Changeset 751 for trunk/server/source3/smbd/open.c

Timestamp:

Nov 29, 2012, 1:59:04 PM (13 years ago)

Author:

Silvan Scherrer

Message:

Samba Server: updated trunk to 3.6.9

File:

• trunk/server/source3/smbd/open.c (modified) (17 diffs)

trunk/server/source3/smbd/open.c

@@ -93 +93 @@
                         smb_fname_str_dbg(smb_fname),
                         (unsigned int)*access_granted ));
+                return NT_STATUS_OK;
+        }
+
+        if (access_mask == DELETE_ACCESS &&
+                        VALID_STAT(smb_fname->st) &&
+                        S_ISLNK(smb_fname->st.st_ex_mode)) {
+                /* We can always delete a symlink. */
+                DEBUG(10,("smbd_check_open_rights: not checking ACL "
+                        "on DELETE_ACCESS on symlink %s.\n",
+                        smb_fname_str_dbg(smb_fname) ));
                 return NT_STATUS_OK;
         }
@@ -698 +708 @@
 }
 
-/*******************************************************************
- Return True if the filename is one of the special executable types.
-********************************************************************/
-
-bool is_executable(const char *fname)
-{
-        if ((fname = strrchr_m(fname,'.'))) {
-                if (strequal(fname,".com") ||
-                    strequal(fname,".dll") ||
-                    strequal(fname,".exe") ||
-                    strequal(fname,".sym")) {
-                        return True;
-                }
-        }
-        return False;
-}
-
 /****************************************************************************
  Check if we can open a file with a share mode.
@@ -942 +935 @@
 }
 
-static bool is_delete_request(files_struct *fsp) {
-        return ((fsp->access_mask == DELETE_ACCESS) &&
-                (fsp->oplock_type == NO_OPLOCK));
-}
-
 /*
  * Send a break message to the oplock holder and delay the open for
@@ -1091 +1079 @@
 
         if (ex_entry != NULL) {
-                /* Found an exclusive or batch oplock */
-                bool delay_it = is_delete_request(fsp) ?
-                                BATCH_OPLOCK_TYPE(ex_entry->op_type) : true;
-                if (delay_it) {
-                        send_break_message(fsp, ex_entry, mid, oplock_request);
-                        return true;
-                }
+                send_break_message(fsp, ex_entry, mid, oplock_request);
+                return true;
         }
         return false;
@@ -1335 +1318 @@
 }
 
-/****************************************************************************
- Open a file with a share mode - old openX method - map into NTCreate.
-****************************************************************************/
-
-bool map_open_params_to_ntcreate(const struct smb_filename *smb_fname,
-                                 int deny_mode, int open_func,
-                                 uint32 *paccess_mask,
-                                 uint32 *pshare_mode,
-                                 uint32 *pcreate_disposition,
-                                 uint32 *pcreate_options,
-                                 uint32_t *pprivate_flags)
-{
-        uint32 access_mask;
-        uint32 share_mode;
-        uint32 create_disposition;
-        uint32 create_options = FILE_NON_DIRECTORY_FILE;
-        uint32_t private_flags = 0;
-
-        DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
-                  "open_func = 0x%x\n",
-                  smb_fname_str_dbg(smb_fname), (unsigned int)deny_mode,
-                  (unsigned int)open_func ));
-
-        /* Create the NT compatible access_mask. */
-        switch (GET_OPENX_MODE(deny_mode)) {
-                case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
-                case DOS_OPEN_RDONLY:
-                        access_mask = FILE_GENERIC_READ;
-                        break;
-                case DOS_OPEN_WRONLY:
-                        access_mask = FILE_GENERIC_WRITE;
-                        break;
-                case DOS_OPEN_RDWR:
-                case DOS_OPEN_FCB:
-                        access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
-                        break;
-                default:
-                        DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
-                                  (unsigned int)GET_OPENX_MODE(deny_mode)));
-                        return False;
-        }
-
-        /* Create the NT compatible create_disposition. */
-        switch (open_func) {
-                case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
-                        create_disposition = FILE_CREATE;
-                        break;
-
-                case OPENX_FILE_EXISTS_OPEN:
-                        create_disposition = FILE_OPEN;
-                        break;
-
-                case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
-                        create_disposition = FILE_OPEN_IF;
-                        break;
-
-                case OPENX_FILE_EXISTS_TRUNCATE:
-                        create_disposition = FILE_OVERWRITE;
-                        break;
-
-                case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
-                        create_disposition = FILE_OVERWRITE_IF;
-                        break;
-
-                default:
-                        /* From samba4 - to be confirmed. */
-                        if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
-                                create_disposition = FILE_CREATE;
-                                break;
-                        }
-                        DEBUG(10,("map_open_params_to_ntcreate: bad "
-                                  "open_func 0x%x\n", (unsigned int)open_func));
-                        return False;
-        }
-
-        /* Create the NT compatible share modes. */
-        switch (GET_DENY_MODE(deny_mode)) {
-                case DENY_ALL:
-                        share_mode = FILE_SHARE_NONE;
-                        break;
-
-                case DENY_WRITE:
-                        share_mode = FILE_SHARE_READ;
-                        break;
-
-                case DENY_READ:
-                        share_mode = FILE_SHARE_WRITE;
-                        break;
-
-                case DENY_NONE:
-                        share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
-                        break;
-
-                case DENY_DOS:
-                        private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
-                        if (is_executable(smb_fname->base_name)) {
-                                share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
-                        } else {
-                                if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
-                                        share_mode = FILE_SHARE_READ;
-                                } else {
-                                        share_mode = FILE_SHARE_NONE;
-                                }
-                        }
-                        break;
-
-                case DENY_FCB:
-                        private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
-                        share_mode = FILE_SHARE_NONE;
-                        break;
-
-                default:
-                        DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
-                                (unsigned int)GET_DENY_MODE(deny_mode) ));
-                        return False;
-        }
-
-        DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
-                  "share_mode = 0x%x, create_disposition = 0x%x, "
-                  "create_options = 0x%x private_flags = 0x%x\n",
-                  smb_fname_str_dbg(smb_fname),
-                  (unsigned int)access_mask,
-                  (unsigned int)share_mode,
-                  (unsigned int)create_disposition,
-                  (unsigned int)create_options,
-                  (unsigned int)private_flags));
-
-        if (paccess_mask) {
-                *paccess_mask = access_mask;
-        }
-        if (pshare_mode) {
-                *pshare_mode = share_mode;
-        }
-        if (pcreate_disposition) {
-                *pcreate_disposition = create_disposition;
-        }
-        if (pcreate_options) {
-                *pcreate_options = create_options;
-        }
-        if (pprivate_flags) {
-                *pprivate_flags = private_flags;
-        }
-
-        return True;
-
-}
-
 static void schedule_defer_open(struct share_mode_lock *lck,
                                 struct timeval request_time,
@@ -1573 +1409 @@
                                         smb_fname_str_dbg(smb_fname)));
                                 return NT_STATUS_ACCESS_DENIED;
+                        }
+
+                        if (!(access_granted & DELETE_ACCESS)) {
+                                if (can_delete_file_in_directory(conn, smb_fname)) {
+                                        access_granted |= DELETE_ACCESS;
+                                }
                         }
 
