search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r11118: syncing up some changez from 3.0 tree for the first 3.0.21 preview release
[Samba.git] / source / smbd / open.c
blob70687ff5805c1673d575f89321a5c4400125df22
1 /*
2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 */
22
23 #include "includes.h"
24
25 extern struct current_user current_user;
26 extern userdom_struct current_user_info;
27 extern uint16 global_smbpid;
28 extern BOOL global_client_failed_oplock_break;
29
30 struct deferred_open_record {
31 BOOL delayed_for_oplocks;
32 SMB_DEV_T dev;
33 SMB_INO_T inode;
34 };
35
36 /****************************************************************************
37 fd support routines - attempt to do a dos_open.
38 ****************************************************************************/
39
40 static int fd_open(struct connection_struct *conn,
41 const char *fname,
42 int flags,
43 mode_t mode)
44 {
45 int fd;
46 #ifdef O_NOFOLLOW
47 if (!lp_symlinks(SNUM(conn))) {
48 flags |= O_NOFOLLOW;
49 }
50 #endif
51
52 fd = SMB_VFS_OPEN(conn,fname,flags,mode);
53
54 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n", fname,
55 flags, (int)mode, fd, (fd == -1) ? strerror(errno) : "" ));
56
57 return fd;
58 }
59
60 /****************************************************************************
61 Close the file associated with a fsp.
62 ****************************************************************************/
63
64 int fd_close(struct connection_struct *conn,
65 files_struct *fsp)
66 {
67 if (fsp->fh->fd == -1) {
68 return 0; /* What we used to call a stat open. */
69 }
70 if (fsp->fh->ref_count > 1) {
71 return 0; /* Shared handle. Only close last reference. */
72 }
73 return fd_close_posix(conn, fsp);
74 }
75
76
77 /****************************************************************************
78 Check a filename for the pipe string.
79 ****************************************************************************/
80
81 static void check_for_pipe(const char *fname)
82 {
83 /* special case of pipe opens */
84 char s[10];
85 StrnCpy(s,fname,sizeof(s)-1);
86 strlower_m(s);
87 if (strstr(s,"pipe/")) {
88 DEBUG(3,("Rejecting named pipe open for %s\n",fname));
89 set_saved_error_triple(ERRSRV, ERRaccess, NT_STATUS_ACCESS_DENIED);
90 }
91 }
92
93 /****************************************************************************
94 Change the ownership of a file to that of the parent directory.
95 Do this by fd if possible.
96 ****************************************************************************/
97
98 void change_owner_to_parent(connection_struct *conn,
99 files_struct *fsp,
100 const char *fname,
101 SMB_STRUCT_STAT *psbuf)
102 {
103 const char *parent_path = parent_dirname(fname);
104 SMB_STRUCT_STAT parent_st;
105 int ret;
106
107 ret = SMB_VFS_STAT(conn, parent_path, &parent_st);
108 if (ret == -1) {
109 DEBUG(0,("change_owner_to_parent: failed to stat parent "
110 "directory %s. Error was %s\n",
111 parent_path, strerror(errno) ));
112 return;
113 }
114
115 if (fsp && fsp->fh->fd != -1) {
116 become_root();
117 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
118 unbecome_root();
119 if (ret == -1) {
120 DEBUG(0,("change_owner_to_parent: failed to fchown "
121 "file %s to parent directory uid %u. Error "
122 "was %s\n", fname,
123 (unsigned int)parent_st.st_uid,
124 strerror(errno) ));
125 }
126
127 DEBUG(10,("change_owner_to_parent: changed new file %s to "
128 "parent directory uid %u.\n", fname,
129 (unsigned int)parent_st.st_uid ));
130
131 } else {
132 /* We've already done an lstat into psbuf, and we know it's a
133 directory. If we can cd into the directory and the dev/ino
134 are the same then we can safely chown without races as
135 we're locking the directory in place by being in it. This
136 should work on any UNIX (thanks tridge :-). JRA.
137 */
138
139 pstring saved_dir;
140 SMB_STRUCT_STAT sbuf;
141
142 if (!vfs_GetWd(conn,saved_dir)) {
143 DEBUG(0,("change_owner_to_parent: failed to get "
144 "current working directory\n"));
145 return;
146 }
147
148 /* Chdir into the new path. */
149 if (vfs_ChDir(conn, fname) == -1) {
150 DEBUG(0,("change_owner_to_parent: failed to change "
151 "current working directory to %s. Error "
152 "was %s\n", fname, strerror(errno) ));
153 goto out;
154 }
155
156 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
157 DEBUG(0,("change_owner_to_parent: failed to stat "
158 "directory '.' (%s) Error was %s\n",
159 fname, strerror(errno)));
160 goto out;
161 }
162
163 /* Ensure we're pointing at the same place. */
164 if (sbuf.st_dev != psbuf->st_dev ||
165 sbuf.st_ino != psbuf->st_ino ||
166 sbuf.st_mode != psbuf->st_mode ) {
167 DEBUG(0,("change_owner_to_parent: "
168 "device/inode/mode on directory %s changed. "
169 "Refusing to chown !\n", fname ));
170 goto out;
171 }
172
173 become_root();
174 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
175 unbecome_root();
176 if (ret == -1) {
177 DEBUG(10,("change_owner_to_parent: failed to chown "
178 "directory %s to parent directory uid %u. "
179 "Error was %s\n", fname,
180 (unsigned int)parent_st.st_uid, strerror(errno) ));
181 goto out;
182 }
183
184 DEBUG(10,("change_owner_to_parent: changed ownership of new "
185 "directory %s to parent directory uid %u.\n",
186 fname, (unsigned int)parent_st.st_uid ));
187
188 out:
189
190 vfs_ChDir(conn,saved_dir);
191 }
192 }
193
194 /****************************************************************************
195 Open a file.
196 ****************************************************************************/
197
198 static BOOL open_file(files_struct *fsp,
199 connection_struct *conn,
200 const char *fname,
201 SMB_STRUCT_STAT *psbuf,
202 int flags,
203 mode_t unx_mode,
204 uint32 access_mask)
205 {
206 int accmode = (flags & O_ACCMODE);
207 int local_flags = flags;
208 BOOL file_existed = VALID_STAT(*psbuf);
209
210 fsp->fh->fd = -1;
211 errno = EPERM;
212
213 /* Check permissions */
214
215 /*
216 * This code was changed after seeing a client open request
217 * containing the open mode of (DENY_WRITE/read-only) with
218 * the 'create if not exist' bit set. The previous code
219 * would fail to open the file read only on a read-only share
220 * as it was checking the flags parameter directly against O_RDONLY,
221 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
222 * JRA.
223 */
224
225 if (!CAN_WRITE(conn)) {
226 /* It's a read-only share - fail if we wanted to write. */
227 if(accmode != O_RDONLY) {
228 DEBUG(3,("Permission denied opening %s\n",fname));
229 check_for_pipe(fname);
230 return False;
231 } else if(flags & O_CREAT) {
232 /* We don't want to write - but we must make sure that
233 O_CREAT doesn't create the file if we have write
234 access into the directory.
235 */
236 flags &= ~O_CREAT;
237 local_flags &= ~O_CREAT;
238 }
239 }
240
241 /*
242 * This little piece of insanity is inspired by the
243 * fact that an NT client can open a file for O_RDONLY,
244 * but set the create disposition to FILE_EXISTS_TRUNCATE.
245 * If the client *can* write to the file, then it expects to
246 * truncate the file, even though it is opening for readonly.
247 * Quicken uses this stupid trick in backup file creation...
248 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
249 * for helping track this one down. It didn't bite us in 2.0.x
250 * as we always opened files read-write in that release. JRA.
