search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix bug #6154 - zfs does not honor admin users.
[Samba.git] / source / smbd / open.c
blob9b51ff0d9485896322e2c1452a22a6aafe52ebac
1 /*
2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23
24 extern const struct generic_mapping file_generic_mapping;
25 extern bool global_client_failed_oplock_break;
26
27 struct deferred_open_record {
28 bool delayed_for_oplocks;
29 struct file_id id;
30 };
31
32 /****************************************************************************
33 SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
34 ****************************************************************************/
35
36 NTSTATUS smb1_file_se_access_check(const struct security_descriptor *sd,
37 const NT_USER_TOKEN *token,
38 uint32_t access_desired,
39 uint32_t *access_granted)
40 {
41 return se_access_check(sd,
42 token,
43 (access_desired & ~FILE_READ_ATTRIBUTES),
44 access_granted);
45 }
46
47 /****************************************************************************
48 Check if we have open rights.
49 ****************************************************************************/
50
51 static NTSTATUS check_open_rights(struct connection_struct *conn,
52 const char *fname,
53 uint32_t access_mask,
54 uint32_t *access_granted)
55 {
56 /* Check if we have rights to open. */
57 NTSTATUS status;
58 struct security_descriptor *sd;
59
60 *access_granted = 0;
61
62 status = SMB_VFS_GET_NT_ACL(conn, fname,
63 (OWNER_SECURITY_INFORMATION |
64 GROUP_SECURITY_INFORMATION |
65 DACL_SECURITY_INFORMATION),&sd);
66
67 if (!NT_STATUS_IS_OK(status)) {
68 DEBUG(10, ("check_open_rights: Could not get acl "
69 "on %s: %s\n",
70 fname,
71 nt_errstr(status)));
72 return status;
73 }
74
75 status = smb1_file_se_access_check(sd,
76 conn->server_info->ptok,
77 access_mask,
78 access_granted);
79
80 TALLOC_FREE(sd);
81
82 DEBUG(10,("check_open_rights: file %s requesting "
83 "0x%x returning 0x%x (%s)\n",
84 fname,
85 (unsigned int)access_mask,
86 (unsigned int)*access_granted,
87 nt_errstr(status) ));
88
89 return status;
90 }
91
92 /****************************************************************************
93 fd support routines - attempt to do a dos_open.
94 ****************************************************************************/
95
96 static NTSTATUS fd_open(struct connection_struct *conn,
97 const char *fname,
98 files_struct *fsp,
99 int flags,
100 mode_t mode)
101 {
102 NTSTATUS status = NT_STATUS_OK;
103
104 #ifdef O_NOFOLLOW
105 /*
106 * Never follow symlinks on a POSIX client. The
107 * client should be doing this.
108 */
109
110 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
111 flags |= O_NOFOLLOW;
112 }
113 #endif
114
115 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
116 if (fsp->fh->fd == -1) {
117 status = map_nt_error_from_unix(errno);
118 }
119
120 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
121 fname, flags, (int)mode, fsp->fh->fd,
122 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
123
124 return status;
125 }
126
127 /****************************************************************************
128 Close the file associated with a fsp.
129 ****************************************************************************/
130
131 NTSTATUS fd_close(files_struct *fsp)
132 {
133 int ret;
134
135 if (fsp->fh->fd == -1) {
136 return NT_STATUS_OK; /* What we used to call a stat open. */
137 }
138 if (fsp->fh->ref_count > 1) {
139 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
140 }
141
142 ret = SMB_VFS_CLOSE(fsp);
143 fsp->fh->fd = -1;
144 if (ret == -1) {
145 return map_nt_error_from_unix(errno);
146 }
147 return NT_STATUS_OK;
148 }
149
150 /****************************************************************************
151 Change the ownership of a file to that of the parent directory.
152 Do this by fd if possible.
153 ****************************************************************************/
154
155 static void change_file_owner_to_parent(connection_struct *conn,
156 const char *inherit_from_dir,
157 files_struct *fsp)
158 {
159 SMB_STRUCT_STAT parent_st;
160 int ret;
161
162 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
163 if (ret == -1) {
164 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
165 "directory %s. Error was %s\n",
166 inherit_from_dir, strerror(errno) ));
167 return;
168 }
169
170 become_root();
171 ret = SMB_VFS_FCHOWN(fsp, parent_st.st_uid, (gid_t)-1);
172 unbecome_root();
173 if (ret == -1) {
174 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
175 "file %s to parent directory uid %u. Error "
176 "was %s\n", fsp->fsp_name,
177 (unsigned int)parent_st.st_uid,
178 strerror(errno) ));
179 }
180
181 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
182 "parent directory uid %u.\n", fsp->fsp_name,
183 (unsigned int)parent_st.st_uid ));
184 }
185
186 static NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
187 const char *inherit_from_dir,
188 const char *fname,
189 SMB_STRUCT_STAT *psbuf)
190 {
191 char *saved_dir = NULL;
192 SMB_STRUCT_STAT sbuf;
193 SMB_STRUCT_STAT parent_st;
194 TALLOC_CTX *ctx = talloc_tos();
195 NTSTATUS status = NT_STATUS_OK;
196 int ret;
197
198 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
199 if (ret == -1) {
200 status = map_nt_error_from_unix(errno);
201 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
202 "directory %s. Error was %s\n",
203 inherit_from_dir, strerror(errno) ));
204 return status;
205 }
206
207 /* We've already done an lstat into psbuf, and we know it's a
208 directory. If we can cd into the directory and the dev/ino
209 are the same then we can safely chown without races as
210 we're locking the directory in place by being in it. This
211 should work on any UNIX (thanks tridge :-). JRA.
212 */
213
214 saved_dir = vfs_GetWd(ctx,conn);
215 if (!saved_dir) {
216 status = map_nt_error_from_unix(errno);
217 DEBUG(0,("change_dir_owner_to_parent: failed to get "
218 "current working directory. Error was %s\n",
219 strerror(errno)));
220 return status;
221 }
222
223 /* Chdir into the new path. */
224 if (vfs_ChDir(conn, fname) == -1) {
225 status = map_nt_error_from_unix(errno);
226 DEBUG(0,("change_dir_owner_to_parent: failed to change "
227 "current working directory to %s. Error "
228 "was %s\n", fname, strerror(errno) ));
229 goto out;
230 }
231
232 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
233 status = map_nt_error_from_unix(errno);
234 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
235 "directory '.' (%s) Error was %s\n",
236 fname, strerror(errno)));
237 goto out;
238 }
239
240 /* Ensure we're pointing at the same place. */
241 if (sbuf.st_dev != psbuf->st_dev ||
242 sbuf.st_ino != psbuf->st_ino ||
243 sbuf.st_mode != psbuf->st_mode ) {
244 DEBUG(0,("change_dir_owner_to_parent: "
245 "device/inode/mode on directory %s changed. "
246 "Refusing to chown !\n", fname ));
247 status = NT_STATUS_ACCESS_DENIED;
248 goto out;
249 }
250
251 become_root();
252 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
253 unbecome_root();
254 if (ret == -1) {
255 status = map_nt_error_from_unix(errno);
256 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
257 "directory %s to parent directory uid %u. "
258 "Error was %s\n", fname,
259 (unsigned int)parent_st.st_uid, strerror(errno) ));
260 goto out;
261 }
262
263 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
264 "directory %s to parent directory uid %u.\n",
265 fname, (unsigned int)parent_st.st_uid ));
266
267 out:
268
269 vfs_ChDir(conn,saved_dir);
270 return status;
271 }
272
273 /****************************************************************************
274 Open a file.
275 ****************************************************************************/
276
277 static NTSTATUS open_file(files_struct *fsp,
278 connection_struct *conn,
279 struct smb_request *req,
280 const char *parent_dir,
281 const char *name,
282 const char *path,
283 SMB_STRUCT_STAT *psbuf,
284 int flags,
285 mode_t unx_mode,
286 uint32 access_mask, /* client requested access mask. */
287 uint32 open_access_mask) /* what we're actually using in the open. */
288 {
289 NTSTATUS status = NT_STATUS_OK;
290 int accmode = (flags & O_ACCMODE);
291 int local_flags = flags;
292 bool file_existed = VALID_STAT(*psbuf);
293
294 fsp->fh->fd = -1;
295 errno = EPERM;
296
297 /* Check permissions */
298
299 /*
300 * This code was changed after seeing a client open request
301 * containing the open mode of (DENY_WRITE/read-only) with
302 * the 'create if not exist' bit set. The previous code
303 * would fail to open the file read only on a read-only share
304 * as it was checking the flags parameter directly against O_RDONLY,
305 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
306 * JRA.
307 */
308
309 if (!CAN_WRITE(conn)) {
310 /* It's a read-only share - fail if we wanted to write. */
311 if(accmode != O_RDONLY) {
312 DEBUG(3,("Permission denied opening %s\n", path));
313 return NT_STATUS_ACCESS_DENIED;
314 } else if(flags & O_CREAT) {
315 /* We don't want to write - but we must make sure that
316 O_CREAT doesn't create the file if we have write
317 access into the directory.
318 */
319 flags &= ~O_CREAT;
320 local_flags &= ~O_CREAT;
321 }
322 }
323
324 /*
325 * This little piece of insanity is inspired by the
326 * fact that an NT client can open a file for O_RDONLY,
327 * but set the create disposition to FILE_EXISTS_TRUNCATE.
328 * If the client *can* write to the file, then it expects to
329 * truncate the file, even though it is opening for readonly.
330 * Quicken uses this stupid trick in backup file creation...
331 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
332 * for helping track this one down. It didn't bite us in 2.0.x
333 * as we always opened files read-write in that release. JRA.
334 */
335
336 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
337 DEBUG(10,("open_file: truncate requested on read-only open "
338 "for file %s\n", path));
339 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
340 }
341
342 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
343 (!file_existed && (local_flags & O_CREAT)) ||
344 ((local_flags & O_TRUNC) == O_TRUNC) ) {
345 const char *wild;
346
347 /*
348 * We can't actually truncate here as the file may be locked.
349 * open_file_ntcreate will take care of the truncate later. JRA.
350 */
351
352 local_flags &= ~O_TRUNC;
353
354 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
355 /*
356 * We would block on opening a FIFO with no one else on the
357 * other end. Do what we used to do and add O_NONBLOCK to the
358 * open flags. JRA.
359 */
360
361 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
362 local_flags |= O_NONBLOCK;
363 }
364 #endif
365
366 /* Don't create files with Microsoft wildcard characters. */
367 if (fsp->base_fsp) {
368 /*
369 * wildcard characters are allowed in stream names
370 * only test the basefilename
371 */
372 wild = fsp->base_fsp->fsp_name;
373 } else {
374 wild = path;
375 }
376 if ((local_flags & O_CREAT) && !file_existed &&
377 ms_has_wild(wild)) {
378 return NT_STATUS_OBJECT_NAME_INVALID;
379 }
380
381 /* Actually do the open */
382 status = fd_open(conn, path, fsp, local_flags, unx_mode);
383 if (!NT_STATUS_IS_OK(status)) {
384 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
385 "(flags=%d)\n",
386 path,nt_errstr(status),local_flags,flags));
387 return status;
388 }
389
390 if ((local_flags & O_CREAT) && !file_existed) {
391
392 /* Inherit the ACL if required */
393 if (lp_inherit_perms(SNUM(conn))) {
394 inherit_access_posix_acl(conn, parent_dir, path,
395 unx_mode);
396 }
397
398 /* Change the owner if required. */
399 if (lp_inherit_owner(SNUM(conn))) {
400 change_file_owner_to_parent(conn, parent_dir,
401 fsp);
402 }
403
404 notify_fname(conn, NOTIFY_ACTION_ADDED,
405 FILE_NOTIFY_CHANGE_FILE_NAME, path);
406 }
407
408 } else {
409 fsp->fh->fd = -1; /* What we used to call a stat open. */
410 if (file_existed) {
411 uint32_t access_granted = 0;
412
413 status = check_open_rights(conn,
414 path,
415 access_mask,
416 &access_granted);
417 if (!NT_STATUS_IS_OK(status)) {
418 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
419 if ((access_mask & DELETE_ACCESS) &&
420 (access_granted == DELETE_ACCESS) &&
421 can_delete_file_in_directory(conn, path)) {
422 /* Were we trying to do a stat open
423 * for delete and didn't get DELETE
424 * access (only) ? Check if the
425 * directory allows DELETE_CHILD.
