search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Part 3 of bugfix for #8211 - "inherit owner = yes" doesn't interact correctly with...
[Samba.git] / source3 / smbd / open.c
blobe77284b9f9379c5fd94d66229eb9dcae39e00883
1 /*
2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "smbd/globals.h"
24
25 extern struct current_user current_user;
26 extern const struct generic_mapping file_generic_mapping;
27
28 struct deferred_open_record {
29 bool delayed_for_oplocks;
30 struct file_id id;
31 };
32
33 static NTSTATUS create_file_unixpath(connection_struct *conn,
34 struct smb_request *req,
35 struct smb_filename *smb_fname,
36 uint32_t access_mask,
37 uint32_t share_access,
38 uint32_t create_disposition,
39 uint32_t create_options,
40 uint32_t file_attributes,
41 uint32_t oplock_request,
42 uint64_t allocation_size,
43 struct security_descriptor *sd,
44 struct ea_list *ea_list,
45
46 files_struct **result,
47 int *pinfo);
48
49 /****************************************************************************
50 SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
51 ****************************************************************************/
52
53 NTSTATUS smb1_file_se_access_check(connection_struct *conn,
54 const struct security_descriptor *sd,
55 const NT_USER_TOKEN *token,
56 uint32_t access_desired,
57 uint32_t *access_granted)
58 {
59 *access_granted = 0;
60
61 if (conn->server_info->utok.uid == 0 || conn->admin_user) {
62 /* I'm sorry sir, I didn't know you were root... */
63 *access_granted = access_desired;
64 if (access_desired & SEC_FLAG_MAXIMUM_ALLOWED) {
65 *access_granted |= FILE_GENERIC_ALL;
66 }
67 return NT_STATUS_OK;
68 }
69
70 return se_access_check(sd,
71 token,
72 (access_desired & ~FILE_READ_ATTRIBUTES),
73 access_granted);
74 }
75
76 /****************************************************************************
77 Check if we have open rights.
78 ****************************************************************************/
79
80 NTSTATUS smbd_check_open_rights(struct connection_struct *conn,
81 const struct smb_filename *smb_fname,
82 uint32_t access_mask,
83 uint32_t *access_granted)
84 {
85 /* Check if we have rights to open. */
86 NTSTATUS status;
87 struct security_descriptor *sd = NULL;
88
89 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
90 (OWNER_SECURITY_INFORMATION |
91 GROUP_SECURITY_INFORMATION |
92 DACL_SECURITY_INFORMATION),&sd);
93
94 if (!NT_STATUS_IS_OK(status)) {
95 DEBUG(10, ("smbd_check_open_rights: Could not get acl "
96 "on %s: %s\n",
97 smb_fname_str_dbg(smb_fname),
98 nt_errstr(status)));
99 return status;
100 }
101
102 status = smb1_file_se_access_check(conn,
103 sd,
104 conn->server_info->ptok,
105 access_mask,
106 access_granted);
107
108 DEBUG(10,("smbd_check_open_rights: file %s requesting "
109 "0x%x returning 0x%x (%s)\n",
110 smb_fname_str_dbg(smb_fname),
111 (unsigned int)access_mask,
112 (unsigned int)*access_granted,
113 nt_errstr(status) ));
114
115 if (!NT_STATUS_IS_OK(status)) {
116 if (DEBUGLEVEL >= 10) {
117 DEBUG(10,("smbd_check_open_rights: acl for %s is:\n",
118 smb_fname_str_dbg(smb_fname) ));
119 NDR_PRINT_DEBUG(security_descriptor, sd);
120 }
121 }
122
123 TALLOC_FREE(sd);
124
125 return status;
126 }
127
128 /****************************************************************************
129 fd support routines - attempt to do a dos_open.
130 ****************************************************************************/
131
132 static NTSTATUS fd_open(struct connection_struct *conn,
133 files_struct *fsp,
134 int flags,
135 mode_t mode)
136 {
137 struct smb_filename *smb_fname = fsp->fsp_name;
138 NTSTATUS status = NT_STATUS_OK;
139
140 #ifdef O_NOFOLLOW
141 /*
142 * Never follow symlinks on a POSIX client. The
143 * client should be doing this.
144 */
145
146 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
147 flags |= O_NOFOLLOW;
148 }
149 #endif
150
151 fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
152 if (fsp->fh->fd == -1) {
153 status = map_nt_error_from_unix(errno);
154 if (errno == EMFILE) {
155 static time_t last_warned = 0L;
156
157 if (time((time_t *) NULL) > last_warned) {
158 DEBUG(0,("Too many open files, unable "
159 "to open more! smbd's max "
160 "open files = %d\n",
161 lp_max_open_files()));
162 last_warned = time((time_t *) NULL);
163 }
164 }
165
166 }
167
168 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
169 smb_fname_str_dbg(smb_fname), flags, (int)mode, fsp->fh->fd,
170 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
171
172 return status;
173 }
174
175 /****************************************************************************
176 Close the file associated with a fsp.
177 ****************************************************************************/
178
179 NTSTATUS fd_close(files_struct *fsp)
180 {
181 int ret;
182
183 if (fsp->fh->fd == -1) {
184 return NT_STATUS_OK; /* What we used to call a stat open. */
185 }
186 if (fsp->fh->ref_count > 1) {
187 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
188 }
189
190 ret = SMB_VFS_CLOSE(fsp);
191 fsp->fh->fd = -1;
192 if (ret == -1) {
193 return map_nt_error_from_unix(errno);
194 }
195 return NT_STATUS_OK;
196 }
197
198 /****************************************************************************
199 Change the ownership of a file to that of the parent directory.
200 Do this by fd if possible.
201 ****************************************************************************/
202
203 void change_file_owner_to_parent(connection_struct *conn,
204 const char *inherit_from_dir,
205 files_struct *fsp)
206 {
207 struct smb_filename *smb_fname_parent = NULL;
208 NTSTATUS status;
209 int ret;
210
211 status = create_synthetic_smb_fname(talloc_tos(), inherit_from_dir,
212 NULL, NULL, &smb_fname_parent);
213 if (!NT_STATUS_IS_OK(status)) {
214 return;
215 }
216
217 ret = SMB_VFS_STAT(conn, smb_fname_parent);
218 if (ret == -1) {
219 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
220 "directory %s. Error was %s\n",
221 smb_fname_str_dbg(smb_fname_parent),
222 strerror(errno)));
223 return;
224 }
225
226 become_root();
227 ret = SMB_VFS_FCHOWN(fsp, smb_fname_parent->st.st_ex_uid, (gid_t)-1);
228 unbecome_root();
229 if (ret == -1) {
230 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
231 "file %s to parent directory uid %u. Error "
232 "was %s\n", fsp_str_dbg(fsp),
233 (unsigned int)smb_fname_parent->st.st_ex_uid,
234 strerror(errno) ));
235 } else {
236 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
237 "parent directory uid %u.\n", fsp_str_dbg(fsp),
238 (unsigned int)smb_fname_parent->st.st_ex_uid));
239
240 /* Ensure the uid entry is updated. */
241 fsp->fsp_name->st.st_ex_uid = smb_fname_parent->st.st_ex_uid;
242 }
243
244 TALLOC_FREE(smb_fname_parent);
245 }
246
247 NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
248 const char *inherit_from_dir,
249 const char *fname,
250 SMB_STRUCT_STAT *psbuf)
251 {
252 struct smb_filename *smb_fname_parent = NULL;
253 struct smb_filename *smb_fname_cwd = NULL;
254 char *saved_dir = NULL;
255 TALLOC_CTX *ctx = talloc_tos();
256 NTSTATUS status = NT_STATUS_OK;
257 int ret;
258
259 status = create_synthetic_smb_fname(ctx, inherit_from_dir, NULL, NULL,
260 &smb_fname_parent);
261 if (!NT_STATUS_IS_OK(status)) {
262 return status;
263 }
264
265 ret = SMB_VFS_STAT(conn, smb_fname_parent);
266 if (ret == -1) {
267 status = map_nt_error_from_unix(errno);
268 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
269 "directory %s. Error was %s\n",
270 smb_fname_str_dbg(smb_fname_parent),
271 strerror(errno)));
272 goto out;
273 }
274
275 /* We've already done an lstat into psbuf, and we know it's a
276 directory. If we can cd into the directory and the dev/ino
277 are the same then we can safely chown without races as
278 we're locking the directory in place by being in it. This
279 should work on any UNIX (thanks tridge :-). JRA.
280 */
281
282 saved_dir = vfs_GetWd(ctx,conn);
283 if (!saved_dir) {
284 status = map_nt_error_from_unix(errno);
285 DEBUG(0,("change_dir_owner_to_parent: failed to get "
286 "current working directory. Error was %s\n",
287 strerror(errno)));
288 goto out;
289 }
290
291 /* Chdir into the new path. */
292 if (vfs_ChDir(conn, fname) == -1) {
293 status = map_nt_error_from_unix(errno);
294 DEBUG(0,("change_dir_owner_to_parent: failed to change "
295 "current working directory to %s. Error "
296 "was %s\n", fname, strerror(errno) ));
297 goto chdir;
298 }
299
300 status = create_synthetic_smb_fname(ctx, ".", NULL, NULL,
301 &smb_fname_cwd);
302 if (!NT_STATUS_IS_OK(status)) {
303 return status;
304 }
305
306 ret = SMB_VFS_STAT(conn, smb_fname_cwd);
307 if (ret == -1) {
308 status = map_nt_error_from_unix(errno);
309 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
310 "directory '.' (%s) Error was %s\n",
311 fname, strerror(errno)));
312 goto chdir;
313 }
314
315 /* Ensure we're pointing at the same place. */
316 if (smb_fname_cwd->st.st_ex_dev != psbuf->st_ex_dev ||
317 smb_fname_cwd->st.st_ex_ino != psbuf->st_ex_ino ||
318 smb_fname_cwd->st.st_ex_mode != psbuf->st_ex_mode ) {
319 DEBUG(0,("change_dir_owner_to_parent: "
320 "device/inode/mode on directory %s changed. "
321 "Refusing to chown !\n", fname ));
322 status = NT_STATUS_ACCESS_DENIED;
323 goto chdir;
324 }
325
326 become_root();
327 ret = SMB_VFS_CHOWN(conn, ".", smb_fname_parent->st.st_ex_uid,
328 (gid_t)-1);
329 unbecome_root();
330 if (ret == -1) {
331 status = map_nt_error_from_unix(errno);
332 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
333 "directory %s to parent directory uid %u. "
334 "Error was %s\n", fname,
335 (unsigned int)smb_fname_parent->st.st_ex_uid,
336 strerror(errno) ));
337 goto chdir;
338 }
339
340 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
341 "directory %s to parent directory uid %u.\n",
342 fname, (unsigned int)smb_fname_parent->st.st_ex_uid ));
343
344 /* Ensure the uid entry is updated. */
345 psbuf->st_ex_uid = smb_fname_parent->st.st_ex_uid;
346
347 chdir:
348 vfs_ChDir(conn,saved_dir);
349 out:
350 TALLOC_FREE(smb_fname_parent);
351 TALLOC_FREE(smb_fname_cwd);
352 return status;
353 }
354
355 /****************************************************************************
356 Open a file.
357 ****************************************************************************/
358
359 static NTSTATUS open_file(files_struct *fsp,
360 connection_struct *conn,
361 struct smb_request *req,
362 const char *parent_dir,
363 int flags,
364 mode_t unx_mode,
365 uint32 access_mask, /* client requested access mask. */
366 uint32 open_access_mask) /* what we're actually using in the open. */
367 {
368 struct smb_filename *smb_fname = fsp->fsp_name;
369 NTSTATUS status = NT_STATUS_OK;
370 int accmode = (flags & O_ACCMODE);
371 int local_flags = flags;
372 bool file_existed = VALID_STAT(fsp->fsp_name->st);
373 bool file_created = false;
374
375 fsp->fh->fd = -1;
376 errno = EPERM;
377
378 /* Check permissions */
379
380 /*
381 * This code was changed after seeing a client open request
382 * containing the open mode of (DENY_WRITE/read-only) with
383 * the 'create if not exist' bit set. The previous code
384 * would fail to open the file read only on a read-only share
385 * as it was checking the flags parameter directly against O_RDONLY,
386 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
387 * JRA.
388 */
389
390 if (!CAN_WRITE(conn)) {
391 /* It's a read-only share - fail if we wanted to write. */
392 if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
393 DEBUG(3,("Permission denied opening %s\n",
394 smb_fname_str_dbg(smb_fname)));
395 return NT_STATUS_ACCESS_DENIED;
396 } else if(flags & O_CREAT) {
397 /* We don't want to write - but we must make sure that
398 O_CREAT doesn't create the file if we have write
399 access into the directory.
400 */
401 flags &= ~(O_CREAT|O_EXCL);
402 local_flags &= ~(O_CREAT|O_EXCL);
403 }
404 }
405
406 /*
407 * This little piece of insanity is inspired by the
408 * fact that an NT client can open a file for O_RDONLY,
409 * but set the create disposition to FILE_EXISTS_TRUNCATE.
410 * If the client *can* write to the file, then it expects to
411 * truncate the file, even though it is opening for readonly.
412 * Quicken uses this stupid trick in backup file creation...
413 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
414 * for helping track this one down. It didn't bite us in 2.0.x
415 * as we always opened files read-write in that release. JRA.
416 */
417
418 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
419 DEBUG(10,("open_file: truncate requested on read-only open "
420 "for file %s\n", smb_fname_str_dbg(smb_fname)));
421 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
422 }
423
424 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
425 (!file_existed && (local_flags & O_CREAT)) ||
426 ((local_flags & O_TRUNC) == O_TRUNC) ) {
427 const char *wild;
428
429 /*
430 * We can't actually truncate here as the file may be locked.