251 */
252
253 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
254 DEBUG(10,("open_file: truncate requested on read-only open "
255 "for file %s\n",fname ));
256 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
257 }
258
259 if ((access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
260 (local_flags & O_CREAT) ||
261 ((local_flags & O_TRUNC) == O_TRUNC) ) {
262
263 /*
264 * We can't actually truncate here as the file may be locked.
265 * open_file_shared will take care of the truncate later. JRA.
266 */
267
268 local_flags &= ~O_TRUNC;
269
270 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
271 /*
272 * We would block on opening a FIFO with no one else on the
273 * other end. Do what we used to do and add O_NONBLOCK to the
274 * open flags. JRA.
275 */
276
277 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
278 local_flags |= O_NONBLOCK;
279 }
280 #endif
281
282 /* Don't create files with Microsoft wildcard characters. */
283 if ((local_flags & O_CREAT) && !file_existed &&
284 ms_has_wild(fname)) {
285 set_saved_ntstatus(NT_STATUS_OBJECT_NAME_INVALID);
286 return False;
287 }
288
289 /* Actually do the open */
290 fsp->fh->fd = fd_open(conn, fname, local_flags, unx_mode);
291 if (fsp->fh->fd == -1) {
292 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
293 "(flags=%d)\n",
294 fname,strerror(errno),local_flags,flags));
295 check_for_pipe(fname);
296 return False;
297 }
298
299 /* Inherit the ACL if the file was created. */
300 if ((local_flags & O_CREAT) && !file_existed) {
301 inherit_access_acl(conn, fname, unx_mode);
302 }
303
304 } else {
305 fsp->fh->fd = -1; /* What we used to call a stat open. */
306 }
307
308 if (!file_existed) {
309 int ret;
310
311 if (fsp->fh->fd == -1) {
312 ret = SMB_VFS_STAT(conn, fname, psbuf);
313 } else {
314 ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
315 /* If we have an fd, this stat should succeed. */
316 if (ret == -1) {
317 DEBUG(0,("Error doing fstat on open file %s "
318 "(%s)\n", fname,strerror(errno) ));
319 }
320 }
321
322 /* For a non-io open, this stat failing means file not found. JRA */
323 if (ret == -1) {
324 fd_close(conn, fsp);
325 return False;
326 }
327 }
328
329 /*
330 * POSIX allows read-only opens of directories. We don't
331 * want to do this (we use a different code path for this)
332 * so catch a directory open and return an EISDIR. JRA.
333 */
334
335 if(S_ISDIR(psbuf->st_mode)) {
336 fd_close(conn, fsp);
337 errno = EISDIR;
338 return False;
339 }
340
341 fsp->mode = psbuf->st_mode;
342 fsp->inode = psbuf->st_ino;
343 fsp->dev = psbuf->st_dev;
344 fsp->vuid = current_user.vuid;
345 fsp->file_pid = global_smbpid;
346 fsp->can_lock = True;
347 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
348 if (!CAN_WRITE(conn)) {
349 fsp->can_write = False;
350 } else {
351 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ? True : False;
352 }
353 fsp->print_file = False;
354 fsp->modified = False;
355 fsp->sent_oplock_break = NO_BREAK_SENT;
356 fsp->is_directory = False;
357 fsp->is_stat = False;
358 if (conn->aio_write_behind_list &&
359 is_in_path(fname, conn->aio_write_behind_list, conn->case_sensitive)) {
360 fsp->aio_write_behind = True;
361 }
362
363 string_set(&fsp->fsp_name,fname);
364 fsp->wcp = NULL; /* Write cache pointer. */
365
366 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
367 *current_user_info.smb_name ? current_user_info.smb_name : conn->user,fsp->fsp_name,
368 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
369 conn->num_files_open + 1));
370
371 errno = 0;
372 return True;
373 }
374
375 /*******************************************************************
376 Return True if the filename is one of the special executable types.
377 ********************************************************************/
378
379 static BOOL is_executable(const char *fname)
380 {
381 if ((fname = strrchr_m(fname,'.'))) {
382 if (strequal(fname,".com") ||
383 strequal(fname,".dll") ||
384 strequal(fname,".exe") ||
385 strequal(fname,".sym")) {
386 return True;
387 }
388 }
389 return False;
390 }
391
392 /****************************************************************************
393 Check if we can open a file with a share mode.
394 Returns True if conflict, False if not.
395 ****************************************************************************/
396
397 static BOOL share_conflict(struct share_mode_entry *entry,
398 uint32 access_mask,
399 uint32 share_access)
400 {
401 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
402 "entry->share_access = 0x%x, "
403 "entry->private_options = 0x%x\n",
404 (unsigned int)entry->access_mask,
405 (unsigned int)entry->share_access,
406 (unsigned int)entry->private_options));
407
408 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
409 (unsigned int)access_mask, (unsigned int)share_access));
410
411 if ((entry->access_mask & (FILE_WRITE_DATA|
412 FILE_APPEND_DATA|
413 FILE_READ_DATA|
414 FILE_EXECUTE|
415 DELETE_ACCESS)) == 0) {
416 DEBUG(10,("share_conflict: No conflict due to "
417 "entry->access_mask = 0x%x\n",
418 (unsigned int)entry->access_mask ));
419 return False;
420 }
421
422 if ((access_mask & (FILE_WRITE_DATA|
423 FILE_APPEND_DATA|
424 FILE_READ_DATA|
425 FILE_EXECUTE|
426 DELETE_ACCESS)) == 0) {
427 DEBUG(10,("share_conflict: No conflict due to "
428 "access_mask = 0x%x\n",
429 (unsigned int)access_mask ));
430 return False;
431 }
432
433 #if 1 /* JRA TEST - Superdebug. */
434 #define CHECK_MASK(num, am, right, sa, share) \
435 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
436 (unsigned int)(num), (unsigned int)(am), \
437 (unsigned int)(right), (unsigned int)(am)&(right) )); \
438 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
439 (unsigned int)(num), (unsigned int)(sa), \
440 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
441 if (((am) & (right)) && !((sa) & (share))) { \
442 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
443 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
444 (unsigned int)(share) )); \
445 return True; \
446 }
447 #else
448 #define CHECK_MASK(num, am, right, sa, share) \
449 if (((am) & (right)) && !((sa) & (share))) { \
450 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
451 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
452 (unsigned int)(share) )); \
453 return True; \
454 }
455 #endif
456
457 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
458 share_access, FILE_SHARE_WRITE);
459 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
460 entry->share_access, FILE_SHARE_WRITE);
461
462 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
463 share_access, FILE_SHARE_READ);
464 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
465 entry->share_access, FILE_SHARE_READ);
466
467 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
468 share_access, FILE_SHARE_DELETE);
469 CHECK_MASK(6, access_mask, DELETE_ACCESS,
470 entry->share_access, FILE_SHARE_DELETE);
471
472 DEBUG(10,("share_conflict: No conflict.\n"));
473 return False;
474 }
475
476 #if defined(DEVELOPER)
477 static void validate_my_share_entries(int num,
478 struct share_mode_entry *share_entry)
479 {
480 files_struct *fsp;
481
482 if (!procid_is_me(&share_entry->pid)) {
483 return;
484 }
485
486 if (is_deferred_open_entry(share_entry) &&
487 !open_was_deferred(share_entry->op_mid)) {
488 pstring str;
489 DEBUG(0, ("Got a deferred entry without a request: "
490 "PANIC: %s\n", share_mode_str(num, share_entry)));
491 smb_panic(str);
492 }
493
494 if (!is_valid_share_mode_entry(share_entry)) {
495 return;
496 }
497
498 fsp = file_find_dif(share_entry->dev, share_entry->inode,
499 share_entry->share_file_id);
500 if (!fsp) {
501 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
502 share_mode_str(num, share_entry) ));
503 smb_panic("validate_my_share_entries: Cannot match a "
504 "share entry with an open file\n");
505 }
506
507 if (is_deferred_open_entry(share_entry) ||
508 is_unused_share_mode_entry(share_entry)) {
509 goto panic;
510 }
511
512 if ((share_entry->op_type == NO_OPLOCK) &&
513 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
514 /* Someone has already written to it, but I haven't yet
515 * noticed */
516 return;
517 }
518
519 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
520 goto panic;
521 }
522
523 return;
524
525 panic:
526 {
527 pstring str;
528 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
529 share_mode_str(num, share_entry) ));
530 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
531 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
532 fsp->fsp_name, (unsigned int)fsp->oplock_type,
533 (unsigned int)share_entry->op_type );
534 smb_panic(str);
535 }
536 }
537 #endif
538
539 static BOOL is_stat_open(uint32 access_mask)
540 {
541 return (access_mask &&
542 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
543 FILE_WRITE_ATTRIBUTES))==0) &&
544 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
545 FILE_WRITE_ATTRIBUTES)) != 0));
546 }
547
548 /****************************************************************************