426 * See here:
427 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
428 * for details. */
429
430 DEBUG(10,("open_file: overrode ACCESS_DENIED "
431 "on file %s\n",
432 path ));
433 } else {
434 DEBUG(10, ("open_file: Access denied on "
435 "file %s\n",
436 path));
437 return status;
438 }
439 } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
440 fsp->posix_open &&
441 S_ISLNK(psbuf->st_mode)) {
442 /* This is a POSIX stat open for delete
443 * or rename on a symlink that points
444 * nowhere. Allow. */
445 DEBUG(10, ("open_file: allowing POSIX open "
446 "on bad symlink %s\n",
447 path ));
448 } else {
449 DEBUG(10, ("open_file: check_open_rights "
450 "on file %s returned %s\n",
451 path, nt_errstr(status) ));
452 return status;
453 }
454 }
455 }
456 }
457
458 if (!file_existed) {
459 int ret;
460
461 if (fsp->fh->fd == -1) {
462 ret = SMB_VFS_STAT(conn, path, psbuf);
463 } else {
464 ret = SMB_VFS_FSTAT(fsp, psbuf);
465 /* If we have an fd, this stat should succeed. */
466 if (ret == -1) {
467 DEBUG(0,("Error doing fstat on open file %s "
468 "(%s)\n", path,strerror(errno) ));
469 }
470 }
471
472 /* For a non-io open, this stat failing means file not found. JRA */
473 if (ret == -1) {
474 status = map_nt_error_from_unix(errno);
475 fd_close(fsp);
476 return status;
477 }
478 }
479
480 /*
481 * POSIX allows read-only opens of directories. We don't
482 * want to do this (we use a different code path for this)
483 * so catch a directory open and return an EISDIR. JRA.
484 */
485
486 if(S_ISDIR(psbuf->st_mode)) {
487 fd_close(fsp);
488 errno = EISDIR;
489 return NT_STATUS_FILE_IS_A_DIRECTORY;
490 }
491
492 fsp->mode = psbuf->st_mode;
493 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
494 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
495 fsp->file_pid = req ? req->smbpid : 0;
496 fsp->can_lock = True;
497 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
498 if (!CAN_WRITE(conn)) {
499 fsp->can_write = False;
500 } else {
501 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
502 True : False;
503 }
504 fsp->print_file = False;
505 fsp->modified = False;
506 fsp->sent_oplock_break = NO_BREAK_SENT;
507 fsp->is_directory = False;
508 if (conn->aio_write_behind_list &&
509 is_in_path(path, conn->aio_write_behind_list, conn->case_sensitive)) {
510 fsp->aio_write_behind = True;
511 }
512
513 string_set(&fsp->fsp_name, path);
514 fsp->wcp = NULL; /* Write cache pointer. */
515
516 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
517 conn->server_info->unix_name,
518 fsp->fsp_name,
519 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
520 conn->num_files_open));
521
522 errno = 0;
523 return NT_STATUS_OK;
524 }
525
526 /*******************************************************************
527 Return True if the filename is one of the special executable types.
528 ********************************************************************/
529
530 static bool is_executable(const char *fname)
531 {
532 if ((fname = strrchr_m(fname,'.'))) {
533 if (strequal(fname,".com") ||
534 strequal(fname,".dll") ||
535 strequal(fname,".exe") ||
536 strequal(fname,".sym")) {
537 return True;
538 }
539 }
540 return False;
541 }
542
543 /****************************************************************************
544 Check if we can open a file with a share mode.
545 Returns True if conflict, False if not.
546 ****************************************************************************/
547
548 static bool share_conflict(struct share_mode_entry *entry,
549 uint32 access_mask,
550 uint32 share_access)
551 {
552 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
553 "entry->share_access = 0x%x, "
554 "entry->private_options = 0x%x\n",
555 (unsigned int)entry->access_mask,
556 (unsigned int)entry->share_access,
557 (unsigned int)entry->private_options));
558
559 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
560 (unsigned int)access_mask, (unsigned int)share_access));
561
562 if ((entry->access_mask & (FILE_WRITE_DATA|
563 FILE_APPEND_DATA|
564 FILE_READ_DATA|
565 FILE_EXECUTE|
566 DELETE_ACCESS)) == 0) {
567 DEBUG(10,("share_conflict: No conflict due to "
568 "entry->access_mask = 0x%x\n",
569 (unsigned int)entry->access_mask ));
570 return False;
571 }
572
573 if ((access_mask & (FILE_WRITE_DATA|
574 FILE_APPEND_DATA|
575 FILE_READ_DATA|
576 FILE_EXECUTE|
577 DELETE_ACCESS)) == 0) {
578 DEBUG(10,("share_conflict: No conflict due to "
579 "access_mask = 0x%x\n",
580 (unsigned int)access_mask ));
581 return False;
582 }
583
584 #if 1 /* JRA TEST - Superdebug. */
585 #define CHECK_MASK(num, am, right, sa, share) \
586 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
587 (unsigned int)(num), (unsigned int)(am), \
588 (unsigned int)(right), (unsigned int)(am)&(right) )); \
589 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
590 (unsigned int)(num), (unsigned int)(sa), \
591 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
592 if (((am) & (right)) && !((sa) & (share))) { \
593 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
594 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
595 (unsigned int)(share) )); \
596 return True; \
597 }
598 #else
599 #define CHECK_MASK(num, am, right, sa, share) \
600 if (((am) & (right)) && !((sa) & (share))) { \
601 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
602 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
603 (unsigned int)(share) )); \
604 return True; \
605 }
606 #endif
607
608 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
609 share_access, FILE_SHARE_WRITE);
610 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
611 entry->share_access, FILE_SHARE_WRITE);
612
613 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
614 share_access, FILE_SHARE_READ);
615 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
616 entry->share_access, FILE_SHARE_READ);
617
618 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
619 share_access, FILE_SHARE_DELETE);
620 CHECK_MASK(6, access_mask, DELETE_ACCESS,
621 entry->share_access, FILE_SHARE_DELETE);
622
623 DEBUG(10,("share_conflict: No conflict.\n"));
624 return False;
625 }
626
627 #if defined(DEVELOPER)
628 static void validate_my_share_entries(int num,
629 struct share_mode_entry *share_entry)
630 {
631 files_struct *fsp;
632
633 if (!procid_is_me(&share_entry->pid)) {
634 return;
635 }
636
637 if (is_deferred_open_entry(share_entry) &&
638 !open_was_deferred(share_entry->op_mid)) {
639 char *str = talloc_asprintf(talloc_tos(),
640 "Got a deferred entry without a request: "
641 "PANIC: %s\n",
642 share_mode_str(talloc_tos(), num, share_entry));
643 smb_panic(str);
644 }
645
646 if (!is_valid_share_mode_entry(share_entry)) {
647 return;
648 }
649
650 fsp = file_find_dif(share_entry->id,
651 share_entry->share_file_id);
652 if (!fsp) {
653 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
654 share_mode_str(talloc_tos(), num, share_entry) ));
655 smb_panic("validate_my_share_entries: Cannot match a "
656 "share entry with an open file\n");
657 }
658
659 if (is_deferred_open_entry(share_entry) ||
660 is_unused_share_mode_entry(share_entry)) {
661 goto panic;
662 }
663
664 if ((share_entry->op_type == NO_OPLOCK) &&
665 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
666 /* Someone has already written to it, but I haven't yet
667 * noticed */
668 return;
669 }
670
671 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
672 goto panic;
673 }
674
675 return;
676
677 panic:
678 {
679 char *str;
680 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
681 share_mode_str(talloc_tos(), num, share_entry) ));
682 str = talloc_asprintf(talloc_tos(),
683 "validate_my_share_entries: "
684 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
685 fsp->fsp_name, (unsigned int)fsp->oplock_type,
686 (unsigned int)share_entry->op_type );
687 smb_panic(str);
688 }
689 }
690 #endif
691
692 static bool is_stat_open(uint32 access_mask)
693 {
694 return (access_mask &&
695 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
696 FILE_WRITE_ATTRIBUTES))==0) &&
697 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
698 FILE_WRITE_ATTRIBUTES)) != 0));
699 }
700
701 /****************************************************************************
702 Deal with share modes
703 Invarient: Share mode must be locked on entry and exit.
704 Returns -1 on error, or number of share modes on success (may be zero).
705 ****************************************************************************/
706
707 static NTSTATUS open_mode_check(connection_struct *conn,
708 const char *fname,
709 struct share_mode_lock *lck,
710 uint32 access_mask,
711 uint32 share_access,
712 uint32 create_options,
713 bool *file_existed)
714 {
715 int i;
716
717 if(lck->num_share_modes == 0) {
718 return NT_STATUS_OK;
719 }
720
721 *file_existed = True;
722
723 /* A delete on close prohibits everything */
724
725 if (lck->delete_on_close) {
726 return NT_STATUS_DELETE_PENDING;
727 }
728
729 if (is_stat_open(access_mask)) {
730 /* Stat open that doesn't trigger oplock breaks or share mode
731 * checks... ! JRA. */
732 return NT_STATUS_OK;
733 }
734
735 /*
736 * Check if the share modes will give us access.
737 */
738
739 #if defined(DEVELOPER)
740 for(i = 0; i < lck->num_share_modes; i++) {
741 validate_my_share_entries(i, &lck->share_modes[i]);
742 }
743 #endif
744
745 if (!lp_share_modes(SNUM(conn))) {
746 return NT_STATUS_OK;
747 }
748
749 /* Now we check the share modes, after any oplock breaks. */
750 for(i = 0; i < lck->num_share_modes; i++) {
751
752 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
753 continue;
754 }
755
756 /* someone else has a share lock on it, check to see if we can
757 * too */
758 if (share_conflict(&lck->share_modes[i],
759 access_mask, share_access)) {
760 return NT_STATUS_SHARING_VIOLATION;
761 }
762 }
763
764 return NT_STATUS_OK;
765 }
766
767 static bool is_delete_request(files_struct *fsp) {
768 return ((fsp->access_mask == DELETE_ACCESS) &&
769 (fsp->oplock_type == NO_OPLOCK));
770 }
771
772 /*
773 * Send a break message to the oplock holder and delay the open for
774 * our client.
775 */
776
777 static NTSTATUS send_break_message(files_struct *fsp,
778 struct share_mode_entry *exclusive,
779 uint16 mid,
780 int oplock_request)
781 {
782 NTSTATUS status;
783 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
784
785 DEBUG(10, ("Sending break request to PID %s\n",
786 procid_str_static(&exclusive->pid)));
787 exclusive->op_mid = mid;
788
789 /* Create the message. */
790 share_mode_entry_to_message(msg, exclusive);
791
792 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
793 don't want this set in the share mode struct pointed to by lck. */
794
795 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
796 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
797 }
798
799 status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
800 MSG_SMB_BREAK_REQUEST,
801 (uint8 *)msg,
802 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
803 if (!NT_STATUS_IS_OK(status)) {
804 DEBUG(3, ("Could not send oplock break message: %s\n",
805 nt_errstr(status)));
806 }
807
808 return status;
809 }
810
811 /*
812 * 1) No files open at all or internal open: Grant whatever the client wants.
813 *
814 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
815 * request, break if the oplock around is a batch oplock. If it's another
816 * requested access type, break.
817 *
818 * 3) Only level2 around: Grant level2 and do nothing else.
819 */
820
821 static bool delay_for_oplocks(struct share_mode_lock *lck,
822 files_struct *fsp,
823 uint16 mid,
824 int pass_number,
825 int oplock_request)
826 {
827 extern uint32 global_client_caps;
828 int i;
829 struct share_mode_entry *exclusive = NULL;
830 bool valid_entry = false;
831 bool have_level2 = false;
832 bool have_a_none_oplock = false;
833 bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
834 lp_level2_oplocks(SNUM(fsp->conn));
835
836 if (oplock_request & INTERNAL_OPEN_ONLY) {
837 fsp->oplock_type = NO_OPLOCK;
838 }
839
840 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
841 return false;
842 }
843
844 for (i=0; i<lck->num_share_modes; i++) {
845
846 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
847 continue;
848 }
849
850 /* At least one entry is not an invalid or deferred entry. */
851 valid_entry = true;
852
853 if (pass_number == 1) {
854 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
855 SMB_ASSERT(exclusive == NULL);
856 exclusive = &lck->share_modes[i];
857 }
858 } else {
859 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
860 SMB_ASSERT(exclusive == NULL);
861 exclusive = &lck->share_modes[i];
862 }
863 }
864
865 if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
866 SMB_ASSERT(exclusive == NULL);
867 have_level2 = true;
868 }
869
870 if (lck->share_modes[i].op_type == NO_OPLOCK) {
871 have_a_none_oplock = true;
872 }
873 }
874
875 if (exclusive != NULL) { /* Found an exclusive oplock */
876 bool delay_it = is_delete_request(fsp) ?
877 BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
878 SMB_ASSERT(!have_level2);
879 if (delay_it) {
880 send_break_message(fsp, exclusive, mid, oplock_request);
881 return true;
882 }
883 }
884
885 /*
886 * Match what was requested (fsp->oplock_type) with
887 * what was found in the existing share modes.
888 */
889
890 if (!valid_entry) {
891 /* All entries are placeholders or deferred.