431 * open_file_ntcreate will take care of the truncate later. JRA.
432 */
433
434 local_flags &= ~O_TRUNC;
435
436 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
437 /*
438 * We would block on opening a FIFO with no one else on the
439 * other end. Do what we used to do and add O_NONBLOCK to the
440 * open flags. JRA.
441 */
442
443 if (file_existed && S_ISFIFO(smb_fname->st.st_ex_mode)) {
444 local_flags |= O_NONBLOCK;
445 }
446 #endif
447
448 /* Don't create files with Microsoft wildcard characters. */
449 if (fsp->base_fsp) {
450 /*
451 * wildcard characters are allowed in stream names
452 * only test the basefilename
453 */
454 wild = fsp->base_fsp->fsp_name->base_name;
455 } else {
456 wild = smb_fname->base_name;
457 }
458 if ((local_flags & O_CREAT) && !file_existed &&
459 ms_has_wild(wild)) {
460 return NT_STATUS_OBJECT_NAME_INVALID;
461 }
462
463 /* Actually do the open */
464 status = fd_open(conn, fsp, local_flags, unx_mode);
465 if (!NT_STATUS_IS_OK(status)) {
466 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
467 "(flags=%d)\n", smb_fname_str_dbg(smb_fname),
468 nt_errstr(status),local_flags,flags));
469 return status;
470 }
471
472 if ((local_flags & O_CREAT) && !file_existed) {
473 file_created = true;
474 }
475
476 } else {
477 fsp->fh->fd = -1; /* What we used to call a stat open. */
478 if (file_existed) {
479 uint32_t access_granted = 0;
480
481 status = smbd_check_open_rights(conn,
482 smb_fname,
483 access_mask,
484 &access_granted);
485 if (!NT_STATUS_IS_OK(status)) {
486 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
487 /*
488 * On NT_STATUS_ACCESS_DENIED, access_granted
489 * contains the denied bits.
490 */
491
492 if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
493 (access_granted & FILE_WRITE_ATTRIBUTES) &&
494 (lp_map_readonly(SNUM(conn)) ||
495 lp_map_archive(SNUM(conn)) ||
496 lp_map_hidden(SNUM(conn)) ||
497 lp_map_system(SNUM(conn)))) {
498 access_granted &= ~FILE_WRITE_ATTRIBUTES;
499
500 DEBUG(10,("open_file: "
501 "overrode "
502 "FILE_WRITE_"
503 "ATTRIBUTES "
504 "on file %s\n",
505 smb_fname_str_dbg(
506 smb_fname)));
507 }
508
509 if ((access_mask & DELETE_ACCESS) &&
510 (access_granted & DELETE_ACCESS) &&
511 can_delete_file_in_directory(conn,
512 smb_fname)) {
513 /* Were we trying to do a stat open
514 * for delete and didn't get DELETE
515 * access (only) ? Check if the
516 * directory allows DELETE_CHILD.
517 * See here:
518 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
519 * for details. */
520
521 access_granted &= ~DELETE_ACCESS;
522
523 DEBUG(10,("open_file: "
524 "overrode "
525 "DELETE_ACCESS on "
526 "file %s\n",
527 smb_fname_str_dbg(
528 smb_fname)));
529 }
530
531 if (access_granted != 0) {
532 DEBUG(10,("open_file: Access "
533 "denied on file "
534 "%s\n",
535 smb_fname_str_dbg(
536 smb_fname)));
537 return status;
538 }
539 } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
540 fsp->posix_open &&
541 S_ISLNK(smb_fname->st.st_ex_mode)) {
542 /* This is a POSIX stat open for delete
543 * or rename on a symlink that points
544 * nowhere. Allow. */
545 DEBUG(10,("open_file: allowing POSIX "
546 "open on bad symlink %s\n",
547 smb_fname_str_dbg(
548 smb_fname)));
549 } else {
550 DEBUG(10,("open_file: "
551 "smbd_check_open_rights on file "
552 "%s returned %s\n",
553 smb_fname_str_dbg(smb_fname),
554 nt_errstr(status) ));
555 return status;
556 }
557 }
558 }
559 }
560
561 if (!file_existed) {
562 int ret;
563
564 if (fsp->fh->fd == -1) {
565 ret = SMB_VFS_STAT(conn, smb_fname);
566 } else {
567 ret = SMB_VFS_FSTAT(fsp, &smb_fname->st);
568 /* If we have an fd, this stat should succeed. */
569 if (ret == -1) {
570 DEBUG(0,("Error doing fstat on open file %s "
571 "(%s)\n",
572 smb_fname_str_dbg(smb_fname),
573 strerror(errno) ));
574 }
575 }
576
577 /* For a non-io open, this stat failing means file not found. JRA */
578 if (ret == -1) {
579 status = map_nt_error_from_unix(errno);
580 fd_close(fsp);
581 return status;
582 }
583
584 if (file_created) {
585 /* Do all inheritance work after we've
586 done a successful stat call and filled
587 in the stat struct in fsp->fsp_name. */
588
589 /* Inherit the ACL if required */
590 if (lp_inherit_perms(SNUM(conn))) {
591 inherit_access_posix_acl(conn, parent_dir,
592 smb_fname->base_name,
593 unx_mode);
594 }
595
596 /* Change the owner if required. */
597 if (lp_inherit_owner(SNUM(conn))) {
598 change_file_owner_to_parent(conn, parent_dir,
599 fsp);
600 }
601
602 notify_fname(conn, NOTIFY_ACTION_ADDED,
603 FILE_NOTIFY_CHANGE_FILE_NAME,
604 smb_fname->base_name);
605 }
606 }
607
608 /*
609 * POSIX allows read-only opens of directories. We don't
610 * want to do this (we use a different code path for this)
611 * so catch a directory open and return an EISDIR. JRA.
612 */
613
614 if(S_ISDIR(smb_fname->st.st_ex_mode)) {
615 fd_close(fsp);
616 errno = EISDIR;
617 return NT_STATUS_FILE_IS_A_DIRECTORY;
618 }
619
620 fsp->mode = smb_fname->st.st_ex_mode;
621 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
622 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
623 fsp->file_pid = req ? req->smbpid : 0;
624 fsp->can_lock = True;
625 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
626 if (!CAN_WRITE(conn)) {
627 fsp->can_write = False;
628 } else {
629 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
630 True : False;
631 }
632 fsp->print_file = False;
633 fsp->modified = False;
634 fsp->sent_oplock_break = NO_BREAK_SENT;
635 fsp->is_directory = False;
636 if (conn->aio_write_behind_list &&
637 is_in_path(smb_fname->base_name, conn->aio_write_behind_list,
638 conn->case_sensitive)) {
639 fsp->aio_write_behind = True;
640 }
641
642 fsp->wcp = NULL; /* Write cache pointer. */
643
644 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
645 conn->server_info->unix_name,
646 smb_fname_str_dbg(smb_fname),
647 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
648 conn->num_files_open));
649
650 errno = 0;
651 return NT_STATUS_OK;
652 }
653
654 /*******************************************************************
655 Return True if the filename is one of the special executable types.
656 ********************************************************************/
657
658 bool is_executable(const char *fname)
659 {
660 if ((fname = strrchr_m(fname,'.'))) {
661 if (strequal(fname,".com") ||
662 strequal(fname,".dll") ||
663 strequal(fname,".exe") ||
664 strequal(fname,".sym")) {
665 return True;
666 }
667 }
668 return False;
669 }
670
671 /****************************************************************************
672 Check if we can open a file with a share mode.
673 Returns True if conflict, False if not.
674 ****************************************************************************/
675
676 static bool share_conflict(struct share_mode_entry *entry,
677 uint32 access_mask,
678 uint32 share_access)
679 {
680 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
681 "entry->share_access = 0x%x, "
682 "entry->private_options = 0x%x\n",
683 (unsigned int)entry->access_mask,
684 (unsigned int)entry->share_access,
685 (unsigned int)entry->private_options));
686
687 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
688 (unsigned int)access_mask, (unsigned int)share_access));
689
690 if ((entry->access_mask & (FILE_WRITE_DATA|
691 FILE_APPEND_DATA|
692 FILE_READ_DATA|
693 FILE_EXECUTE|
694 DELETE_ACCESS)) == 0) {
695 DEBUG(10,("share_conflict: No conflict due to "
696 "entry->access_mask = 0x%x\n",
697 (unsigned int)entry->access_mask ));
698 return False;
699 }
700
701 if ((access_mask & (FILE_WRITE_DATA|
702 FILE_APPEND_DATA|
703 FILE_READ_DATA|
704 FILE_EXECUTE|
705 DELETE_ACCESS)) == 0) {
706 DEBUG(10,("share_conflict: No conflict due to "
707 "access_mask = 0x%x\n",
708 (unsigned int)access_mask ));
709 return False;
710 }
711
712 #if 1 /* JRA TEST - Superdebug. */
713 #define CHECK_MASK(num, am, right, sa, share) \
714 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
715 (unsigned int)(num), (unsigned int)(am), \
716 (unsigned int)(right), (unsigned int)(am)&(right) )); \
717 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
718 (unsigned int)(num), (unsigned int)(sa), \
719 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
720 if (((am) & (right)) && !((sa) & (share))) { \
721 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
722 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
723 (unsigned int)(share) )); \
724 return True; \
725 }
726 #else
727 #define CHECK_MASK(num, am, right, sa, share) \
728 if (((am) & (right)) && !((sa) & (share))) { \
729 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
730 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
731 (unsigned int)(share) )); \
732 return True; \
733 }
734 #endif
735
736 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
737 share_access, FILE_SHARE_WRITE);
738 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
739 entry->share_access, FILE_SHARE_WRITE);
740
741 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
742 share_access, FILE_SHARE_READ);
743 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
744 entry->share_access, FILE_SHARE_READ);
745
746 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
747 share_access, FILE_SHARE_DELETE);
748 CHECK_MASK(6, access_mask, DELETE_ACCESS,
749 entry->share_access, FILE_SHARE_DELETE);
750
751 DEBUG(10,("share_conflict: No conflict.\n"));
752 return False;
753 }
754
755 #if defined(DEVELOPER)
756 static void validate_my_share_entries(int num,
757 struct share_mode_entry *share_entry)
758 {
759 files_struct *fsp;
760
761 if (!procid_is_me(&share_entry->pid)) {
762 return;
763 }
764
765 if (is_deferred_open_entry(share_entry) &&
766 !open_was_deferred(share_entry->op_mid)) {
767 char *str = talloc_asprintf(talloc_tos(),
768 "Got a deferred entry without a request: "
769 "PANIC: %s\n",
770 share_mode_str(talloc_tos(), num, share_entry));
771 smb_panic(str);
772 }
773
774 if (!is_valid_share_mode_entry(share_entry)) {
775 return;
776 }
777
778 fsp = file_find_dif(share_entry->id,
779 share_entry->share_file_id);
780 if (!fsp) {
781 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
782 share_mode_str(talloc_tos(), num, share_entry) ));
783 smb_panic("validate_my_share_entries: Cannot match a "
784 "share entry with an open file\n");
785 }
786
787 if (is_deferred_open_entry(share_entry) ||
788 is_unused_share_mode_entry(share_entry)) {
789 goto panic;
790 }
791
792 if ((share_entry->op_type == NO_OPLOCK) &&
793 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
794 /* Someone has already written to it, but I haven't yet
795 * noticed */
796 return;
797 }
798
799 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
800 goto panic;
801 }
802
803 return;
804
805 panic:
806 {
807 char *str;
808 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
809 share_mode_str(talloc_tos(), num, share_entry) ));
810 str = talloc_asprintf(talloc_tos(),
811 "validate_my_share_entries: "
812 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
813 fsp->fsp_name->base_name,
814 (unsigned int)fsp->oplock_type,
815 (unsigned int)share_entry->op_type );
816 smb_panic(str);
817 }
818 }
819 #endif
820
821 bool is_stat_open(uint32 access_mask)
822 {
823 return (access_mask &&
824 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
825 FILE_WRITE_ATTRIBUTES))==0) &&
826 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
827 FILE_WRITE_ATTRIBUTES)) != 0));
828 }
829
830 /****************************************************************************
831 Deal with share modes
832 Invarient: Share mode must be locked on entry and exit.
833 Returns -1 on error, or number of share modes on success (may be zero).
834 ****************************************************************************/
835
836 static NTSTATUS open_mode_check(connection_struct *conn,
837 struct share_mode_lock *lck,
838 uint32 access_mask,
839 uint32 share_access,
840 uint32 create_options,
841 bool *file_existed)
842 {
843 int i;
844
845 if(lck->num_share_modes == 0) {
846 return NT_STATUS_OK;
847 }
848
849 *file_existed = True;
850
851 /* A delete on close prohibits everything */
852
853 if (lck->delete_on_close) {
854 return NT_STATUS_DELETE_PENDING;
855 }
856
857 if (is_stat_open(access_mask)) {
858 /* Stat open that doesn't trigger oplock breaks or share mode
859 * checks... ! JRA. */
860 return NT_STATUS_OK;
861 }
862
863 /*
864 * Check if the share modes will give us access.
865 */
866
867 #if defined(DEVELOPER)
868 for(i = 0; i < lck->num_share_modes; i++) {
869 validate_my_share_entries(i, &lck->share_modes[i]);
870 }
871 #endif
872
873 if (!lp_share_modes(SNUM(conn))) {
874 return NT_STATUS_OK;
875 }
876
877 /* Now we check the share modes, after any oplock breaks. */
878 for(i = 0; i < lck->num_share_modes; i++) {
879
880 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
881 continue;
882 }
883
884 /* someone else has a share lock on it, check to see if we can
885 * too */
886 if (share_conflict(&lck->share_modes[i],
887 access_mask, share_access)) {
888 return NT_STATUS_SHARING_VIOLATION;
889 }
890 }
891
892 return NT_STATUS_OK;
893 }
894
895 static bool is_delete_request(files_struct *fsp) {
896 return ((fsp->access_mask == DELETE_ACCESS) &&
897 (fsp->oplock_type == NO_OPLOCK));
898 }
899
900 /*
901 * Send a break message to the oplock holder and delay the open for
902 * our client.
