source: trunk/server/source3/smbd/open.c@ 599

Last change on this file since 599 was 599, checked in by Herwig Bauernfeind, 14 years ago

Samba 3.5: Update trunk to 3.5.9
File size: 97.8 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20*/
21
22#include "includes.h"
23#include "smbd/globals.h"
24
25extern struct current_user current_user;
26extern const struct generic_mapping file_generic_mapping;
27
28struct deferred_open_record {
29 bool delayed_for_oplocks;
30 struct file_id id;
31};
32
33static NTSTATUS create_file_unixpath(connection_struct *conn,
34 struct smb_request *req,
35 struct smb_filename *smb_fname,
36 uint32_t access_mask,
37 uint32_t share_access,
38 uint32_t create_disposition,
39 uint32_t create_options,
40 uint32_t file_attributes,
41 uint32_t oplock_request,
42 uint64_t allocation_size,
43 struct security_descriptor *sd,
44 struct ea_list *ea_list,
45
46 files_struct **result,
47 int *pinfo);
48
49/****************************************************************************
50 SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
51****************************************************************************/
52
53NTSTATUS smb1_file_se_access_check(connection_struct *conn,
54 const struct security_descriptor *sd,
55 const NT_USER_TOKEN *token,
56 uint32_t access_desired,
57 uint32_t *access_granted)
58{
59 *access_granted = 0;
60
61 if (conn->server_info->utok.uid == 0 || conn->admin_user) {
62 /* I'm sorry sir, I didn't know you were root... */
63 *access_granted = access_desired;
64 if (access_desired & SEC_FLAG_MAXIMUM_ALLOWED) {
65 *access_granted |= FILE_GENERIC_ALL;
66 }
67 return NT_STATUS_OK;
68 }
69
70 return se_access_check(sd,
71 token,
72 (access_desired & ~FILE_READ_ATTRIBUTES),
73 access_granted);
74}
75
76/****************************************************************************
77 Check if we have open rights.
78****************************************************************************/
79
80NTSTATUS smbd_check_open_rights(struct connection_struct *conn,
81 const struct smb_filename *smb_fname,
82 uint32_t access_mask,
83 uint32_t *access_granted)
84{
85 /* Check if we have rights to open. */
86 NTSTATUS status;
87 struct security_descriptor *sd = NULL;
88
89 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
90 (OWNER_SECURITY_INFORMATION |
91 GROUP_SECURITY_INFORMATION |
92 DACL_SECURITY_INFORMATION),&sd);
93
94 if (!NT_STATUS_IS_OK(status)) {
95 DEBUG(10, ("smbd_check_open_rights: Could not get acl "
96 "on %s: %s\n",
97 smb_fname_str_dbg(smb_fname),
98 nt_errstr(status)));
99 return status;
100 }
101
102 status = smb1_file_se_access_check(conn,
103 sd,
104 conn->server_info->ptok,
105 access_mask,
106 access_granted);
107
108 DEBUG(10,("smbd_check_open_rights: file %s requesting "
109 "0x%x returning 0x%x (%s)\n",
110 smb_fname_str_dbg(smb_fname),
111 (unsigned int)access_mask,
112 (unsigned int)*access_granted,
113 nt_errstr(status) ));
114
115 if (!NT_STATUS_IS_OK(status)) {
116 if (DEBUGLEVEL >= 10) {
117 DEBUG(10,("smbd_check_open_rights: acl for %s is:\n",
118 smb_fname_str_dbg(smb_fname) ));
119 NDR_PRINT_DEBUG(security_descriptor, sd);
120 }
121 }
122
123 TALLOC_FREE(sd);
124
125 return status;
126}
127
128/****************************************************************************
129 fd support routines - attempt to do a dos_open.
130****************************************************************************/
131
132static NTSTATUS fd_open(struct connection_struct *conn,
133 files_struct *fsp,
134 int flags,
135 mode_t mode)
136{
137 struct smb_filename *smb_fname = fsp->fsp_name;
138 NTSTATUS status = NT_STATUS_OK;
139
140#ifdef O_NOFOLLOW
141 /*
142 * Never follow symlinks on a POSIX client. The
143 * client should be doing this.
144 */
145
146 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
147 flags |= O_NOFOLLOW;
148 }
149#endif
150
151 fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
152 if (fsp->fh->fd == -1) {
153 status = map_nt_error_from_unix(errno);
154 if (errno == EMFILE) {
155 static time_t last_warned = 0L;
156
157 if (time((time_t *) NULL) > last_warned) {
158 DEBUG(0,("Too many open files, unable "
159 "to open more! smbd's max "
160 "open files = %d\n",
161 lp_max_open_files()));
162 last_warned = time((time_t *) NULL);
163 }
164 }
165
166 }
167
168 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
169 smb_fname_str_dbg(smb_fname), flags, (int)mode, fsp->fh->fd,
170 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
171
172 return status;
173}
174
175/****************************************************************************
176 Close the file associated with a fsp.
177****************************************************************************/
178
179NTSTATUS fd_close(files_struct *fsp)
180{
181 int ret;
182
183 if (fsp->fh->fd == -1) {
184 return NT_STATUS_OK; /* What we used to call a stat open. */
185 }
186 if (fsp->fh->ref_count > 1) {
187 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
188 }
189
190 ret = SMB_VFS_CLOSE(fsp);
191 fsp->fh->fd = -1;
192 if (ret == -1) {
193 return map_nt_error_from_unix(errno);
194 }
195 return NT_STATUS_OK;
196}
197
198/****************************************************************************
199 Change the ownership of a file to that of the parent directory.
200 Do this by fd if possible.
201****************************************************************************/
202
203void change_file_owner_to_parent(connection_struct *conn,
204 const char *inherit_from_dir,
205 files_struct *fsp)
206{
207 struct smb_filename *smb_fname_parent = NULL;
208 NTSTATUS status;
209 int ret;
210
211 status = create_synthetic_smb_fname(talloc_tos(), inherit_from_dir,
212 NULL, NULL, &smb_fname_parent);
213 if (!NT_STATUS_IS_OK(status)) {
214 return;
215 }
216
217 ret = SMB_VFS_STAT(conn, smb_fname_parent);
218 if (ret == -1) {
219 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
220 "directory %s. Error was %s\n",
221 smb_fname_str_dbg(smb_fname_parent),
222 strerror(errno)));
223 return;
224 }
225
226 become_root();
227 ret = SMB_VFS_FCHOWN(fsp, smb_fname_parent->st.st_ex_uid, (gid_t)-1);
228 unbecome_root();
229 if (ret == -1) {
230 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
231 "file %s to parent directory uid %u. Error "
232 "was %s\n", fsp_str_dbg(fsp),
233 (unsigned int)smb_fname_parent->st.st_ex_uid,
234 strerror(errno) ));
235 } else {
236 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
237 "parent directory uid %u.\n", fsp_str_dbg(fsp),
238 (unsigned int)smb_fname_parent->st.st_ex_uid));
239
240 /* Ensure the uid entry is updated. */
241 fsp->fsp_name->st.st_ex_uid = smb_fname_parent->st.st_ex_uid;
242 }
243
244 TALLOC_FREE(smb_fname_parent);
245}
246
247NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
248 const char *inherit_from_dir,
249 const char *fname,
250 SMB_STRUCT_STAT *psbuf)
251{
252 struct smb_filename *smb_fname_parent = NULL;
253 struct smb_filename *smb_fname_cwd = NULL;
254 char *saved_dir = NULL;
255 TALLOC_CTX *ctx = talloc_tos();
256 NTSTATUS status = NT_STATUS_OK;
257 int ret;
258
259 status = create_synthetic_smb_fname(ctx, inherit_from_dir, NULL, NULL,
260 &smb_fname_parent);
261 if (!NT_STATUS_IS_OK(status)) {
262 return status;
263 }
264
265 ret = SMB_VFS_STAT(conn, smb_fname_parent);
266 if (ret == -1) {
267 status = map_nt_error_from_unix(errno);
268 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
269 "directory %s. Error was %s\n",
270 smb_fname_str_dbg(smb_fname_parent),
271 strerror(errno)));
272 goto out;
273 }
274
275 /* We've already done an lstat into psbuf, and we know it's a
276 directory. If we can cd into the directory and the dev/ino
277 are the same then we can safely chown without races as
278 we're locking the directory in place by being in it. This
279 should work on any UNIX (thanks tridge :-). JRA.
280 */
281
282 saved_dir = vfs_GetWd(ctx,conn);
283 if (!saved_dir) {
284 status = map_nt_error_from_unix(errno);
285 DEBUG(0,("change_dir_owner_to_parent: failed to get "
286 "current working directory. Error was %s\n",
287 strerror(errno)));
288 goto out;
289 }
290
291 /* Chdir into the new path. */
292 if (vfs_ChDir(conn, fname) == -1) {
293 status = map_nt_error_from_unix(errno);
294 DEBUG(0,("change_dir_owner_to_parent: failed to change "
295 "current working directory to %s. Error "
296 "was %s\n", fname, strerror(errno) ));
297 goto chdir;
298 }
299
300 status = create_synthetic_smb_fname(ctx, ".", NULL, NULL,
301 &smb_fname_cwd);
302 if (!NT_STATUS_IS_OK(status)) {
303 return status;
304 }
305
306 ret = SMB_VFS_STAT(conn, smb_fname_cwd);
307 if (ret == -1) {
308 status = map_nt_error_from_unix(errno);
309 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
310 "directory '.' (%s) Error was %s\n",
311 fname, strerror(errno)));
312 goto chdir;
313 }
314
315 /* Ensure we're pointing at the same place. */
316 if (smb_fname_cwd->st.st_ex_dev != psbuf->st_ex_dev ||
317 smb_fname_cwd->st.st_ex_ino != psbuf->st_ex_ino) {
318 DEBUG(0,("change_dir_owner_to_parent: "
319 "device/inode on directory %s changed. "
320 "Refusing to chown !\n", fname ));
321 status = NT_STATUS_ACCESS_DENIED;
322 goto chdir;
323 }
324
325 become_root();
326 ret = SMB_VFS_CHOWN(conn, ".", smb_fname_parent->st.st_ex_uid,
327 (gid_t)-1);
328 unbecome_root();
329 if (ret == -1) {
330 status = map_nt_error_from_unix(errno);
331 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
332 "directory %s to parent directory uid %u. "
333 "Error was %s\n", fname,
334 (unsigned int)smb_fname_parent->st.st_ex_uid,
335 strerror(errno) ));
336 goto chdir;
337 }
338
339 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
340 "directory %s to parent directory uid %u.\n",
341 fname, (unsigned int)smb_fname_parent->st.st_ex_uid ));
342
343 /* Ensure the uid entry is updated. */
344 psbuf->st_ex_uid = smb_fname_parent->st.st_ex_uid;
345
346 chdir:
347 vfs_ChDir(conn,saved_dir);
348 out:
349 TALLOC_FREE(smb_fname_parent);
350 TALLOC_FREE(smb_fname_cwd);
351 return status;
352}
353
354/****************************************************************************
355 Open a file.
356****************************************************************************/
357
358static NTSTATUS open_file(files_struct *fsp,
359 connection_struct *conn,
360 struct smb_request *req,
361 const char *parent_dir,
362 int flags,
363 mode_t unx_mode,
364 uint32 access_mask, /* client requested access mask. */
365 uint32 open_access_mask) /* what we're actually using in the open. */
366{
367 struct smb_filename *smb_fname = fsp->fsp_name;
368 NTSTATUS status = NT_STATUS_OK;
369 int accmode = (flags & O_ACCMODE);
370 int local_flags = flags;
371 bool file_existed = VALID_STAT(fsp->fsp_name->st);
372 bool file_created = false;
373
374 fsp->fh->fd = -1;
375 errno = EPERM;
376
377 /* Check permissions */
378
379 /*
380 * This code was changed after seeing a client open request
381 * containing the open mode of (DENY_WRITE/read-only) with
382 * the 'create if not exist' bit set. The previous code
383 * would fail to open the file read only on a read-only share
384 * as it was checking the flags parameter directly against O_RDONLY,
385 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
386 * JRA.
387 */
388
389 if (!CAN_WRITE(conn)) {
390 /* It's a read-only share - fail if we wanted to write. */
391 if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
392 DEBUG(3,("Permission denied opening %s\n",
393 smb_fname_str_dbg(smb_fname)));
394 return NT_STATUS_ACCESS_DENIED;
395 } else if(flags & O_CREAT) {
396 /* We don't want to write - but we must make sure that
397 O_CREAT doesn't create the file if we have write
398 access into the directory.
399 */
400 flags &= ~(O_CREAT|O_EXCL);
401 local_flags &= ~(O_CREAT|O_EXCL);
402 }
403 }
404
405 /*
406 * This little piece of insanity is inspired by the
407 * fact that an NT client can open a file for O_RDONLY,
408 * but set the create disposition to FILE_EXISTS_TRUNCATE.
409 * If the client *can* write to the file, then it expects to
410 * truncate the file, even though it is opening for readonly.
411 * Quicken uses this stupid trick in backup file creation...
412 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
413 * for helping track this one down. It didn't bite us in 2.0.x
414 * as we always opened files read-write in that release. JRA.
415 */
416
417 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
418 DEBUG(10,("open_file: truncate requested on read-only open "
419 "for file %s\n", smb_fname_str_dbg(smb_fname)));
420 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
421 }
422
423 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
424 (!file_existed && (local_flags & O_CREAT)) ||
425 ((local_flags & O_TRUNC) == O_TRUNC) ) {
426 const char *wild;
427
428 /*
429 * We can't actually truncate here as the file may be locked.
430 * open_file_ntcreate will take care of the truncate later. JRA.
