype, STR_TERMINATE) == -1)) { - TALLOC_FREE(ctx); reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBtconX); return; @@ -697,7 +684,6 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) SSVAL(req->inbuf,smb_tid,conn->cnum); SSVAL(req->outbuf,smb_tid,conn->cnum); - TALLOC_FREE(ctx); END_PROFILE(SMBtconX); chain_reply(req); @@ -827,6 +813,7 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) char *name = NULL; SMB_STRUCT_STAT sbuf; NTSTATUS status; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBcheckpath); @@ -840,7 +827,10 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, name_in); + status = resolve_dfspath(ctx, conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + name_in, + &name); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -853,7 +843,7 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) DEBUG(3,("reply_checkpath %s mode=%d\n", name_in, (int)SVAL(req->inbuf,smb_vwv0))); - status = unix_convert(conn, name_in, False, &name, NULL, &sbuf); + status = unix_convert(conn, name, False, &name, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { goto path_err; } @@ -922,6 +912,7 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) time_t mtime=0; char *p; NTSTATUS status; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBgetatr); @@ -934,8 +925,10 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname_in); + status = resolve_dfspath(ctx, conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + fname_in, + &fname); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -947,10 +940,10 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBgetatr); return; } - + /* dos smetimes asks for a stat of "" - it returns a "hidden directory" under WfWg - weird! */ - if (*fname_in == '\0') { + if (*fname == '\0') { mode = aHIDDEN | aDIR; if (!CAN_WRITE(conn)) { mode |= aRONLY; @@ -958,7 +951,7 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) size = 0; mtime = 0; } else { - status = unix_convert(conn, fname_in, False, &fname, NULL,&sbuf); + status = unix_convert(conn, fname, False, &fname, NULL,&sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBgetatr); @@ -1020,6 +1013,7 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) SMB_STRUCT_STAT sbuf; char *p; NTSTATUS status; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBsetatr); @@ -1037,8 +1031,10 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname_in); + status = resolve_dfspath(ctx, conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + fname_in, + &fname); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -1051,7 +1047,7 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf); + status = unix_convert(conn, fname, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBsetatr); @@ -1175,7 +1171,8 @@ void reply_search(connection_struct *conn, struct smb_request *req) BOOL finished = False; char *p; int status_len; - pstring path; + pstring path_in; + char *path = NULL; char status[21]; int dptr_num= -1; BOOL check_descend = False; @@ -1183,6 +1180,7 @@ void reply_search(connection_struct *conn, struct smb_request *req) NTSTATUS nt_status; BOOL mask_contains_wcard = False; BOOL allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBsearch); @@ -1209,8 +1207,8 @@ void reply_search(connection_struct *conn, struct smb_request *req) maxentries = SVAL(req->inbuf,smb_vwv0); dirtype = SVAL(req->inbuf,smb_vwv1); p = smb_buf(req->inbuf) + 1; - p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, path, p, - sizeof(path), 0, STR_TERMINATE, &nt_status, + p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, path_in, p, + sizeof(path_in), 0, STR_TERMINATE, &nt_status, &mask_contains_wcard); if (!NT_STATUS_IS_OK(nt_status)) { reply_nterror(req, nt_status); @@ -1218,9 +1216,11 @@ void reply_search(connection_struct *conn, struct smb_request *req) return; } - nt_status = resolve_dfspath_wcard(conn, + nt_status = resolve_dfspath_wcard(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - path, &mask_contains_wcard); + path_in, + &path, + &mask_contains_wcard); if (!NT_STATUS_IS_OK(nt_status)) { if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -1232,11 +1232,11 @@ void reply_search(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBsearch); return; } - + p++; status_len = SVAL(p, 0); p += 2; - + /* dirtype &= ~aDIR; */ if (status_len == 0) { @@ -1512,6 +1512,7 @@ void reply_open(connection_struct *conn, struct smb_request *req) uint32 create_disposition; uint32 create_options = 0; NTSTATUS status; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBopen); @@ -1520,7 +1521,7 @@ void reply_open(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBopen); return; } - + oplock_request = CORE_OPLOCK_REQUEST(req->inbuf); deny_mode = SVAL(req->inbuf,smb_vwv0); dos_attr = SVAL(req->inbuf,smb_vwv1); @@ -1534,8 +1535,10 @@ void reply_open(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname_in); + status = resolve_dfspath(ctx, conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + fname_in, + &fname); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -1548,7 +1551,7 @@ void reply_open(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf); + status = unix_convert(conn, fname, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBopen); @@ -1658,6 +1661,7 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) uint32 share_mode; uint32 create_disposition; uint32 create_options = 0; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBopenX); @@ -1697,8 +1701,10 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname_in); + status = resolve_dfspath(ctx, conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + fname_in, + &fname); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { @@ -1710,7 +1716,7 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf); + status = unix_convert(conn, fname, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBopenX); @@ -1889,6 +1895,7 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE; uint32 create_disposition; uint32 create_options = 0; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBcreate); @@ -1915,8 +1922,10 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname_in); + status = resolve_dfspath(ctx, conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + fname_in, + &fname); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { @@ -1928,7 +1937,7 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf); + status = unix_convert(conn, fname, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcreate); @@ -2014,6 +2023,7 @@ void reply_ctemp(connection_struct *conn, struct smb_request *req) SMB_STRUCT_STAT sbuf; char *s; NTSTATUS status; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBctemp); @@ -2040,8 +2050,10 @@ void reply_ctemp(connection_struct *conn, struct smb_request *req) pstrcat(fname_in,"TMXXXXXX"); } - status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname_in); + status = resolve_dfspath(ctx, conn, + req->flags2 & FLAGS2_DFS_PATHNAMES, + fname_in, + &fname); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -2054,20 +2066,20 @@ void reply_ctemp(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname_in, False, &fname, NULL, &sbuf); + status = unix_convert(conn, fname, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBctemp); return; } - status = check_name(conn, fname); + status = check_name(conn, CONST_DISCARD(char *,fname)); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBctemp); return; } - + tmpfd = smb_mkstemp(fname); if (tmpfd == -1) { reply_unixerror(req, ERRDOS, ERRnoaccess); @@ -2446,10 +2458,12 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, void reply_unlink(connection_struct *conn, struct smb_request *req) { - pstring name; + pstring name_in; + char *name = NULL; uint32 dirtype; NTSTATUS status; BOOL path_contains_wcard = False; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBunlink); @@ -2460,9 +2474,9 @@ void reply_unlink(connection_struct *conn, struct smb_request *req) } dirtype = SVAL(req->inbuf,smb_vwv0); - - srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name, - smb_buf(req->inbuf) + 1, sizeof(name), 0, + + srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name_in, + smb_buf(req->inbuf) + 1, sizeof(name_in), 0, STR_TERMINATE, &status, &path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -2470,9 +2484,11 @@ void reply_unlink(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath_wcard(conn, + status = resolve_dfspath_wcard(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - name, &path_contains_wcard); + name_in, + &name, + &path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -2484,9 +2500,9 @@ void reply_unlink(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBunlink); return; } - + DEBUG(3,("reply_unlink : %s\n",name)); - + status = unlink_internals(conn, req, dirtype, name, path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { @@ -4633,7 +4649,7 @@ void reply_printwrite(connection_struct *conn, struct smb_request *req) } DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) ); - + END_PROFILE(SMBsplwr); return; } @@ -4648,9 +4664,10 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req) char *directory = NULL; NTSTATUS status; SMB_STRUCT_STAT sbuf; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBmkdir); - + srvstr_get_path((char *)req->inbuf, req->flags2, directory_in, smb_buf(req->inbuf) + 1, sizeof(directory_in), 0, STR_TERMINATE, &status); @@ -4660,9 +4677,10 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath(conn, + status = resolve_dfspath(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - directory_in); + directory_in, + &directory); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -4675,7 +4693,7 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, directory_in, False, &directory, NULL, &sbuf); + status = unix_convert(conn, directory, False, &directory, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBmkdir); @@ -4902,6 +4920,8 @@ void reply_rmdir(connection_struct *conn, struct smb_request *req) char *directory = NULL; SMB_STRUCT_STAT sbuf; NTSTATUS status; + TALLOC_CTX *ctx = talloc_tos(); + START_PROFILE(SMBrmdir); srvstr_get_path((char *)req->inbuf, req->flags2, directory_in, @@ -4913,9 +4933,10 @@ void reply_rmdir(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath(conn, + status = resolve_dfspath(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - directory_in); + directory_in, + &directory); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -4928,14 +4949,14 @@ void reply_rmdir(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, directory_in, False, &directory, + status = unix_convert(conn, directory, False, &directory, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBrmdir); return; } - + status = check_name(conn, directory); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -5662,13 +5683,16 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, void reply_mv(connection_struct *conn, struct smb_request *req) { - pstring name; - pstring newname; + pstring name_in; + pstring newname_in; + char *name = NULL; + char *newname = NULL; char *p; uint32 attrs; NTSTATUS status; BOOL src_has_wcard = False; BOOL dest_has_wcard = False; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBmv); @@ -5681,8 +5705,8 @@ void reply_mv(connection_struct *conn, struct smb_request *req) attrs = SVAL(req->inbuf,smb_vwv0); p = smb_buf(req->inbuf) + 1; - p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name, p, - sizeof(name), 0, STR_TERMINATE, &status, + p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name_in, p, + sizeof(name_in), 0, STR_TERMINATE, &status, &src_has_wcard); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -5690,18 +5714,20 @@ void reply_mv(connection_struct *conn, struct smb_request *req) return; } p++; - p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, newname, p, - sizeof(newname), 0, STR_TERMINATE, &status, + p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, newname_in, p, + sizeof(newname_in), 0, STR_TERMINATE, &status, &dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBmv); return; } - - status = resolve_dfspath_wcard(conn, + + status = resolve_dfspath_wcard(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - name, &src_has_wcard); + name_in, + &name, + &src_has_wcard); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -5714,9 +5740,11 @@ void reply_mv(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath_wcard(conn, + status = resolve_dfspath_wcard(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - newname, &dest_has_wcard); + newname_in, + &newname, + &dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -5728,9 +5756,9 @@ void reply_mv(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBmv); return; } - + DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - + status = rename_internals(conn, req, name, newname, attrs, False, src_has_wcard, dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { @@ -5745,7 +5773,7 @@ void reply_mv(connection_struct *conn, struct smb_request *req) } reply_outbuf(req, 0, 0); - + END_PROFILE(SMBmv); return; } @@ -5893,6 +5921,7 @@ void reply_copy(connection_struct *conn, struct smb_request *req) BOOL dest_has_wild = False; SMB_STRUCT_STAT sbuf1, sbuf2; NTSTATUS status; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBcopy); @@ -5925,9 +5954,9 @@ void reply_copy(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBcopy); return; } - + DEBUG(3,("reply_copy : %s -> %s\n",name_in,newname_in)); - + if (tid2 != conn->cnum) { /* can't currently handle inter share copies XXXX */ DEBUG(3,("Rejecting inter-share copy\n")); @@ -5936,9 +5965,11 @@ void reply_copy(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath_wcard(conn, + status = resolve_dfspath_wcard(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - name_in, &source_has_wild); + name_in, + &name, + &source_has_wild); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -5951,9 +5982,11 @@ void reply_copy(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath_wcard(conn, + status = resolve_dfspath_wcard(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - newname_in, &dest_has_wild); + newname_in, + &newname, + &dest_has_wild); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, @@ -5966,14 +5999,14 @@ void reply_copy(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, name_in, source_has_wild, &name, NULL, &sbuf1); + status = unix_convert(conn, name, source_has_wild, &name, NULL, &sbuf1); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcopy); return; } - status = unix_convert(conn, newname_in, dest_has_wild, &newname, NULL, &sbuf2); + status = unix_convert(conn, newname, dest_has_wild, &newname, NULL, &sbuf2); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcopy); -- cgit From 3a9d3821649c9ea88a6cd424f0838a453165a00a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 11 Sep 2007 23:57:59 +0000 Subject: r25111: Move to talloced pathnames on most code paths. There are now ony 17 pstrings left in reply.c, and these will be easy to remove (and I'll be doing that shortly). Had to fix an interesting bug in pull_ucs2_base_talloc() when a source string is not null terminated :-). Jeremy. (This used to be commit 0c9a8c4dff10974dbffd2a302ae982896122fcc0) --- source3/smbd/reply.c | 249 ++++++++++++++++++++++++++++++--------------------- 1 file changed, 146 insertions(+), 103 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 672c683309..7ac6c4699f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1,4 +1,4 @@ -/* +/* Unix SMB/CIFS implementation. Main SMB reply routines Copyright (C) Andrew Tridgell 1992-1998 @@ -10,12 +10,12 @@ it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see . */ @@ -208,27 +208,46 @@ NTSTATUS check_path_syntax_posix(char *path) Pull a string and check the path allowing a wilcard - provide for error return. ****************************************************************************/ -size_t srvstr_get_path_wcard(const char *inbuf, uint16 smb_flags2, char *dest, - const char *src, size_t dest_len, size_t src_len, - int flags, NTSTATUS *err, BOOL *contains_wcard) +size_t srvstr_get_path_wcard(TALLOC_CTX *ctx, + const char *inbuf, + uint16 smb_flags2, + char **pp_dest, + const char *src, + size_t src_len, + int flags, + NTSTATUS *err, + BOOL *contains_wcard) { size_t ret; -#ifdef DEVELOPER - SMB_ASSERT(dest_len == sizeof(pstring)); -#endif + + *pp_dest = NULL; if (src_len == 0) { - ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src, - dest_len, flags); + ret = srvstr_pull_buf_talloc(ctx, + inbuf, + smb_flags2, + pp_dest, + src, + flags); } else { - ret = srvstr_pull(inbuf, smb_flags2, dest, src, - dest_len, src_len, flags); + ret = srvstr_pull_talloc(ctx, + inbuf, + smb_flags2, + pp_dest, + src, + src_len, + flags); + } + + if (!*pp_dest) { + *err = NT_STATUS_INVALID_PARAMETER; + return ret; } *contains_wcard = False; if (smb_flags2 & FLAGS2_DFS_PATHNAMES) { - /* + /* * For a DFS path the function parse_dfs_path() * will do the path processing, just make a copy. */ @@ -237,9 +256,9 @@ size_t srvstr_get_path_wcard(const char *inbuf, uint16 smb_flags2, char *dest, } if (lp_posix_pathnames()) { - *err = check_path_syntax_posix(dest); + *err = check_path_syntax_posix(*pp_dest); } else { - *err = check_path_syntax_wcard(dest, contains_wcard); + *err = check_path_syntax_wcard(*pp_dest, contains_wcard); } return ret; @@ -249,25 +268,43 @@ size_t srvstr_get_path_wcard(const char *inbuf, uint16 smb_flags2, char *dest, Pull a string and check the path - provide for error return. ****************************************************************************/ -size_t srvstr_get_path(const char *inbuf, uint16 smb_flags2, char *dest, - const char *src, size_t dest_len, size_t src_len, - int flags, NTSTATUS *err) +size_t srvstr_get_path(TALLOC_CTX *ctx, + const char *inbuf, + uint16 smb_flags2, + char **pp_dest, + const char *src, + size_t src_len, + int flags, + NTSTATUS *err) { size_t ret; -#ifdef DEVELOPER - SMB_ASSERT(dest_len == sizeof(pstring)); -#endif + + *pp_dest = NULL; if (src_len == 0) { - ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src, - dest_len, flags); + ret = srvstr_pull_buf_talloc(ctx, + inbuf, + smb_flags2, + pp_dest, + src, + flags); } else { - ret = srvstr_pull(inbuf, smb_flags2, dest, src, - dest_len, src_len, flags); + ret = srvstr_pull_talloc(ctx, + inbuf, + smb_flags2, + pp_dest, + src, + src_len, + flags); + } + + if (!*pp_dest) { + *err = NT_STATUS_INVALID_PARAMETER; + return ret; } if (smb_flags2 & FLAGS2_DFS_PATHNAMES) { - /* + /* * For a DFS path the function parse_dfs_path() * will do the path processing, just make a copy. */ @@ -276,9 +313,9 @@ size_t srvstr_get_path(const char *inbuf, uint16 smb_flags2, char *dest, } if (lp_posix_pathnames()) { - *err = check_path_syntax_posix(dest); + *err = check_path_syntax_posix(*pp_dest); } else { - *err = check_path_syntax(dest); + *err = check_path_syntax(*pp_dest); } return ret; @@ -802,14 +839,13 @@ static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status) } return status; } - + /**************************************************************************** Reply to a checkpath. ****************************************************************************/ void reply_checkpath(connection_struct *conn, struct smb_request *req) { - pstring name_in; char *name = NULL; SMB_STRUCT_STAT sbuf; NTSTATUS status; @@ -817,8 +853,8 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) START_PROFILE(SMBcheckpath); - srvstr_get_path((char *)req->inbuf, req->flags2, name_in, - smb_buf(req->inbuf) + 1, sizeof(name_in), 0, + srvstr_get_path(ctx,(char *)req->inbuf, req->flags2, &name, + smb_buf(req->inbuf) + 1, 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { status = map_checkpath_error((char *)req->inbuf, status); @@ -829,7 +865,7 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) status = resolve_dfspath(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - name_in, + name, &name); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { @@ -841,7 +877,7 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) goto path_err; } - DEBUG(3,("reply_checkpath %s mode=%d\n", name_in, (int)SVAL(req->inbuf,smb_vwv0))); + DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->inbuf,smb_vwv0))); status = unix_convert(conn, name, False, &name, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { @@ -904,7 +940,6 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) void reply_getatr(connection_struct *conn, struct smb_request *req) { - pstring fname_in; char *fname = NULL; SMB_STRUCT_STAT sbuf; int mode=0; @@ -917,8 +952,8 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) START_PROFILE(SMBgetatr); p = smb_buf(req->inbuf) + 1; - p += srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, p, - sizeof(fname_in), 0, STR_TERMINATE, &status); + p += srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname, p, + 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBgetatr); @@ -927,7 +962,7 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) status = resolve_dfspath(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname_in, + fname, &fname); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { @@ -995,7 +1030,7 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) } DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) ); - + END_PROFILE(SMBgetatr); return; } @@ -1006,7 +1041,6 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) void reply_setatr(connection_struct *conn, struct smb_request *req) { - pstring fname_in; char *fname = NULL; int mode; time_t mtime; @@ -1023,8 +1057,8 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) } p = smb_buf(req->inbuf) + 1; - p += srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, p, - sizeof(fname_in), 0, STR_TERMINATE, &status); + p += srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname, p, + 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBsetatr); @@ -1033,7 +1067,7 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) status = resolve_dfspath(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname_in, + fname, &fname); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { @@ -1046,7 +1080,7 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBsetatr); return; } - + status = unix_convert(conn, fname, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -1171,7 +1205,6 @@ void reply_search(connection_struct *conn, struct smb_request *req) BOOL finished = False; char *p; int status_len; - pstring path_in; char *path = NULL; char status[21]; int dptr_num= -1; @@ -1207,9 +1240,15 @@ void reply_search(connection_struct *conn, struct smb_request *req) maxentries = SVAL(req->inbuf,smb_vwv0); dirtype = SVAL(req->inbuf,smb_vwv1); p = smb_buf(req->inbuf) + 1; - p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, path_in, p, - sizeof(path_in), 0, STR_TERMINATE, &nt_status, - &mask_contains_wcard); + p += srvstr_get_path_wcard(ctx, + (char *)req->inbuf, + req->flags2, + &path, + p, + 0, + STR_TERMINATE, + &nt_status, + &mask_contains_wcard); if (!NT_STATUS_IS_OK(nt_status)) { reply_nterror(req, nt_status); END_PROFILE(SMBsearch); @@ -1218,7 +1257,7 @@ void reply_search(connection_struct *conn, struct smb_request *req) nt_status = resolve_dfspath_wcard(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - path_in, + path, &path, &mask_contains_wcard); if (!NT_STATUS_IS_OK(nt_status)) { @@ -1440,12 +1479,13 @@ void reply_search(connection_struct *conn, struct smb_request *req) void reply_fclose(connection_struct *conn, struct smb_request *req) { int status_len; - pstring path; char status[21]; int dptr_num= -2; char *p; + char *path = NULL; NTSTATUS err; BOOL path_contains_wcard = False; + TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBfclose); @@ -1456,9 +1496,15 @@ void reply_fclose(connection_struct *conn, struct smb_request *req) } p = smb_buf(req->inbuf) + 1; - p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, path, p, - sizeof(path), 