903 */
904
905 static NTSTATUS send_break_message(files_struct *fsp,
906 struct share_mode_entry *exclusive,
907 uint16 mid,
908 int oplock_request)
909 {
910 NTSTATUS status;
911 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
912
913 DEBUG(10, ("Sending break request to PID %s\n",
914 procid_str_static(&exclusive->pid)));
915 exclusive->op_mid = mid;
916
917 /* Create the message. */
918 share_mode_entry_to_message(msg, exclusive);
919
920 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
921 don't want this set in the share mode struct pointed to by lck. */
922
923 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
924 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
925 }
926
927 status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
928 MSG_SMB_BREAK_REQUEST,
929 (uint8 *)msg,
930 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
931 if (!NT_STATUS_IS_OK(status)) {
932 DEBUG(3, ("Could not send oplock break message: %s\n",
933 nt_errstr(status)));
934 }
935
936 return status;
937 }
938
939 /*
940 * 1) No files open at all or internal open: Grant whatever the client wants.
941 *
942 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
943 * request, break if the oplock around is a batch oplock. If it's another
944 * requested access type, break.
945 *
946 * 3) Only level2 around: Grant level2 and do nothing else.
947 */
948
949 static bool delay_for_oplocks(struct share_mode_lock *lck,
950 files_struct *fsp,
951 uint16 mid,
952 int pass_number,
953 int oplock_request)
954 {
955 int i;
956 struct share_mode_entry *exclusive = NULL;
957 bool valid_entry = false;
958 bool have_level2 = false;
959 bool have_a_none_oplock = false;
960 bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
961 lp_level2_oplocks(SNUM(fsp->conn));
962
963 if (oplock_request & INTERNAL_OPEN_ONLY) {
964 fsp->oplock_type = NO_OPLOCK;
965 }
966
967 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
968 return false;
969 }
970
971 for (i=0; i<lck->num_share_modes; i++) {
972
973 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
974 continue;
975 }
976
977 /* At least one entry is not an invalid or deferred entry. */
978 valid_entry = true;
979
980 if (pass_number == 1) {
981 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
982 SMB_ASSERT(exclusive == NULL);
983 exclusive = &lck->share_modes[i];
984 }
985 } else {
986 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
987 SMB_ASSERT(exclusive == NULL);
988 exclusive = &lck->share_modes[i];
989 }
990 }
991
992 if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
993 SMB_ASSERT(exclusive == NULL);
994 have_level2 = true;
995 }
996
997 if (lck->share_modes[i].op_type == NO_OPLOCK) {
998 have_a_none_oplock = true;
999 }
1000 }
1001
1002 if (exclusive != NULL) { /* Found an exclusive oplock */
1003 bool delay_it = is_delete_request(fsp) ?
1004 BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
1005 SMB_ASSERT(!have_level2);
1006 if (delay_it) {
1007 send_break_message(fsp, exclusive, mid, oplock_request);
1008 return true;
1009 }
1010 }
1011
1012 /*
1013 * Match what was requested (fsp->oplock_type) with
1014 * what was found in the existing share modes.
1015 */
1016
1017 if (!valid_entry) {
1018 /* All entries are placeholders or deferred.
1019 * Directly grant whatever the client wants. */
1020 if (fsp->oplock_type == NO_OPLOCK) {
1021 /* Store a level2 oplock, but don't tell the client */
1022 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1023 }
1024 } else if (have_a_none_oplock) {
1025 fsp->oplock_type = NO_OPLOCK;
1026 } else if (have_level2) {
1027 if (fsp->oplock_type == NO_OPLOCK ||
1028 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
1029 /* Store a level2 oplock, but don't tell the client */
1030 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1031 } else {
1032 fsp->oplock_type = LEVEL_II_OPLOCK;
1033 }
1034 } else {
1035 /* This case can never happen. */
1036 SMB_ASSERT(1);
1037 }
1038
1039 /*
1040 * Don't grant level2 to clients that don't want them
1041 * or if we've turned them off.
1042 */
1043 if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
1044 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1045 }
1046
1047 DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
1048 fsp->oplock_type, fsp_str_dbg(fsp)));
1049
1050 /* No delay. */
1051 return false;
1052 }
1053
1054 bool request_timed_out(struct timeval request_time,
1055 struct timeval timeout)
1056 {
1057 struct timeval now, end_time;
1058 GetTimeOfDay(&now);
1059 end_time = timeval_sum(&request_time, &timeout);
1060 return (timeval_compare(&end_time, &now) < 0);
1061 }
1062
1063 /****************************************************************************
1064 Handle the 1 second delay in returning a SHARING_VIOLATION error.
1065 ****************************************************************************/
1066
1067 static void defer_open(struct share_mode_lock *lck,
1068 struct timeval request_time,
1069 struct timeval timeout,
1070 struct smb_request *req,
1071 struct deferred_open_record *state)
1072 {
1073 int i;
1074
1075 /* Paranoia check */
1076
1077 for (i=0; i<lck->num_share_modes; i++) {
1078 struct share_mode_entry *e = &lck->share_modes[i];
1079
1080 if (!is_deferred_open_entry(e)) {
1081 continue;
1082 }
1083
1084 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
1085 DEBUG(0, ("Trying to defer an already deferred "
1086 "request: mid=%d, exiting\n", req->mid));
1087 exit_server("attempt to defer a deferred request");
1088 }
1089 }
1090
1091 /* End paranoia check */
1092
1093 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1094 "open entry for mid %u\n",
1095 (unsigned int)request_time.tv_sec,
1096 (unsigned int)request_time.tv_usec,
1097 (unsigned int)req->mid));
1098
1099 if (!push_deferred_smb_message(req, request_time, timeout,
1100 (char *)state, sizeof(*state))) {
1101 exit_server("push_deferred_smb_message failed");
1102 }
1103 add_deferred_open(lck, req->mid, request_time, state->id);
1104 }
1105
1106
1107 /****************************************************************************
1108 On overwrite open ensure that the attributes match.
1109 ****************************************************************************/
1110
1111 bool open_match_attributes(connection_struct *conn,
1112 uint32 old_dos_attr,
1113 uint32 new_dos_attr,
1114 mode_t existing_unx_mode,
1115 mode_t new_unx_mode,
1116 mode_t *returned_unx_mode)
1117 {
1118 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1119
1120 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1121 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1122
1123 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1124 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1125 *returned_unx_mode = new_unx_mode;
1126 } else {
1127 *returned_unx_mode = (mode_t)0;
1128 }
1129
1130 DEBUG(10,("open_match_attributes: old_dos_attr = 0x%x, "
1131 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1132 "returned_unx_mode = 0%o\n",
1133 (unsigned int)old_dos_attr,
1134 (unsigned int)existing_unx_mode,
1135 (unsigned int)new_dos_attr,
1136 (unsigned int)*returned_unx_mode ));
1137
1138 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1139 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1140 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1141 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1142 return False;
1143 }
1144 }
1145 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1146 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1147 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1148 return False;
1149 }
1150 }
1151 return True;
1152 }
1153
1154 /****************************************************************************
1155 Special FCB or DOS processing in the case of a sharing violation.
1156 Try and find a duplicated file handle.
1157 ****************************************************************************/
1158
1159 NTSTATUS fcb_or_dos_open(struct smb_request *req,
1160 connection_struct *conn,
1161 files_struct *fsp_to_dup_into,
1162 const struct smb_filename *smb_fname,
1163 struct file_id id,
1164 uint16 file_pid,
1165 uint16 vuid,
1166 uint32 access_mask,
1167 uint32 share_access,
1168 uint32 create_options)
1169 {
1170 files_struct *fsp;
1171
1172 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1173 "file %s.\n", smb_fname_str_dbg(smb_fname)));
1174
1175 for(fsp = file_find_di_first(id); fsp;
1176 fsp = file_find_di_next(fsp)) {
1177
1178 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1179 "vuid = %u, file_pid = %u, private_options = 0x%x "
1180 "access_mask = 0x%x\n", fsp_str_dbg(fsp),
1181 fsp->fh->fd, (unsigned int)fsp->vuid,
1182 (unsigned int)fsp->file_pid,
1183 (unsigned int)fsp->fh->private_options,
1184 (unsigned int)fsp->access_mask ));
1185
1186 if (fsp->fh->fd != -1 &&
1187 fsp->vuid == vuid &&
1188 fsp->file_pid == file_pid &&
1189 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1190 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1191 (fsp->access_mask & FILE_WRITE_DATA) &&
1192 strequal(fsp->fsp_name->base_name, smb_fname->base_name) &&
1193 strequal(fsp->fsp_name->stream_name,
1194 smb_fname->stream_name)) {
1195 DEBUG(10,("fcb_or_dos_open: file match\n"));
1196 break;
1197 }
1198 }
1199
1200 if (!fsp) {
1201 return NT_STATUS_NOT_FOUND;
1202 }
1203
1204 /* quite an insane set of semantics ... */
1205 if (is_executable(smb_fname->base_name) &&
1206 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1207 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1208 return NT_STATUS_INVALID_PARAMETER;
1209 }
1210
1211 /* We need to duplicate this fsp. */
1212 return dup_file_fsp(req, fsp, access_mask, share_access,
1213 create_options, fsp_to_dup_into);
1214 }
1215
1216 /****************************************************************************
1217 Open a file with a share mode - old openX method - map into NTCreate.
1218 ****************************************************************************/
1219
1220 bool map_open_params_to_ntcreate(const struct smb_filename *smb_fname,
1221 int deny_mode, int open_func,
1222 uint32 *paccess_mask,
1223 uint32 *pshare_mode,
1224 uint32 *pcreate_disposition,
1225 uint32 *pcreate_options)
1226 {
1227 uint32 access_mask;
1228 uint32 share_mode;
1229 uint32 create_disposition;
1230 uint32 create_options = FILE_NON_DIRECTORY_FILE;
1231
1232 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1233 "open_func = 0x%x\n",
1234 smb_fname_str_dbg(smb_fname), (unsigned int)deny_mode,
1235 (unsigned int)open_func ));
1236
1237 /* Create the NT compatible access_mask. */
1238 switch (GET_OPENX_MODE(deny_mode)) {
1239 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1240 case DOS_OPEN_RDONLY:
1241 access_mask = FILE_GENERIC_READ;
1242 break;
1243 case DOS_OPEN_WRONLY:
1244 access_mask = FILE_GENERIC_WRITE;
1245 break;
1246 case DOS_OPEN_RDWR:
1247 case DOS_OPEN_FCB:
1248 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1249 break;
1250 default:
1251 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1252 (unsigned int)GET_OPENX_MODE(deny_mode)));
1253 return False;
1254 }
1255
1256 /* Create the NT compatible create_disposition. */
1257 switch (open_func) {
1258 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1259 create_disposition = FILE_CREATE;
1260 break;
1261
1262 case OPENX_FILE_EXISTS_OPEN:
1263 create_disposition = FILE_OPEN;
1264 break;
1265
1266 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1267 create_disposition = FILE_OPEN_IF;
1268 break;
1269
1270 case OPENX_FILE_EXISTS_TRUNCATE:
1271 create_disposition = FILE_OVERWRITE;
1272 break;
1273
1274 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1275 create_disposition = FILE_OVERWRITE_IF;
1276 break;
1277
1278 default:
1279 /* From samba4 - to be confirmed. */
1280 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1281 create_disposition = FILE_CREATE;
1282 break;
1283 }
1284 DEBUG(10,("map_open_params_to_ntcreate: bad "
1285 "open_func 0x%x\n", (unsigned int)open_func));
1286 return False;
1287 }
1288
1289 /* Create the NT compatible share modes. */
1290 switch (GET_DENY_MODE(deny_mode)) {
1291 case DENY_ALL:
1292 share_mode = FILE_SHARE_NONE;
1293 break;
1294
1295 case DENY_WRITE:
1296 share_mode = FILE_SHARE_READ;
1297 break;
1298
1299 case DENY_READ:
1300 share_mode = FILE_SHARE_WRITE;
1301 break;
1302
1303 case DENY_NONE:
1304 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1305 break;
1306
1307 case DENY_DOS:
1308 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1309 if (is_executable(smb_fname->base_name)) {
1310 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1311 } else {
1312 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1313 share_mode = FILE_SHARE_READ;
1314 } else {
1315 share_mode = FILE_SHARE_NONE;
1316 }
1317 }
1318 break;
1319
1320 case DENY_FCB:
1321 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1322 share_mode = FILE_SHARE_NONE;
1323 break;
1324
1325 default:
1326 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1327 (unsigned int)GET_DENY_MODE(deny_mode) ));
1328 return False;
1329 }
1330
1331 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1332 "share_mode = 0x%x, create_disposition = 0x%x, "
1333 "create_options = 0x%x\n",
1334 smb_fname_str_dbg(smb_fname),
1335 (unsigned int)access_mask,
1336 (unsigned int)share_mode,
1337 (unsigned int)create_disposition,
1338 (unsigned int)create_options ));
1339
1340 if (paccess_mask) {
1341 *paccess_mask = access_mask;
1342 }
1343 if (pshare_mode) {
1344 *pshare_mode = share_mode;
1345 }
1346 if (pcreate_disposition) {
1347 *pcreate_disposition = create_disposition;
1348 }
1349 if (pcreate_options) {
1350 *pcreate_options = create_options;
1351 }
1352
1353 return True;
1354
1355 }
1356
1357 static void schedule_defer_open(struct share_mode_lock *lck,
1358 struct timeval request_time,
1359 struct smb_request *req)
1360 {
1361 struct deferred_open_record state;
1362
1363 /* This is a relative time, added to the absolute
1364 request_time value to get the absolute timeout time.
