search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
More parameter shuffling
[Samba.git] / source / smbd / open.c
blob11dff4dfe5e388f0d1a7b2bf82711e49b408650d
1 /*
2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23
24 extern const struct generic_mapping file_generic_mapping;
25 extern struct current_user current_user;
26 extern userdom_struct current_user_info;
27 extern bool global_client_failed_oplock_break;
28
29 struct deferred_open_record {
30 bool delayed_for_oplocks;
31 struct file_id id;
32 };
33
34 /****************************************************************************
35 fd support routines - attempt to do a dos_open.
36 ****************************************************************************/
37
38 static NTSTATUS fd_open(struct connection_struct *conn,
39 const char *fname,
40 files_struct *fsp,
41 int flags,
42 mode_t mode)
43 {
44 NTSTATUS status = NT_STATUS_OK;
45
46 #ifdef O_NOFOLLOW
47 /*
48 * Never follow symlinks on a POSIX client. The
49 * client should be doing this.
50 */
51
52 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
53 flags |= O_NOFOLLOW;
54 }
55 #endif
56
57 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
58 if (fsp->fh->fd == -1) {
59 status = map_nt_error_from_unix(errno);
60 }
61
62 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
63 fname, flags, (int)mode, fsp->fh->fd,
64 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
65
66 return status;
67 }
68
69 /****************************************************************************
70 Close the file associated with a fsp.
71 ****************************************************************************/
72
73 NTSTATUS fd_close(struct connection_struct *conn, files_struct *fsp)
74 {
75 if (fsp->fh->fd == -1) {
76 return NT_STATUS_OK; /* What we used to call a stat open. */
77 }
78 if (fsp->fh->ref_count > 1) {
79 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
80 }
81 return fd_close_posix(conn, fsp);
82 }
83
84 /****************************************************************************
85 Change the ownership of a file to that of the parent directory.
86 Do this by fd if possible.
87 ****************************************************************************/
88
89 static void change_file_owner_to_parent(connection_struct *conn,
90 const char *inherit_from_dir,
91 files_struct *fsp)
92 {
93 SMB_STRUCT_STAT parent_st;
94 int ret;
95
96 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
97 if (ret == -1) {
98 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
99 "directory %s. Error was %s\n",
100 inherit_from_dir, strerror(errno) ));
101 return;
102 }
103
104 become_root();
105 ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
106 unbecome_root();
107 if (ret == -1) {
108 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
109 "file %s to parent directory uid %u. Error "
110 "was %s\n", fsp->fsp_name,
111 (unsigned int)parent_st.st_uid,
112 strerror(errno) ));
113 }
114
115 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
116 "parent directory uid %u.\n", fsp->fsp_name,
117 (unsigned int)parent_st.st_uid ));
118 }
119
120 static NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
121 const char *inherit_from_dir,
122 const char *fname,
123 SMB_STRUCT_STAT *psbuf)
124 {
125 char *saved_dir = NULL;
126 SMB_STRUCT_STAT sbuf;
127 SMB_STRUCT_STAT parent_st;
128 TALLOC_CTX *ctx = talloc_stackframe();
129 NTSTATUS status = NT_STATUS_OK;
130 int ret;
131
132 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
133 if (ret == -1) {
134 status = map_nt_error_from_unix(errno);
135 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
136 "directory %s. Error was %s\n",
137 inherit_from_dir, strerror(errno) ));
138 TALLOC_FREE(ctx);
139 return status;
140 }
141
142 /* We've already done an lstat into psbuf, and we know it's a
143 directory. If we can cd into the directory and the dev/ino
144 are the same then we can safely chown without races as
145 we're locking the directory in place by being in it. This
146 should work on any UNIX (thanks tridge :-). JRA.
147 */
148
149 saved_dir = vfs_GetWd(ctx,conn);
150 if (!saved_dir) {
151 status = map_nt_error_from_unix(errno);
152 DEBUG(0,("change_dir_owner_to_parent: failed to get "
153 "current working directory. Error was %s\n",
154 strerror(errno)));
155 TALLOC_FREE(ctx);
156 return status;
157 }
158
159 /* Chdir into the new path. */
160 if (vfs_ChDir(conn, fname) == -1) {
161 status = map_nt_error_from_unix(errno);
162 DEBUG(0,("change_dir_owner_to_parent: failed to change "
163 "current working directory to %s. Error "
164 "was %s\n", fname, strerror(errno) ));
165 goto out;
166 }
167
168 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
169 status = map_nt_error_from_unix(errno);
170 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
171 "directory '.' (%s) Error was %s\n",
172 fname, strerror(errno)));
173 goto out;
174 }
175
176 /* Ensure we're pointing at the same place. */
177 if (sbuf.st_dev != psbuf->st_dev ||
178 sbuf.st_ino != psbuf->st_ino ||
179 sbuf.st_mode != psbuf->st_mode ) {
180 DEBUG(0,("change_dir_owner_to_parent: "
181 "device/inode/mode on directory %s changed. "
182 "Refusing to chown !\n", fname ));
183 status = NT_STATUS_ACCESS_DENIED;
184 goto out;
185 }
186
187 become_root();
188 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
189 unbecome_root();
190 if (ret == -1) {
191 status = map_nt_error_from_unix(errno);
192 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
193 "directory %s to parent directory uid %u. "
194 "Error was %s\n", fname,
195 (unsigned int)parent_st.st_uid, strerror(errno) ));
196 goto out;
197 }
198
199 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
200 "directory %s to parent directory uid %u.\n",
201 fname, (unsigned int)parent_st.st_uid ));
202
203 out:
204
205 TALLOC_FREE(ctx);
206 vfs_ChDir(conn,saved_dir);
207 return status;
208 }
209
210 /****************************************************************************
211 Open a file.
212 ****************************************************************************/
213
214 static NTSTATUS open_file(files_struct *fsp,
215 connection_struct *conn,
216 struct smb_request *req,
217 const char *parent_dir,
218 const char *name,
219 const char *path,
220 SMB_STRUCT_STAT *psbuf,
221 int flags,
222 mode_t unx_mode,
223 uint32 access_mask, /* client requested access mask. */
224 uint32 open_access_mask) /* what we're actually using in the open. */
225 {
226 NTSTATUS status = NT_STATUS_OK;
227 int accmode = (flags & O_ACCMODE);
228 int local_flags = flags;
229 bool file_existed = VALID_STAT(*psbuf);
230
231 fsp->fh->fd = -1;
232 errno = EPERM;
233
234 /* Check permissions */
235
236 /*
237 * This code was changed after seeing a client open request
238 * containing the open mode of (DENY_WRITE/read-only) with
239 * the 'create if not exist' bit set. The previous code
240 * would fail to open the file read only on a read-only share
241 * as it was checking the flags parameter directly against O_RDONLY,
242 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
243 * JRA.
244 */
245
246 if (!CAN_WRITE(conn)) {
247 /* It's a read-only share - fail if we wanted to write. */
248 if(accmode != O_RDONLY) {
249 DEBUG(3,("Permission denied opening %s\n", path));
250 return NT_STATUS_ACCESS_DENIED;
251 } else if(flags & O_CREAT) {
252 /* We don't want to write - but we must make sure that
253 O_CREAT doesn't create the file if we have write
254 access into the directory.
255 */
256 flags &= ~O_CREAT;
257 local_flags &= ~O_CREAT;
258 }
259 }
260
261 /*
262 * This little piece of insanity is inspired by the
263 * fact that an NT client can open a file for O_RDONLY,
264 * but set the create disposition to FILE_EXISTS_TRUNCATE.
265 * If the client *can* write to the file, then it expects to
266 * truncate the file, even though it is opening for readonly.
267 * Quicken uses this stupid trick in backup file creation...
268 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
269 * for helping track this one down. It didn't bite us in 2.0.x
270 * as we always opened files read-write in that release. JRA.
271 */
272
273 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
274 DEBUG(10,("open_file: truncate requested on read-only open "
275 "for file %s\n", path));
276 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
277 }
278
279 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
280 (!file_existed && (local_flags & O_CREAT)) ||
281 ((local_flags & O_TRUNC) == O_TRUNC) ) {
282
283 /*
284 * We can't actually truncate here as the file may be locked.
285 * open_file_ntcreate will take care of the truncate later. JRA.
286 */
287
288 local_flags &= ~O_TRUNC;
289
290 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
291 /*
292 * We would block on opening a FIFO with no one else on the
293 * other end. Do what we used to do and add O_NONBLOCK to the
294 * open flags. JRA.
295 */
296
297 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
298 local_flags |= O_NONBLOCK;
299 }
300 #endif
301
302 /* Don't create files with Microsoft wildcard characters. */
303 if ((local_flags & O_CREAT) && !file_existed &&
304 ms_has_wild(path)) {
305 return NT_STATUS_OBJECT_NAME_INVALID;
306 }
307
308 /* Actually do the open */
309 status = fd_open(conn, path, fsp, local_flags, unx_mode);
310 if (!NT_STATUS_IS_OK(status)) {
311 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
312 "(flags=%d)\n",
313 path,nt_errstr(status),local_flags,flags));
314 return status;
315 }
316
317 if ((local_flags & O_CREAT) && !file_existed) {
318
319 /* Inherit the ACL if required */
320 if (lp_inherit_perms(SNUM(conn))) {
321 inherit_access_acl(conn, parent_dir, path,
322 unx_mode);
323 }
324
325 /* Change the owner if required. */
326 if (lp_inherit_owner(SNUM(conn))) {
327 change_file_owner_to_parent(conn, parent_dir,
328 fsp);
329 }
330
331 notify_fname(conn, NOTIFY_ACTION_ADDED,
332 FILE_NOTIFY_CHANGE_FILE_NAME, path);
333 }
334
335 } else {
336 fsp->fh->fd = -1; /* What we used to call a stat open. */
337 }
338
339 if (!file_existed) {
340 int ret;
341
342 if (fsp->fh->fd == -1) {
343 ret = SMB_VFS_STAT(conn, path, psbuf);
344 } else {
345 ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
346 /* If we have an fd, this stat should succeed. */
347 if (ret == -1) {
348 DEBUG(0,("Error doing fstat on open file %s "
349 "(%s)\n", path,strerror(errno) ));
350 }
351 }
352
353 /* For a non-io open, this stat failing means file not found. JRA */
354 if (ret == -1) {
355 status = map_nt_error_from_unix(errno);
356 fd_close(conn, fsp);
357 return status;
358 }
359 }
360
361 /*
362 * POSIX allows read-only opens of directories. We don't
363 * want to do this (we use a different code path for this)
364 * so catch a directory open and return an EISDIR. JRA.