549 Deal with share modes
550 Invarient: Share mode must be locked on entry and exit.
551 Returns -1 on error, or number of share modes on success (may be zero).
552 ****************************************************************************/
553
554 static NTSTATUS open_mode_check(connection_struct *conn,
555 const char *fname,
556 struct share_mode_lock *lck,
557 uint32 access_mask,
558 uint32 share_access,
559 uint32 create_options,
560 BOOL *file_existed)
561 {
562 int i;
563
564 if(lck->num_share_modes == 0) {
565 return NT_STATUS_OK;
566 }
567
568 *file_existed = True;
569
570 if (is_stat_open(access_mask)) {
571 /* Stat open that doesn't trigger oplock breaks or share mode
572 * checks... ! JRA. */
573 return NT_STATUS_OK;
574 }
575
576 /* A delete on close prohibits everything */
577
578 if (lck->delete_on_close) {
579 return NT_STATUS_DELETE_PENDING;
580 }
581
582 /*
583 * Check if the share modes will give us access.
584 */
585
586 #if defined(DEVELOPER)
587 for(i = 0; i < lck->num_share_modes; i++) {
588 validate_my_share_entries(i, &lck->share_modes[i]);
589 }
590 #endif
591
592 if (!lp_share_modes(SNUM(conn))) {
593 return NT_STATUS_OK;
594 }
595
596 /* Now we check the share modes, after any oplock breaks. */
597 for(i = 0; i < lck->num_share_modes; i++) {
598
599 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
600 continue;
601 }
602
603 /* someone else has a share lock on it, check to see if we can
604 * too */
605 if (share_conflict(&lck->share_modes[i],
606 access_mask, share_access)) {
607 return NT_STATUS_SHARING_VIOLATION;
608 }
609 }
610
611 return NT_STATUS_OK;
612 }
613
614 static BOOL is_delete_request(files_struct *fsp) {
615 return ((fsp->access_mask == DELETE_ACCESS) &&
616 (fsp->oplock_type == NO_OPLOCK));
617 }
618
619 /*
620 * 1) No files open at all: Grant whatever the client wants.
621 *
622 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
623 * request, break if the oplock around is a batch oplock. If it's another
624 * requested access type, break.
625 *
626 * 3) Only level2 around: Grant level2 and do nothing else.
627 */
628
629 static BOOL delay_for_oplocks(struct share_mode_lock *lck, files_struct *fsp)
630 {
631 int i;
632 struct share_mode_entry *exclusive = NULL;
633 BOOL delay_it = False;
634 BOOL have_level2 = False;
635
636 if (is_stat_open(fsp->access_mask)) {
637 fsp->oplock_type = NO_OPLOCK;
638 return False;
639 }
640
641 if (lck->num_share_modes == 0) {
642 /* No files open at all: Directly grant whatever the client
643 * wants. */
644
645 if (fsp->oplock_type == NO_OPLOCK) {
646 /* Store a level2 oplock, but don't tell the client */
647 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
648 }
649 return False;
650 }
651
652 for (i=0; i<lck->num_share_modes; i++) {
653
654 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
655 continue;
656 }
657
658 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
659 SMB_ASSERT(exclusive == NULL);
660 exclusive = &lck->share_modes[i];
661 }
662
663 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
664 have_level2 = True;
665 }
666 }
667
668 if (exclusive != NULL) { /* Found an exclusive oplock */
669 SMB_ASSERT(!have_level2);
670 delay_it = is_delete_request(fsp) ?
671 BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
672 }
673
674 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
675 /* We can at most grant level2 */
676 fsp->oplock_type = LEVEL_II_OPLOCK;
677 }
678
679 if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
680 /* Store a level2 oplock, but don't tell the client */
681 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
682 }
683
684 if (delay_it) {
685 DEBUG(10, ("Sending break request to PID %s\n",
686 procid_str_static(&exclusive->pid)));
687 exclusive->op_mid = get_current_mid();
688 if (!message_send_pid(exclusive->pid, MSG_SMB_BREAK_REQUEST,
689 exclusive, sizeof(*exclusive), True)) {
690 DEBUG(3, ("Could not send oplock break message\n"));
691 }
692 file_free(fsp);
693 }
694
695 return delay_it;
696 }
697
698 static BOOL request_timed_out(struct timeval request_time,
699 struct timeval timeout)
700 {
701 struct timeval now, end_time;
702 GetTimeOfDay(&now);
703 end_time = timeval_sum(&request_time, &timeout);
704 return (timeval_compare(&end_time, &now) < 0);
705 }
706
707 /****************************************************************************
708 Handle the 1 second delay in returning a SHARING_VIOLATION error.
709 ****************************************************************************/
710
711 static void defer_open(struct share_mode_lock *lck,
712 struct timeval request_time,
713 struct timeval timeout,
714 struct deferred_open_record *state)
715 {
716 uint16 mid = get_current_mid();
717 int i;
718
719 /* Paranoia check */
720
721 for (i=0; i<lck->num_share_modes; i++) {
722 struct share_mode_entry *e = &lck->share_modes[i];
723
724 if (!is_deferred_open_entry(e)) {
725 continue;
726 }
727
728 if (procid_is_me(&e->pid) && (e->op_mid == mid)) {
729 DEBUG(0, ("Trying to defer an already deferred "
730 "request: mid=%d, exiting\n", mid));
731 exit_server("exiting");
732 }
733 }
734
735 /* End paranoia check */
736
737 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
738 "open entry for mid %u\n",
739 (unsigned int)request_time.tv_sec,
740 (unsigned int)request_time.tv_usec,
741 (unsigned int)mid));
742
743 if (!push_deferred_smb_message(mid, request_time, timeout,
744 (char *)state, sizeof(*state))) {
745 exit_server("push_deferred_smb_message failed\n");
746 }
747 add_deferred_open(lck, mid, request_time, state->dev, state->inode);
748
749 /*
750 * Push the MID of this packet on the signing queue.
751 * We only do this once, the first time we push the packet
752 * onto the deferred open queue, as this has a side effect
753 * of incrementing the response sequence number.