@@ -1705 +1547 @@
         ZERO_STRUCT(id);
 
-        /* Windows allows a new file to be created and
-           silently removes a FILE_ATTRIBUTE_DIRECTORY
-           sent by the client. Do the same. */
-
-        new_dos_attributes &= ~FILE_ATTRIBUTE_DIRECTORY;
-
         if (conn->printer) {
                 /*
@@ -1744 +1580 @@
                 new_dos_attributes = 0;
         } else {
+                /* Windows allows a new file to be created and
+                   silently removes a FILE_ATTRIBUTE_DIRECTORY
+                   sent by the client. Do the same. */
+
+                new_dos_attributes &= ~FILE_ATTRIBUTE_DIRECTORY;
+
                 /* We add FILE_ATTRIBUTE_ARCHIVE to this as this mode is only used if the file is
                  * created new. */
@@ -1787 +1629 @@
                         remove_deferred_open_message_smb(req->mid);
                 }
-        }
-
-        status = check_name(conn, smb_fname->base_name);
-        if (!NT_STATUS_IS_OK(status)) {
-                return status;
         }
 
@@ -2743 +2580 @@
         SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
 
-        /* Ensure we have a directory attribute. */
-        file_attributes |= FILE_ATTRIBUTE_DIRECTORY;
+        if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
+                /* Ensure we have a directory attribute. */
+                file_attributes |= FILE_ATTRIBUTE_DIRECTORY;
+        }
 
         DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
@@ -2900 +2739 @@
         fsp->share_access = share_access;
         fsp->fh->private_options = 0;
-        /*
-         * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
-         */
-        fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
         fsp->print_file = NULL;
         fsp->modified = False;
@@ -2918 +2753 @@
         mtimespec = smb_dname->st.st_ex_mtime;
 
+        /* Temporary access mask used to open the directory fd. */
+        fsp->access_mask = FILE_READ_DATA | FILE_READ_ATTRIBUTES;
 #ifdef O_DIRECTORY
         status = fd_open(conn, fsp, O_RDONLY|O_DIRECTORY, 0);
@@ -2932 +2769 @@
                 return status;
         }
+
+        /*
+         * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
+         * Set the real access mask for later access (possibly delete).
+         */
+        fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
 
         status = vfs_stat_fsp(fsp);
@@ -3132 +2975 @@
                                         const char *fname)
 {
-        struct stream_struct *stream_info;
-        files_struct **streams;
+        struct stream_struct *stream_info = NULL;
+        files_struct **streams = NULL;
         int i;
-        unsigned int num_streams;
+        unsigned int num_streams = 0;
         TALLOC_CTX *frame = talloc_stackframe();
         NTSTATUS status;
 
-        status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
-                                    &num_streams, &stream_info);
+        status = vfs_streaminfo(conn, NULL, fname, talloc_tos(),
+                                &num_streams, &stream_info);
 
         if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
@@ -3150 +2993 @@
 
         if (!NT_STATUS_IS_OK(status)) {
-                DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
+                DEBUG(10, ("vfs_streaminfo failed: %s\n",
                            nt_errstr(status)));
                 goto fail;
@@ -3517 +3360 @@
                 fsp->access_mask = FILE_GENERIC_ALL;
 
-                /* Convert all the generic bits. */
-                security_acl_map_generic(sd->dacl, &file_generic_mapping);
-                security_acl_map_generic(sd->sacl, &file_generic_mapping);
-
                 if (sec_info_sent & (SECINFO_OWNER|
                                         SECINFO_GROUP|
                                         SECINFO_DACL|
                                         SECINFO_SACL)) {
-                        status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
+                        status = set_sd(fsp, sd, sec_info_sent);
                 }
 
@@ -3814 +3653 @@
         }
 
-        /* All file access must go through check_name() */
-
-        status = check_name(conn, smb_fname->base_name);
-        if (!NT_STATUS_IS_OK(status)) {
-                goto fail;
-        }
-
         if (stream_name && is_ntfs_default_stream_smb_fname(smb_fname)) {
                 int ret;