2 Unix SMB/CIFS implementation.
3 Directory handling routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2007
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "system/filesys.h"
23 #include "smbd/smbd.h"
24 #include "smbd/globals.h"
25 #include "libcli/security/security.h"
26 #include "lib/util/bitmap.h"
27 #include "../lib/util/memcache.h"
28 #include "../librpc/gen_ndr/open_files.h"
31 This module implements directory related functions for Samba.
34 /* "Special" directory offsets. */
35 #define END_OF_DIRECTORY_OFFSET ((long)-1)
36 #define START_OF_DIRECTORY_OFFSET ((long)0)
37 #define DOT_DOT_DIRECTORY_OFFSET ((long)0x80000000)
39 /* "Special" directory offsets in 32-bit wire format. */
40 #define WIRE_END_OF_DIRECTORY_OFFSET ((uint32_t)0xFFFFFFFF)
41 #define WIRE_START_OF_DIRECTORY_OFFSET ((uint32_t)0)
42 #define WIRE_DOT_DOT_DIRECTORY_OFFSET ((uint32_t)0x80000000)
44 /* Make directory handle internals available. */
46 struct name_cache_entry
{
52 connection_struct
*conn
;
55 struct smb_filename
*dir_smb_fname
;
56 size_t name_cache_size
;
57 struct name_cache_entry
*name_cache
;
58 unsigned int name_cache_index
;
59 unsigned int file_number
;
60 files_struct
*fsp
; /* Back pointer to containing fsp, only
61 set from OpenDir_fsp(). */
65 struct dptr_struct
*next
, *prev
;
68 struct connection_struct
*conn
;
69 struct smb_Dir
*dir_hnd
;
73 struct smb_filename
*smb_dname
;
74 bool has_wild
; /* Set to true if the wcard entry has MS wildcard characters in it. */
75 bool did_stat
; /* Optimisation for non-wcard searches. */
76 bool priv
; /* Directory handle opened with privilege. */
78 struct memcache
*dptr_cache
;
81 static struct smb_Dir
*OpenDir_fsp(TALLOC_CTX
*mem_ctx
, connection_struct
*conn
,
86 static void DirCacheAdd(struct smb_Dir
*dir_hnd
, const char *name
, long offset
);
88 static int smb_Dir_destructor(struct smb_Dir
*dir_hnd
);
90 #define INVALID_DPTR_KEY (-3)
92 /****************************************************************************
93 Initialise the dir bitmap.
94 ****************************************************************************/
96 bool init_dptrs(struct smbd_server_connection
*sconn
)
98 if (sconn
->searches
.dptr_bmap
) {
102 sconn
->searches
.dptr_bmap
= bitmap_talloc(
103 sconn
, MAX_DIRECTORY_HANDLES
);
105 if (sconn
->searches
.dptr_bmap
== NULL
) {
112 /****************************************************************************
113 Get the struct dptr_struct for a dir index.
114 ****************************************************************************/
116 static struct dptr_struct
*dptr_get(struct smbd_server_connection
*sconn
,
119 struct dptr_struct
*dptr
;
121 for (dptr
= sconn
->searches
.dirptrs
; dptr
!= NULL
; dptr
= dptr
->next
) {
122 if(dptr
->dnum
!= key
) {
125 DLIST_PROMOTE(sconn
->searches
.dirptrs
, dptr
);
131 /****************************************************************************
132 Get the dir path for a dir index.
133 ****************************************************************************/
135 const char *dptr_path(struct smbd_server_connection
*sconn
, int key
)
137 struct dptr_struct
*dptr
= dptr_get(sconn
, key
);
139 return(dptr
->smb_dname
->base_name
);
143 /****************************************************************************
144 Get the dir wcard for a dir index.
145 ****************************************************************************/
147 const char *dptr_wcard(struct smbd_server_connection
*sconn
, int key
)
149 struct dptr_struct
*dptr
= dptr_get(sconn
, key
);
155 /****************************************************************************
156 Get the dir attrib for a dir index.
157 ****************************************************************************/
159 uint16_t dptr_attr(struct smbd_server_connection
*sconn
, int key
)
161 struct dptr_struct
*dptr
= dptr_get(sconn
, key
);
167 /****************************************************************************