1365 Note that if this is the second or greater time we enter
1366 this codepath for this particular request mid then
1367 request_time is left as the absolute time of the *first*
1368 time this request mid was processed. This is what allows
1369 the request to eventually time out. */
1370
1371 struct timeval timeout;
1372
1373 /* Normally the smbd we asked should respond within
1374 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1375 * the client did, give twice the timeout as a safety
1376 * measure here in case the other smbd is stuck
1377 * somewhere else. */
1378
1379 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1380
1381 /* Nothing actually uses state.delayed_for_oplocks
1382 but it's handy to differentiate in debug messages
1383 between a 30 second delay due to oplock break, and
1384 a 1 second delay for share mode conflicts. */
1385
1386 state.delayed_for_oplocks = True;
1387 state.id = lck->id;
1388
1389 if (!request_timed_out(request_time, timeout)) {
1390 defer_open(lck, request_time, timeout, req, &state);
1391 }
1392 }
1393
1394 /****************************************************************************
1395 Work out what access_mask to use from what the client sent us.
1396 ****************************************************************************/
1397
1398 static NTSTATUS calculate_access_mask(connection_struct *conn,
1399 const struct smb_filename *smb_fname,
1400 bool file_existed,
1401 uint32_t access_mask,
1402 uint32_t *access_mask_out)
1403 {
1404 NTSTATUS status;
1405
1406 /*
1407 * Convert GENERIC bits to specific bits.
1408 */
1409
1410 se_map_generic(&access_mask, &file_generic_mapping);
1411
1412 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1413 if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1414 if (file_existed) {
1415
1416 struct security_descriptor *sd;
1417 uint32_t access_granted = 0;
1418
1419 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
1420 (OWNER_SECURITY_INFORMATION |
1421 GROUP_SECURITY_INFORMATION |
1422 DACL_SECURITY_INFORMATION),&sd);
1423
1424 if (!NT_STATUS_IS_OK(status)) {
1425 DEBUG(10, ("calculate_access_mask: Could not get acl "
1426 "on file %s: %s\n",
1427 smb_fname_str_dbg(smb_fname),
1428 nt_errstr(status)));
1429 return NT_STATUS_ACCESS_DENIED;
1430 }
1431
1432 status = smb1_file_se_access_check(conn,
1433 sd,
1434 conn->server_info->ptok,
1435 access_mask,
1436 &access_granted);
1437
1438 TALLOC_FREE(sd);
1439
1440 if (!NT_STATUS_IS_OK(status)) {
1441 DEBUG(10, ("calculate_access_mask: Access denied on "
1442 "file %s: when calculating maximum access\n",
1443 smb_fname_str_dbg(smb_fname)));
1444 return NT_STATUS_ACCESS_DENIED;
1445 }
1446
1447 access_mask = access_granted;
1448 } else {
1449 access_mask = FILE_GENERIC_ALL;
1450 }
1451 }
1452
1453 *access_mask_out = access_mask;
1454 return NT_STATUS_OK;
1455 }
1456
1457 /****************************************************************************
1458 Open a file with a share mode. Passed in an already created files_struct *.
1459 ****************************************************************************/
1460
1461 static NTSTATUS open_file_ntcreate(connection_struct *conn,
1462 struct smb_request *req,
1463 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1464 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1465 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1466 uint32 create_options, /* options such as delete on close. */
1467 uint32 new_dos_attributes, /* attributes used for new file. */
1468 int oplock_request, /* internal Samba oplock codes. */
1469 /* Information (FILE_EXISTS etc.) */
1470 int *pinfo,
1471 files_struct *fsp)
1472 {
1473 struct smb_filename *smb_fname = fsp->fsp_name;
1474 int flags=0;
1475 int flags2=0;
1476 bool file_existed = VALID_STAT(smb_fname->st);
1477 bool def_acl = False;
1478 bool posix_open = False;
1479 bool new_file_created = False;
1480 bool clear_ads = false;
1481 struct file_id id;
1482 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1483 mode_t new_unx_mode = (mode_t)0;
1484 mode_t unx_mode = (mode_t)0;
1485 int info;
1486 uint32 existing_dos_attributes = 0;
1487 struct pending_message_list *pml = NULL;
1488 struct timeval request_time = timeval_zero();
1489 struct share_mode_lock *lck = NULL;
1490 uint32 open_access_mask = access_mask;
1491 NTSTATUS status;
1492 char *parent_dir;
1493
1494 ZERO_STRUCT(id);
1495
1496 /* Windows allows a new file to be created and
1497 silently removes a FILE_ATTRIBUTE_DIRECTORY
1498 sent by the client. Do the same. */
1499
1500 new_dos_attributes &= ~FILE_ATTRIBUTE_DIRECTORY;
1501
1502 if (conn->printer) {
1503 /*
1504 * Printers are handled completely differently.
1505 * Most of the passed parameters are ignored.
1506 */
1507
1508 if (pinfo) {
1509 *pinfo = FILE_WAS_CREATED;
1510 }
1511
1512 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n",
1513 smb_fname_str_dbg(smb_fname)));
1514
1515 if (!req) {
1516 DEBUG(0,("open_file_ntcreate: printer open without "
1517 "an SMB request!\n"));
1518 return NT_STATUS_INTERNAL_ERROR;
1519 }
1520
1521 return print_fsp_open(req, conn, smb_fname->base_name,
1522 req->vuid, fsp);
1523 }
1524
1525 if (!parent_dirname(talloc_tos(), smb_fname->base_name, &parent_dir,
1526 NULL)) {
1527 return NT_STATUS_NO_MEMORY;
1528 }
1529
1530 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1531 posix_open = True;
1532 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1533 new_dos_attributes = 0;
1534 } else {
1535 /* We add aARCH to this as this mode is only used if the file is
1536 * created new. */
1537 unx_mode = unix_mode(conn, new_dos_attributes | aARCH,
1538 smb_fname, parent_dir);
1539 }
1540
1541 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1542 "access_mask=0x%x share_access=0x%x "
1543 "create_disposition = 0x%x create_options=0x%x "
1544 "unix mode=0%o oplock_request=%d\n",
1545 smb_fname_str_dbg(smb_fname), new_dos_attributes,
1546 access_mask, share_access, create_disposition,
1547 create_options, (unsigned int)unx_mode, oplock_request));
1548
1549 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1550 DEBUG(0, ("No smb request but not an internal only open!\n"));
1551 return NT_STATUS_INTERNAL_ERROR;
1552 }
1553
1554 /*
1555 * Only non-internal opens can be deferred at all
1556 */
1557
1558 if ((req != NULL)
1559 && ((pml = get_open_deferred_message(req->mid)) != NULL)) {
1560 struct deferred_open_record *state =
1561 (struct deferred_open_record *)pml->private_data.data;
1562
1563 /* Remember the absolute time of the original
1564 request with this mid. We'll use it later to
1565 see if this has timed out. */
1566
1567 request_time = pml->request_time;
1568
1569 /* Remove the deferred open entry under lock. */
1570 lck = get_share_mode_lock(talloc_tos(), state->id, NULL, NULL,
1571 NULL);
1572 if (lck == NULL) {
1573 DEBUG(0, ("could not get share mode lock\n"));
1574 } else {
1575 del_deferred_open_entry(lck, req->mid);
1576 TALLOC_FREE(lck);
1577 }
1578
1579 /* Ensure we don't reprocess this message. */
1580 remove_deferred_open_smb_message(req->mid);
1581 }
1582
1583 status = check_name(conn, smb_fname->base_name);
1584 if (!NT_STATUS_IS_OK(status)) {
1585 return status;
1586 }
1587
1588 if (!posix_open) {
1589 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1590 if (file_existed) {
1591 existing_dos_attributes = dos_mode(conn, smb_fname);
1592 }
1593 }
1594
1595 /* ignore any oplock requests if oplocks are disabled */
1596 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1597 IS_VETO_OPLOCK_PATH(conn, smb_fname->base_name)) {
1598 /* Mask off everything except the private Samba bits. */
1599 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1600 }
1601
1602 /* this is for OS/2 long file names - say we don't support them */
1603 if (!lp_posix_pathnames() && strstr(smb_fname->base_name,".+,;=[].")) {
1604 /* OS/2 Workplace shell fix may be main code stream in a later
1605 * release. */
1606 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1607 "supported.\n"));
1608 if (use_nt_status()) {
1609 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1610 }
1611 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1612 }
1613
1614 switch( create_disposition ) {
1615 /*
1616 * Currently we're using FILE_SUPERSEDE as the same as
1617 * FILE_OVERWRITE_IF but they really are
1618 * different. FILE_SUPERSEDE deletes an existing file
1619 * (requiring delete access) then recreates it.
1620 */
1621 case FILE_SUPERSEDE:
1622 /* If file exists replace/overwrite. If file doesn't
1623 * exist create. */
1624 flags2 |= (O_CREAT | O_TRUNC);
1625 clear_ads = true;
1626 break;
1627
1628 case FILE_OVERWRITE_IF:
1629 /* If file exists replace/overwrite. If file doesn't
1630 * exist create. */
1631 flags2 |= (O_CREAT | O_TRUNC);
1632 clear_ads = true;
1633 break;
1634
1635 case FILE_OPEN:
1636 /* If file exists open. If file doesn't exist error. */
1637 if (!file_existed) {
1638 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1639 "requested for file %s and file "
1640 "doesn't exist.\n",
1641 smb_fname_str_dbg(smb_fname)));
1642 errno = ENOENT;
1643 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1644 }
1645 break;
1646
1647 case FILE_OVERWRITE:
1648 /* If file exists overwrite. If file doesn't exist
1649 * error. */
1650 if (!file_existed) {
1651 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1652 "requested for file %s and file "
1653 "doesn't exist.\n",
1654 smb_fname_str_dbg(smb_fname) ));
1655 errno = ENOENT;
1656 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1657 }
1658 flags2 |= O_TRUNC;
1659 clear_ads = true;
1660 break;
1661
1662 case FILE_CREATE:
1663 /* If file exists error. If file doesn't exist
1664 * create. */
1665 if (file_existed) {
1666 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1667 "requested for file %s and file "
1668 "already exists.\n",
1669 smb_fname_str_dbg(smb_fname)));
1670 if (S_ISDIR(smb_fname->st.st_ex_mode)) {
1671 errno = EISDIR;
1672 } else {
1673 errno = EEXIST;
1674 }
1675 return map_nt_error_from_unix(errno);
1676 }
1677 flags2 |= (O_CREAT|O_EXCL);
1678 break;
1679
1680 case FILE_OPEN_IF:
1681 /* If file exists open. If file doesn't exist
1682 * create. */
1683 flags2 |= O_CREAT;
1684 break;
1685
1686 default:
1687 return NT_STATUS_INVALID_PARAMETER;
1688 }
1689
1690 /* We only care about matching attributes on file exists and
1691 * overwrite. */
1692
1693 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1694 (create_disposition == FILE_OVERWRITE_IF))) {
1695 if (!open_match_attributes(conn, existing_dos_attributes,
1696 new_dos_attributes,
1697 smb_fname->st.st_ex_mode,
1698 unx_mode, &new_unx_mode)) {
1699 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1700 "for file %s (%x %x) (0%o, 0%o)\n",
1701 smb_fname_str_dbg(smb_fname),
1702 existing_dos_attributes,
1703 new_dos_attributes,
1704 (unsigned int)smb_fname->st.st_ex_mode,
1705 (unsigned int)unx_mode ));
1706 errno = EACCES;
1707 return NT_STATUS_ACCESS_DENIED;
1708 }
1709 }
1710
1711 status = calculate_access_mask(conn, smb_fname, file_existed,
1712 access_mask,
1713 &access_mask);
1714 if (!NT_STATUS_IS_OK(status)) {
1715 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1716 "on file %s returned %s\n",
1717 smb_fname_str_dbg(smb_fname), nt_errstr(status)));
1718 return status;
1719 }
1720
1721 open_access_mask = access_mask;
1722
1723 if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1724 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1725 }
1726
1727 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1728 "access_mask=0x%x\n", smb_fname_str_dbg(smb_fname),
1729 access_mask));
1730
1731 /*
1732 * Note that we ignore the append flag as append does not
1733 * mean the same thing under DOS and Unix.
1734 */
1735
1736 if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1737 (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1738 /* DENY_DOS opens are always underlying read-write on the
1739 file handle, no matter what the requested access mask
1740 says. */
1741 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1742 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1743 flags = O_RDWR;
1744 } else {
1745 flags = O_WRONLY;
1746 }
1747 } else {
1748 flags = O_RDONLY;
1749 }
1750
1751 /*
1752 * Currently we only look at FILE_WRITE_THROUGH for create options.
1753 */
1754
1755 #if defined(O_SYNC)
1756 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1757 flags2 |= O_SYNC;
1758 }
1759 #endif /* O_SYNC */
1760
1761 if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1762 flags2 |= O_APPEND;
1763 }
1764
1765 if (!posix_open && !CAN_WRITE(conn)) {
1766 /*
1767 * We should really return a permission denied error if either
1768 * O_CREAT or O_TRUNC are set, but for compatibility with
1769 * older versions of Samba we just AND them out.
1770 */
1771 flags2 &= ~(O_CREAT|O_TRUNC);
1772 }
1773
1774 /*
1775 * Ensure we can't write on a read-only share or file.