0, STR_TERMINATE, &err, - &path_contains_wcard); + p += srvstr_get_path_wcard(ctx, + (char *)req->inbuf, + req->flags2, + &path, + p, + 0, + STR_TERMINATE, + &err, + &path_contains_wcard); if (!NT_STATUS_IS_OK(err)) { reply_nterror(req, err); END_PROFILE(SMBfclose); @@ -1496,7 +1542,6 @@ void reply_fclose(connection_struct *conn, struct smb_request *req) void reply_open(connection_struct *conn, struct smb_request *req) { - pstring fname_in; char *fname = NULL; uint32 fattr=0; SMB_OFF_T size = 0; @@ -1526,8 +1571,8 @@ void reply_open(connection_struct *conn, struct smb_request *req) deny_mode = SVAL(req->inbuf,smb_vwv0); dos_attr = SVAL(req->inbuf,smb_vwv1); - srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, - smb_buf(req->inbuf)+1, sizeof(fname_in), 0, + srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname, + smb_buf(req->inbuf)+1, 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -1537,7 +1582,7 @@ void reply_open(connection_struct *conn, struct smb_request *req) status = resolve_dfspath(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname_in, + fname, &fname); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { @@ -1634,7 +1679,6 @@ void reply_open(connection_struct *conn, struct smb_request *req) void reply_open_and_X(connection_struct *conn, struct smb_request *req) { - pstring fname_in; char *fname = NULL; uint16 open_flags; int deny_mode; @@ -1692,8 +1736,8 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) } /* XXXX we need to handle passed times, sattr and flags */ - srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, - smb_buf(req->inbuf), sizeof(fname_in), 0, STR_TERMINATE, + srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname, + smb_buf(req->inbuf), 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -1703,7 +1747,7 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) status = resolve_dfspath(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname_in, + fname, &fname); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); @@ -1882,7 +1926,6 @@ void reply_ulogoffX(connection_struct *conn, struct smb_request *req) void reply_mknew(connection_struct *conn, struct smb_request *req) { - pstring fname_in; char *fname = NULL; int com; uint32 fattr = 0; @@ -1913,8 +1956,8 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) srv_make_unix_date3(req->inbuf + smb_vwv1)); /* mtime. */ - srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, - smb_buf(req->inbuf) + 1, sizeof(fname_in), 0, + srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname, + smb_buf(req->inbuf) + 1, 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -1924,7 +1967,7 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) status = resolve_dfspath(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname_in, + fname, &fname); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); @@ -2014,7 +2057,6 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) void reply_ctemp(connection_struct *conn, struct smb_request *req) { - pstring fname_in; char *fname = NULL; uint32 fattr; files_struct *fsp; @@ -2036,23 +2078,31 @@ void reply_ctemp(connection_struct *conn, struct smb_request *req) fattr = SVAL(req->inbuf,smb_vwv0); oplock_request = CORE_OPLOCK_REQUEST(req->inbuf); - srvstr_get_path((char *)req->inbuf, req->flags2, fname_in, - smb_buf(req->inbuf)+1, sizeof(fname_in), 0, STR_TERMINATE, + srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname, + smb_buf(req->inbuf)+1, 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBctemp); return; } - if (*fname_in) { - pstrcat(fname_in,"/TMXXXXXX"); + if (*fname) { + fname = talloc_asprintf(ctx, + "%s/TMXXXXXX", + fname); } else { - pstrcat(fname_in,"TMXXXXXX"); + fname = talloc_strdup(ctx, "TMXXXXXX"); + } + + if (!fname) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBctemp); + return; } status = resolve_dfspath(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - fname_in, + fname, &fname); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { @@ -2458,7 +2508,6 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, void reply_unlink(connection_struct *conn, struct smb_request *req) { - pstring name_in; char *name = NULL; uint32 dirtype; NTSTATUS status; @@ -2475,8 +2524,8 @@ void reply_unlink(connection_struct *conn, struct smb_request *req) dirtype = SVAL(req->inbuf,smb_vwv0); - srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name_in, - smb_buf(req->inbuf) + 1, sizeof(name_in), 0, + srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &name, + smb_buf(req->inbuf) + 1, 0, STR_TERMINATE, &status, &path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -2486,7 +2535,7 @@ void reply_unlink(connection_struct *conn, struct smb_request *req) status = resolve_dfspath_wcard(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - name_in, + name, &name, &path_contains_wcard); if (!NT_STATUS_IS_OK(status)) { @@ -4660,7 +4709,6 @@ void reply_printwrite(connection_struct *conn, struct smb_request *req) void reply_mkdir(connection_struct *conn, struct smb_request *req) { - pstring directory_in; char *directory = NULL; NTSTATUS status; SMB_STRUCT_STAT sbuf; @@ -4668,8 +4716,8 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req) START_PROFILE(SMBmkdir); - srvstr_get_path((char *)req->inbuf, req->flags2, directory_in, - smb_buf(req->inbuf) + 1, sizeof(directory_in), 0, + srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &directory, + smb_buf(req->inbuf) + 1, 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -4679,7 +4727,7 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req) status = resolve_dfspath(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - directory_in, + directory, &directory); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { @@ -4916,7 +4964,6 @@ NTSTATUS rmdir_internals(connection_struct *conn, const char *directory) void reply_rmdir(connection_struct *conn, struct smb_request *req) { - pstring directory_in; char *directory = NULL; SMB_STRUCT_STAT sbuf; NTSTATUS status; @@ -4924,8 +4971,8 @@ void reply_rmdir(connection_struct *conn, struct smb_request *req) START_PROFILE(SMBrmdir); - srvstr_get_path((char *)req->inbuf, req->flags2, directory_in, - smb_buf(req->inbuf) + 1, sizeof(directory_in), 0, + srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &directory, + smb_buf(req->inbuf) + 1, 0, STR_TERMINATE, &status); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -4935,7 +4982,7 @@ void reply_rmdir(connection_struct *conn, struct smb_request *req) status = resolve_dfspath(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - directory_in, + directory, &directory); if (!NT_STATUS_IS_OK(status)) { if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { @@ -5683,8 +5730,6 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, void reply_mv(connection_struct *conn, struct smb_request *req) { - pstring name_in; - pstring newname_in; char *name = NULL; char *newname = NULL; char *p; @@ -5705,8 +5750,8 @@ void reply_mv(connection_struct *conn, struct smb_request *req) attrs = SVAL(req->inbuf,smb_vwv0); p = smb_buf(req->inbuf) + 1; - p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name_in, p, - sizeof(name_in), 0, STR_TERMINATE, &status, + p += srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &name, p, + 0, STR_TERMINATE, &status, &src_has_wcard); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -5714,8 +5759,8 @@ void reply_mv(connection_struct *conn, struct smb_request *req) return; } p++; - p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, newname_in, p, - sizeof(newname_in), 0, STR_TERMINATE, &status, + p += srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &newname, p, + 0, STR_TERMINATE, &status, &dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -5725,7 +5770,7 @@ void reply_mv(connection_struct *conn, struct smb_request *req) status = resolve_dfspath_wcard(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - name_in, + name, &name, &src_has_wcard); if (!NT_STATUS_IS_OK(status)) { @@ -5742,7 +5787,7 @@ void reply_mv(connection_struct *conn, struct smb_request *req) status = resolve_dfspath_wcard(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - newname_in, + newname, &newname, &dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { @@ -5903,9 +5948,7 @@ NTSTATUS copy_file(connection_struct *conn, void reply_copy(connection_struct *conn, struct smb_request *req) { - pstring name_in; char *name = NULL; - pstring newname_in; char *newname = NULL; pstring directory; pstring mask; @@ -5938,16 +5981,16 @@ void reply_copy(connection_struct *conn, struct smb_request *req) *directory = *mask = 0; p = smb_buf(req->inbuf); - p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name_in, p, - sizeof(name_in), 0, STR_TERMINATE, &status, + p += srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &name, p, + 0, STR_TERMINATE, &status, &source_has_wild); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcopy); return; } - p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, newname_in, p, - sizeof(newname_in), 0, STR_TERMINATE, &status, + p += srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &newname, p, + 0, STR_TERMINATE, &status, &dest_has_wild); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -5955,7 +5998,7 @@ void reply_copy(connection_struct *conn, struct smb_request *req) return; } - DEBUG(3,("reply_copy : %s -> %s\n",name_in,newname_in)); + DEBUG(3,("reply_copy : %s -> %s\n",name,newname)); if (tid2 != conn->cnum) { /* can't currently handle inter share copies XXXX */ @@ -5967,7 +6010,7 @@ void reply_copy(connection_struct *conn, struct smb_request *req) status = resolve_dfspath_wcard(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - name_in, + name, &name, &source_has_wild); if (!NT_STATUS_IS_OK(status)) { @@ -5984,7 +6027,7 @@ void reply_copy(connection_struct *conn, struct smb_request *req) status = resolve_dfspath_wcard(ctx, conn, req->flags2 & FLAGS2_DFS_PATHNAMES, - newname_in, + newname, &newname, &dest_has_wild); if (!NT_STATUS_IS_OK(status)) { @@ -6085,7 +6128,7 @@ void reply_copy(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBcopy); return; } - + status = check_name(conn, newname); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); -- cgit From 12f61e09d943ea7fc4149166077507b5b0b3b4e7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 12 Sep 2007 21:48:20 +0000 Subject: r25117: The mega-patch Jerry was waiting for. Remove all pstrings from the main server code paths. We should now be able to cope with paths up to PATH_MAX length now. Final job will be to add the TALLOC_CTX * parameter to unix_convert to make it explicit (for Volker). Jeremy. (This used to be commit 7f0db75fb0f24873577dcb758a2ecee74fdc4297) --- source3/smbd/reply.c | 469 +++++++++++++++++++++++++++++++-------------------- 1 file changed, 288 insertions(+), 181 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7ac6c4699f..b94c91fe8e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1193,9 +1193,9 @@ void reply_dskattr(connection_struct *conn, struct smb_request *req) void reply_search(connection_struct *conn, struct smb_request *req) { - pstring mask; + char *mask = NULL; char *directory = NULL; - pstring fname; + char *fname = NULL; SMB_OFF_T size; uint32 mode; time_t date; @@ -1229,8 +1229,6 @@ void reply_search(connection_struct *conn, struct smb_request *req) return; } - *mask = *fname = 0; - /* If we were called as SMBffirst then we must expect close. */ if(CVAL(req->inbuf,smb_com) == SMBffirst) { expect_close = True; @@ -1297,8 +1295,8 @@ void reply_search(connection_struct *conn, struct smb_request *req) p = strrchr_m(directory,'/'); if (!p) { - pstrcpy(mask,directory); - directory = talloc_strdup(talloc_tos(),"."); + mask = directory; + directory = talloc_strdup(ctx,"."); if (!directory) { reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBsearch); @@ -1306,11 +1304,11 @@ void reply_search(connection_struct *conn, struct smb_request *req) } } else { *p = 0; - pstrcpy(mask,p+1); + mask = p+1; } if (*directory == '\0') { - directory = talloc_strdup(talloc_tos(),"."); + directory = talloc_strdup(ctx,"."); if (!directory) { reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBsearch); @@ -1349,7 +1347,10 @@ void reply_search(connection_struct *conn, struct smb_request *req) goto SearchEmpty; } string_set(&conn->dirpath,dptr_path(dptr_num)); - pstrcpy(mask, dptr_wcard(dptr_num)); + mask = dptr_wcard(dptr_num); + if (!mask) { + goto SearchEmpty; + } /* * For a 'continue' search we have no string. So * check from the initial saved string. @@ -1363,8 +1364,12 @@ void reply_search(connection_struct *conn, struct smb_request *req) if ((dirtype&0x1F) == aVOLID) { char buf[DIR_STRUCT_SIZE]; memcpy(buf,status,21); - make_dir_struct(buf,"???????????",volume_label(SNUM(conn)), - 0,aVOLID,0,!allow_long_path_components); + if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)), + 0,aVOLID,0,!allow_long_path_components)) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBsearch); + return; + } dptr_fill(buf+12,dptr_num); if (dptr_zero(buf+12) && (status_len==0)) { numentries = 1; @@ -1393,12 +1398,23 @@ void reply_search(connection_struct *conn, struct smb_request *req) } for (i=numentries;(iparams)) { char *new_mask = NULL; - mangle_lookup_name_from_8_3(talloc_tos(), + mangle_lookup_name_from_8_3(ctx, mask, &new_mask, conn->params ); if (new_mask) { - pstrcpy(mask, new_mask); + mask = new_mask; } } if (!has_wild) { - pstrcat(directory,"/"); - pstrcat(directory,mask); + directory = talloc_asprintf(ctx, + "%s/%s", + directory, + mask); + if (!directory) { + return NT_STATUS_NO_MEMORY; + } if (dirtype == 0) { dirtype = FILE_ATTRIBUTE_NORMAL; } @@ -2435,7 +2460,8 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, } if (strequal(mask,"????????.???")) { - pstrcpy(mask,"*"); + mask[0] = '*'; + mask[1] = '\0'; } status = check_name(conn, directory); @@ -2447,35 +2473,37 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, if (dir_hnd == NULL) { return map_nt_error_from_unix(errno); } - + /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then the pattern matches against the long name, otherwise the short name We don't implement this yet XXXX */ - + status = NT_STATUS_NO_SUCH_FILE; while ((dname = ReadDirName(dir_hnd, &offset))) { SMB_STRUCT_STAT st; - pstring fname; - pstrcpy(fname,dname); + char *fname = NULL; if (!is_visible_file(conn, directory, dname, &st, True)) { continue; } /* Quick check for "." and ".." */ - if (fname[0] == '.') { - if (!fname[1] || (fname[1] == '.' && !fname[2])) { - continue; - } + if (ISDOT(dname) || ISDOTDOT(dname)) { + continue; } - if(!mask_match(fname, mask, conn->case_sensitive)) { + if(!mask_match(dname, mask, conn->case_sensitive)) { continue; } - - slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); + + fname = talloc_asprintf(ctx, "%s/%s", + directory, + dname); + if (!fname) { + return NT_STATUS_NO_MEMORY; + } status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { @@ -2485,16 +2513,19 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, status = do_unlink(conn, req, fname, dirtype); if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(fname); continue; } count++; DEBUG(3,("unlink_internals: succesful unlink [%s]\n", fname)); + + TALLOC_FREE(fname); } CloseDir(dir_hnd); } - + if (count == 0 && NT_STATUS_IS_OK(status)) { status = map_nt_error_from_unix(errno); } @@ -2577,9 +2608,12 @@ void reply_unlink(connection_struct *conn, struct smb_request *req) static void fail_readraw(void) { - pstring errstr; - slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)", - strerror(errno) ); + const char *errstr = talloc_asprintf(talloc_tos(), + "FAIL ! reply_readbraw: socket write fail (%s)", + strerror(errno)); + if (!errstr) { + errstr = ""; + } exit_server_cleanly(errstr); } @@ -3097,12 +3131,14 @@ static int setup_readX_header(const uint8 *inbuf, uint8 *outbuf, False); data = smb_buf(outbuf); + memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */ + + SCVAL(outbuf,smb_vwv0,0xFF); SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ SSVAL(outbuf,smb_vwv5,smb_maxcnt); SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16)); SSVAL(smb_buf(outbuf),-2,smb_maxcnt); - SCVAL(outbuf,smb_vwv0,0xFF); /* Reset the outgoing length, set_message truncates at 0x1FFFF. */ _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4)); return outsize; @@ -3136,7 +3172,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, #if defined(WITH_SENDFILE) /* - * We can only use sendfile on a non-chained packet + * We can only use sendfile on a non-chained packet * but we can use on a non-oplocked file. tridge proved this * on a train in Germany :-). JRA. */ @@ -3146,7 +3182,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, uint8 headerbuf[smb_size + 12 * 2]; DATA_BLOB header; - /* + /* * Set up the packet header before send. We * assume here the sendfile will work (get the * correct amount of data). @@ -4790,7 +4826,9 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req) tree recursively. Return True on ok, False on fail. ****************************************************************************/ -static BOOL recursive_rmdir(connection_struct *conn, char *directory) +static BOOL recursive_rmdir(TALLOC_CTX *ctx, + connection_struct *conn, + char *directory) { const char *dname = NULL; BOOL ret = True; @@ -4801,33 +4839,35 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) return False; while((dname = ReadDirName(dir_hnd, &offset))) { - pstring fullname; + char *fullname = NULL; SMB_STRUCT_STAT st; - if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) + if (ISDOT(dname) || ISDOTDOT(dname)) { continue; + } - if (!is_visible_file(conn, directory, dname, &st, False)) + if (!is_visible_file(conn, directory, dname, &st, False)) { continue; + } /* Construct the full name. */ - if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) { + fullname = talloc_asprintf(ctx, + "%s/%s", + directory, + dname); + if (!fullname) { errno = ENOMEM; ret = False; break; } - pstrcpy(fullname, directory); - pstrcat(fullname, "/"); - pstrcat(fullname, dname); - if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) { ret = False; break; } if(st.st_mode & S_IFDIR) { - if(!recursive_rmdir(conn, fullname)) { + if(!recursive_rmdir(ctx, conn, fullname)) { ret = False; break; } @@ -4839,6 +4879,7 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) ret = False; break; } + TALLOC_FREE(fullname); } CloseDir(dir_hnd); return ret; @@ -4848,7 +4889,9 @@ static BOOL recursive_rmdir(connection_struct *conn, char *directory) The internals of the rmdir code - called elsewhere. ****************************************************************************/ -NTSTATUS rmdir_internals(connection_struct *conn, const char *directory) +NTSTATUS rmdir_internals(TALLOC_CTX *ctx, + connection_struct *conn, + const char *directory) { int ret; SMB_STRUCT_STAT st; @@ -4878,7 +4921,7 @@ NTSTATUS rmdir_internals(connection_struct *conn, const char *directory) } if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) { - /* + /* * Check to see if the only thing in this directory are * vetoed files/directories. If so then delete them and * retry. If we fail to delete any of them (and we *don't* @@ -4909,34 +4952,40 @@ NTSTATUS rmdir_internals(connection_struct *conn, const char *directory) RewindDir(dir_hnd,&dirpos); while ((dname = ReadDirName(dir_hnd,&dirpos))) { - pstring fullname; + char *fullname = NULL; - if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0)) + if (ISDOT(dname) || ISDOTDOT(dname)) { continue; - if (!is_visible_file(conn, directory, dname, &st, False)) + } + if (!is_visible_file(conn, directory, dname, &st, False)) { continue; + } + + fullname = talloc_asprintf(ctx, + "%s/%s", + directory, + dname); - /* Construct the full name. */ - if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) { + if(!fullname) { errno = ENOMEM; break; } - pstrcpy(fullname, directory); - pstrcat(fullname, "/"); - pstrcat(fullname, dname); - - if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) + if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) { break; + } if(st.st_mode & S_IFDIR) { if(lp_recursive_veto_delete(SNUM(conn))) { - if(!recursive_rmdir(conn, fullname)) + if(!recursive_rmdir(ctx, conn, fullname)) break; } - if(SMB_VFS_RMDIR(conn,fullname) != 0) + if(SMB_VFS_RMDIR(conn,fullname) != 0) { break; - } else if(SMB_VFS_UNLINK(conn,fullname) != 0) + } + } else if(SMB_VFS_UNLINK(conn,fullname) != 0) { break; + } + TALLOC_FREE(fullname); } CloseDir(dir_hnd); /* Retry the rmdir */ @@ -5012,17 +5061,17 @@ void reply_rmdir(connection_struct *conn, struct smb_request *req) } dptr_closepath(directory, req->smbpid); - status = rmdir_internals(conn, directory); + status = rmdir_internals(ctx, conn, directory); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBrmdir); return; } - + reply_outbuf(req, 0, 0); - + DEBUG( 3, ( "rmdir %s\n", directory ) ); - + END_PROFILE(SMBrmdir); return; } @@ -5451,19 +5500,21 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, /**************************************************************************** The guts of the rename command, split out so it may be called by the NT SMB - code. + code. ****************************************************************************/ -NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, - const char *name_in, - const char *newname_in, - uint32 attrs, - BOOL replace_if_exists, - BOOL src_has_wild, - BOOL dest_has_wild) +NTSTATUS rename_internals(TALLOC_CTX *ctx, + connection_struct *conn, + struct smb_request *req, + const char *name_in, + const char *newname_in, + uint32 attrs, + BOOL replace_if_exists, + BOOL src_has_wild, + BOOL dest_has_wild) { - pstring directory; - pstring mask; + char *directory = NULL; + char *mask = NULL; char *last_component_src = NULL; char *last_component_dest = NULL; char *name = NULL; @@ -5475,9 +5526,6 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, struct smb_Dir *dir_hnd = NULL; const char *dname; long offset = 0; - pstring destname; - - *directory = *mask = 0; ZERO_STRUCT(sbuf1); ZERO_STRUCT(sbuf2); @@ -5496,8 +5544,8 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, /* * Split the old name into directory and last component - * strings. Note that unix_convert may have stripped off a - * leading ./ from both name and newname if the rename is + * strings. Note that unix_convert may have stripped off a + * leading ./ from both name and newname if the rename is * at the root of the share. We need to make sure either both * name and newname contain a / character or neither of them do * as this is checked in resolve_wildcards(). @@ -5505,12 +5553,18 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, p = strrchr_m(name,'/'); if (!p) { - pstrcpy(directory,"."); - pstrcpy(mask,name); + directory = talloc_strdup(ctx, "."); + if (!directory) { + return NT_STATUS_NO_MEMORY; + } + mask = name; } else { *p = 0; - pstrcpy(directory,name); - pstrcpy(mask,p+1); + directory = talloc_strdup(ctx, name); + if (!directory) { + return NT_STATUS_NO_MEMORY; + } + mask = p+1; *p = '/'; /* Replace needed for exceptional test below. */ } @@ -5525,12 +5579,12 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) { char *new_mask = NULL; - mangle_lookup_name_from_8_3(talloc_tos(), + mangle_lookup_name_from_8_3(ctx, mask, &new_mask, conn->params ); if (new_mask) { - pstrcpy(mask, new_mask); + mask = new_mask; } } @@ -5543,12 +5597,16 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, BOOL is_short_name = mangle_is_8_3(name, True, conn->params); /* Add a terminating '/' to the directory name. */ - pstrcat(directory,"/"); - pstrcat(directory,mask); + directory = talloc_asprintf_append(directory, + "/%s", + mask); + if (!directory) { + return NT_STATUS_NO_MEMORY; + } /* Ensure newname contains a '/' also */ if(strrchr_m(newname,'/') == 0) { - newname = talloc_asprintf(talloc_tos(), + newname = talloc_asprintf(ctx, "./%s", newname); if (!newname) { @@ -5559,23 +5617,25 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, DEBUG(3, ("rename_internals: case_sensitive = %d, " "case_preserve = %d, short case preserve = %d, " "directory = %s, newname = %s, " - "last_component_dest = %s, is_8_3 = %d\n", + "last_component_dest = %s, is_8_3 = %d\n", conn->case_sensitive, conn->case_preserve, - conn->short_case_preserve, directory, + conn->short_case_preserve, directory, newname, last_component_dest, is_short_name)); /* The dest name still may have wildcards. */ if (dest_has_wild) { char *mod_newname = NULL; - if (!resolve_wildcards(talloc_tos(), + if (!resolve_wildcards(ctx, directory,newname,&mod_newname)) { - DEBUG(6, ("rename_internals: resolve_wildcards %s %s failed\n", - directory,newname)); + DEBUG(6, ("rename_internals: resolve_wildcards " + "%s %s failed\n", + directory, + newname)); return NT_STATUS_NO_MEMORY; } newname = mod_newname; } - + ZERO_STRUCT(sbuf1); SMB_VFS_STAT(conn, directory, &sbuf1); @@ -5613,41 +5673,38 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, * Wildcards - process each file that matches. */ if (strequal(mask,"????????.???")) { - pstrcpy(mask,"*"); + mask[0] = '*'; + mask[1] = '\0'; } - + status = check_name(conn, directory); if (!NT_STATUS_IS_OK(status)) { return status; } - + dir_hnd = OpenDir(conn, directory, mask, attrs); if (dir_hnd == NULL) { return map_nt_error_from_unix(errno); } - + status = NT_STATUS_NO_SUCH_FILE; /* * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND; * - gentest fix. JRA */ - + while ((dname = ReadDirName(dir_hnd, &offset))) { - files_struct *fsp; - pstring fname; + files_struct *fsp = NULL; + char *fname = NULL; + char *destname = NULL; BOOL sysdir_entry = False; - char *mod_destname = NULL; - pstrcpy(fname,dname); - /* Quick check for "." and ".." */ - if (fname[0] == '.') { - if (!fname[1] || (fname[1] == '.' && !fname[2])) { - if (attrs & aDIR) { - sysdir_entry = True; - } else { - continue; - } + if (ISDOT(dname) || ISDOTDOT(dname)) { + if (attrs & aDIR) { + sysdir_entry = True; + } else { + continue; } } @@ -5655,27 +5712,34 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, continue; } - if(!mask_match(fname, mask, conn->case_sensitive)) { + if(!mask_match(dname, mask, conn->case_sensitive)) { continue; } - + if (sysdir_entry) { status = NT_STATUS_OBJECT_NAME_INVALID; break; } - slprintf(fname, sizeof(fname)-1, "%s/%s", directory, dname); + fname = talloc_asprintf(ctx, + "%s/%s", + directory, + dname); + if (!fname) { + return NT_STATUS_NO_MEMORY; + } - pstrcpy(destname,newname); - - if (!resolve_wildcards(talloc_tos(), - fname,destname,&mod_destname)) { - DEBUG(6, ("resolve_wildcards %s %s failed\n", + if (!resolve_wildcards(ctx, + fname,newname,&destname)) { + DEBUG(6, ("resolve_wildcards %s %s failed\n", fname, destname)); + TALLOC_FREE(fname); continue; } - pstrcpy(destname,mod_destname); - + if (!destname) { + return NT_STATUS_NO_MEMORY; + } + ZERO_STRUCT(sbuf1); SMB_VFS_STAT(conn, fname, &sbuf1); @@ -5714,13 +5778,16 @@ NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req, DEBUG(3,("rename_internals: doing rename on %s -> " "%s\n",fname,destname)); + + TALLOC_FREE(fname); + TALLOC_FREE(destname); } CloseDir(dir_hnd); if (count == 0 && NT_STATUS_IS_OK(status)) { status = map_nt_error_from_unix(errno); } - + return status; } @@ -5804,7 +5871,7 @@ void reply_mv(connection_struct *conn, struct smb_request *req) DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); - status = rename_internals(conn, req, name, newname, attrs, False, + status = rename_internals(ctx, conn, req, name, newname, attrs, False, src_has_wcard, dest_has_wcard); if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(req->mid)) { @@ -5831,9 +5898,10 @@ void reply_mv(connection_struct *conn, struct smb_request *req) * TODO: check error codes on all callers */ -NTSTATUS copy_file(connection_struct *conn, - char *src, - char *dest1, +NTSTATUS copy_file(TALLOC_CTX *ctx, + connection_struct *conn, + const char *src, + const char *dest1, int ofun, int count, BOOL target_is_directory) @@ -5841,24 +5909,32 @@ NTSTATUS copy_file(connection_struct *conn, SMB_STRUCT_STAT src_sbuf, sbuf2; SMB_OFF_T ret=-1; files_struct *fsp1,*fsp2; - pstring dest; + char *dest = NULL; uint32 dosattrs; uint32 new_create_disposition; NTSTATUS status; - - pstrcpy(dest,dest1); + + dest = talloc_strdup(ctx, dest1); + if (!dest) { + return NT_STATUS_NO_MEMORY; + } if (target_is_directory) { - char *p = strrchr_m(src,'/'); + const char *p = strrchr_m(src,'/'); if (p) { p++; } else { p = src; } - pstrcat(dest,"/"); - pstrcat(dest,p); + dest = talloc_asprintf_append(dest, + "/%s", + p); + if (!dest) { + return NT_STATUS_NO_MEMORY; + } } if (!vfs_file_exist(conn,src,&src_sbuf)) { + TALLOC_FREE(dest); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -5867,6 +5943,7 @@ NTSTATUS copy_file(connection_struct *conn, } else { if (!map_open_params_to_ntcreate(dest1,0,ofun, NULL, NULL, &new_create_disposition, NULL)) { + TALLOC_FREE(dest); return NT_STATUS_INVALID_PARAMETER; } } @@ -5881,6 +5958,7 @@ NTSTATUS copy_file(connection_struct *conn, NULL, &fsp1); if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(dest); return status; } @@ -5898,6 +5976,8 @@ NTSTATUS copy_file(connection_struct *conn, INTERNAL_OPEN_ONLY, NULL, &fsp2); + TALLOC_FREE(dest); + if (!NT_STATUS_IS_OK(status)) { close_file(fsp1,ERROR_CLOSE); return status; @@ -5913,7 +5993,7 @@ NTSTATUS copy_file(connection_struct *conn, src_sbuf.st_size = 0; } } - + if (src_sbuf.st_size) { ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size); } @@ -5950,8 +6030,8 @@ void reply_copy(connection_struct *conn, struct smb_request *req) { char *name = NULL; char *newname = NULL; - pstring directory; - pstring mask; + char *directory = NULL; + char *mask = NULL; char *p; int count=0; int error = ERRnoaccess; @@ -5978,8 +6058,6 @@ void reply_copy(connection_struct *conn, struct smb_request *req) ofun = SVAL(req->inbuf,smb_vwv1); flags = SVAL(req->inbuf,smb_vwv2); - *directory = *mask = 0; - p = smb_buf(req->inbuf); p += srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &name, p, 0, STR_TERMINATE, &status, @@ -6080,12 +6158,22 @@ void reply_copy(connection_struct *conn, struct smb_request *req) p = strrchr_m(name,'/'); if (!p) { - pstrcpy(directory,"./"); - pstrcpy(mask,name); + directory = talloc_strdup(ctx, "./"); + if (!directory) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBcopy); + return; + } + mask = name; } else { *p = 0; - pstrcpy(directory,name); - pstrcpy(mask,p+1); + directory = talloc_strdup(ctx, name); + if (!directory) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBcopy); + return; + } + mask = p+1; } /* @@ -6099,21 +6187,22 @@ void reply_copy(connection_struct *conn, struct smb_request *req) if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) { char *new_mask = NULL; - mangle_lookup_name_from_8_3( talloc_tos(), + mangle_lookup_name_from_8_3(ctx, mask, &new_mask, conn->params ); if (new_mask) { - pstrcpy(mask, new_mask); + mask = new_mask; } } if (!source_has_wild) { - pstrcat(directory,"/"); - pstrcat(directory,mask); + directory = talloc_asprintf_append(directory, + "/%s", + mask); if (dest_has_wild) { char *mod_newname = NULL; - if (!resolve_wildcards(talloc_tos(), + if (!resolve_wildcards(ctx, directory,newname,&mod_newname)) { reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBcopy); @@ -6135,9 +6224,9 @@ void reply_copy(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBcopy); return; } - - status = copy_file(conn,directory,newname,ofun, - count,target_is_directory); + + status = copy_file(ctx,conn,directory,newname,ofun, + count,target_is_directory); if(!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -6148,12 +6237,13 @@ void reply_copy(connection_struct *conn, struct smb_request *req) } } else { struct smb_Dir *dir_hnd = NULL; - const char *dname; + const char *dname = NULL; long offset = 0; - pstring destname; - if (strequal(mask,"????????.???")) - pstrcpy(mask,"*"); + if (strequal(mask,"????????.???")) { + mask[0] = '*'; + mask[1] = '\0'; + } status = check_name(conn, directory); if (!NT_STATUS_IS_OK(status)) { @@ -6161,7 +6251,7 @@ void reply_copy(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBcopy); return; } - + dir_hnd = OpenDir(conn, directory, mask, 0); if (dir_hnd == NULL) { status = map_nt_error_from_unix(errno); @@ -6173,26 +6263,41 @@ void reply_copy(connection_struct *conn, struct smb_request *req) error = ERRbadfile; while ((dname = ReadDirName(dir_hnd, &offset))) { - char *mod_destname = NULL; - pstring fname; - pstrcpy(fname,dname); - + char *destname = NULL; + char *fname = NULL; + + if (ISDOT(dname) || ISDOTDOT(dname)) { + continue; + } + if (!is_visible_file(conn, directory, dname, &sbuf1, False)) { continue; } - if(!mask_match(fname, mask, conn->case_sensitive)) { + if(!mask_match(dname, mask, conn->case_sensitive)) { continue; } error = ERRnoaccess; - slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname); - pstrcpy(destname,newname); - if (!resolve_wildcards(talloc_tos(), - fname,destname,&mod_destname)) { + fname = talloc_asprintf(ctx, + "%s/%s", + directory, + dname); + if (!fname) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBcopy); + return; + } + + if (!resolve_wildcards(ctx, + fname,newname,&destname)) { continue; } - pstrcpy(destname,mod_destname); + if (!destname) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + END_PROFILE(SMBcopy); + return; + } status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { @@ -6200,25 +6305,27 @@ void reply_copy(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBcopy); return; } - + status = check_name(conn, destname); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcopy); return; } - + DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname)); - status = copy_file(conn,fname,destname,ofun, + status = copy_file(ctx,conn,fname,destname,ofun, count,target_is_directory); if (NT_STATUS_IS_OK(status)) { count++; } + TALLOC_FREE(fname); + TALLOC_FREE(destname); } CloseDir(dir_hnd); } - + if (count == 0) { if(err) { /* Error on close... */ -- cgit From eacd3140573d1122a3785823e4003bfc6352c431 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 13 Sep 2007 22:08:59 +0000 Subject: r25138: More pstring elimination. Add a TALLOC_CTX parameter to unix_convert(). Jeremy. (This used to be commit 39c211a702e91c34c1a5a689e1b0c4530ea8a1ac) --- source3/smbd/reply.c | 37 ++++++++++++++++++++----------------- 1 file changed, 20 insertions(+), 17 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b94c91fe8e..d6813bef80 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -879,7 +879,7 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->inbuf,smb_vwv0))); - status = unix_convert(conn, name, False, &name, NULL, &sbuf); + status = unix_convert(ctx, conn, name, False, &name, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { goto path_err; } @@ -986,7 +986,7 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) size = 0; mtime = 0; } else { - status = unix_convert(conn, fname, False, &fname, NULL,&sbuf); + status = unix_convert(ctx, conn, fname, False, &fname, NULL,&sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBgetatr); @@ -1081,7 +1081,7 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname, False, &fname, NULL, &sbuf); + status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBsetatr); @@ -1107,7 +1107,7 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) mode = SVAL(req->inbuf,smb_vwv0); mtime = srv_make_unix_date3(req->inbuf+smb_vwv1); - + if (mode != FILE_ATTRIBUTE_NORMAL) { if (VALID_STAT_OF_DIR(sbuf)) mode |= aDIR; @@ -1279,7 +1279,8 @@ void reply_search(connection_struct *conn, struct smb_request *req) if (status_len == 0) { SMB_STRUCT_STAT sbuf; - nt_status = unix_convert(conn, path, True, &directory, NULL, &sbuf); + nt_status = unix_convert(ctx, conn, path, True, + &directory, NULL, &sbuf); if (!NT_STATUS_IS_OK(nt_status)) { reply_nterror(req, nt_status); END_PROFILE(SMBsearch); @@ -1612,13 +1613,13 @@ void reply_open(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname, False, &fname, NULL, &sbuf); + status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBopen); return; } - + status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -1776,7 +1777,7 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname, False, &fname, NULL, &sbuf); + status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBopenX); @@ -1996,7 +1997,7 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname, False, &fname, NULL, &sbuf); + status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcreate); @@ -2132,7 +2133,7 @@ void reply_ctemp(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, fname, False, &fname, NULL, &sbuf); + status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBctemp); @@ -2389,7 +2390,7 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, SMB_STRUCT_STAT sbuf; TALLOC_CTX *ctx = talloc_tos(); - status = unix_convert(conn, name_in, has_wild, &name, NULL, &sbuf); + status = unix_convert(ctx, conn, name_in, has_wild, &name, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -4777,7 +4778,7 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, directory, False, &directory, NULL, &sbuf); + status = unix_convert(ctx, conn, directory, False, &directory, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBmkdir); @@ -5045,7 +5046,7 @@ void reply_rmdir(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, directory, False, &directory, + status = unix_convert(ctx, conn, directory, False, &directory, NULL, &sbuf); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); @@ -5530,13 +5531,13 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, ZERO_STRUCT(sbuf1); ZERO_STRUCT(sbuf2); - status = unix_convert(conn, name_in, src_has_wild, &name, + status = unix_convert(ctx, conn, name_in, src_has_wild, &name, &last_component_src, &sbuf1); if (!NT_STATUS_IS_OK(status)) { return status; } - status = unix_convert(conn, newname_in, dest_has_wild, &newname, + status = unix_convert(ctx, conn, newname_in, dest_has_wild, &newname, &last_component_dest, &sbuf2); if (!NT_STATUS_IS_OK(status)) { return status; @@ -6120,14 +6121,16 @@ void reply_copy(connection_struct *conn, struct smb_request *req) return; } - status = unix_convert(conn, name, source_has_wild, &name, NULL, &sbuf1); + status = unix_convert(ctx, conn, name, source_has_wild, + &name, NULL, &sbuf1); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcopy); return; } - status = unix_convert(conn, newname, dest_has_wild, &newname, NULL, &sbuf2); + status = unix_convert(ctx, conn, newname, dest_has_wild, + &newname, NULL, &sbuf2); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBcopy); -- cgit From 4b21570812bfb070d4f4cc287780460c6bc50cca Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 4 Oct 2007 13:13:16 +0000 Subject: r25502: Fix bug 5006 Thanks to Joerg.Bernau at web.de (This used to be commit 492977016fa66ce0e98a5bdd1c0f00eacdf13f0c) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d6813bef80..e27272f0dd 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3923,7 +3923,7 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) if(IVAL(req->inbuf,smb_vwv12) != 0) { DEBUG(0,("reply_write_and_X - large offset (%x << 32) " "used and we don't support 64 bit offsets.\n", - (unsigned int)IVAL(inbuf,smb_vwv12) )); + (unsigned int)IVAL(req->inbuf,smb_vwv12) )); reply_doserror(req, ERRDOS, ERRbadaccess); END_PROFILE(SMBwriteX); return; -- cgit From e5a951325a6cac8567af3a66de6d2df577508ae4 Mon Sep 17 00:00:00 2001 From: "Gerald (Jerry) Carter" Date: Wed, 10 Oct 2007 15:34:30 -0500 Subject: [GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab) --- source3/smbd/reply.c | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e27272f0dd..7c44216aea 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -402,7 +402,7 @@ void reply_special(char *inbuf) memset(outbuf, '\0', sizeof(outbuf)); - smb_setlen(inbuf,outbuf,0); + smb_setlen(outbuf,0); switch (msg_type) { case 0x81: /* session request */ @@ -1645,8 +1645,8 @@ void reply_open(connection_struct *conn, struct smb_request *req) if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(req->mid)) { - END_PROFILE(SMBopen); /* We have re-scheduled this call. */ + END_PROFILE(SMBopen); return; } reply_openerror(req, status); @@ -2040,7 +2040,7 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) /* We have re-scheduled this call. */ return; } - reply_nterror(req, status); + reply_openerror(req, status); return; } @@ -3017,7 +3017,7 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", return; } - set_message(NULL, (char *)req->outbuf, 5, nread+3, False); + set_message((char *)req->outbuf, 5, nread+3, False); SSVAL(req->outbuf,smb_vwv0,nread); SSVAL(req->outbuf,smb_vwv5,nread+3); @@ -3104,7 +3104,7 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", return; } - set_message(NULL, (char *)req->outbuf, 5, nread+3, False); + set_message((char *)req->outbuf, 5, nread+3, False); SSVAL(req->outbuf,smb_vwv0,nread); SSVAL(req->outbuf,smb_vwv5,nread+3); @@ -3122,14 +3122,12 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", Setup readX header. ****************************************************************************/ -static int setup_readX_header(const uint8 *inbuf, uint8 *outbuf, - size_t smb_maxcnt) +static int setup_readX_header(char *outbuf, size_t smb_maxcnt) { int outsize; char *data; - outsize = set_message((char *)inbuf, (char *)outbuf,12,smb_maxcnt, - False); + outsize = set_message(outbuf,12,smb_maxcnt,False); data = smb_buf(outbuf); memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */ @@ -3192,7 +3190,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, header = data_blob_const(headerbuf, sizeof(headerbuf)); construct_reply_common((char *)req->inbuf, (char *)headerbuf); - setup_readX_header(req->inbuf, headerbuf, smb_maxcnt); + setup_readX_header((char *)headerbuf, smb_maxcnt); if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) { /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ @@ -3243,7 +3241,7 @@ normal_read: uint8 headerbuf[smb_size + 2*12]; construct_reply_common((char *)req->inbuf, (char *)headerbuf); - setup_readX_header(req->inbuf, headerbuf, smb_maxcnt); + setup_readX_header((char *)headerbuf, smb_maxcnt); /* Send out the header. */ if (write_data(smbd_server_fd(), (char *)headerbuf, @@ -3270,7 +3268,7 @@ normal_read: return; } - setup_readX_header(req->inbuf, req->outbuf, nread); + setup_readX_header((char *)req->outbuf, nread); DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); @@ -3334,8 +3332,8 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBreadX); return; } - /* We currently don't do this on signed or sealed data. */ - if (srv_is_signing_active() || srv_encryption_on()) { + /* We currently don't do this on signed data. */ + if (srv_is_signing_active()) { reply_nterror(req, NT_STATUS_NOT_SUPPORTED); END_PROFILE(SMBreadX); return; @@ -3526,7 +3524,7 @@ void reply_writebraw(connection_struct *conn, struct smb_request *req) * it to send more bytes */ memcpy(buf, req->inbuf, smb_size); - outsize = set_message(NULL,buf, + outsize = set_message(buf, Protocol>PROTOCOL_COREPLUS?1:0,0,True); SCVAL(buf,smb_com,SMBwritebraw); SSVALS(buf,smb_vwv0,0xFFFF); -- cgit From 30191d1a5704ad2b158386b511558972d539ce47 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 18 Oct 2007 17:40:25 -0700 Subject: RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f) --- source3/smbd/reply.c | 104 +++++++++++++++++++++++++-------------------------- 1 file changed, 52 insertions(+), 52 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 7c44216aea..38ce797eeb 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -33,7 +33,7 @@ unsigned int smb_echo_count = 0; extern uint32 global_client_caps; extern struct current_user current_user; -extern BOOL global_encrypted_passwords_negotiated; +extern bool global_encrypted_passwords_negotiated; /**************************************************************************** Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext @@ -47,13 +47,13 @@ extern BOOL global_encrypted_passwords_negotiated; #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\')) static NTSTATUS check_path_syntax_internal(char *path, - BOOL posix_path, - BOOL *p_last_component_contains_wcard) + bool posix_path, + bool *p_last_component_contains_wcard) { char *d = path; const char *s = path; NTSTATUS ret = NT_STATUS_OK; - BOOL start_of_name_component = True; + bool start_of_name_component = True; *p_last_component_contains_wcard = False; @@ -177,7 +177,7 @@ static NTSTATUS check_path_syntax_internal(char *path, NTSTATUS check_path_syntax(char *path) { - BOOL ignore; + bool ignore; return check_path_syntax_internal(path, False, &ignore); } @@ -187,7 +187,7 @@ NTSTATUS check_path_syntax(char *path) a wildcard. ****************************************************************************/ -NTSTATUS check_path_syntax_wcard(char *path, BOOL *p_contains_wcard) +NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard) { return check_path_syntax_internal(path, False, p_contains_wcard); } @@ -200,7 +200,7 @@ NTSTATUS check_path_syntax_wcard(char *path, BOOL *p_contains_wcard) NTSTATUS check_path_syntax_posix(char *path) { - BOOL ignore; + bool ignore; return check_path_syntax_internal(path, True, &ignore); } @@ -216,7 +216,7 @@ size_t srvstr_get_path_wcard(TALLOC_CTX *ctx, size_t src_len, int flags, NTSTATUS *err, - BOOL *contains_wcard) + bool *contains_wcard) { size_t ret; @@ -325,7 +325,7 @@ size_t srvstr_get_path(TALLOC_CTX *ctx, Check if we have a correct fsp pointing to a file. Basic check for open fsp. ****************************************************************************/ -BOOL check_fsp_open(connection_struct *conn, struct smb_request *req, +bool check_fsp_open(connection_struct *conn, struct smb_request *req, files_struct *fsp, struct current_user *user) { if (!(fsp) || !