892 * Directly grant whatever the client wants. */
893 if (fsp->oplock_type == NO_OPLOCK) {
894 /* Store a level2 oplock, but don't tell the client */
895 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
896 }
897 } else if (have_a_none_oplock) {
898 fsp->oplock_type = NO_OPLOCK;
899 } else if (have_level2) {
900 if (fsp->oplock_type == NO_OPLOCK ||
901 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
902 /* Store a level2 oplock, but don't tell the client */
903 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
904 } else {
905 fsp->oplock_type = LEVEL_II_OPLOCK;
906 }
907 } else {
908 /* This case can never happen. */
909 SMB_ASSERT(1);
910 }
911
912 /*
913 * Don't grant level2 to clients that don't want them
914 * or if we've turned them off.
915 */
916 if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
917 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
918 }
919
920 DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
921 fsp->oplock_type, fsp->fsp_name));
922
923 /* No delay. */
924 return false;
925 }
926
927 static bool request_timed_out(struct timeval request_time,
928 struct timeval timeout)
929 {
930 struct timeval now, end_time;
931 GetTimeOfDay(&now);
932 end_time = timeval_sum(&request_time, &timeout);
933 return (timeval_compare(&end_time, &now) < 0);
934 }
935
936 /****************************************************************************
937 Handle the 1 second delay in returning a SHARING_VIOLATION error.
938 ****************************************************************************/
939
940 static void defer_open(struct share_mode_lock *lck,
941 struct timeval request_time,
942 struct timeval timeout,
943 struct smb_request *req,
944 struct deferred_open_record *state)
945 {
946 int i;
947
948 /* Paranoia check */
949
950 for (i=0; i<lck->num_share_modes; i++) {
951 struct share_mode_entry *e = &lck->share_modes[i];
952
953 if (!is_deferred_open_entry(e)) {
954 continue;
955 }
956
957 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
958 DEBUG(0, ("Trying to defer an already deferred "
959 "request: mid=%d, exiting\n", req->mid));
960 exit_server("attempt to defer a deferred request");
961 }
962 }
963
964 /* End paranoia check */
965
966 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
967 "open entry for mid %u\n",
968 (unsigned int)request_time.tv_sec,
969 (unsigned int)request_time.tv_usec,
970 (unsigned int)req->mid));
971
972 if (!push_deferred_smb_message(req, request_time, timeout,
973 (char *)state, sizeof(*state))) {
974 exit_server("push_deferred_smb_message failed");
975 }
976 add_deferred_open(lck, req->mid, request_time, state->id);
977
978 /*
979 * Push the MID of this packet on the signing queue.
980 * We only do this once, the first time we push the packet
981 * onto the deferred open queue, as this has a side effect
982 * of incrementing the response sequence number.
983 */
984
985 srv_defer_sign_response(req->mid);
986 }
987
988
989 /****************************************************************************
990 On overwrite open ensure that the attributes match.
991 ****************************************************************************/
992
993 static bool open_match_attributes(connection_struct *conn,
994 const char *path,
995 uint32 old_dos_attr,
996 uint32 new_dos_attr,
997 mode_t existing_unx_mode,
998 mode_t new_unx_mode,
999 mode_t *returned_unx_mode)
1000 {
1001 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1002
1003 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1004 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1005
1006 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1007 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1008 *returned_unx_mode = new_unx_mode;
1009 } else {
1010 *returned_unx_mode = (mode_t)0;
1011 }
1012
1013 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
1014 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1015 "returned_unx_mode = 0%o\n",
1016 path,
1017 (unsigned int)old_dos_attr,
1018 (unsigned int)existing_unx_mode,
1019 (unsigned int)new_dos_attr,
1020 (unsigned int)*returned_unx_mode ));
1021
1022 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1023 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1024 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1025 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1026 return False;
1027 }
1028 }
1029 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1030 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1031 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1032 return False;
1033 }
1034 }
1035 return True;
1036 }
1037
1038 /****************************************************************************
1039 Special FCB or DOS processing in the case of a sharing violation.
1040 Try and find a duplicated file handle.
1041 ****************************************************************************/
1042
1043 static NTSTATUS fcb_or_dos_open(connection_struct *conn,
1044 files_struct *fsp_to_dup_into,
1045 const char *fname,
1046 struct file_id id,
1047 uint16 file_pid,
1048 uint16 vuid,
1049 uint32 access_mask,
1050 uint32 share_access,
1051 uint32 create_options)
1052 {
1053 files_struct *fsp;
1054
1055 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1056 "file %s.\n", fname ));
1057
1058 for(fsp = file_find_di_first(id); fsp;
1059 fsp = file_find_di_next(fsp)) {
1060
1061 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1062 "vuid = %u, file_pid = %u, private_options = 0x%x "
1063 "access_mask = 0x%x\n", fsp->fsp_name,
1064 fsp->fh->fd, (unsigned int)fsp->vuid,
1065 (unsigned int)fsp->file_pid,
1066 (unsigned int)fsp->fh->private_options,
1067 (unsigned int)fsp->access_mask ));
1068
1069 if (fsp->fh->fd != -1 &&
1070 fsp->vuid == vuid &&
1071 fsp->file_pid == file_pid &&
1072 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1073 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1074 (fsp->access_mask & FILE_WRITE_DATA) &&
1075 strequal(fsp->fsp_name, fname)) {
1076 DEBUG(10,("fcb_or_dos_open: file match\n"));
1077 break;
1078 }
1079 }
1080
1081 if (!fsp) {
1082 return NT_STATUS_NOT_FOUND;
1083 }
1084
1085 /* quite an insane set of semantics ... */
1086 if (is_executable(fname) &&
1087 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1088 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1089 return NT_STATUS_INVALID_PARAMETER;
1090 }
1091
1092 /* We need to duplicate this fsp. */
1093 dup_file_fsp(fsp, access_mask, share_access,
1094 create_options, fsp_to_dup_into);
1095
1096 return NT_STATUS_OK;
1097 }
1098
1099 /****************************************************************************
1100 Open a file with a share mode - old openX method - map into NTCreate.
1101 ****************************************************************************/
1102
1103 bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
1104 uint32 *paccess_mask,
1105 uint32 *pshare_mode,
1106 uint32 *pcreate_disposition,
1107 uint32 *pcreate_options)
1108 {
1109 uint32 access_mask;
1110 uint32 share_mode;
1111 uint32 create_disposition;
1112 uint32 create_options = FILE_NON_DIRECTORY_FILE;
1113
1114 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1115 "open_func = 0x%x\n",
1116 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
1117
1118 /* Create the NT compatible access_mask. */
1119 switch (GET_OPENX_MODE(deny_mode)) {
1120 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1121 case DOS_OPEN_RDONLY:
1122 access_mask = FILE_GENERIC_READ;
1123 break;
1124 case DOS_OPEN_WRONLY:
1125 access_mask = FILE_GENERIC_WRITE;
1126 break;
1127 case DOS_OPEN_RDWR:
1128 case DOS_OPEN_FCB:
1129 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1130 break;
1131 default:
1132 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1133 (unsigned int)GET_OPENX_MODE(deny_mode)));
1134 return False;
1135 }
1136
1137 /* Create the NT compatible create_disposition. */
1138 switch (open_func) {
1139 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1140 create_disposition = FILE_CREATE;
1141 break;
1142
1143 case OPENX_FILE_EXISTS_OPEN:
1144 create_disposition = FILE_OPEN;
1145 break;
1146
1147 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1148 create_disposition = FILE_OPEN_IF;
1149 break;
1150
1151 case OPENX_FILE_EXISTS_TRUNCATE:
1152 create_disposition = FILE_OVERWRITE;
1153 break;
1154
1155 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1156 create_disposition = FILE_OVERWRITE_IF;
1157 break;
1158
1159 default:
1160 /* From samba4 - to be confirmed. */
1161 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1162 create_disposition = FILE_CREATE;
1163 break;
1164 }
1165 DEBUG(10,("map_open_params_to_ntcreate: bad "
1166 "open_func 0x%x\n", (unsigned int)open_func));
1167 return False;
1168 }
1169
1170 /* Create the NT compatible share modes. */
1171 switch (GET_DENY_MODE(deny_mode)) {
1172 case DENY_ALL:
1173 share_mode = FILE_SHARE_NONE;
1174 break;
1175
1176 case DENY_WRITE:
1177 share_mode = FILE_SHARE_READ;
1178 break;
1179
1180 case DENY_READ:
1181 share_mode = FILE_SHARE_WRITE;
1182 break;
1183
1184 case DENY_NONE:
1185 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1186 break;
1187
1188 case DENY_DOS:
1189 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1190 if (is_executable(fname)) {
1191 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1192 } else {
1193 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1194 share_mode = FILE_SHARE_READ;
1195 } else {
1196 share_mode = FILE_SHARE_NONE;
1197 }
1198 }
1199 break;
1200
1201 case DENY_FCB:
1202 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1203 share_mode = FILE_SHARE_NONE;
1204 break;
1205
1206 default:
1207 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1208 (unsigned int)GET_DENY_MODE(deny_mode) ));
1209 return False;
1210 }
1211
1212 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1213 "share_mode = 0x%x, create_disposition = 0x%x, "
1214 "create_options = 0x%x\n",
1215 fname,
1216 (unsigned int)access_mask,
1217 (unsigned int)share_mode,
1218 (unsigned int)create_disposition,
1219 (unsigned int)create_options ));
1220
1221 if (paccess_mask) {
1222 *paccess_mask = access_mask;
1223 }
1224 if (pshare_mode) {
1225 *pshare_mode = share_mode;
1226 }
1227 if (pcreate_disposition) {
1228 *pcreate_disposition = create_disposition;
1229 }
1230 if (pcreate_options) {
1231 *pcreate_options = create_options;
1232 }
1233
1234 return True;
1235
1236 }
1237
1238 static void schedule_defer_open(struct share_mode_lock *lck,
1239 struct timeval request_time,
1240 struct smb_request *req)
1241 {
1242 struct deferred_open_record state;
1243
1244 /* This is a relative time, added to the absolute
1245 request_time value to get the absolute timeout time.
1246 Note that if this is the second or greater time we enter
1247 this codepath for this particular request mid then
1248 request_time is left as the absolute time of the *first*
1249 time this request mid was processed. This is what allows
1250 the request to eventually time out. */
1251
1252 struct timeval timeout;
1253
1254 /* Normally the smbd we asked should respond within
1255 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1256 * the client did, give twice the timeout as a safety
1257 * measure here in case the other smbd is stuck
1258 * somewhere else. */
1259
1260 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1261
1262 /* Nothing actually uses state.delayed_for_oplocks
1263 but it's handy to differentiate in debug messages
1264 between a 30 second delay due to oplock break, and
1265 a 1 second delay for share mode conflicts. */
1266
1267 state.delayed_for_oplocks = True;
1268 state.id = lck->id;
1269
1270 if (!request_timed_out(request_time, timeout)) {
1271 defer_open(lck, request_time, timeout, req, &state);
1272 }
1273 }
1274
1275 /****************************************************************************
1276 Work out what access_mask to use from what the client sent us.
1277 ****************************************************************************/
1278
1279 static NTSTATUS calculate_access_mask(connection_struct *conn,
1280 const char *fname,
1281 bool file_existed,
1282 uint32_t access_mask,
1283 uint32_t *access_mask_out)
1284 {
1285 NTSTATUS status;
1286
1287 /*
1288 * Convert GENERIC bits to specific bits.
1289 */
1290
1291 se_map_generic(&access_mask, &file_generic_mapping);
1292
1293 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1294 if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1295 if (file_existed) {
1296
1297 struct security_descriptor *sd;
1298 uint32_t access_granted = 0;
1299
1300 status = SMB_VFS_GET_NT_ACL(conn, fname,
1301 (OWNER_SECURITY_INFORMATION |
1302 GROUP_SECURITY_INFORMATION |
1303 DACL_SECURITY_INFORMATION),&sd);
1304
1305 if (!NT_STATUS_IS_OK(status)) {
1306 DEBUG(10, ("calculate_access_mask: Could not get acl "
1307 "on file %s: %s\n",
1308 fname,
1309 nt_errstr(status)));
1310 return NT_STATUS_ACCESS_DENIED;
1311 }
1312
1313 status = smb1_file_se_access_check(sd,
1314 conn->server_info->ptok,
1315 access_mask,
1316 &access_granted);
1317
1318 TALLOC_FREE(sd);
1319
1320 if (!NT_STATUS_IS_OK(status)) {
1321 DEBUG(10, ("calculate_access_mask: Access denied on "
1322 "file %s: when calculating maximum access\n",
1323 fname));
1324 return NT_STATUS_ACCESS_DENIED;
1325 }
1326
1327 access_mask = access_granted;
1328 } else {
1329 access_mask = FILE_GENERIC_ALL;
1330 }
1331 }
1332
1333 *access_mask_out = access_mask;
1334 return NT_STATUS_OK;
1335 }
1336
1337 /****************************************************************************
1338 Open a file with a share mode. Passed in an already created files_struct *.
1339 ****************************************************************************/
1340
1341 static NTSTATUS open_file_ntcreate_internal(connection_struct *conn,
1342 struct smb_request *req,
1343 const char *fname,
1344 SMB_STRUCT_STAT *psbuf,
1345 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1346 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1347 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1348 uint32 create_options, /* options such as delete on close. */
1349 uint32 new_dos_attributes, /* attributes used for new file. */
1350 int oplock_request, /* internal Samba oplock codes. */
1351 /* Information (FILE_EXISTS etc.) */
1352 int *pinfo,
1353 files_struct *fsp)
1354 {
1355 int flags=0;
1356 int flags2=0;
1357 bool file_existed = VALID_STAT(*psbuf);
1358 bool def_acl = False;
1359 bool posix_open = False;
1360 bool new_file_created = False;
1361 bool clear_ads = false;
1362 struct file_id id;
1363 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1364 mode_t new_unx_mode = (mode_t)0;
1365 mode_t unx_mode = (mode_t)0;
1366 int info;
1367 uint32 existing_dos_attributes = 0;
1368 struct pending_message_list *pml = NULL;
1369 struct timeval request_time = timeval_zero();
1370 struct share_mode_lock *lck = NULL;
1371 uint32 open_access_mask = access_mask;
1372 NTSTATUS status;
1373 int ret_flock;
1374 char *parent_dir;
1375 const char *newname;
1376
1377 ZERO_STRUCT(id);
1378
1379 if (conn->printer) {
1380 /*
1381 * Printers are handled completely differently.