365 */
366
367 if(S_ISDIR(psbuf->st_mode)) {
368 fd_close(conn, fsp);
369 errno = EISDIR;
370 return NT_STATUS_FILE_IS_A_DIRECTORY;
371 }
372
373 fsp->mode = psbuf->st_mode;
374 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
375 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
376 fsp->file_pid = req ? req->smbpid : 0;
377 fsp->can_lock = True;
378 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
379 if (!CAN_WRITE(conn)) {
380 fsp->can_write = False;
381 } else {
382 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
383 True : False;
384 }
385 fsp->print_file = False;
386 fsp->modified = False;
387 fsp->sent_oplock_break = NO_BREAK_SENT;
388 fsp->is_directory = False;
389 fsp->is_stat = False;
390 if (conn->aio_write_behind_list &&
391 is_in_path(path, conn->aio_write_behind_list, conn->case_sensitive)) {
392 fsp->aio_write_behind = True;
393 }
394
395 string_set(&fsp->fsp_name, path);
396 fsp->wcp = NULL; /* Write cache pointer. */
397
398 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
399 *current_user_info.smb_name ?
400 current_user_info.smb_name : conn->user,fsp->fsp_name,
401 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
402 conn->num_files_open + 1));
403
404 errno = 0;
405 return NT_STATUS_OK;
406 }
407
408 /*******************************************************************
409 Return True if the filename is one of the special executable types.
410 ********************************************************************/
411
412 static bool is_executable(const char *fname)
413 {
414 if ((fname = strrchr_m(fname,'.'))) {
415 if (strequal(fname,".com") ||
416 strequal(fname,".dll") ||
417 strequal(fname,".exe") ||
418 strequal(fname,".sym")) {
419 return True;
420 }
421 }
422 return False;
423 }
424
425 /****************************************************************************
426 Check if we can open a file with a share mode.
427 Returns True if conflict, False if not.
428 ****************************************************************************/
429
430 static bool share_conflict(struct share_mode_entry *entry,
431 uint32 access_mask,
432 uint32 share_access)
433 {
434 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
435 "entry->share_access = 0x%x, "
436 "entry->private_options = 0x%x\n",
437 (unsigned int)entry->access_mask,
438 (unsigned int)entry->share_access,
439 (unsigned int)entry->private_options));
440
441 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
442 (unsigned int)access_mask, (unsigned int)share_access));
443
444 if ((entry->access_mask & (FILE_WRITE_DATA|
445 FILE_APPEND_DATA|
446 FILE_READ_DATA|
447 FILE_EXECUTE|
448 DELETE_ACCESS)) == 0) {
449 DEBUG(10,("share_conflict: No conflict due to "
450 "entry->access_mask = 0x%x\n",
451 (unsigned int)entry->access_mask ));
452 return False;
453 }
454
455 if ((access_mask & (FILE_WRITE_DATA|
456 FILE_APPEND_DATA|
457 FILE_READ_DATA|
458 FILE_EXECUTE|
459 DELETE_ACCESS)) == 0) {
460 DEBUG(10,("share_conflict: No conflict due to "
461 "access_mask = 0x%x\n",
462 (unsigned int)access_mask ));
463 return False;
464 }
465
466 #if 1 /* JRA TEST - Superdebug. */
467 #define CHECK_MASK(num, am, right, sa, share) \
468 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
469 (unsigned int)(num), (unsigned int)(am), \
470 (unsigned int)(right), (unsigned int)(am)&(right) )); \
471 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
472 (unsigned int)(num), (unsigned int)(sa), \
473 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
474 if (((am) & (right)) && !((sa) & (share))) { \
475 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
476 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
477 (unsigned int)(share) )); \
478 return True; \
479 }
480 #else
481 #define CHECK_MASK(num, am, right, sa, share) \
482 if (((am) & (right)) && !((sa) & (share))) { \
483 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
484 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
485 (unsigned int)(share) )); \
486 return True; \
487 }
488 #endif
489
490 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
491 share_access, FILE_SHARE_WRITE);
492 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
493 entry->share_access, FILE_SHARE_WRITE);
494
495 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
496 share_access, FILE_SHARE_READ);
497 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
498 entry->share_access, FILE_SHARE_READ);
499
500 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
501 share_access, FILE_SHARE_DELETE);
502 CHECK_MASK(6, access_mask, DELETE_ACCESS,
503 entry->share_access, FILE_SHARE_DELETE);
504
505 DEBUG(10,("share_conflict: No conflict.\n"));
506 return False;
507 }
508
509 #if defined(DEVELOPER)
510 static void validate_my_share_entries(int num,
511 struct share_mode_entry *share_entry)
512 {
513 files_struct *fsp;
514
515 if (!procid_is_me(&share_entry->pid)) {
516 return;
517 }
518
519 if (is_deferred_open_entry(share_entry) &&
520 !open_was_deferred(share_entry->op_mid)) {
521 char *str = talloc_asprintf(talloc_tos(),
522 "Got a deferred entry without a request: "
523 "PANIC: %s\n",
524 share_mode_str(talloc_tos(), num, share_entry));
525 smb_panic(str);
526 }
527
528 if (!is_valid_share_mode_entry(share_entry)) {
529 return;
530 }
531
532 fsp = file_find_dif(share_entry->id,
533 share_entry->share_file_id);
534 if (!fsp) {
535 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
536 share_mode_str(talloc_tos(), num, share_entry) ));
537 smb_panic("validate_my_share_entries: Cannot match a "
538 "share entry with an open file\n");
539 }
540
541 if (is_deferred_open_entry(share_entry) ||
542 is_unused_share_mode_entry(share_entry)) {
543 goto panic;
544 }
545
546 if ((share_entry->op_type == NO_OPLOCK) &&
547 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
548 /* Someone has already written to it, but I haven't yet
549 * noticed */
550 return;
551 }
552
553 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
554 goto panic;
555 }
556
557 return;
558
559 panic:
560 {
561 char *str;
562 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
563 share_mode_str(talloc_tos(), num, share_entry) ));
564 str = talloc_asprintf(talloc_tos(),
565 "validate_my_share_entries: "
566 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
567 fsp->fsp_name, (unsigned int)fsp->oplock_type,
568 (unsigned int)share_entry->op_type );
569 smb_panic(str);
570 }
571 }
572 #endif
573
574 static bool is_stat_open(uint32 access_mask)
575 {
576 return (access_mask &&
577 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
578 FILE_WRITE_ATTRIBUTES))==0) &&
579 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
580 FILE_WRITE_ATTRIBUTES)) != 0));
581 }
582
583 /****************************************************************************
584 Deal with share modes
585 Invarient: Share mode must be locked on entry and exit.
586 Returns -1 on error, or number of share modes on success (may be zero).
587 ****************************************************************************/
588
589 static NTSTATUS open_mode_check(connection_struct *conn,
590 const char *fname,
591 struct share_mode_lock *lck,
592 uint32 access_mask,
593 uint32 share_access,
594 uint32 create_options,
595 bool *file_existed)
596 {
597 int i;
598
599 if(lck->num_share_modes == 0) {
600 return NT_STATUS_OK;
601 }
602
603 *file_existed = True;
604
605 if (is_stat_open(access_mask)) {
606 /* Stat open that doesn't trigger oplock breaks or share mode
607 * checks... ! JRA. */
608 return NT_STATUS_OK;
609 }
610
611 /* A delete on close prohibits everything */
612
613 if (lck->delete_on_close) {
614 return NT_STATUS_DELETE_PENDING;
615 }
616
617 /*
618 * Check if the share modes will give us access.
619 */
620
621 #if defined(DEVELOPER)
622 for(i = 0; i < lck->num_share_modes; i++) {
623 validate_my_share_entries(i, &lck->share_modes[i]);
624 }
625 #endif
626
627 if (!lp_share_modes(SNUM(conn))) {
628 return NT_STATUS_OK;
629 }
630
631 /* Now we check the share modes, after any oplock breaks. */
632 for(i = 0; i < lck->num_share_modes; i++) {
633
634 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
635 continue;
636 }
637
638 /* someone else has a share lock on it, check to see if we can
639 * too */
640 if (share_conflict(&lck->share_modes[i],
641 access_mask, share_access)) {
642 return NT_STATUS_SHARING_VIOLATION;
643 }
644 }
645
646 return NT_STATUS_OK;
647 }
648
649 static bool is_delete_request(files_struct *fsp) {
650 return ((fsp->access_mask == DELETE_ACCESS) &&
651 (fsp->oplock_type == NO_OPLOCK));
652 }
653
654 /*
655 * 1) No files open at all or internal open: Grant whatever the client wants.
656 *
657 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
658 * request, break if the oplock around is a batch oplock. If it's another
659 * requested access type, break.
660 *
661 * 3) Only level2 around: Grant level2 and do nothing else.
662 */
663
664 static bool delay_for_oplocks(struct share_mode_lock *lck,
665 files_struct *fsp,
666 uint16 mid,
667 int pass_number,
668 int oplock_request)
669 {
670 int i;
671 struct share_mode_entry *exclusive = NULL;
672 bool valid_entry = False;
673 bool delay_it = False;
674 bool have_level2 = False;
675 NTSTATUS status;
676 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
677
678 if (oplock_request & INTERNAL_OPEN_ONLY) {
679 fsp->oplock_type = NO_OPLOCK;
680 }
681
682 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
683 return False;
684 }
685
686 for (i=0; i<lck->num_share_modes; i++) {
687
688 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
689 continue;
690 }
691
692 /* At least one entry is not an invalid or deferred entry. */
693 valid_entry = True;
694
695 if (pass_number == 1) {
696 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
697 SMB_ASSERT(exclusive == NULL);
698 exclusive = &lck->share_modes[i];
699 }
700 } else {
701 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
702 SMB_ASSERT(exclusive == NULL);
703 exclusive = &lck->share_modes[i];
704 }
705 }
706
707 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
708 SMB_ASSERT(exclusive == NULL);
709 have_level2 = True;
710 }
711 }
712
713 if (!valid_entry) {
714 /* All entries are placeholders or deferred.
715 * Directly grant whatever the client wants. */
716 if (fsp->oplock_type == NO_OPLOCK) {
717 /* Store a level2 oplock, but don't tell the client */
718 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
719 }
720 return False;
721 }
722
723 if (exclusive != NULL) { /* Found an exclusive oplock */
724 SMB_ASSERT(!have_level2);
725 delay_it = is_delete_request(fsp) ?
726 BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
727 }
728
729 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
730 /* We can at most grant level2 as there are other
731 * level2 or NO_OPLOCK entries. */
732 fsp->oplock_type = LEVEL_II_OPLOCK;
733 }
734
735 if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
736 /* Store a level2 oplock, but don't tell the client */
737 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
738 }
739
740 if (!delay_it) {
741 return False;
742 }
743
744 /*
745 * Send a break message to the oplock holder and delay the open for
746 * our client.