754 */
755
756 srv_defer_sign_response(mid);
757 }
758
759 /****************************************************************************
760 Set a kernel flock on a file for NFS interoperability.
761 This requires a patch to Linux.
762 ****************************************************************************/
763
764 static void kernel_flock(files_struct *fsp, uint32 share_mode)
765 {
766 #if HAVE_KERNEL_SHARE_MODES
767 int kernel_mode = 0;
768 if (share_mode == FILE_SHARE_WRITE) {
769 kernel_mode = LOCK_MAND|LOCK_WRITE;
770 } else if (share_mode == FILE_SHARE_READ) {
771 kernel_mode = LOCK_MAND|LOCK_READ;
772 } else if (share_mode == FILE_SHARE_NONE) {
773 kernel_mode = LOCK_MAND;
774 }
775 if (kernel_mode) {
776 flock(fsp->fh->fd, kernel_mode);
777 }
778 #endif
779 ;
780 }
781
782 /****************************************************************************
783 On overwrite open ensure that the attributes match.
784 ****************************************************************************/
785
786 static BOOL open_match_attributes(connection_struct *conn,
787 const char *path,
788 uint32 old_dos_attr,
789 uint32 new_dos_attr,
790 mode_t existing_unx_mode,
791 mode_t new_unx_mode,
792 mode_t *returned_unx_mode)
793 {
794 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
795
796 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
797 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
798
799 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
800 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
801 *returned_unx_mode = new_unx_mode;
802 } else {
803 *returned_unx_mode = (mode_t)0;
804 }
805
806 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
807 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
808 "returned_unx_mode = 0%o\n",
809 path,
810 (unsigned int)old_dos_attr,
811 (unsigned int)existing_unx_mode,
812 (unsigned int)new_dos_attr,
813 (unsigned int)*returned_unx_mode ));
814
815 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
816 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
817 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
818 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
819 return False;
820 }
821 }
822 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
823 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
824 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
825 return False;
826 }
827 }
828 return True;
829 }
830
831 /****************************************************************************
832 Special FCB or DOS processing in the case of a sharing violation.
833 Try and find a duplicated file handle.
834 ****************************************************************************/
835
836 static files_struct *fcb_or_dos_open(connection_struct *conn,
837 const char *fname, SMB_DEV_T dev,
838 SMB_INO_T inode,
839 uint32 access_mask,
840 uint32 share_access,
841 uint32 create_options)
842 {
843 files_struct *fsp;
844 files_struct *dup_fsp;
845
846 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
847 "file %s.\n", fname ));
848
849 for(fsp = file_find_di_first(dev, inode); fsp;
850 fsp = file_find_di_next(fsp)) {
851
852 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
853 "vuid = %u, file_pid = %u, private_options = 0x%x "
854 "access_mask = 0x%x\n", fsp->fsp_name,
855 fsp->fh->fd, (unsigned int)fsp->vuid,
856 (unsigned int)fsp->file_pid,
857 (unsigned int)fsp->fh->private_options,
858 (unsigned int)fsp->access_mask ));
859
860 if (fsp->fh->fd != -1 &&
861 fsp->vuid == current_user.vuid &&
862 fsp->file_pid == global_smbpid &&
863 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
864 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
865 (fsp->access_mask & FILE_WRITE_DATA) &&
866 strequal(fsp->fsp_name, fname)) {
867 DEBUG(10,("fcb_or_dos_open: file match\n"));
868 break;
869 }
870 }
871
872 if (!fsp) {
873 return NULL;
874 }
875
876 /* quite an insane set of semantics ... */
877 if (is_executable(fname) &&
878 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
879 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
880 return NULL;
881 }
882
883 /* We need to duplicate this fsp. */
884 dup_fsp = dup_file_fsp(fsp, access_mask, share_access, create_options);
885 if (!dup_fsp) {
886 return NULL;
887 }
888
889 return dup_fsp;
890 }
891
892 /****************************************************************************
893 Open a file with a share mode - old openX method - map into NTCreate.
894 ****************************************************************************/
895
896 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
897 uint32 *paccess_mask,
898 uint32 *pshare_mode,
899 uint32 *pcreate_disposition,
900 uint32 *pcreate_options)
901 {
902 uint32 access_mask;
903 uint32 share_mode;
904 uint32 create_disposition;
905 uint32 create_options = 0;
906
907 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
908 "open_func = 0x%x\n",
909 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
910
911 /* Create the NT compatible access_mask. */
912 switch (GET_OPENX_MODE(deny_mode)) {
913 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
914 case DOS_OPEN_RDONLY:
915 access_mask = FILE_GENERIC_READ;
916 break;
917 case DOS_OPEN_WRONLY:
918 access_mask = FILE_GENERIC_WRITE;
919 break;
920 case DOS_OPEN_RDWR:
921 case DOS_OPEN_FCB:
922 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
923 break;
924 default:
925 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
926 (unsigned int)GET_OPENX_MODE(deny_mode)));
927 return False;
928 }
929
930 /* Create the NT compatible create_disposition. */
931 switch (open_func) {
932 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
933 create_disposition = FILE_CREATE;
934 break;
935
936 case OPENX_FILE_EXISTS_OPEN:
937 create_disposition = FILE_OPEN;
938 break;
939
940 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
941 create_disposition = FILE_OPEN_IF;
942 break;
943
944 case OPENX_FILE_EXISTS_TRUNCATE:
945 create_disposition = FILE_OVERWRITE;
946 break;
947
948 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
949 create_disposition = FILE_OVERWRITE_IF;
950 break;
951
952 default:
953 /* From samba4 - to be confirmed. */
954 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
955 create_disposition = FILE_CREATE;
956 break;
957 }
958 DEBUG(10,("map_open_params_to_ntcreate: bad "
959 "open_func 0x%x\n", (unsigned int)open_func));
960 return False;
961 }
962
963 /* Create the NT compatible share modes. */
964 switch (GET_DENY_MODE(deny_mode)) {
965 case DENY_ALL:
966 share_mode = FILE_SHARE_NONE;
967 break;
968
969 case DENY_WRITE:
970 share_mode = FILE_SHARE_READ;
971 break;
972
973 case DENY_READ:
974 share_mode = FILE_SHARE_WRITE;
975 break;
976
977 case DENY_NONE:
978 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
979 break;
980
981 case DENY_DOS:
982 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
983 if (is_executable(fname)) {
984 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
985 } else {
986 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
987 share_mode = FILE_SHARE_READ;
988 } else {
989 share_mode = FILE_SHARE_NONE;
990 }
991 }
992 break;
993
994 case DENY_FCB:
995 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
996 share_mode = FILE_SHARE_NONE;
997 break;
998
999 default:
1000 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1001 (unsigned int)GET_DENY_MODE(deny_mode) ));
1002 return False;
1003 }
1004
1005 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1006 "share_mode = 0x%x, create_disposition = 0x%x, "
1007 "create_options = 0x%x\n",
1008 fname,
1009 (unsigned int)access_mask,
1010 (unsigned int)share_mode,
1011 (unsigned int)create_disposition,
1012 (unsigned int)create_options ));
1013
1014 if (paccess_mask) {
1015 *paccess_mask = access_mask;
1016 }
1017 if (pshare_mode) {
1018 *pshare_mode = share_mode;
1019 }
1020 if (pcreate_disposition) {
1021 *pcreate_disposition = create_disposition;
1022 }
1023 if (pcreate_options) {
1024 *pcreate_options = create_options;
1025 }
1026
1027 return True;
1028
1029 }
1030
1031 /* Map generic permissions to file object specific permissions */
1032
1033 struct generic_mapping file_generic_mapping = {
1034 FILE_GENERIC_READ,
1035 FILE_GENERIC_WRITE,
1036 FILE_GENERIC_EXECUTE,
1037 FILE_GENERIC_ALL
1038 };
1039
1040 /****************************************************************************
1041 Open a file with a share mode.
1042 ****************************************************************************/
1043
1044 files_struct *open_file_ntcreate(connection_struct *conn,
1045 const char *fname,
1046 SMB_STRUCT_STAT *psbuf,
1047 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1048 uint32 share_access, /* share constants (FILE_SHARE_READ etc). */
1049 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1050 uint32 create_options, /* options such as delete on close. */
1051 uint32 new_dos_attributes, /* attributes used for new file. */
1052 int oplock_request, /* internal Samba oplock codes. */
1053 /* Information (FILE_EXISTS etc.) */
1054 int *pinfo)
1055 {
1056 int flags=0;
1057 int flags2=0;
1058 BOOL file_existed = VALID_STAT(*psbuf);
1059 BOOL def_acl = False;
1060 BOOL internal_only_open = False;
1061 SMB_DEV_T dev = 0;
1062 SMB_INO_T inode = 0;
1063 BOOL fsp_open = False;
1064 files_struct *fsp = NULL;
1065 mode_t new_unx_mode = (mode_t)0;
1066 mode_t unx_mode = (mode_t)0;
1067 int info;
1068 uint32 existing_dos_attributes = 0;
1069 struct pending_message_list *pml = NULL;
1070 uint16 mid = get_current_mid();
1071 BOOL delayed_for_oplocks = False;
1072 struct timeval request_time = timeval_zero();
1073 struct share_mode_lock *lck = NULL;
1074 NTSTATUS status;
1075
1076 if (conn->printer) {
1077 /*
1078 * Printers are handled completely differently.