1382 * Most of the passed parameters are ignored.
1383 */
1384
1385 if (pinfo) {
1386 *pinfo = FILE_WAS_CREATED;
1387 }
1388
1389 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1390
1391 return print_fsp_open(conn, fname, req->vuid, fsp, psbuf);
1392 }
1393
1394 if (!parent_dirname_talloc(talloc_tos(), fname, &parent_dir,
1395 &newname)) {
1396 return NT_STATUS_NO_MEMORY;
1397 }
1398
1399 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1400 posix_open = True;
1401 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1402 new_dos_attributes = 0;
1403 } else {
1404 /* We add aARCH to this as this mode is only used if the file is
1405 * created new. */
1406 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1407 parent_dir);
1408 }
1409
1410 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1411 "access_mask=0x%x share_access=0x%x "
1412 "create_disposition = 0x%x create_options=0x%x "
1413 "unix mode=0%o oplock_request=%d\n",
1414 fname, new_dos_attributes, access_mask, share_access,
1415 create_disposition, create_options, (unsigned int)unx_mode,
1416 oplock_request));
1417
1418 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1419 DEBUG(0, ("No smb request but not an internal only open!\n"));
1420 return NT_STATUS_INTERNAL_ERROR;
1421 }
1422
1423 /*
1424 * Only non-internal opens can be deferred at all
1425 */
1426
1427 if ((req != NULL)
1428 && ((pml = get_open_deferred_message(req->mid)) != NULL)) {
1429 struct deferred_open_record *state =
1430 (struct deferred_open_record *)pml->private_data.data;
1431
1432 /* Remember the absolute time of the original
1433 request with this mid. We'll use it later to
1434 see if this has timed out. */
1435
1436 request_time = pml->request_time;
1437
1438 /* Remove the deferred open entry under lock. */
1439 lck = get_share_mode_lock(talloc_tos(), state->id, NULL, NULL,
1440 NULL);
1441 if (lck == NULL) {
1442 DEBUG(0, ("could not get share mode lock\n"));
1443 } else {
1444 del_deferred_open_entry(lck, req->mid);
1445 TALLOC_FREE(lck);
1446 }
1447
1448 /* Ensure we don't reprocess this message. */
1449 remove_deferred_open_smb_message(req->mid);
1450 }
1451
1452 status = check_name(conn, fname);
1453 if (!NT_STATUS_IS_OK(status)) {
1454 return status;
1455 }
1456
1457 if (!posix_open) {
1458 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1459 if (file_existed) {
1460 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1461 }
1462 }
1463
1464 /* ignore any oplock requests if oplocks are disabled */
1465 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1466 IS_VETO_OPLOCK_PATH(conn, fname)) {
1467 /* Mask off everything except the private Samba bits. */
1468 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1469 }
1470
1471 /* this is for OS/2 long file names - say we don't support them */
1472 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1473 /* OS/2 Workplace shell fix may be main code stream in a later
1474 * release. */
1475 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1476 "supported.\n"));
1477 if (use_nt_status()) {
1478 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1479 }
1480 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1481 }
1482
1483 switch( create_disposition ) {
1484 /*
1485 * Currently we're using FILE_SUPERSEDE as the same as
1486 * FILE_OVERWRITE_IF but they really are
1487 * different. FILE_SUPERSEDE deletes an existing file
1488 * (requiring delete access) then recreates it.
1489 */
1490 case FILE_SUPERSEDE:
1491 /* If file exists replace/overwrite. If file doesn't
1492 * exist create. */
1493 flags2 |= (O_CREAT | O_TRUNC);
1494 clear_ads = true;
1495 break;
1496
1497 case FILE_OVERWRITE_IF:
1498 /* If file exists replace/overwrite. If file doesn't
1499 * exist create. */
1500 flags2 |= (O_CREAT | O_TRUNC);
1501 clear_ads = true;
1502 break;
1503
1504 case FILE_OPEN:
1505 /* If file exists open. If file doesn't exist error. */
1506 if (!file_existed) {
1507 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1508 "requested for file %s and file "
1509 "doesn't exist.\n", fname ));
1510 errno = ENOENT;
1511 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1512 }
1513 break;
1514
1515 case FILE_OVERWRITE:
1516 /* If file exists overwrite. If file doesn't exist
1517 * error. */
1518 if (!file_existed) {
1519 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1520 "requested for file %s and file "
1521 "doesn't exist.\n", fname ));
1522 errno = ENOENT;
1523 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1524 }
1525 flags2 |= O_TRUNC;
1526 clear_ads = true;
1527 break;
1528
1529 case FILE_CREATE:
1530 /* If file exists error. If file doesn't exist
1531 * create. */
1532 if (file_existed) {
1533 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1534 "requested for file %s and file "
1535 "already exists.\n", fname ));
1536 if (S_ISDIR(psbuf->st_mode)) {
1537 errno = EISDIR;
1538 } else {
1539 errno = EEXIST;
1540 }
1541 return map_nt_error_from_unix(errno);
1542 }
1543 flags2 |= (O_CREAT|O_EXCL);
1544 break;
1545
1546 case FILE_OPEN_IF:
1547 /* If file exists open. If file doesn't exist
1548 * create. */
1549 flags2 |= O_CREAT;
1550 break;
1551
1552 default:
1553 return NT_STATUS_INVALID_PARAMETER;
1554 }
1555
1556 /* We only care about matching attributes on file exists and
1557 * overwrite. */
1558
1559 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1560 (create_disposition == FILE_OVERWRITE_IF))) {
1561 if (!open_match_attributes(conn, fname,
1562 existing_dos_attributes,
1563 new_dos_attributes, psbuf->st_mode,
1564 unx_mode, &new_unx_mode)) {
1565 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1566 "for file %s (%x %x) (0%o, 0%o)\n",
1567 fname, existing_dos_attributes,
1568 new_dos_attributes,
1569 (unsigned int)psbuf->st_mode,
1570 (unsigned int)unx_mode ));
1571 errno = EACCES;
1572 return NT_STATUS_ACCESS_DENIED;
1573 }
1574 }
1575
1576 status = calculate_access_mask(conn, fname, file_existed,
1577 access_mask,
1578 &access_mask);
1579 if (!NT_STATUS_IS_OK(status)) {
1580 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1581 "on file %s returned %s\n",
1582 fname,
1583 nt_errstr(status)));
1584 return status;
1585 }
1586
1587 open_access_mask = access_mask;
1588
1589 if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1590 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1591 }
1592
1593 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1594 "access_mask=0x%x\n", fname, access_mask ));
1595
1596 /*
1597 * Note that we ignore the append flag as append does not
1598 * mean the same thing under DOS and Unix.
1599 */
1600
1601 if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1602 (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1603 /* DENY_DOS opens are always underlying read-write on the
1604 file handle, no matter what the requested access mask
1605 says. */
1606 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1607 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1608 flags = O_RDWR;
1609 } else {
1610 flags = O_WRONLY;
1611 }
1612 } else {
1613 flags = O_RDONLY;
1614 }
1615
1616 /*
1617 * Currently we only look at FILE_WRITE_THROUGH for create options.
1618 */
1619
1620 #if defined(O_SYNC)
1621 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1622 flags2 |= O_SYNC;
1623 }
1624 #endif /* O_SYNC */
1625
1626 if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1627 flags2 |= O_APPEND;
1628 }
1629
1630 if (!posix_open && !CAN_WRITE(conn)) {
1631 /*
1632 * We should really return a permission denied error if either
1633 * O_CREAT or O_TRUNC are set, but for compatibility with
1634 * older versions of Samba we just AND them out.
1635 */
1636 flags2 &= ~(O_CREAT|O_TRUNC);
1637 }
1638
1639 /*
1640 * Ensure we can't write on a read-only share or file.
1641 */
1642
1643 if (flags != O_RDONLY && file_existed &&
1644 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1645 DEBUG(5,("open_file_ntcreate: write access requested for "
1646 "file %s on read only %s\n",
1647 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1648 errno = EACCES;
1649 return NT_STATUS_ACCESS_DENIED;
1650 }
1651
1652 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
1653 fsp->share_access = share_access;
1654 fsp->fh->private_options = create_options;
1655 fsp->access_mask = open_access_mask; /* We change this to the
1656 * requested access_mask after
1657 * the open is done. */
1658 fsp->posix_open = posix_open;
1659
1660 /* Ensure no SAMBA_PRIVATE bits can be set. */
1661 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1662
1663 if (timeval_is_zero(&request_time)) {
1664 request_time = fsp->open_time;
1665 }
1666
1667 if (file_existed) {
1668 struct timespec old_write_time = get_mtimespec(psbuf);
1669 id = vfs_file_id_from_sbuf(conn, psbuf);
1670
1671 lck = get_share_mode_lock(talloc_tos(), id,
1672 conn->connectpath,
1673 fname, &old_write_time);
1674
1675 if (lck == NULL) {
1676 DEBUG(0, ("Could not get share mode lock\n"));
1677 return NT_STATUS_SHARING_VIOLATION;
1678 }
1679
1680 /* First pass - send break only on batch oplocks. */
1681 if ((req != NULL)
1682 && delay_for_oplocks(lck, fsp, req->mid, 1,
1683 oplock_request)) {
1684 schedule_defer_open(lck, request_time, req);
1685 TALLOC_FREE(lck);
1686 return NT_STATUS_SHARING_VIOLATION;
1687 }
1688
1689 /* Use the client requested access mask here, not the one we
1690 * open with. */
1691 status = open_mode_check(conn, fname, lck,
1692 access_mask, share_access,
1693 create_options, &file_existed);
1694
1695 if (NT_STATUS_IS_OK(status)) {
1696 /* We might be going to allow this open. Check oplock
1697 * status again. */
1698 /* Second pass - send break for both batch or
1699 * exclusive oplocks. */
1700 if ((req != NULL)
1701 && delay_for_oplocks(lck, fsp, req->mid, 2,
1702 oplock_request)) {
1703 schedule_defer_open(lck, request_time, req);
1704 TALLOC_FREE(lck);
1705 return NT_STATUS_SHARING_VIOLATION;
1706 }
1707 }
1708
1709 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1710 /* DELETE_PENDING is not deferred for a second */
1711 TALLOC_FREE(lck);
1712 return status;
1713 }
1714
1715 if (!NT_STATUS_IS_OK(status)) {
1716 uint32 can_access_mask;
1717 bool can_access = True;
1718
1719 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1720
1721 /* Check if this can be done with the deny_dos and fcb
1722 * calls. */
1723 if (create_options &
1724 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1725 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1726 if (req == NULL) {
1727 DEBUG(0, ("DOS open without an SMB "
1728 "request!\n"));
1729 TALLOC_FREE(lck);
1730 return NT_STATUS_INTERNAL_ERROR;
1731 }
1732
1733 /* Use the client requested access mask here,
1734 * not the one we open with. */
1735 status = fcb_or_dos_open(conn,
1736 fsp,
1737 fname,
1738 id,
1739 req->smbpid,
1740 req->vuid,
1741 access_mask,
1742 share_access,
1743 create_options);
1744
1745 if (NT_STATUS_IS_OK(status)) {
1746 TALLOC_FREE(lck);
1747 if (pinfo) {
1748 *pinfo = FILE_WAS_OPENED;
1749 }
1750 return NT_STATUS_OK;
1751 }
1752 }
1753
1754 /*
1755 * This next line is a subtlety we need for
1756 * MS-Access. If a file open will fail due to share
1757 * permissions and also for security (access) reasons,
1758 * we need to return the access failed error, not the
1759 * share error. We can't open the file due to kernel
1760 * oplock deadlock (it's possible we failed above on
1761 * the open_mode_check()) so use a userspace check.