431 */
432
433 local_flags &= ~O_TRUNC;
434
435#if defined(O_NONBLOCK) && defined(S_ISFIFO)
436 /*
437 * We would block on opening a FIFO with no one else on the
438 * other end. Do what we used to do and add O_NONBLOCK to the
439 * open flags. JRA.
440 */
441
442 if (file_existed && S_ISFIFO(smb_fname->st.st_ex_mode)) {
443 local_flags |= O_NONBLOCK;
444 }
445#endif
446
447 /* Don't create files with Microsoft wildcard characters. */
448 if (fsp->base_fsp) {
449 /*
450 * wildcard characters are allowed in stream names
451 * only test the basefilename
452 */
453 wild = fsp->base_fsp->fsp_name->base_name;
454 } else {
455 wild = smb_fname->base_name;
456 }
457 if ((local_flags & O_CREAT) && !file_existed &&
458 ms_has_wild(wild)) {
459 return NT_STATUS_OBJECT_NAME_INVALID;
460 }
461
462 /* Actually do the open */
463 status = fd_open(conn, fsp, local_flags, unx_mode);
464 if (!NT_STATUS_IS_OK(status)) {
465 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
466 "(flags=%d)\n", smb_fname_str_dbg(smb_fname),
467 nt_errstr(status),local_flags,flags));
468 return status;
469 }
470
471 if ((local_flags & O_CREAT) && !file_existed) {
472 file_created = true;
473 }
474
475 } else {
476 fsp->fh->fd = -1; /* What we used to call a stat open. */
477 if (file_existed) {
478 uint32_t access_granted = 0;
479
480 status = smbd_check_open_rights(conn,
481 smb_fname,
482 access_mask,
483 &access_granted);
484 if (!NT_STATUS_IS_OK(status)) {
485 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
486 /*
487 * On NT_STATUS_ACCESS_DENIED, access_granted
488 * contains the denied bits.
489 */
490
491 if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
492 (access_granted & FILE_WRITE_ATTRIBUTES) &&
493 (lp_map_readonly(SNUM(conn)) ||
494 lp_map_archive(SNUM(conn)) ||
495 lp_map_hidden(SNUM(conn)) ||
496 lp_map_system(SNUM(conn)))) {
497 access_granted &= ~FILE_WRITE_ATTRIBUTES;
498
499 DEBUG(10,("open_file: "
500 "overrode "
501 "FILE_WRITE_"
502 "ATTRIBUTES "
503 "on file %s\n",
504 smb_fname_str_dbg(
505 smb_fname)));
506 }
507
508 if ((access_mask & DELETE_ACCESS) &&
509 (access_granted & DELETE_ACCESS) &&
510 can_delete_file_in_directory(conn,
511 smb_fname)) {
512 /* Were we trying to do a stat open
513 * for delete and didn't get DELETE
514 * access (only) ? Check if the
515 * directory allows DELETE_CHILD.
516 * See here:
517 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
518 * for details. */
519
520 access_granted &= ~DELETE_ACCESS;
521
522 DEBUG(10,("open_file: "
523 "overrode "
524 "DELETE_ACCESS on "
525 "file %s\n",
526 smb_fname_str_dbg(
527 smb_fname)));
528 }
529
530 if (access_granted != 0) {
531 DEBUG(10,("open_file: Access "
532 "denied on file "
533 "%s\n",
534 smb_fname_str_dbg(
535 smb_fname)));
536 return status;
537 }
538 } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
539 fsp->posix_open &&
540 S_ISLNK(smb_fname->st.st_ex_mode)) {
541 /* This is a POSIX stat open for delete
542 * or rename on a symlink that points
543 * nowhere. Allow. */
544 DEBUG(10,("open_file: allowing POSIX "
545 "open on bad symlink %s\n",
546 smb_fname_str_dbg(
547 smb_fname)));
548 } else {
549 DEBUG(10,("open_file: "
550 "smbd_check_open_rights on file "
551 "%s returned %s\n",
552 smb_fname_str_dbg(smb_fname),
553 nt_errstr(status) ));
554 return status;
555 }
556 }
557 }
558 }
559
560 if (!file_existed) {
561 int ret;
562
563 if (fsp->fh->fd == -1) {
564 ret = SMB_VFS_STAT(conn, smb_fname);
565 } else {
566 ret = SMB_VFS_FSTAT(fsp, &smb_fname->st);
567 /* If we have an fd, this stat should succeed. */
568 if (ret == -1) {
569 DEBUG(0,("Error doing fstat on open file %s "
570 "(%s)\n",
571 smb_fname_str_dbg(smb_fname),
572 strerror(errno) ));
573 }
574 }
575
576 /* For a non-io open, this stat failing means file not found. JRA */
577 if (ret == -1) {
578 status = map_nt_error_from_unix(errno);
579 fd_close(fsp);
580 return status;
581 }
582
583 if (file_created) {
584 /* Do all inheritance work after we've
585 done a successful stat call and filled
586 in the stat struct in fsp->fsp_name. */
587
588 /* Inherit the ACL if required */
589 if (lp_inherit_perms(SNUM(conn))) {
590 inherit_access_posix_acl(conn, parent_dir,
591 smb_fname->base_name,
592 unx_mode);
593 }
594
595 /* Change the owner if required. */
596 if (lp_inherit_owner(SNUM(conn))) {
597 change_file_owner_to_parent(conn, parent_dir,
598 fsp);
599 }
600
601 notify_fname(conn, NOTIFY_ACTION_ADDED,
602 FILE_NOTIFY_CHANGE_FILE_NAME,
603 smb_fname->base_name);
604 }
605 }
606
607 /*
608 * POSIX allows read-only opens of directories. We don't
609 * want to do this (we use a different code path for this)
610 * so catch a directory open and return an EISDIR. JRA.
611 */
612
613 if(S_ISDIR(smb_fname->st.st_ex_mode)) {
614 fd_close(fsp);
615 errno = EISDIR;
616 return NT_STATUS_FILE_IS_A_DIRECTORY;
617 }
618
619 fsp->mode = smb_fname->st.st_ex_mode;
620 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
621 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
622 fsp->file_pid = req ? req->smbpid : 0;
623 fsp->can_lock = True;
624 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
625 if (!CAN_WRITE(conn)) {
626 fsp->can_write = False;
627 } else {
628 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
629 True : False;
630 }
631 fsp->print_file = False;
632 fsp->modified = False;
633 fsp->sent_oplock_break = NO_BREAK_SENT;
634 fsp->is_directory = False;
635 if (conn->aio_write_behind_list &&
636 is_in_path(smb_fname->base_name, conn->aio_write_behind_list,
637 conn->case_sensitive)) {
638 fsp->aio_write_behind = True;
639 }
640
641 fsp->wcp = NULL; /* Write cache pointer. */
642
643 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
644 conn->server_info->unix_name,
645 smb_fname_str_dbg(smb_fname),
646 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
647 conn->num_files_open));
648
649 errno = 0;
650 return NT_STATUS_OK;
651}
652
653/*******************************************************************
654 Return True if the filename is one of the special executable types.
655********************************************************************/
656
657bool is_executable(const char *fname)
658{
659 if ((fname = strrchr_m(fname,'.'))) {
660 if (strequal(fname,".com") ||
661 strequal(fname,".dll") ||
662 strequal(fname,".exe") ||
663 strequal(fname,".sym")) {
664 return True;
665 }
666 }
667 return False;
668}
669
670/****************************************************************************
671 Check if we can open a file with a share mode.
672 Returns True if conflict, False if not.
673****************************************************************************/
674
675static bool share_conflict(struct share_mode_entry *entry,
676 uint32 access_mask,
677 uint32 share_access)
678{
679 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
680 "entry->share_access = 0x%x, "
681 "entry->private_options = 0x%x\n",
682 (unsigned int)entry->access_mask,
683 (unsigned int)entry->share_access,
684 (unsigned int)entry->private_options));
685
686 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
687 (unsigned int)access_mask, (unsigned int)share_access));
688
689 if ((entry->access_mask & (FILE_WRITE_DATA|
690 FILE_APPEND_DATA|
691 FILE_READ_DATA|
692 FILE_EXECUTE|
693 DELETE_ACCESS)) == 0) {
694 DEBUG(10,("share_conflict: No conflict due to "
695 "entry->access_mask = 0x%x\n",
696 (unsigned int)entry->access_mask ));
697 return False;
698 }
699
700 if ((access_mask & (FILE_WRITE_DATA|
701 FILE_APPEND_DATA|
702 FILE_READ_DATA|
703 FILE_EXECUTE|
704 DELETE_ACCESS)) == 0) {
705 DEBUG(10,("share_conflict: No conflict due to "
706 "access_mask = 0x%x\n",
707 (unsigned int)access_mask ));
708 return False;
709 }
710
711#if 1 /* JRA TEST - Superdebug. */
712#define CHECK_MASK(num, am, right, sa, share) \
713 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
714 (unsigned int)(num), (unsigned int)(am), \
715 (unsigned int)(right), (unsigned int)(am)&(right) )); \
716 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
717 (unsigned int)(num), (unsigned int)(sa), \
718 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
719 if (((am) & (right)) && !((sa) & (share))) { \
720 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
721sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
722 (unsigned int)(share) )); \
723 return True; \
724 }
725#else
726#define CHECK_MASK(num, am, right, sa, share) \
727 if (((am) & (right)) && !((sa) & (share))) { \
728 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
729sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
730 (unsigned int)(share) )); \
731 return True; \
732 }
733#endif
734
735 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
736 share_access, FILE_SHARE_WRITE);
737 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
738 entry->share_access, FILE_SHARE_WRITE);
739
740 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
741 share_access, FILE_SHARE_READ);
742 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
743 entry->share_access, FILE_SHARE_READ);
744
745 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
746 share_access, FILE_SHARE_DELETE);
747 CHECK_MASK(6, access_mask, DELETE_ACCESS,
748 entry->share_access, FILE_SHARE_DELETE);
749
750 DEBUG(10,("share_conflict: No conflict.\n"));
751 return False;
752}
753
754#if defined(DEVELOPER)
755static void validate_my_share_entries(int num,
756 struct share_mode_entry *share_entry)
757{
758 files_struct *fsp;
759
760 if (!procid_is_me(&share_entry->pid)) {
761 return;
762 }
763
764 if (is_deferred_open_entry(share_entry) &&
765 !open_was_deferred(share_entry->op_mid)) {
766 char *str = talloc_asprintf(talloc_tos(),
767 "Got a deferred entry without a request: "
768 "PANIC: %s\n",
769 share_mode_str(talloc_tos(), num, share_entry));
770 smb_panic(str);
771 }
772
773 if (!is_valid_share_mode_entry(share_entry)) {
774 return;
775 }
776
777 fsp = file_find_dif(share_entry->id,
778 share_entry->share_file_id);
779 if (!fsp) {
780 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
781 share_mode_str(talloc_tos(), num, share_entry) ));
782 smb_panic("validate_my_share_entries: Cannot match a "
783 "share entry with an open file\n");
784 }
785
786 if (is_deferred_open_entry(share_entry) ||
787 is_unused_share_mode_entry(share_entry)) {
788 goto panic;
789 }
790
791 if ((share_entry->op_type == NO_OPLOCK) &&
792 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
793 /* Someone has already written to it, but I haven't yet
794 * noticed */
795 return;
796 }
797
798 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
799 goto panic;
800 }
801
802 return;
803
804 panic:
805 {
806 char *str;
807 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
808 share_mode_str(talloc_tos(), num, share_entry) ));
809 str = talloc_asprintf(talloc_tos(),
810 "validate_my_share_entries: "
811 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
812 fsp->fsp_name->base_name,
813 (unsigned int)fsp->oplock_type,
814 (unsigned int)share_entry->op_type );
815 smb_panic(str);
816 }
817}
818#endif
819
820bool is_stat_open(uint32 access_mask)
821{
822 return (access_mask &&
823 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
824 FILE_WRITE_ATTRIBUTES))==0) &&
825 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
826 FILE_WRITE_ATTRIBUTES)) != 0));
827}
828
829/****************************************************************************
830 Deal with share modes
831 Invarient: Share mode must be locked on entry and exit.
832 Returns -1 on error, or number of share modes on success (may be zero).
833****************************************************************************/
834
835static NTSTATUS open_mode_check(connection_struct *conn,
836 struct share_mode_lock *lck,
837 uint32 access_mask,
838 uint32 share_access,
839 uint32 create_options,
840 bool *file_existed)
841{
842 int i;
843
844 if(lck->num_share_modes == 0) {
845 return NT_STATUS_OK;
846 }
847
848 *file_existed = True;
849
850 /* A delete on close prohibits everything */
851
852 if (lck->delete_on_close) {
853 return NT_STATUS_DELETE_PENDING;
854 }
855
856 if (is_stat_open(access_mask)) {
857 /* Stat open that doesn't trigger oplock breaks or share mode
858 * checks... ! JRA. */
859 return NT_STATUS_OK;
860 }
861
862 /*
863 * Check if the share modes will give us access.
864 */
865
866#if defined(DEVELOPER)
867 for(i = 0; i < lck->num_share_modes; i++) {
868 validate_my_share_entries(i, &lck->share_modes[i]);
869 }
870#endif
871
872 if (!lp_share_modes(SNUM(conn))) {
873 return NT_STATUS_OK;
874 }
875
876 /* Now we check the share modes, after any oplock breaks. */
877 for(i = 0; i < lck->num_share_modes; i++) {
878
879 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
880 continue;
881 }
882
883 /* someone else has a share lock on it, check to see if we can
884 * too */
885 if (share_conflict(&lck->share_modes[i],
886 access_mask, share_access)) {
887 return NT_STATUS_SHARING_VIOLATION;
888 }
889 }
890
891 return NT_STATUS_OK;
892}
893
894static bool is_delete_request(files_struct *fsp) {
895 return ((fsp->access_mask == DELETE_ACCESS) &&
896 (fsp->oplock_type == NO_OPLOCK));
897}
898
899/*
900 * Send a break message to the oplock holder and delay the open for
901 * our client.