(conn)) { @@ -344,7 +344,7 @@ BOOL check_fsp_open(connection_struct *conn, struct smb_request *req, CHECK_FSP macro. ****************************************************************************/ -BOOL check_fsp(connection_struct *conn, struct smb_request *req, +bool check_fsp(connection_struct *conn, struct smb_request *req, files_struct *fsp, struct current_user *user) { if (!check_fsp_open(conn, req, fsp, user)) { @@ -366,7 +366,7 @@ BOOL check_fsp(connection_struct *conn, struct smb_request *req, Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro ****************************************************************************/ -BOOL fsp_belongs_conn(connection_struct *conn, struct smb_request *req, +bool fsp_belongs_conn(connection_struct *conn, struct smb_request *req, files_struct *fsp, struct current_user *user) { if ((fsp) && (conn) && ((conn)==(fsp)->conn) @@ -396,7 +396,7 @@ void reply_special(char *inbuf) */ char outbuf[smb_size]; - static BOOL already_got_session = False; + static bool already_got_session = False; *name1 = *name2 = 0; @@ -1202,17 +1202,17 @@ void reply_search(connection_struct *conn, struct smb_request *req) uint32 dirtype; unsigned int numentries = 0; unsigned int maxentries = 0; - BOOL finished = False; + bool finished = False; char *p; int status_len; char *path = NULL; char status[21]; int dptr_num= -1; - BOOL check_descend = False; - BOOL expect_close = False; + bool check_descend = False; + bool expect_close = False; NTSTATUS nt_status; - BOOL mask_contains_wcard = False; - BOOL allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False; + bool mask_contains_wcard = False; + bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False; TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBsearch); @@ -1501,7 +1501,7 @@ void reply_fclose(connection_struct *conn, struct smb_request *req) char *p; char *path = NULL; NTSTATUS err; - BOOL path_contains_wcard = False; + bool path_contains_wcard = False; TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBfclose); @@ -2379,7 +2379,7 @@ static NTSTATUS do_unlink(connection_struct *conn, ****************************************************************************/ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, - uint32 dirtype, const char *name_in, BOOL has_wild) + uint32 dirtype, const char *name_in, bool has_wild) { const char *directory = NULL; char *mask = NULL; @@ -2543,7 +2543,7 @@ void reply_unlink(connection_struct *conn, struct smb_request *req) char *name = NULL; uint32 dirtype; NTSTATUS status; - BOOL path_contains_wcard = False; + bool path_contains_wcard = False; TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBunlink); @@ -3288,7 +3288,7 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) files_struct *fsp; SMB_OFF_T startpos; size_t smb_maxcnt; - BOOL big_readX = False; + bool big_readX = False; #if 0 size_t smb_mincnt = SVAL(req->inbuf,smb_vwv6); #endif @@ -3422,7 +3422,7 @@ void reply_writebraw(connection_struct *conn, struct smb_request *req) size_t tcount; SMB_OFF_T startpos; char *data=NULL; - BOOL write_through; + bool write_through; files_struct *fsp; NTSTATUS status; @@ -3849,12 +3849,12 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) files_struct *fsp; SMB_OFF_T startpos; size_t numtowrite; - BOOL write_through; + bool write_through; ssize_t nwritten; unsigned int smb_doff; unsigned int smblen; char *data; - BOOL large_writeX; + bool large_writeX; NTSTATUS status; START_PROFILE(SMBwriteX); @@ -4825,12 +4825,12 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req) tree recursively. Return True on ok, False on fail. ****************************************************************************/ -static BOOL recursive_rmdir(TALLOC_CTX *ctx, +static bool recursive_rmdir(TALLOC_CTX *ctx, connection_struct *conn, char *directory) { const char *dname = NULL; - BOOL ret = True; + bool ret = True; long offset = 0; struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0); @@ -5079,7 +5079,7 @@ void reply_rmdir(connection_struct *conn, struct smb_request *req) Resolve wildcards in a filename rename. ********************************************************************/ -static BOOL resolve_wildcards(TALLOC_CTX *ctx, +static bool resolve_wildcards(TALLOC_CTX *ctx, const char *name1, const char *name2, char **pp_newname) @@ -5212,7 +5212,7 @@ static void rename_open_files(connection_struct *conn, const char *newname) { files_struct *fsp; - BOOL did_rename = False; + bool did_rename = False; for(fsp = file_find_di_first(lck->id); fsp; fsp = file_find_di_next(fsp)) { @@ -5251,7 +5251,7 @@ static void rename_open_files(connection_struct *conn, report from . ****************************************************************************/ -static BOOL rename_path_prefix_equal(const char *src, const char *dest) +static bool rename_path_prefix_equal(const char *src, const char *dest) { const char *psrc = src; const char *pdst = dest; @@ -5273,7 +5273,7 @@ static BOOL rename_path_prefix_equal(const char *src, const char *dest) * Do the notify calls from a rename */ -static void notify_rename(connection_struct *conn, BOOL is_dir, +static void notify_rename(connection_struct *conn, bool is_dir, const char *oldpath, const char *newpath) { char *olddir, *newdir; @@ -5320,13 +5320,13 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, char *newname, const char *newname_last_component, uint32 attrs, - BOOL replace_if_exists) + bool replace_if_exists) { TALLOC_CTX *ctx = talloc_tos(); SMB_STRUCT_STAT sbuf, sbuf1; NTSTATUS status = NT_STATUS_OK; struct share_mode_lock *lck = NULL; - BOOL dst_exists; + bool dst_exists; ZERO_STRUCT(sbuf); @@ -5508,9 +5508,9 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, const char *name_in, const char *newname_in, uint32 attrs, - BOOL replace_if_exists, - BOOL src_has_wild, - BOOL dest_has_wild) + bool replace_if_exists, + bool src_has_wild, + bool dest_has_wild) { char *directory = NULL; char *mask = NULL; @@ -5593,7 +5593,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, /* * No wildcards - just process the one file. */ - BOOL is_short_name = mangle_is_8_3(name, True, conn->params); + bool is_short_name = mangle_is_8_3(name, True, conn->params); /* Add a terminating '/' to the directory name. */ directory = talloc_asprintf_append(directory, @@ -5696,7 +5696,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, files_struct *fsp = NULL; char *fname = NULL; char *destname = NULL; - BOOL sysdir_entry = False; + bool sysdir_entry = False; /* Quick check for "." and ".." */ if (ISDOT(dname) || ISDOTDOT(dname)) { @@ -5801,8 +5801,8 @@ void reply_mv(connection_struct *conn, struct smb_request *req) char *p; uint32 attrs; NTSTATUS status; - BOOL src_has_wcard = False; - BOOL dest_has_wcard = False; + bool src_has_wcard = False; + bool dest_has_wcard = False; TALLOC_CTX *ctx = talloc_tos(); START_PROFILE(SMBmv); @@ -5903,7 +5903,7 @@ NTSTATUS copy_file(TALLOC_CTX *ctx, const char *dest1, int ofun, int count, - BOOL target_is_directory) + bool target_is_directory) { SMB_STRUCT_STAT src_sbuf, sbuf2; SMB_OFF_T ret=-1; @@ -6038,9 +6038,9 @@ void reply_copy(connection_struct *conn, struct smb_request *req) int tid2; int ofun; int flags; - BOOL target_is_directory=False; - BOOL source_has_wild = False; - BOOL dest_has_wild = False; + bool target_is_directory=False; + bool source_has_wild = False; + bool dest_has_wild = False; SMB_STRUCT_STAT sbuf1, sbuf2; NTSTATUS status; TALLOC_CTX *ctx = talloc_tos(); @@ -6355,7 +6355,7 @@ void reply_copy(connection_struct *conn, struct smb_request *req) Get a lock pid, dealing with large count requests. ****************************************************************************/ -uint32 get_lock_pid( char *data, int data_offset, BOOL large_file_format) +uint32 get_lock_pid( char *data, int data_offset, bool large_file_format) { if(!large_file_format) return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset)); @@ -6367,7 +6367,7 @@ uint32 get_lock_pid( char *data, int data_offset, BOOL large_file_format) Get a lock count, dealing with large count requests. ****************************************************************************/ -SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format) +SMB_BIG_UINT get_lock_count( char *data, int data_offset, bool large_file_format) { SMB_BIG_UINT count = 0; @@ -6439,7 +6439,7 @@ static uint32 map_lock_offset(uint32 high, uint32 low) Get a lock offset, dealing with large offset requests. ****************************************************************************/ -SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err) +SMB_BIG_UINT get_lock_offset( char *data, int data_offset, bool large_file_format, bool *err) { SMB_BIG_UINT offset = 0; @@ -6500,8 +6500,8 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) int32 lock_timeout; int i; char *data; - BOOL large_file_format; - BOOL err; + bool large_file_format; + bool err; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; START_PROFILE(SMBlockingX); @@ -6541,8 +6541,8 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) */ if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) { /* Client can insist on breaking to none. */ - BOOL break_to_none = (oplocklevel == 0); - BOOL result; + bool break_to_none = (oplocklevel == 0); + bool result; DEBUG(5,("reply_lockingX: oplock break reply (%u) from client " "for fnum = %d\n", (unsigned int)oplocklevel, @@ -6720,8 +6720,8 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) offset, WINDOWS_LOCK); } else { - BOOL blocking_lock = lock_timeout ? True : False; - BOOL defer_lock = False; + bool blocking_lock = lock_timeout ? True : False; + bool defer_lock = False; struct byte_range_lock *br_lck; uint32 block_smbpid; -- cgit From c3250149e12338fac5093991b385ad2807c92d1f Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 30 Oct 2007 16:22:24 -0700 Subject: Add new parameter, "min receivefile size" (by default set to zero). If non-zero, writeX calls greater than this value will be left in the socket buffer for later handling with recvfile (or userspace equivalent). Definition of recvfile for your system is left as an exercise for the reader (I'm working on getting splice working :-). Jeremy. (This used to be commit 11c03b75ddbcb6e36b231bb40a1773d1c550621c) --- source3/smbd/reply.c | 95 ++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 81 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 38ce797eeb..4c1ed56d4f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3494,7 +3494,7 @@ void reply_writebraw(connection_struct *conn, struct smb_request *req) } if (numtowrite>0) { - nwritten = write_file(fsp,data,startpos,numtowrite); + nwritten = write_file(req,fsp,data,startpos,numtowrite); } DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d " @@ -3572,7 +3572,7 @@ void reply_writebraw(connection_struct *conn, struct smb_request *req) exit_server_cleanly("secondary writebraw failed"); } - nwritten = write_file(fsp,buf+4,startpos+nwritten,numtowrite); + nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite); if (nwritten == -1) { TALLOC_FREE(buf); reply_unixerror(req, ERRHRD, ERRdiskfull); @@ -3686,7 +3686,7 @@ void reply_writeunlock(connection_struct *conn, struct smb_request *req) if(numtowrite == 0) { nwritten = 0; } else { - nwritten = write_file(fsp,data,startpos,numtowrite); + nwritten = write_file(req,fsp,data,startpos,numtowrite); } status = sync_file(conn, fsp, False /* write through */); @@ -3808,7 +3808,7 @@ void reply_write(connection_struct *conn, struct smb_request *req) return; } } else - nwritten = write_file(fsp,data,startpos,numtowrite); + nwritten = write_file(req,fsp,data,startpos,numtowrite); status = sync_file(conn, fsp, False); if (!NT_STATUS_IS_OK(status)) { @@ -3840,6 +3840,64 @@ void reply_write(connection_struct *conn, struct smb_request *req) return; } +/**************************************************************************** + Ensure a buffer is a valid writeX for recvfile purposes. +****************************************************************************/ + +#define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \ + (2*14) + /* word count (including bcc) */ \ + 1 /* pad byte */) + +bool is_valid_writeX_buffer(char *inbuf) +{ + size_t numtowrite; + connection_struct *conn = NULL; + unsigned int doff = 0; + size_t len = smb_len(inbuf); + + if (CVAL(inbuf,smb_com) != SMBwriteX || + CVAL(inbuf,smb_vwv0) != 0xFF || + CVAL(inbuf,smb_wct) != 14) { + return false; + } + conn = conn_find(SVAL(inbuf, smb_tid)); + if (conn == NULL) { + return false; + } + if (IS_IPC(conn)) { + return false; + } + numtowrite = SVAL(inbuf,smb_vwv10); + numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16); + if (numtowrite == 0) { + return false; + } + /* Ensure the sizes match up. */ + doff = SVAL(inbuf,smb_vwv11); + + if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) { + /* no pad byte...old smbclient :-( */ + return false; + } + + if (len - doff != numtowrite) { + DEBUG(10,("is_valid_writeX_buffer: doff mismatch " + "len = %u, doff = %u, numtowrite = %u\n", + (unsigned int)len, + (unsigned int)doff, + (unsigned int)numtowrite )); + return false; + } + + DEBUG(10,("is_valid_writeX_buffer: true " + "len = %u, doff = %u, numtowrite = %u\n", + (unsigned int)len, + (unsigned int)doff, + (unsigned int)numtowrite )); + + return true; +} + /**************************************************************************** Reply to a write and X. ****************************************************************************/ @@ -3875,10 +3933,18 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) numtowrite |= ((((size_t)SVAL(req->inbuf,smb_vwv9)) & 1 )<<16); } - if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) { - reply_doserror(req, ERRDOS, ERRbadmem); - END_PROFILE(SMBwriteX); - return; + if (req->unread_bytes) { + if (numtowrite != req->unread_bytes) { + reply_doserror(req, ERRDOS, ERRbadmem); + END_PROFILE(SMBwriteX); + return; + } + } else { + if (smb_doff > smblen || smb_doff + numtowrite > smblen) { + reply_doserror(req, ERRDOS, ERRbadmem); + END_PROFILE(SMBwriteX); + return; + } } /* If it's an IPC, pass off the pipe handler. */ @@ -3947,15 +4013,16 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) nwritten = 0; } else { - if (schedule_aio_write_and_X(conn, req, fsp, data, startpos, - numtowrite)) { + if (req->unread_bytes == 0 && + schedule_aio_write_and_X(conn, req, fsp, data, + startpos, numtowrite)) { END_PROFILE(SMBwriteX); return; } - nwritten = write_file(fsp,data,startpos,numtowrite); + nwritten = write_file(req,fsp,data,startpos,numtowrite); } - + if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { reply_unixerror(req, ERRHRD, ERRdiskfull); END_PROFILE(SMBwriteX); @@ -4264,7 +4331,7 @@ void reply_writeclose(connection_struct *conn, struct smb_request *req) return; } - nwritten = write_file(fsp,data,startpos,numtowrite); + nwritten = write_file(req,fsp,data,startpos,numtowrite); set_filetime(conn, fsp->fsp_name, mtime); @@ -4726,7 +4793,7 @@ void reply_printwrite(connection_struct *conn, struct smb_request *req) data = smb_buf(req->inbuf) + 3; - if (write_file(fsp,data,-1,numtowrite) != numtowrite) { + if (write_file(req,fsp,data,-1,numtowrite) != numtowrite) { reply_unixerror(req, ERRHRD, ERRdiskfull); END_PROFILE(SMBsplwr); return; -- cgit From ff82c0a037b7c7ce69d87ab70284acc71df5e1a7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 30 Oct 2007 18:18:40 -0700 Subject: Handle the disk full error case correctly. Jeremy. (This used to be commit b7088bb9c2a00d4717b9a7efa4bddc0c005f4efb) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4c1ed56d4f..531e71fe73 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3698,7 +3698,7 @@ void reply_writeunlock(connection_struct *conn, struct smb_request *req) return; } - if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) { + if(((nwritten < numtowrite) && (numtowrite != 0))||(nwritten < 0)) { reply_unixerror(req, ERRHRD, ERRdiskfull); END_PROFILE(SMBwriteunlock); return; -- cgit From 8f1f2f04c796a8659d93bafadefca4a98fee00f0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 31 Oct 2007 15:45:45 -0700 Subject: Fix some cases where file_set_dosmode was being passed False instead of NULL. Fix more of the notifications to be correct for Samba4 RAW-NOTIFY torture (we had missed one when calling set_ea_dos_attribute(). Jeremy. (This used to be commit 39d265375cf55eedddef2c4faa65398df73d5ed2) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 531e71fe73..d2aa6c6929 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1114,7 +1114,7 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) else mode &= ~aDIR; - if (file_set_dosmode(conn,fname,mode,&sbuf,False) != 0) { + if (file_set_dosmode(conn,fname,mode,&sbuf,NULL,false) != 0) { reply_unixerror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBsetatr); return; -- cgit From c94b2898cd5d1174181add198a462ab232f5aba6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 1 Nov 2007 21:51:45 -0700 Subject: Ensure we detect a large writeX when using recvfile. More changes needed to make the UNIX_LARGE_WRITEX_CAP writes work (I'll add these tomorrow). Jeremy. (This used to be commit 1c71546b6152d2930b98f766311bbd161ee0ee4e) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d2aa6c6929..d4f3f1f255 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3926,7 +3926,8 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) numtowrite = SVAL(req->inbuf,smb_vwv10); smb_doff = SVAL(req->inbuf,smb_vwv11); smblen = smb_len(req->inbuf); - large_writeX = ((req->wct == 14) && (smblen > 0xFFFF)); + large_writeX = (req->wct == 14 && + (smblen > 0xFFFF || req->unread_bytes > 0xFFFF)); /* Deal with possible LARGE_WRITEX */ if (large_writeX) { -- cgit From bece9609cd633d69c2c8dc72fcb6c26c4f11f9f2 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 1 Nov 2007 22:24:39 -0700 Subject: Be careful and take care of the correct lengths in large writeX calls. Jeremy. (This used to be commit 2d3ff9c502105f92720131355b41e48be8d656c2) --- source3/smbd/reply.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d4f3f1f255..c83066d41e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3912,7 +3912,6 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) unsigned int smb_doff; unsigned int smblen; char *data; - bool large_writeX; NTSTATUS status; START_PROFILE(SMBwriteX); @@ -3926,12 +3925,11 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) numtowrite = SVAL(req->inbuf,smb_vwv10); smb_doff = SVAL(req->inbuf,smb_vwv11); smblen = smb_len(req->inbuf); - large_writeX = (req->wct == 14 && - (smblen > 0xFFFF || req->unread_bytes > 0xFFFF)); - /* Deal with possible LARGE_WRITEX */ - if (large_writeX) { - numtowrite |= ((((size_t)SVAL(req->inbuf,smb_vwv9)) & 1 )<<16); + if (req->unread_bytes > 0xFFFF || + (smblen > smb_doff + 4 && + smblen - smb_doff + 4 > 0xFFFF)) { + numtowrite |= (((size_t)SVAL(req->inbuf,smb_vwv9))<<16); } if (req->unread_bytes) { @@ -3941,7 +3939,8 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) return; } } else { - if (smb_doff > smblen || smb_doff + numtowrite > smblen) { + if (smb_doff + 4 > smblen || smb_doff + 4 + numtowrite < numtowrite || + smb_doff + 4 + numtowrite > smblen) { reply_doserror(req, ERRDOS, ERRbadmem); END_PROFILE(SMBwriteX); return; @@ -4032,8 +4031,7 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) reply_outbuf(req, 6, 0); SSVAL(req->outbuf,smb_vwv2,nwritten); - if (large_writeX) - SSVAL(req->outbuf,smb_vwv4,(nwritten>>16)&1); + SSVAL(req->outbuf,smb_vwv4,nwritten>>16); if (nwritten < (ssize_t)numtowrite) { SCVAL(req->outbuf,smb_rcls,ERRHRD); -- cgit From 10500184bf7aac4c1036a807ad4f57d2016d7bd0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 1 Nov 2007 22:42:21 -0700 Subject: Ensure we can't accidently do a pipe write with unread bytes in the socket buffer. Jeremy (This used to be commit 84d22f7747126608b9460f9591bb5967d871b82d) --- source3/smbd/reply.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c83066d41e..de0e852e2a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3949,6 +3949,11 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) /* If it's an IPC, pass off the pipe handler. */ if (IS_IPC(conn)) { + if (req->unread_bytes) { + reply_doserror(req, ERRDOS, ERRbadmem); + END_PROFILE(SMBwriteX); + return; + } reply_pipe_write_and_X(req); END_PROFILE(SMBwriteX); return; -- cgit From 414ab2ce46dd62d0119f03eca93783bc489af896 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 2 Nov 2007 10:35:10 -0700 Subject: Argggh. smblen doesn't include the +4, so my smb_doff calculations shouldn't either :-). Jeremy. (This used to be commit c3de44b6b063e126095b30536fdcb643c70e395e) --- source3/smbd/reply.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index de0e852e2a..84c1892560 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3927,8 +3927,8 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) smblen = smb_len(req->inbuf); if (req->unread_bytes > 0xFFFF || - (smblen > smb_doff + 4 && - smblen - smb_doff + 4 > 0xFFFF)) { + (smblen > smb_doff && + smblen - smb_doff > 0xFFFF)) { numtowrite |= (((size_t)SVAL(req->inbuf,smb_vwv9))<<16); } @@ -3939,8 +3939,8 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) return; } } else { - if (smb_doff + 4 > smblen || smb_doff + 4 + numtowrite < numtowrite || - smb_doff + 4 + numtowrite > smblen) { + if (smb_doff > smblen || smb_doff + numtowrite < numtowrite || + smb_doff + numtowrite > smblen) { reply_doserror(req, ERRDOS, ERRbadmem); END_PROFILE(SMBwriteX); return; -- cgit From 329365684bca99bf9020b6638a1357df65c1d938 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 2 Nov 2007 12:21:34 -0700 Subject: Change the client library to write directly out of the incoming buffer in the non-signed case. Speeds up writes by over 10% or so. Complete the server recvfile implementation. Jeremy. (This used to be commit 81ca5853b2475f123faab3b550f0a7b24ae3c208) --- source3/smbd/reply.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 84c1892560..a7fa67df22 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3848,12 +3848,12 @@ void reply_write(connection_struct *conn, struct smb_request *req) (2*14) + /* word count (including bcc) */ \ 1 /* pad byte */) -bool is_valid_writeX_buffer(char *inbuf) +bool is_valid_writeX_buffer(const char *inbuf) { size_t numtowrite; connection_struct *conn = NULL; unsigned int doff = 0; - size_t len = smb_len(inbuf); + size_t len = smb_len_large(inbuf); if (CVAL(inbuf,smb_com) != SMBwriteX || CVAL(inbuf,smb_vwv0) != 0xFF || @@ -3867,14 +3867,19 @@ bool is_valid_writeX_buffer(char *inbuf) if (IS_IPC(conn)) { return false; } + doff = SVAL(inbuf,smb_vwv11); + numtowrite = SVAL(inbuf,smb_vwv10); - numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16); + + if (len > doff && len - doff > 0xFFFF) { + numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16); + } + if (numtowrite == 0) { return false; } - /* Ensure the sizes match up. */ - doff = SVAL(inbuf,smb_vwv11); + /* Ensure the sizes match up. */ if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) { /* no pad byte...old smbclient :-( */ return false; -- cgit From 36441da4240f3e3a296eed65f0796b25b7b05a3a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 5 Nov 2007 11:12:56 -0800 Subject: Remove the horror that was the global smb_rw_error. Each cli struct has it's own local copy of this variable, so use that in client code. In the smbd server, add one static to smbd/proccess.c and use that inside smbd. Fix a bunch of places where smb_rw_error could be set by calling read_data() in places where we weren't reading from the SMB client socket (ie. winbindd). Jeremy. (This used to be commit 255c2adf7b6ef30932b5bb9f142ccef4a5d3d0db) --- source3/smbd/reply.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a7fa67df22..1b36fb1e44 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3535,7 +3535,8 @@ void reply_writebraw(connection_struct *conn, struct smb_request *req) } /* Now read the raw data into the buffer and write it */ - if (read_smb_length(smbd_server_fd(),buf,SMB_SECONDARY_WAIT) == -1) { + if (read_smb_length(smbd_server_fd(),buf, + SMB_SECONDARY_WAIT, get_srv_read_error()) == -1) { exit_server_cleanly("secondary writebraw failed"); } @@ -3564,7 +3565,7 @@ void reply_writebraw(connection_struct *conn, struct smb_request *req) (int)tcount,(int)nwritten,(int)numtowrite)); } - if (read_data(smbd_server_fd(), buf+4, numtowrite) + if (read_data(smbd_server_fd(), buf+4, numtowrite,get_srv_read_error()) != numtowrite ) { DEBUG(0,("reply_writebraw: Oversize secondary write " "raw read failed (%s). Terminating\n", -- cgit From ae74aa9993863be8f75f203201b338e98824ce06 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 7 Nov 2007 21:47:00 -0800 Subject: Constrain "min receivefile size" to max of BUFFER_SIZE (128k). Add debug error messages so we can see why writeX large is denied. Ensure we don't allow recvfile writes on IPC$. Jeremy. (This used to be commit 6bf053a6a17749a3bc73c8cc5fd490aa5f93b763) --- source3/smbd/reply.c | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1b36fb1e44..45081808e1 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3856,16 +3856,24 @@ bool is_valid_writeX_buffer(const char *inbuf) unsigned int doff = 0; size_t len = smb_len_large(inbuf); - if (CVAL(inbuf,smb_com) != SMBwriteX || - CVAL(inbuf,smb_vwv0) != 0xFF || + if (CVAL(inbuf,smb_com) != SMBwriteX) { + return false; + } + + if (CVAL(inbuf,smb_vwv0) != 0xFF || CVAL(inbuf,smb_wct) != 14) { + DEBUG(10,("is_valid_writeX_buffer: chained or " + "invalid word length.