168 Close all dptrs for a cnum.
169 ****************************************************************************/
171 void dptr_closecnum(connection_struct
*conn
)
173 struct dptr_struct
*dptr
, *next
;
174 struct smbd_server_connection
*sconn
= conn
->sconn
;
180 for(dptr
= sconn
->searches
.dirptrs
; dptr
; dptr
= next
) {
182 if (dptr
->conn
== conn
) {
183 files_struct
*fsp
= dptr
->dir_hnd
->fsp
;
184 close_file(NULL
, fsp
, NORMAL_CLOSE
);
190 /****************************************************************************
191 Create a new dir ptr. If the flag old_handle is true then we must allocate
192 from the bitmap range 0 - 255 as old SMBsearch directory handles are only
193 one byte long. If old_handle is false we allocate from the range
194 256 - MAX_DIRECTORY_HANDLES. We bias the number we return by 1 to ensure
195 a directory handle is never zero.
196 wcard must not be zero.
197 ****************************************************************************/
199 NTSTATUS
dptr_create(connection_struct
*conn
,
200 struct smb_request
*req
,
208 struct dptr_struct
**dptr_ret
)
210 struct smbd_server_connection
*sconn
= conn
->sconn
;
211 struct dptr_struct
*dptr
= NULL
;
212 struct smb_Dir
*dir_hnd
;
214 DBG_INFO("dir=%s\n", fsp_str_dbg(fsp
));
217 DEBUG(0,("dptr_create: called with fake connection_struct\n"));
218 return NT_STATUS_INTERNAL_ERROR
;
222 return NT_STATUS_INVALID_PARAMETER
;
225 if (!(fsp
->access_mask
& SEC_DIR_LIST
)) {
226 DBG_INFO("dptr_create: directory %s "
227 "not open for LIST access\n",
229 return NT_STATUS_ACCESS_DENIED
;
231 dir_hnd
= OpenDir_fsp(NULL
, conn
, fsp
, wcard
, attr
);
233 return map_nt_error_from_unix(errno
);
236 dptr
= talloc_zero(NULL
, struct dptr_struct
);
238 DEBUG(0,("talloc fail in dptr_create.\n"));
239 TALLOC_FREE(dir_hnd
);
240 return NT_STATUS_NO_MEMORY
;
243 dptr
->smb_dname
= cp_smb_filename(dptr
, fsp
->fsp_name
);
244 if (dptr
->smb_dname
== NULL
) {
246 TALLOC_FREE(dir_hnd
);
247 return NT_STATUS_NO_MEMORY
;
250 dptr
->dir_hnd
= dir_hnd
;
252 dptr
->expect_close
= expect_close
;
253 dptr
->wcard
= talloc_strdup(dptr
, wcard
);
256 TALLOC_FREE(dir_hnd
);
257 return NT_STATUS_NO_MEMORY
;
259 if ((req
!= NULL
&& req
->posix_pathnames
) ||
260 (wcard
[0] == '.' && wcard
[1] == 0)) {
261 dptr
->has_wild
= True
;
263 dptr
->has_wild
= wcard_has_wild
;
268 if (sconn
->using_smb2
) {
275 * This is an old-style SMBsearch request. Ensure the
276 * value we return will fit in the range 1-255.
279 dptr
->dnum
= bitmap_find(sconn
->searches
.dptr_bmap
, 0);
281 if(dptr
->dnum
== -1 || dptr
->dnum
> 254) {
282 DBG_ERR("returned %d: Error - all old "
283 "dirptrs in use ?\n",
286 TALLOC_FREE(dir_hnd
);
287 return NT_STATUS_TOO_MANY_OPENED_FILES
;
292 * This is a new-style trans2 request. Allocate from
293 * a range that will return 256 - MAX_DIRECTORY_HANDLES.
296 dptr
->dnum
= bitmap_find(sconn
->searches
.dptr_bmap
, 255);
298 if(dptr
->dnum
== -1 || dptr
->dnum
< 255) {
299 DBG_ERR("returned %d: Error - all new "
300 "dirptrs in use ?\n",
303 TALLOC_FREE(dir_hnd
);
304 return NT_STATUS_TOO_MANY_OPENED_FILES
;
308 bitmap_set(sconn
->searches
.dptr_bmap
, dptr
->dnum
);
310 dptr
->dnum
+= 1; /* Always bias the dnum by one - no zero dnums allowed. */
312 DLIST_ADD(sconn
->searches
.dirptrs
, dptr
);
315 DBG_INFO("creating new dirptr [%d] for path [%s], expect_close = %d\n",
316 dptr
->dnum
, fsp_str_dbg(fsp
), expect_close
);
324 /****************************************************************************
325 Wrapper functions to access the lower level directory handles.
326 ****************************************************************************/
328 void dptr_CloseDir(files_struct
*fsp
)
330 struct smbd_server_connection
*sconn
= NULL
;
332 if (fsp
->dptr
== NULL
) {
335 sconn
= fsp
->dptr
->conn
->sconn
;
338 * The destructor for the struct smb_Dir (fsp->dptr->dir_hnd)
339 * now handles all resource deallocation.