902 */
903
904static NTSTATUS send_break_message(files_struct *fsp,
905 struct share_mode_entry *exclusive,
906 uint16 mid,
907 int oplock_request)
908{
909 NTSTATUS status;
910 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
911
912 DEBUG(10, ("Sending break request to PID %s\n",
913 procid_str_static(&exclusive->pid)));
914 exclusive->op_mid = mid;
915
916 /* Create the message. */
917 share_mode_entry_to_message(msg, exclusive);
918
919 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
920 don't want this set in the share mode struct pointed to by lck. */
921
922 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
923 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
924 }
925
926 status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
927 MSG_SMB_BREAK_REQUEST,
928 (uint8 *)msg,
929 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
930 if (!NT_STATUS_IS_OK(status)) {
931 DEBUG(3, ("Could not send oplock break message: %s\n",
932 nt_errstr(status)));
933 }
934
935 return status;
936}
937
938/*
939 * 1) No files open at all or internal open: Grant whatever the client wants.
940 *
941 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
942 * request, break if the oplock around is a batch oplock. If it's another
943 * requested access type, break.
944 *
945 * 3) Only level2 around: Grant level2 and do nothing else.
946 */
947
948static bool delay_for_oplocks(struct share_mode_lock *lck,
949 files_struct *fsp,
950 uint16 mid,
951 int pass_number,
952 int oplock_request)
953{
954 int i;
955 struct share_mode_entry *exclusive = NULL;
956 bool valid_entry = false;
957 bool have_level2 = false;
958 bool have_a_none_oplock = false;
959 bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
960 lp_level2_oplocks(SNUM(fsp->conn));
961
962 if (oplock_request & INTERNAL_OPEN_ONLY) {
963 fsp->oplock_type = NO_OPLOCK;
964 }
965
966 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
967 return false;
968 }
969
970 for (i=0; i<lck->num_share_modes; i++) {
971
972 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
973 continue;
974 }
975
976 /* At least one entry is not an invalid or deferred entry. */
977 valid_entry = true;
978
979 if (pass_number == 1) {
980 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
981 SMB_ASSERT(exclusive == NULL);
982 exclusive = &lck->share_modes[i];
983 }
984 } else {
985 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
986 SMB_ASSERT(exclusive == NULL);
987 exclusive = &lck->share_modes[i];
988 }
989 }
990
991 if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
992 SMB_ASSERT(exclusive == NULL);
993 have_level2 = true;
994 }
995
996 if (lck->share_modes[i].op_type == NO_OPLOCK) {
997 have_a_none_oplock = true;
998 }
999 }
1000
1001 if (exclusive != NULL) { /* Found an exclusive oplock */
1002 bool delay_it = is_delete_request(fsp) ?
1003 BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
1004 SMB_ASSERT(!have_level2);
1005 if (delay_it) {
1006 send_break_message(fsp, exclusive, mid, oplock_request);
1007 return true;
1008 }
1009 }
1010
1011 /*
1012 * Match what was requested (fsp->oplock_type) with
1013 * what was found in the existing share modes.
1014 */
1015
1016 if (!valid_entry) {
1017 /* All entries are placeholders or deferred.
1018 * Directly grant whatever the client wants. */
1019 if (fsp->oplock_type == NO_OPLOCK) {
1020 /* Store a level2 oplock, but don't tell the client */
1021 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1022 }
1023 } else if (have_a_none_oplock) {
1024 fsp->oplock_type = NO_OPLOCK;
1025 } else if (have_level2) {
1026 if (fsp->oplock_type == NO_OPLOCK ||
1027 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
1028 /* Store a level2 oplock, but don't tell the client */
1029 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1030 } else {
1031 fsp->oplock_type = LEVEL_II_OPLOCK;
1032 }
1033 } else {
1034 /* This case can never happen. */
1035 SMB_ASSERT(1);
1036 }
1037
1038 /*
1039 * Don't grant level2 to clients that don't want them
1040 * or if we've turned them off.
1041 */
1042 if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
1043 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1044 }
1045
1046 DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
1047 fsp->oplock_type, fsp_str_dbg(fsp)));
1048
1049 /* No delay. */
1050 return false;
1051}
1052
1053bool request_timed_out(struct timeval request_time,
1054 struct timeval timeout)
1055{
1056 struct timeval now, end_time;
1057 GetTimeOfDay(&now);
1058 end_time = timeval_sum(&request_time, &timeout);
1059 return (timeval_compare(&end_time, &now) < 0);
1060}
1061
1062/****************************************************************************
1063 Handle the 1 second delay in returning a SHARING_VIOLATION error.
1064****************************************************************************/
1065
1066static void defer_open(struct share_mode_lock *lck,
1067 struct timeval request_time,
1068 struct timeval timeout,
1069 struct smb_request *req,
1070 struct deferred_open_record *state)
1071{
1072 int i;
1073
1074 /* Paranoia check */
1075
1076 for (i=0; i<lck->num_share_modes; i++) {
1077 struct share_mode_entry *e = &lck->share_modes[i];
1078
1079 if (!is_deferred_open_entry(e)) {
1080 continue;
1081 }
1082
1083 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
1084 DEBUG(0, ("Trying to defer an already deferred "
1085 "request: mid=%d, exiting\n", req->mid));
1086 exit_server("attempt to defer a deferred request");
1087 }
1088 }
1089
1090 /* End paranoia check */
1091
1092 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1093 "open entry for mid %u\n",
1094 (unsigned int)request_time.tv_sec,
1095 (unsigned int)request_time.tv_usec,
1096 (unsigned int)req->mid));
1097
1098 if (!push_deferred_smb_message(req, request_time, timeout,
1099 (char *)state, sizeof(*state))) {
1100 exit_server("push_deferred_smb_message failed");
1101 }
1102 add_deferred_open(lck, req->mid, request_time, state->id);
1103}
1104
1105
1106/****************************************************************************
1107 On overwrite open ensure that the attributes match.
1108****************************************************************************/
1109
1110bool open_match_attributes(connection_struct *conn,
1111 uint32 old_dos_attr,
1112 uint32 new_dos_attr,
1113 mode_t existing_unx_mode,
1114 mode_t new_unx_mode,
1115 mode_t *returned_unx_mode)
1116{
1117 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1118
1119 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1120 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1121
1122 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1123 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1124 *returned_unx_mode = new_unx_mode;
1125 } else {
1126 *returned_unx_mode = (mode_t)0;
1127 }
1128
1129 DEBUG(10,("open_match_attributes: old_dos_attr = 0x%x, "
1130 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1131 "returned_unx_mode = 0%o\n",
1132 (unsigned int)old_dos_attr,
1133 (unsigned int)existing_unx_mode,
1134 (unsigned int)new_dos_attr,
1135 (unsigned int)*returned_unx_mode ));
1136
1137 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1138 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1139 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1140 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1141 return False;
1142 }
1143 }
1144 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1145 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1146 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1147 return False;
1148 }
1149 }
1150 return True;
1151}
1152
1153/****************************************************************************
1154 Special FCB or DOS processing in the case of a sharing violation.
1155 Try and find a duplicated file handle.
1156****************************************************************************/
1157
1158NTSTATUS fcb_or_dos_open(struct smb_request *req,
1159 connection_struct *conn,
1160 files_struct *fsp_to_dup_into,
1161 const struct smb_filename *smb_fname,
1162 struct file_id id,
1163 uint16 file_pid,
1164 uint16 vuid,
1165 uint32 access_mask,
1166 uint32 share_access,
1167 uint32 create_options)
1168{
1169 files_struct *fsp;
1170
1171 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1172 "file %s.\n", smb_fname_str_dbg(smb_fname)));
1173
1174 for(fsp = file_find_di_first(id); fsp;
1175 fsp = file_find_di_next(fsp)) {
1176
1177 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1178 "vuid = %u, file_pid = %u, private_options = 0x%x "
1179 "access_mask = 0x%x\n", fsp_str_dbg(fsp),
1180 fsp->fh->fd, (unsigned int)fsp->vuid,
1181 (unsigned int)fsp->file_pid,
1182 (unsigned int)fsp->fh->private_options,
1183 (unsigned int)fsp->access_mask ));
1184
1185 if (fsp->fh->fd != -1 &&
1186 fsp->vuid == vuid &&
1187 fsp->file_pid == file_pid &&
1188 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1189 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1190 (fsp->access_mask & FILE_WRITE_DATA) &&
1191 strequal(fsp->fsp_name->base_name, smb_fname->base_name) &&
1192 strequal(fsp->fsp_name->stream_name,
1193 smb_fname->stream_name)) {
1194 DEBUG(10,("fcb_or_dos_open: file match\n"));
1195 break;
1196 }
1197 }
1198
1199 if (!fsp) {
1200 return NT_STATUS_NOT_FOUND;
1201 }
1202
1203 /* quite an insane set of semantics ... */
1204 if (is_executable(smb_fname->base_name) &&
1205 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1206 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1207 return NT_STATUS_INVALID_PARAMETER;
1208 }
1209
1210 /* We need to duplicate this fsp. */
1211 return dup_file_fsp(req, fsp, access_mask, share_access,
1212 create_options, fsp_to_dup_into);
1213}
1214
1215/****************************************************************************
1216 Open a file with a share mode - old openX method - map into NTCreate.
1217****************************************************************************/
1218
1219bool map_open_params_to_ntcreate(const struct smb_filename *smb_fname,
1220 int deny_mode, int open_func,
1221 uint32 *paccess_mask,
1222 uint32 *pshare_mode,
1223 uint32 *pcreate_disposition,
1224 uint32 *pcreate_options)
1225{
1226 uint32 access_mask;
1227 uint32 share_mode;
1228 uint32 create_disposition;
1229 uint32 create_options = FILE_NON_DIRECTORY_FILE;
1230
1231 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1232 "open_func = 0x%x\n",
1233 smb_fname_str_dbg(smb_fname), (unsigned int)deny_mode,
1234 (unsigned int)open_func ));
1235
1236 /* Create the NT compatible access_mask. */
1237 switch (GET_OPENX_MODE(deny_mode)) {
1238 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1239 case DOS_OPEN_RDONLY:
1240 access_mask = FILE_GENERIC_READ;
1241 break;
1242 case DOS_OPEN_WRONLY:
1243 access_mask = FILE_GENERIC_WRITE;
1244 break;
1245 case DOS_OPEN_RDWR:
1246 case DOS_OPEN_FCB:
1247 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1248 break;
1249 default:
1250 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1251 (unsigned int)GET_OPENX_MODE(deny_mode)));
1252 return False;
1253 }
1254
1255 /* Create the NT compatible create_disposition. */
1256 switch (open_func) {
1257 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1258 create_disposition = FILE_CREATE;
1259 break;
1260
1261 case OPENX_FILE_EXISTS_OPEN:
1262 create_disposition = FILE_OPEN;
1263 break;
1264
1265 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1266 create_disposition = FILE_OPEN_IF;
1267 break;
1268
1269 case OPENX_FILE_EXISTS_TRUNCATE:
1270 create_disposition = FILE_OVERWRITE;
1271 break;
1272
1273 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1274 create_disposition = FILE_OVERWRITE_IF;
1275 break;
1276
1277 default:
1278 /* From samba4 - to be confirmed. */
1279 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1280 create_disposition = FILE_CREATE;
1281 break;
1282 }
1283 DEBUG(10,("map_open_params_to_ntcreate: bad "
1284 "open_func 0x%x\n", (unsigned int)open_func));
1285 return False;
1286 }
1287
1288 /* Create the NT compatible share modes. */
1289 switch (GET_DENY_MODE(deny_mode)) {
1290 case DENY_ALL:
1291 share_mode = FILE_SHARE_NONE;
1292 break;
1293
1294 case DENY_WRITE:
1295 share_mode = FILE_SHARE_READ;
1296 break;
1297
1298 case DENY_READ:
1299 share_mode = FILE_SHARE_WRITE;
1300 break;
1301
1302 case DENY_NONE:
1303 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1304 break;
1305
1306 case DENY_DOS:
1307 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1308 if (is_executable(smb_fname->base_name)) {
1309 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1310 } else {
1311 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1312 share_mode = FILE_SHARE_READ;
1313 } else {
1314 share_mode = FILE_SHARE_NONE;
1315 }
1316 }
1317 break;
1318
1319 case DENY_FCB:
1320 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1321 share_mode = FILE_SHARE_NONE;
1322 break;
1323
1324 default:
1325 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1326 (unsigned int)GET_DENY_MODE(deny_mode) ));
1327 return False;
1328 }
1329
1330 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1331 "share_mode = 0x%x, create_disposition = 0x%x, "
1332 "create_options = 0x%x\n",
1333 smb_fname_str_dbg(smb_fname),
1334 (unsigned int)access_mask,
1335 (unsigned int)share_mode,
1336 (unsigned int)create_disposition,
1337 (unsigned int)create_options ));
1338
1339 if (paccess_mask) {
1340 *paccess_mask = access_mask;
1341 }
1342 if (pshare_mode) {
1343 *pshare_mode = share_mode;
1344 }
1345 if (pcreate_disposition) {
1346 *pcreate_disposition = create_disposition;
1347 }
1348 if (pcreate_options) {
1349 *pcreate_options = create_options;
1350 }
1351
1352 return True;
1353
1354}
1355
1356static void schedule_defer_open(struct share_mode_lock *lck,
1357 struct timeval request_time,
1358 struct smb_request *req)
1359{
1360 struct deferred_open_record state;
1361
1362 /* This is a relative time, added to the absolute
1363 request_time value to get the absolute timeout time.