1776 */
1777
1778 if (flags != O_RDONLY && file_existed &&
1779 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1780 DEBUG(5,("open_file_ntcreate: write access requested for "
1781 "file %s on read only %s\n",
1782 smb_fname_str_dbg(smb_fname),
1783 !CAN_WRITE(conn) ? "share" : "file" ));
1784 errno = EACCES;
1785 return NT_STATUS_ACCESS_DENIED;
1786 }
1787
1788 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1789 fsp->share_access = share_access;
1790 fsp->fh->private_options = create_options;
1791 fsp->access_mask = open_access_mask; /* We change this to the
1792 * requested access_mask after
1793 * the open is done. */
1794 fsp->posix_open = posix_open;
1795
1796 /* Ensure no SAMBA_PRIVATE bits can be set. */
1797 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1798
1799 if (timeval_is_zero(&request_time)) {
1800 request_time = fsp->open_time;
1801 }
1802
1803 if (file_existed) {
1804 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
1805 id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1806
1807 lck = get_share_mode_lock(talloc_tos(), id,
1808 conn->connectpath,
1809 smb_fname, &old_write_time);
1810
1811 if (lck == NULL) {
1812 DEBUG(0, ("Could not get share mode lock\n"));
1813 return NT_STATUS_SHARING_VIOLATION;
1814 }
1815
1816 /* First pass - send break only on batch oplocks. */
1817 if ((req != NULL)
1818 && delay_for_oplocks(lck, fsp, req->mid, 1,
1819 oplock_request)) {
1820 schedule_defer_open(lck, request_time, req);
1821 TALLOC_FREE(lck);
1822 return NT_STATUS_SHARING_VIOLATION;
1823 }
1824
1825 /* Use the client requested access mask here, not the one we
1826 * open with. */
1827 status = open_mode_check(conn, lck, access_mask, share_access,
1828 create_options, &file_existed);
1829
1830 if (NT_STATUS_IS_OK(status)) {
1831 /* We might be going to allow this open. Check oplock
1832 * status again. */
1833 /* Second pass - send break for both batch or
1834 * exclusive oplocks. */
1835 if ((req != NULL)
1836 && delay_for_oplocks(lck, fsp, req->mid, 2,
1837 oplock_request)) {
1838 schedule_defer_open(lck, request_time, req);
1839 TALLOC_FREE(lck);
1840 return NT_STATUS_SHARING_VIOLATION;
1841 }
1842 }
1843
1844 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1845 /* DELETE_PENDING is not deferred for a second */
1846 TALLOC_FREE(lck);
1847 return status;
1848 }
1849
1850 if (!NT_STATUS_IS_OK(status)) {
1851 uint32 can_access_mask;
1852 bool can_access = True;
1853
1854 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1855
1856 /* Check if this can be done with the deny_dos and fcb
1857 * calls. */
1858 if (create_options &
1859 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1860 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1861 if (req == NULL) {
1862 DEBUG(0, ("DOS open without an SMB "
1863 "request!\n"));
1864 TALLOC_FREE(lck);
1865 return NT_STATUS_INTERNAL_ERROR;
1866 }
1867
1868 /* Use the client requested access mask here,
1869 * not the one we open with. */
1870 status = fcb_or_dos_open(req,
1871 conn,
1872 fsp,
1873 smb_fname,
1874 id,
1875 req->smbpid,
1876 req->vuid,
1877 access_mask,
1878 share_access,
1879 create_options);
1880
1881 if (NT_STATUS_IS_OK(status)) {
1882 TALLOC_FREE(lck);
1883 if (pinfo) {
1884 *pinfo = FILE_WAS_OPENED;
1885 }
1886 return NT_STATUS_OK;
1887 }
1888 }
1889
1890 /*
1891 * This next line is a subtlety we need for
1892 * MS-Access. If a file open will fail due to share
1893 * permissions and also for security (access) reasons,
1894 * we need to return the access failed error, not the
1895 * share error. We can't open the file due to kernel
1896 * oplock deadlock (it's possible we failed above on
1897 * the open_mode_check()) so use a userspace check.
1898 */
1899
1900 if (flags & O_RDWR) {
1901 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1902 } else if (flags & O_WRONLY) {
1903 can_access_mask = FILE_WRITE_DATA;
1904 } else {
1905 can_access_mask = FILE_READ_DATA;
1906 }
1907
1908 if (((can_access_mask & FILE_WRITE_DATA) &&
1909 !CAN_WRITE(conn)) ||
1910 !can_access_file_data(conn, smb_fname,
1911 can_access_mask)) {
1912 can_access = False;
1913 }
1914
1915 /*
1916 * If we're returning a share violation, ensure we
1917 * cope with the braindead 1 second delay.
1918 */
1919
1920 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1921 lp_defer_sharing_violations()) {
1922 struct timeval timeout;
1923 struct deferred_open_record state;
1924 int timeout_usecs;
1925
1926 /* this is a hack to speed up torture tests
1927 in 'make test' */
1928 timeout_usecs = lp_parm_int(SNUM(conn),
1929 "smbd","sharedelay",
1930 SHARING_VIOLATION_USEC_WAIT);
1931
1932 /* This is a relative time, added to the absolute
1933 request_time value to get the absolute timeout time.
1934 Note that if this is the second or greater time we enter
1935 this codepath for this particular request mid then
1936 request_time is left as the absolute time of the *first*
1937 time this request mid was processed. This is what allows
1938 the request to eventually time out. */
1939
1940 timeout = timeval_set(0, timeout_usecs);
1941
1942 /* Nothing actually uses state.delayed_for_oplocks
1943 but it's handy to differentiate in debug messages
1944 between a 30 second delay due to oplock break, and
1945 a 1 second delay for share mode conflicts. */
1946
1947 state.delayed_for_oplocks = False;
1948 state.id = id;
1949
1950 if ((req != NULL)
1951 && !request_timed_out(request_time,
1952 timeout)) {
1953 defer_open(lck, request_time, timeout,
1954 req, &state);
1955 }
1956 }
1957
1958 TALLOC_FREE(lck);
1959 if (can_access) {
1960 /*
1961 * We have detected a sharing violation here
1962 * so return the correct error code
1963 */
1964 status = NT_STATUS_SHARING_VIOLATION;
1965 } else {
1966 status = NT_STATUS_ACCESS_DENIED;
1967 }
1968 return status;
1969 }
1970
1971 /*
1972 * We exit this block with the share entry *locked*.....
1973 */
1974 }
1975
1976 SMB_ASSERT(!file_existed || (lck != NULL));
1977
1978 /*
1979 * Ensure we pay attention to default ACLs on directories if required.
1980 */
1981
1982 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1983 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1984 unx_mode = (0777 & lp_create_mask(SNUM(conn)));
1985 }
1986
1987 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1988 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1989 (unsigned int)flags, (unsigned int)flags2,
1990 (unsigned int)unx_mode, (unsigned int)access_mask,
1991 (unsigned int)open_access_mask));
1992
1993 /*
1994 * open_file strips any O_TRUNC flags itself.
1995 */
1996
1997 fsp_open = open_file(fsp, conn, req, parent_dir,
1998 flags|flags2, unx_mode, access_mask,
1999 open_access_mask);
2000
2001 if (!NT_STATUS_IS_OK(fsp_open)) {
2002 if (lck != NULL) {
2003 TALLOC_FREE(lck);
2004 }
2005 return fsp_open;
2006 }
2007
2008 if (!file_existed) {
2009 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
2010 /*
2011 * Deal with the race condition where two smbd's detect the
2012 * file doesn't exist and do the create at the same time. One
2013 * of them will win and set a share mode, the other (ie. this
2014 * one) should check if the requested share mode for this
2015 * create is allowed.
2016 */
2017
2018 /*
2019 * Now the file exists and fsp is successfully opened,
2020 * fsp->dev and fsp->inode are valid and should replace the
2021 * dev=0,inode=0 from a non existent file. Spotted by
2022 * Nadav Danieli <nadavd@exanet.com>. JRA.
2023 */
2024
2025 id = fsp->file_id;
2026
2027 lck = get_share_mode_lock(talloc_tos(), id,
2028 conn->connectpath,
2029 smb_fname, &old_write_time);
2030
2031 if (lck == NULL) {
2032 DEBUG(0, ("open_file_ntcreate: Could not get share "
2033 "mode lock for %s\n",
2034 smb_fname_str_dbg(smb_fname)));
2035 fd_close(fsp);
2036 return NT_STATUS_SHARING_VIOLATION;
2037 }
2038
2039 /* First pass - send break only on batch oplocks. */
2040 if ((req != NULL)
2041 && delay_for_oplocks(lck, fsp, req->mid, 1,
2042 oplock_request)) {
2043 schedule_defer_open(lck, request_time, req);
2044 TALLOC_FREE(lck);
2045 fd_close(fsp);
2046 return NT_STATUS_SHARING_VIOLATION;
2047 }
2048
2049 status = open_mode_check(conn, lck, access_mask, share_access,
2050 create_options, &file_existed);
2051
2052 if (NT_STATUS_IS_OK(status)) {
2053 /* We might be going to allow this open. Check oplock
2054 * status again. */
2055 /* Second pass - send break for both batch or
2056 * exclusive oplocks. */
2057 if ((req != NULL)
2058 && delay_for_oplocks(lck, fsp, req->mid, 2,
2059 oplock_request)) {
2060 schedule_defer_open(lck, request_time, req);
2061 TALLOC_FREE(lck);
2062 fd_close(fsp);
2063 return NT_STATUS_SHARING_VIOLATION;
2064 }
2065 }
2066
2067 if (!NT_STATUS_IS_OK(status)) {
2068 struct deferred_open_record state;
2069
2070 fd_close(fsp);
2071
2072 state.delayed_for_oplocks = False;
2073 state.id = id;
2074
2075 /* Do it all over again immediately. In the second
2076 * round we will find that the file existed and handle
2077 * the DELETE_PENDING and FCB cases correctly. No need
2078 * to duplicate the code here. Essentially this is a
2079 * "goto top of this function", but don't tell
2080 * anybody... */
2081
2082 if (req != NULL) {
2083 defer_open(lck, request_time, timeval_zero(),
2084 req, &state);
2085 }
2086 TALLOC_FREE(lck);
2087 return status;
2088 }
2089
2090 /*
2091 * We exit this block with the share entry *locked*.....
2092 */
2093
2094 }
2095
2096 SMB_ASSERT(lck != NULL);
2097
2098 /* Delete streams if create_disposition requires it */
2099 if (file_existed && clear_ads &&
2100 !is_ntfs_stream_smb_fname(smb_fname)) {
2101 status = delete_all_streams(conn, smb_fname->base_name);
2102 if (!NT_STATUS_IS_OK(status)) {
2103 TALLOC_FREE(lck);
2104 fd_close(fsp);
2105 return status;
2106 }
2107 }
2108
2109 /* note that we ignore failure for the following. It is
2110 basically a hack for NFS, and NFS will never set one of
2111 these only read them. Nobody but Samba can ever set a deny
2112 mode and we have already checked our more authoritative
2113 locking database for permission to set this deny mode. If
2114 the kernel refuses the operations then the kernel is wrong.
2115 note that GPFS supports it as well - jmcd */
2116
2117 if (fsp->fh->fd != -1) {
2118 int ret_flock;
2119 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access, access_mask);
2120 if(ret_flock == -1 ){
2121
2122 TALLOC_FREE(lck);
2123 fd_close(fsp);
2124
2125 return NT_STATUS_SHARING_VIOLATION;
2126 }
2127 }
2128
2129 /*
2130 * At this point onwards, we can guarentee that the share entry
2131 * is locked, whether we created the file or not, and that the
2132 * deny mode is compatible with all current opens.
2133 */
2134
2135 /*
2136 * If requested, truncate the file.
2137 */
2138
2139 if (flags2&O_TRUNC) {
2140 /*
2141 * We are modifing the file after open - update the stat
2142 * struct..
2143 */
2144 if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2145 (SMB_VFS_FSTAT(fsp, &smb_fname->st)==-1)) {
2146 status = map_nt_error_from_unix(errno);
2147 TALLOC_FREE(lck);
2148 fd_close(fsp);
2149 return status;
2150 }
2151 }
2152
2153 /* Record the options we were opened with. */
2154 fsp->share_access = share_access;
2155 fsp->fh->private_options = create_options;
2156 /*
2157 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2158 */
2159 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2160
2161 if (file_existed) {
2162 /* stat opens on existing files don't get oplocks. */
2163 if (is_stat_open(open_access_mask)) {
2164 fsp->oplock_type = NO_OPLOCK;
2165 }
2166
2167 if (!(flags2 & O_TRUNC)) {
2168 info = FILE_WAS_OPENED;
2169 } else {
2170 info = FILE_WAS_OVERWRITTEN;
2171 }
2172 } else {
2173 info = FILE_WAS_CREATED;
2174 }
2175
2176 if (pinfo) {
2177 *pinfo = info;
2178 }
2179
2180 /*
2181 * Setup the oplock info in both the shared memory and
2182 * file structs.
2183 */
2184
2185 if (!set_file_oplock(fsp, fsp->oplock_type)) {
2186 /* Could not get the kernel oplock */
2187 fsp->oplock_type = NO_OPLOCK;
2188 }
2189
2190 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2191 new_file_created = True;
2192 }
2193
2194 set_share_mode(lck, fsp, conn->server_info->utok.uid, 0,
2195 fsp->oplock_type);
2196
2197 /* Handle strange delete on close create semantics. */
2198 if (create_options & FILE_DELETE_ON_CLOSE) {
2199
2200 status = can_set_delete_on_close(fsp, new_dos_attributes);
2201
2202 if (!NT_STATUS_IS_OK(status)) {
2203 /* Remember to delete the mode we just added. */
2204 del_share_mode(lck, fsp);
2205 TALLOC_FREE(lck);
2206 fd_close(fsp);
2207 return status;
2208 }
2209 /* Note that here we set the *inital* delete on close flag,
2210 not the regular one. The magic gets handled in close. */
2211 fsp->initial_delete_on_close = True;
2212 }
2213
2214 if (new_file_created) {
2215 /* Files should be initially set as archive */
2216 if (lp_map_archive(SNUM(conn)) ||
2217 lp_store_dos_attributes(SNUM(conn))) {
2218 if (!posix_open) {
2219 if (file_set_dosmode(conn, smb_fname,
2220 new_dos_attributes | aARCH,
2221 parent_dir, true) == 0) {
2222 unx_mode = smb_fname->st.st_ex_mode;
2223 }
2224 }
2225 }
2226 }
2227
2228 /*
2229 * Take care of inherited ACLs on created files - if default ACL not
2230 * selected.