1762 */
1763
1764 if (flags & O_RDWR) {
1765 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1766 } else if (flags & O_WRONLY) {
1767 can_access_mask = FILE_WRITE_DATA;
1768 } else {
1769 can_access_mask = FILE_READ_DATA;
1770 }
1771
1772 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1773 !can_access_file_data(conn,fname,psbuf,can_access_mask)) {
1774 can_access = False;
1775 }
1776
1777 /*
1778 * If we're returning a share violation, ensure we
1779 * cope with the braindead 1 second delay.
1780 */
1781
1782 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1783 lp_defer_sharing_violations()) {
1784 struct timeval timeout;
1785 struct deferred_open_record state;
1786 int timeout_usecs;
1787
1788 /* this is a hack to speed up torture tests
1789 in 'make test' */
1790 timeout_usecs = lp_parm_int(SNUM(conn),
1791 "smbd","sharedelay",
1792 SHARING_VIOLATION_USEC_WAIT);
1793
1794 /* This is a relative time, added to the absolute
1795 request_time value to get the absolute timeout time.
1796 Note that if this is the second or greater time we enter
1797 this codepath for this particular request mid then
1798 request_time is left as the absolute time of the *first*
1799 time this request mid was processed. This is what allows
1800 the request to eventually time out. */
1801
1802 timeout = timeval_set(0, timeout_usecs);
1803
1804 /* Nothing actually uses state.delayed_for_oplocks
1805 but it's handy to differentiate in debug messages
1806 between a 30 second delay due to oplock break, and
1807 a 1 second delay for share mode conflicts. */
1808
1809 state.delayed_for_oplocks = False;
1810 state.id = id;
1811
1812 if ((req != NULL)
1813 && !request_timed_out(request_time,
1814 timeout)) {
1815 defer_open(lck, request_time, timeout,
1816 req, &state);
1817 }
1818 }
1819
1820 TALLOC_FREE(lck);
1821 if (can_access) {
1822 /*
1823 * We have detected a sharing violation here
1824 * so return the correct error code
1825 */
1826 status = NT_STATUS_SHARING_VIOLATION;
1827 } else {
1828 status = NT_STATUS_ACCESS_DENIED;
1829 }
1830 return status;
1831 }
1832
1833 /*
1834 * We exit this block with the share entry *locked*.....
1835 */
1836 }
1837
1838 SMB_ASSERT(!file_existed || (lck != NULL));
1839
1840 /*
1841 * Ensure we pay attention to default ACLs on directories if required.
1842 */
1843
1844 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1845 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1846 unx_mode = 0777;
1847 }
1848
1849 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1850 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1851 (unsigned int)flags, (unsigned int)flags2,
1852 (unsigned int)unx_mode, (unsigned int)access_mask,
1853 (unsigned int)open_access_mask));
1854
1855 /*
1856 * open_file strips any O_TRUNC flags itself.
1857 */
1858
1859 fsp_open = open_file(fsp, conn, req, parent_dir, newname, fname, psbuf,
1860 flags|flags2, unx_mode, access_mask,
1861 open_access_mask);
1862
1863 if (!NT_STATUS_IS_OK(fsp_open)) {
1864 if (lck != NULL) {
1865 TALLOC_FREE(lck);
1866 }
1867 return fsp_open;
1868 }
1869
1870 if (!file_existed) {
1871 struct timespec old_write_time = get_mtimespec(psbuf);
1872 /*
1873 * Deal with the race condition where two smbd's detect the
1874 * file doesn't exist and do the create at the same time. One
1875 * of them will win and set a share mode, the other (ie. this
1876 * one) should check if the requested share mode for this
1877 * create is allowed.
1878 */
1879
1880 /*
1881 * Now the file exists and fsp is successfully opened,
1882 * fsp->dev and fsp->inode are valid and should replace the
1883 * dev=0,inode=0 from a non existent file. Spotted by
1884 * Nadav Danieli <nadavd@exanet.com>. JRA.
1885 */
1886
1887 id = fsp->file_id;
1888
1889 lck = get_share_mode_lock(talloc_tos(), id,
1890 conn->connectpath,
1891 fname, &old_write_time);
1892
1893 if (lck == NULL) {
1894 DEBUG(0, ("open_file_ntcreate: Could not get share "
1895 "mode lock for %s\n", fname));
1896 fd_close(fsp);
1897 return NT_STATUS_SHARING_VIOLATION;
1898 }
1899
1900 /* First pass - send break only on batch oplocks. */
1901 if ((req != NULL)
1902 && delay_for_oplocks(lck, fsp, req->mid, 1,
1903 oplock_request)) {
1904 schedule_defer_open(lck, request_time, req);
1905 TALLOC_FREE(lck);
1906 fd_close(fsp);
1907 return NT_STATUS_SHARING_VIOLATION;
1908 }
1909
1910 status = open_mode_check(conn, fname, lck,
1911 access_mask, share_access,
1912 create_options, &file_existed);
1913
1914 if (NT_STATUS_IS_OK(status)) {
1915 /* We might be going to allow this open. Check oplock
1916 * status again. */
1917 /* Second pass - send break for both batch or
1918 * exclusive oplocks. */
1919 if ((req != NULL)
1920 && delay_for_oplocks(lck, fsp, req->mid, 2,
1921 oplock_request)) {
1922 schedule_defer_open(lck, request_time, req);
1923 TALLOC_FREE(lck);
1924 fd_close(fsp);
1925 return NT_STATUS_SHARING_VIOLATION;
1926 }
1927 }
1928
1929 if (!NT_STATUS_IS_OK(status)) {
1930 struct deferred_open_record state;
1931
1932 fd_close(fsp);
1933
1934 state.delayed_for_oplocks = False;
1935 state.id = id;
1936
1937 /* Do it all over again immediately. In the second
1938 * round we will find that the file existed and handle
1939 * the DELETE_PENDING and FCB cases correctly. No need
1940 * to duplicate the code here. Essentially this is a
1941 * "goto top of this function", but don't tell
1942 * anybody... */
1943
1944 if (req != NULL) {
1945 defer_open(lck, request_time, timeval_zero(),
1946 req, &state);
1947 }
1948 TALLOC_FREE(lck);
1949 return status;
1950 }
1951
1952 /*
1953 * We exit this block with the share entry *locked*.....
1954 */
1955
1956 }
1957
1958 SMB_ASSERT(lck != NULL);
1959
1960 /* Delete streams if create_disposition requires it */
1961 if (file_existed && clear_ads && !is_ntfs_stream_name(fname)) {
1962 status = delete_all_streams(conn, fname);
1963 if (!NT_STATUS_IS_OK(status)) {
1964 TALLOC_FREE(lck);
1965 fd_close(fsp);
1966 return status;
1967 }
1968 }
1969
1970 /* note that we ignore failure for the following. It is
1971 basically a hack for NFS, and NFS will never set one of
1972 these only read them. Nobody but Samba can ever set a deny
1973 mode and we have already checked our more authoritative
1974 locking database for permission to set this deny mode. If
1975 the kernel refuses the operations then the kernel is wrong.
1976 note that GPFS supports it as well - jmcd */
1977
1978 if (fsp->fh->fd != -1) {
1979 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access);
1980 if(ret_flock == -1 ){
1981
1982 TALLOC_FREE(lck);
1983 fd_close(fsp);
1984
1985 return NT_STATUS_SHARING_VIOLATION;
1986 }
1987 }
1988
1989 /*
1990 * At this point onwards, we can guarentee that the share entry
1991 * is locked, whether we created the file or not, and that the
1992 * deny mode is compatible with all current opens.
1993 */
1994
1995 /*
1996 * If requested, truncate the file.
1997 */
1998
1999 if (flags2&O_TRUNC) {
2000 /*
2001 * We are modifing the file after open - update the stat
2002 * struct..
2003 */
2004 if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2005 (SMB_VFS_FSTAT(fsp, psbuf)==-1)) {
2006 status = map_nt_error_from_unix(errno);
2007 TALLOC_FREE(lck);
2008 fd_close(fsp);
2009 return status;
2010 }
2011 }
2012
2013 /* Record the options we were opened with. */
2014 fsp->share_access = share_access;
2015 fsp->fh->private_options = create_options;
2016 /*
2017 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2018 */
2019 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2020
2021 if (file_existed) {
2022 /* stat opens on existing files don't get oplocks. */
2023 if (is_stat_open(open_access_mask)) {
2024 fsp->oplock_type = NO_OPLOCK;
2025 }
2026
2027 if (!(flags2 & O_TRUNC)) {
2028 info = FILE_WAS_OPENED;
2029 } else {
2030 info = FILE_WAS_OVERWRITTEN;
2031 }
2032 } else {
2033 info = FILE_WAS_CREATED;
2034 }
2035
2036 if (pinfo) {
2037 *pinfo = info;
2038 }
2039
2040 /*
2041 * Setup the oplock info in both the shared memory and
2042 * file structs.
2043 */
2044
2045 if (!set_file_oplock(fsp, fsp->oplock_type)) {
2046 /* Could not get the kernel oplock */
2047 fsp->oplock_type = NO_OPLOCK;
2048 }
2049
2050 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2051 new_file_created = True;
2052 }
2053
2054 set_share_mode(lck, fsp, conn->server_info->utok.uid, 0,
2055 fsp->oplock_type);
2056
2057 /* Handle strange delete on close create semantics. */
2058 if (create_options & FILE_DELETE_ON_CLOSE) {
2059
2060 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
2061
2062 if (!NT_STATUS_IS_OK(status)) {
2063 /* Remember to delete the mode we just added. */
2064 del_share_mode(lck, fsp);
2065 TALLOC_FREE(lck);
2066 fd_close(fsp);
2067 return status;
2068 }
2069 /* Note that here we set the *inital* delete on close flag,
2070 not the regular one. The magic gets handled in close. */
2071 fsp->initial_delete_on_close = True;
2072 }
2073
2074 if (new_file_created) {
2075 /* Files should be initially set as archive */
2076 if (lp_map_archive(SNUM(conn)) ||
2077 lp_store_dos_attributes(SNUM(conn))) {
2078 if (!posix_open) {
2079 SMB_STRUCT_STAT tmp_sbuf;
2080 SET_STAT_INVALID(tmp_sbuf);
2081 if (file_set_dosmode(
2082 conn, fname,
2083 new_dos_attributes | aARCH,
2084 &tmp_sbuf, parent_dir,
2085 true) == 0) {
2086 unx_mode = tmp_sbuf.st_mode;
2087 }
2088 }
2089 }
2090 }
2091
2092 /*
2093 * Take care of inherited ACLs on created files - if default ACL not
2094 * selected.
2095 */
2096
2097 if (!posix_open && !file_existed && !def_acl) {
2098
2099 int saved_errno = errno; /* We might get ENOSYS in the next
2100 * call.. */
2101
2102 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2103 errno == ENOSYS) {
2104 errno = saved_errno; /* Ignore ENOSYS */
2105 }
2106
2107 } else if (new_unx_mode) {
2108
2109 int ret = -1;
2110
2111 /* Attributes need changing. File already existed. */
2112
2113 {
2114 int saved_errno = errno; /* We might get ENOSYS in the
2115 * next call.. */
2116 ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2117
2118 if (ret == -1 && errno == ENOSYS) {
2119 errno = saved_errno; /* Ignore ENOSYS */
2120 } else {
2121 DEBUG(5, ("open_file_ntcreate: reset "
2122 "attributes of file %s to 0%o\n",
2123 fname, (unsigned int)new_unx_mode));
2124 ret = 0; /* Don't do the fchmod below. */
2125 }
2126 }
2127
2128 if ((ret == -1) &&
2129 (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2130 DEBUG(5, ("open_file_ntcreate: failed to reset "
2131 "attributes of file %s to 0%o\n",
2132 fname, (unsigned int)new_unx_mode));
2133 }
2134
2135 /* If this is a successful open, we must remove any deferred open
2136 * records. */
2137 if (req != NULL) {
2138 del_deferred_open_entry(lck, req->mid);
2139 }
2140 TALLOC_FREE(lck);
2141
2142 return NT_STATUS_OK;
2143 }
2144
2145 /****************************************************************************
2146 Open a file with a share mode.
2147 ****************************************************************************/
2148
2149 NTSTATUS open_file_ntcreate(connection_struct *conn,
2150 struct smb_request *req,
2151 const char *fname,
2152 SMB_STRUCT_STAT *psbuf,
2153 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
2154 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
2155 uint32 create_disposition, /* FILE_OPEN_IF etc. */
2156 uint32 create_options, /* options such as delete on close. */
2157 uint32 new_dos_attributes, /* attributes used for new file. */
2158 int oplock_request, /* internal Samba oplock codes. */
2159 /* Information (FILE_EXISTS etc.) */
2160 int *pinfo,
2161 files_struct **result)
2162 {
2163 NTSTATUS status;
2164 files_struct *fsp = NULL;
2165
2166 *result = NULL;
2167
2168 status = file_new(conn, &fsp);
2169 if(!NT_STATUS_IS_OK(status)) {
2170 return status;
2171 }
2172
2173 status = open_file_ntcreate_internal(conn,
2174 req,
2175 fname,
2176 psbuf,
2177 access_mask,
2178 share_access,
2179 create_disposition,
2180 create_options,
2181 new_dos_attributes,
2182 oplock_request,
2183 pinfo,
2184 fsp);
2185
2186 if(!NT_STATUS_IS_OK(status)) {
2187 file_free(fsp);
2188 return status;
2189 }
2190
2191 *result = fsp;
2192 return status;
2193 }
2194
2195 /****************************************************************************
2196 Open a file for for write to ensure that we can fchmod it.
2197 ****************************************************************************/
2198
2199 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
2200 SMB_STRUCT_STAT *psbuf, files_struct **result)
2201 {
2202 files_struct *fsp = NULL;
2203 NTSTATUS status;
2204
2205 if (!VALID_STAT(*psbuf)) {
2206 return NT_STATUS_INVALID_PARAMETER;
2207 }
2208
2209 status = file_new(conn, &fsp);
2210 if(!NT_STATUS_IS_OK(status)) {
2211 return status;
2212 }
2213
2214 /* note! we must use a non-zero desired access or we don't get
2215 a real file descriptor. Oh what a twisted web we weave. */
2216 status = open_file(fsp, conn, NULL, NULL, NULL, fname, psbuf, O_WRONLY,
2217 0, FILE_WRITE_DATA, FILE_WRITE_DATA);
2218
2219 /*
2220 * This is not a user visible file open.