1364 Note that if this is the second or greater time we enter
1365 this codepath for this particular request mid then
1366 request_time is left as the absolute time of the *first*
1367 time this request mid was processed. This is what allows
1368 the request to eventually time out. */
1369
1370 struct timeval timeout;
1371
1372 /* Normally the smbd we asked should respond within
1373 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1374 * the client did, give twice the timeout as a safety
1375 * measure here in case the other smbd is stuck
1376 * somewhere else. */
1377
1378 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1379
1380 /* Nothing actually uses state.delayed_for_oplocks
1381 but it's handy to differentiate in debug messages
1382 between a 30 second delay due to oplock break, and
1383 a 1 second delay for share mode conflicts. */
1384
1385 state.delayed_for_oplocks = True;
1386 state.id = lck->id;
1387
1388 if (!request_timed_out(request_time, timeout)) {
1389 defer_open(lck, request_time, timeout, req, &state);
1390 }
1391}
1392
1393/****************************************************************************
1394 Work out what access_mask to use from what the client sent us.
1395****************************************************************************/
1396
1397static NTSTATUS calculate_access_mask(connection_struct *conn,
1398 const struct smb_filename *smb_fname,
1399 bool file_existed,
1400 uint32_t access_mask,
1401 uint32_t *access_mask_out)
1402{
1403 NTSTATUS status;
1404
1405 /*
1406 * Convert GENERIC bits to specific bits.
1407 */
1408
1409 se_map_generic(&access_mask, &file_generic_mapping);
1410
1411 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1412 if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1413 if (file_existed) {
1414
1415 struct security_descriptor *sd;
1416 uint32_t access_granted = 0;
1417
1418 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
1419 (OWNER_SECURITY_INFORMATION |
1420 GROUP_SECURITY_INFORMATION |
1421 DACL_SECURITY_INFORMATION),&sd);
1422
1423 if (!NT_STATUS_IS_OK(status)) {
1424 DEBUG(10, ("calculate_access_mask: Could not get acl "
1425 "on file %s: %s\n",
1426 smb_fname_str_dbg(smb_fname),
1427 nt_errstr(status)));
1428 return NT_STATUS_ACCESS_DENIED;
1429 }
1430
1431 status = smb1_file_se_access_check(conn,
1432 sd,
1433 conn->server_info->ptok,
1434 access_mask,
1435 &access_granted);
1436
1437 TALLOC_FREE(sd);
1438
1439 if (!NT_STATUS_IS_OK(status)) {
1440 DEBUG(10, ("calculate_access_mask: Access denied on "
1441 "file %s: when calculating maximum access\n",
1442 smb_fname_str_dbg(smb_fname)));
1443 return NT_STATUS_ACCESS_DENIED;
1444 }
1445
1446 access_mask = access_granted;
1447 } else {
1448 access_mask = FILE_GENERIC_ALL;
1449 }
1450 }
1451
1452 *access_mask_out = access_mask;
1453 return NT_STATUS_OK;
1454}
1455
1456/****************************************************************************
1457 Open a file with a share mode. Passed in an already created files_struct *.
1458****************************************************************************/
1459
1460static NTSTATUS open_file_ntcreate(connection_struct *conn,
1461 struct smb_request *req,
1462 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1463 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1464 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1465 uint32 create_options, /* options such as delete on close. */
1466 uint32 new_dos_attributes, /* attributes used for new file. */
1467 int oplock_request, /* internal Samba oplock codes. */
1468 /* Information (FILE_EXISTS etc.) */
1469 int *pinfo,
1470 files_struct *fsp)
1471{
1472 struct smb_filename *smb_fname = fsp->fsp_name;
1473 int flags=0;
1474 int flags2=0;
1475 bool file_existed = VALID_STAT(smb_fname->st);
1476 bool def_acl = False;
1477 bool posix_open = False;
1478 bool new_file_created = False;
1479 bool clear_ads = false;
1480 struct file_id id;
1481 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1482 mode_t new_unx_mode = (mode_t)0;
1483 mode_t unx_mode = (mode_t)0;
1484 int info;
1485 uint32 existing_dos_attributes = 0;
1486 struct pending_message_list *pml = NULL;
1487 struct timeval request_time = timeval_zero();
1488 struct share_mode_lock *lck = NULL;
1489 uint32 open_access_mask = access_mask;
1490 NTSTATUS status;
1491 char *parent_dir;
1492
1493 ZERO_STRUCT(id);
1494
1495 /* Windows allows a new file to be created and
1496 silently removes a FILE_ATTRIBUTE_DIRECTORY
1497 sent by the client. Do the same. */
1498
1499 new_dos_attributes &= ~FILE_ATTRIBUTE_DIRECTORY;
1500
1501 if (conn->printer) {
1502 /*
1503 * Printers are handled completely differently.
1504 * Most of the passed parameters are ignored.
1505 */
1506
1507 if (pinfo) {
1508 *pinfo = FILE_WAS_CREATED;
1509 }
1510
1511 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n",
1512 smb_fname_str_dbg(smb_fname)));
1513
1514 if (!req) {
1515 DEBUG(0,("open_file_ntcreate: printer open without "
1516 "an SMB request!\n"));
1517 return NT_STATUS_INTERNAL_ERROR;
1518 }
1519
1520 return print_fsp_open(req, conn, smb_fname->base_name,
1521 req->vuid, fsp);
1522 }
1523
1524 if (!parent_dirname(talloc_tos(), smb_fname->base_name, &parent_dir,
1525 NULL)) {
1526 return NT_STATUS_NO_MEMORY;
1527 }
1528
1529 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1530 posix_open = True;
1531 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1532 new_dos_attributes = 0;
1533 } else {
1534 /* We add aARCH to this as this mode is only used if the file is
1535 * created new. */
1536 unx_mode = unix_mode(conn, new_dos_attributes | aARCH,
1537 smb_fname, parent_dir);
1538 }
1539
1540 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1541 "access_mask=0x%x share_access=0x%x "
1542 "create_disposition = 0x%x create_options=0x%x "
1543 "unix mode=0%o oplock_request=%d\n",
1544 smb_fname_str_dbg(smb_fname), new_dos_attributes,
1545 access_mask, share_access, create_disposition,
1546 create_options, (unsigned int)unx_mode, oplock_request));
1547
1548 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1549 DEBUG(0, ("No smb request but not an internal only open!\n"));
1550 return NT_STATUS_INTERNAL_ERROR;
1551 }
1552
1553 /*
1554 * Only non-internal opens can be deferred at all
1555 */
1556
1557 if ((req != NULL)
1558 && ((pml = get_open_deferred_message(req->mid)) != NULL)) {
1559 struct deferred_open_record *state =
1560 (struct deferred_open_record *)pml->private_data.data;
1561
1562 /* Remember the absolute time of the original
1563 request with this mid. We'll use it later to
1564 see if this has timed out. */
1565
1566 request_time = pml->request_time;
1567
1568 /* Remove the deferred open entry under lock. */
1569 lck = get_share_mode_lock(talloc_tos(), state->id, NULL, NULL,
1570 NULL);
1571 if (lck == NULL) {
1572 DEBUG(0, ("could not get share mode lock\n"));
1573 } else {
1574 del_deferred_open_entry(lck, req->mid);
1575 TALLOC_FREE(lck);
1576 }
1577
1578 /* Ensure we don't reprocess this message. */
1579 remove_deferred_open_smb_message(req->mid);
1580 }
1581
1582 status = check_name(conn, smb_fname->base_name);
1583 if (!NT_STATUS_IS_OK(status)) {
1584 return status;
1585 }
1586
1587 if (!posix_open) {
1588 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1589 if (file_existed) {
1590 existing_dos_attributes = dos_mode(conn, smb_fname);
1591 }
1592 }
1593
1594 /* ignore any oplock requests if oplocks are disabled */
1595 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1596 IS_VETO_OPLOCK_PATH(conn, smb_fname->base_name)) {
1597 /* Mask off everything except the private Samba bits. */
1598 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1599 }
1600
1601 /* this is for OS/2 long file names - say we don't support them */
1602 if (!lp_posix_pathnames() && strstr(smb_fname->base_name,".+,;=[].")) {
1603 /* OS/2 Workplace shell fix may be main code stream in a later
1604 * release. */
1605 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1606 "supported.\n"));
1607 if (use_nt_status()) {
1608 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1609 }
1610 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1611 }
1612
1613 switch( create_disposition ) {
1614 /*
1615 * Currently we're using FILE_SUPERSEDE as the same as
1616 * FILE_OVERWRITE_IF but they really are
1617 * different. FILE_SUPERSEDE deletes an existing file
1618 * (requiring delete access) then recreates it.
1619 */
1620 case FILE_SUPERSEDE:
1621 /* If file exists replace/overwrite. If file doesn't
1622 * exist create. */
1623 flags2 |= (O_CREAT | O_TRUNC);
1624 clear_ads = true;
1625 break;
1626
1627 case FILE_OVERWRITE_IF:
1628 /* If file exists replace/overwrite. If file doesn't
1629 * exist create. */
1630 flags2 |= (O_CREAT | O_TRUNC);
1631 clear_ads = true;
1632 break;
1633
1634 case FILE_OPEN:
1635 /* If file exists open. If file doesn't exist error. */
1636 if (!file_existed) {
1637 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1638 "requested for file %s and file "
1639 "doesn't exist.\n",
1640 smb_fname_str_dbg(smb_fname)));
1641 errno = ENOENT;
1642 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1643 }
1644 break;
1645
1646 case FILE_OVERWRITE:
1647 /* If file exists overwrite. If file doesn't exist
1648 * error. */
1649 if (!file_existed) {
1650 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1651 "requested for file %s and file "
1652 "doesn't exist.\n",
1653 smb_fname_str_dbg(smb_fname) ));
1654 errno = ENOENT;
1655 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1656 }
1657 flags2 |= O_TRUNC;
1658 clear_ads = true;
1659 break;
1660
1661 case FILE_CREATE:
1662 /* If file exists error. If file doesn't exist
1663 * create. */
1664 if (file_existed) {
1665 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1666 "requested for file %s and file "
1667 "already exists.\n",
1668 smb_fname_str_dbg(smb_fname)));
1669 if (S_ISDIR(smb_fname->st.st_ex_mode)) {
1670 errno = EISDIR;
1671 } else {
1672 errno = EEXIST;
1673 }
1674 return map_nt_error_from_unix(errno);
1675 }
1676 flags2 |= (O_CREAT|O_EXCL);
1677 break;
1678
1679 case FILE_OPEN_IF:
1680 /* If file exists open. If file doesn't exist
1681 * create. */
1682 flags2 |= O_CREAT;
1683 break;
1684
1685 default:
1686 return NT_STATUS_INVALID_PARAMETER;
1687 }
1688
1689 /* We only care about matching attributes on file exists and
1690 * overwrite. */
1691
1692 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1693 (create_disposition == FILE_OVERWRITE_IF))) {
1694 if (!open_match_attributes(conn, existing_dos_attributes,
1695 new_dos_attributes,
1696 smb_fname->st.st_ex_mode,
1697 unx_mode, &new_unx_mode)) {
1698 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1699 "for file %s (%x %x) (0%o, 0%o)\n",
1700 smb_fname_str_dbg(smb_fname),
1701 existing_dos_attributes,
1702 new_dos_attributes,
1703 (unsigned int)smb_fname->st.st_ex_mode,
1704 (unsigned int)unx_mode ));
1705 errno = EACCES;
1706 return NT_STATUS_ACCESS_DENIED;
1707 }
1708 }
1709
1710 status = calculate_access_mask(conn, smb_fname, file_existed,
1711 access_mask,
1712 &access_mask);
1713 if (!NT_STATUS_IS_OK(status)) {
1714 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1715 "on file %s returned %s\n",
1716 smb_fname_str_dbg(smb_fname), nt_errstr(status)));
1717 return status;
1718 }
1719
1720 open_access_mask = access_mask;
1721
1722 if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1723 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1724 }
1725
1726 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1727 "access_mask=0x%x\n", smb_fname_str_dbg(smb_fname),
1728 access_mask));
1729
1730 /*
1731 * Note that we ignore the append flag as append does not
1732 * mean the same thing under DOS and Unix.
1733 */
1734
1735 if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1736 (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1737 /* DENY_DOS opens are always underlying read-write on the
1738 file handle, no matter what the requested access mask
1739 says. */
1740 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1741 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1742 flags = O_RDWR;
1743 } else {
1744 flags = O_WRONLY;
1745 }
1746 } else {
1747 flags = O_RDONLY;
1748 }
1749
1750 /*
1751 * Currently we only look at FILE_WRITE_THROUGH for create options.
1752 */
1753
1754#if defined(O_SYNC)
1755 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1756 flags2 |= O_SYNC;
1757 }
1758#endif /* O_SYNC */
1759
1760 if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1761 flags2 |= O_APPEND;
1762 }
1763
1764 if (!posix_open && !CAN_WRITE(conn)) {
1765 /*
1766 * We should really return a permission denied error if either
1767 * O_CREAT or O_TRUNC are set, but for compatibility with
1768 * older versions of Samba we just AND them out.
1769 */
1770 flags2 &= ~(O_CREAT|O_TRUNC);
1771 }
1772
1773 /*
1774 * Ensure we can't write on a read-only share or file.