1079 * Most of the passed parameters are ignored.
1080 */
1081
1082 if (pinfo) {
1083 *pinfo = FILE_WAS_CREATED;
1084 }
1085
1086 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1087
1088 return print_fsp_open(conn, fname);
1089 }
1090
1091 /* We add aARCH to this as this mode is only used if the file is
1092 * created new. */
1093 unx_mode = unix_mode(conn, new_dos_attributes | aARCH,fname, True);
1094
1095 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1096 "access_mask=0x%x share_access=0x%x "
1097 "create_disposition = 0x%x create_options=0x%x "
1098 "unix mode=0%o oplock_request=%d\n",
1099 fname, new_dos_attributes, access_mask, share_access,
1100 create_disposition, create_options, unx_mode,
1101 oplock_request));
1102
1103 if (oplock_request == INTERNAL_OPEN_ONLY) {
1104 internal_only_open = True;
1105 oplock_request = 0;
1106 }
1107
1108 if ((pml = get_open_deferred_message(mid)) != NULL) {
1109 struct deferred_open_record *state =
1110 (struct deferred_open_record *)pml->private_data.data;
1111
1112 request_time = pml->request_time;
1113 delayed_for_oplocks = state->delayed_for_oplocks;
1114
1115 /* There could be a race condition where the dev/inode pair
1116 has changed since we deferred the message. If so, just
1117 remove the deferred open entry and return sharing
1118 violation. */
1119
1120 /* If the timeout value is non-zero, we need to just return
1121 sharing violation. Don't retry the open as we were not
1122 notified of a close and we don't want to trigger another
1123 spurious oplock break. */
1124
1125 /* Now remove the deferred open entry under lock. */
1126 lck = get_share_mode_lock(NULL, state->dev, state->inode,
1127 fname);
1128 if (lck == NULL) {
1129 DEBUG(0, ("could not get share mode lock\n"));
1130 } else {
1131 del_deferred_open_entry(lck, mid);
1132 talloc_destroy(lck);
1133 }
1134
1135 /* Ensure we don't reprocess this message. */
1136 remove_deferred_open_smb_message(mid);
1137 }
1138
1139 if (!check_name(fname,conn)) {
1140 return NULL;
1141 }
1142
1143 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1144 if (file_existed) {
1145 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1146 }
1147
1148 /* ignore any oplock requests if oplocks are disabled */
1149 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1150 IS_VETO_OPLOCK_PATH(conn, fname)) {
1151 oplock_request = 0;
1152 }
1153
1154 /* this is for OS/2 long file names - say we don't support them */
1155 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1156 /* OS/2 Workplace shell fix may be main code stream in a later
1157 * release. */
1158 set_saved_error_triple(ERRDOS, ERRcannotopen,
1159 NT_STATUS_OBJECT_NAME_NOT_FOUND);
1160 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1161 "supported.\n"));
1162 return NULL;
1163 }
1164
1165 switch( create_disposition ) {
1166 /*
1167 * Currently we're using FILE_SUPERSEDE as the same as
1168 * FILE_OVERWRITE_IF but they really are
1169 * different. FILE_SUPERSEDE deletes an existing file
1170 * (requiring delete access) then recreates it.
1171 */
1172 case FILE_SUPERSEDE:
1173 /* If file exists replace/overwrite. If file doesn't
1174 * exist create. */
1175 flags2 |= (O_CREAT | O_TRUNC);
1176 break;
1177
1178 case FILE_OVERWRITE_IF:
1179 /* If file exists replace/overwrite. If file doesn't
1180 * exist create. */
1181 flags2 |= (O_CREAT | O_TRUNC);
1182 break;
1183
1184 case FILE_OPEN:
1185 /* If file exists open. If file doesn't exist error. */
1186 if (!file_existed) {
1187 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1188 "requested for file %s and file "
1189 "doesn't exist.\n", fname ));
1190 set_saved_ntstatus(NT_STATUS_OBJECT_NAME_NOT_FOUND);
1191 errno = ENOENT;
1192 return NULL;
1193 }
1194 break;
1195
1196 case FILE_OVERWRITE:
1197 /* If file exists overwrite. If file doesn't exist
1198 * error. */
1199 if (!file_existed) {
1200 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1201 "requested for file %s and file "
1202 "doesn't exist.\n", fname ));
1203 set_saved_ntstatus(NT_STATUS_OBJECT_NAME_NOT_FOUND);
1204 errno = ENOENT;
1205 return NULL;
1206 }
1207 flags2 |= O_TRUNC;
1208 break;
1209
1210 case FILE_CREATE:
1211 /* If file exists error. If file doesn't exist
1212 * create. */
1213 if (file_existed) {
1214 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1215 "requested for file %s and file "
1216 "already exists.\n", fname ));
1217 if (S_ISDIR(psbuf->st_mode)) {
1218 errno = EISDIR;
1219 } else {
1220 errno = EEXIST;
1221 }
1222 return NULL;
1223 }
1224 flags2 |= (O_CREAT|O_EXCL);
1225 break;
1226
1227 case FILE_OPEN_IF:
1228 /* If file exists open. If file doesn't exist
1229 * create. */
1230 flags2 |= O_CREAT;
1231 break;
1232
1233 default:
1234 set_saved_ntstatus(NT_STATUS_INVALID_PARAMETER);
1235 return NULL;
1236 }
1237
1238 /* We only care about matching attributes on file exists and
1239 * overwrite. */
1240
1241 if (file_existed && ((create_disposition == FILE_OVERWRITE) ||
1242 (create_disposition == FILE_OVERWRITE_IF))) {
1243 if (!open_match_attributes(conn, fname,
1244 existing_dos_attributes,
1245 new_dos_attributes, psbuf->st_mode,
1246 unx_mode, &new_unx_mode)) {
1247 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1248 "for file %s (%x %x) (0%o, 0%o)\n",
1249 fname, existing_dos_attributes,
1250 new_dos_attributes,
1251 (unsigned int)psbuf->st_mode,
1252 (unsigned int)unx_mode ));
1253 errno = EACCES;
1254 return NULL;
1255 }
1256 }
1257
1258 /* This is a nasty hack - must fix... JRA. */
1259 if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1260 access_mask = FILE_GENERIC_ALL;
1261 }
1262
1263 /*
1264 * Convert GENERIC bits to specific bits.
1265 */
1266
1267 se_map_generic(&access_mask, &file_generic_mapping);
1268
1269 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1270 "access_mask=0x%x\n", fname, access_mask ));
1271
1272 /*
1273 * Note that we ignore the append flag as append does not
1274 * mean the same thing under DOS and Unix.
1275 */
1276
1277 if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1278 flags = O_RDWR;
1279 } else {
1280 flags = O_RDONLY;
1281 }
1282
1283 /*
1284 * Currently we only look at FILE_WRITE_THROUGH for create options.