2231 */
2232
2233 if (!posix_open && !file_existed && !def_acl) {
2234
2235 int saved_errno = errno; /* We might get ENOSYS in the next
2236 * call.. */
2237
2238 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2239 errno == ENOSYS) {
2240 errno = saved_errno; /* Ignore ENOSYS */
2241 }
2242
2243 } else if (new_unx_mode) {
2244
2245 int ret = -1;
2246
2247 /* Attributes need changing. File already existed. */
2248
2249 {
2250 int saved_errno = errno; /* We might get ENOSYS in the
2251 * next call.. */
2252 ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2253
2254 if (ret == -1 && errno == ENOSYS) {
2255 errno = saved_errno; /* Ignore ENOSYS */
2256 } else {
2257 DEBUG(5, ("open_file_ntcreate: reset "
2258 "attributes of file %s to 0%o\n",
2259 smb_fname_str_dbg(smb_fname),
2260 (unsigned int)new_unx_mode));
2261 ret = 0; /* Don't do the fchmod below. */
2262 }
2263 }
2264
2265 if ((ret == -1) &&
2266 (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2267 DEBUG(5, ("open_file_ntcreate: failed to reset "
2268 "attributes of file %s to 0%o\n",
2269 smb_fname_str_dbg(smb_fname),
2270 (unsigned int)new_unx_mode));
2271 }
2272
2273 /* If this is a successful open, we must remove any deferred open
2274 * records. */
2275 if (req != NULL) {
2276 del_deferred_open_entry(lck, req->mid);
2277 }
2278 TALLOC_FREE(lck);
2279
2280 return NT_STATUS_OK;
2281 }
2282
2283
2284 /****************************************************************************
2285 Open a file for for write to ensure that we can fchmod it.
2286 ****************************************************************************/
2287
2288 NTSTATUS open_file_fchmod(connection_struct *conn,
2289 struct smb_filename *smb_fname,
2290 files_struct **result)
2291 {
2292 if (!VALID_STAT(smb_fname->st)) {
2293 return NT_STATUS_INVALID_PARAMETER;
2294 }
2295
2296 return SMB_VFS_CREATE_FILE(
2297 conn, /* conn */
2298 NULL, /* req */
2299 0, /* root_dir_fid */
2300 smb_fname, /* fname */
2301 FILE_WRITE_DATA, /* access_mask */
2302 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
2303 FILE_SHARE_DELETE),
2304 FILE_OPEN, /* create_disposition*/
2305 0, /* create_options */
2306 0, /* file_attributes */
2307 INTERNAL_OPEN_ONLY, /* oplock_request */
2308 0, /* allocation_size */
2309 NULL, /* sd */
2310 NULL, /* ea_list */
2311 result, /* result */
2312 NULL); /* pinfo */
2313 }
2314
2315 static NTSTATUS mkdir_internal(connection_struct *conn,
2316 struct smb_filename *smb_dname,
2317 uint32 file_attributes)
2318 {
2319 mode_t mode;
2320 char *parent_dir;
2321 NTSTATUS status;
2322 bool posix_open = false;
2323
2324 if(!CAN_WRITE(conn)) {
2325 DEBUG(5,("mkdir_internal: failing create on read-only share "
2326 "%s\n", lp_servicename(SNUM(conn))));
2327 return NT_STATUS_ACCESS_DENIED;
2328 }
2329
2330 status = check_name(conn, smb_dname->base_name);
2331 if (!NT_STATUS_IS_OK(status)) {
2332 return status;
2333 }
2334
2335 if (!parent_dirname(talloc_tos(), smb_dname->base_name, &parent_dir,
2336 NULL)) {
2337 return NT_STATUS_NO_MEMORY;
2338 }
2339
2340 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2341 posix_open = true;
2342 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2343 } else {
2344 mode = unix_mode(conn, aDIR, smb_dname, parent_dir);
2345 }
2346
2347 if (SMB_VFS_MKDIR(conn, smb_dname->base_name, mode) != 0) {
2348 return map_nt_error_from_unix(errno);
2349 }
2350
2351 /* Ensure we're checking for a symlink here.... */
2352 /* We don't want to get caught by a symlink racer. */
2353
2354 if (SMB_VFS_LSTAT(conn, smb_dname) == -1) {
2355 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2356 smb_fname_str_dbg(smb_dname), strerror(errno)));
2357 return map_nt_error_from_unix(errno);
2358 }
2359
2360 if (!S_ISDIR(smb_dname->st.st_ex_mode)) {
2361 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2362 smb_fname_str_dbg(smb_dname)));
2363 return NT_STATUS_ACCESS_DENIED;
2364 }
2365
2366 if (lp_store_dos_attributes(SNUM(conn))) {
2367 if (!posix_open) {
2368 file_set_dosmode(conn, smb_dname,
2369 file_attributes | aDIR,
2370 parent_dir, true);
2371 }
2372 }
2373
2374 if (lp_inherit_perms(SNUM(conn))) {
2375 inherit_access_posix_acl(conn, parent_dir,
2376 smb_dname->base_name, mode);
2377 }
2378
2379 if (!posix_open) {
2380 /*
2381 * Check if high bits should have been set,
2382 * then (if bits are missing): add them.
2383 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2384 * dir.
2385 */
2386 if ((mode & ~(S_IRWXU|S_IRWXG|S_IRWXO)) &&
2387 (mode & ~smb_dname->st.st_ex_mode)) {
2388 SMB_VFS_CHMOD(conn, smb_dname->base_name,
2389 (smb_dname->st.st_ex_mode |
2390 (mode & ~smb_dname->st.st_ex_mode)));
2391 }
2392 }
2393
2394 /* Change the owner if required. */
2395 if (lp_inherit_owner(SNUM(conn))) {
2396 change_dir_owner_to_parent(conn, parent_dir,
2397 smb_dname->base_name,
2398 &smb_dname->st);
2399 }
2400
2401 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2402 smb_dname->base_name);
2403
2404 return NT_STATUS_OK;
2405 }
2406
2407 /****************************************************************************
2408 Open a directory from an NT SMB call.
2409 ****************************************************************************/
2410
2411 static NTSTATUS open_directory(connection_struct *conn,
2412 struct smb_request *req,
2413 struct smb_filename *smb_dname,
2414 uint32 access_mask,
2415 uint32 share_access,
2416 uint32 create_disposition,
2417 uint32 create_options,
2418 uint32 file_attributes,
2419 int *pinfo,
2420 files_struct **result)
2421 {
2422 files_struct *fsp = NULL;
2423 bool dir_existed = VALID_STAT(smb_dname->st) ? True : False;
2424 struct share_mode_lock *lck = NULL;
2425 NTSTATUS status;
2426 struct timespec mtimespec;
2427 int info = 0;
2428
2429 SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
2430
2431 /* Ensure we have a directory attribute. */
2432 file_attributes |= FILE_ATTRIBUTE_DIRECTORY;
2433
2434 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2435 "share_access = 0x%x create_options = 0x%x, "
2436 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2437 smb_fname_str_dbg(smb_dname),
2438 (unsigned int)access_mask,
2439 (unsigned int)share_access,
2440 (unsigned int)create_options,
2441 (unsigned int)create_disposition,
2442 (unsigned int)file_attributes));
2443
2444 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2445 (conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2446 is_ntfs_stream_smb_fname(smb_dname)) {
2447 DEBUG(2, ("open_directory: %s is a stream name!\n",
2448 smb_fname_str_dbg(smb_dname)));
2449 return NT_STATUS_NOT_A_DIRECTORY;
2450 }
2451
2452 status = calculate_access_mask(conn, smb_dname, dir_existed,
2453 access_mask, &access_mask);
2454 if (!NT_STATUS_IS_OK(status)) {
2455 DEBUG(10, ("open_directory: calculate_access_mask "
2456 "on file %s returned %s\n",
2457 smb_fname_str_dbg(smb_dname),
2458 nt_errstr(status)));
2459 return status;
2460 }
2461
2462 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
2463 !user_has_privileges(current_user.nt_user_token, &se_security)) {
2464 DEBUG(10, ("open_directory: open on %s "
2465 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2466 smb_fname_str_dbg(smb_dname)));
2467 return NT_STATUS_PRIVILEGE_NOT_HELD;
2468 }
2469
2470 switch( create_disposition ) {
2471 case FILE_OPEN:
2472
2473 info = FILE_WAS_OPENED;
2474
2475 /*
2476 * We want to follow symlinks here.
2477 */
2478
2479 if (SMB_VFS_STAT(conn, smb_dname) != 0) {
2480 return map_nt_error_from_unix(errno);
2481 }
2482
2483 break;
2484
2485 case FILE_CREATE:
2486
2487 /* If directory exists error. If directory doesn't
2488 * exist create. */
2489
2490 status = mkdir_internal(conn, smb_dname,
2491 file_attributes);
2492
2493 if (!NT_STATUS_IS_OK(status)) {
2494 DEBUG(2, ("open_directory: unable to create "
2495 "%s. Error was %s\n",
2496 smb_fname_str_dbg(smb_dname),
2497 nt_errstr(status)));
2498 return status;
2499 }
2500
2501 info = FILE_WAS_CREATED;
2502 break;
2503
2504 case FILE_OPEN_IF:
2505 /*
2506 * If directory exists open. If directory doesn't
2507 * exist create.
2508 */
2509
2510 status = mkdir_internal(conn, smb_dname,
2511 file_attributes);
2512
2513 if (NT_STATUS_IS_OK(status)) {
2514 info = FILE_WAS_CREATED;
2515 }
2516
2517 if (NT_STATUS_EQUAL(status,
2518 NT_STATUS_OBJECT_NAME_COLLISION)) {
2519 info = FILE_WAS_OPENED;
2520 status = NT_STATUS_OK;
2521 }
2522
2523 break;
2524
2525 case FILE_SUPERSEDE:
2526 case FILE_OVERWRITE:
2527 case FILE_OVERWRITE_IF:
2528 default:
2529 DEBUG(5,("open_directory: invalid create_disposition "
2530 "0x%x for directory %s\n",
2531 (unsigned int)create_disposition,
2532 smb_fname_str_dbg(smb_dname)));
2533 return NT_STATUS_INVALID_PARAMETER;
2534 }
2535
2536 if(!S_ISDIR(smb_dname->st.st_ex_mode)) {
2537 DEBUG(5,("open_directory: %s is not a directory !\n",
2538 smb_fname_str_dbg(smb_dname)));
2539 return NT_STATUS_NOT_A_DIRECTORY;
2540 }
2541
2542 if (info == FILE_WAS_OPENED) {
2543 uint32_t access_granted = 0;
2544 status = smbd_check_open_rights(conn, smb_dname, access_mask,
2545 &access_granted);
2546
2547 /* Were we trying to do a directory open
2548 * for delete and didn't get DELETE
2549 * access (only) ? Check if the
2550 * directory allows DELETE_CHILD.
2551 * See here:
2552 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2553 * for details. */
2554
2555 if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2556 (access_mask & DELETE_ACCESS) &&
2557 (access_granted == DELETE_ACCESS) &&
2558 can_delete_file_in_directory(conn, smb_dname))) {
2559 DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2560 "on directory %s\n",
2561 smb_fname_str_dbg(smb_dname)));
2562 status = NT_STATUS_OK;
2563 }
2564
2565 if (!NT_STATUS_IS_OK(status)) {
2566 DEBUG(10, ("open_directory: smbd_check_open_rights on "
2567 "file %s failed with %s\n",
2568 smb_fname_str_dbg(smb_dname),
2569 nt_errstr(status)));
2570 return status;
2571 }
2572 }
2573
2574 status = file_new(req, conn, &fsp);
2575 if(!NT_STATUS_IS_OK(status)) {
2576 return status;
2577 }
2578
2579 /*
2580 * Setup the files_struct for it.