747 */
748
749 DEBUG(10, ("Sending break request to PID %s\n",
750 procid_str_static(&exclusive->pid)));
751 exclusive->op_mid = mid;
752
753 /* Create the message. */
754 share_mode_entry_to_message(msg, exclusive);
755
756 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
757 don't want this set in the share mode struct pointed to by lck. */
758
759 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
760 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
761 }
762
763 status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
764 MSG_SMB_BREAK_REQUEST,
765 (uint8 *)msg,
766 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
767 if (!NT_STATUS_IS_OK(status)) {
768 DEBUG(3, ("Could not send oplock break message: %s\n",
769 nt_errstr(status)));
770 }
771
772 return True;
773 }
774
775 static bool request_timed_out(struct timeval request_time,
776 struct timeval timeout)
777 {
778 struct timeval now, end_time;
779 GetTimeOfDay(&now);
780 end_time = timeval_sum(&request_time, &timeout);
781 return (timeval_compare(&end_time, &now) < 0);
782 }
783
784 /****************************************************************************
785 Handle the 1 second delay in returning a SHARING_VIOLATION error.
786 ****************************************************************************/
787
788 static void defer_open(struct share_mode_lock *lck,
789 struct timeval request_time,
790 struct timeval timeout,
791 struct smb_request *req,
792 struct deferred_open_record *state)
793 {
794 int i;
795
796 /* Paranoia check */
797
798 for (i=0; i<lck->num_share_modes; i++) {
799 struct share_mode_entry *e = &lck->share_modes[i];
800
801 if (!is_deferred_open_entry(e)) {
802 continue;
803 }
804
805 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
806 DEBUG(0, ("Trying to defer an already deferred "
807 "request: mid=%d, exiting\n", req->mid));
808 exit_server("attempt to defer a deferred request");
809 }
810 }
811
812 /* End paranoia check */
813
814 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
815 "open entry for mid %u\n",
816 (unsigned int)request_time.tv_sec,
817 (unsigned int)request_time.tv_usec,
818 (unsigned int)req->mid));
819
820 if (!push_deferred_smb_message(req, request_time, timeout,
821 (char *)state, sizeof(*state))) {
822 exit_server("push_deferred_smb_message failed");
823 }
824 add_deferred_open(lck, req->mid, request_time, state->id);
825
826 /*
827 * Push the MID of this packet on the signing queue.
828 * We only do this once, the first time we push the packet
829 * onto the deferred open queue, as this has a side effect
830 * of incrementing the response sequence number.
831 */
832
833 srv_defer_sign_response(req->mid);
834 }
835
836
837 /****************************************************************************
838 On overwrite open ensure that the attributes match.
839 ****************************************************************************/
840
841 static bool open_match_attributes(connection_struct *conn,
842 const char *path,
843 uint32 old_dos_attr,
844 uint32 new_dos_attr,
845 mode_t existing_unx_mode,
846 mode_t new_unx_mode,
847 mode_t *returned_unx_mode)
848 {
849 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
850
851 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
852 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
853
854 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
855 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
856 *returned_unx_mode = new_unx_mode;
857 } else {
858 *returned_unx_mode = (mode_t)0;
859 }
860
861 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
862 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
863 "returned_unx_mode = 0%o\n",
864 path,
865 (unsigned int)old_dos_attr,
866 (unsigned int)existing_unx_mode,
867 (unsigned int)new_dos_attr,
868 (unsigned int)*returned_unx_mode ));
869
870 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
871 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
872 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
873 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
874 return False;
875 }
876 }
877 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
878 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
879 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
880 return False;
881 }
882 }
883 return True;
884 }
885
886 /****************************************************************************
887 Special FCB or DOS processing in the case of a sharing violation.
888 Try and find a duplicated file handle.
889 ****************************************************************************/
890
891 static files_struct *fcb_or_dos_open(connection_struct *conn,
892 const char *fname,
893 struct file_id id,
894 uint16 file_pid,
895 uint16 vuid,
896 uint32 access_mask,
897 uint32 share_access,
898 uint32 create_options)
899 {
900 files_struct *fsp;
901 files_struct *dup_fsp;
902
903 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
904 "file %s.\n", fname ));
905
906 for(fsp = file_find_di_first(id); fsp;
907 fsp = file_find_di_next(fsp)) {
908
909 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
910 "vuid = %u, file_pid = %u, private_options = 0x%x "
911 "access_mask = 0x%x\n", fsp->fsp_name,
912 fsp->fh->fd, (unsigned int)fsp->vuid,
913 (unsigned int)fsp->file_pid,
914 (unsigned int)fsp->fh->private_options,
915 (unsigned int)fsp->access_mask ));
916
917 if (fsp->fh->fd != -1 &&
918 fsp->vuid == vuid &&
919 fsp->file_pid == file_pid &&
920 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
921 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
922 (fsp->access_mask & FILE_WRITE_DATA) &&
923 strequal(fsp->fsp_name, fname)) {
924 DEBUG(10,("fcb_or_dos_open: file match\n"));
925 break;
926 }
927 }
928
929 if (!fsp) {
930 return NULL;
931 }
932
933 /* quite an insane set of semantics ... */
934 if (is_executable(fname) &&
935 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
936 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
937 return NULL;
938 }
939
940 /* We need to duplicate this fsp. */
941 if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
942 create_options, &dup_fsp))) {
943 return NULL;
944 }
945
946 return dup_fsp;
947 }
948
949 /****************************************************************************
950 Open a file with a share mode - old openX method - map into NTCreate.
951 ****************************************************************************/
952
953 bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
954 uint32 *paccess_mask,
955 uint32 *pshare_mode,
956 uint32 *pcreate_disposition,
957 uint32 *pcreate_options)
958 {
959 uint32 access_mask;
960 uint32 share_mode;
961 uint32 create_disposition;
962 uint32 create_options = 0;
963
964 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
965 "open_func = 0x%x\n",
966 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
967
968 /* Create the NT compatible access_mask. */
969 switch (GET_OPENX_MODE(deny_mode)) {
970 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
971 case DOS_OPEN_RDONLY:
972 access_mask = FILE_GENERIC_READ;
973 break;
974 case DOS_OPEN_WRONLY:
975 access_mask = FILE_GENERIC_WRITE;
976 break;
977 case DOS_OPEN_RDWR:
978 case DOS_OPEN_FCB:
979 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
980 break;
981 default:
982 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
983 (unsigned int)GET_OPENX_MODE(deny_mode)));
984 return False;
985 }
986
987 /* Create the NT compatible create_disposition. */
988 switch (open_func) {
989 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
990 create_disposition = FILE_CREATE;
991 break;
992
993 case OPENX_FILE_EXISTS_OPEN:
994 create_disposition = FILE_OPEN;
995 break;
996
997 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
998 create_disposition = FILE_OPEN_IF;
999 break;
1000
1001 case OPENX_FILE_EXISTS_TRUNCATE:
1002 create_disposition = FILE_OVERWRITE;
1003 break;
1004
1005 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1006 create_disposition = FILE_OVERWRITE_IF;
1007 break;
1008
1009 default:
1010 /* From samba4 - to be confirmed. */
1011 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1012 create_disposition = FILE_CREATE;
1013 break;
1014 }
1015 DEBUG(10,("map_open_params_to_ntcreate: bad "
1016 "open_func 0x%x\n", (unsigned int)open_func));
1017 return False;
1018 }
1019
1020 /* Create the NT compatible share modes. */
1021 switch (GET_DENY_MODE(deny_mode)) {
1022 case DENY_ALL:
1023 share_mode = FILE_SHARE_NONE;
1024 break;
1025
1026 case DENY_WRITE:
1027 share_mode = FILE_SHARE_READ;
1028 break;
1029
1030 case DENY_READ:
1031 share_mode = FILE_SHARE_WRITE;
1032 break;
1033
1034 case DENY_NONE:
1035 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1036 break;
1037
1038 case DENY_DOS:
1039 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1040 if (is_executable(fname)) {
1041 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1042 } else {
1043 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1044 share_mode = FILE_SHARE_READ;
1045 } else {
1046 share_mode = FILE_SHARE_NONE;
1047 }
1048 }
1049 break;
1050
1051 case DENY_FCB:
1052 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1053 share_mode = FILE_SHARE_NONE;
1054 break;
1055
1056 default:
1057 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1058 (unsigned int)GET_DENY_MODE(deny_mode) ));
1059 return False;
1060 }
1061
1062 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1063 "share_mode = 0x%x, create_disposition = 0x%x, "
1064 "create_options = 0x%x\n",
1065 fname,
1066 (unsigned int)access_mask,
1067 (unsigned int)share_mode,
1068 (unsigned int)create_disposition,
1069 (unsigned int)create_options ));
1070
1071 if (paccess_mask) {
1072 *paccess_mask = access_mask;
1073 }
1074 if (pshare_mode) {
1075 *pshare_mode = share_mode;
1076 }
1077 if (pcreate_disposition) {
1078 *pcreate_disposition = create_disposition;
1079 }
1080 if (pcreate_options) {
1081 *pcreate_options = create_options;
1082 }
1083
1084 return True;
1085
1086 }
1087
1088 static void schedule_defer_open(struct share_mode_lock *lck,
1089 struct timeval request_time,
1090 struct smb_request *req)
1091 {
1092 struct deferred_open_record state;
1093
1094 /* This is a relative time, added to the absolute
1095 request_time value to get the absolute timeout time.
1096 Note that if this is the second or greater time we enter
1097 this codepath for this particular request mid then
1098 request_time is left as the absolute time of the *first*
1099 time this request mid was processed. This is what allows
1100 the request to eventually time out. */
1101
1102 struct timeval timeout;
1103
1104 /* Normally the smbd we asked should respond within
1105 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1106 * the client did, give twice the timeout as a safety
1107 * measure here in case the other smbd is stuck
1108 * somewhere else. */
1109
1110 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1111
1112 /* Nothing actually uses state.delayed_for_oplocks
1113 but it's handy to differentiate in debug messages
1114 between a 30 second delay due to oplock break, and
1115 a 1 second delay for share mode conflicts. */
1116
1117 state.delayed_for_oplocks = True;
1118 state.id = lck->id;
1119
1120 if (!request_timed_out(request_time, timeout)) {
1121 defer_open(lck, request_time, timeout, req, &state);
1122 }
1123 }
1124
1125 /****************************************************************************
1126 Open a file with a share mode.
1127 ****************************************************************************/
1128
1129 NTSTATUS open_file_ntcreate(connection_struct *conn,
1130 struct smb_request *req,
1131 const char *fname,
1132 SMB_STRUCT_STAT *psbuf,
1133 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1134 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1135 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1136 uint32 create_options, /* options such as delete on close. */
1137 uint32 new_dos_attributes, /* attributes used for new file. */
1138 int oplock_request, /* internal Samba oplock codes. */
1139 /* Information (FILE_EXISTS etc.) */
1140 int *pinfo,
1141 files_struct **result)
1142 {
1143 int flags=0;
1144 int flags2=0;
1145 bool file_existed = VALID_STAT(*psbuf);
1146 bool def_acl = False;
1147 bool posix_open = False;
1148 bool new_file_created = False;
1149 struct file_id id;
1150 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1151 files_struct *fsp = NULL;
1152 mode_t new_unx_mode = (mode_t)0;
1153 mode_t unx_mode = (mode_t)0;
1154 int info;
1155 uint32 existing_dos_attributes = 0;
1156 struct pending_message_list *pml = NULL;
1157 struct timeval request_time = timeval_zero();
1158 struct share_mode_lock *lck = NULL;
1159 uint32 open_access_mask = access_mask;
1160 NTSTATUS status;
1161 int ret_flock;
1162 char *parent_dir;
1163 const char *newname;
1164
1165 ZERO_STRUCT(id);
1166
1167 if (conn->printer) {
1168 /*
1169 * Printers are handled completely differently.