1775 */
1776
1777 if (flags != O_RDONLY && file_existed &&
1778 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1779 DEBUG(5,("open_file_ntcreate: write access requested for "
1780 "file %s on read only %s\n",
1781 smb_fname_str_dbg(smb_fname),
1782 !CAN_WRITE(conn) ? "share" : "file" ));
1783 errno = EACCES;
1784 return NT_STATUS_ACCESS_DENIED;
1785 }
1786
1787 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1788 fsp->share_access = share_access;
1789 fsp->fh->private_options = create_options;
1790 fsp->access_mask = open_access_mask; /* We change this to the
1791 * requested access_mask after
1792 * the open is done. */
1793 fsp->posix_open = posix_open;
1794
1795 /* Ensure no SAMBA_PRIVATE bits can be set. */
1796 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1797
1798 if (timeval_is_zero(&request_time)) {
1799 request_time = fsp->open_time;
1800 }
1801
1802 if (file_existed) {
1803 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
1804 id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1805
1806 lck = get_share_mode_lock(talloc_tos(), id,
1807 conn->connectpath,
1808 smb_fname, &old_write_time);
1809
1810 if (lck == NULL) {
1811 DEBUG(0, ("Could not get share mode lock\n"));
1812 return NT_STATUS_SHARING_VIOLATION;
1813 }
1814
1815 /* First pass - send break only on batch oplocks. */
1816 if ((req != NULL)
1817 && delay_for_oplocks(lck, fsp, req->mid, 1,
1818 oplock_request)) {
1819 schedule_defer_open(lck, request_time, req);
1820 TALLOC_FREE(lck);
1821 return NT_STATUS_SHARING_VIOLATION;
1822 }
1823
1824 /* Use the client requested access mask here, not the one we
1825 * open with. */
1826 status = open_mode_check(conn, lck, access_mask, share_access,
1827 create_options, &file_existed);
1828
1829 if (NT_STATUS_IS_OK(status)) {
1830 /* We might be going to allow this open. Check oplock
1831 * status again. */
1832 /* Second pass - send break for both batch or
1833 * exclusive oplocks. */
1834 if ((req != NULL)
1835 && delay_for_oplocks(lck, fsp, req->mid, 2,
1836 oplock_request)) {
1837 schedule_defer_open(lck, request_time, req);
1838 TALLOC_FREE(lck);
1839 return NT_STATUS_SHARING_VIOLATION;
1840 }
1841 }
1842
1843 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1844 /* DELETE_PENDING is not deferred for a second */
1845 TALLOC_FREE(lck);
1846 return status;
1847 }
1848
1849 if (!NT_STATUS_IS_OK(status)) {
1850 uint32 can_access_mask;
1851 bool can_access = True;
1852
1853 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1854
1855 /* Check if this can be done with the deny_dos and fcb
1856 * calls. */
1857 if (create_options &
1858 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1859 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1860 if (req == NULL) {
1861 DEBUG(0, ("DOS open without an SMB "
1862 "request!\n"));
1863 TALLOC_FREE(lck);
1864 return NT_STATUS_INTERNAL_ERROR;
1865 }
1866
1867 /* Use the client requested access mask here,
1868 * not the one we open with. */
1869 status = fcb_or_dos_open(req,
1870 conn,
1871 fsp,
1872 smb_fname,
1873 id,
1874 req->smbpid,
1875 req->vuid,
1876 access_mask,
1877 share_access,
1878 create_options);
1879
1880 if (NT_STATUS_IS_OK(status)) {
1881 TALLOC_FREE(lck);
1882 if (pinfo) {
1883 *pinfo = FILE_WAS_OPENED;
1884 }
1885 return NT_STATUS_OK;
1886 }
1887 }
1888
1889 /*
1890 * This next line is a subtlety we need for
1891 * MS-Access. If a file open will fail due to share
1892 * permissions and also for security (access) reasons,
1893 * we need to return the access failed error, not the
1894 * share error. We can't open the file due to kernel
1895 * oplock deadlock (it's possible we failed above on
1896 * the open_mode_check()) so use a userspace check.
1897 */
1898
1899 if (flags & O_RDWR) {
1900 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1901 } else if (flags & O_WRONLY) {
1902 can_access_mask = FILE_WRITE_DATA;
1903 } else {
1904 can_access_mask = FILE_READ_DATA;
1905 }
1906
1907 if (((can_access_mask & FILE_WRITE_DATA) &&
1908 !CAN_WRITE(conn)) ||
1909 !can_access_file_data(conn, smb_fname,
1910 can_access_mask)) {
1911 can_access = False;
1912 }
1913
1914 /*
1915 * If we're returning a share violation, ensure we
1916 * cope with the braindead 1 second delay.
1917 */
1918
1919 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1920 lp_defer_sharing_violations()) {
1921 struct timeval timeout;
1922 struct deferred_open_record state;
1923 int timeout_usecs;
1924
1925 /* this is a hack to speed up torture tests
1926 in 'make test' */
1927 timeout_usecs = lp_parm_int(SNUM(conn),
1928 "smbd","sharedelay",
1929 SHARING_VIOLATION_USEC_WAIT);
1930
1931 /* This is a relative time, added to the absolute
1932 request_time value to get the absolute timeout time.
1933 Note that if this is the second or greater time we enter
1934 this codepath for this particular request mid then
1935 request_time is left as the absolute time of the *first*
1936 time this request mid was processed. This is what allows
1937 the request to eventually time out. */
1938
1939 timeout = timeval_set(0, timeout_usecs);
1940
1941 /* Nothing actually uses state.delayed_for_oplocks
1942 but it's handy to differentiate in debug messages
1943 between a 30 second delay due to oplock break, and
1944 a 1 second delay for share mode conflicts. */
1945
1946 state.delayed_for_oplocks = False;
1947 state.id = id;
1948
1949 if ((req != NULL)
1950 && !request_timed_out(request_time,
1951 timeout)) {
1952 defer_open(lck, request_time, timeout,
1953 req, &state);
1954 }
1955 }
1956
1957 TALLOC_FREE(lck);
1958 if (can_access) {
1959 /*
1960 * We have detected a sharing violation here
1961 * so return the correct error code
1962 */
1963 status = NT_STATUS_SHARING_VIOLATION;
1964 } else {
1965 status = NT_STATUS_ACCESS_DENIED;
1966 }
1967 return status;
1968 }
1969
1970 /*
1971 * We exit this block with the share entry *locked*.....
1972 */
1973 }
1974
1975 SMB_ASSERT(!file_existed || (lck != NULL));
1976
1977 /*
1978 * Ensure we pay attention to default ACLs on directories if required.
1979 */
1980
1981 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1982 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1983 unx_mode = (0777 & lp_create_mask(SNUM(conn)));
1984 }
1985
1986 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1987 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1988 (unsigned int)flags, (unsigned int)flags2,
1989 (unsigned int)unx_mode, (unsigned int)access_mask,
1990 (unsigned int)open_access_mask));
1991
1992 /*
1993 * open_file strips any O_TRUNC flags itself.
1994 */
1995
1996 fsp_open = open_file(fsp, conn, req, parent_dir,
1997 flags|flags2, unx_mode, access_mask,
1998 open_access_mask);
1999
2000 if (!NT_STATUS_IS_OK(fsp_open)) {
2001 if (lck != NULL) {
2002 TALLOC_FREE(lck);
2003 }
2004 return fsp_open;
2005 }
2006
2007 if (!file_existed) {
2008 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
2009 /*
2010 * Deal with the race condition where two smbd's detect the
2011 * file doesn't exist and do the create at the same time. One
2012 * of them will win and set a share mode, the other (ie. this
2013 * one) should check if the requested share mode for this
2014 * create is allowed.
2015 */
2016
2017 /*
2018 * Now the file exists and fsp is successfully opened,
2019 * fsp->dev and fsp->inode are valid and should replace the
2020 * dev=0,inode=0 from a non existent file. Spotted by
2021 * Nadav Danieli <nadavd@exanet.com>. JRA.
2022 */
2023
2024 id = fsp->file_id;
2025
2026 lck = get_share_mode_lock(talloc_tos(), id,
2027 conn->connectpath,
2028 smb_fname, &old_write_time);
2029
2030 if (lck == NULL) {
2031 DEBUG(0, ("open_file_ntcreate: Could not get share "
2032 "mode lock for %s\n",
2033 smb_fname_str_dbg(smb_fname)));
2034 fd_close(fsp);
2035 return NT_STATUS_SHARING_VIOLATION;
2036 }
2037
2038 /* First pass - send break only on batch oplocks. */
2039 if ((req != NULL)
2040 && delay_for_oplocks(lck, fsp, req->mid, 1,
2041 oplock_request)) {
2042 schedule_defer_open(lck, request_time, req);
2043 TALLOC_FREE(lck);
2044 fd_close(fsp);
2045 return NT_STATUS_SHARING_VIOLATION;
2046 }
2047
2048 status = open_mode_check(conn, lck, access_mask, share_access,
2049 create_options, &file_existed);
2050
2051 if (NT_STATUS_IS_OK(status)) {
2052 /* We might be going to allow this open. Check oplock
2053 * status again. */
2054 /* Second pass - send break for both batch or
2055 * exclusive oplocks. */
2056 if ((req != NULL)
2057 && delay_for_oplocks(lck, fsp, req->mid, 2,
2058 oplock_request)) {
2059 schedule_defer_open(lck, request_time, req);
2060 TALLOC_FREE(lck);
2061 fd_close(fsp);
2062 return NT_STATUS_SHARING_VIOLATION;
2063 }
2064 }
2065
2066 if (!NT_STATUS_IS_OK(status)) {
2067 struct deferred_open_record state;
2068
2069 fd_close(fsp);
2070
2071 state.delayed_for_oplocks = False;
2072 state.id = id;
2073
2074 /* Do it all over again immediately. In the second
2075 * round we will find that the file existed and handle
2076 * the DELETE_PENDING and FCB cases correctly. No need
2077 * to duplicate the code here. Essentially this is a
2078 * "goto top of this function", but don't tell
2079 * anybody... */
2080
2081 if (req != NULL) {
2082 defer_open(lck, request_time, timeval_zero(),
2083 req, &state);
2084 }
2085 TALLOC_FREE(lck);
2086 return status;
2087 }
2088
2089 /*
2090 * We exit this block with the share entry *locked*.....
2091 */
2092
2093 }
2094
2095 SMB_ASSERT(lck != NULL);
2096
2097 /* Delete streams if create_disposition requires it */
2098 if (file_existed && clear_ads &&
2099 !is_ntfs_stream_smb_fname(smb_fname)) {
2100 status = delete_all_streams(conn, smb_fname->base_name);
2101 if (!NT_STATUS_IS_OK(status)) {
2102 TALLOC_FREE(lck);
2103 fd_close(fsp);
2104 return status;
2105 }
2106 }
2107
2108 /* note that we ignore failure for the following. It is
2109 basically a hack for NFS, and NFS will never set one of
2110 these only read them. Nobody but Samba can ever set a deny
2111 mode and we have already checked our more authoritative
2112 locking database for permission to set this deny mode. If
2113 the kernel refuses the operations then the kernel is wrong.
2114 note that GPFS supports it as well - jmcd */
2115
2116 if (fsp->fh->fd != -1) {
2117 int ret_flock;
2118 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access, access_mask);
2119 if(ret_flock == -1 ){
2120
2121 TALLOC_FREE(lck);
2122 fd_close(fsp);
2123
2124 return NT_STATUS_SHARING_VIOLATION;
2125 }
2126 }
2127
2128 /*
2129 * At this point onwards, we can guarentee that the share entry
2130 * is locked, whether we created the file or not, and that the
2131 * deny mode is compatible with all current opens.
2132 */
2133
2134 /*
2135 * If requested, truncate the file.
2136 */
2137
2138 if (flags2&O_TRUNC) {
2139 /*
2140 * We are modifing the file after open - update the stat
2141 * struct..
2142 */
2143 if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2144 (SMB_VFS_FSTAT(fsp, &smb_fname->st)==-1)) {
2145 status = map_nt_error_from_unix(errno);
2146 TALLOC_FREE(lck);
2147 fd_close(fsp);
2148 return status;
2149 }
2150 }
2151
2152 /* Record the options we were opened with. */
2153 fsp->share_access = share_access;
2154 fsp->fh->private_options = create_options;
2155 /*
2156 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2157 */
2158 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2159
2160 if (file_existed) {
2161 /* stat opens on existing files don't get oplocks. */
2162 if (is_stat_open(open_access_mask)) {
2163 fsp->oplock_type = NO_OPLOCK;
2164 }
2165
2166 if (!(flags2 & O_TRUNC)) {
2167 info = FILE_WAS_OPENED;
2168 } else {
2169 info = FILE_WAS_OVERWRITTEN;
2170 }
2171 } else {
2172 info = FILE_WAS_CREATED;
2173 }
2174
2175 if (pinfo) {
2176 *pinfo = info;
2177 }
2178
2179 /*
2180 * Setup the oplock info in both the shared memory and
2181 * file structs.
2182 */
2183
2184 if (!set_file_oplock(fsp, fsp->oplock_type)) {
2185 /* Could not get the kernel oplock */
2186 fsp->oplock_type = NO_OPLOCK;
2187 }
2188
2189 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2190 new_file_created = True;
2191 }
2192
2193 set_share_mode(lck, fsp, conn->server_info->utok.uid, 0,
2194 fsp->oplock_type);
2195
2196 /* Handle strange delete on close create semantics. */
2197 if (create_options & FILE_DELETE_ON_CLOSE) {
2198
2199 status = can_set_delete_on_close(fsp, new_dos_attributes);
2200
2201 if (!NT_STATUS_IS_OK(status)) {
2202 /* Remember to delete the mode we just added. */
2203 del_share_mode(lck, fsp);
2204 TALLOC_FREE(lck);
2205 fd_close(fsp);
2206 return status;
2207 }
2208 /* Note that here we set the *inital* delete on close flag,
2209 not the regular one. The magic gets handled in close. */
2210 fsp->initial_delete_on_close = True;
2211 }
2212
2213 if (new_file_created) {
2214 /* Files should be initially set as archive */
2215 if (lp_map_archive(SNUM(conn)) ||
2216 lp_store_dos_attributes(SNUM(conn))) {
2217 if (!posix_open) {
2218 if (file_set_dosmode(conn, smb_fname,
2219 new_dos_attributes | aARCH,
2220 parent_dir, true) == 0) {
2221 unx_mode = smb_fname->st.st_ex_mode;
2222 }
2223 }
2224 }
2225 }
2226
2227 /*
2228 * Take care of inherited ACLs on created files - if default ACL not
2229 * selected.