2221 * Don't set a share mode.
2222 */
2223
2224 if (!NT_STATUS_IS_OK(status)) {
2225 file_free(fsp);
2226 return status;
2227 }
2228
2229 *result = fsp;
2230 return NT_STATUS_OK;
2231 }
2232
2233 /****************************************************************************
2234 Close the fchmod file fd - ensure no locks are lost.
2235 ****************************************************************************/
2236
2237 NTSTATUS close_file_fchmod(files_struct *fsp)
2238 {
2239 NTSTATUS status = fd_close(fsp);
2240 file_free(fsp);
2241 return status;
2242 }
2243
2244 static NTSTATUS mkdir_internal(connection_struct *conn,
2245 const char *name,
2246 uint32 file_attributes,
2247 SMB_STRUCT_STAT *psbuf)
2248 {
2249 mode_t mode;
2250 char *parent_dir;
2251 const char *dirname;
2252 NTSTATUS status;
2253 bool posix_open = false;
2254
2255 if(!CAN_WRITE(conn)) {
2256 DEBUG(5,("mkdir_internal: failing create on read-only share "
2257 "%s\n", lp_servicename(SNUM(conn))));
2258 return NT_STATUS_ACCESS_DENIED;
2259 }
2260
2261 status = check_name(conn, name);
2262 if (!NT_STATUS_IS_OK(status)) {
2263 return status;
2264 }
2265
2266 if (!parent_dirname_talloc(talloc_tos(), name, &parent_dir,
2267 &dirname)) {
2268 return NT_STATUS_NO_MEMORY;
2269 }
2270
2271 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2272 posix_open = true;
2273 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2274 } else {
2275 mode = unix_mode(conn, aDIR, name, parent_dir);
2276 }
2277
2278 if (SMB_VFS_MKDIR(conn, name, mode) != 0) {
2279 return map_nt_error_from_unix(errno);
2280 }
2281
2282 /* Ensure we're checking for a symlink here.... */
2283 /* We don't want to get caught by a symlink racer. */
2284
2285 if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
2286 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2287 name, strerror(errno)));
2288 return map_nt_error_from_unix(errno);
2289 }
2290
2291 if (!S_ISDIR(psbuf->st_mode)) {
2292 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2293 name));
2294 return NT_STATUS_ACCESS_DENIED;
2295 }
2296
2297 if (lp_store_dos_attributes(SNUM(conn))) {
2298 if (!posix_open) {
2299 file_set_dosmode(conn, name,
2300 file_attributes | aDIR, NULL,
2301 parent_dir,
2302 true);
2303 }
2304 }
2305
2306 if (lp_inherit_perms(SNUM(conn))) {
2307 inherit_access_posix_acl(conn, parent_dir, name, mode);
2308 }
2309
2310 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
2311 /*
2312 * Check if high bits should have been set,
2313 * then (if bits are missing): add them.
2314 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2315 * dir.
2316 */
2317 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
2318 SMB_VFS_CHMOD(conn, name,
2319 psbuf->st_mode | (mode & ~psbuf->st_mode));
2320 }
2321 }
2322
2323 /* Change the owner if required. */
2324 if (lp_inherit_owner(SNUM(conn))) {
2325 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
2326 }
2327
2328 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2329 name);
2330
2331 return NT_STATUS_OK;
2332 }
2333
2334 /****************************************************************************
2335 Open a directory from an NT SMB call.
2336 ****************************************************************************/
2337
2338 NTSTATUS open_directory(connection_struct *conn,
2339 struct smb_request *req,
2340 const char *fname,
2341 SMB_STRUCT_STAT *psbuf,
2342 uint32 access_mask,
2343 uint32 share_access,
2344 uint32 create_disposition,
2345 uint32 create_options,
2346 uint32 file_attributes,
2347 int *pinfo,
2348 files_struct **result)
2349 {
2350 files_struct *fsp = NULL;
2351 bool dir_existed = VALID_STAT(*psbuf) ? True : False;
2352 struct share_mode_lock *lck = NULL;
2353 NTSTATUS status;
2354 struct timespec mtimespec;
2355 int info = 0;
2356
2357 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2358 "share_access = 0x%x create_options = 0x%x, "
2359 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2360 fname,
2361 (unsigned int)access_mask,
2362 (unsigned int)share_access,
2363 (unsigned int)create_options,
2364 (unsigned int)create_disposition,
2365 (unsigned int)file_attributes));
2366
2367 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2368 (conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2369 is_ntfs_stream_name(fname)) {
2370 DEBUG(2, ("open_directory: %s is a stream name!\n", fname));
2371 return NT_STATUS_NOT_A_DIRECTORY;
2372 }
2373
2374 status = calculate_access_mask(conn, fname, dir_existed,
2375 access_mask,
2376 &access_mask);
2377 if (!NT_STATUS_IS_OK(status)) {
2378 DEBUG(10, ("open_directory: calculate_access_mask "
2379 "on file %s returned %s\n",
2380 fname,
2381 nt_errstr(status)));
2382 return status;
2383 }
2384
2385 switch( create_disposition ) {
2386 case FILE_OPEN:
2387
2388 info = FILE_WAS_OPENED;
2389
2390 /*
2391 * We want to follow symlinks here.
2392 */
2393
2394 if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
2395 return map_nt_error_from_unix(errno);
2396 }
2397
2398 break;
2399
2400 case FILE_CREATE:
2401
2402 /* If directory exists error. If directory doesn't
2403 * exist create. */
2404
2405 status = mkdir_internal(conn,
2406 fname,
2407 file_attributes,
2408 psbuf);
2409
2410 if (!NT_STATUS_IS_OK(status)) {
2411 DEBUG(2, ("open_directory: unable to create "
2412 "%s. Error was %s\n", fname,
2413 nt_errstr(status)));
2414 return status;
2415 }
2416
2417 info = FILE_WAS_CREATED;
2418 break;
2419
2420 case FILE_OPEN_IF:
2421 /*
2422 * If directory exists open. If directory doesn't
2423 * exist create.
2424 */
2425
2426 status = mkdir_internal(conn,
2427 fname,
2428 file_attributes,
2429 psbuf);
2430
2431 if (NT_STATUS_IS_OK(status)) {
2432 info = FILE_WAS_CREATED;
2433 }
2434
2435 if (NT_STATUS_EQUAL(status,
2436 NT_STATUS_OBJECT_NAME_COLLISION)) {
2437 info = FILE_WAS_OPENED;
2438 status = NT_STATUS_OK;
2439 }
2440
2441 break;
2442
2443 case FILE_SUPERSEDE:
2444 case FILE_OVERWRITE:
2445 case FILE_OVERWRITE_IF:
2446 default:
2447 DEBUG(5,("open_directory: invalid create_disposition "
2448 "0x%x for directory %s\n",
2449 (unsigned int)create_disposition, fname));
2450 return NT_STATUS_INVALID_PARAMETER;
2451 }
2452
2453 if(!S_ISDIR(psbuf->st_mode)) {
2454 DEBUG(5,("open_directory: %s is not a directory !\n",
2455 fname ));
2456 return NT_STATUS_NOT_A_DIRECTORY;
2457 }
2458
2459 if (info == FILE_WAS_OPENED) {
2460 uint32_t access_granted = 0;
2461 status = check_open_rights(conn,
2462 fname,
2463 access_mask,
2464 &access_granted);
2465
2466 /* Were we trying to do a directory open
2467 * for delete and didn't get DELETE
2468 * access (only) ? Check if the
2469 * directory allows DELETE_CHILD.
2470 * See here:
2471 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2472 * for details. */
2473
2474 if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2475 (access_mask & DELETE_ACCESS) &&
2476 (access_granted == DELETE_ACCESS) &&
2477 can_delete_file_in_directory(conn, fname))) {
2478 DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2479 "on directory %s\n",
2480 fname ));
2481 status = NT_STATUS_OK;
2482 }
2483
2484 if (!NT_STATUS_IS_OK(status)) {
2485 DEBUG(10, ("open_directory: check_open_rights on "
2486 "file %s failed with %s\n",
2487 fname,
2488 nt_errstr(status)));
2489 return status;
2490 }
2491 }
2492
2493 status = file_new(conn, &fsp);
2494 if(!NT_STATUS_IS_OK(status)) {
2495 return status;
2496 }
2497
2498 /*
2499 * Setup the files_struct for it.
2500 */
2501
2502 fsp->mode = psbuf->st_mode;
2503 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
2504 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2505 fsp->file_pid = req ? req->smbpid : 0;
2506 fsp->can_lock = False;
2507 fsp->can_read = False;
2508 fsp->can_write = False;
2509
2510 fsp->share_access = share_access;
2511 fsp->fh->private_options = create_options;
2512 /*
2513 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2514 */
2515 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2516 fsp->print_file = False;
2517 fsp->modified = False;
2518 fsp->oplock_type = NO_OPLOCK;
2519 fsp->sent_oplock_break = NO_BREAK_SENT;
2520 fsp->is_directory = True;
2521 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2522
2523 string_set(&fsp->fsp_name,fname);
2524
2525 mtimespec = get_mtimespec(psbuf);
2526
2527 lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2528 conn->connectpath,
2529 fname, &mtimespec);
2530
2531 if (lck == NULL) {
2532 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2533 file_free(fsp);
2534 return NT_STATUS_SHARING_VIOLATION;
2535 }
2536
2537 status = open_mode_check(conn, fname, lck,
2538 access_mask, share_access,
2539 create_options, &dir_existed);
2540
2541 if (!NT_STATUS_IS_OK(status)) {
2542 TALLOC_FREE(lck);
2543 file_free(fsp);
2544 return status;
2545 }
2546
2547 set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK);
2548
2549 /* For directories the delete on close bit at open time seems
2550 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2551 if (create_options & FILE_DELETE_ON_CLOSE) {
2552 status = can_set_delete_on_close(fsp, True, 0);
2553 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2554 TALLOC_FREE(lck);
2555 file_free(fsp);
2556 return status;
2557 }
2558
2559 if (NT_STATUS_IS_OK(status)) {
2560 /* Note that here we set the *inital* delete on close flag,
2561 not the regular one. The magic gets handled in close. */
2562 fsp->initial_delete_on_close = True;
2563 }
2564 }
2565
2566 TALLOC_FREE(lck);
2567
2568 if (pinfo) {
2569 *pinfo = info;
2570 }
2571
2572 *result = fsp;
2573 return NT_STATUS_OK;
2574 }
2575
2576 NTSTATUS create_directory(connection_struct *conn, struct smb_request *req, const char *directory)
2577 {
2578 NTSTATUS status;
2579 SMB_STRUCT_STAT sbuf;
2580 files_struct *fsp;
2581
2582 SET_STAT_INVALID(sbuf);
2583
2584 status = open_directory(conn, req, directory, &sbuf,
2585 FILE_READ_ATTRIBUTES, /* Just a stat open */
2586 FILE_SHARE_NONE, /* Ignored for stat opens */
2587 FILE_CREATE,
2588 0,
2589 FILE_ATTRIBUTE_DIRECTORY,
2590 NULL,
2591 &fsp);
2592
2593 if (NT_STATUS_IS_OK(status)) {
2594 close_file(fsp, NORMAL_CLOSE);
2595 }
2596
2597 return status;
2598 }
2599
2600 /****************************************************************************
2601 Receive notification that one of our open files has been renamed by another
2602 smbd process.