1170 * Most of the passed parameters are ignored.
1171 */
1172
1173 if (pinfo) {
1174 *pinfo = FILE_WAS_CREATED;
1175 }
1176
1177 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1178
1179 return print_fsp_open(conn, fname, result);
1180 }
1181
1182 if (!parent_dirname_talloc(talloc_tos(), fname, &parent_dir,
1183 &newname)) {
1184 return NT_STATUS_NO_MEMORY;
1185 }
1186
1187 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1188 posix_open = True;
1189 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1190 new_dos_attributes = 0;
1191 } else {
1192 /* We add aARCH to this as this mode is only used if the file is
1193 * created new. */
1194 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1195 parent_dir);
1196 }
1197
1198 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1199 "access_mask=0x%x share_access=0x%x "
1200 "create_disposition = 0x%x create_options=0x%x "
1201 "unix mode=0%o oplock_request=%d\n",
1202 fname, new_dos_attributes, access_mask, share_access,
1203 create_disposition, create_options, unx_mode,
1204 oplock_request));
1205
1206 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1207 DEBUG(0, ("No smb request but not an internal only open!\n"));
1208 return NT_STATUS_INTERNAL_ERROR;
1209 }
1210
1211 /*
1212 * Only non-internal opens can be deferred at all
1213 */
1214
1215 if ((req != NULL)
1216 && ((pml = get_open_deferred_message(req->mid)) != NULL)) {
1217 struct deferred_open_record *state =
1218 (struct deferred_open_record *)pml->private_data.data;
1219
1220 /* Remember the absolute time of the original
1221 request with this mid. We'll use it later to
1222 see if this has timed out. */
1223
1224 request_time = pml->request_time;
1225
1226 /* Remove the deferred open entry under lock. */
1227 lck = get_share_mode_lock(NULL, state->id, NULL, NULL);
1228 if (lck == NULL) {
1229 DEBUG(0, ("could not get share mode lock\n"));
1230 } else {
1231 del_deferred_open_entry(lck, req->mid);
1232 TALLOC_FREE(lck);
1233 }
1234
1235 /* Ensure we don't reprocess this message. */
1236 remove_deferred_open_smb_message(req->mid);
1237 }
1238
1239 status = check_name(conn, fname);
1240 if (!NT_STATUS_IS_OK(status)) {
1241 return status;
1242 }
1243
1244 if (!posix_open) {
1245 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1246 if (file_existed) {
1247 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1248 }
1249 }
1250
1251 /* ignore any oplock requests if oplocks are disabled */
1252 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1253 IS_VETO_OPLOCK_PATH(conn, fname)) {
1254 /* Mask off everything except the private Samba bits. */
1255 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1256 }
1257
1258 /* this is for OS/2 long file names - say we don't support them */
1259 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1260 /* OS/2 Workplace shell fix may be main code stream in a later
1261 * release. */
1262 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1263 "supported.\n"));
1264 if (use_nt_status()) {
1265 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1266 }
1267 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1268 }
1269
1270 switch( create_disposition ) {
1271 /*
1272 * Currently we're using FILE_SUPERSEDE as the same as
1273 * FILE_OVERWRITE_IF but they really are
1274 * different. FILE_SUPERSEDE deletes an existing file
1275 * (requiring delete access) then recreates it.
1276 */
1277 case FILE_SUPERSEDE:
1278 /* If file exists replace/overwrite. If file doesn't
1279 * exist create. */
1280 flags2 |= (O_CREAT | O_TRUNC);
1281 break;
1282
1283 case FILE_OVERWRITE_IF:
1284 /* If file exists replace/overwrite. If file doesn't
1285 * exist create. */
1286 flags2 |= (O_CREAT | O_TRUNC);
1287 break;
1288
1289 case FILE_OPEN:
1290 /* If file exists open. If file doesn't exist error. */
1291 if (!file_existed) {
1292 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1293 "requested for file %s and file "
1294 "doesn't exist.\n", fname ));
1295 errno = ENOENT;
1296 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1297 }
1298 break;
1299
1300 case FILE_OVERWRITE:
1301 /* If file exists overwrite. If file doesn't exist
1302 * error. */
1303 if (!file_existed) {
1304 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1305 "requested for file %s and file "
1306 "doesn't exist.\n", fname ));
1307 errno = ENOENT;
1308 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1309 }
1310 flags2 |= O_TRUNC;
1311 break;
1312
1313 case FILE_CREATE:
1314 /* If file exists error. If file doesn't exist
1315 * create. */
1316 if (file_existed) {
1317 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1318 "requested for file %s and file "
1319 "already exists.\n", fname ));
1320 if (S_ISDIR(psbuf->st_mode)) {
1321 errno = EISDIR;
1322 } else {
1323 errno = EEXIST;
1324 }
1325 return map_nt_error_from_unix(errno);
1326 }
1327 flags2 |= (O_CREAT|O_EXCL);
1328 break;
1329
1330 case FILE_OPEN_IF:
1331 /* If file exists open. If file doesn't exist
1332 * create. */
1333 flags2 |= O_CREAT;
1334 break;
1335
1336 default:
1337 return NT_STATUS_INVALID_PARAMETER;
1338 }
1339
1340 /* We only care about matching attributes on file exists and
1341 * overwrite. */
1342
1343 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1344 (create_disposition == FILE_OVERWRITE_IF))) {
1345 if (!open_match_attributes(conn, fname,
1346 existing_dos_attributes,
1347 new_dos_attributes, psbuf->st_mode,
1348 unx_mode, &new_unx_mode)) {
1349 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1350 "for file %s (%x %x) (0%o, 0%o)\n",
1351 fname, existing_dos_attributes,
1352 new_dos_attributes,
1353 (unsigned int)psbuf->st_mode,
1354 (unsigned int)unx_mode ));
1355 errno = EACCES;
1356 return NT_STATUS_ACCESS_DENIED;
1357 }
1358 }
1359
1360 /* This is a nasty hack - must fix... JRA. */
1361 if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1362 open_access_mask = access_mask = FILE_GENERIC_ALL;
1363 }
1364
1365 /*
1366 * Convert GENERIC bits to specific bits.
1367 */
1368
1369 se_map_generic(&access_mask, &file_generic_mapping);
1370 open_access_mask = access_mask;
1371
1372 if (flags2 & O_TRUNC) {
1373 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1374 }
1375
1376 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1377 "access_mask=0x%x\n", fname, access_mask ));
1378
1379 /*
1380 * Note that we ignore the append flag as append does not
1381 * mean the same thing under DOS and Unix.
1382 */
1383
1384 if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1385 /* DENY_DOS opens are always underlying read-write on the
1386 file handle, no matter what the requested access mask
1387 says. */
1388 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1389 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1390 flags = O_RDWR;
1391 } else {
1392 flags = O_WRONLY;
1393 }
1394 } else {
1395 flags = O_RDONLY;
1396 }
1397
1398 /*
1399 * Currently we only look at FILE_WRITE_THROUGH for create options.
1400 */
1401
1402 #if defined(O_SYNC)
1403 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1404 flags2 |= O_SYNC;
1405 }
1406 #endif /* O_SYNC */
1407
1408 if (posix_open & (access_mask & FILE_APPEND_DATA)) {
1409 flags2 |= O_APPEND;
1410 }
1411
1412 if (!posix_open && !CAN_WRITE(conn)) {
1413 /*
1414 * We should really return a permission denied error if either
1415 * O_CREAT or O_TRUNC are set, but for compatibility with
1416 * older versions of Samba we just AND them out.
1417 */
1418 flags2 &= ~(O_CREAT|O_TRUNC);
1419 }
1420
1421 /*
1422 * Ensure we can't write on a read-only share or file.
1423 */
1424
1425 if (flags != O_RDONLY && file_existed &&
1426 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1427 DEBUG(5,("open_file_ntcreate: write access requested for "
1428 "file %s on read only %s\n",
1429 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1430 errno = EACCES;
1431 return NT_STATUS_ACCESS_DENIED;
1432 }
1433
1434 status = file_new(conn, &fsp);
1435 if(!NT_STATUS_IS_OK(status)) {
1436 return status;
1437 }
1438
1439 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
1440 fsp->share_access = share_access;
1441 fsp->fh->private_options = create_options;
1442 fsp->access_mask = open_access_mask; /* We change this to the
1443 * requested access_mask after
1444 * the open is done. */
1445 fsp->posix_open = posix_open;
1446
1447 /* Ensure no SAMBA_PRIVATE bits can be set. */
1448 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1449
1450 if (timeval_is_zero(&request_time)) {
1451 request_time = fsp->open_time;
1452 }
1453
1454 if (file_existed) {
1455 id = vfs_file_id_from_sbuf(conn, psbuf);
1456
1457 lck = get_share_mode_lock(NULL, id,
1458 conn->connectpath,
1459 fname);
1460
1461 if (lck == NULL) {
1462 file_free(fsp);
1463 DEBUG(0, ("Could not get share mode lock\n"));
1464 return NT_STATUS_SHARING_VIOLATION;
1465 }
1466
1467 /* First pass - send break only on batch oplocks. */
1468 if ((req != NULL)
1469 && delay_for_oplocks(lck, fsp, req->mid, 1,
1470 oplock_request)) {
1471 schedule_defer_open(lck, request_time, req);
1472 TALLOC_FREE(lck);
1473 file_free(fsp);
1474 return NT_STATUS_SHARING_VIOLATION;
1475 }
1476
1477 /* Use the client requested access mask here, not the one we
1478 * open with. */
1479 status = open_mode_check(conn, fname, lck,
1480 access_mask, share_access,
1481 create_options, &file_existed);
1482
1483 if (NT_STATUS_IS_OK(status)) {
1484 /* We might be going to allow this open. Check oplock
1485 * status again. */
1486 /* Second pass - send break for both batch or
1487 * exclusive oplocks. */
1488 if ((req != NULL)
1489 && delay_for_oplocks(lck, fsp, req->mid, 2,
1490 oplock_request)) {
1491 schedule_defer_open(lck, request_time, req);
1492 TALLOC_FREE(lck);
1493 file_free(fsp);
1494 return NT_STATUS_SHARING_VIOLATION;
1495 }
1496 }
1497
1498 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1499 /* DELETE_PENDING is not deferred for a second */
1500 TALLOC_FREE(lck);
1501 file_free(fsp);
1502 return status;
1503 }
1504
1505 if (!NT_STATUS_IS_OK(status)) {
1506 uint32 can_access_mask;
1507 bool can_access = True;
1508
1509 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1510
1511 /* Check if this can be done with the deny_dos and fcb
1512 * calls. */
1513 if (create_options &
1514 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1515 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1516 files_struct *fsp_dup;
1517
1518 if (req == NULL) {
1519 DEBUG(0, ("DOS open without an SMB "
1520 "request!\n"));
1521 TALLOC_FREE(lck);
1522 file_free(fsp);
1523 return NT_STATUS_INTERNAL_ERROR;
1524 }
1525
1526 /* Use the client requested access mask here,
1527 * not the one we open with. */
1528 fsp_dup = fcb_or_dos_open(conn, fname, id,
1529 req->smbpid,
1530 req->vuid,
1531 access_mask,
1532 share_access,
1533 create_options);
1534
1535 if (fsp_dup) {
1536 TALLOC_FREE(lck);
1537 file_free(fsp);
1538 if (pinfo) {
1539 *pinfo = FILE_WAS_OPENED;
1540 }
1541 conn->num_files_open++;
1542 *result = fsp_dup;
1543 return NT_STATUS_OK;
1544 }
1545 }
1546
1547 /*
1548 * This next line is a subtlety we need for
1549 * MS-Access. If a file open will fail due to share
1550 * permissions and also for security (access) reasons,
1551 * we need to return the access failed error, not the
1552 * share error. We can't open the file due to kernel
1553 * oplock deadlock (it's possible we failed above on
1554 * the open_mode_check()) so use a userspace check.