1285 */
1286
1287 #if defined(O_SYNC)
1288 if (create_options & FILE_WRITE_THROUGH) {
1289 flags2 |= O_SYNC;
1290 }
1291 #endif /* O_SYNC */
1292
1293 if (!CAN_WRITE(conn)) {
1294 /*
1295 * We should really return a permission denied error if either
1296 * O_CREAT or O_TRUNC are set, but for compatibility with
1297 * older versions of Samba we just AND them out.
1298 */
1299 flags2 &= ~(O_CREAT|O_TRUNC);
1300 }
1301
1302 /*
1303 * Ensure we can't write on a read-only share or file.
1304 */
1305
1306 if (flags != O_RDONLY && file_existed &&
1307 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1308 DEBUG(5,("open_file_ntcreate: write access requested for "
1309 "file %s on read only %s\n",
1310 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1311 set_saved_ntstatus(NT_STATUS_ACCESS_DENIED);
1312 errno = EACCES;
1313 return NULL;
1314 }
1315
1316 fsp = file_new(conn);
1317 if(!fsp) {
1318 return NULL;
1319 }
1320
1321 fsp->dev = psbuf->st_dev;
1322 fsp->inode = psbuf->st_ino;
1323 fsp->share_access = share_access;
1324 fsp->fh->private_options = create_options;
1325 fsp->access_mask = access_mask;
1326 fsp->oplock_type = oplock_request;
1327
1328 if (timeval_is_zero(&request_time)) {
1329 request_time = fsp->open_time;
1330 }
1331
1332 if (file_existed) {
1333
1334 dev = psbuf->st_dev;
1335 inode = psbuf->st_ino;
1336
1337 lck = get_share_mode_lock(NULL, dev, inode, fname);
1338
1339 if (lck == NULL) {
1340 DEBUG(0, ("Could not get share mode lock\n"));
1341 set_saved_ntstatus(NT_STATUS_SHARING_VIOLATION);
1342 return NULL;
1343 }
1344
1345 if (delay_for_oplocks(lck, fsp)) {
1346 struct deferred_open_record state;
1347 struct timeval timeout;
1348
1349 if (delayed_for_oplocks) {
1350 DEBUG(0, ("Trying to delay for oplocks "
1351 "twice\n"));
1352 exit_server("exiting");
1353 }
1354
1355 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1356
1357 /* Normally the smbd we asked should respond within
1358 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1359 * the client did, give twice the timeout as a safety
1360 * measure here in case the other smbd is stuck
1361 * somewhere else. */
1362
1363 state.delayed_for_oplocks = True;
1364 state.dev = dev;
1365 state.inode = inode;
1366
1367 if (!request_timed_out(request_time, timeout)) {
1368 defer_open(lck, request_time, timeout,
1369 &state);
1370 }
1371
1372 talloc_free(lck);
1373 return NULL;
1374 }
1375
1376 status = open_mode_check(conn, fname, lck,
1377 access_mask, share_access,
1378 create_options, &file_existed);
1379
1380 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1381 /* DELETE_PENDING is not deferred for a second */
1382 set_saved_ntstatus(status);
1383 talloc_free(lck);
1384 file_free(fsp);
1385 return NULL;
1386 }
1387
1388 if (!NT_STATUS_IS_OK(status)) {
1389
1390 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1391
1392 /* Check if this can be done with the deny_dos and fcb
1393 * calls. */
1394 if (create_options &
1395 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1396 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1397 files_struct *fsp_dup;
1398 fsp_dup = fcb_or_dos_open(conn, fname, dev,
1399 inode, access_mask,
1400 share_access,
1401 create_options);
1402
1403 if (fsp_dup) {
1404 talloc_free(lck);
1405 file_free(fsp);
1406 if (pinfo) {
1407 *pinfo = FILE_WAS_OPENED;
1408 }
1409 conn->num_files_open++;
1410 return fsp_dup;
1411 }
1412 }
1413
1414 /*
1415 * This next line is a subtlety we need for
1416 * MS-Access. If a file open will fail due to share
1417 * permissions and also for security (access) reasons,
1418 * we need to return the access failed error, not the
1419 * share error. This means we must attempt to open the
1420 * file anyway in order to get the UNIX access error -
1421 * even if we're going to fail the open for share
1422 * reasons. This is bad, as we're burning another fd
1423 * if there are existing locks but there's nothing
1424 * else we can do. We also ensure we're not going to
1425 * create or tuncate the file as we only want an
1426 * access decision at this stage. JRA.
1427 */
1428 errno = 0;
1429 fsp_open = open_file(fsp,conn,fname,psbuf,
1430 flags|(flags2&~(O_TRUNC|O_CREAT)),
1431 unx_mode,access_mask);
1432
1433 DEBUG(4,("open_file_ntcreate : share_mode deny - "
1434 "calling open_file with flags=0x%X "
1435 "flags2=0x%X mode=0%o returned %d\n",
1436 flags, (flags2&~(O_TRUNC|O_CREAT)),
1437 (unsigned int)unx_mode, (int)fsp_open ));
1438
1439 if (!fsp_open && errno) {
1440 /* Default error. */
1441 set_saved_ntstatus(NT_STATUS_ACCESS_DENIED);
1442 }
1443
1444 /*
1445 * If we're returning a share violation, ensure we
1446 * cope with the braindead 1 second delay.
1447 */
1448
1449 if (!internal_only_open &&
1450 lp_defer_sharing_violations()) {
1451 struct timeval timeout;
1452 struct deferred_open_record state;
1453
1454 timeout = timeval_set(0, SHARING_VIOLATION_USEC_WAIT);
1455
1456 state.delayed_for_oplocks = False;
1457 state.dev = dev;
1458 state.inode = inode;
1459
1460 if (!request_timed_out(request_time,
1461 timeout)) {
1462 defer_open(lck, request_time, timeout,
1463 &state);
1464 }
1465 }
1466
1467 talloc_free(lck);
1468 if (fsp_open) {
1469 fd_close(conn, fsp);
1470 /*
1471 * We have detected a sharing violation here
1472 * so return the correct error code
1473 */
1474 set_saved_ntstatus(NT_STATUS_SHARING_VIOLATION);
1475 }
1476 file_free(fsp);
1477 return NULL;
1478 }
1479
1480 /*
1481 * We exit this block with the share entry *locked*.....
1482 */
1483 }
1484
1485 SMB_ASSERT(!file_existed || (lck != NULL));
1486
1487 /*
1488 * Ensure we pay attention to default ACLs on directories if required.
1489 */
1490
1491 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1492 (def_acl = directory_has_default_acl(conn,
1493 parent_dirname(fname)))) {
1494 unx_mode = 0777;
1495 }
1496
1497 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o\n",
1498 (unsigned int)flags, (unsigned int)flags2,
1499 (unsigned int)unx_mode));
1500
1501 /*
1502 * open_file strips any O_TRUNC flags itself.
1503 */
1504
1505 fsp_open = open_file(fsp,conn,fname,psbuf,flags|flags2,unx_mode,
1506 access_mask);
1507
1508 if (!fsp_open) {
1509 if (lck != NULL) {
1510 talloc_free(lck);
1511 }
1512 file_free(fsp);
1513 return NULL;
1514 }
1515
1516 if (!file_existed) {
1517
1518 /*
1519 * Deal with the race condition where two smbd's detect the
1520 * file doesn't exist and do the create at the same time. One
1521 * of them will win and set a share mode, the other (ie. this
1522 * one) should check if the requested share mode for this
1523 * create is allowed.
1524 */
1525
1526 /*
1527 * Now the file exists and fsp is successfully opened,
1528 * fsp->dev and fsp->inode are valid and should replace the
1529 * dev=0,inode=0 from a non existent file. Spotted by
1530 * Nadav Danieli <nadavd@exanet.com>. JRA.