2603 ****************************************************************************/
2604
2605 void msg_file_was_renamed(struct messaging_context *msg,
2606 void *private_data,
2607 uint32_t msg_type,
2608 struct server_id server_id,
2609 DATA_BLOB *data)
2610 {
2611 files_struct *fsp;
2612 char *frm = (char *)data->data;
2613 struct file_id id;
2614 const char *sharepath;
2615 const char *newname;
2616 size_t sp_len;
2617
2618 if (data->data == NULL
2619 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2620 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2621 (int)data->length));
2622 return;
2623 }
2624
2625 /* Unpack the message. */
2626 pull_file_id_16(frm, &id);
2627 sharepath = &frm[16];
2628 newname = sharepath + strlen(sharepath) + 1;
2629 sp_len = strlen(sharepath);
2630
2631 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2632 "file_id %s\n",
2633 sharepath, newname, file_id_string_tos(&id)));
2634
2635 for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) {
2636 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2637 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2638 fsp->fnum, fsp->fsp_name, newname ));
2639 string_set(&fsp->fsp_name, newname);
2640 } else {
2641 /* TODO. JRA. */
2642 /* Now we have the complete path we can work out if this is
2643 actually within this share and adjust newname accordingly. */
2644 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2645 "not sharepath %s) "
2646 "fnum %d from %s -> %s\n",
2647 fsp->conn->connectpath,
2648 sharepath,
2649 fsp->fnum,
2650 fsp->fsp_name,
2651 newname ));
2652 }
2653 }
2654 }
2655
2656 struct case_semantics_state {
2657 connection_struct *conn;
2658 bool case_sensitive;
2659 bool case_preserve;
2660 bool short_case_preserve;
2661 };
2662
2663 /****************************************************************************
2664 Restore case semantics.
2665 ****************************************************************************/
2666 static int restore_case_semantics(struct case_semantics_state *state)
2667 {
2668 state->conn->case_sensitive = state->case_sensitive;
2669 state->conn->case_preserve = state->case_preserve;
2670 state->conn->short_case_preserve = state->short_case_preserve;
2671 return 0;
2672 }
2673
2674 /****************************************************************************
2675 Save case semantics.
2676 ****************************************************************************/
2677 static struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx,
2678 connection_struct *conn)
2679 {
2680 struct case_semantics_state *result;
2681
2682 if (!(result = talloc(mem_ctx, struct case_semantics_state))) {
2683 DEBUG(0, ("talloc failed\n"));
2684 return NULL;
2685 }
2686
2687 result->conn = conn;
2688 result->case_sensitive = conn->case_sensitive;
2689 result->case_preserve = conn->case_preserve;
2690 result->short_case_preserve = conn->short_case_preserve;
2691
2692 /* Set to POSIX. */
2693 conn->case_sensitive = True;
2694 conn->case_preserve = True;
2695 conn->short_case_preserve = True;
2696
2697 talloc_set_destructor(result, restore_case_semantics);
2698
2699 return result;
2700 }
2701
2702 /*
2703 * If a main file is opened for delete, all streams need to be checked for
2704 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2705 * If that works, delete them all by setting the delete on close and close.
2706 */
2707
2708 static NTSTATUS open_streams_for_delete(connection_struct *conn,
2709 const char *fname)
2710 {
2711 struct stream_struct *stream_info;
2712 files_struct **streams;
2713 int i;
2714 unsigned int num_streams;
2715 TALLOC_CTX *frame = talloc_stackframe();
2716 NTSTATUS status;
2717
2718 status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2719 &num_streams, &stream_info);
2720
2721 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2722 || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2723 DEBUG(10, ("no streams around\n"));
2724 TALLOC_FREE(frame);
2725 return NT_STATUS_OK;
2726 }
2727
2728 if (!NT_STATUS_IS_OK(status)) {
2729 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2730 nt_errstr(status)));
2731 goto fail;
2732 }
2733
2734 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2735 num_streams));
2736
2737 if (num_streams == 0) {
2738 TALLOC_FREE(frame);
2739 return NT_STATUS_OK;
2740 }
2741
2742 streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2743 if (streams == NULL) {
2744 DEBUG(0, ("talloc failed\n"));
2745 status = NT_STATUS_NO_MEMORY;
2746 goto fail;
2747 }
2748
2749 for (i=0; i<num_streams; i++) {
2750 char *streamname;
2751
2752 if (strequal(stream_info[i].name, "::$DATA")) {
2753 streams[i] = NULL;
2754 continue;
2755 }
2756
2757 streamname = talloc_asprintf(talloc_tos(), "%s%s", fname,
2758 stream_info[i].name);
2759
2760 if (streamname == NULL) {
2761 DEBUG(0, ("talloc_aprintf failed\n"));
2762 status = NT_STATUS_NO_MEMORY;
2763 goto fail;
2764 }
2765
2766 status = create_file_unixpath
2767 (conn, /* conn */
2768 NULL, /* req */
2769 streamname, /* fname */
2770 DELETE_ACCESS, /* access_mask */
2771 FILE_SHARE_READ | FILE_SHARE_WRITE
2772 | FILE_SHARE_DELETE, /* share_access */
2773 FILE_OPEN, /* create_disposition*/
2774 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* create_options */
2775 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2776 0, /* oplock_request */
2777 0, /* allocation_size */
2778 NULL, /* sd */
2779 NULL, /* ea_list */
2780 &streams[i], /* result */
2781 NULL, /* pinfo */
2782 NULL); /* psbuf */
2783
2784 TALLOC_FREE(streamname);
2785
2786 if (!NT_STATUS_IS_OK(status)) {
2787 DEBUG(10, ("Could not open stream %s: %s\n",
2788 streamname, nt_errstr(status)));
2789 break;
2790 }
2791 }
2792
2793 /*
2794 * don't touch the variable "status" beyond this point :-)
2795 */
2796
2797 for (i -= 1 ; i >= 0; i--) {
2798 if (streams[i] == NULL) {
2799 continue;
2800 }
2801
2802 DEBUG(10, ("Closing stream # %d, %s\n", i,
2803 streams[i]->fsp_name));
2804 close_file(streams[i], NORMAL_CLOSE);
2805 }
2806
2807 fail:
2808 TALLOC_FREE(frame);
2809 return status;
2810 }
2811
2812 /*
2813 * Wrapper around open_file_ntcreate and open_directory
2814 */
2815
2816 NTSTATUS create_file_unixpath(connection_struct *conn,
2817 struct smb_request *req,
2818 const char *fname,
2819 uint32_t access_mask,
2820 uint32_t share_access,
2821 uint32_t create_disposition,
2822 uint32_t create_options,
2823 uint32_t file_attributes,
2824 uint32_t oplock_request,
2825 SMB_BIG_UINT allocation_size,
2826 struct security_descriptor *sd,
2827 struct ea_list *ea_list,
2828
2829 files_struct **result,
2830 int *pinfo,
2831 SMB_STRUCT_STAT *psbuf)
2832 {
2833 SMB_STRUCT_STAT sbuf;
2834 int info = FILE_WAS_OPENED;
2835 files_struct *base_fsp = NULL;
2836 files_struct *fsp = NULL;
2837 NTSTATUS status;
2838
2839 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2840 "file_attributes = 0x%x, share_access = 0x%x, "
2841 "create_disposition = 0x%x create_options = 0x%x "
2842 "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, "
2843 "fname = %s\n",
2844 (unsigned int)access_mask,
2845 (unsigned int)file_attributes,
2846 (unsigned int)share_access,
2847 (unsigned int)create_disposition,
2848 (unsigned int)create_options,
2849 (unsigned int)oplock_request,
2850 ea_list, sd, fname));
2851
2852 if (create_options & FILE_OPEN_BY_FILE_ID) {
2853 status = NT_STATUS_NOT_SUPPORTED;
2854 goto fail;
2855 }
2856
2857 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
2858 status = NT_STATUS_INVALID_PARAMETER;
2859 goto fail;
2860 }
2861
2862 if (req == NULL) {
2863 oplock_request |= INTERNAL_OPEN_ONLY;
2864 }
2865
2866 if (psbuf != NULL) {
2867 sbuf = *psbuf;
2868 }
2869 else {
2870 if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) {
2871 SET_STAT_INVALID(sbuf);
2872 }
2873 }
2874
2875 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2876 && (access_mask & DELETE_ACCESS)
2877 && !is_ntfs_stream_name(fname)) {
2878 /*
2879 * We can't open a file with DELETE access if any of the
2880 * streams is open without FILE_SHARE_DELETE
2881 */
2882 status = open_streams_for_delete(conn, fname);
2883
2884 if (!NT_STATUS_IS_OK(status)) {
2885 goto fail;
2886 }
2887 }
2888
2889 /* This is the correct thing to do (check every time) but can_delete
2890 * is expensive (it may have to read the parent directory
2891 * permissions). So for now we're not doing it unless we have a strong
2892 * hint the client is really going to delete this file. If the client
2893 * is forcing FILE_CREATE let the filesystem take care of the
2894 * permissions. */
2895
2896 /* Setting FILE_SHARE_DELETE is the hint. */
2897
2898 if (lp_acl_check_permissions(SNUM(conn))
2899 && (create_disposition != FILE_CREATE)
2900 && (share_access & FILE_SHARE_DELETE)
2901 && (access_mask & DELETE_ACCESS)
2902 && (!(can_delete_file_in_directory(conn, fname) ||
2903 can_access_file_acl(conn, fname, DELETE_ACCESS)))) {
2904 status = NT_STATUS_ACCESS_DENIED;
2905 DEBUG(10,("create_file_unixpath: open file %s "
2906 "for delete ACCESS_DENIED\n", fname ));
2907 goto fail;
2908 }
2909
2910 #if 0
2911 /* We need to support SeSecurityPrivilege for this. */
2912 if ((access_mask & SEC_RIGHT_SYSTEM_SECURITY) &&
2913 !user_has_privileges(current_user.nt_user_token,
2914 &se_security)) {
2915 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2916 goto fail;
2917 }
2918 #endif
2919
2920 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2921 && is_ntfs_stream_name(fname)
2922 && (!(create_options & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
2923 char *base;
2924 uint32 base_create_disposition;
2925
2926 if (create_options & FILE_DIRECTORY_FILE) {
2927 status = NT_STATUS_NOT_A_DIRECTORY;
2928 goto fail;
2929 }
2930
2931 status = split_ntfs_stream_name(talloc_tos(), fname,
2932 &base, NULL);
2933 if (!NT_STATUS_IS_OK(status)) {
2934 DEBUG(10, ("create_file_unixpath: "
2935 "split_ntfs_stream_name failed: %s\n",
2936 nt_errstr(status)));
2937 goto fail;
2938 }
2939
2940 SMB_ASSERT(!is_ntfs_stream_name(base)); /* paranoia.. */
2941
2942 switch (create_disposition) {
2943 case FILE_OPEN:
2944 base_create_disposition = FILE_OPEN;
2945 break;
2946 default:
2947 base_create_disposition = FILE_OPEN_IF;
2948 break;
2949 }
2950
2951 status = create_file_unixpath(conn, NULL, base, 0,
2952 FILE_SHARE_READ
2953 | FILE_SHARE_WRITE
2954 | FILE_SHARE_DELETE,
2955 base_create_disposition,
2956 0, 0, 0, 0, NULL, NULL,
2957 &base_fsp, NULL, NULL);
2958 if (!NT_STATUS_IS_OK(status)) {
2959 DEBUG(10, ("create_file_unixpath for base %s failed: "
2960 "%s\n", base, nt_errstr(status)));
2961 goto fail;
2962 }
2963 /* we don't need to low level fd */
2964 fd_close(base_fsp);
2965 }
2966
2967 /*
2968 * If it's a request for a directory open, deal with it separately.
2969 */
2970
2971 if (create_options & FILE_DIRECTORY_FILE) {
2972
2973 if (create_options & FILE_NON_DIRECTORY_FILE) {
2974 status = NT_STATUS_INVALID_PARAMETER;
2975 goto fail;
2976 }
2977
2978 /* Can't open a temp directory. IFS kit test. */
2979 if (file_attributes & FILE_ATTRIBUTE_TEMPORARY) {
2980 status = NT_STATUS_INVALID_PARAMETER;
2981 goto fail;
2982 }
2983
2984 /*
2985 * We will get a create directory here if the Win32
2986 * app specified a security descriptor in the
2987 * CreateDirectory() call.
2988 */
2989
2990 oplock_request = 0;
2991 status = open_directory(
2992 conn, req, fname, &sbuf, access_mask, share_access,
2993 create_disposition, create_options, file_attributes,
2994 &info, &fsp);
2995 } else {
2996
2997 /*
2998 * Ordinary file case.
2999 */
3000
3001 if (base_fsp) {
3002 /*
3003 * We're opening the stream element of a base_fsp
3004 * we already opened. We need to initialize
3005 * the fsp first, and set up the base_fsp pointer.