2230 */
2231
2232 if (!posix_open && !file_existed && !def_acl) {
2233
2234 int saved_errno = errno; /* We might get ENOSYS in the next
2235 * call.. */
2236
2237 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2238 errno == ENOSYS) {
2239 errno = saved_errno; /* Ignore ENOSYS */
2240 }
2241
2242 } else if (new_unx_mode) {
2243
2244 int ret = -1;
2245
2246 /* Attributes need changing. File already existed. */
2247
2248 {
2249 int saved_errno = errno; /* We might get ENOSYS in the
2250 * next call.. */
2251 ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2252
2253 if (ret == -1 && errno == ENOSYS) {
2254 errno = saved_errno; /* Ignore ENOSYS */
2255 } else {
2256 DEBUG(5, ("open_file_ntcreate: reset "
2257 "attributes of file %s to 0%o\n",
2258 smb_fname_str_dbg(smb_fname),
2259 (unsigned int)new_unx_mode));
2260 ret = 0; /* Don't do the fchmod below. */
2261 }
2262 }
2263
2264 if ((ret == -1) &&
2265 (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2266 DEBUG(5, ("open_file_ntcreate: failed to reset "
2267 "attributes of file %s to 0%o\n",
2268 smb_fname_str_dbg(smb_fname),
2269 (unsigned int)new_unx_mode));
2270 }
2271
2272 /* If this is a successful open, we must remove any deferred open
2273 * records. */
2274 if (req != NULL) {
2275 del_deferred_open_entry(lck, req->mid);
2276 }
2277 TALLOC_FREE(lck);
2278
2279 return NT_STATUS_OK;
2280}
2281
2282
2283/****************************************************************************
2284 Open a file for for write to ensure that we can fchmod it.
2285****************************************************************************/
2286
2287NTSTATUS open_file_fchmod(connection_struct *conn,
2288 struct smb_filename *smb_fname,
2289 files_struct **result)
2290{
2291 if (!VALID_STAT(smb_fname->st)) {
2292 return NT_STATUS_INVALID_PARAMETER;
2293 }
2294
2295 return SMB_VFS_CREATE_FILE(
2296 conn, /* conn */
2297 NULL, /* req */
2298 0, /* root_dir_fid */
2299 smb_fname, /* fname */
2300 FILE_WRITE_DATA, /* access_mask */
2301 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
2302 FILE_SHARE_DELETE),
2303 FILE_OPEN, /* create_disposition*/
2304 0, /* create_options */
2305 0, /* file_attributes */
2306 INTERNAL_OPEN_ONLY, /* oplock_request */
2307 0, /* allocation_size */
2308 NULL, /* sd */
2309 NULL, /* ea_list */
2310 result, /* result */
2311 NULL); /* pinfo */
2312}
2313
2314static NTSTATUS mkdir_internal(connection_struct *conn,
2315 struct smb_filename *smb_dname,
2316 uint32 file_attributes)
2317{
2318 mode_t mode;
2319 char *parent_dir;
2320 NTSTATUS status;
2321 bool posix_open = false;
2322 bool need_re_stat = false;
2323
2324 if(!CAN_WRITE(conn)) {
2325 DEBUG(5,("mkdir_internal: failing create on read-only share "
2326 "%s\n", lp_servicename(SNUM(conn))));
2327 return NT_STATUS_ACCESS_DENIED;
2328 }
2329
2330 status = check_name(conn, smb_dname->base_name);
2331 if (!NT_STATUS_IS_OK(status)) {
2332 return status;
2333 }
2334
2335 if (!parent_dirname(talloc_tos(), smb_dname->base_name, &parent_dir,
2336 NULL)) {
2337 return NT_STATUS_NO_MEMORY;
2338 }
2339
2340 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2341 posix_open = true;
2342 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2343 } else {
2344 mode = unix_mode(conn, aDIR, smb_dname, parent_dir);
2345 }
2346
2347 if (SMB_VFS_MKDIR(conn, smb_dname->base_name, mode) != 0) {
2348 return map_nt_error_from_unix(errno);
2349 }
2350
2351 /* Ensure we're checking for a symlink here.... */
2352 /* We don't want to get caught by a symlink racer. */
2353
2354 if (SMB_VFS_LSTAT(conn, smb_dname) == -1) {
2355 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2356 smb_fname_str_dbg(smb_dname), strerror(errno)));
2357 return map_nt_error_from_unix(errno);
2358 }
2359
2360 if (!S_ISDIR(smb_dname->st.st_ex_mode)) {
2361 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2362 smb_fname_str_dbg(smb_dname)));
2363 return NT_STATUS_ACCESS_DENIED;
2364 }
2365
2366 if (lp_store_dos_attributes(SNUM(conn))) {
2367 if (!posix_open) {
2368 file_set_dosmode(conn, smb_dname,
2369 file_attributes | aDIR,
2370 parent_dir, true);
2371 }
2372 }
2373
2374 if (lp_inherit_perms(SNUM(conn))) {
2375 inherit_access_posix_acl(conn, parent_dir,
2376 smb_dname->base_name, mode);
2377 need_re_stat = true;
2378 }
2379
2380 if (!posix_open) {
2381 /*
2382 * Check if high bits should have been set,
2383 * then (if bits are missing): add them.
2384 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2385 * dir.
2386 */
2387 if ((mode & ~(S_IRWXU|S_IRWXG|S_IRWXO)) &&
2388 (mode & ~smb_dname->st.st_ex_mode)) {
2389 SMB_VFS_CHMOD(conn, smb_dname->base_name,
2390 (smb_dname->st.st_ex_mode |
2391 (mode & ~smb_dname->st.st_ex_mode)));
2392 need_re_stat = true;
2393 }
2394 }
2395
2396 /* Change the owner if required. */
2397 if (lp_inherit_owner(SNUM(conn))) {
2398 change_dir_owner_to_parent(conn, parent_dir,
2399 smb_dname->base_name,
2400 &smb_dname->st);
2401 need_re_stat = true;
2402 }
2403
2404 if (need_re_stat) {
2405 if (SMB_VFS_LSTAT(conn, smb_dname) == -1) {
2406 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2407 smb_fname_str_dbg(smb_dname), strerror(errno)));
2408 return map_nt_error_from_unix(errno);
2409 }
2410 }
2411
2412 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2413 smb_dname->base_name);
2414
2415 return NT_STATUS_OK;
2416}
2417
2418/****************************************************************************
2419 Open a directory from an NT SMB call.
2420****************************************************************************/
2421
2422static NTSTATUS open_directory(connection_struct *conn,
2423 struct smb_request *req,
2424 struct smb_filename *smb_dname,
2425 uint32 access_mask,
2426 uint32 share_access,
2427 uint32 create_disposition,
2428 uint32 create_options,
2429 uint32 file_attributes,
2430 int *pinfo,
2431 files_struct **result)
2432{
2433 files_struct *fsp = NULL;
2434 bool dir_existed = VALID_STAT(smb_dname->st) ? True : False;
2435 struct share_mode_lock *lck = NULL;
2436 NTSTATUS status;
2437 struct timespec mtimespec;
2438 int info = 0;
2439
2440 SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
2441
2442 /* Ensure we have a directory attribute. */
2443 file_attributes |= FILE_ATTRIBUTE_DIRECTORY;
2444
2445 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2446 "share_access = 0x%x create_options = 0x%x, "
2447 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2448 smb_fname_str_dbg(smb_dname),
2449 (unsigned int)access_mask,
2450 (unsigned int)share_access,
2451 (unsigned int)create_options,
2452 (unsigned int)create_disposition,
2453 (unsigned int)file_attributes));
2454
2455 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2456 (conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2457 is_ntfs_stream_smb_fname(smb_dname)) {
2458 DEBUG(2, ("open_directory: %s is a stream name!\n",
2459 smb_fname_str_dbg(smb_dname)));
2460 return NT_STATUS_NOT_A_DIRECTORY;
2461 }
2462
2463 status = calculate_access_mask(conn, smb_dname, dir_existed,
2464 access_mask, &access_mask);
2465 if (!NT_STATUS_IS_OK(status)) {
2466 DEBUG(10, ("open_directory: calculate_access_mask "
2467 "on file %s returned %s\n",
2468 smb_fname_str_dbg(smb_dname),
2469 nt_errstr(status)));
2470 return status;
2471 }
2472
2473 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
2474 !user_has_privileges(current_user.nt_user_token, &se_security)) {
2475 DEBUG(10, ("open_directory: open on %s "
2476 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2477 smb_fname_str_dbg(smb_dname)));
2478 return NT_STATUS_PRIVILEGE_NOT_HELD;
2479 }
2480
2481 switch( create_disposition ) {
2482 case FILE_OPEN:
2483
2484 info = FILE_WAS_OPENED;
2485
2486 /*
2487 * We want to follow symlinks here.
2488 */
2489
2490 if (SMB_VFS_STAT(conn, smb_dname) != 0) {
2491 return map_nt_error_from_unix(errno);
2492 }
2493
2494 break;
2495
2496 case FILE_CREATE:
2497
2498 /* If directory exists error. If directory doesn't
2499 * exist create. */
2500
2501 status = mkdir_internal(conn, smb_dname,
2502 file_attributes);
2503
2504 if (!NT_STATUS_IS_OK(status)) {
2505 DEBUG(2, ("open_directory: unable to create "
2506 "%s. Error was %s\n",
2507 smb_fname_str_dbg(smb_dname),
2508 nt_errstr(status)));
2509 return status;
2510 }
2511
2512 info = FILE_WAS_CREATED;
2513 break;
2514
2515 case FILE_OPEN_IF:
2516 /*
2517 * If directory exists open. If directory doesn't
2518 * exist create.
2519 */
2520
2521 status = mkdir_internal(conn, smb_dname,
2522 file_attributes);
2523
2524 if (NT_STATUS_IS_OK(status)) {
2525 info = FILE_WAS_CREATED;
2526 }
2527
2528 if (NT_STATUS_EQUAL(status,
2529 NT_STATUS_OBJECT_NAME_COLLISION)) {
2530 info = FILE_WAS_OPENED;
2531 status = NT_STATUS_OK;
2532 }
2533
2534 break;
2535
2536 case FILE_SUPERSEDE:
2537 case FILE_OVERWRITE:
2538 case FILE_OVERWRITE_IF:
2539 default:
2540 DEBUG(5,("open_directory: invalid create_disposition "
2541 "0x%x for directory %s\n",
2542 (unsigned int)create_disposition,
2543 smb_fname_str_dbg(smb_dname)));
2544 return NT_STATUS_INVALID_PARAMETER;
2545 }
2546
2547 if(!S_ISDIR(smb_dname->st.st_ex_mode)) {
2548 DEBUG(5,("open_directory: %s is not a directory !\n",
2549 smb_fname_str_dbg(smb_dname)));
2550 return NT_STATUS_NOT_A_DIRECTORY;
2551 }
2552
2553 if (info == FILE_WAS_OPENED) {
2554 uint32_t access_granted = 0;
2555 status = smbd_check_open_rights(conn, smb_dname, access_mask,
2556 &access_granted);
2557
2558 /* Were we trying to do a directory open
2559 * for delete and didn't get DELETE
2560 * access (only) ? Check if the
2561 * directory allows DELETE_CHILD.
2562 * See here:
2563 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2564 * for details. */
2565
2566 if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2567 (access_mask & DELETE_ACCESS) &&
2568 (access_granted == DELETE_ACCESS) &&
2569 can_delete_file_in_directory(conn, smb_dname))) {
2570 DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2571 "on directory %s\n",
2572 smb_fname_str_dbg(smb_dname)));
2573 status = NT_STATUS_OK;
2574 }
2575
2576 if (!NT_STATUS_IS_OK(status)) {
2577 DEBUG(10, ("open_directory: smbd_check_open_rights on "
2578 "file %s failed with %s\n",
2579 smb_fname_str_dbg(smb_dname),
2580 nt_errstr(status)));
2581 return status;
2582 }
2583 }
2584
2585 status = file_new(req, conn, &fsp);
2586 if(!NT_STATUS_IS_OK(status)) {
2587 return status;
2588 }
2589
2590 /*
2591 * Setup the files_struct for it.