1555 */
1556
1557 if (flags & O_RDWR) {
1558 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1559 } else if (flags & O_WRONLY) {
1560 can_access_mask = FILE_WRITE_DATA;
1561 } else {
1562 can_access_mask = FILE_READ_DATA;
1563 }
1564
1565 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1566 !can_access_file(conn,fname,psbuf,can_access_mask)) {
1567 can_access = False;
1568 }
1569
1570 /*
1571 * If we're returning a share violation, ensure we
1572 * cope with the braindead 1 second delay.
1573 */
1574
1575 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1576 lp_defer_sharing_violations()) {
1577 struct timeval timeout;
1578 struct deferred_open_record state;
1579 int timeout_usecs;
1580
1581 /* this is a hack to speed up torture tests
1582 in 'make test' */
1583 timeout_usecs = lp_parm_int(SNUM(conn),
1584 "smbd","sharedelay",
1585 SHARING_VIOLATION_USEC_WAIT);
1586
1587 /* This is a relative time, added to the absolute
1588 request_time value to get the absolute timeout time.
1589 Note that if this is the second or greater time we enter
1590 this codepath for this particular request mid then
1591 request_time is left as the absolute time of the *first*
1592 time this request mid was processed. This is what allows
1593 the request to eventually time out. */
1594
1595 timeout = timeval_set(0, timeout_usecs);
1596
1597 /* Nothing actually uses state.delayed_for_oplocks
1598 but it's handy to differentiate in debug messages
1599 between a 30 second delay due to oplock break, and
1600 a 1 second delay for share mode conflicts. */
1601
1602 state.delayed_for_oplocks = False;
1603 state.id = id;
1604
1605 if ((req != NULL)
1606 && !request_timed_out(request_time,
1607 timeout)) {
1608 defer_open(lck, request_time, timeout,
1609 req, &state);
1610 }
1611 }
1612
1613 TALLOC_FREE(lck);
1614 if (can_access) {
1615 /*
1616 * We have detected a sharing violation here
1617 * so return the correct error code
1618 */
1619 status = NT_STATUS_SHARING_VIOLATION;
1620 } else {
1621 status = NT_STATUS_ACCESS_DENIED;
1622 }
1623 file_free(fsp);
1624 return status;
1625 }
1626
1627 /*
1628 * We exit this block with the share entry *locked*.....
1629 */
1630 }
1631
1632 SMB_ASSERT(!file_existed || (lck != NULL));
1633
1634 /*
1635 * Ensure we pay attention to default ACLs on directories if required.
1636 */
1637
1638 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1639 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1640 unx_mode = 0777;
1641 }
1642
1643 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1644 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1645 (unsigned int)flags, (unsigned int)flags2,
1646 (unsigned int)unx_mode, (unsigned int)access_mask,
1647 (unsigned int)open_access_mask));
1648
1649 /*
1650 * open_file strips any O_TRUNC flags itself.
1651 */
1652
1653 fsp_open = open_file(fsp, conn, req, parent_dir, newname, fname, psbuf,
1654 flags|flags2, unx_mode, access_mask,
1655 open_access_mask);
1656
1657 if (!NT_STATUS_IS_OK(fsp_open)) {
1658 if (lck != NULL) {
1659 TALLOC_FREE(lck);
1660 }
1661 file_free(fsp);
1662 return fsp_open;
1663 }
1664
1665 if (!file_existed) {
1666
1667 /*
1668 * Deal with the race condition where two smbd's detect the
1669 * file doesn't exist and do the create at the same time. One
1670 * of them will win and set a share mode, the other (ie. this
1671 * one) should check if the requested share mode for this
1672 * create is allowed.
1673 */
1674
1675 /*
1676 * Now the file exists and fsp is successfully opened,
1677 * fsp->dev and fsp->inode are valid and should replace the
1678 * dev=0,inode=0 from a non existent file. Spotted by
1679 * Nadav Danieli <nadavd@exanet.com>. JRA.
1680 */
1681
1682 id = fsp->file_id;
1683
1684 lck = get_share_mode_lock(NULL, id,
1685 conn->connectpath,
1686 fname);
1687
1688 if (lck == NULL) {
1689 DEBUG(0, ("open_file_ntcreate: Could not get share "
1690 "mode lock for %s\n", fname));
1691 fd_close(conn, fsp);
1692 file_free(fsp);
1693 return NT_STATUS_SHARING_VIOLATION;
1694 }
1695
1696 /* First pass - send break only on batch oplocks. */
1697 if ((req != NULL)
1698 && delay_for_oplocks(lck, fsp, req->mid, 1,
1699 oplock_request)) {
1700 schedule_defer_open(lck, request_time, req);
1701 TALLOC_FREE(lck);
1702 fd_close(conn, fsp);
1703 file_free(fsp);
1704 return NT_STATUS_SHARING_VIOLATION;
1705 }
1706
1707 status = open_mode_check(conn, fname, lck,
1708 access_mask, share_access,
1709 create_options, &file_existed);
1710
1711 if (NT_STATUS_IS_OK(status)) {
1712 /* We might be going to allow this open. Check oplock
1713 * status again. */
1714 /* Second pass - send break for both batch or
1715 * exclusive oplocks. */
1716 if ((req != NULL)
1717 && delay_for_oplocks(lck, fsp, req->mid, 2,
1718 oplock_request)) {
1719 schedule_defer_open(lck, request_time, req);
1720 TALLOC_FREE(lck);
1721 fd_close(conn, fsp);
1722 file_free(fsp);
1723 return NT_STATUS_SHARING_VIOLATION;
1724 }
1725 }
1726
1727 if (!NT_STATUS_IS_OK(status)) {
1728 struct deferred_open_record state;
1729
1730 fd_close(conn, fsp);
1731 file_free(fsp);
1732
1733 state.delayed_for_oplocks = False;
1734 state.id = id;
1735
1736 /* Do it all over again immediately. In the second
1737 * round we will find that the file existed and handle
1738 * the DELETE_PENDING and FCB cases correctly. No need
1739 * to duplicate the code here. Essentially this is a
1740 * "goto top of this function", but don't tell
1741 * anybody... */
1742
1743 if (req != NULL) {
1744 defer_open(lck, request_time, timeval_zero(),
1745 req, &state);
1746 }
1747 TALLOC_FREE(lck);
1748 return status;
1749 }
1750
1751 /*
1752 * We exit this block with the share entry *locked*.....
1753 */
1754
1755 }
1756
1757 SMB_ASSERT(lck != NULL);
1758
1759 /* note that we ignore failure for the following. It is
1760 basically a hack for NFS, and NFS will never set one of
1761 these only read them. Nobody but Samba can ever set a deny
1762 mode and we have already checked our more authoritative
1763 locking database for permission to set this deny mode. If
1764 the kernel refuses the operations then the kernel is wrong.
1765 note that GPFS supports it as well - jmcd */
1766
1767 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1768 if(ret_flock == -1 ){
1769
1770 TALLOC_FREE(lck);
1771 fd_close(conn, fsp);
1772 file_free(fsp);
1773
1774 return NT_STATUS_SHARING_VIOLATION;
1775 }
1776
1777 /*
1778 * At this point onwards, we can guarentee that the share entry
1779 * is locked, whether we created the file or not, and that the
1780 * deny mode is compatible with all current opens.
1781 */
1782
1783 /*
1784 * If requested, truncate the file.
1785 */
1786
1787 if (flags2&O_TRUNC) {
1788 /*
1789 * We are modifing the file after open - update the stat
1790 * struct..
1791 */
1792 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1793 (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1794 status = map_nt_error_from_unix(errno);
1795 TALLOC_FREE(lck);
1796 fd_close(conn,fsp);
1797 file_free(fsp);
1798 return status;
1799 }
1800 }
1801
1802 /* Record the options we were opened with. */
1803 fsp->share_access = share_access;
1804 fsp->fh->private_options = create_options;
1805 fsp->access_mask = access_mask;
1806
1807 if (file_existed) {
1808 /* stat opens on existing files don't get oplocks. */
1809 if (is_stat_open(open_access_mask)) {
1810 fsp->oplock_type = NO_OPLOCK;
1811 }
1812
1813 if (!(flags2 & O_TRUNC)) {
1814 info = FILE_WAS_OPENED;
1815 } else {
1816 info = FILE_WAS_OVERWRITTEN;
1817 }
1818 } else {
1819 info = FILE_WAS_CREATED;
1820 }
1821
1822 if (pinfo) {
1823 *pinfo = info;
1824 }
1825
1826 /*
1827 * Setup the oplock info in both the shared memory and
1828 * file structs.
1829 */
1830
1831 if ((fsp->oplock_type != NO_OPLOCK) &&
1832 (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1833 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1834 /* Could not get the kernel oplock */
1835 fsp->oplock_type = NO_OPLOCK;
1836 }
1837 }
1838
1839 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
1840 new_file_created = True;
1841 }
1842
1843 set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type, new_file_created);
1844
1845 /* Handle strange delete on close create semantics. */
1846 if ((create_options & FILE_DELETE_ON_CLOSE) && can_set_initial_delete_on_close(lck)) {
1847 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1848
1849 if (!NT_STATUS_IS_OK(status)) {
1850 /* Remember to delete the mode we just added. */
1851 del_share_mode(lck, fsp);
1852 TALLOC_FREE(lck);
1853 fd_close(conn,fsp);
1854 file_free(fsp);
1855 return status;
1856 }
1857 /* Note that here we set the *inital* delete on close flag,
1858 not the regular one. The magic gets handled in close. */
1859 fsp->initial_delete_on_close = True;
1860 }
1861
1862 if (new_file_created) {
1863 /* Files should be initially set as archive */
1864 if (lp_map_archive(SNUM(conn)) ||
1865 lp_store_dos_attributes(SNUM(conn))) {
1866 if (!posix_open) {
1867 file_set_dosmode(conn, fname,
1868 new_dos_attributes | aARCH, NULL,
1869 parent_dir,
1870 true);
1871 }
1872 }
1873 }
1874
1875 /*
1876 * Take care of inherited ACLs on created files - if default ACL not
1877 * selected.