3006 */
3007 status = file_new(conn, &fsp);
3008 if(!NT_STATUS_IS_OK(status)) {
3009 goto fail;
3010 }
3011
3012 fsp->base_fsp = base_fsp;
3013
3014 status = open_file_ntcreate_internal(conn,
3015 req,
3016 fname,
3017 &sbuf,
3018 access_mask,
3019 share_access,
3020 create_disposition,
3021 create_options,
3022 file_attributes,
3023 oplock_request,
3024 &info,
3025 fsp);
3026
3027 if(!NT_STATUS_IS_OK(status)) {
3028 file_free(fsp);
3029 fsp = NULL;
3030 }
3031 } else {
3032 status = open_file_ntcreate(
3033 conn, req, fname, &sbuf, access_mask, share_access,
3034 create_disposition, create_options, file_attributes,
3035 oplock_request, &info, &fsp);
3036 }
3037
3038 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3039
3040 /* A stream open never opens a directory */
3041
3042 if (base_fsp) {
3043 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3044 goto fail;
3045 }
3046
3047 /*
3048 * Fail the open if it was explicitly a non-directory
3049 * file.
3050 */
3051
3052 if (create_options & FILE_NON_DIRECTORY_FILE) {
3053 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3054 goto fail;
3055 }
3056
3057 oplock_request = 0;
3058 status = open_directory(
3059 conn, req, fname, &sbuf, access_mask,
3060 share_access, create_disposition,
3061 create_options, file_attributes,
3062 &info, &fsp);
3063 }
3064 }
3065
3066 if (!NT_STATUS_IS_OK(status)) {
3067 goto fail;
3068 }
3069
3070 fsp->base_fsp = base_fsp;
3071
3072 /*
3073 * According to the MS documentation, the only time the security
3074 * descriptor is applied to the opened file is iff we *created* the
3075 * file; an existing file stays the same.
3076 *
3077 * Also, it seems (from observation) that you can open the file with
3078 * any access mask but you can still write the sd. We need to override
3079 * the granted access before we call set_sd
3080 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3081 */
3082
3083 if ((sd != NULL) && (info == FILE_WAS_CREATED)
3084 && lp_nt_acl_support(SNUM(conn))) {
3085
3086 uint32_t sec_info_sent = ALL_SECURITY_INFORMATION;
3087 uint32_t saved_access_mask = fsp->access_mask;
3088
3089 if (sd->owner_sid == NULL) {
3090 sec_info_sent &= ~OWNER_SECURITY_INFORMATION;
3091 }
3092 if (sd->group_sid == NULL) {
3093 sec_info_sent &= ~GROUP_SECURITY_INFORMATION;
3094 }
3095 if (sd->sacl == NULL) {
3096 sec_info_sent &= ~SACL_SECURITY_INFORMATION;
3097 }
3098 if (sd->dacl == NULL) {
3099 sec_info_sent &= ~DACL_SECURITY_INFORMATION;
3100 }
3101
3102 fsp->access_mask = FILE_GENERIC_ALL;
3103
3104 /* Convert all the generic bits. */
3105 security_acl_map_generic(sd->dacl, &file_generic_mapping);
3106 security_acl_map_generic(sd->sacl, &file_generic_mapping);
3107
3108 if (sec_info_sent & (OWNER_SECURITY_INFORMATION|
3109 GROUP_SECURITY_INFORMATION|
3110 DACL_SECURITY_INFORMATION|
3111 SACL_SECURITY_INFORMATION)) {
3112 status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3113 }
3114
3115 fsp->access_mask = saved_access_mask;
3116
3117 if (!NT_STATUS_IS_OK(status)) {
3118 goto fail;
3119 }
3120 }
3121
3122 if ((ea_list != NULL) && (info == FILE_WAS_CREATED)) {
3123 status = set_ea(conn, fsp, fname, ea_list);
3124 if (!NT_STATUS_IS_OK(status)) {
3125 goto fail;
3126 }
3127 }
3128
3129 if (!fsp->is_directory && S_ISDIR(sbuf.st_mode)) {
3130 status = NT_STATUS_ACCESS_DENIED;
3131 goto fail;
3132 }
3133
3134 /* Save the requested allocation size. */
3135 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3136 if (allocation_size
3137 && (allocation_size > sbuf.st_size)) {
3138 fsp->initial_allocation_size = smb_roundup(
3139 fsp->conn, allocation_size);
3140 if (fsp->is_directory) {
3141 /* Can't set allocation size on a directory. */
3142 status = NT_STATUS_ACCESS_DENIED;
3143 goto fail;
3144 }
3145 if (vfs_allocate_file_space(
3146 fsp, fsp->initial_allocation_size) == -1) {
3147 status = NT_STATUS_DISK_FULL;
3148 goto fail;
3149 }
3150 } else {
3151 fsp->initial_allocation_size = smb_roundup(
3152 fsp->conn, (SMB_BIG_UINT)sbuf.st_size);
3153 }
3154 }
3155
3156 DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3157
3158 *result = fsp;
3159 if (pinfo != NULL) {
3160 *pinfo = info;
3161 }
3162 if (psbuf != NULL) {
3163 if ((fsp->fh == NULL) || (fsp->fh->fd == -1)) {
3164 *psbuf = sbuf;
3165 }
3166 else {
3167 SMB_VFS_FSTAT(fsp, psbuf);
3168 }
3169 }
3170 return NT_STATUS_OK;
3171
3172 fail:
3173 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3174
3175 if (fsp != NULL) {
3176 if (base_fsp && fsp->base_fsp == base_fsp) {
3177 /*
3178 * The close_file below will close
3179 * fsp->base_fsp.
3180 */
3181 base_fsp = NULL;
3182 }
3183 close_file(fsp, ERROR_CLOSE);
3184 fsp = NULL;
3185 }
3186 if (base_fsp != NULL) {
3187 close_file(base_fsp, ERROR_CLOSE);
3188 base_fsp = NULL;
3189 }
3190 return status;
3191 }
3192
3193 NTSTATUS create_file(connection_struct *conn,
3194 struct smb_request *req,
3195 uint16_t root_dir_fid,
3196 const char *fname,
3197 uint32_t access_mask,
3198 uint32_t share_access,
3199 uint32_t create_disposition,
3200 uint32_t create_options,
3201 uint32_t file_attributes,
3202 uint32_t oplock_request,
3203 SMB_BIG_UINT allocation_size,
3204 struct security_descriptor *sd,
3205 struct ea_list *ea_list,
3206
3207 files_struct **result,
3208 int *pinfo,
3209 SMB_STRUCT_STAT *psbuf)
3210 {
3211 struct case_semantics_state *case_state = NULL;
3212 SMB_STRUCT_STAT sbuf;
3213 int info = FILE_WAS_OPENED;
3214 files_struct *fsp = NULL;
3215 NTSTATUS status;
3216
3217 DEBUG(10,("create_file: access_mask = 0x%x "
3218 "file_attributes = 0x%x, share_access = 0x%x, "
3219 "create_disposition = 0x%x create_options = 0x%x "
3220 "oplock_request = 0x%x "
3221 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3222 "fname = %s\n",
3223 (unsigned int)access_mask,
3224 (unsigned int)file_attributes,
3225 (unsigned int)share_access,
3226 (unsigned int)create_disposition,
3227 (unsigned int)create_options,
3228 (unsigned int)oplock_request,
3229 (unsigned int)root_dir_fid,
3230 ea_list, sd, fname));
3231
3232 /*
3233 * Get the file name.
3234 */
3235
3236 if (root_dir_fid != 0) {
3237 /*
3238 * This filename is relative to a directory fid.
3239 */
3240 char *parent_fname = NULL;
3241 files_struct *dir_fsp = file_fsp(root_dir_fid);
3242
3243 if (dir_fsp == NULL) {
3244 status = NT_STATUS_INVALID_HANDLE;
3245 goto fail;
3246 }
3247
3248 if (!dir_fsp->is_directory) {
3249
3250 /*
3251 * Check to see if this is a mac fork of some kind.
3252 */
3253
3254 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3255 is_ntfs_stream_name(fname)) {
3256 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3257 goto fail;
3258 }
3259
3260 /*
3261 we need to handle the case when we get a
3262 relative open relative to a file and the
3263 pathname is blank - this is a reopen!
3264 (hint from demyn plantenberg)
3265 */
3266
3267 status = NT_STATUS_INVALID_HANDLE;
3268 goto fail;
3269 }
3270
3271 if (ISDOT(dir_fsp->fsp_name)) {
3272 /*
3273 * We're at the toplevel dir, the final file name
3274 * must not contain ./, as this is filtered out
3275 * normally by srvstr_get_path and unix_convert
3276 * explicitly rejects paths containing ./.
3277 */
3278 parent_fname = talloc_strdup(talloc_tos(), "");
3279 if (parent_fname == NULL) {
3280 status = NT_STATUS_NO_MEMORY;
3281 goto fail;
3282 }
3283 } else {
3284 size_t dir_name_len = strlen(dir_fsp->fsp_name);
3285
3286 /*
3287 * Copy in the base directory name.
3288 */
3289
3290 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3291 dir_name_len+2);
3292 if (parent_fname == NULL) {
3293 status = NT_STATUS_NO_MEMORY;
3294 goto fail;
3295 }
3296 memcpy(parent_fname, dir_fsp->fsp_name,
3297 dir_name_len+1);
3298
3299 /*
3300 * Ensure it ends in a '/'.
3301 * We used TALLOC_SIZE +2 to add space for the '/'.
3302 */
3303
3304 if(dir_name_len
3305 && (parent_fname[dir_name_len-1] != '\\')
3306 && (parent_fname[dir_name_len-1] != '/')) {
3307 parent_fname[dir_name_len] = '/';
3308 parent_fname[dir_name_len+1] = '\0';
3309 }
3310 }
3311
3312 fname = talloc_asprintf(talloc_tos(), "%s%s", parent_fname,
3313 fname);
3314 if (fname == NULL) {
3315 status = NT_STATUS_NO_MEMORY;
3316 goto fail;
3317 }
3318 }
3319
3320 /*
3321 * Check to see if this is a mac fork of some kind.
3322 */
3323
3324 if (is_ntfs_stream_name(fname)) {
3325 enum FAKE_FILE_TYPE fake_file_type;
3326
3327 fake_file_type = is_fake_file(fname);
3328
3329 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3330
3331 /*
3332 * Here we go! support for changing the disk quotas
3333 * --metze
3334 *
3335 * We need to fake up to open this MAGIC QUOTA file
3336 * and return a valid FID.
3337 *
3338 * w2k close this file directly after openening xp
3339 * also tries a QUERY_FILE_INFO on the file and then
3340 * close it
3341 */
3342 status = open_fake_file(conn, req->vuid,
3343 fake_file_type, fname,
3344 access_mask, &fsp);
3345 if (!NT_STATUS_IS_OK(status)) {
3346 goto fail;
3347 }
3348
3349 ZERO_STRUCT(sbuf);
3350 goto done;
3351 }
3352
3353 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3354 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3355 goto fail;
3356 }
3357 }
3358
3359 if ((req != NULL) && (req->flags2 & FLAGS2_DFS_PATHNAMES)) {
3360 char *resolved_fname;
3361
3362 status = resolve_dfspath(talloc_tos(), conn, true, fname,
3363 &resolved_fname);
3364
3365 if (!NT_STATUS_IS_OK(status)) {
3366 /*
3367 * For PATH_NOT_COVERED we had
3368 * reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
3369 * ERRSRV, ERRbadpath);
3370 * Need to fix in callers
3371 */
3372 goto fail;
3373 }
3374 fname = resolved_fname;
3375 }
3376
3377 /*
3378 * Check if POSIX semantics are wanted.
3379 */
3380
3381 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
3382 case_state = set_posix_case_semantics(talloc_tos(), conn);
3383 file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS;
3384 }
3385
3386 {
3387 char *converted_fname;
3388
3389 SET_STAT_INVALID(sbuf);
3390
3391 status = unix_convert(talloc_tos(), conn, fname, False,
3392 &converted_fname, NULL, &sbuf);
3393 if (!NT_STATUS_IS_OK(status)) {
3394 goto fail;
3395 }
3396 fname = converted_fname;
3397 }
3398
3399 TALLOC_FREE(case_state);
3400
3401 /* All file access must go through check_name() */
3402
3403 status = check_name(conn, fname);
3404 if (!NT_STATUS_IS_OK(status)) {
3405 goto fail;
3406 }
3407
3408 status = create_file_unixpath(
3409 conn, req, fname, access_mask, share_access,
3410 create_disposition, create_options, file_attributes,
3411 oplock_request, allocation_size, sd, ea_list,
3412 &fsp, &info, &sbuf);
3413
3414 if (!NT_STATUS_IS_OK(status)) {
3415 goto fail;
3416 }
3417
3418 done:
3419 DEBUG(10, ("create_file: info=%d\n", info));
3420
3421 *result = fsp;
3422 if (pinfo != NULL) {
3423 *pinfo = info;
3424 }
3425 if (psbuf != NULL) {
3426 *psbuf = sbuf;
3427 }
3428 return NT_STATUS_OK;
3429
3430 fail:
3431 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3432
3433 if (fsp != NULL) {
3434 close_file(fsp, ERROR_CLOSE);
3435 fsp = NULL;
3436 }
3437 return status;
3438 }
Samba GIT mirror