2581 */
2582
2583 fsp->mode = smb_dname->st.st_ex_mode;
2584 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_dname->st);
2585 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2586 fsp->file_pid = req ? req->smbpid : 0;
2587 fsp->can_lock = False;
2588 fsp->can_read = False;
2589 fsp->can_write = False;
2590
2591 fsp->share_access = share_access;
2592 fsp->fh->private_options = create_options;
2593 /*
2594 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2595 */
2596 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2597 fsp->print_file = False;
2598 fsp->modified = False;
2599 fsp->oplock_type = NO_OPLOCK;
2600 fsp->sent_oplock_break = NO_BREAK_SENT;
2601 fsp->is_directory = True;
2602 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2603 status = fsp_set_smb_fname(fsp, smb_dname);
2604 if (!NT_STATUS_IS_OK(status)) {
2605 return status;
2606 }
2607
2608 mtimespec = smb_dname->st.st_ex_mtime;
2609
2610 lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2611 conn->connectpath, smb_dname, &mtimespec);
2612
2613 if (lck == NULL) {
2614 DEBUG(0, ("open_directory: Could not get share mode lock for "
2615 "%s\n", smb_fname_str_dbg(smb_dname)));
2616 file_free(req, fsp);
2617 return NT_STATUS_SHARING_VIOLATION;
2618 }
2619
2620 status = open_mode_check(conn, lck, access_mask, share_access,
2621 create_options, &dir_existed);
2622
2623 if (!NT_STATUS_IS_OK(status)) {
2624 TALLOC_FREE(lck);
2625 file_free(req, fsp);
2626 return status;
2627 }
2628
2629 set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK);
2630
2631 /* For directories the delete on close bit at open time seems
2632 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2633 if (create_options & FILE_DELETE_ON_CLOSE) {
2634 status = can_set_delete_on_close(fsp, 0);
2635 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2636 TALLOC_FREE(lck);
2637 file_free(req, fsp);
2638 return status;
2639 }
2640
2641 if (NT_STATUS_IS_OK(status)) {
2642 /* Note that here we set the *inital* delete on close flag,
2643 not the regular one. The magic gets handled in close. */
2644 fsp->initial_delete_on_close = True;
2645 }
2646 }
2647
2648 TALLOC_FREE(lck);
2649
2650 if (pinfo) {
2651 *pinfo = info;
2652 }
2653
2654 *result = fsp;
2655 return NT_STATUS_OK;
2656 }
2657
2658 NTSTATUS create_directory(connection_struct *conn, struct smb_request *req,
2659 struct smb_filename *smb_dname)
2660 {
2661 NTSTATUS status;
2662 files_struct *fsp;
2663
2664 status = SMB_VFS_CREATE_FILE(
2665 conn, /* conn */
2666 req, /* req */
2667 0, /* root_dir_fid */
2668 smb_dname, /* fname */
2669 FILE_READ_ATTRIBUTES, /* access_mask */
2670 FILE_SHARE_NONE, /* share_access */
2671 FILE_CREATE, /* create_disposition*/
2672 FILE_DIRECTORY_FILE, /* create_options */
2673 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
2674 0, /* oplock_request */
2675 0, /* allocation_size */
2676 NULL, /* sd */
2677 NULL, /* ea_list */
2678 &fsp, /* result */
2679 NULL); /* pinfo */
2680
2681 if (NT_STATUS_IS_OK(status)) {
2682 close_file(req, fsp, NORMAL_CLOSE);
2683 }
2684
2685 return status;
2686 }
2687
2688 /****************************************************************************
2689 Receive notification that one of our open files has been renamed by another
2690 smbd process.
2691 ****************************************************************************/
2692
2693 void msg_file_was_renamed(struct messaging_context *msg,
2694 void *private_data,
2695 uint32_t msg_type,
2696 struct server_id server_id,
2697 DATA_BLOB *data)
2698 {
2699 files_struct *fsp;
2700 char *frm = (char *)data->data;
2701 struct file_id id;
2702 const char *sharepath;
2703 const char *base_name;
2704 const char *stream_name;
2705 struct smb_filename *smb_fname = NULL;
2706 size_t sp_len, bn_len;
2707 NTSTATUS status;
2708
2709 if (data->data == NULL
2710 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2711 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2712 (int)data->length));
2713 return;
2714 }
2715
2716 /* Unpack the message. */
2717 pull_file_id_24(frm, &id);
2718 sharepath = &frm[24];
2719 sp_len = strlen(sharepath);
2720 base_name = sharepath + sp_len + 1;
2721 bn_len = strlen(base_name);
2722 stream_name = sharepath + sp_len + 1 + bn_len + 1;
2723
2724 /* stream_name must always be NULL if there is no stream. */
2725 if (stream_name[0] == '\0') {
2726 stream_name = NULL;
2727 }
2728
2729 status = create_synthetic_smb_fname(talloc_tos(), base_name,
2730 stream_name, NULL, &smb_fname);
2731 if (!NT_STATUS_IS_OK(status)) {
2732 return;
2733 }
2734
2735 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2736 "file_id %s\n",
2737 sharepath, smb_fname_str_dbg(smb_fname),
2738 file_id_string_tos(&id)));
2739
2740 for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) {
2741 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2742
2743 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2744 fsp->fnum, fsp_str_dbg(fsp),
2745 smb_fname_str_dbg(smb_fname)));
2746 status = fsp_set_smb_fname(fsp, smb_fname);
2747 if (!NT_STATUS_IS_OK(status)) {
2748 goto out;
2749 }
2750 } else {
2751 /* TODO. JRA. */
2752 /* Now we have the complete path we can work out if this is
2753 actually within this share and adjust newname accordingly. */
2754 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2755 "not sharepath %s) "
2756 "fnum %d from %s -> %s\n",
2757 fsp->conn->connectpath,
2758 sharepath,
2759 fsp->fnum,
2760 fsp_str_dbg(fsp),
2761 smb_fname_str_dbg(smb_fname)));
2762 }
2763 }
2764 out:
2765 TALLOC_FREE(smb_fname);
2766 return;
2767 }
2768
2769 /*
2770 * If a main file is opened for delete, all streams need to be checked for
2771 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2772 * If that works, delete them all by setting the delete on close and close.
2773 */
2774
2775 NTSTATUS open_streams_for_delete(connection_struct *conn,
2776 const char *fname)
2777 {
2778 struct stream_struct *stream_info;
2779 files_struct **streams;
2780 int i;
2781 unsigned int num_streams;
2782 TALLOC_CTX *frame = talloc_stackframe();
2783 NTSTATUS status;
2784
2785 status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2786 &num_streams, &stream_info);
2787
2788 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2789 || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2790 DEBUG(10, ("no streams around\n"));
2791 TALLOC_FREE(frame);
2792 return NT_STATUS_OK;
2793 }
2794
2795 if (!NT_STATUS_IS_OK(status)) {
2796 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2797 nt_errstr(status)));
2798 goto fail;
2799 }
2800
2801 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2802 num_streams));
2803
2804 if (num_streams == 0) {
2805 TALLOC_FREE(frame);
2806 return NT_STATUS_OK;
2807 }
2808
2809 streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2810 if (streams == NULL) {
2811 DEBUG(0, ("talloc failed\n"));
2812 status = NT_STATUS_NO_MEMORY;
2813 goto fail;
2814 }
2815
2816 for (i=0; i<num_streams; i++) {
2817 struct smb_filename *smb_fname = NULL;
2818
2819 if (strequal(stream_info[i].name, "::$DATA")) {
2820 streams[i] = NULL;
2821 continue;
2822 }
2823
2824 status = create_synthetic_smb_fname(talloc_tos(), fname,
2825 stream_info[i].name,
2826 NULL, &smb_fname);
2827 if (!NT_STATUS_IS_OK(status)) {
2828 goto fail;
2829 }
2830
2831 if (SMB_VFS_STAT(conn, smb_fname) == -1) {
2832 DEBUG(10, ("Unable to stat stream: %s\n",
2833 smb_fname_str_dbg(smb_fname)));
2834 }
2835
2836 status = SMB_VFS_CREATE_FILE(
2837 conn, /* conn */
2838 NULL, /* req */
2839 0, /* root_dir_fid */
2840 smb_fname, /* fname */
2841 DELETE_ACCESS, /* access_mask */
2842 (FILE_SHARE_READ | /* share_access */
2843 FILE_SHARE_WRITE | FILE_SHARE_DELETE),
2844 FILE_OPEN, /* create_disposition*/
2845 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* create_options */
2846 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2847 0, /* oplock_request */
2848 0, /* allocation_size */
2849 NULL, /* sd */
2850 NULL, /* ea_list */
2851 &streams[i], /* result */
2852 NULL); /* pinfo */
2853
2854 if (!NT_STATUS_IS_OK(status)) {
2855 DEBUG(10, ("Could not open stream %s: %s\n",
2856 smb_fname_str_dbg(smb_fname),
2857 nt_errstr(status)));
2858
2859 TALLOC_FREE(smb_fname);
2860 break;
2861 }
2862 TALLOC_FREE(smb_fname);
2863 }
2864
2865 /*
2866 * don't touch the variable "status" beyond this point :-)
2867 */
2868
2869 for (i -= 1 ; i >= 0; i--) {
2870 if (streams[i] == NULL) {
2871 continue;
2872 }
2873
2874 DEBUG(10, ("Closing stream # %d, %s\n", i,
2875 fsp_str_dbg(streams[i])));
2876 close_file(NULL, streams[i], NORMAL_CLOSE);
2877 }
2878
2879 fail:
2880 TALLOC_FREE(frame);
2881 return status;
2882 }
2883
2884 /*
2885 * Wrapper around open_file_ntcreate and open_directory
2886 */
2887
2888 static NTSTATUS create_file_unixpath(connection_struct *conn,
2889 struct smb_request *req,
2890 struct smb_filename *smb_fname,
2891 uint32_t access_mask,
2892 uint32_t share_access,
2893 uint32_t create_disposition,
2894 uint32_t create_options,
2895 uint32_t file_attributes,
2896 uint32_t oplock_request,
2897 uint64_t allocation_size,
2898 struct security_descriptor *sd,
2899 struct ea_list *ea_list,
2900
2901 files_struct **result,
2902 int *pinfo)
2903 {
2904 int info = FILE_WAS_OPENED;
2905 files_struct *base_fsp = NULL;
2906 files_struct *fsp = NULL;
2907 NTSTATUS status;
2908
2909 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2910 "file_attributes = 0x%x, share_access = 0x%x, "
2911 "create_disposition = 0x%x create_options = 0x%x "
2912 "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, "
2913 "fname = %s\n",
2914 (unsigned int)access_mask,
2915 (unsigned int)file_attributes,
2916 (unsigned int)share_access,
2917 (unsigned int)create_disposition,
2918 (unsigned int)create_options,
2919 (unsigned int)oplock_request,
2920 ea_list, sd, smb_fname_str_dbg(smb_fname)));
2921
2922 if (create_options & FILE_OPEN_BY_FILE_ID) {
2923 status = NT_STATUS_NOT_SUPPORTED;
2924 goto fail;
2925 }
2926
2927 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
2928 status = NT_STATUS_INVALID_PARAMETER;
2929 goto fail;
2930 }
2931
2932 if (req == NULL) {
2933 oplock_request |= INTERNAL_OPEN_ONLY;
2934 }
2935
2936 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2937 && (access_mask & DELETE_ACCESS)
2938 && !is_ntfs_stream_smb_fname(smb_fname)) {
2939 /*
2940 * We can't open a file with DELETE access if any of the
2941 * streams is open without FILE_SHARE_DELETE
2942 */
2943 status = open_streams_for_delete(conn, smb_fname->base_name);
2944
2945 if (!NT_STATUS_IS_OK(status)) {
2946 goto fail;
2947 }
2948 }
2949
2950 /* This is the correct thing to do (check every time) but can_delete
2951 * is expensive (it may have to read the parent directory
2952 * permissions). So for now we're not doing it unless we have a strong
2953 * hint the client is really going to delete this file. If the client
2954 * is forcing FILE_CREATE let the filesystem take care of the
2955 * permissions. */
2956
2957 /* Setting FILE_SHARE_DELETE is the hint. */
2958
2959 if (lp_acl_check_permissions(SNUM(conn))
2960 && (create_disposition != FILE_CREATE)
2961 && (access_mask & DELETE_ACCESS)
2962 && (!(can_delete_file_in_directory(conn, smb_fname) ||
2963 can_access_file_acl(conn, smb_fname, DELETE_ACCESS)))) {
2964 status = NT_STATUS_ACCESS_DENIED;
2965 DEBUG(10,("create_file_unixpath: open file %s "
2966 "for delete ACCESS_DENIED\n",
2967 smb_fname_str_dbg(smb_fname)));
2968 goto fail;
2969 }
2970
2971 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
2972 !user_has_privileges(current_user.nt_user_token, &se_security)) {
2973 DEBUG(10, ("create_file_unixpath:: open on %s "
2974 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2975 smb_fname_str_dbg(smb_fname)));
2976 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2977 goto fail;
2978 }
2979
2980 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2981 && is_ntfs_stream_smb_fname(smb_fname)
2982 && (!(create_options & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
2983 uint32 base_create_disposition;
2984 struct smb_filename *smb_fname_base = NULL;
2985
2986 if (create_options & FILE_DIRECTORY_FILE) {
2987 status = NT_STATUS_NOT_A_DIRECTORY;
2988 goto fail;
2989 }
2990
2991 switch (create_disposition) {
2992 case FILE_OPEN:
2993 base_create_disposition = FILE_OPEN;
2994 break;
2995 default:
2996 base_create_disposition = FILE_OPEN_IF;
2997 break;
2998 }
2999
3000 /* Create an smb_filename with stream_name == NULL. */
3001 status = create_synthetic_smb_fname(talloc_tos(),
3002 smb_fname->base_name,
3003 NULL, NULL,
3004 &smb_fname_base);
3005 if (!NT_STATUS_IS_OK(status)) {
3006 goto fail;
3007 }
3008
3009 if (SMB_VFS_STAT(conn, smb_fname_base) == -1) {
3010 DEBUG(10, ("Unable to stat stream: %s\n",
3011 smb_fname_str_dbg(smb_fname_base)));
3012 }
3013
3014 /* Open the base file. */
3015 status = create_file_unixpath(conn, NULL, smb_fname_base, 0,
3016 FILE_SHARE_READ
3017 | FILE_SHARE_WRITE
3018 | FILE_SHARE_DELETE,
3019 base_create_disposition,
3020 0, 0, 0, 0, NULL, NULL,
3021 &base_fsp, NULL);
3022 TALLOC_FREE(smb_fname_base);
3023
3024 if (!NT_STATUS_IS_OK(status)) {
3025 DEBUG(10, ("create_file_unixpath for base %s failed: "
3026 "%s\n", smb_fname->base_name,
3027 nt_errstr(status)));
3028 goto fail;
3029 }
3030 /* we don't need to low level fd */
3031 fd_close(base_fsp);
3032 }
3033
3034 /*
3035 * If it's a request for a directory open, deal with it separately.