1531 */
1532
1533 dev = fsp->dev;
1534 inode = fsp->inode;
1535
1536 lck = get_share_mode_lock(NULL, dev, inode, fname);
1537
1538 if (lck == NULL) {
1539 DEBUG(0, ("Coult not get share mode lock\n"));
1540 fd_close(conn, fsp);
1541 file_free(fsp);
1542 set_saved_ntstatus(NT_STATUS_SHARING_VIOLATION);
1543 return NULL;
1544 }
1545
1546 status = open_mode_check(conn, fname, lck,
1547 access_mask, share_access,
1548 create_options, &file_existed);
1549
1550 if (!NT_STATUS_IS_OK(status)) {
1551 struct deferred_open_record state;
1552
1553 fd_close(conn, fsp);
1554 file_free(fsp);
1555
1556 state.delayed_for_oplocks = False;
1557 state.dev = dev;
1558 state.inode = inode;
1559
1560 /* Do it all over again immediately. In the second
1561 * round we will find that the file existed and handle
1562 * the DELETE_PENDING and FCB cases correctly. No need
1563 * to duplicate the code here. Essentially this is a
1564 * "goto top of this function", but don't tell
1565 * anybody... */
1566
1567 defer_open(lck, request_time, timeval_zero(),
1568 &state);
1569 talloc_free(lck);
1570 return NULL;
1571 }
1572
1573 /*
1574 * We exit this block with the share entry *locked*.....
1575 */
1576 }
1577
1578 SMB_ASSERT(lck != NULL);
1579
1580 /* note that we ignore failure for the following. It is
1581 basically a hack for NFS, and NFS will never set one of
1582 these only read them. Nobody but Samba can ever set a deny
1583 mode and we have already checked our more authoritative
1584 locking database for permission to set this deny mode. If
1585 the kernel refuses the operations then the kernel is wrong */
1586
1587 kernel_flock(fsp, share_access);
1588
1589 /*
1590 * At this point onwards, we can guarentee that the share entry
1591 * is locked, whether we created the file or not, and that the
1592 * deny mode is compatible with all current opens.
1593 */
1594
1595 /*
1596 * If requested, truncate the file.
1597 */
1598
1599 if (flags2&O_TRUNC) {
1600 /*
1601 * We are modifing the file after open - update the stat
1602 * struct..
1603 */
1604 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1605 (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1606 talloc_free(lck);
1607 fd_close(conn,fsp);
1608 file_free(fsp);
1609 return NULL;
1610 }
1611 }
1612
1613 /* Record the options we were opened with. */
1614 fsp->share_access = share_access;
1615 fsp->fh->private_options = create_options;
1616 fsp->access_mask = access_mask;
1617
1618 if (file_existed) {
1619 if (!(flags2 & O_TRUNC)) {
1620 info = FILE_WAS_OPENED;
1621 } else {
1622 info = FILE_WAS_OVERWRITTEN;
1623 }
1624 } else {
1625 info = FILE_WAS_CREATED;
1626 /* Change the owner if required. */
1627 if (lp_inherit_owner(SNUM(conn))) {
1628 change_owner_to_parent(conn, fsp, fsp->fsp_name,
1629 psbuf);
1630 }
1631 }
1632
1633 if (pinfo) {
1634 *pinfo = info;
1635 }
1636
1637 /*
1638 * Setup the oplock info in both the shared memory and
1639 * file structs.
1640 */
1641
1642 if ((fsp->oplock_type != NO_OPLOCK) &&
1643 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1644 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1645 /* Could not get the kernel oplock */
1646 fsp->oplock_type = NO_OPLOCK;
1647 }
1648 }
1649 set_share_mode(lck, fsp, 0, fsp->oplock_type);
1650
1651 if (create_options & FILE_DELETE_ON_CLOSE) {
1652 uint32 dosattr= existing_dos_attributes;
1653 NTSTATUS result;
1654
1655 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED ||
1656 info == FILE_WAS_SUPERSEDED) {
1657 dosattr = new_dos_attributes;
1658 }
1659
1660 result = can_set_delete_on_close(fsp, True, dosattr);
1661
1662 if (!NT_STATUS_IS_OK(result)) {
1663 /* Remember to delete the mode we just added. */
1664 del_share_mode(lck, fsp);
1665 talloc_free(lck);
1666 fd_close(conn,fsp);
1667 file_free(fsp);
1668 set_saved_ntstatus(result);
1669 return NULL;
1670 }
1671 lck->delete_on_close = True;
1672 lck->modified = True;
1673 }
1674
1675 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED ||
1676 info == FILE_WAS_SUPERSEDED) {
1677 /* Files should be initially set as archive */
1678 if (lp_map_archive(SNUM(conn)) ||
1679 lp_store_dos_attributes(SNUM(conn))) {
1680 file_set_dosmode(conn, fname,
1681 new_dos_attributes | aARCH, NULL,
1682 True);
1683 }
1684 }
1685
1686 /*
1687 * Take care of inherited ACLs on created files - if default ACL not
1688 * selected.
1689 */
1690
1691 if (!file_existed && !def_acl) {
1692
1693 int saved_errno = errno; /* We might get ENOSYS in the next
1694 * call.. */
1695
1696 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1
1697 && errno == ENOSYS) {
1698 errno = saved_errno; /* Ignore ENOSYS */
1699 }
1700
1701 } else if (new_unx_mode) {
1702
1703 int ret = -1;
1704
1705 /* Attributes need changing. File already existed. */
1706
1707 {
1708 int saved_errno = errno; /* We might get ENOSYS in the
1709 * next call.. */
1710 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1711 new_unx_mode);
1712
1713 if (ret == -1 && errno == ENOSYS) {
1714 errno = saved_errno; /* Ignore ENOSYS */
1715 } else {
1716 DEBUG(5, ("open_file_shared: reset "
1717 "attributes of file %s to 0%o\n",
1718 fname, (unsigned int)new_unx_mode));
1719 ret = 0; /* Don't do the fchmod below. */
1720 }
1721 }
1722
1723 if ((ret == -1) &&
1724 (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1725 DEBUG(5, ("open_file_shared: failed to reset "
1726 "attributes of file %s to 0%o\n",
1727 fname, (unsigned int)new_unx_mode));
1728 }
1729
1730 /* If this is a successful open, we must remove any deferred open
1731 * records. */
1732 del_deferred_open_entry(lck, mid);
1733 talloc_free(lck);
1734
1735 conn->num_files_open++;
1736
1737 return fsp;
1738 }
1739
1740 /****************************************************************************
1741 Open a file for for write to ensure that we can fchmod it.
1742 ****************************************************************************/
1743
1744 files_struct *open_file_fchmod(connection_struct *conn, const char *fname,
1745 SMB_STRUCT_STAT *psbuf)
1746 {
1747 files_struct *fsp = NULL;
1748 BOOL fsp_open;
1749
1750 if (!VALID_STAT(*psbuf)) {
1751 return NULL;
1752 }
1753
1754 fsp = file_new(conn);
1755 if(!fsp) {
1756 return NULL;
1757 }
1758
1759 /* note! we must use a non-zero desired access or we don't get
1760 a real file descriptor. Oh what a twisted web we weave. */
1761 fsp_open = open_file(fsp,conn,fname,psbuf,O_WRONLY,0,FILE_WRITE_DATA);
1762
1763 /*
1764 * This is not a user visible file open.
1765 * Don't set a share mode and don't increment
1766 * the conn->num_files_open.