342 DBG_INFO("closing dptr key %d\n", fsp
->dptr
->dnum
);
344 if (sconn
!= NULL
&& !sconn
->using_smb2
) {
345 DLIST_REMOVE(sconn
->searches
.dirptrs
, fsp
->dptr
);
348 * Free the dnum in the bitmap. Remember the dnum value is
349 * always biased by one with respect to the bitmap.
352 if (!bitmap_query(sconn
->searches
.dptr_bmap
,
353 fsp
->dptr
->dnum
- 1))
355 DBG_ERR("closing dnum = %d and bitmap not set !\n",
359 bitmap_clear(sconn
->searches
.dptr_bmap
, fsp
->dptr
->dnum
- 1);
362 TALLOC_FREE(fsp
->dptr
->dir_hnd
);
363 TALLOC_FREE(fsp
->dptr
);
366 void dptr_SeekDir(struct dptr_struct
*dptr
, long offset
)
368 SeekDir(dptr
->dir_hnd
, offset
);
371 long dptr_TellDir(struct dptr_struct
*dptr
)
373 return TellDir(dptr
->dir_hnd
);
376 bool dptr_has_wild(struct dptr_struct
*dptr
)
378 return dptr
->has_wild
;
381 int dptr_dnum(struct dptr_struct
*dptr
)
386 bool dptr_get_priv(struct dptr_struct
*dptr
)
391 void dptr_set_priv(struct dptr_struct
*dptr
)
396 /****************************************************************************
397 Return the next visible file name, skipping veto'd and invisible files.
398 ****************************************************************************/
400 static const char *dptr_normal_ReadDirName(struct dptr_struct
*dptr
,
401 long *poffset
, SMB_STRUCT_STAT
*pst
,
404 /* Normal search for the next file. */
406 char *talloced
= NULL
;
408 while ((name
= ReadDirName(dptr
->dir_hnd
, poffset
, pst
, &talloced
))
410 if (is_visible_file(dptr
->conn
,
415 *ptalloced
= talloced
;
418 TALLOC_FREE(talloced
);
423 /****************************************************************************
424 Return the next visible file name, skipping veto'd and invisible files.
425 ****************************************************************************/
427 static char *dptr_ReadDirName(TALLOC_CTX
*ctx
,
428 struct dptr_struct
*dptr
,
430 SMB_STRUCT_STAT
*pst
)
432 struct smb_filename smb_fname_base
;
434 const char *name_temp
= NULL
;
435 char *talloced
= NULL
;
436 char *pathreal
= NULL
;
437 char *found_name
= NULL
;
440 SET_STAT_INVALID(*pst
);
442 if (dptr
->has_wild
|| dptr
->did_stat
) {
443 name_temp
= dptr_normal_ReadDirName(dptr
, poffset
, pst
,
445 if (name_temp
== NULL
) {
448 if (talloced
!= NULL
) {
449 return talloc_move(ctx
, &talloced
);
451 return talloc_strdup(ctx
, name_temp
);
454 /* If poffset is -1 then we know we returned this name before and we
455 * have no wildcards. We're at the end of the directory. */
456 if (*poffset
== END_OF_DIRECTORY_OFFSET
) {
460 /* We know the stored wcard contains no wildcard characters.