3036 */
3037
3038 if (create_options & FILE_DIRECTORY_FILE) {
3039
3040 if (create_options & FILE_NON_DIRECTORY_FILE) {
3041 status = NT_STATUS_INVALID_PARAMETER;
3042 goto fail;
3043 }
3044
3045 /* Can't open a temp directory. IFS kit test. */
3046 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
3047 (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) {
3048 status = NT_STATUS_INVALID_PARAMETER;
3049 goto fail;
3050 }
3051
3052 /*
3053 * We will get a create directory here if the Win32
3054 * app specified a security descriptor in the
3055 * CreateDirectory() call.
3056 */
3057
3058 oplock_request = 0;
3059 status = open_directory(
3060 conn, req, smb_fname, access_mask, share_access,
3061 create_disposition, create_options, file_attributes,
3062 &info, &fsp);
3063 } else {
3064
3065 /*
3066 * Ordinary file case.
3067 */
3068
3069 status = file_new(req, conn, &fsp);
3070 if(!NT_STATUS_IS_OK(status)) {
3071 goto fail;
3072 }
3073
3074 status = fsp_set_smb_fname(fsp, smb_fname);
3075 if (!NT_STATUS_IS_OK(status)) {
3076 goto fail;
3077 }
3078
3079 /*
3080 * We're opening the stream element of a base_fsp
3081 * we already opened. Set up the base_fsp pointer.
3082 */
3083 if (base_fsp) {
3084 fsp->base_fsp = base_fsp;
3085 }
3086
3087 status = open_file_ntcreate(conn,
3088 req,
3089 access_mask,
3090 share_access,
3091 create_disposition,
3092 create_options,
3093 file_attributes,
3094 oplock_request,
3095 &info,
3096 fsp);
3097
3098 if(!NT_STATUS_IS_OK(status)) {
3099 file_free(req, fsp);
3100 fsp = NULL;
3101 }
3102
3103 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3104
3105 /* A stream open never opens a directory */
3106
3107 if (base_fsp) {
3108 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3109 goto fail;
3110 }
3111
3112 /*
3113 * Fail the open if it was explicitly a non-directory
3114 * file.
3115 */
3116
3117 if (create_options & FILE_NON_DIRECTORY_FILE) {
3118 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3119 goto fail;
3120 }
3121
3122 oplock_request = 0;
3123 status = open_directory(
3124 conn, req, smb_fname, access_mask,
3125 share_access, create_disposition,
3126 create_options, file_attributes,
3127 &info, &fsp);
3128 }
3129 }
3130
3131 if (!NT_STATUS_IS_OK(status)) {
3132 goto fail;
3133 }
3134
3135 fsp->base_fsp = base_fsp;
3136
3137 /*
3138 * According to the MS documentation, the only time the security
3139 * descriptor is applied to the opened file is iff we *created* the
3140 * file; an existing file stays the same.
3141 *
3142 * Also, it seems (from observation) that you can open the file with
3143 * any access mask but you can still write the sd. We need to override
3144 * the granted access before we call set_sd
3145 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3146 */
3147
3148 if ((sd != NULL) && (info == FILE_WAS_CREATED)
3149 && lp_nt_acl_support(SNUM(conn))) {
3150
3151 uint32_t sec_info_sent;
3152 uint32_t saved_access_mask = fsp->access_mask;
3153
3154 sec_info_sent = get_sec_info(sd);
3155
3156 fsp->access_mask = FILE_GENERIC_ALL;
3157
3158 /* Convert all the generic bits. */
3159 security_acl_map_generic(sd->dacl, &file_generic_mapping);
3160 security_acl_map_generic(sd->sacl, &file_generic_mapping);
3161
3162 if (sec_info_sent & (OWNER_SECURITY_INFORMATION|
3163 GROUP_SECURITY_INFORMATION|
3164 DACL_SECURITY_INFORMATION|
3165 SACL_SECURITY_INFORMATION)) {
3166 status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3167 }
3168
3169 fsp->access_mask = saved_access_mask;
3170
3171 if (!NT_STATUS_IS_OK(status)) {
3172 goto fail;
3173 }
3174 }
3175
3176 if ((ea_list != NULL) &&
3177 ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN))) {
3178 status = set_ea(conn, fsp, fsp->fsp_name, ea_list);
3179 if (!NT_STATUS_IS_OK(status)) {
3180 goto fail;
3181 }
3182 }
3183
3184 if (!fsp->is_directory && S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
3185 status = NT_STATUS_ACCESS_DENIED;
3186 goto fail;
3187 }
3188
3189 /* Save the requested allocation size. */
3190 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3191 if (allocation_size
3192 && (allocation_size > fsp->fsp_name->st.st_ex_size)) {
3193 fsp->initial_allocation_size = smb_roundup(
3194 fsp->conn, allocation_size);
3195 if (fsp->is_directory) {
3196 /* Can't set allocation size on a directory. */
3197 status = NT_STATUS_ACCESS_DENIED;
3198 goto fail;
3199 }
3200 if (vfs_allocate_file_space(
3201 fsp, fsp->initial_allocation_size) == -1) {
3202 status = NT_STATUS_DISK_FULL;
3203 goto fail;
3204 }
3205 } else {
3206 fsp->initial_allocation_size = smb_roundup(
3207 fsp->conn, (uint64_t)fsp->fsp_name->st.st_ex_size);
3208 }
3209 }
3210
3211 DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3212
3213 *result = fsp;
3214 if (pinfo != NULL) {
3215 *pinfo = info;
3216 }
3217
3218 smb_fname->st = fsp->fsp_name->st;
3219
3220 return NT_STATUS_OK;
3221
3222 fail:
3223 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3224
3225 if (fsp != NULL) {
3226 if (base_fsp && fsp->base_fsp == base_fsp) {
3227 /*
3228 * The close_file below will close
3229 * fsp->base_fsp.
3230 */
3231 base_fsp = NULL;
3232 }
3233 close_file(req, fsp, ERROR_CLOSE);
3234 fsp = NULL;
3235 }
3236 if (base_fsp != NULL) {
3237 close_file(req, base_fsp, ERROR_CLOSE);
3238 base_fsp = NULL;
3239 }
3240 return status;
3241 }
3242
3243 /*
3244 * Calculate the full path name given a relative fid.
3245 */
3246 NTSTATUS get_relative_fid_filename(connection_struct *conn,
3247 struct smb_request *req,
3248 uint16_t root_dir_fid,
3249 const struct smb_filename *smb_fname,
3250 struct smb_filename **smb_fname_out)
3251 {
3252 files_struct *dir_fsp;
3253 char *parent_fname = NULL;
3254 char *new_base_name = NULL;
3255 NTSTATUS status;
3256
3257 if (root_dir_fid == 0 || !smb_fname) {
3258 status = NT_STATUS_INTERNAL_ERROR;
3259 goto out;
3260 }
3261
3262 dir_fsp = file_fsp(req, root_dir_fid);
3263
3264 if (dir_fsp == NULL) {
3265 status = NT_STATUS_INVALID_HANDLE;
3266 goto out;
3267 }
3268
3269 if (is_ntfs_stream_smb_fname(dir_fsp->fsp_name)) {
3270 status = NT_STATUS_INVALID_HANDLE;
3271 goto out;
3272 }
3273
3274 if (!dir_fsp->is_directory) {
3275
3276 /*
3277 * Check to see if this is a mac fork of some kind.
3278 */
3279
3280 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3281 is_ntfs_stream_smb_fname(smb_fname)) {
3282 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3283 goto out;
3284 }
3285
3286 /*
3287 we need to handle the case when we get a
3288 relative open relative to a file and the
3289 pathname is blank - this is a reopen!
3290 (hint from demyn plantenberg)
3291 */
3292
3293 status = NT_STATUS_INVALID_HANDLE;
3294 goto out;
3295 }
3296
3297 if (ISDOT(dir_fsp->fsp_name->base_name)) {
3298 /*
3299 * We're at the toplevel dir, the final file name
3300 * must not contain ./, as this is filtered out
3301 * normally by srvstr_get_path and unix_convert
3302 * explicitly rejects paths containing ./.
3303 */
3304 parent_fname = talloc_strdup(talloc_tos(), "");
3305 if (parent_fname == NULL) {
3306 status = NT_STATUS_NO_MEMORY;
3307 goto out;
3308 }
3309 } else {
3310 size_t dir_name_len = strlen(dir_fsp->fsp_name->base_name);
3311
3312 /*
3313 * Copy in the base directory name.
3314 */
3315
3316 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3317 dir_name_len+2);
3318 if (parent_fname == NULL) {
3319 status = NT_STATUS_NO_MEMORY;
3320 goto out;
3321 }
3322 memcpy(parent_fname, dir_fsp->fsp_name->base_name,
3323 dir_name_len+1);
3324
3325 /*
3326 * Ensure it ends in a '/'.
3327 * We used TALLOC_SIZE +2 to add space for the '/'.
3328 */
3329
3330 if(dir_name_len
3331 && (parent_fname[dir_name_len-1] != '\\')
3332 && (parent_fname[dir_name_len-1] != '/')) {
3333 parent_fname[dir_name_len] = '/';
3334 parent_fname[dir_name_len+1] = '\0';
3335 }
3336 }
3337
3338 new_base_name = talloc_asprintf(talloc_tos(), "%s%s", parent_fname,
3339 smb_fname->base_name);
3340 if (new_base_name == NULL) {
3341 status = NT_STATUS_NO_MEMORY;
3342 goto out;
3343 }
3344
3345 status = filename_convert(req,
3346 conn,
3347 req->flags2 & FLAGS2_DFS_PATHNAMES,
3348 new_base_name,
3349 0,
3350 NULL,
3351 smb_fname_out);
3352 if (!NT_STATUS_IS_OK(status)) {
3353 goto out;
3354 }
3355
3356 out:
3357 TALLOC_FREE(parent_fname);
3358 return status;
3359 }
3360
3361 NTSTATUS create_file_default(connection_struct *conn,
3362 struct smb_request *req,
3363 uint16_t root_dir_fid,
3364 struct smb_filename *smb_fname,
3365 uint32_t access_mask,
3366 uint32_t share_access,
3367 uint32_t create_disposition,
3368 uint32_t create_options,
3369 uint32_t file_attributes,
3370 uint32_t oplock_request,
3371 uint64_t allocation_size,
3372 struct security_descriptor *sd,
3373 struct ea_list *ea_list,
3374 files_struct **result,
3375 int *pinfo)
3376 {
3377 int info = FILE_WAS_OPENED;
3378 files_struct *fsp = NULL;
3379 NTSTATUS status;
3380
3381 DEBUG(10,("create_file: access_mask = 0x%x "
3382 "file_attributes = 0x%x, share_access = 0x%x, "
3383 "create_disposition = 0x%x create_options = 0x%x "
3384 "oplock_request = 0x%x "
3385 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3386 "fname = %s\n",
3387 (unsigned int)access_mask,
3388 (unsigned int)file_attributes,
3389 (unsigned int)share_access,
3390 (unsigned int)create_disposition,
3391 (unsigned int)create_options,
3392 (unsigned int)oplock_request,
3393 (unsigned int)root_dir_fid,
3394 ea_list, sd, smb_fname_str_dbg(smb_fname)));
3395
3396 /*
3397 * Calculate the filename from the root_dir_if if necessary.
3398 */
3399
3400 if (root_dir_fid != 0) {
3401 struct smb_filename *smb_fname_out = NULL;
3402 status = get_relative_fid_filename(conn, req, root_dir_fid,
3403 smb_fname, &smb_fname_out);
3404 if (!NT_STATUS_IS_OK(status)) {
3405 goto fail;
3406 }
3407 smb_fname = smb_fname_out;
3408 }
3409
3410 /*
3411 * Check to see if this is a mac fork of some kind.
3412 */
3413
3414 if (is_ntfs_stream_smb_fname(smb_fname)) {
3415 enum FAKE_FILE_TYPE fake_file_type;
3416
3417 fake_file_type = is_fake_file(smb_fname);
3418
3419 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3420
3421 /*
3422 * Here we go! support for changing the disk quotas
3423 * --metze
3424 *
3425 * We need to fake up to open this MAGIC QUOTA file
3426 * and return a valid FID.
3427 *
3428 * w2k close this file directly after openening xp
3429 * also tries a QUERY_FILE_INFO on the file and then
3430 * close it
3431 */
3432 status = open_fake_file(req, conn, req->vuid,
3433 fake_file_type, smb_fname,
3434 access_mask, &fsp);
3435 if (!NT_STATUS_IS_OK(status)) {
3436 goto fail;
3437 }
3438
3439 ZERO_STRUCT(smb_fname->st);
3440 goto done;
3441 }
3442
3443 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3444 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
3445 goto fail;
3446 }
3447 }
3448
3449 /* All file access must go through check_name() */
3450
3451 status = check_name(conn, smb_fname->base_name);
3452 if (!NT_STATUS_IS_OK(status)) {
3453 goto fail;
3454 }
3455
3456 status = create_file_unixpath(
3457 conn, req, smb_fname, access_mask, share_access,
3458 create_disposition, create_options, file_attributes,
3459 oplock_request, allocation_size, sd, ea_list,
3460 &fsp, &info);
3461
3462 if (!NT_STATUS_IS_OK(status)) {
3463 goto fail;
3464 }
3465
3466 done:
3467 DEBUG(10, ("create_file: info=%d\n", info));
3468
3469 *result = fsp;
3470 if (pinfo != NULL) {
3471 *pinfo = info;
3472 }
3473 return NT_STATUS_OK;
3474
3475 fail:
3476 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3477
3478 if (fsp != NULL) {
3479 close_file(req, fsp, ERROR_CLOSE);
3480 fsp = NULL;
3481 }
3482 return status;
3483 }
Samba GIT mirror