\n")); return false; } + conn = conn_find(SVAL(inbuf, smb_tid)); if (conn == NULL) { + DEBUG(10,("is_valid_writeX_buffer: bad tid\n")); return false; } if (IS_IPC(conn)) { + DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n")); return false; } doff = SVAL(inbuf,smb_vwv11); @@ -3877,12 +3885,16 @@ bool is_valid_writeX_buffer(const char *inbuf) } if (numtowrite == 0) { + DEBUG(10,("is_valid_writeX_buffer: zero write\n")); return false; } /* Ensure the sizes match up. */ if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) { /* no pad byte...old smbclient :-( */ + DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n", + (unsigned int)doff, + (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE)); return false; } @@ -3939,6 +3951,12 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) } if (req->unread_bytes) { + /* Can't do a recvfile write on IPC$ */ + if (IS_IPC(conn)) { + reply_nterror(req, NT_STATUS_INVALID_PARAMETER); + END_PROFILE(SMBwriteX); + return; + } if (numtowrite != req->unread_bytes) { reply_doserror(req, ERRDOS, ERRbadmem); END_PROFILE(SMBwriteX); -- cgit From addf598cde41d17ad4cf497a64b9a2b27e4028c5 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 20 Dec 2007 22:17:16 +0100 Subject: Some C++ warnings (This used to be commit 5ab82d4f574f2a2e2761e9e414c66a70aeffb05d) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 45081808e1..575ca13ff6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1163,8 +1163,8 @@ void reply_dskattr(connection_struct *conn, struct smb_request *req) total_space = dsize * (double)bsize; free_space = dfree * (double)bsize; - dsize = (total_space+63*512) / (64*512); - dfree = (free_space+63*512) / (64*512); + dsize = (SMB_BIG_UINT)((total_space+63*512) / (64*512)); + dfree = (SMB_BIG_UINT)((free_space+63*512) / (64*512)); if (dsize > 0xFFFF) dsize = 0xFFFF; if (dfree > 0xFFFF) dfree = 0xFFFF; -- cgit From afc93255d183eefb68e45b8ec6275f6a62cf9795 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 26 Dec 2007 17:12:36 -0800 Subject: Add SMB encryption. Still fixing client decrypt but negotiation works. Jeremy. (This used to be commit d78045601af787731f0737b8627450018902b104) --- source3/smbd/reply.c | 35 +++++++++++++++++++++++------------ 1 file changed, 23 insertions(+), 12 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 575ca13ff6..2707aee9c8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2791,8 +2791,8 @@ void reply_readbraw(connection_struct *conn, struct smb_request *req) START_PROFILE(SMBreadbraw); - if (srv_is_signing_active()) { - exit_server_cleanly("reply_readbraw: SMB signing is active - " + if (srv_is_signing_active() || srv_encryption_on()) { + exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - " "raw reads/writes are disallowed."); } @@ -3017,7 +3017,8 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", return; } - set_message((char *)req->outbuf, 5, nread+3, False); + srv_set_message((const char *)req->inbuf, + (char *)req->outbuf, 5, nread+3, False); SSVAL(req->outbuf,smb_vwv0,nread); SSVAL(req->outbuf,smb_vwv5,nread+3); @@ -3104,7 +3105,8 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", return; } - set_message((char *)req->outbuf, 5, nread+3, False); + srv_set_message((const char *)req->inbuf, + (char *)req->outbuf, 5, nread+3, False); SSVAL(req->outbuf,smb_vwv0,nread); SSVAL(req->outbuf,smb_vwv5,nread+3); @@ -3122,12 +3124,12 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", Setup readX header. ****************************************************************************/ -static int setup_readX_header(char *outbuf, size_t smb_maxcnt) +static int setup_readX_header(const char *inbuf, char *outbuf, size_t smb_maxcnt) { int outsize; char *data; - outsize = set_message(outbuf,12,smb_maxcnt,False); + outsize = srv_set_message(inbuf, outbuf,12,smb_maxcnt,False); data = smb_buf(outbuf); memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */ @@ -3190,7 +3192,8 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, header = data_blob_const(headerbuf, sizeof(headerbuf)); construct_reply_common((char *)req->inbuf, (char *)headerbuf); - setup_readX_header((char *)headerbuf, smb_maxcnt); + setup_readX_header((const char *)req->inbuf, + (char *)headerbuf, smb_maxcnt); if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) { /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ @@ -3241,7 +3244,8 @@ normal_read: uint8 headerbuf[smb_size + 2*12]; construct_reply_common((char *)req->inbuf, (char *)headerbuf); - setup_readX_header((char *)headerbuf, smb_maxcnt); + setup_readX_header((const char *)req->inbuf, + (char *)headerbuf, smb_maxcnt); /* Send out the header. */ if (write_data(smbd_server_fd(), (char *)headerbuf, @@ -3268,7 +3272,8 @@ normal_read: return; } - setup_readX_header((char *)req->outbuf, nread); + setup_readX_header((const char *)req->inbuf, + (char *)req->outbuf, nread); DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); @@ -3332,8 +3337,8 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) END_PROFILE(SMBreadX); return; } - /* We currently don't do this on signed data. */ - if (srv_is_signing_active()) { + /* We currently don't do this on signed or sealed data. */ + if (srv_is_signing_active() || srv_encryption_on()) { reply_nterror(req, NT_STATUS_NOT_SUPPORTED); END_PROFILE(SMBreadX); return; @@ -3524,7 +3529,7 @@ void reply_writebraw(connection_struct *conn, struct smb_request *req) * it to send more bytes */ memcpy(buf, req->inbuf, smb_size); - outsize = set_message(buf, + outsize = srv_set_message((const char *)req->inbuf, buf, Protocol>PROTOCOL_COREPLUS?1:0,0,True); SCVAL(buf,smb_com,SMBwritebraw); SSVALS(buf,smb_vwv0,0xFFFF); @@ -3856,6 +3861,12 @@ bool is_valid_writeX_buffer(const char *inbuf) unsigned int doff = 0; size_t len = smb_len_large(inbuf); + if (srv_encryption_on()) { + /* Can't do this on encrypted + * connections. */ + return false; + } + if (CVAL(inbuf,smb_com) != SMBwriteX) { return false; } -- cgit From c1328242652e4d61348cf00ba66e52485f4bbcaf Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 7 Dec 2007 14:19:07 +0100 Subject: Convert reply_open to create_file (This used to be commit 209c696ab8490564ec9e30f6f07b9c72af3ed2e1) --- source3/smbd/reply.c | 59 +++++++++++++++++----------------------------------- 1 file changed, 19 insertions(+), 40 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2707aee9c8..452b803f9c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1597,51 +1597,30 @@ void reply_open(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath(ctx, conn, - req->flags2 & FLAGS2_DFS_PATHNAMES, - fname, - &fname); - if (!NT_STATUS_IS_OK(status)) { - if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, - ERRSRV, ERRbadpath); - END_PROFILE(SMBopen); - return; - } - reply_nterror(req, status); - END_PROFILE(SMBopen); - return; - } - - status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf); - if (!NT_STATUS_IS_OK(status)) { - reply_nterror(req, status); - END_PROFILE(SMBopen); - return; - } - - status = check_name(conn, fname); - if (!NT_STATUS_IS_OK(status)) { - reply_nterror(req, status); - END_PROFILE(SMBopen); - return; - } - - if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN, - &access_mask, &share_mode, &create_disposition, &create_options)) { + if (!map_open_params_to_ntcreate( + fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask, + &share_mode, &create_disposition, &create_options)) { reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess)); END_PROFILE(SMBopen); return; } - status = open_file_ntcreate(conn, req, fname, &sbuf, - access_mask, - share_mode, - create_disposition, - create_options, - dos_attr, - oplock_request, - &info, &fsp); + status = create_file(conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_mode, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + dos_attr, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &info, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(req->mid)) { -- cgit From cc322c708c3ba3e73b9788ca27a233873effb88b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 7 Dec 2007 14:23:10 +0100 Subject: Convert reply_open_and_X to create_file (This used to be commit fa09b9ab26657af9bd6dcf3fcc7311d5983a591d) --- source3/smbd/reply.c | 61 ++++++++++++++++------------------------------------ 1 file changed, 19 insertions(+), 42 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 452b803f9c..4b873037b5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1741,53 +1741,30 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath(ctx, conn, - req->flags2 & FLAGS2_DFS_PATHNAMES, - fname, - &fname); - if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBopenX); - if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, - ERRSRV, ERRbadpath); - return; - } - reply_nterror(req, status); - return; - } - - status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf); - if (!NT_STATUS_IS_OK(status)) { - reply_nterror(req, status); - END_PROFILE(SMBopenX); - return; - } - - status = check_name(conn, fname); - if (!NT_STATUS_IS_OK(status)) { - reply_nterror(req, status); - END_PROFILE(SMBopenX); - return; - } - - if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun, - &access_mask, - &share_mode, - &create_disposition, - &create_options)) { + if (!map_open_params_to_ntcreate( + fname, deny_mode, smb_ofun, &access_mask, + &share_mode, &create_disposition, &create_options)) { reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess)); END_PROFILE(SMBopenX); return; } - status = open_file_ntcreate(conn, req, fname, &sbuf, - access_mask, - share_mode, - create_disposition, - create_options, - smb_attr, - oplock_request, - &smb_action, &fsp); + status = create_file(conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_mode, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + smb_attr, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + &smb_action, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBopenX); -- cgit From 8ad3db1d2be41f8afca66f1db52560d026ea3845 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 8 Dec 2007 12:05:41 +0100 Subject: Convert reply_mknew to create_file (This used to be commit 1b1cea9ef04a85a2fdd3c8574f7c4db559b7d9b6) --- source3/smbd/reply.c | 54 ++++++++++++++++------------------------------------ 1 file changed, 16 insertions(+), 38 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4b873037b5..c859efd370 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1938,35 +1938,6 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) return; } - status = resolve_dfspath(ctx, conn, - req->flags2 & FLAGS2_DFS_PATHNAMES, - fname, - &fname); - if (!NT_STATUS_IS_OK(status)) { - END_PROFILE(SMBcreate); - if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) { - reply_botherror(req, NT_STATUS_PATH_NOT_COVERED, - ERRSRV, ERRbadpath); - return; - } - reply_nterror(req, status); - return; - } - - status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf); - if (!NT_STATUS_IS_OK(status)) { - reply_nterror(req, status); - END_PROFILE(SMBcreate); - return; - } - - status = check_name(conn, fname); - if (!NT_STATUS_IS_OK(status)) { - reply_nterror(req, status); - END_PROFILE(SMBcreate); - return; - } - if (fattr & aVOLID) { DEBUG(0,("Attempt to create file (%s) with volid set - " "please report this\n", fname)); @@ -1980,15 +1951,22 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) create_disposition = FILE_OVERWRITE_IF; } - /* Open file using ntcreate. */ - status = open_file_ntcreate(conn, req, fname, &sbuf, - access_mask, - share_mode, - create_disposition, - create_options, - fattr, - oplock_request, - NULL, &fsp); + status = create_file(conn, /* conn */ + req, /* req */ + 0, /* root_dir_fid */ + fname, /* fname */ + access_mask, /* access_mask */ + share_mode, /* share_access */ + create_disposition, /* create_disposition*/ + create_options, /* create_options */ + fattr, /* file_attributes */ + oplock_request, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); -- cgit From 9254bb4ef1c3c3a52ea8e935edb0e7a86ec3ea7a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 4 Jan 2008 12:56:23 -0800 Subject: Refactor the crypto code after a very helpful conversation with Volker. Mostly making sure we have data on the incoming packet type, not stored in the smb header. Jeremy. (This used to be commit c4e5a505043965eec77b5bb9bc60957e8f3b97c8) --- source3/smbd/reply.c | 55 +++++++++++++++++++++++++++------------------------- 1 file changed, 29 insertions(+), 26 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index c859efd370..b6efccdb15 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -391,7 +391,7 @@ void reply_special(char *inbuf) /* * We only really use 4 bytes of the outbuf, but for the smb_setlen - * calculation & friends (send_smb uses that) we need the full smb + * calculation & friends (srv_send_smb uses that) we need the full smb * header. */ char outbuf[smb_size]; @@ -470,7 +470,7 @@ void reply_special(char *inbuf) DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n", msg_type, msg_flags)); - send_smb(smbd_server_fd(), outbuf); + srv_send_smb(smbd_server_fd(), outbuf, false); return; } @@ -523,6 +523,7 @@ void reply_tcon(connection_struct *conn, struct smb_request *req) password_blob = data_blob(password, pwlen+1); conn = make_connection(service,password_blob,dev,req->vuid,&nt_status); + req->conn = conn; data_blob_clear_free(&password_blob); @@ -578,6 +579,7 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) /* we might have to close an old one */ if ((tcon_flags & 0x1) && conn) { close_cnum(conn,req->vuid); + req->conn = NULL; } if ((passlen > MAX_PASS_LEN) || (passlen >= smb_buflen(req->inbuf))) { @@ -646,6 +648,7 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) conn = make_connection(service, password, client_devicetype, req->vuid, &nt_status); + req->conn =conn; data_blob_clear_free(&password); @@ -2725,7 +2728,7 @@ void reply_readbraw(connection_struct *conn, struct smb_request *req) START_PROFILE(SMBreadbraw); - if (srv_is_signing_active() || srv_encryption_on()) { + if (srv_is_signing_active() || is_encrypted_packet(req->inbuf)) { exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - " "raw reads/writes are disallowed."); } @@ -2951,8 +2954,7 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", return; } - srv_set_message((const char *)req->inbuf, - (char *)req->outbuf, 5, nread+3, False); + srv_set_message((char *)req->outbuf, 5, nread+3, False); SSVAL(req->outbuf,smb_vwv0,nread); SSVAL(req->outbuf,smb_vwv5,nread+3); @@ -3039,8 +3041,7 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", return; } - srv_set_message((const char *)req->inbuf, - (char *)req->outbuf, 5, nread+3, False); + srv_set_message((char *)req->outbuf, 5, nread+3, False); SSVAL(req->outbuf,smb_vwv0,nread); SSVAL(req->outbuf,smb_vwv5,nread+3); @@ -3058,12 +3059,12 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", Setup readX header. ****************************************************************************/ -static int setup_readX_header(const char *inbuf, char *outbuf, size_t smb_maxcnt) +static int setup_readX_header(char *outbuf, size_t smb_maxcnt) { int outsize; char *data; - outsize = srv_set_message(inbuf, outbuf,12,smb_maxcnt,False); + outsize = srv_set_message(outbuf,12,smb_maxcnt,False); data = smb_buf(outbuf); memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */ @@ -3113,6 +3114,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, */ if ((chain_size == 0) && (CVAL(req->inbuf,smb_vwv0) == 0xFF) && + !is_encrypted_packet(req->inbuf) && lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) { uint8 headerbuf[smb_size + 12 * 2]; DATA_BLOB header; @@ -3126,8 +3128,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, header = data_blob_const(headerbuf, sizeof(headerbuf)); construct_reply_common((char *)req->inbuf, (char *)headerbuf); - setup_readX_header((const char *)req->inbuf, - (char *)headerbuf, smb_maxcnt); + setup_readX_header((char *)headerbuf, smb_maxcnt); if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) { /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ @@ -3178,8 +3179,7 @@ normal_read: uint8 headerbuf[smb_size + 2*12]; construct_reply_common((char *)req->inbuf, (char *)headerbuf); - setup_readX_header((const char *)req->inbuf, - (char *)headerbuf, smb_maxcnt); + setup_readX_header((char *)headerbuf, smb_maxcnt); /* Send out the header. */ if (write_data(smbd_server_fd(), (char *)headerbuf, @@ -3206,8 +3206,7 @@ normal_read: return; } - setup_readX_header((const char *)req->inbuf, - (char *)req->outbuf, nread); + setup_readX_header((char *)req->outbuf, nread); DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", fsp->fnum, (int)smb_maxcnt, (int)nread ) ); @@ -3272,7 +3271,7 @@ void reply_read_and_X(connection_struct *conn, struct smb_request *req) return; } /* We currently don't do this on signed or sealed data. */ - if (srv_is_signing_active() || srv_encryption_on()) { + if (srv_is_signing_active() || is_encrypted_packet(req->inbuf)) { reply_nterror(req, NT_STATUS_NOT_SUPPORTED); END_PROFILE(SMBreadX); return; @@ -3463,13 +3462,15 @@ void reply_writebraw(connection_struct *conn, struct smb_request *req) * it to send more bytes */ memcpy(buf, req->inbuf, smb_size); - outsize = srv_set_message((const char *)req->inbuf, buf, + outsize = srv_set_message(buf, Protocol>PROTOCOL_COREPLUS?1:0,0,True); SCVAL(buf,smb_com,SMBwritebraw); SSVALS(buf,smb_vwv0,0xFFFF); show_msg(buf); - if (!send_smb(smbd_server_fd(),buf)) { - exit_server_cleanly("reply_writebraw: send_smb " + if (!srv_send_smb(smbd_server_fd(), + buf, + IS_CONN_ENCRYPTED(conn))) { + exit_server_cleanly("reply_writebraw: srv_send_smb " "failed."); } @@ -3788,14 +3789,14 @@ void reply_write(connection_struct *conn, struct smb_request *req) (2*14) + /* word count (including bcc) */ \ 1 /* pad byte */) -bool is_valid_writeX_buffer(const char *inbuf) +bool is_valid_writeX_buffer(const uint8_t *inbuf) { size_t numtowrite; connection_struct *conn = NULL; unsigned int doff = 0; size_t len = smb_len_large(inbuf); - if (srv_encryption_on()) { + if (is_encrypted_packet(inbuf)) { /* Can't do this on encrypted * connections. */ return false; @@ -4476,6 +4477,7 @@ void reply_tdis(connection_struct *conn, struct smb_request *req) conn->used = False; close_cnum(conn,req->vuid); + req->conn = NULL; reply_outbuf(req, 0, 0); END_PROFILE(SMBtdis); @@ -4526,8 +4528,10 @@ void reply_echo(connection_struct *conn, struct smb_request *req) SSVAL(req->outbuf,smb_vwv0,seq_num); show_msg((char *)req->outbuf); - if (!send_smb(smbd_server_fd(),(char *)req->outbuf)) - exit_server_cleanly("reply_echo: send_smb failed."); + if (!srv_send_smb(smbd_server_fd(), + (char *)req->outbuf, + IS_CONN_ENCRYPTED(conn)||req->encrypted)) + exit_server_cleanly("reply_echo: srv_send_smb failed."); } DEBUG(3,("echo %d times\n", smb_reverb)); @@ -4830,7 +4834,7 @@ void reply_mkdir(connection_struct *conn, struct smb_request *req) return; } - status = create_directory(conn, directory); + status = create_directory(conn, req, directory); DEBUG(5, ("create_directory returned %s\n", nt_errstr(status))); @@ -6803,8 +6807,7 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) * onto the blocking lock queue. */ if(push_blocking_lock_request(br_lck, - (char *)req->inbuf, - smb_len(req->inbuf)+4, + req, fsp, lock_timeout, i, -- cgit From 29562987c393ef7e908aa02ee7ba00a83f3db520 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 4 Jan 2008 15:37:24 -0800 Subject: Now conn is part of smb_request, we don't need it as an extra parameter. This cleans up quite a few places we were passing it around without needing it. Jeremy. (This used to be commit 8f36def18e9f980e8db522e1de41e80cfd5f466e) --- source3/smbd/reply.c | 147 ++++++++++++++++++++++++++++++--------------------- 1 file changed, 88 insertions(+), 59 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b6efccdb15..d5e683ca3c 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -479,8 +479,9 @@ void reply_special(char *inbuf) conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -void reply_tcon(connection_struct *conn, struct smb_request *req) +void reply_tcon(struct smb_request *req) { + connection_struct *conn = req->conn; const char *service; char *service_buf = NULL; char *password = NULL; @@ -550,8 +551,9 @@ void reply_tcon(connection_struct *conn, struct smb_request *req) conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) +void reply_tcon_and_X(struct smb_request *req) { + connection_struct *conn = req->conn; char *service = NULL; DATA_BLOB password; TALLOC_CTX *ctx = talloc_tos(); @@ -580,6 +582,7 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) if ((tcon_flags & 0x1) && conn) { close_cnum(conn,req->vuid); req->conn = NULL; + conn = NULL; } if ((passlen > MAX_PASS_LEN) || (passlen >= smb_buflen(req->inbuf))) { @@ -734,17 +737,6 @@ void reply_tcon_and_X(connection_struct *conn, struct smb_request *req) Reply to an unknown type. ****************************************************************************/ -int reply_unknown(char *inbuf,char *outbuf) -{ - int type; - type = CVAL(inbuf,smb_com); - - DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n", - smb_fn_name(type), type, type)); - - return(ERROR_DOS(ERRSRV,ERRunknownsmb)); -} - void reply_unknown_new(struct smb_request *req, uint8 type) { DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n", @@ -758,8 +750,9 @@ void reply_unknown_new(struct smb_request *req, uint8 type) conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -void reply_ioctl(connection_struct *conn, struct smb_request *req) +void reply_ioctl(struct smb_request *req) { + connection_struct *conn = req->conn; uint16 device; uint16 function; uint32 ioctl_code; @@ -847,8 +840,9 @@ static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status) Reply to a checkpath. ****************************************************************************/ -void reply_checkpath(connection_struct *conn, struct smb_request *req) +void reply_checkpath(struct smb_request *req) { + connection_struct *conn = req->conn; char *name = NULL; SMB_STRUCT_STAT sbuf; NTSTATUS status; @@ -941,8 +935,9 @@ void reply_checkpath(connection_struct *conn, struct smb_request *req) Reply to a getatr. ****************************************************************************/ -void reply_getatr(connection_struct *conn, struct smb_request *req) +void reply_getatr(struct smb_request *req) { + connection_struct *conn = req->conn; char *fname = NULL; SMB_STRUCT_STAT sbuf; int mode=0; @@ -1042,8 +1037,9 @@ void reply_getatr(connection_struct *conn, struct smb_request *req) Reply to a setatr. ****************************************************************************/ -void reply_setatr(connection_struct *conn, struct smb_request *req) +void reply_setatr(struct smb_request *req) { + connection_struct *conn = req->conn; char *fname = NULL; int mode; time_t mtime; @@ -1142,8 +1138,9 @@ void reply_setatr(connection_struct *conn, struct smb_request *req) Reply to a dskattr. ****************************************************************************/ -void reply_dskattr(connection_struct *conn, struct smb_request *req) +void reply_dskattr(struct smb_request *req) { + connection_struct *conn = req->conn; SMB_BIG_UINT dfree,dsize,bsize; START_PROFILE(SMBdskattr); @@ -1194,8 +1191,9 @@ void reply_dskattr(connection_struct *conn, struct smb_request *req) Can be called from SMBsearch, SMBffirst or SMBfunique. ****************************************************************************/ -void reply_search(connection_struct *conn, struct smb_request *req) +void reply_search(struct smb_request *req) { + connection_struct *conn = req->conn; char *mask = NULL; char *directory = NULL; char *fname = NULL; @@ -1496,7 +1494,7 @@ void reply_search(connection_struct *conn, struct smb_request *req) Reply to a fclose (stop directory search). ****************************************************************************/ -void reply_fclose(connection_struct *conn, struct smb_request *req) +void reply_fclose(struct smb_request *req) { int status_len; char status[21]; @@ -1560,8 +1558,9 @@ void reply_fclose(connection_struct *conn, struct smb_request *req) Reply to an open. ****************************************************************************/ -void reply_open(connection_struct *conn, struct smb_request *req) +void reply_open(struct smb_request *req) { + connection_struct *conn = req->conn; char *fname = NULL; uint32 fattr=0; SMB_OFF_T size = 0; @@ -1676,8 +1675,9 @@ void reply_open(connection_struct *conn, struct smb_request *req) Reply to an open and X. ****************************************************************************/ -void reply_open_and_X(connection_struct *conn, struct smb_request *req) +void reply_open_and_X(struct smb_request *req) { + connection_struct *conn = req->conn; char *fname = NULL; uint16 open_flags; int deny_mode; @@ -1864,10 +1864,9 @@ void reply_open_and_X(connection_struct *conn, struct smb_request *req) /**************************************************************************** Reply to a SMBulogoffX. - conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -void reply_ulogoffX(connection_struct *conn, struct smb_request *req) +void reply_ulogoffX(struct smb_request *req) { user_struct *vuser; @@ -1900,8 +1899,9 @@ void reply_ulogoffX(connection_struct *conn, struct smb_request *req) Reply to a mknew or a create. ****************************************************************************/ -void reply_mknew(connection_struct *conn, struct smb_request *req) +void reply_mknew(struct smb_request *req) { + connection_struct *conn = req->conn; char *fname = NULL; int com; uint32 fattr = 0; @@ -2009,8 +2009,9 @@ void reply_mknew(connection_struct *conn, struct smb_request *req) Reply to a create temporary file. ****************************************************************************/ -void reply_ctemp(connection_struct *conn, struct smb_request *req) +void reply_ctemp(struct smb_request *req) { + connection_struct *conn = req->conn; char *fname = NULL; uint32 fattr; files_struct *fsp; @@ -2475,8 +2476,9 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, Reply to a unlink ****************************************************************************/ -void reply_unlink(connection_struct *conn, struct smb_request *req) +void reply_unlink(struct smb_request *req) { + connection_struct *conn = req->conn; char *name = NULL; uint32 dirtype; NTSTATUS status; @@ -2717,8 +2719,9 @@ normal_readbraw: Reply to a readbraw (core+ protocol). ****************************************************************************/ -void reply_readbraw(connection_struct *conn, struct smb_request *req) +void reply_readbraw(struct smb_request *req) { + connection_struct *conn = req->conn; ssize_t maxcount,mincount; size_t nread = 0; SMB_OFF_T startpos; @@ -2867,8 +2870,9 @@ void reply_readbraw(connection_struct *conn, struct smb_request *req) Reply to a lockread (core+ protocol). ****************************************************************************/ -void reply_lockread(connection_struct *conn, struct smb_request *req) +void reply_lockread(struct smb_request *req) { + connection_struct *conn = req->conn; ssize_t nread = -1; char *data; SMB_OFF_T startpos; @@ -2976,8 +2980,9 @@ Returning short read of maximum allowed for compatibility with Windows 2000.