2592 */
2593
2594 fsp->mode = smb_dname->st.st_ex_mode;
2595 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_dname->st);
2596 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2597 fsp->file_pid = req ? req->smbpid : 0;
2598 fsp->can_lock = False;
2599 fsp->can_read = False;
2600 fsp->can_write = False;
2601
2602 fsp->share_access = share_access;
2603 fsp->fh->private_options = create_options;
2604 /*
2605 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2606 */
2607 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2608 fsp->print_file = False;
2609 fsp->modified = False;
2610 fsp->oplock_type = NO_OPLOCK;
2611 fsp->sent_oplock_break = NO_BREAK_SENT;
2612 fsp->is_directory = True;
2613 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2614 status = fsp_set_smb_fname(fsp, smb_dname);
2615 if (!NT_STATUS_IS_OK(status)) {
2616 return status;
2617 }
2618
2619 mtimespec = smb_dname->st.st_ex_mtime;
2620
2621 lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2622 conn->connectpath, smb_dname, &mtimespec);
2623
2624 if (lck == NULL) {
2625 DEBUG(0, ("open_directory: Could not get share mode lock for "
2626 "%s\n", smb_fname_str_dbg(smb_dname)));
2627 file_free(req, fsp);
2628 return NT_STATUS_SHARING_VIOLATION;
2629 }
2630
2631 status = open_mode_check(conn, lck, access_mask, share_access,
2632 create_options, &dir_existed);
2633
2634 if (!NT_STATUS_IS_OK(status)) {
2635 TALLOC_FREE(lck);
2636 file_free(req, fsp);
2637 return status;
2638 }
2639
2640 set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK);
2641
2642 /* For directories the delete on close bit at open time seems
2643 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2644 if (create_options & FILE_DELETE_ON_CLOSE) {
2645 status = can_set_delete_on_close(fsp, 0);
2646 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2647 TALLOC_FREE(lck);
2648 file_free(req, fsp);
2649 return status;
2650 }
2651
2652 if (NT_STATUS_IS_OK(status)) {
2653 /* Note that here we set the *inital* delete on close flag,
2654 not the regular one. The magic gets handled in close. */
2655 fsp->initial_delete_on_close = True;
2656 }
2657 }
2658
2659 TALLOC_FREE(lck);
2660
2661 if (pinfo) {
2662 *pinfo = info;
2663 }
2664
2665 *result = fsp;
2666 return NT_STATUS_OK;
2667}
2668
2669NTSTATUS create_directory(connection_struct *conn, struct smb_request *req,
2670 struct smb_filename *smb_dname)
2671{
2672 NTSTATUS status;
2673 files_struct *fsp;
2674
2675 status = SMB_VFS_CREATE_FILE(
2676 conn, /* conn */
2677 req, /* req */
2678 0, /* root_dir_fid */
2679 smb_dname, /* fname */
2680 FILE_READ_ATTRIBUTES, /* access_mask */
2681 FILE_SHARE_NONE, /* share_access */
2682 FILE_CREATE, /* create_disposition*/
2683 FILE_DIRECTORY_FILE, /* create_options */
2684 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
2685 0, /* oplock_request */
2686 0, /* allocation_size */
2687 NULL, /* sd */
2688 NULL, /* ea_list */
2689 &fsp, /* result */
2690 NULL); /* pinfo */
2691
2692 if (NT_STATUS_IS_OK(status)) {
2693 close_file(req, fsp, NORMAL_CLOSE);
2694 }
2695
2696 return status;
2697}
2698
2699/****************************************************************************
2700 Receive notification that one of our open files has been renamed by another
2701 smbd process.
2702****************************************************************************/
2703
2704void msg_file_was_renamed(struct messaging_context *msg,
2705 void *private_data,
2706 uint32_t msg_type,
2707 struct server_id server_id,
2708 DATA_BLOB *data)
2709{
2710 files_struct *fsp;
2711 char *frm = (char *)data->data;
2712 struct file_id id;
2713 const char *sharepath;
2714 const char *base_name;
2715 const char *stream_name;
2716 struct smb_filename *smb_fname = NULL;
2717 size_t sp_len, bn_len;
2718 NTSTATUS status;
2719
2720 if (data->data == NULL
2721 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2722 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2723 (int)data->length));
2724 return;
2725 }
2726
2727 /* Unpack the message. */
2728 pull_file_id_24(frm, &id);
2729 sharepath = &frm[24];
2730 sp_len = strlen(sharepath);
2731 base_name = sharepath + sp_len + 1;
2732 bn_len = strlen(base_name);
2733 stream_name = sharepath + sp_len + 1 + bn_len + 1;
2734
2735 /* stream_name must always be NULL if there is no stream. */
2736 if (stream_name[0] == '\0') {
2737 stream_name = NULL;
2738 }
2739
2740 status = create_synthetic_smb_fname(talloc_tos(), base_name,
2741 stream_name, NULL, &smb_fname);
2742 if (!NT_STATUS_IS_OK(status)) {
2743 return;
2744 }
2745
2746 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2747 "file_id %s\n",
2748 sharepath, smb_fname_str_dbg(smb_fname),
2749 file_id_string_tos(&id)));
2750
2751 for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) {
2752 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2753
2754 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2755 fsp->fnum, fsp_str_dbg(fsp),
2756 smb_fname_str_dbg(smb_fname)));
2757 status = fsp_set_smb_fname(fsp, smb_fname);
2758 if (!NT_STATUS_IS_OK(status)) {
2759 goto out;
2760 }
2761 } else {
2762 /* TODO. JRA. */
2763 /* Now we have the complete path we can work out if this is
2764 actually within this share and adjust newname accordingly. */
2765 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2766 "not sharepath %s) "
2767 "fnum %d from %s -> %s\n",
2768 fsp->conn->connectpath,
2769 sharepath,
2770 fsp->fnum,
2771 fsp_str_dbg(fsp),
2772 smb_fname_str_dbg(smb_fname)));
2773 }
2774 }
2775 out:
2776 TALLOC_FREE(smb_fname);
2777 return;
2778}
2779
2780/*
2781 * If a main file is opened for delete, all streams need to be checked for
2782 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2783 * If that works, delete them all by setting the delete on close and close.
2784 */
2785
2786NTSTATUS open_streams_for_delete(connection_struct *conn,
2787 const char *fname)
2788{
2789 struct stream_struct *stream_info;
2790 files_struct **streams;
2791 int i;
2792 unsigned int num_streams;
2793 TALLOC_CTX *frame = talloc_stackframe();
2794 NTSTATUS status;
2795
2796 status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2797 &num_streams, &stream_info);
2798
2799 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2800 || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2801 DEBUG(10, ("no streams around\n"));
2802 TALLOC_FREE(frame);
2803 return NT_STATUS_OK;
2804 }
2805
2806 if (!NT_STATUS_IS_OK(status)) {
2807 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2808 nt_errstr(status)));
2809 goto fail;
2810 }
2811
2812 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2813 num_streams));
2814
2815 if (num_streams == 0) {
2816 TALLOC_FREE(frame);
2817 return NT_STATUS_OK;
2818 }
2819
2820 streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2821 if (streams == NULL) {
2822 DEBUG(0, ("talloc failed\n"));
2823 status = NT_STATUS_NO_MEMORY;
2824 goto fail;
2825 }
2826
2827 for (i=0; i<num_streams; i++) {
2828 struct smb_filename *smb_fname = NULL;
2829
2830 if (strequal(stream_info[i].name, "::$DATA")) {
2831 streams[i] = NULL;
2832 continue;
2833 }
2834
2835 status = create_synthetic_smb_fname(talloc_tos(), fname,
2836 stream_info[i].name,
2837 NULL, &smb_fname);
2838 if (!NT_STATUS_IS_OK(status)) {
2839 goto fail;
2840 }
2841
2842 if (SMB_VFS_STAT(conn, smb_fname) == -1) {
2843 DEBUG(10, ("Unable to stat stream: %s\n",
2844 smb_fname_str_dbg(smb_fname)));
2845 }
2846
2847 status = SMB_VFS_CREATE_FILE(
2848 conn, /* conn */
2849 NULL, /* req */
2850 0, /* root_dir_fid */
2851 smb_fname, /* fname */
2852 DELETE_ACCESS, /* access_mask */
2853 (FILE_SHARE_READ | /* share_access */
2854 FILE_SHARE_WRITE | FILE_SHARE_DELETE),
2855 FILE_OPEN, /* create_disposition*/
2856 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* create_options */
2857 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2858 0, /* oplock_request */
2859 0, /* allocation_size */
2860 NULL, /* sd */
2861 NULL, /* ea_list */
2862 &streams[i], /* result */
2863 NULL); /* pinfo */
2864
2865 if (!NT_STATUS_IS_OK(status)) {
2866 DEBUG(10, ("Could not open stream %s: %s\n",
2867 smb_fname_str_dbg(smb_fname),
2868 nt_errstr(status)));
2869
2870 TALLOC_FREE(smb_fname);
2871 break;
2872 }
2873 TALLOC_FREE(smb_fname);
2874 }
2875
2876 /*
2877 * don't touch the variable "status" beyond this point :-)
2878 */
2879
2880 for (i -= 1 ; i >= 0; i--) {
2881 if (streams[i] == NULL) {
2882 continue;
2883 }
2884
2885 DEBUG(10, ("Closing stream # %d, %s\n", i,
2886 fsp_str_dbg(streams[i])));
2887 close_file(NULL, streams[i], NORMAL_CLOSE);
2888 }
2889
2890 fail:
2891 TALLOC_FREE(frame);
2892 return status;
2893}
2894
2895/*
2896 * Wrapper around open_file_ntcreate and open_directory
2897 */
2898
2899static NTSTATUS create_file_unixpath(connection_struct *conn,
2900 struct smb_request *req,
2901 struct smb_filename *smb_fname,
2902 uint32_t access_mask,
2903 uint32_t share_access,
2904 uint32_t create_disposition,
2905 uint32_t create_options,
2906 uint32_t file_attributes,
2907 uint32_t oplock_request,
2908 uint64_t allocation_size,
2909 struct security_descriptor *sd,
2910 struct ea_list *ea_list,
2911
2912 files_struct **result,
2913 int *pinfo)
2914{
2915 int info = FILE_WAS_OPENED;
2916 files_struct *base_fsp = NULL;
2917 files_struct *fsp = NULL;
2918 NTSTATUS status;
2919
2920 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2921 "file_attributes = 0x%x, share_access = 0x%x, "
2922 "create_disposition = 0x%x create_options = 0x%x "
2923 "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, "
2924 "fname = %s\n",
2925 (unsigned int)access_mask,
2926 (unsigned int)file_attributes,
2927 (unsigned int)share_access,
2928 (unsigned int)create_disposition,
2929 (unsigned int)create_options,
2930 (unsigned int)oplock_request,
2931 ea_list, sd, smb_fname_str_dbg(smb_fname)));
2932
2933 if (create_options & FILE_OPEN_BY_FILE_ID) {
2934 status = NT_STATUS_NOT_SUPPORTED;
2935 goto fail;
2936 }
2937
2938 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
2939 status = NT_STATUS_INVALID_PARAMETER;
2940 goto fail;
2941 }
2942
2943 if (req == NULL) {
2944 oplock_request |= INTERNAL_OPEN_ONLY;
2945 }
2946
2947 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2948 && (access_mask & DELETE_ACCESS)
2949 && !is_ntfs_stream_smb_fname(smb_fname)) {
2950 /*
2951 * We can't open a file with DELETE access if any of the
2952 * streams is open without FILE_SHARE_DELETE
2953 */
2954 status = open_streams_for_delete(conn, smb_fname->base_name);
2955
2956 if (!NT_STATUS_IS_OK(status)) {
2957 goto fail;
2958 }
2959 }
2960
2961 /* This is the correct thing to do (check every time) but can_delete
2962 * is expensive (it may have to read the parent directory
2963 * permissions). So for now we're not doing it unless we have a strong
2964 * hint the client is really going to delete this file. If the client
2965 * is forcing FILE_CREATE let the filesystem take care of the
2966 * permissions. */
2967
2968 /* Setting FILE_SHARE_DELETE is the hint. */
2969
2970 if (lp_acl_check_permissions(SNUM(conn))
2971 && (create_disposition != FILE_CREATE)
2972 && (access_mask & DELETE_ACCESS)
2973 && (!(can_delete_file_in_directory(conn, smb_fname) ||
2974 can_access_file_acl(conn, smb_fname, DELETE_ACCESS)))) {
2975 status = NT_STATUS_ACCESS_DENIED;
2976 DEBUG(10,("create_file_unixpath: open file %s "
2977 "for delete ACCESS_DENIED\n",
2978 smb_fname_str_dbg(smb_fname)));
2979 goto fail;
2980 }
2981
2982 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
2983 !user_has_privileges(current_user.nt_user_token, &se_security)) {
2984 DEBUG(10, ("create_file_unixpath:: open on %s "
2985 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2986 smb_fname_str_dbg(smb_fname)));
2987 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2988 goto fail;
2989 }
2990
2991 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2992 && is_ntfs_stream_smb_fname(smb_fname)
2993 && (!(create_options & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
2994 uint32 base_create_disposition;
2995 struct smb_filename *smb_fname_base = NULL;
2996
2997 if (create_options & FILE_DIRECTORY_FILE) {
2998 status = NT_STATUS_NOT_A_DIRECTORY;
2999 goto fail;
3000 }
3001
3002 switch (create_disposition) {
3003 case FILE_OPEN:
3004 base_create_disposition = FILE_OPEN;
3005 break;
3006 default:
3007 base_create_disposition = FILE_OPEN_IF;
3008 break;
3009 }
3010
3011 /* Create an smb_filename with stream_name == NULL. */
3012 status = create_synthetic_smb_fname(talloc_tos(),
3013 smb_fname->base_name,
3014 NULL, NULL,
3015 &smb_fname_base);
3016 if (!NT_STATUS_IS_OK(status)) {
3017 goto fail;
3018 }
3019
3020 if (SMB_VFS_STAT(conn, smb_fname_base) == -1) {
3021 DEBUG(10, ("Unable to stat stream: %s\n",
3022 smb_fname_str_dbg(smb_fname_base)));
3023 }
3024
3025 /* Open the base file. */
3026 status = create_file_unixpath(conn, NULL, smb_fname_base, 0,
3027 FILE_SHARE_READ
3028 | FILE_SHARE_WRITE
3029 | FILE_SHARE_DELETE,
3030 base_create_disposition,
3031 0, 0, 0, 0, NULL, NULL,
3032 &base_fsp, NULL);
3033 TALLOC_FREE(smb_fname_base);
3034
3035 if (!NT_STATUS_IS_OK(status)) {
3036 DEBUG(10, ("create_file_unixpath for base %s failed: "
3037 "%s\n", smb_fname->base_name,
3038 nt_errstr(status)));
3039 goto fail;
3040 }
3041 /* we don't need to low level fd */
3042 fd_close(base_fsp);
3043 }
3044
3045 /*
3046 * If it's a request for a directory open, deal with it separately.