1878 */
1879
1880 if (!posix_open && !file_existed && !def_acl) {
1881
1882 int saved_errno = errno; /* We might get ENOSYS in the next
1883 * call.. */
1884
1885 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1886 errno == ENOSYS) {
1887 errno = saved_errno; /* Ignore ENOSYS */
1888 }
1889
1890 } else if (new_unx_mode) {
1891
1892 int ret = -1;
1893
1894 /* Attributes need changing. File already existed. */
1895
1896 {
1897 int saved_errno = errno; /* We might get ENOSYS in the
1898 * next call.. */
1899 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1900 new_unx_mode);
1901
1902 if (ret == -1 && errno == ENOSYS) {
1903 errno = saved_errno; /* Ignore ENOSYS */
1904 } else {
1905 DEBUG(5, ("open_file_ntcreate: reset "
1906 "attributes of file %s to 0%o\n",
1907 fname, (unsigned int)new_unx_mode));
1908 ret = 0; /* Don't do the fchmod below. */
1909 }
1910 }
1911
1912 if ((ret == -1) &&
1913 (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1914 DEBUG(5, ("open_file_ntcreate: failed to reset "
1915 "attributes of file %s to 0%o\n",
1916 fname, (unsigned int)new_unx_mode));
1917 }
1918
1919 /* If this is a successful open, we must remove any deferred open
1920 * records. */
1921 if (req != NULL) {
1922 del_deferred_open_entry(lck, req->mid);
1923 }
1924 TALLOC_FREE(lck);
1925
1926 conn->num_files_open++;
1927
1928 *result = fsp;
1929 return NT_STATUS_OK;
1930 }
1931
1932 /****************************************************************************
1933 Open a file for for write to ensure that we can fchmod it.
1934 ****************************************************************************/
1935
1936 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1937 SMB_STRUCT_STAT *psbuf, files_struct **result)
1938 {
1939 files_struct *fsp = NULL;
1940 NTSTATUS status;
1941
1942 if (!VALID_STAT(*psbuf)) {
1943 return NT_STATUS_INVALID_PARAMETER;
1944 }
1945
1946 status = file_new(conn, &fsp);
1947 if(!NT_STATUS_IS_OK(status)) {
1948 return status;
1949 }
1950
1951 /* note! we must use a non-zero desired access or we don't get
1952 a real file descriptor. Oh what a twisted web we weave. */
1953 status = open_file(fsp, conn, NULL, NULL, NULL, fname, psbuf, O_WRONLY,
1954 0, FILE_WRITE_DATA, FILE_WRITE_DATA);
1955
1956 /*
1957 * This is not a user visible file open.
1958 * Don't set a share mode and don't increment
1959 * the conn->num_files_open.
1960 */
1961
1962 if (!NT_STATUS_IS_OK(status)) {
1963 file_free(fsp);
1964 return status;
1965 }
1966
1967 *result = fsp;
1968 return NT_STATUS_OK;
1969 }
1970
1971 /****************************************************************************
1972 Close the fchmod file fd - ensure no locks are lost.
1973 ****************************************************************************/
1974
1975 NTSTATUS close_file_fchmod(files_struct *fsp)
1976 {
1977 NTSTATUS status = fd_close(fsp->conn, fsp);
1978 file_free(fsp);
1979 return status;
1980 }
1981
1982 static NTSTATUS mkdir_internal(connection_struct *conn,
1983 const char *name,
1984 uint32 file_attributes,
1985 SMB_STRUCT_STAT *psbuf)
1986 {
1987 mode_t mode;
1988 char *parent_dir;
1989 const char *dirname;
1990 NTSTATUS status;
1991 bool posix_open = false;
1992
1993 if(!CAN_WRITE(conn)) {
1994 DEBUG(5,("mkdir_internal: failing create on read-only share "
1995 "%s\n", lp_servicename(SNUM(conn))));
1996 return NT_STATUS_ACCESS_DENIED;
1997 }
1998
1999 status = check_name(conn, name);
2000 if (!NT_STATUS_IS_OK(status)) {
2001 return status;
2002 }
2003
2004 if (!parent_dirname_talloc(talloc_tos(), name, &parent_dir,
2005 &dirname)) {
2006 return NT_STATUS_NO_MEMORY;
2007 }
2008
2009 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2010 posix_open = true;
2011 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2012 } else {
2013 mode = unix_mode(conn, aDIR, name, parent_dir);
2014 }
2015
2016 if (SMB_VFS_MKDIR(conn, name, mode) != 0) {
2017 return map_nt_error_from_unix(errno);
2018 }
2019
2020 /* Ensure we're checking for a symlink here.... */
2021 /* We don't want to get caught by a symlink racer. */
2022
2023 if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
2024 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2025 name, strerror(errno)));
2026 return map_nt_error_from_unix(errno);
2027 }
2028
2029 if (!S_ISDIR(psbuf->st_mode)) {
2030 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2031 name));
2032 return NT_STATUS_ACCESS_DENIED;
2033 }
2034
2035 if (lp_store_dos_attributes(SNUM(conn))) {
2036 if (!posix_open) {
2037 file_set_dosmode(conn, name,
2038 file_attributes | aDIR, NULL,
2039 parent_dir,
2040 true);
2041 }
2042 }
2043
2044 if (lp_inherit_perms(SNUM(conn))) {
2045 inherit_access_acl(conn, parent_dir, name, mode);
2046 }
2047
2048 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
2049 /*
2050 * Check if high bits should have been set,
2051 * then (if bits are missing): add them.
2052 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2053 * dir.
2054 */
2055 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
2056 SMB_VFS_CHMOD(conn, name,
2057 psbuf->st_mode | (mode & ~psbuf->st_mode));
2058 }
2059 }
2060
2061 /* Change the owner if required. */
2062 if (lp_inherit_owner(SNUM(conn))) {
2063 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
2064 }
2065
2066 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2067 name);
2068
2069 return NT_STATUS_OK;
2070 }
2071
2072 /****************************************************************************
2073 Open a directory from an NT SMB call.
2074 ****************************************************************************/
2075
2076 NTSTATUS open_directory(connection_struct *conn,
2077 struct smb_request *req,
2078 const char *fname,
2079 SMB_STRUCT_STAT *psbuf,
2080 uint32 access_mask,
2081 uint32 share_access,
2082 uint32 create_disposition,
2083 uint32 create_options,
2084 uint32 file_attributes,
2085 int *pinfo,
2086 files_struct **result)
2087 {
2088 files_struct *fsp = NULL;
2089 bool dir_existed = VALID_STAT(*psbuf) ? True : False;
2090 struct share_mode_lock *lck = NULL;
2091 NTSTATUS status;
2092 int info = 0;
2093
2094 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2095 "share_access = 0x%x create_options = 0x%x, "
2096 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2097 fname,
2098 (unsigned int)access_mask,
2099 (unsigned int)share_access,
2100 (unsigned int)create_options,
2101 (unsigned int)create_disposition,
2102 (unsigned int)file_attributes));
2103
2104 if (is_ntfs_stream_name(fname)) {
2105 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
2106 return NT_STATUS_NOT_A_DIRECTORY;
2107 }
2108
2109 switch( create_disposition ) {
2110 case FILE_OPEN:
2111
2112 info = FILE_WAS_OPENED;
2113
2114 /*
2115 * We want to follow symlinks here.
2116 */
2117
2118 if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
2119 return map_nt_error_from_unix(errno);
2120 }
2121
2122 break;
2123
2124 case FILE_CREATE:
2125
2126 /* If directory exists error. If directory doesn't
2127 * exist create. */
2128
2129 status = mkdir_internal(conn,
2130 fname,
2131 file_attributes,
2132 psbuf);
2133
2134 if (!NT_STATUS_IS_OK(status)) {
2135 DEBUG(2, ("open_directory: unable to create "
2136 "%s. Error was %s\n", fname,
2137 nt_errstr(status)));
2138 return status;
2139 }
2140
2141 info = FILE_WAS_CREATED;
2142 break;
2143
2144 case FILE_OPEN_IF:
2145 /*
2146 * If directory exists open. If directory doesn't
2147 * exist create.
2148 */
2149
2150 status = mkdir_internal(conn,
2151 fname,
2152 file_attributes,
2153 psbuf);
2154
2155 if (NT_STATUS_IS_OK(status)) {
2156 info = FILE_WAS_CREATED;
2157 }
2158
2159 if (NT_STATUS_EQUAL(status,
2160 NT_STATUS_OBJECT_NAME_COLLISION)) {
2161 info = FILE_WAS_OPENED;
2162 status = NT_STATUS_OK;
2163 }
2164
2165 break;
2166
2167 case FILE_SUPERSEDE:
2168 case FILE_OVERWRITE:
2169 case FILE_OVERWRITE_IF:
2170 default:
2171 DEBUG(5,("open_directory: invalid create_disposition "
2172 "0x%x for directory %s\n",
2173 (unsigned int)create_disposition, fname));
2174 return NT_STATUS_INVALID_PARAMETER;
2175 }
2176
2177 if(!S_ISDIR(psbuf->st_mode)) {
2178 DEBUG(5,("open_directory: %s is not a directory !\n",
2179 fname ));
2180 return NT_STATUS_NOT_A_DIRECTORY;
2181 }
2182
2183 status = file_new(conn, &fsp);
2184 if(!NT_STATUS_IS_OK(status)) {
2185 return status;
2186 }
2187
2188 /*
2189 * Setup the files_struct for it.