\n", Reply to a read. ****************************************************************************/ -void reply_read(connection_struct *conn, struct smb_request *req) +void reply_read(struct smb_request *req) { + connection_struct *conn = req->conn; size_t numtoread; ssize_t nread = 0; char *data; @@ -3221,8 +3226,9 @@ normal_read: Reply to a read and X. ****************************************************************************/ -void reply_read_and_X(connection_struct *conn, struct smb_request *req) +void reply_read_and_X(struct smb_request *req) { + connection_struct *conn = req->conn; files_struct *fsp; SMB_OFF_T startpos; size_t smb_maxcnt; @@ -3350,8 +3356,9 @@ void error_to_writebrawerr(struct smb_request *req) Reply to a writebraw (core+ or LANMAN1.0 protocol). ****************************************************************************/ -void reply_writebraw(connection_struct *conn, struct smb_request *req) +void reply_writebraw(struct smb_request *req) { + connection_struct *conn = req->conn; int outsize = 0; char *buf = NULL; ssize_t nwritten=0; @@ -3579,8 +3586,9 @@ void reply_writebraw(connection_struct *conn, struct smb_request *req) Reply to a writeunlock (core+). ****************************************************************************/ -void reply_writeunlock(connection_struct *conn, struct smb_request *req) +void reply_writeunlock(struct smb_request *req) { + connection_struct *conn = req->conn; ssize_t nwritten = -1; size_t numtowrite; SMB_OFF_T startpos; @@ -3678,8 +3686,9 @@ void reply_writeunlock(connection_struct *conn, struct smb_request *req) Reply to a write. ****************************************************************************/ -void reply_write(connection_struct *conn, struct smb_request *req) +void reply_write(struct smb_request *req) { + connection_struct *conn = req->conn; size_t numtowrite; ssize_t nwritten = -1; SMB_OFF_T startpos; @@ -3866,8 +3875,9 @@ bool is_valid_writeX_buffer(const uint8_t *inbuf) Reply to a write and X. ****************************************************************************/ -void reply_write_and_X(connection_struct *conn, struct smb_request *req) +void reply_write_and_X(struct smb_request *req) { + connection_struct *conn = req->conn; files_struct *fsp; SMB_OFF_T startpos; size_t numtowrite; @@ -4034,8 +4044,9 @@ void reply_write_and_X(connection_struct *conn, struct smb_request *req) Reply to a lseek. ****************************************************************************/ -void reply_lseek(connection_struct *conn, struct smb_request *req) +void reply_lseek(struct smb_request *req) { + connection_struct *conn = req->conn; SMB_OFF_T startpos; SMB_OFF_T res= -1; int mode,umode; @@ -4121,8 +4132,9 @@ void reply_lseek(connection_struct *conn, struct smb_request *req) Reply to a flush. ****************************************************************************/ -void reply_flush(connection_struct *conn, struct smb_request *req) +void reply_flush(struct smb_request *req) { + connection_struct *conn = req->conn; uint16 fnum; files_struct *fsp; @@ -4165,7 +4177,7 @@ void reply_flush(connection_struct *conn, struct smb_request *req) conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -void reply_exit(connection_struct *conn, struct smb_request *req) +void reply_exit(struct smb_request *req) { START_PROFILE(SMBexit); @@ -4183,8 +4195,9 @@ void reply_exit(connection_struct *conn, struct smb_request *req) Reply to a close - has to deal with closing a directory opened by NT SMB's. ****************************************************************************/ -void reply_close(connection_struct *conn, struct smb_request *req) +void reply_close(struct smb_request *req) { + connection_struct *conn = req->conn; NTSTATUS status = NT_STATUS_OK; files_struct *fsp = NULL; START_PROFILE(SMBclose); @@ -4261,8 +4274,9 @@ void reply_close(connection_struct *conn, struct smb_request *req) Reply to a writeclose (Core+ protocol). ****************************************************************************/ -void reply_writeclose(connection_struct *conn, struct smb_request *req) +void reply_writeclose(struct smb_request *req) { + connection_struct *conn = req->conn; size_t numtowrite; ssize_t nwritten = -1; NTSTATUS close_status = NT_STATUS_OK; @@ -4350,8 +4364,9 @@ void reply_writeclose(connection_struct *conn, struct smb_request *req) Reply to a lock. ****************************************************************************/ -void reply_lock(connection_struct *conn, struct smb_request *req) +void reply_lock(struct smb_request *req) { + connection_struct *conn = req->conn; SMB_BIG_UINT count,offset; NTSTATUS status; files_struct *fsp; @@ -4409,8 +4424,9 @@ void reply_lock(connection_struct *conn, struct smb_request *req) Reply to a unlock. ****************************************************************************/ -void reply_unlock(connection_struct *conn, struct smb_request *req) +void reply_unlock(struct smb_request *req) { + connection_struct *conn = req->conn; SMB_BIG_UINT count,offset; NTSTATUS status; files_struct *fsp; @@ -4463,8 +4479,9 @@ void reply_unlock(connection_struct *conn, struct smb_request *req) conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -void reply_tdis(connection_struct *conn, struct smb_request *req) +void reply_tdis(struct smb_request *req) { + connection_struct *conn = req->conn; START_PROFILE(SMBtdis); if (!conn) { @@ -4489,8 +4506,9 @@ void reply_tdis(connection_struct *conn, struct smb_request *req) conn POINTER CAN BE NULL HERE ! ****************************************************************************/ -void reply_echo(connection_struct *conn, struct smb_request *req) +void reply_echo(struct smb_request *req) { + connection_struct *conn = req->conn; int smb_reverb; int seq_num; unsigned int data_len = smb_buflen(req->inbuf); @@ -4548,8 +4566,9 @@ void reply_echo(connection_struct *conn, struct smb_request *req) Reply to a printopen. ****************************************************************************/ -void reply_printopen(connection_struct *conn, struct smb_request *req) +void reply_printopen(struct smb_request *req) { + connection_struct *conn = req->conn; files_struct *fsp; NTSTATUS status; @@ -4590,8 +4609,9 @@ void reply_printopen(connection_struct *conn, struct smb_request *req) Reply to a printclose. ****************************************************************************/ -void reply_printclose(connection_struct *conn, struct smb_request *req) +void reply_printclose(struct smb_request *req) { + connection_struct *conn = req->conn; files_struct *fsp; NTSTATUS status; @@ -4635,8 +4655,9 @@ void reply_printclose(connection_struct *conn, struct smb_request *req) Reply to a printqueue. ****************************************************************************/ -void reply_printqueue(connection_struct *conn, struct smb_request *req) +void reply_printqueue(struct smb_request *req) { + connection_struct *conn = req->conn; int max_count; int start_index; @@ -4727,8 +4748,9 @@ void reply_printqueue(connection_struct *conn, struct smb_request *req) Reply to a printwrite. ****************************************************************************/ -void reply_printwrite(connection_struct *conn, struct smb_request *req) +void reply_printwrite(struct smb_request *req) { + connection_struct *conn = req->conn; int numtowrite; char *data; files_struct *fsp; @@ -4786,8 +4808,9 @@ void reply_printwrite(connection_struct *conn, struct smb_request *req) Reply to a mkdir. ****************************************************************************/ -void reply_mkdir(connection_struct *conn, struct smb_request *req) +void reply_mkdir(struct smb_request *req) { + connection_struct *conn = req->conn; char *directory = NULL; NTSTATUS status; SMB_STRUCT_STAT sbuf; @@ -5054,8 +5077,9 @@ NTSTATUS rmdir_internals(TALLOC_CTX *ctx, Reply to a rmdir. ****************************************************************************/ -void reply_rmdir(connection_struct *conn, struct smb_request *req) +void reply_rmdir(struct smb_request *req) { + connection_struct *conn = req->conn; char *directory = NULL; SMB_STRUCT_STAT sbuf; NTSTATUS status; @@ -5838,8 +5862,9 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, Reply to a mv. ****************************************************************************/ -void reply_mv(connection_struct *conn, struct smb_request *req) +void reply_mv(struct smb_request *req) { + connection_struct *conn = req->conn; char *name = NULL; char *newname = NULL; char *p; @@ -6069,8 +6094,9 @@ NTSTATUS copy_file(TALLOC_CTX *ctx, Reply to a file copy. ****************************************************************************/ -void reply_copy(connection_struct *conn, struct smb_request *req) +void reply_copy(struct smb_request *req) { + connection_struct *conn = req->conn; char *name = NULL; char *newname = NULL; char *directory = NULL; @@ -6532,8 +6558,9 @@ SMB_BIG_UINT get_lock_offset( char *data, int data_offset, bool large_file_forma Reply to a lockingX request. ****************************************************************************/ -void reply_lockingX(connection_struct *conn, struct smb_request *req) +void reply_lockingX(struct smb_request *req) { + connection_struct *conn = req->conn; files_struct *fsp; unsigned char locktype; unsigned char oplocklevel; @@ -6890,7 +6917,7 @@ void reply_lockingX(connection_struct *conn, struct smb_request *req) please contact vl@samba.org ****************************************************************************/ -void reply_readbmpx(connection_struct *conn, struct smb_request *req) +void reply_readbmpx(struct smb_request *req) { START_PROFILE(SMBreadBmpx); reply_doserror(req, ERRSRV, ERRuseSTD); @@ -6904,7 +6931,7 @@ void reply_readbmpx(connection_struct *conn, struct smb_request *req) please contact vl@samba.org ****************************************************************************/ -void reply_readbs(connection_struct *conn, struct smb_request *req) +void reply_readbs(struct smb_request *req) { START_PROFILE(SMBreadBs); reply_doserror(req, ERRSRV, ERRuseSTD); @@ -6916,8 +6943,9 @@ void reply_readbs(connection_struct *conn, struct smb_request *req) Reply to a SMBsetattrE. ****************************************************************************/ -void reply_setattrE(connection_struct *conn, struct smb_request *req) +void reply_setattrE(struct smb_request *req) { + connection_struct *conn = req->conn; struct timespec ts[2]; files_struct *fsp; @@ -6994,7 +7022,7 @@ void reply_setattrE(connection_struct *conn, struct smb_request *req) please contact vl@samba.org ****************************************************************************/ -void reply_writebmpx(connection_struct *conn, struct smb_request *req) +void reply_writebmpx(struct smb_request *req) { START_PROFILE(SMBwriteBmpx); reply_doserror(req, ERRSRV, ERRuseSTD); @@ -7008,7 +7036,7 @@ void reply_writebmpx(connection_struct *conn, struct smb_request *req) please contact vl@samba.org ****************************************************************************/ -void reply_writebs(connection_struct *conn, struct smb_request *req) +void reply_writebs(struct smb_request *req) { START_PROFILE(SMBwriteBs); reply_doserror(req, ERRSRV, ERRuseSTD); @@ -7020,8 +7048,9 @@ void reply_writebs(connection_struct *conn, struct smb_request *req) Reply to a SMBgetattrE. ****************************************************************************/ -void reply_getattrE(connection_struct *conn, struct smb_request *req) +void reply_getattrE(struct smb_request *req) { + connection_struct *conn = req->conn; SMB_STRUCT_STAT sbuf; int mode; files_struct *fsp; -- cgit From 6f657c873efa4779e762a8f9ede97e19da6fb7ec Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 7 Jan 2008 10:15:08 +0100 Subject: Remove redundant parameter fd from SMB_VFS_LSEEK(). Michael (This used to be commit df929796f2698698d2875227bda8500589cca2df) --- source3/smbd/reply.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d5e683ca3c..910e3a27a6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4091,7 +4091,7 @@ void reply_lseek(struct smb_request *req) } if (umode == SEEK_END) { - if((res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,startpos,umode)) == -1) { + if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) { if(errno == EINVAL) { SMB_OFF_T current_pos = startpos; SMB_STRUCT_STAT sbuf; @@ -4105,7 +4105,7 @@ void reply_lseek(struct smb_request *req) current_pos += sbuf.st_size; if(current_pos < 0) - res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,0,SEEK_SET); + res = SMB_VFS_LSEEK(fsp,0,SEEK_SET); } } @@ -6052,7 +6052,7 @@ NTSTATUS copy_file(TALLOC_CTX *ctx, } if ((ofun&3) == 1) { - if(SMB_VFS_LSEEK(fsp2,fsp2->fh->fd,0,SEEK_END) == -1) { + if(SMB_VFS_LSEEK(fsp2,0,SEEK_END) == -1) { DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) )); /* * Stop the copy from occurring. -- cgit From 87a684f7fcfa8d9fabc42e33981299d0b33eeeb7 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 7 Jan 2008 13:21:26 +0100 Subject: Remove redundant parameter fd from SMB_VFS_FSTAT(). Michael (This used to be commit 0b86c420be94d295f6917a220b5d699f65b46711) --- source3/smbd/reply.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 910e3a27a6..27f380a627 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2835,7 +2835,7 @@ void reply_readbraw(struct smb_request *req) return; } - if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) { + if (SMB_VFS_FSTAT(fsp, &st) == 0) { size = st.st_size; } @@ -3096,7 +3096,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, SMB_STRUCT_STAT sbuf; ssize_t nread = -1; - if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) { + if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) { reply_unixerror(req, ERRDOS, ERRnoaccess); return; } @@ -4096,7 +4096,7 @@ void reply_lseek(struct smb_request *req) SMB_OFF_T current_pos = startpos; SMB_STRUCT_STAT sbuf; - if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) { + if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) { reply_unixerror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBlseek); @@ -5485,7 +5485,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, /* Ensure we have a valid stat struct for the source. */ if (fsp->fh->fd != -1) { - if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) == -1) { + if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) { return map_nt_error_from_unix(errno); } } else { -- cgit From 2371d31f64e8b1238e86d86c5b6f20ac5a842799 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 8 Jan 2008 18:44:19 -0800 Subject: Fix resource leak found by coverity (CID 521). Jeremy. (This used to be commit acfb233acc7324b8d431d5cb777a1933d173b3dc) --- source3/smbd/reply.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 27f380a627..a796a3193b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -6355,6 +6355,7 @@ void reply_copy(struct smb_request *req) directory, dname); if (!fname) { + CloseDir(dir_hnd); reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBcopy); return; @@ -6365,6 +6366,7 @@ void reply_copy(struct smb_request *req) continue; } if (!destname) { + CloseDir(dir_hnd); reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBcopy); return; @@ -6372,6 +6374,7 @@ void reply_copy(struct smb_request *req) status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { + CloseDir(dir_hnd); reply_nterror(req, status); END_PROFILE(SMBcopy); return; @@ -6379,6 +6382,7 @@ void reply_copy(struct smb_request *req) status = check_name(conn, destname); if (!NT_STATUS_IS_OK(status)) { + CloseDir(dir_hnd); reply_nterror(req, status); END_PROFILE(SMBcopy); return; -- cgit From 3cc3b9e1879d3d9714ac2914364418a140e8389c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 6 Jan 2008 14:21:25 +0100 Subject: use talloc_tos in a few more places (This used to be commit 65dd869bea351010c67f02046ae4134bdada1a4c) --- source3/smbd/reply.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a796a3193b..79c0176e64 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -592,7 +592,8 @@ void reply_tcon_and_X(struct smb_request *req) } if (global_encrypted_passwords_negotiated) { - password = data_blob(smb_buf(req->inbuf),passlen); + password = data_blob_talloc(talloc_tos(), smb_buf(req->inbuf), + passlen); if (lp_security() == SEC_SHARE) { /* * Security = share always has a pad byte @@ -603,7 +604,8 @@ void reply_tcon_and_X(struct smb_request *req) p = smb_buf(req->inbuf) + passlen; } } else { - password = data_blob(smb_buf(req->inbuf),passlen+1); + password = data_blob_talloc(talloc_tos(), smb_buf(req->inbuf), + passlen+1); /* Ensure correct termination */ password.data[passlen]=0; p = smb_buf(req->inbuf) + passlen + 1; @@ -5508,7 +5510,7 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, return NT_STATUS_ACCESS_DENIED; } - lck = get_share_mode_lock(NULL, fsp->file_id, NULL, NULL); + lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL); /* * We have the file open ourselves, so not being able to get the -- cgit From 4caab9ca25e1163378714de825d835e79e27dd4f Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Fri, 11 Jan 2008 00:51:19 +0100 Subject: Combine fsp and fromfd to fromfsp in SMB_VFS_SENDFILE(). Michael (This used to be commit a52cfb7d777157c93c9dc26c67f457be592dd537) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 79c0176e64..8149f5aeb6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2654,7 +2654,7 @@ void send_file_readbraw(connection_struct *conn, _smb_setlen(header,nread); header_blob = data_blob_const(header, 4); - if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, + if (SMB_VFS_SENDFILE(smbd_server_fd(), fsp, &header_blob, startpos, nread) == -1) { /* Returning ENOSYS means no data at all was sent. * Do this as a normal read. */ @@ -3137,7 +3137,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, construct_reply_common((char *)req->inbuf, (char *)headerbuf); setup_readX_header((char *)headerbuf, smb_maxcnt); - if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) { + if ((nread = SMB_VFS_SENDFILE(smbd_server_fd(), fsp, &header, startpos, smb_maxcnt)) == -1) { /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ if (errno == ENOSYS) { goto normal_read; -- cgit From ec412b60ea6d6a4e0fd2e03ca9299b4264483c0c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 12 Jan 2008 17:08:04 +0100 Subject: Convert OpenDir to talloc, use talloc_tos() This cuts some mallocs on NtCreate&X (This used to be commit 8e64107b7846d8f9cce71aabc95b28b7488d01ce) --- source3/smbd/reply.c | 35 +++++++++++++++++++---------------- 1 file changed, 19 insertions(+), 16 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 8149f5aeb6..e2316ef120 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2410,7 +2410,8 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, return status; } - dir_hnd = OpenDir(conn, directory, mask, dirtype); + dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, + dirtype); if (dir_hnd == NULL) { return map_nt_error_from_unix(errno); } @@ -2448,7 +2449,7 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { - CloseDir(dir_hnd); + TALLOC_FREE(dir_hnd); return status; } @@ -2464,7 +2465,7 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, TALLOC_FREE(fname); } - CloseDir(dir_hnd); + TALLOC_FREE(dir_hnd); } if (count == 0 && NT_STATUS_IS_OK(status)) { @@ -4901,7 +4902,8 @@ static bool recursive_rmdir(TALLOC_CTX *ctx, const char *dname = NULL; bool ret = True; long offset = 0; - struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0); + struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn, directory, + NULL, 0); if(dir_hnd == NULL) return False; @@ -4949,7 +4951,7 @@ static bool recursive_rmdir(TALLOC_CTX *ctx, } TALLOC_FREE(fullname); } - CloseDir(dir_hnd); + TALLOC_FREE(dir_hnd); return ret; } @@ -4997,7 +4999,8 @@ NTSTATUS rmdir_internals(TALLOC_CTX *ctx, */ const char *dname; long dirpos = 0; - struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0); + struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn, + directory, NULL, 0); if(dir_hnd == NULL) { errno = ENOTEMPTY; @@ -5010,7 +5013,7 @@ NTSTATUS rmdir_internals(TALLOC_CTX *ctx, if (!is_visible_file(conn, directory, dname, &st, False)) continue; if(!IS_VETO_PATH(conn, dname)) { - CloseDir(dir_hnd); + TALLOC_FREE(dir_hnd); errno = ENOTEMPTY; goto err; } @@ -5055,7 +5058,7 @@ NTSTATUS rmdir_internals(TALLOC_CTX *ctx, } TALLOC_FREE(fullname); } - CloseDir(dir_hnd); + TALLOC_FREE(dir_hnd); /* Retry the rmdir */ ret = SMB_VFS_RMDIR(conn,directory); } @@ -5751,7 +5754,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, return status; } - dir_hnd = OpenDir(conn, directory, mask, attrs); + dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, attrs); if (dir_hnd == NULL) { return map_nt_error_from_unix(errno); } @@ -5851,7 +5854,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, TALLOC_FREE(fname); TALLOC_FREE(destname); } - CloseDir(dir_hnd); + TALLOC_FREE(dir_hnd); if (count == 0 && NT_STATUS_IS_OK(status)) { status = map_nt_error_from_unix(errno); @@ -6325,7 +6328,7 @@ void reply_copy(struct smb_request *req) return; } - dir_hnd = OpenDir(conn, directory, mask, 0); + dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, 0); if (dir_hnd == NULL) { status = map_nt_error_from_unix(errno); reply_nterror(req, status); @@ -6357,7 +6360,7 @@ void reply_copy(struct smb_request *req) directory, dname); if (!fname) { - CloseDir(dir_hnd); + TALLOC_FREE(dir_hnd); reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBcopy); return; @@ -6368,7 +6371,7 @@ void reply_copy(struct smb_request *req) continue; } if (!destname) { - CloseDir(dir_hnd); + TALLOC_FREE(dir_hnd); reply_nterror(req, NT_STATUS_NO_MEMORY); END_PROFILE(SMBcopy); return; @@ -6376,7 +6379,7 @@ void reply_copy(struct smb_request *req) status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { - CloseDir(dir_hnd); + TALLOC_FREE(dir_hnd); reply_nterror(req, status); END_PROFILE(SMBcopy); return; @@ -6384,7 +6387,7 @@ void reply_copy(struct smb_request *req) status = check_name(conn, destname); if (!NT_STATUS_IS_OK(status)) { - CloseDir(dir_hnd); + TALLOC_FREE(dir_hnd); reply_nterror(req, status); END_PROFILE(SMBcopy); return; @@ -6400,7 +6403,7 @@ void reply_copy(struct smb_request *req) TALLOC_FREE(fname); TALLOC_FREE(destname); } - CloseDir(dir_hnd); + TALLOC_FREE(dir_hnd); } if (count == 0) { -- cgit From d86fc3ec8c99aaa5ffaa14a97525154507c39df7 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy Date: Wed, 16 Jan 2008 12:17:03 +0300 Subject: Add support for offline files support, remote storage, and Async I/O force operations to VFS Offline files support and remote storage are for allowing communication with backup and archiving tools that mark files moved to a tape library as offline. We translate this info into corresponding CIFS offline file attribute and mark an exported volume as remote storage. Async I/O force is to allow selective redirection of I/O operations to asynchronous processing in case it is viable at VFS module discretion. It is needed for proper handling of offline files as performing regular I/O on offline file will block smbd. Signed-off-by: Alexander Bokovoy (This used to be commit 875208724e39564fe81385dfe36e6c963e79e101) --- source3/smbd/reply.