3047 */
3048
3049 if (create_options & FILE_DIRECTORY_FILE) {
3050
3051 if (create_options & FILE_NON_DIRECTORY_FILE) {
3052 status = NT_STATUS_INVALID_PARAMETER;
3053 goto fail;
3054 }
3055
3056 /* Can't open a temp directory. IFS kit test. */
3057 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
3058 (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) {
3059 status = NT_STATUS_INVALID_PARAMETER;
3060 goto fail;
3061 }
3062
3063 /*
3064 * We will get a create directory here if the Win32
3065 * app specified a security descriptor in the
3066 * CreateDirectory() call.
3067 */
3068
3069 oplock_request = 0;
3070 status = open_directory(
3071 conn, req, smb_fname, access_mask, share_access,
3072 create_disposition, create_options, file_attributes,
3073 &info, &fsp);
3074 } else {
3075
3076 /*
3077 * Ordinary file case.
3078 */
3079
3080 status = file_new(req, conn, &fsp);
3081 if(!NT_STATUS_IS_OK(status)) {
3082 goto fail;
3083 }
3084
3085 status = fsp_set_smb_fname(fsp, smb_fname);
3086 if (!NT_STATUS_IS_OK(status)) {
3087 goto fail;
3088 }
3089
3090 /*
3091 * We're opening the stream element of a base_fsp
3092 * we already opened. Set up the base_fsp pointer.
3093 */
3094 if (base_fsp) {
3095 fsp->base_fsp = base_fsp;
3096 }
3097
3098 status = open_file_ntcreate(conn,
3099 req,
3100 access_mask,
3101 share_access,
3102 create_disposition,
3103 create_options,
3104 file_attributes,
3105 oplock_request,
3106 &info,
3107 fsp);
3108
3109 if(!NT_STATUS_IS_OK(status)) {
3110 file_free(req, fsp);
3111 fsp = NULL;
3112 }
3113
3114 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3115
3116 /* A stream open never opens a directory */
3117
3118 if (base_fsp) {
3119 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3120 goto fail;
3121 }
3122
3123 /*
3124 * Fail the open if it was explicitly a non-directory
3125 * file.
3126 */
3127
3128 if (create_options & FILE_NON_DIRECTORY_FILE) {
3129 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3130 goto fail;
3131 }
3132
3133 oplock_request = 0;
3134 status = open_directory(
3135 conn, req, smb_fname, access_mask,
3136 share_access, create_disposition,
3137 create_options, file_attributes,
3138 &info, &fsp);
3139 }
3140 }
3141
3142 if (!NT_STATUS_IS_OK(status)) {
3143 goto fail;
3144 }
3145
3146 fsp->base_fsp = base_fsp;
3147
3148 /*
3149 * According to the MS documentation, the only time the security
3150 * descriptor is applied to the opened file is iff we *created* the
3151 * file; an existing file stays the same.
3152 *
3153 * Also, it seems (from observation) that you can open the file with
3154 * any access mask but you can still write the sd. We need to override
3155 * the granted access before we call set_sd
3156 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3157 */
3158
3159 if ((sd != NULL) && (info == FILE_WAS_CREATED)
3160 && lp_nt_acl_support(SNUM(conn))) {
3161
3162 uint32_t sec_info_sent;
3163 uint32_t saved_access_mask = fsp->access_mask;
3164
3165 sec_info_sent = get_sec_info(sd);
3166
3167 fsp->access_mask = FILE_GENERIC_ALL;
3168
3169 /* Convert all the generic bits. */
3170 security_acl_map_generic(sd->dacl, &file_generic_mapping);
3171 security_acl_map_generic(sd->sacl, &file_generic_mapping);
3172
3173 if (sec_info_sent & (OWNER_SECURITY_INFORMATION|
3174 GROUP_SECURITY_INFORMATION|
3175 DACL_SECURITY_INFORMATION|
3176 SACL_SECURITY_INFORMATION)) {
3177 status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3178 }
3179
3180 fsp->access_mask = saved_access_mask;
3181
3182 if (!NT_STATUS_IS_OK(status)) {
3183 goto fail;
3184 }
3185 }
3186
3187 if ((ea_list != NULL) &&
3188 ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN))) {
3189 status = set_ea(conn, fsp, fsp->fsp_name, ea_list);
3190 if (!NT_STATUS_IS_OK(status)) {
3191 goto fail;
3192 }
3193 }
3194
3195 if (!fsp->is_directory && S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
3196 status = NT_STATUS_ACCESS_DENIED;
3197 goto fail;
3198 }
3199
3200 /* Save the requested allocation size. */
3201 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3202 if (allocation_size
3203 && (allocation_size > fsp->fsp_name->st.st_ex_size)) {
3204 fsp->initial_allocation_size = smb_roundup(
3205 fsp->conn, allocation_size);
3206 if (fsp->is_directory) {
3207 /* Can't set allocation size on a directory. */
3208 status = NT_STATUS_ACCESS_DENIED;
3209 goto fail;
3210 }
3211 if (vfs_allocate_file_space(
3212 fsp, fsp->initial_allocation_size) == -1) {
3213 status = NT_STATUS_DISK_FULL;
3214 goto fail;
3215 }
3216 } else {
3217 fsp->initial_allocation_size = smb_roundup(
3218 fsp->conn, (uint64_t)fsp->fsp_name->st.st_ex_size);
3219 }
3220 }
3221
3222 DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3223
3224 *result = fsp;
3225 if (pinfo != NULL) {
3226 *pinfo = info;
3227 }
3228
3229 smb_fname->st = fsp->fsp_name->st;
3230
3231 return NT_STATUS_OK;
3232
3233 fail:
3234 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3235
3236 if (fsp != NULL) {
3237 if (base_fsp && fsp->base_fsp == base_fsp) {
3238 /*
3239 * The close_file below will close
3240 * fsp->base_fsp.
3241 */
3242 base_fsp = NULL;
3243 }
3244 close_file(req, fsp, ERROR_CLOSE);
3245 fsp = NULL;
3246 }
3247 if (base_fsp != NULL) {
3248 close_file(req, base_fsp, ERROR_CLOSE);
3249 base_fsp = NULL;
3250 }
3251 return status;
3252}
3253
3254/*
3255 * Calculate the full path name given a relative fid.
3256 */
3257NTSTATUS get_relative_fid_filename(connection_struct *conn,
3258 struct smb_request *req,
3259 uint16_t root_dir_fid,
3260 const struct smb_filename *smb_fname,
3261 struct smb_filename **smb_fname_out)
3262{
3263 files_struct *dir_fsp;
3264 char *parent_fname = NULL;
3265 char *new_base_name = NULL;
3266 NTSTATUS status;
3267
3268 if (root_dir_fid == 0 || !smb_fname) {
3269 status = NT_STATUS_INTERNAL_ERROR;
3270 goto out;
3271 }
3272
3273 dir_fsp = file_fsp(req, root_dir_fid);
3274
3275 if (dir_fsp == NULL) {
3276 status = NT_STATUS_INVALID_HANDLE;
3277 goto out;
3278 }
3279
3280 if (is_ntfs_stream_smb_fname(dir_fsp->fsp_name)) {
3281 status = NT_STATUS_INVALID_HANDLE;
3282 goto out;
3283 }
3284
3285 if (!dir_fsp->is_directory) {
3286
3287 /*
3288 * Check to see if this is a mac fork of some kind.
3289 */
3290
3291 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3292 is_ntfs_stream_smb_fname(smb_fname)) {
3293 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3294 goto out;
3295 }
3296
3297 /*
3298 we need to handle the case when we get a
3299 relative open relative to a file and the
3300 pathname is blank - this is a reopen!
3301 (hint from demyn plantenberg)
3302 */
3303
3304 status = NT_STATUS_INVALID_HANDLE;
3305 goto out;
3306 }
3307
3308 if (ISDOT(dir_fsp->fsp_name->base_name)) {
3309 /*
3310 * We're at the toplevel dir, the final file name
3311 * must not contain ./, as this is filtered out
3312 * normally by srvstr_get_path and unix_convert
3313 * explicitly rejects paths containing ./.
3314 */
3315 parent_fname = talloc_strdup(talloc_tos(), "");
3316 if (parent_fname == NULL) {
3317 status = NT_STATUS_NO_MEMORY;
3318 goto out;
3319 }
3320 } else {
3321 size_t dir_name_len = strlen(dir_fsp->fsp_name->base_name);
3322
3323 /*
3324 * Copy in the base directory name.
3325 */
3326
3327 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3328 dir_name_len+2);
3329 if (parent_fname == NULL) {
3330 status = NT_STATUS_NO_MEMORY;
3331 goto out;
3332 }
3333 memcpy(parent_fname, dir_fsp->fsp_name->base_name,
3334 dir_name_len+1);
3335
3336 /*
3337 * Ensure it ends in a '/'.
3338 * We used TALLOC_SIZE +2 to add space for the '/'.
3339 */
3340
3341 if(dir_name_len
3342 && (parent_fname[dir_name_len-1] != '\\')
3343 && (parent_fname[dir_name_len-1] != '/')) {
3344 parent_fname[dir_name_len] = '/';
3345 parent_fname[dir_name_len+1] = '\0';
3346 }
3347 }
3348
3349 new_base_name = talloc_asprintf(talloc_tos(), "%s%s", parent_fname,
3350 smb_fname->base_name);
3351 if (new_base_name == NULL) {
3352 status = NT_STATUS_NO_MEMORY;
3353 goto out;
3354 }
3355
3356 status = filename_convert(req,
3357 conn,
3358 req->flags2 & FLAGS2_DFS_PATHNAMES,
3359 new_base_name,
3360 0,
3361 NULL,
3362 smb_fname_out);
3363 if (!NT_STATUS_IS_OK(status)) {
3364 goto out;
3365 }
3366
3367 out:
3368 TALLOC_FREE(parent_fname);
3369 return status;
3370}
3371
3372NTSTATUS create_file_default(connection_struct *conn,
3373 struct smb_request *req,
3374 uint16_t root_dir_fid,
3375 struct smb_filename *smb_fname,
3376 uint32_t access_mask,
3377 uint32_t share_access,
3378 uint32_t create_disposition,
3379 uint32_t create_options,
3380 uint32_t file_attributes,
3381 uint32_t oplock_request,
3382 uint64_t allocation_size,
3383 struct security_descriptor *sd,
3384 struct ea_list *ea_list,
3385 files_struct **result,
3386 int *pinfo)
3387{
3388 int info = FILE_WAS_OPENED;
3389 files_struct *fsp = NULL;
3390 NTSTATUS status;
3391
3392 DEBUG(10,("create_file: access_mask = 0x%x "
3393 "file_attributes = 0x%x, share_access = 0x%x, "
3394 "create_disposition = 0x%x create_options = 0x%x "
3395 "oplock_request = 0x%x "
3396 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3397 "fname = %s\n",
3398 (unsigned int)access_mask,
3399 (unsigned int)file_attributes,
3400 (unsigned int)share_access,
3401 (unsigned int)create_disposition,
3402 (unsigned int)create_options,
3403 (unsigned int)oplock_request,
3404 (unsigned int)root_dir_fid,
3405 ea_list, sd, smb_fname_str_dbg(smb_fname)));
3406
3407 /*
3408 * Calculate the filename from the root_dir_if if necessary.
3409 */
3410
3411 if (root_dir_fid != 0) {
3412 struct smb_filename *smb_fname_out = NULL;
3413 status = get_relative_fid_filename(conn, req, root_dir_fid,
3414 smb_fname, &smb_fname_out);
3415 if (!NT_STATUS_IS_OK(status)) {
3416 goto fail;
3417 }
3418 smb_fname = smb_fname_out;
3419 }
3420
3421 /*
3422 * Check to see if this is a mac fork of some kind.
3423 */
3424
3425 if (is_ntfs_stream_smb_fname(smb_fname)) {
3426 enum FAKE_FILE_TYPE fake_file_type;
3427
3428 fake_file_type = is_fake_file(smb_fname);
3429
3430 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3431
3432 /*
3433 * Here we go! support for changing the disk quotas
3434 * --metze
3435 *
3436 * We need to fake up to open this MAGIC QUOTA file
3437 * and return a valid FID.
3438 *
3439 * w2k close this file directly after openening xp
3440 * also tries a QUERY_FILE_INFO on the file and then
3441 * close it
3442 */
3443 status = open_fake_file(req, conn, req->vuid,
3444 fake_file_type, smb_fname,
3445 access_mask, &fsp);
3446 if (!NT_STATUS_IS_OK(status)) {
3447 goto fail;
3448 }
3449
3450 ZERO_STRUCT(smb_fname->st);
3451 goto done;
3452 }
3453
3454 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3455 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
3456 goto fail;
3457 }
3458 }
3459
3460 /* All file access must go through check_name() */
3461
3462 status = check_name(conn, smb_fname->base_name);
3463 if (!NT_STATUS_IS_OK(status)) {
3464 goto fail;
3465 }
3466
3467 status = create_file_unixpath(
3468 conn, req, smb_fname, access_mask, share_access,
3469 create_disposition, create_options, file_attributes,
3470 oplock_request, allocation_size, sd, ea_list,
3471 &fsp, &info);
3472
3473 if (!NT_STATUS_IS_OK(status)) {
3474 goto fail;
3475 }
3476
3477 done:
3478 DEBUG(10, ("create_file: info=%d\n", info));
3479
3480 *result = fsp;
3481 if (pinfo != NULL) {
3482 *pinfo = info;
3483 }
3484 return NT_STATUS_OK;
3485
3486 fail:
3487 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3488
3489 if (fsp != NULL) {
3490 close_file(req, fsp, ERROR_CLOSE);
3491 fsp = NULL;
3492 }
3493 return status;
3494}
Note: See TracBrowser for help on using the repository browser.