461 * See if we can match with a stat call. If we can't, then set
462 * did_stat to true to ensure we only do this once and keep
465 dptr
->did_stat
= true;
467 /* First check if it should be visible. */
468 if (!is_visible_file(dptr
->conn
,
473 /* This only returns false if the file was found, but
474 is explicitly not visible. Set us to end of
475 directory, but return NULL as we know we can't ever
480 if (VALID_STAT(*pst
)) {
481 name
= talloc_strdup(ctx
, dptr
->wcard
);
485 pathreal
= talloc_asprintf(ctx
,
487 dptr
->smb_dname
->base_name
,
492 /* Create an smb_filename with stream_name == NULL. */
493 smb_fname_base
= (struct smb_filename
) {
494 .base_name
= pathreal
,
495 .twrp
= dptr
->smb_dname
->twrp
,
498 if (SMB_VFS_STAT(dptr
->conn
, &smb_fname_base
) == 0) {
499 *pst
= smb_fname_base
.st
;
500 name
= talloc_strdup(ctx
, dptr
->wcard
);
503 /* If we get any other error than ENOENT or ENOTDIR
504 then the file exists we just can't stat it. */
505 if (errno
!= ENOENT
&& errno
!= ENOTDIR
) {
506 name
= talloc_strdup(ctx
, dptr
->wcard
);
511 /* Stat failed. We know this is authoratiative if we are
512 * providing case sensitive semantics or the underlying
513 * filesystem is case sensitive.
515 if (dptr
->conn
->case_sensitive
||
516 !(dptr
->conn
->fs_capabilities
& FILE_CASE_SENSITIVE_SEARCH
))
522 * Try case-insensitive stat if the fs has the ability. This avoids
523 * scanning the whole directory.
525 ret
= SMB_VFS_GET_REAL_FILENAME(dptr
->conn
,
533 } else if (errno
== ENOENT
) {
534 /* The case-insensitive lookup was authoritative. */
538 TALLOC_FREE(pathreal
);
540 name_temp
= dptr_normal_ReadDirName(dptr
, poffset
, pst
, &talloced
);
541 if (name_temp
== NULL
) {
544 if (talloced
!= NULL
) {
545 return talloc_move(ctx
, &talloced
);
547 return talloc_strdup(ctx
, name_temp
);
550 TALLOC_FREE(pathreal
);
552 /* We need to set the underlying dir_hnd offset to -1
553 * also as this function is usually called with the
554 * output from TellDir. */
555 dptr
->dir_hnd
->offset
= *poffset
= END_OF_DIRECTORY_OFFSET
;
559 /****************************************************************************
560 Search for a file by name, skipping veto'ed and not visible files.
561 ****************************************************************************/
563 bool dptr_SearchDir(struct dptr_struct
*dptr
, const char *name
, long *poffset
, SMB_STRUCT_STAT
*pst
)
565 SET_STAT_INVALID(*pst
);
567 if (!dptr
->has_wild
&& (dptr
->dir_hnd
->offset
== END_OF_DIRECTORY_OFFSET
)) {
568 /* This is a singleton directory and we're already at the end. */
569 *poffset
= END_OF_DIRECTORY_OFFSET
;
573 return SearchDir(dptr
->dir_hnd
, name
, poffset
);
576 /****************************************************************************
577 Map a native directory offset to a 32-bit cookie.
578 ****************************************************************************/
580 static uint32_t map_dir_offset_to_wire(struct dptr_struct
*dptr
, long offset
)
585 if (offset
== END_OF_DIRECTORY_OFFSET
) {
586 return WIRE_END_OF_DIRECTORY_OFFSET
;
587 } else if(offset
== START_OF_DIRECTORY_OFFSET
) {
588 return WIRE_START_OF_DIRECTORY_OFFSET
;
589 } else if (offset
== DOT_DOT_DIRECTORY_OFFSET
) {
590 return WIRE_DOT_DOT_DIRECTORY_OFFSET
;
592 if (sizeof(long) == 4) {
593 /* 32-bit machine. We can cheat... */
594 return (uint32_t)offset
;
596 if (dptr
->dptr_cache
== NULL
) {
597 /* Lazy initialize cache. */
598 dptr
->dptr_cache
= memcache_init(dptr
, 0);
599 if (dptr
->dptr_cache
== NULL
) {
600 return WIRE_END_OF_DIRECTORY_OFFSET
;
603 /* Have we seen this offset before ? */
604 key
.data
= (void *)&offset
;
605 key
.length
= sizeof(offset
);
606 if (memcache_lookup(dptr
->dptr_cache
,
607 SMB1_SEARCH_OFFSET_MAP
,
610 uint32_t wire_offset
;
611 SMB_ASSERT(val
.length
== sizeof(wire_offset
));
612 memcpy(&wire_offset
, val
.data
, sizeof(wire_offset
));
613 DEBUG(10,("found wire %u <-> offset %ld\n",
614 (unsigned int)wire_offset
,
619 /* Allocate a new wire cookie. */
622 } while (dptr
->counter
== WIRE_START_OF_DIRECTORY_OFFSET
||
623 dptr
->counter
== WIRE_END_OF_DIRECTORY_OFFSET
||
624 dptr
->counter
== WIRE_DOT_DOT_DIRECTORY_OFFSET
);
625 /* Store it in the cache. */
626 key
.data
= (void *)&offset
;
627 key
.length
= sizeof(offset
);
628 val
.data
= (void *)&dptr
->counter
;
629 val
.length
= sizeof(dptr
->counter
); /* MUST BE uint32_t ! */
630 memcache_add(dptr
->dptr_cache
,
631 SMB1_SEARCH_OFFSET_MAP
,
634 /* And the reverse mapping for lookup from
635 map_wire_to_dir_offset(). */
636 memcache_add(dptr
->dptr_cache
,
637 SMB1_SEARCH_OFFSET_MAP
,
640 DEBUG(10,("stored wire %u <-> offset %ld\n",
641 (unsigned int)dptr
->counter
,
643 return dptr
->counter
;
646 /****************************************************************************