2190 */
2191
2192 fsp->mode = psbuf->st_mode;
2193 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
2194 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2195 fsp->file_pid = req ? req->smbpid : 0;
2196 fsp->can_lock = False;
2197 fsp->can_read = False;
2198 fsp->can_write = False;
2199
2200 fsp->share_access = share_access;
2201 fsp->fh->private_options = create_options;
2202 fsp->access_mask = access_mask;
2203
2204 fsp->print_file = False;
2205 fsp->modified = False;
2206 fsp->oplock_type = NO_OPLOCK;
2207 fsp->sent_oplock_break = NO_BREAK_SENT;
2208 fsp->is_directory = True;
2209 fsp->is_stat = False;
2210 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2211
2212 string_set(&fsp->fsp_name,fname);
2213
2214 lck = get_share_mode_lock(NULL, fsp->file_id,
2215 conn->connectpath,
2216 fname);
2217
2218 if (lck == NULL) {
2219 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2220 file_free(fsp);
2221 return NT_STATUS_SHARING_VIOLATION;
2222 }
2223
2224 status = open_mode_check(conn, fname, lck,
2225 access_mask, share_access,
2226 create_options, &dir_existed);
2227
2228 if (!NT_STATUS_IS_OK(status)) {
2229 TALLOC_FREE(lck);
2230 file_free(fsp);
2231 return status;
2232 }
2233
2234 set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK, True);
2235
2236 /* For directories the delete on close bit at open time seems
2237 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2238 if (create_options & FILE_DELETE_ON_CLOSE) {
2239 status = can_set_delete_on_close(fsp, True, 0);
2240 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2241 TALLOC_FREE(lck);
2242 file_free(fsp);
2243 return status;
2244 }
2245
2246 if (NT_STATUS_IS_OK(status)) {
2247 /* Note that here we set the *inital* delete on close flag,
2248 not the regular one. The magic gets handled in close. */
2249 fsp->initial_delete_on_close = True;
2250 }
2251 }
2252
2253 TALLOC_FREE(lck);
2254
2255 if (pinfo) {
2256 *pinfo = info;
2257 }
2258
2259 conn->num_files_open++;
2260
2261 *result = fsp;
2262 return NT_STATUS_OK;
2263 }
2264
2265 NTSTATUS create_directory(connection_struct *conn, const char *directory)
2266 {
2267 NTSTATUS status;
2268 SMB_STRUCT_STAT sbuf;
2269 files_struct *fsp;
2270
2271 SET_STAT_INVALID(sbuf);
2272
2273 status = open_directory(conn, NULL, directory, &sbuf,
2274 FILE_READ_ATTRIBUTES, /* Just a stat open */
2275 FILE_SHARE_NONE, /* Ignored for stat opens */
2276 FILE_CREATE,
2277 0,
2278 FILE_ATTRIBUTE_DIRECTORY,
2279 NULL,
2280 &fsp);
2281
2282 if (NT_STATUS_IS_OK(status)) {
2283 close_file(fsp, NORMAL_CLOSE);
2284 }
2285
2286 return status;
2287 }
2288
2289 /****************************************************************************
2290 Open a pseudo-file (no locking checks - a 'stat' open).
2291 ****************************************************************************/
2292
2293 NTSTATUS open_file_stat(connection_struct *conn, struct smb_request *req,
2294 const char *fname, SMB_STRUCT_STAT *psbuf,
2295 files_struct **result)
2296 {
2297 files_struct *fsp = NULL;
2298 NTSTATUS status;
2299
2300 if (!VALID_STAT(*psbuf)) {
2301 return NT_STATUS_INVALID_PARAMETER;
2302 }
2303
2304 /* Can't 'stat' open directories. */
2305 if(S_ISDIR(psbuf->st_mode)) {
2306 return NT_STATUS_FILE_IS_A_DIRECTORY;
2307 }
2308
2309 status = file_new(conn, &fsp);
2310 if(!NT_STATUS_IS_OK(status)) {
2311 return status;
2312 }
2313
2314 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2315
2316 /*
2317 * Setup the files_struct for it.
2318 */
2319
2320 fsp->mode = psbuf->st_mode;
2321 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
2322 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2323 fsp->file_pid = req ? req->smbpid : 0;
2324 fsp->can_lock = False;
2325 fsp->can_read = False;
2326 fsp->can_write = False;
2327 fsp->print_file = False;
2328 fsp->modified = False;
2329 fsp->oplock_type = NO_OPLOCK;
2330 fsp->sent_oplock_break = NO_BREAK_SENT;
2331 fsp->is_directory = False;
2332 fsp->is_stat = True;
2333 string_set(&fsp->fsp_name,fname);
2334
2335 conn->num_files_open++;
2336
2337 *result = fsp;
2338 return NT_STATUS_OK;
2339 }
2340
2341 /****************************************************************************
2342 Receive notification that one of our open files has been renamed by another
2343 smbd process.
2344 ****************************************************************************/
2345
2346 void msg_file_was_renamed(struct messaging_context *msg,
2347 void *private_data,
2348 uint32_t msg_type,
2349 struct server_id server_id,
2350 DATA_BLOB *data)
2351 {
2352 files_struct *fsp;
2353 char *frm = (char *)data->data;
2354 struct file_id id;
2355 const char *sharepath;
2356 const char *newname;
2357 size_t sp_len;
2358
2359 if (data->data == NULL
2360 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2361 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2362 (int)data->length));
2363 return;
2364 }
2365
2366 /* Unpack the message. */
2367 pull_file_id_16(frm, &id);
2368 sharepath = &frm[16];
2369 newname = sharepath + strlen(sharepath) + 1;
2370 sp_len = strlen(sharepath);
2371
2372 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2373 "file_id %s\n",
2374 sharepath, newname, file_id_string_tos(&id)));
2375
2376 for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) {
2377 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2378 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2379 fsp->fnum, fsp->fsp_name, newname ));
2380 string_set(&fsp->fsp_name, newname);
2381 } else {
2382 /* TODO. JRA. */
2383 /* Now we have the complete path we can work out if this is
2384 actually within this share and adjust newname accordingly. */
2385 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2386 "not sharepath %s) "
2387 "fnum %d from %s -> %s\n",
2388 fsp->conn->connectpath,
2389 sharepath,
2390 fsp->fnum,
2391 fsp->fsp_name,
2392 newname ));
2393 }
2394 }
2395 }
2396
2397 struct case_semantics_state {
2398 connection_struct *conn;
2399 bool case_sensitive;
2400 bool case_preserve;
2401 bool short_case_preserve;
2402 };
2403
2404 /****************************************************************************
2405 Restore case semantics.
2406 ****************************************************************************/
2407 static int restore_case_semantics(struct case_semantics_state *state)
2408 {
2409 state->conn->case_sensitive = state->case_sensitive;
2410 state->conn->case_preserve = state->case_preserve;
2411 state->conn->short_case_preserve = state->short_case_preserve;
2412 return 0;
2413 }
2414
2415 /****************************************************************************
2416 Save case semantics.
2417 ****************************************************************************/
2418 static struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx,
2419 connection_struct *conn)
2420 {
2421 struct case_semantics_state *result;
2422
2423 if (!(result = talloc(mem_ctx, struct case_semantics_state))) {
2424 DEBUG(0, ("talloc failed\n"));
2425 return NULL;
2426 }
2427
2428 result->conn = conn;
2429 result->case_sensitive = conn->case_sensitive;
2430 result->case_preserve = conn->case_preserve;
2431 result->short_case_preserve = conn->short_case_preserve;
2432
2433 /* Set to POSIX. */
2434 conn->case_sensitive = True;
2435 conn->case_preserve = True;
2436 conn->short_case_preserve = True;
2437
2438 talloc_set_destructor(result, restore_case_semantics);
2439
2440 return result;
2441 }
2442
2443 /*
2444 * Wrapper around open_file_ntcreate and open_directory
2445 */
2446
2447 NTSTATUS create_file(connection_struct *conn,
2448 struct smb_request *req,
2449 uint16_t root_dir_fid,
2450 const char *fname,
2451 uint32_t access_mask,
2452 uint32_t share_access,
2453 uint32_t create_disposition,
2454 uint32_t create_options,
2455 uint32_t file_attributes,
2456 uint32_t flags,
2457 SMB_BIG_UINT allocation_size,
2458 struct security_descriptor *sd,
2459 struct ea_list *ea_list,
2460
2461 files_struct **result,
2462 int *pinfo,
2463 uint8_t *poplock_granted,
2464 SMB_STRUCT_STAT *psbuf)
2465 {
2466 TALLOC_CTX *frame = talloc_stackframe();
2467 struct case_semantics_state *case_state = NULL;
2468 SMB_STRUCT_STAT sbuf;
2469 int info = FILE_WAS_OPENED;
2470 files_struct *fsp = NULL;
2471 uint8_t oplock_granted = NO_OPLOCK_RETURN;
2472 int oplock_request;
2473 NTSTATUS status;
2474
2475 DEBUG(10,("create_file: flags = 0x%x, access_mask = 0x%x "
2476 "file_attributes = 0x%x, share_access = 0x%x, "
2477 "create_disposition = 0x%x create_options = 0x%x "
2478 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
2479 "fname = %s\n",
2480 (unsigned int)flags,
2481 (unsigned int)access_mask,
2482 (unsigned int)file_attributes,
2483 (unsigned int)share_access,
2484 (unsigned int)create_disposition,
2485 (unsigned int)create_options,
2486 (unsigned int)root_dir_fid,
2487 ea_list, sd, fname));
2488
2489 SET_STAT_INVALID(sbuf);
2490
2491 if (create_options & FILE_OPEN_BY_FILE_ID) {
2492 status = NT_STATUS_NOT_SUPPORTED;
2493 goto fail;
2494 }
2495
2496 /*
2497 * Get the file name.
2498 */
2499
2500 if (root_dir_fid != 0) {
2501 /*
2502 * This filename is relative to a directory fid.
2503 */
2504 char *parent_fname = NULL;
2505 files_struct *dir_fsp = file_fsp(root_dir_fid);
2506
2507 if (dir_fsp == NULL) {
2508 status = NT_STATUS_INVALID_HANDLE;
2509 goto fail;
2510 }
2511
2512 if (!dir_fsp->is_directory) {
2513
2514 /*
2515 * Check to see if this is a mac fork of some kind.
2516 */
2517
2518 if (is_ntfs_stream_name(fname)) {
2519 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
2520 goto fail;
2521 }
2522
2523 /*
2524 we need to handle the case when we get a
2525 relative open relative to a file and the
2526 pathname is blank - this is a reopen!
2527 (hint from demyn plantenberg)
2528 */
2529
2530 status = NT_STATUS_INVALID_HANDLE;
2531 goto fail;
2532 }
2533
2534 if (ISDOT(dir_fsp->fsp_name)) {
2535 /*
2536 * We're at the toplevel dir, the final file name
2537 * must not contain ./, as this is filtered out
2538 * normally by srvstr_get_path and unix_convert
2539 * explicitly rejects paths containing ./.
2540 */
2541 parent_fname = talloc_strdup(talloc_tos(), "");
2542 if (parent_fname == NULL) {
2543 status = NT_STATUS_NO_MEMORY;
2544 goto fail;
2545 }
2546 } else {
2547 size_t dir_name_len = strlen(dir_fsp->fsp_name);
2548
2549 /*
2550 * Copy in the base directory name.
2551 */
2552
2553 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
2554 dir_name_len+2);
2555 if (parent_fname == NULL) {
2556 status = NT_STATUS_NO_MEMORY;
2557 goto fail;
2558 }
2559 memcpy(parent_fname, dir_fsp->fsp_name,
2560 dir_name_len+1);
2561
2562 /*
2563 * Ensure it ends in a '/'.
2564 * We used TALLOC_SIZE +2 to add space for the '/'.