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index e2316ef120..381ddfe151 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3329,8 +3329,12 @@ void reply_read_and_X(struct smb_request *req) return; } - if (!big_readX - && schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) { + /* It is possible for VFS modules to selectively decide whether Async I/O should be used + for the file or not. + */ + if ((SMB_VFS_AIO_FORCE(fsp)) && + !big_readX && + schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) { END_PROFILE(SMBreadX); return; } @@ -4001,13 +4005,16 @@ void reply_write_and_X(struct smb_request *req) nwritten = 0; } else { - if (req->unread_bytes == 0 && - schedule_aio_write_and_X(conn, req, fsp, data, - startpos, numtowrite)) { + /* It is possible for VFS modules to selectively decide whether Async I/O + should be used for the file or not. + */ + if ((SMB_VFS_AIO_FORCE(fsp)) && (req->unread_bytes == 0) && + schedule_aio_write_and_X(conn, req, fsp, data, startpos, + numtowrite)) { END_PROFILE(SMBwriteX); return; } - + nwritten = write_file(req,fsp,data,startpos,numtowrite); } -- cgit From 1069cfe4ade88a032164c1242c9480a544584655 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 19 Jan 2008 23:25:36 +0100 Subject: Add streams support This is the core of the streams support. The main change is that in files_struct there is now a base_fsp pointer that holds the main file open while a stream is open. This is necessary to get the rather strange delete semantics right: You can't delete the main file while a stream is open without FILE_SHARE_DELETE, and while a stream is open a successful unlink of the main file leads to DELETE_PENDING for all further access on the main file or any stream. (This used to be commit 6022873cc155bdbbd3fb620689715f07a24d6ed1) --- source3/smbd/reply.c | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 381ddfe151..61ec611b6b 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -167,6 +167,10 @@ static NTSTATUS check_path_syntax_internal(char *path, } *d = '\0'; + + if (NT_STATUS_IS_OK(ret) && !posix_path) { + ret = split_ntfs_stream_name(NULL, path, NULL, NULL); + } return ret; } @@ -2289,14 +2293,22 @@ static NTSTATUS do_unlink(connection_struct *conn, /* On open checks the open itself will check the share mode, so don't do it here as we'll get it wrong. */ - status = open_file_ntcreate(conn, req, fname, &sbuf, - DELETE_ACCESS, - FILE_SHARE_NONE, - FILE_OPEN, - 0, - FILE_ATTRIBUTE_NORMAL, - req != NULL ? 0 : INTERNAL_OPEN_ONLY, - NULL, &fsp); + status = create_file_unixpath + (conn, /* conn */ + req, /* req */ + fname, /* fname */ + DELETE_ACCESS, /* access_mask */ + FILE_SHARE_NONE, /* share_access */ + FILE_OPEN, /* create_disposition*/ + FILE_NON_DIRECTORY_FILE, /* create_options */ + FILE_ATTRIBUTE_NORMAL, /* file_attributes */ + 0, /* oplock_request */ + 0, /* allocation_size */ + NULL, /* sd */ + NULL, /* ea_list */ + &fsp, /* result */ + NULL, /* pinfo */ + &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("open_file_ntcreate failed: %s\n", -- cgit From f87d08f6222f3e86b771c9c8ef669c1872118f6b Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 20 Jan 2008 14:43:30 +0100 Subject: Don't test split_ntfs_stream_name This is a hot code path, and if it has a :, the name will be split later on anyway. (This used to be commit 9f7f6b812d89decea1456ccdc37978e645d11a63) --- source3/smbd/reply.c | 3 --- 1 file changed, 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 61ec611b6b..5a5eb1e190 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -168,9 +168,6 @@ static NTSTATUS check_path_syntax_internal(char *path, *d = '\0'; - if (NT_STATUS_IS_OK(ret) && !posix_path) { - ret = split_ntfs_stream_name(NULL, path, NULL, NULL); - } return ret; } -- cgit From 33f3eeaa00974860dfc45962d5fd34cf05396c76 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 20 Jan 2008 17:35:25 +0100 Subject: Fix some "set but never used" warnings (This used to be commit 4a6dadc5178f4861e9c032321939db3b639734b5) --- source3/smbd/reply.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 5a5eb1e190..4ea81a3819 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3375,7 +3375,6 @@ void error_to_writebrawerr(struct smb_request *req) void reply_writebraw(struct smb_request *req) { connection_struct *conn = req->conn; - int outsize = 0; char *buf = NULL; ssize_t nwritten=0; ssize_t total_written=0; @@ -3485,8 +3484,7 @@ void reply_writebraw(struct smb_request *req) * it to send more bytes */ memcpy(buf, req->inbuf, smb_size); - outsize = srv_set_message(buf, - Protocol>PROTOCOL_COREPLUS?1:0,0,True); + srv_set_message(buf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); SCVAL(buf,smb_com,SMBwritebraw); SSVALS(buf,smb_vwv0,0xFFFF); show_msg(buf); -- cgit From 34a92c6285513acff08c7c9ad67474243559fd2f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 30 Jan 2008 11:11:27 +0100 Subject: Re-enable async I/O for non-TSM systems The logic was wrong: A "SMB_VFS_AIO_FORCE()==False" disabled async I/O, whereas a "SMB_VFS_AIO_FORCE()==True" should enforce it regardless of other settings. Alexander, please check! (This used to be commit 46882ad9927c95caadeb7fb03c1d7491bbe1fb22) --- source3/smbd/reply.c | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4ea81a3819..18376031ec 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3338,11 +3338,7 @@ void reply_read_and_X(struct smb_request *req) return; } - /* It is possible for VFS modules to selectively decide whether Async I/O should be used - for the file or not. - */ - if ((SMB_VFS_AIO_FORCE(fsp)) && - !big_readX && + if (!big_readX && schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) { END_PROFILE(SMBreadX); return; @@ -4012,10 +4008,7 @@ void reply_write_and_X(struct smb_request *req) nwritten = 0; } else { - /* It is possible for VFS modules to selectively decide whether Async I/O - should be used for the file or not. - */ - if ((SMB_VFS_AIO_FORCE(fsp)) && (req->unread_bytes == 0) && + if ((req->unread_bytes == 0) && schedule_aio_write_and_X(conn, req, fsp, data, startpos, numtowrite)) { END_PROFILE(SMBwriteX); -- cgit From 9f6e983d0b67b64daf27dab130348d3491bad4ac Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 25 Jan 2008 21:31:40 +0100 Subject: Convert read_smb_length to return NTSTATUS (This used to be commit 5750c3a51b4ddac635a98195d1621b24f91bad3f) --- source3/smbd/reply.c | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 18376031ec..46c14d158e 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3492,18 +3492,12 @@ void reply_writebraw(struct smb_request *req) } /* Now read the raw data into the buffer and write it */ - if (read_smb_length(smbd_server_fd(),buf, - SMB_SECONDARY_WAIT, get_srv_read_error()) == -1) { + status = read_smb_length(smbd_server_fd(), buf, SMB_SECONDARY_WAIT, + &numtowrite); + if (!NT_STATUS_IS_OK(status)) { exit_server_cleanly("secondary writebraw failed"); } - /* - * Even though this is not an smb message, - * smb_len returns the generic length of a packet. - */ - - numtowrite = smb_len(buf); - /* Set up outbuf to return the correct size */ reply_outbuf(req, 1, 0); -- cgit From 21e7344d2f45416ea996f88be72de1a923c0ee9c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 25 Jan 2008 23:57:20 +0100 Subject: Make get_srv_read_error static to process.c (This used to be commit 9e2947039ef70cab8bbd6027182d9c721eac3194) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 46c14d158e..f371dde705 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3516,8 +3516,8 @@ void reply_writebraw(struct smb_request *req) (int)tcount,(int)nwritten,(int)numtowrite)); } - if (read_data(smbd_server_fd(), buf+4, numtowrite,get_srv_read_error()) - != numtowrite ) { + if (read_data(smbd_server_fd(), buf+4, numtowrite, NULL) + != numtowrite ) { DEBUG(0,("reply_writebraw: Oversize secondary write " "raw read failed (%s). Terminating\n", strerror(errno) )); -- cgit From b42a5d68a3ffd88fd60c64b6a75fe2d687d9c92d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 26 Jan 2008 10:39:21 +0100 Subject: Convert read_data() to NTSTATUS (This used to be commit af40b71023f8c4a2133d996ea698c72b97624043) --- source3/smbd/reply.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f371dde705..bced8ed984 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3516,11 +3516,12 @@ void reply_writebraw(struct smb_request *req) (int)tcount,(int)nwritten,(int)numtowrite)); } - if (read_data(smbd_server_fd(), buf+4, numtowrite, NULL) - != numtowrite ) { + status = read_data(smbd_server_fd(), buf+4, numtowrite); + + if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("reply_writebraw: Oversize secondary write " - "raw read failed (%s). Terminating\n", - strerror(errno) )); + "raw read failed (%s). Terminating\n", + nt_errstr(status))); exit_server_cleanly("secondary writebraw failed"); } -- cgit From a4436154b8ce446e84e6c07bd9c69edfafe1b68c Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy Date: Wed, 6 Feb 2008 09:10:50 +0300 Subject: Change the file time before we change the file mode. This doesn't matter for most applications, but for offline files it matters as it allows you to set files offline from windows clients even with HSM systems that refuse to offline newly created files. Merge from Tridge's v3-0-ctdb tree. (This used to be commit 7da6c675440b0253ab37ee6097f769a2e45c7b7b) --- source3/smbd/reply.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bced8ed984..baebff83de 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1110,6 +1110,12 @@ void reply_setatr(struct smb_request *req) mode = SVAL(req->inbuf,smb_vwv0); mtime = srv_make_unix_date3(req->inbuf+smb_vwv1); + if (!set_filetime(conn,fname,convert_time_t_to_timespec(mtime))) { + reply_unixerror(req, ERRDOS, ERRnoaccess); + END_PROFILE(SMBsetatr); + return; + } + if (mode != FILE_ATTRIBUTE_NORMAL) { if (VALID_STAT_OF_DIR(sbuf)) mode |= aDIR; @@ -1123,12 +1129,6 @@ void reply_setatr(struct smb_request *req) } } - if (!set_filetime(conn,fname,convert_time_t_to_timespec(mtime))) { - reply_unixerror(req, ERRDOS, ERRnoaccess); - END_PROFILE(SMBsetatr); - return; - } - reply_outbuf(req, 0, 0); DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) ); -- cgit From 2a6a2288c5fae908f431bd79332554e0a23dbeed Mon Sep 17 00:00:00 2001 From: Karolin Seeger Date: Fri, 8 Feb 2008 09:28:57 +0100 Subject: Fix some typos. Karolin (This used to be commit 2bec0a1fb7857e6fb8ec15e5f597b2d4125f105b) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index baebff83de..669dad2e3a 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2469,7 +2469,7 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, } count++; - DEBUG(3,("unlink_internals: succesful unlink [%s]\n", + DEBUG(3,("unlink_internals: successful unlink [%s]\n", fname)); TALLOC_FREE(fname); -- cgit From 14aa57a9e3368fed5b8b7d1ac0f6e94b9b1ac20e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 22 Feb 2008 16:17:10 +0100 Subject: Don't use fname after create_file has been called create_file calls unix_convert internally, so modifies fname. So we can't use "fname" after create_file has returned. Use fsp->fsp_name instead. Found during a lengthy debugging session with Karolin testing the xattr_tdb module... (This used to be commit 183fe570469963923864b732817a87f8660341ed) --- source3/smbd/reply.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 669dad2e3a..818ff319e4 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1639,11 +1639,11 @@ void reply_open(struct smb_request *req) } size = sbuf.st_size; - fattr = dos_mode(conn,fname,&sbuf); + fattr = dos_mode(conn,fsp->fsp_name,&sbuf); mtime = sbuf.st_mtime; if (fattr & aDIR) { - DEBUG(3,("attempt to open a directory %s\n",fname)); + DEBUG(3,("attempt to open a directory %s\n",fsp->fsp_name)); close_file(fsp,ERROR_CLOSE); reply_doserror(req, ERRDOS,ERRnoaccess); END_PROFILE(SMBopen); @@ -1802,7 +1802,7 @@ void reply_open_and_X(struct smb_request *req) sbuf.st_size = get_allocation_size(conn,fsp,&sbuf); } - fattr = dos_mode(conn,fname,&sbuf); + fattr = dos_mode(conn,fsp->fsp_name,&sbuf); mtime = sbuf.st_mtime; if (fattr & aDIR) { close_file(fsp,ERROR_CLOSE); @@ -1985,7 +1985,7 @@ void reply_mknew(struct smb_request *req) } ts[0] = get_atimespec(&sbuf); /* atime. */ - file_ntimes(conn, fname, ts); + file_ntimes(conn, fsp->fsp_name, ts); reply_outbuf(req, 1, 0); SSVAL(req->outbuf,smb_vwv0,fsp->fnum); @@ -2000,9 +2000,9 @@ void reply_mknew(struct smb_request *req) CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } - DEBUG( 2, ( "reply_mknew: file %s\n", fname ) ); + DEBUG( 2, ( "reply_mknew: file %s\n", fsp->fsp_name ) ); DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n", - fname, fsp->fh->fd, (unsigned int)fattr ) ); + fsp->fsp_name, fsp->fh->fd, (unsigned int)fattr ) ); END_PROFILE(SMBcreate); return; @@ -2125,9 +2125,9 @@ void reply_ctemp(struct smb_request *req) SSVAL(req->outbuf,smb_vwv0,fsp->fnum); /* the returned filename is relative to the directory */ - s = strrchr_m(fname, '/'); + s = strrchr_m(fsp->fsp_name, '/'); if (!s) { - s = fname; + s = fsp->fsp_name; } else { s++; } @@ -2154,9 +2154,9 @@ void reply_ctemp(struct smb_request *req) CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED); } - DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) ); - DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fname, fsp->fh->fd, - (unsigned int)sbuf.st_mode ) ); + DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp->fsp_name ) ); + DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp->fsp_name, + fsp->fh->fd, (unsigned int)sbuf.st_mode ) ); END_PROFILE(SMBctemp); return; -- cgit From bac7b5b19e1c9a21a8de6b7b09cd4b06faf43f09 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 11 Mar 2008 13:27:33 -0700 Subject: Try and fix bug #5315, as well as S4 torture tests RAW-OPLOCK BATCH19, BATCH20 and RAW-RENAME. Jeremy. (This used to be commit 9065792d4bc42522f12f9732de3c0ad82c72a2d3) --- source3/smbd/reply.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 818ff319e4..d3b5dfac64 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2184,7 +2184,7 @@ static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp, return NT_STATUS_OK; } - if (fsp->access_mask & DELETE_ACCESS) { + if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) { return NT_STATUS_OK; } @@ -5585,7 +5585,8 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, uint32 attrs, bool replace_if_exists, bool src_has_wild, - bool dest_has_wild) + bool dest_has_wild, + uint32_t access_mask) { char *directory = NULL; char *mask = NULL; @@ -5715,12 +5716,12 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, status = S_ISDIR(sbuf1.st_mode) ? open_directory(conn, req, directory, &sbuf1, - DELETE_ACCESS, + access_mask, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, 0, NULL, &fsp) : open_file_ntcreate(conn, req, directory, &sbuf1, - DELETE_ACCESS, + access_mask, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, 0, 0, NULL, &fsp); @@ -5819,12 +5820,12 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, status = S_ISDIR(sbuf1.st_mode) ? open_directory(conn, req, fname, &sbuf1, - DELETE_ACCESS, + access_mask, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, 0, NULL, &fsp) : open_file_ntcreate(conn, req, fname, &sbuf1, - DELETE_ACCESS, + access_mask, FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0, 0, 0, NULL, &fsp); @@ -5947,7 +5948,7 @@ void reply_mv(struct smb_request *req) DEBUG(3,("reply_mv : %s -> %s\n",name,newname)); status = rename_internals(ctx, conn, req, name, newname, attrs, False, - src_has_wcard, dest_has_wcard); + src_has_wcard, dest_has_wcard, DELETE_ACCESS); if (!NT_STATUS_IS_OK(status)) { if (open_was_deferred(req->mid)) { /* We have re-scheduled this call. */ -- cgit From b7a014a6ee1d71beae14a0f90460aa5fdfb5d07c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 11 Mar 2008 13:38:25 -0700 Subject: Allow us to pass RAW-RENAME by testing that the connection struct connection paths are equal, not just the conn structs themselves. Jeremy. (This used to be commit 632f3fe66fbcbe3cc25d070c3885177264f5ad65) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d3b5dfac64..91d5f25a27 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5295,7 +5295,7 @@ static void rename_open_files(connection_struct *conn, sharepaths we need to manipulate relative paths. */ /* TODO - create the absolute path and manipulate the newname relative to the sharepath. */ - if (fsp->conn != conn) { + if (!strequal(fsp->conn->connectpath, conn->connectpath)) { continue; } DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n", -- cgit From afa682943c1799f02b6a86f8f872fd2ce2d62da5 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 26 Mar 2008 18:33:38 +0100 Subject: printclose has only 1 vwv (This used to be commit 99d980125054cbfef8ec85a31e83aa18a6e0bce3) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 91d5f25a27..bababfecac 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4622,7 +4622,7 @@ void reply_printclose(struct smb_request *req) START_PROFILE(SMBsplclose); - if (req->wct < 3) { + if (req->wct < 1) { reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBsplclose); return; -- cgit From e00bfc509219cce65168f9ef4532eeff09e6f5fb Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 28 Mar 2008 17:31:06 -0700 Subject: Only allow sendfile on non-stream fsp's. Should fix make test for streams as sendfile isn't implemented in the streams vfs modules yet. Jeremy. (This used to be commit eef53e9603d4f3d892ffe00b061def5d717ca481) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index bababfecac..eb8e5ff915 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2656,7 +2656,7 @@ void send_file_readbraw(connection_struct *conn, * reply_readbraw has already checked the length. */ - if ( (chain_size == 0) && (nread > 0) && + if ( (chain_size == 0) && (nread > 0) && (fsp->base_fsp == NULL) (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) { char header[4]; DATA_BLOB header_blob; @@ -3131,7 +3131,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, */ if ((chain_size == 0) && (CVAL(req->inbuf,smb_vwv0) == 0xFF) && - !is_encrypted_packet(req->inbuf) && + !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) && lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) { uint8 headerbuf[smb_size + 12 * 2]; DATA_BLOB header; -- cgit From 43fdd1748c8e7d0432f5f960687df74870df60de Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 28 Mar 2008 17:32:52 -0700 Subject: Fix missing '&&'. Jeremy. (This used to be commit 251df53811e4272b629575a4b50c29a99715ccf9) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index eb8e5ff915..972f30dbbd 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2656,7 +2656,7 @@ void send_file_readbraw(connection_struct *conn, * reply_readbraw has already checked the length. */ - if ( (chain_size == 0) && (nread > 0) && (fsp->base_fsp == NULL) + if ( (chain_size == 0) && (nread > 0) && (fsp->base_fsp == NULL) && (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) { char header[4]; DATA_BLOB header_blob; -- cgit From 2ccf50256e31bd7b9da0f7a7c223bebca5bca062 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 12 Mar 2008 15:32:47 +0100 Subject: locking: store the write time in the locking.tdb This is needed to implement the strange write time update logic later. We need to store 2 time timestamps to distinguish between the time the file system had before the first client opened the file and a forced timestamp update. metze (This used to be commit 6aaa2ce0eeb46f6735ec984a2e7aadde7a7f456d) --- source3/smbd/reply.