1767 */
1768
1769 if (!fsp_open) {
1770 file_free(fsp);
1771 return NULL;
1772 }
1773
1774 return fsp;
1775 }
1776
1777 /****************************************************************************
1778 Close the fchmod file fd - ensure no locks are lost.
1779 ****************************************************************************/
1780
1781 int close_file_fchmod(files_struct *fsp)
1782 {
1783 int ret = fd_close(fsp->conn, fsp);
1784 file_free(fsp);
1785 return ret;
1786 }
1787
1788 /****************************************************************************
1789 Open a directory from an NT SMB call.
1790 ****************************************************************************/
1791
1792 files_struct *open_directory(connection_struct *conn,
1793 const char *fname,
1794 SMB_STRUCT_STAT *psbuf,
1795 uint32 access_mask,
1796 uint32 share_access,
1797 uint32 create_disposition,
1798 uint32 create_options,
1799 int *pinfo)
1800 {
1801 files_struct *fsp = NULL;
1802 BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
1803 BOOL create_dir = False;
1804 int info = 0;
1805
1806 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
1807 "share_access = 0x%x create_options = 0x%x, "
1808 "create_disposition = 0x%x\n",
1809 fname,
1810 (unsigned int)access_mask,
1811 (unsigned int)share_access,
1812 (unsigned int)create_options,
1813 (unsigned int)create_disposition));
1814
1815 if (is_ntfs_stream_name(fname)) {
1816 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
1817 set_saved_ntstatus(NT_STATUS_NOT_A_DIRECTORY);
1818 return NULL;
1819 }
1820
1821 if (dir_existed && !S_ISDIR(psbuf->st_mode)) {
1822 DEBUG(0,("open_directory: %s is not a directory !\n", fname ));
1823 set_saved_ntstatus(NT_STATUS_NOT_A_DIRECTORY);
1824 return NULL;
1825 }
1826
1827 switch( create_disposition ) {
1828 case FILE_OPEN:
1829 /* If directory exists open. If directory doesn't
1830 * exist error. */
1831 if (!dir_existed) {
1832 DEBUG(5,("open_directory: FILE_OPEN requested "
1833 "for directory %s and it doesn't "
1834 "exist.\n", fname ));
1835 set_saved_ntstatus(NT_STATUS_OBJECT_NAME_NOT_FOUND);
1836 return NULL;
1837 }
1838 info = FILE_WAS_OPENED;
1839 break;
1840
1841 case FILE_CREATE:
1842 /* If directory exists error. If directory doesn't
1843 * exist create. */
1844 if (dir_existed) {
1845 DEBUG(5,("open_directory: FILE_CREATE "
1846 "requested for directory %s and it "
1847 "already exists.\n", fname ));
1848 set_saved_error_triple(ERRDOS, ERRfilexists,
1849 NT_STATUS_OBJECT_NAME_COLLISION);
1850 return NULL;
1851 }
1852 create_dir = True;
1853 info = FILE_WAS_CREATED;
1854 break;
1855
1856 case FILE_OPEN_IF:
1857 /* If directory exists open. If directory doesn't
1858 * exist create. */
1859 if (!dir_existed) {
1860 create_dir = True;
1861 info = FILE_WAS_CREATED;
1862 } else {
1863 info = FILE_WAS_OPENED;
1864 }
1865 break;
1866
1867 case FILE_SUPERSEDE:
1868 case FILE_OVERWRITE:
1869 case FILE_OVERWRITE_IF:
1870 default:
1871 DEBUG(5,("open_directory: invalid create_disposition "
1872 "0x%x for directory %s\n",
1873 (unsigned int)create_disposition, fname));
1874 file_free(fsp);
1875 set_saved_ntstatus(NT_STATUS_INVALID_PARAMETER);
1876 return NULL;
1877 }
1878
1879 if (create_dir) {
1880 /*
1881 * Try and create the directory.
1882 */
1883
1884 /* We know bad_path is false as it's caught earlier. */
1885
1886 NTSTATUS status = mkdir_internal(conn, fname, False);
1887
1888 if (!NT_STATUS_IS_OK(status)) {
1889 DEBUG(2,("open_directory: unable to create %s. "
1890 "Error was %s\n", fname, strerror(errno) ));
1891 /* Ensure we return the correct NT status to the
1892 * client. */
1893 set_saved_error_triple(0, 0, status);
1894 return NULL;
1895 }
1896
1897 /* Ensure we're checking for a symlink here.... */
1898 /* We don't want to get caught by a symlink racer. */
1899
1900 if(SMB_VFS_LSTAT(conn,fname, psbuf) != 0) {
1901 return NULL;
1902 }
1903
1904 if(!S_ISDIR(psbuf->st_mode)) {
1905 DEBUG(0,("open_directory: %s is not a directory !\n",
1906 fname ));
1907 return NULL;
1908 }
1909 }
1910
1911 fsp = file_new(conn);
1912 if(!fsp) {
1913 return NULL;
1914 }
1915
1916 /*
1917 * Setup the files_struct for it.
1918 */
1919
1920 fsp->mode = psbuf->st_mode;
1921 fsp->inode = psbuf->st_ino;
1922 fsp->dev = psbuf->st_dev;
1923 fsp->vuid = current_user.vuid;
1924 fsp->file_pid = global_smbpid;
1925 fsp->can_lock = True;
1926 fsp->can_read = False;
1927 fsp->can_write = False;
1928
1929 fsp->share_access = share_access;
1930 fsp->fh->private_options = create_options;
1931 fsp->access_mask = access_mask;
1932
1933 fsp->print_file = False;
1934 fsp->modified = False;
1935 fsp->oplock_type = NO_OPLOCK;
1936 fsp->sent_oplock_break = NO_BREAK_SENT;
1937 fsp->is_directory = True;
1938 fsp->is_stat = False;
1939 string_set(&fsp->fsp_name,fname);
1940
1941 if (create_options & FILE_DELETE_ON_CLOSE) {
1942 NTSTATUS status = can_set_delete_on_close(fsp, True, 0);
1943 if (!NT_STATUS_IS_OK(status)) {
1944 file_free(fsp);
1945 return NULL;
1946 }
1947 }
1948
1949 /* Change the owner if required. */
1950 if ((info == FILE_WAS_CREATED) && lp_inherit_owner(SNUM(conn))) {
1951 change_owner_to_parent(conn, fsp, fsp->fsp_name, psbuf);
1952 }
1953
1954 if (pinfo) {
1955 *pinfo = info;
1956 }
1957
1958 conn->num_files_open++;
1959
1960 return fsp;
1961 }
1962
1963 /****************************************************************************
1964 Open a pseudo-file (no locking checks - a 'stat' open).
1965 ****************************************************************************/
1966
1967 files_struct *open_file_stat(connection_struct *conn, char *fname,
1968 SMB_STRUCT_STAT *psbuf)
1969 {
1970 files_struct *fsp = NULL;
1971
1972 if (!VALID_STAT(*psbuf))
1973 return NULL;
1974
1975 /* Can't 'stat' open directories. */
1976 if(S_ISDIR(psbuf->st_mode))
1977 return NULL;
1978
1979 fsp = file_new(conn);
1980 if(!fsp)
1981 return NULL;
1982
1983 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
1984
1985 /*
1986 * Setup the files_struct for it.
1987 */
1988
1989 fsp->mode = psbuf->st_mode;
1990 fsp->inode = psbuf->st_ino;
1991 fsp->dev = psbuf->st_dev;
1992 fsp->vuid = current_user.vuid;
1993 fsp->file_pid = global_smbpid;
1994 fsp->can_lock = False;
1995 fsp->can_read = False;
1996 fsp->can_write = False;
1997 fsp->print_file = False;
1998 fsp->modified = False;
1999 fsp->oplock_type = NO_OPLOCK;
2000 fsp->sent_oplock_break = NO_BREAK_SENT;
2001 fsp->is_directory = False;
2002 fsp->is_stat = True;
2003 string_set(&fsp->fsp_name,fname);
2004
2005 conn->num_files_open++;
2006
2007 return fsp;
2008 }
Samba GIT mirror