2565 */
2566
2567 if(dir_name_len
2568 && (parent_fname[dir_name_len-1] != '\\')
2569 && (parent_fname[dir_name_len-1] != '/')) {
2570 parent_fname[dir_name_len] = '/';
2571 parent_fname[dir_name_len+1] = '\0';
2572 }
2573 }
2574
2575 fname = talloc_asprintf(talloc_tos(), "%s%s", parent_fname,
2576 fname);
2577 if (fname == NULL) {
2578 status = NT_STATUS_NO_MEMORY;
2579 goto fail;
2580 }
2581 } else {
2582 /*
2583 * Check to see if this is a mac fork of some kind.
2584 */
2585
2586 if (is_ntfs_stream_name(fname)) {
2587 enum FAKE_FILE_TYPE fake_file_type;
2588
2589 fake_file_type = is_fake_file(fname);
2590
2591 if (fake_file_type == FAKE_FILE_TYPE_NONE) {
2592 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
2593 }
2594
2595 /*
2596 * Here we go! support for changing the disk quotas
2597 * --metze
2598 *
2599 * We need to fake up to open this MAGIC QUOTA file
2600 * and return a valid FID.
2601 *
2602 * w2k close this file directly after openening xp
2603 * also tries a QUERY_FILE_INFO on the file and then
2604 * close it
2605 */
2606 status = open_fake_file(conn, fake_file_type, fname,
2607 access_mask, &fsp);
2608 if (!NT_STATUS_IS_OK(status)) {
2609 goto fail;
2610 }
2611
2612 goto done;
2613 }
2614 }
2615
2616 oplock_request = (flags & REQUEST_OPLOCK) ? EXCLUSIVE_OPLOCK : 0;
2617 if (oplock_request) {
2618 oplock_request |= (flags & REQUEST_BATCH_OPLOCK)
2619 ? BATCH_OPLOCK : 0;
2620 }
2621
2622 if (req == NULL) {
2623 oplock_request |= INTERNAL_OPEN_ONLY;
2624 }
2625
2626 if ((req != NULL) && (req->flags2 & FLAGS2_DFS_PATHNAMES)) {
2627 char *resolved_fname;
2628
2629 status = resolve_dfspath(talloc_tos(), conn, true, fname,
2630 &resolved_fname);
2631
2632 if (!NT_STATUS_IS_OK(status)) {
2633 /*
2634 * For PATH_NOT_COVERED we had
2635 * reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2636 * ERRSRV, ERRbadpath);
2637 * Need to fix in callers
2638 */
2639 goto fail;
2640 }
2641 fname = resolved_fname;
2642 }
2643
2644 /*
2645 * Check if POSIX semantics are wanted.
2646 */
2647
2648 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2649 case_state = set_posix_case_semantics(talloc_tos(), conn);
2650 file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS;
2651 }
2652
2653 {
2654 char *converted_fname;
2655
2656 status = unix_convert(talloc_tos(), conn, fname, False,
2657 &converted_fname, NULL, &sbuf);
2658 if (!NT_STATUS_IS_OK(status)) {
2659 goto fail;
2660 }
2661 fname = converted_fname;
2662 }
2663
2664 /* All file access must go through check_name() */
2665
2666 status = check_name(conn, fname);
2667 if (!NT_STATUS_IS_OK(status)) {
2668 goto fail;
2669 }
2670
2671 /* This is the correct thing to do (check every time) but can_delete
2672 * is expensive (it may have to read the parent directory
2673 * permissions). So for now we're not doing it unless we have a strong
2674 * hint the client is really going to delete this file. If the client
2675 * is forcing FILE_CREATE let the filesystem take care of the
2676 * permissions. */
2677
2678 /* Setting FILE_SHARE_DELETE is the hint. */
2679
2680 if (lp_acl_check_permissions(SNUM(conn))
2681 && (create_disposition != FILE_CREATE)
2682 && (share_access & FILE_SHARE_DELETE)
2683 && (access_mask & DELETE_ACCESS)
2684 && (((dos_mode(conn, fname, &sbuf) & FILE_ATTRIBUTE_READONLY)
2685 && !lp_delete_readonly(SNUM(conn)))
2686 || !can_delete_file_in_directory(conn, fname))) {
2687 status = NT_STATUS_ACCESS_DENIED;
2688 goto fail;
2689 }
2690
2691 #if 0
2692 /* We need to support SeSecurityPrivilege for this. */
2693 if ((access_mask & SEC_RIGHT_SYSTEM_SECURITY) &&
2694 !user_has_privileges(current_user.nt_user_token,
2695 &se_security)) {
2696 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2697 goto fail;
2698 }
2699 #endif
2700
2701 /*
2702 * If it's a request for a directory open, deal with it separately.
2703 */
2704
2705 if (create_options & FILE_DIRECTORY_FILE) {
2706
2707 /* Can't open a temp directory. IFS kit test. */
2708 if (file_attributes & FILE_ATTRIBUTE_TEMPORARY) {
2709 status = NT_STATUS_INVALID_PARAMETER;
2710 goto fail;
2711 }
2712
2713 /*
2714 * We will get a create directory here if the Win32
2715 * app specified a security descriptor in the
2716 * CreateDirectory() call.
2717 */
2718
2719 oplock_request = 0;
2720 status = open_directory(
2721 conn, req, fname, &sbuf, access_mask, share_access,
2722 create_disposition, create_options, file_attributes,
2723 &info, &fsp);
2724 } else {
2725
2726 /*
2727 * Ordinary file case.
2728 */
2729
2730 status = open_file_ntcreate(
2731 conn, req, fname, &sbuf, access_mask, share_access,
2732 create_disposition, create_options, file_attributes,
2733 oplock_request, &info, &fsp);
2734
2735 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
2736
2737 /*
2738 * Fail the open if it was explicitly a non-directory
2739 * file.
2740 */
2741
2742 if (create_options & FILE_NON_DIRECTORY_FILE) {
2743 status = NT_STATUS_FILE_IS_A_DIRECTORY;
2744 goto fail;
2745 }
2746
2747 oplock_request = 0;
2748 status = open_directory(
2749 conn, req, fname, &sbuf, access_mask,
2750 share_access, create_disposition,
2751 create_options, file_attributes,
2752 &info, &fsp);
2753 }
2754 }
2755
2756 TALLOC_FREE(case_state);
2757
2758 if (!NT_STATUS_IS_OK(status)) {
2759 goto fail;
2760 }
2761
2762 /*
2763 * According to the MS documentation, the only time the security
2764 * descriptor is applied to the opened file is iff we *created* the
2765 * file; an existing file stays the same.
2766 *
2767 * Also, it seems (from observation) that you can open the file with
2768 * any access mask but you can still write the sd. We need to override
2769 * the granted access before we call set_sd
2770 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
2771 */
2772
2773 if ((sd != NULL) && (info == FILE_WAS_CREATED)
2774 && lp_nt_acl_support(SNUM(conn))) {
2775
2776 uint32_t sec_info_sent = ALL_SECURITY_INFORMATION;
2777 uint32_t saved_access_mask = fsp->access_mask;
2778
2779 if (sd->owner_sid==0) {
2780 sec_info_sent &= ~OWNER_SECURITY_INFORMATION;
2781 }
2782 if (sd->group_sid==0) {
2783 sec_info_sent &= ~GROUP_SECURITY_INFORMATION;
2784 }
2785 if (sd->sacl==0) {
2786 sec_info_sent &= ~SACL_SECURITY_INFORMATION;
2787 }
2788 if (sd->dacl==0) {
2789 sec_info_sent &= ~DACL_SECURITY_INFORMATION;
2790 }
2791
2792 fsp->access_mask = FILE_GENERIC_ALL;
2793
2794 status = SMB_VFS_FSET_NT_ACL(
2795 fsp, fsp->fh->fd, sec_info_sent, sd);
2796
2797 fsp->access_mask = saved_access_mask;
2798
2799 if (!NT_STATUS_IS_OK(status)) {
2800 goto fail;
2801 }
2802 }
2803
2804 if ((ea_list != NULL) && (info == FILE_WAS_CREATED)) {
2805 status = set_ea(conn, fsp, fname, ea_list);
2806 if (!NT_STATUS_IS_OK(status)) {
2807 goto fail;
2808 }
2809 }
2810
2811 if (!fsp->is_directory && S_ISDIR(sbuf.st_mode)) {
2812 status = NT_STATUS_ACCESS_DENIED;
2813 goto fail;
2814 }
2815
2816 /* Save the requested allocation size. */
2817 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
2818 if (allocation_size
2819 && (allocation_size > sbuf.st_size)) {
2820 fsp->initial_allocation_size = smb_roundup(
2821 fsp->conn, allocation_size);
2822 if (fsp->is_directory) {
2823 /* Can't set allocation size on a directory. */
2824 status = NT_STATUS_ACCESS_DENIED;
2825 goto fail;
2826 }
2827 if (vfs_allocate_file_space(
2828 fsp, fsp->initial_allocation_size) == -1) {
2829 status = NT_STATUS_DISK_FULL;
2830 goto fail;
2831 }
2832 } else {
2833 fsp->initial_allocation_size = smb_roundup(
2834 fsp->conn, (SMB_BIG_UINT)sbuf.st_size);
2835 }
2836 }
2837
2838 /*
2839 * If the caller set the extended oplock request bit
2840 * and we granted one (by whatever means) - set the
2841 * correct bit for extended oplock reply.
2842 */
2843
2844 if (oplock_request &&
2845 (lp_fake_oplocks(SNUM(conn))
2846 || EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type))) {
2847
2848 /*
2849 * Exclusive oplock granted
2850 */
2851
2852 if (flags & REQUEST_BATCH_OPLOCK) {
2853 oplock_granted = BATCH_OPLOCK_RETURN;
2854 } else {
2855 oplock_granted = EXCLUSIVE_OPLOCK_RETURN;
2856 }
2857 } else if (fsp->oplock_type == LEVEL_II_OPLOCK) {
2858 oplock_granted = LEVEL_II_OPLOCK_RETURN;
2859 } else {
2860 oplock_granted = NO_OPLOCK_RETURN;
2861 }
2862
2863 done:
2864 DEBUG(10, ("create_file: info=%d, oplock_granted=%d\n",
2865 info, (int)oplock_granted));
2866
2867 *result = fsp;
2868 if (pinfo != NULL) {
2869 *pinfo = info;
2870 }
2871 if (poplock_granted != NULL) {
2872 *poplock_granted = oplock_granted;
2873 }
2874 if (psbuf != NULL) {
2875 *psbuf = sbuf;
2876 }
2877 TALLOC_FREE(frame);
2878 return NT_STATUS_OK;
2879
2880 fail:
2881 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
2882
2883 if (fsp != NULL) {
2884 close_file(fsp, ERROR_CLOSE);
2885 fsp = NULL;
2886 }
2887 TALLOC_FREE(frame);
2888 return status;
2889 }
Samba GIT mirror