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 972f30dbbd..b300c09f4f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -5515,7 +5515,8 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, return NT_STATUS_ACCESS_DENIED; } - lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL); + lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL, + NULL); /* * We have the file open ourselves, so not being able to get the -- cgit From d03453864ab1bc5fd3b4a3abaf96176a006c102b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 12 Mar 2008 15:39:38 +0100 Subject: smbd: implement the strange write time update logic We now never call file_ntimes() directly, every update is done via smb_set_file_time(). This let samba3 pass the BASE-DELAYWRITE test. The write time is only updated 2 seconds after the first write() on any open handle to the current time (not the time of the first write). Each handle which had write requests updates the write time to the current time on close(). If the write time is set explicit via setfileinfo or setpathinfo the write time is visible directly and a following close on the same handle doesn't update the write time. metze (This used to be commit 2eab212ea2e1bfd8fa716c2c89b2c042f7ba12ea) --- source3/smbd/reply.c | 61 +++++++++++++++++++++++++++++++++------------------- 1 file changed, 39 insertions(+), 22 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b300c09f4f..411eb98ac5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1042,6 +1042,7 @@ void reply_getatr(struct smb_request *req) void reply_setatr(struct smb_request *req) { + struct timespec ts[2]; connection_struct *conn = req->conn; char *fname = NULL; int mode; @@ -1053,6 +1054,8 @@ void reply_setatr(struct smb_request *req) START_PROFILE(SMBsetatr); + ZERO_STRUCT(ts); + if (req->wct < 2) { reply_nterror(req, NT_STATUS_INVALID_PARAMETER); return; @@ -1110,7 +1113,10 @@ void reply_setatr(struct smb_request *req) mode = SVAL(req->inbuf,smb_vwv0); mtime = srv_make_unix_date3(req->inbuf+smb_vwv1); - if (!set_filetime(conn,fname,convert_time_t_to_timespec(mtime))) { + ts[1] = convert_time_t_to_timespec(mtime); + status = smb_set_file_time(conn, NULL, fname, + &sbuf, ts, true); + if (!NT_STATUS_IS_OK(status)) { reply_unixerror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBsetatr); return; @@ -1985,7 +1991,12 @@ void reply_mknew(struct smb_request *req) } ts[0] = get_atimespec(&sbuf); /* atime. */ - file_ntimes(conn, fsp->fsp_name, ts); + status = smb_set_file_time(conn, fsp, fname, &sbuf, ts, true); + if (!NT_STATUS_IS_OK(status)) { + END_PROFILE(SMBcreate); + reply_openerror(req, status); + return; + } reply_outbuf(req, 1, 0); SSVAL(req->outbuf,smb_vwv0,fsp->fnum); @@ -4239,6 +4250,7 @@ void reply_close(struct smb_request *req) DEBUG(3,("close directory fnum=%d\n", fsp->fnum)); status = close_file(fsp,NORMAL_CLOSE); } else { + time_t t; /* * Close ordinary file. */ @@ -4251,9 +4263,8 @@ void reply_close(struct smb_request *req) * Take care of any time sent in the close. */ - fsp_set_pending_modtime(fsp, convert_time_t_to_timespec( - srv_make_unix_date3( - req->inbuf+smb_vwv1))); + t = srv_make_unix_date3(req->inbuf+smb_vwv1); + set_close_write_time(fsp, convert_time_t_to_timespec(t)); /* * close_file() returns the unix errno if an error @@ -4326,8 +4337,8 @@ void reply_writeclose(struct smb_request *req) nwritten = write_file(req,fsp,data,startpos,numtowrite); - set_filetime(conn, fsp->fsp_name, mtime); - + set_close_write_time(fsp, mtime); + /* * More insanity. W2K only closes the file if writelen > 0. * JRA. @@ -6078,7 +6089,7 @@ NTSTATUS copy_file(TALLOC_CTX *ctx, close_file(fsp1,NORMAL_CLOSE); /* Ensure the modtime is set correctly on the destination file. */ - fsp_set_pending_modtime( fsp2, get_mtimespec(&src_sbuf)); + set_close_write_time(fsp2, get_mtimespec(&src_sbuf)); /* * As we are opening fsp1 read-only we only expect @@ -6961,6 +6972,8 @@ void reply_setattrE(struct smb_request *req) connection_struct *conn = req->conn; struct timespec ts[2]; files_struct *fsp; + SMB_STRUCT_STAT sbuf; + NTSTATUS status; START_PROFILE(SMBsetattrE); @@ -6996,23 +7009,27 @@ void reply_setattrE(struct smb_request *req) * Sometimes times are sent as zero - ignore them. */ - if (null_timespec(ts[0]) && null_timespec(ts[1])) { - /* Ignore request */ - if( DEBUGLVL( 3 ) ) { - dbgtext( "reply_setattrE fnum=%d ", fsp->fnum); - dbgtext( "ignoring zero request - not setting timestamps of 0\n" ); + /* Ensure we have a valid stat struct for the source. */ + if (fsp->fh->fd != -1) { + if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) { + status = map_nt_error_from_unix(errno); + reply_nterror(req, status); + END_PROFILE(SMBsetattrE); + return; + } + } else { + if (SMB_VFS_STAT(conn, fsp->fsp_name, &sbuf) == -1) { + status = map_nt_error_from_unix(errno); + reply_nterror(req, status) + END_PROFILE(SMBsetattrE); + return; } - END_PROFILE(SMBsetattrE); - return; - } else if (!null_timespec(ts[0]) && null_timespec(ts[1])) { - /* set modify time = to access time if modify time was unset */ - ts[1] = ts[0]; } - /* Set the date on this file */ - /* Should we set pending modtime here ? JRA */ - if(file_ntimes(conn, fsp->fsp_name, ts)) { - reply_doserror(req, ERRDOS, ERRnoaccess); + status = smb_set_file_time(conn, fsp, fsp->fsp_name, + &sbuf, ts, true); + if (!NT_STATUS_IS_OK(status)) { + reply_doserror(req, ERRDOS, ERRnoaccess) END_PROFILE(SMBsetattrE); return; } -- cgit From 19f49de92e176495f3e0640502d4a330eacbf59e Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 7 Apr 2008 09:21:19 +0200 Subject: smbd: make it possible to disable get_file_infos() on searches metze (This used to be commit 404a865a34c3a7c67131b3f99e92c11b2abe3e39) --- source3/smbd/reply.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 411eb98ac5..ab77de06f8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1224,6 +1224,7 @@ void reply_search(struct smb_request *req) bool mask_contains_wcard = False; bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False; TALLOC_CTX *ctx = talloc_tos(); + bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true); START_PROFILE(SMBsearch); @@ -1409,8 +1410,16 @@ void reply_search(struct smb_request *req) } for (i=numentries;(i Date: Tue, 8 Apr 2008 21:41:16 +0200 Subject: Fix the build of reply_setattrE(). How ever could this compile ? Guenther (This used to be commit 02f5f35e5ed3b061cfd020d0b13014c72fced5f4) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ab77de06f8..2506ff97e9 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -7029,7 +7029,7 @@ void reply_setattrE(struct smb_request *req) } else { if (SMB_VFS_STAT(conn, fsp->fsp_name, &sbuf) == -1) { status = map_nt_error_from_unix(errno); - reply_nterror(req, status) + reply_nterror(req, status); END_PROFILE(SMBsetattrE); return; } @@ -7038,7 +7038,7 @@ void reply_setattrE(struct smb_request *req) status = smb_set_file_time(conn, fsp, fsp->fsp_name, &sbuf, ts, true); if (!NT_STATUS_IS_OK(status)) { - reply_doserror(req, ERRDOS, ERRnoaccess) + reply_doserror(req, ERRDOS, ERRnoaccess); END_PROFILE(SMBsetattrE); return; } -- cgit From 49ca8efa9199ba21e3a41cbe4abbea1ca4974d0e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 19 Jun 2008 16:31:59 +0200 Subject: Remove the "current_user" arg from check_fsp check_fsp only used the vuid struct member anyway, and this is available in the smb_request structure as well. (This used to be commit 8d364c4c3311b406847158fc37e9208d298cf8ba) --- source3/smbd/reply.c | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2506ff97e9..4427ba2ebd 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -327,13 +327,13 @@ size_t srvstr_get_path(TALLOC_CTX *ctx, ****************************************************************************/ bool check_fsp_open(connection_struct *conn, struct smb_request *req, - files_struct *fsp, struct current_user *user) + files_struct *fsp) { if (!(fsp) || !(conn)) { reply_nterror(req, NT_STATUS_INVALID_HANDLE); return False; } - if (((conn) != (fsp)->conn) || user->vuid != (fsp)->vuid) { + if (((conn) != (fsp)->conn) || req->vuid != (fsp)->vuid) { reply_nterror(req, NT_STATUS_INVALID_HANDLE); return False; } @@ -346,9 +346,9 @@ bool check_fsp_open(connection_struct *conn, struct smb_request *req, ****************************************************************************/ bool check_fsp(connection_struct *conn, struct smb_request *req, - files_struct *fsp, struct current_user *user) + files_struct *fsp) { - if (!check_fsp_open(conn, req, fsp, user)) { + if (!check_fsp_open(conn, req, fsp)) { return False; } if ((fsp)->is_directory) { @@ -2924,7 +2924,7 @@ void reply_lockread(struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { END_PROFILE(SMBlockread); return; } @@ -3032,7 +3032,7 @@ void reply_read(struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { END_PROFILE(SMBread); return; } @@ -3287,7 +3287,7 @@ void reply_read_and_X(struct smb_request *req) return; } - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { END_PROFILE(SMBreadX); return; } @@ -3425,7 +3425,7 @@ void reply_writebraw(struct smb_request *req) } fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { error_to_writebrawerr(req); END_PROFILE(SMBwritebraw); return; @@ -3631,7 +3631,7 @@ void reply_writeunlock(struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { END_PROFILE(SMBwriteunlock); return; } @@ -3738,7 +3738,7 @@ void reply_write(struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { END_PROFILE(SMBwrite); return; } @@ -3968,7 +3968,7 @@ void reply_write_and_X(struct smb_request *req) startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3); write_through = BITSETW(req->inbuf+smb_vwv7,0); - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { END_PROFILE(SMBwriteX); return; } @@ -4087,7 +4087,7 @@ void reply_lseek(struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { return; } @@ -4173,7 +4173,7 @@ void reply_flush(struct smb_request *req) fnum = SVAL(req->inbuf,smb_vwv0); fsp = file_fsp(fnum); - if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp, ¤t_user)) { + if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) { return; } @@ -4320,7 +4320,7 @@ void reply_writeclose(struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { END_PROFILE(SMBwriteclose); return; } @@ -4407,7 +4407,7 @@ void reply_lock(struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { END_PROFILE(SMBlock); return; } @@ -4466,7 +4466,7 @@ void reply_unlock(struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { END_PROFILE(SMBunlock); return; } @@ -4650,7 +4650,7 @@ void reply_printclose(struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { END_PROFILE(SMBsplclose); return; } @@ -4790,7 +4790,7 @@ void reply_printwrite(struct smb_request *req) fsp = file_fsp(SVAL(req->inbuf,smb_vwv0)); - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { END_PROFILE(SMBsplwr); return; } @@ -6624,7 +6624,7 @@ void reply_lockingX(struct smb_request *req) lock_timeout = IVAL(req->inbuf,smb_vwv4); large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False; - if (!check_fsp(conn, req, fsp, ¤t_user)) { + if (!check_fsp(conn, req, fsp)) { END_PROFILE(SMBlockingX); return; } -- cgit From e40b6e296a91f87e0a238323fe1dbf76149487e0 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 19 Jun 2008 16:31:59 +0200 Subject: Remove the "current_user" arg from fsp_belongs_conn fsp_belongs_conn only used the vuid struct member anyway, and this is available in the smb_request structure as well. (This used to be commit 64e9372ab997739d46669c0cc4a4c6edb11d5e64) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4427ba2ebd..f36c5c4d31 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -368,10 +368,10 @@ bool check_fsp(connection_struct *conn, struct smb_request *req, ****************************************************************************/ bool fsp_belongs_conn(connection_struct *conn, struct smb_request *req, - files_struct *fsp, struct current_user *user) + files_struct *fsp) { if ((fsp) && (conn) && ((conn)==(fsp)->conn) - && (current_user.vuid==(fsp)->vuid)) { + && (req->vuid == (fsp)->vuid)) { return True; } -- cgit From f1cd0bdbccd36e202f69ffa2dbbc9d9bdb060db0 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 19 Jun 2008 18:21:41 +0200 Subject: Remove reference to current_user from reply.c (This used to be commit e895e44cc7d675d128430fb53c138e5e8736e59f) --- source3/smbd/reply.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f36c5c4d31..f12dbdc8f3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -32,7 +32,6 @@ extern int max_recv; unsigned int smb_echo_count = 0; extern uint32 global_client_caps; -extern struct current_user current_user; extern bool global_encrypted_passwords_negotiated; /**************************************************************************** @@ -2334,7 +2333,7 @@ static NTSTATUS do_unlink(connection_struct *conn, } /* The set is across all open files on this dev/inode pair. */ - if (!set_delete_on_close(fsp, True, ¤t_user.ut)) { + if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) { close_file(fsp, NORMAL_CLOSE); return NT_STATUS_ACCESS_DENIED; } @@ -2789,7 +2788,7 @@ void reply_readbraw(struct smb_request *req) */ if (!fsp || !conn || conn != fsp->conn || - current_user.vuid != fsp->vuid || + req->vuid != fsp->vuid || fsp->is_directory || fsp->fh->fd == -1) { /* * fsp could be NULL here so use the value from the packet. JRA. @@ -4246,7 +4245,7 @@ void reply_close(struct smb_request *req) * We can only use CHECK_FSP if we know it's not a directory. */ - if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) { + if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) { reply_doserror(req, ERRDOS, ERRbadfid); END_PROFILE(SMBclose); return; -- cgit From 52664f62ba84719a9ea6eb8f9c01f1f3a9bd1b24 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 19 Jun 2008 18:46:57 +0200 Subject: Remove current_user references from trans2.c This involved replacing the CHECK_NTQUOTA_HANDLE_OK macro by a function. (This used to be commit 5595cdf837edb82db69a3e57bcf3108be7feeeb8) --- source3/smbd/reply.c | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index f12dbdc8f3..aaa284dc39 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -362,6 +362,37 @@ bool check_fsp(connection_struct *conn, struct smb_request *req, return True; } +/**************************************************************************** + Check if we have a correct fsp pointing to a quota fake file. Replacement for + the CHECK_NTQUOTA_HANDLE_OK macro. +****************************************************************************/ + +bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req, + files_struct *fsp) +{ + if (!check_fsp_open(conn, req, fsp)) { + return false; + } + + if (fsp->is_directory) { + return false; + } + + if (fsp->fake_file_handle == NULL) { + return false; + } + + if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) { + return false; + } + + if (fsp->fake_file_handle->private_data == NULL) { + return false; + } + + return true; +} + /**************************************************************************** Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro ****************************************************************************/ -- cgit From c885ae01ebbf2b2f5c75799c4e8b1b0c68b2d34e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 24 Jun 2008 16:58:29 +0200 Subject: Remove current_user reference from printfsp.c (This used to be commit 510f45d01a19ce1c226755ac42a328241098b2e0) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index aaa284dc39..ee646aa7c3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4642,7 +4642,7 @@ void reply_printopen(struct smb_request *req) } /* Open for exclusive use, write only. */ - status = print_fsp_open(conn, NULL, &fsp); + status = print_fsp_open(conn, NULL, req->vuid, &fsp); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); -- cgit From ee49e0391fda564f165f582a3119b832555e4952 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 25 Jul 2008 13:16:18 -0700 Subject: Fix bug creating files using DOS clients with mixed case files. Reported by Daniel Johnson . The smb_set_file_time() call to set the filetimes is failing because it's using the unmodified name passed in by the client, not the modified name (matching case on the disk) that comes out from create_file(). Jeremy. (This used to be commit 1706a33e78347d14a8b09fd21b87d57bad543bcd) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ee646aa7c3..ddc5dd06a5 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2030,7 +2030,7 @@ void reply_mknew(struct smb_request *req) } ts[0] = get_atimespec(&sbuf); /* atime. */ - status = smb_set_file_time(conn, fsp, fname, &sbuf, ts, true); + status = smb_set_file_time(conn, fsp, fsp->fsp_name, &sbuf, ts, true); if (!NT_STATUS_IS_OK(status)) { END_PROFILE(SMBcreate); reply_openerror(req, status); -- cgit From b117e1039451e10c8c86b867d1a53781957f451e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 27 Jul 2008 18:37:00 +0200 Subject: Remove a pointless CONST_DISCARD (This used to be commit c63cb78b4c8a283c0eebe37ff2f60ddbfbfaac4a) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ddc5dd06a5..897024c4d8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2131,7 +2131,7 @@ void reply_ctemp(struct smb_request *req) return; } - status = check_name(conn, CONST_DISCARD(char *,fname)); + status = check_name(conn, fname); if (!NT_STATUS_IS_OK(status)) { reply_nterror(req, status); END_PROFILE(SMBctemp); -- cgit From a235676dd1159d93d6fac7374918c1f33eaf0120 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 27 Jul 2008 18:41:19 +0200 Subject: Fix a debug message (This used to be commit 1970eed1b79a5d9dc45eb96098d653ad62a20871) --- source3/smbd/reply.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 897024c4d8..80afd582f6 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2358,7 +2358,7 @@ static NTSTATUS do_unlink(connection_struct *conn, &sbuf); /* psbuf */ if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("open_file_ntcreate failed: %s\n", + DEBUG(10, ("create_file_unixpath failed: %s\n", nt_errstr(status))); return status; } -- cgit From 8b25ce06ceb4ad57fa585e76c1a6be12a4c7d3d2 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 10 Aug 2008 10:43:36 +1000 Subject: I found lots of places where we assume error will be set when calling one of our virtualised functions, such as db_open(), but error is only set when a system call fails, and it is not uncommon for us to fail a function internally without ever making a system call. That led to us passing back success when a function had in fact failed. I found two places where we relied on map_nt_error_from_unix() returning success when errno==0, but lots and lots of places where we relied on the reverse, so I fixed those two places. map_nt_error_from_unix() will now always return an error, returning NT_STATUS_UNSUCCESSFUL if errno is 0 (cherry picked from commit 69d40ca4c1af925d4b0e59ddc69ef8c26e6501d1) (This used to be commit 834684a524a24bb4eb46b4af583d39947dc87d95) --- source3/smbd/reply.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 80afd582f6..d32d998da8 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -2527,7 +2527,7 @@ NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req, TALLOC_FREE(dir_hnd); } - if (count == 0 && NT_STATUS_IS_OK(status)) { + if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) { status = map_nt_error_from_unix(errno); } @@ -5910,7 +5910,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, } TALLOC_FREE(dir_hnd); - if (count == 0 && NT_STATUS_IS_OK(status)) { + if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) { status = map_nt_error_from_unix(errno); } -- cgit From a5cf8b9fb5711dce8baf509e27396269e711dd07 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 13 Aug 2008 15:46:35 -0700 Subject: Fix for bug #5617, reported and patched by Bartosz Antosik antosik@gmail.com. xp/2003 explorer freezes browsing shares on samba ipv6 hosts. Caused by missing reply packet to SMB printclose packet. Jeremy (This used to be commit ecf2b906f476e4a764d0e53eed84b9b75a2062c0) --- source3/smbd/reply.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index d32d998da8..b3d691fbe7 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -4702,6 +4702,8 @@ void reply_printclose(struct smb_request *req) return; } + reply_outbuf(req, 0, 0); + END_PROFILE(SMBsplclose); return; } -- cgit From 39697d57451d05585063dc05c4fd6c5ae646a0a5 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 26 Aug 2008 14:06:42 +1000 Subject: EINVAL is also a valid error return, meaning "this filesystem cannot do sendfile for this file" (This used to be commit 737f664604b28f230be63bfc2f3d516fd9eb1c63) --- source3/smbd/reply.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b3d691fbe7..06aa835cb0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3198,8 +3198,9 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, setup_readX_header((char *)headerbuf, smb_maxcnt); if ((nread = SMB_VFS_SENDFILE(smbd_server_fd(), fsp, &header, startpos, smb_maxcnt)) == -1) { - /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ - if (errno == ENOSYS) { + /* Returning ENOSYS or EINVAL means no data at all was sent. + Do this as a normal read. */ + if (errno == ENOSYS || errno == EINVAL) { goto normal_read; } -- cgit From 1cae2ac905cc3e4b6e4c92ec4d64c582cfad8fea Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 27 Aug 2008 15:06:14 -0700 Subject: Add st_birthtime and friends for accurate create times on systems that support it (*BSD and MacOSX). Should have done this ages ago, sorry. Jeremy. (This used to be commit 4c3a9558906f213948c3bdc081be73f8fed148cb) --- source3/smbd/reply.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 06aa835cb0..ff38ac88cf 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -7126,6 +7126,7 @@ void reply_getattrE(struct smb_request *req) SMB_STRUCT_STAT sbuf; int mode; files_struct *fsp; + struct timespec create_ts; START_PROFILE(SMBgetattrE); @@ -7160,9 +7161,9 @@ void reply_getattrE(struct smb_request *req) reply_outbuf(req, 11, 0); - srv_put_dos_date2((char *)req->outbuf, smb_vwv0, - get_create_time(&sbuf, - lp_fake_dir_create_times(SNUM(conn)))); + create_ts = get_create_timespec(&sbuf, + lp_fake_dir_create_times(SNUM(conn))); + srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec); srv_put_dos_date2((char *)req->outbuf, smb_vwv2, sbuf.st_atime); /* Should we check pending modtime here ? JRA */ srv_put_dos_date2((char *)req->outbuf, smb_vwv4, sbuf.st_mtime); -- cgit From edd16eaa90df96f58ba1c224ca9316ccc0e2210d Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 1 Sep 2008 18:42:44 +0200 Subject: Slightly simplify logic: remove an else branch (This used to be commit 56ecec50130aa948a431427285aed4b28a5647e8) --- source3/smbd/reply.c | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index ff38ac88cf..16f8a5b177 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3264,25 +3264,22 @@ normal_read: } TALLOC_FREE(req->outbuf); return; - } else { - reply_outbuf(req, 12, smb_maxcnt); + } - nread = read_file(fsp, smb_buf(req->outbuf), startpos, - smb_maxcnt); - if (nread < 0) { - reply_unixerror(req, ERRDOS, ERRnoaccess); - return; - } + reply_outbuf(req, 12, smb_maxcnt); - setup_readX_header((char *)req->outbuf, nread); + nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt); + if (nread < 0) { + reply_unixerror(req, ERRDOS, ERRnoaccess); + return; + } - DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", - fsp->fnum, (int)smb_maxcnt, (int)nread ) ); + setup_readX_header((char *)req->outbuf, nread); - chain_reply(req); + DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n", + fsp->fnum, (int)smb_maxcnt, (int)nread ) ); - return; - } + chain_reply(req); } /**************************************************************************** -- cgit From 405b072431db3f3f8f16e4e0d2f2b1b2f1c71286 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 5 Sep 2008 19:00:48 -0700 Subject: Write times code update. Ok, here's the fix for the write times breakage with the new tests in S4 smbtorture. The key is keeping in the share mode struct the "old_file_time" as the real write time, set by all the write and allocation calls, and the "changed_write_time" as the "sticky" write time - set by the SET_FILE_TIME calls. We can set them independently (although I kept the optimization of not setting the "old_file_time" is a "changed_write_time" was already set, as we'll never see it. This allows us to update the write time immediately on the SMBwrite truncate case, SET_END_OF_FILE and SET_ALLOCATION_SIZE calls, whilst still have the 2 second delay on the "normal" SMBwrite, SMBwriteX calls. I think in a subsequent patch I'd like to change the name of these from "old_file_time" to "write_time" and "changed_write_time" to "sticky_write_time" to make this clearer. I think I also fixed a bug in Metze's original code in that once a write timestamp had been set from a "normal" SMBwriteX call the fsp->update_write_time_triggered variable was set and then never reset - thus meaning the write timestamp would never get updated again on subsequent SMBwriteX's. The new code checks the update_write_time_event event instead, and doesn't update is there's an event already scheduled. Metze especially, please check this over for your understanding. Jeremy. (This used to be commit 6f20585419046c4aca1f7d6c863cf79eb6ae53b0) --- source3/smbd/reply.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 16f8a5b177..6933533672 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3810,9 +3810,11 @@ void reply_write(struct smb_request *req) END_PROFILE(SMBwrite); return; } - } else + trigger_write_time_update_immediate(fsp); + } else { nwritten = write_file(req,fsp,data,startpos,numtowrite); - + } + status = sync_file(conn, fsp, False); if (!NT_STATUS_IS_OK(status)) { DEBUG(5,("reply_write: sync_file for %s returned %s\n", -- cgit