647 Fill the 5 byte server reserved dptr field.
648 ****************************************************************************/
650 bool dptr_fill(struct smbd_server_connection
*sconn
,
651 char *buf1
,unsigned int key
)
653 unsigned char *buf
= (unsigned char *)buf1
;
654 struct dptr_struct
*dptr
= dptr_get(sconn
, key
);
655 uint32_t wire_offset
;
657 DEBUG(1,("filling null dirptr %d\n",key
));
660 wire_offset
= map_dir_offset_to_wire(dptr
,TellDir(dptr
->dir_hnd
));
661 DEBUG(6,("fill on key %u dirptr 0x%lx now at %d\n",key
,
662 (long)dptr
->dir_hnd
,(int)wire_offset
));
664 SIVAL(buf
,1,wire_offset
);
668 /****************************************************************************
669 Map a 32-bit wire cookie to a native directory offset.
670 ****************************************************************************/
672 static long map_wire_to_dir_offset(struct dptr_struct
*dptr
, uint32_t wire_offset
)
677 if (wire_offset
== WIRE_END_OF_DIRECTORY_OFFSET
) {
678 return END_OF_DIRECTORY_OFFSET
;
679 } else if(wire_offset
== WIRE_START_OF_DIRECTORY_OFFSET
) {
680 return START_OF_DIRECTORY_OFFSET
;
681 } else if (wire_offset
== WIRE_DOT_DOT_DIRECTORY_OFFSET
) {
682 return DOT_DOT_DIRECTORY_OFFSET
;
684 if (sizeof(long) == 4) {
685 /* 32-bit machine. We can cheat... */
686 return (long)wire_offset
;
688 if (dptr
->dptr_cache
== NULL
) {
689 /* Logic error, cache should be initialized. */
690 return END_OF_DIRECTORY_OFFSET
;
692 key
.data
= (void *)&wire_offset
;
693 key
.length
= sizeof(wire_offset
);
694 if (memcache_lookup(dptr
->dptr_cache
,
695 SMB1_SEARCH_OFFSET_MAP
,
700 SMB_ASSERT(val
.length
== sizeof(offset
));
701 memcpy(&offset
, val
.data
, sizeof(offset
));
702 DEBUG(10,("lookup wire %u <-> offset %ld\n",
703 (unsigned int)wire_offset
,
707 return END_OF_DIRECTORY_OFFSET
;
710 /****************************************************************************
711 Return the associated fsp and seek the dir_hnd on it it given the 5 byte
713 ****************************************************************************/
715 files_struct
*dptr_fetch_fsp(struct smbd_server_connection
*sconn
,
718 unsigned int key
= *(unsigned char *)buf
;
719 struct dptr_struct
*dptr
= dptr_get(sconn
, key
);
720 uint32_t wire_offset
;
724 DEBUG(3,("fetched null dirptr %d\n",key
));
728 wire_offset
= IVAL(buf
,1);
729 seekoff
= map_wire_to_dir_offset(dptr
, wire_offset
);
730 SeekDir(dptr
->dir_hnd
,seekoff
);
731 DEBUG(3,("fetching dirptr %d for path %s at offset %d\n",
732 key
, dptr
->smb_dname
->base_name
, (int)seekoff
));
733 return dptr
->dir_hnd
->fsp
;
736 /****************************************************************************
737 Fetch the fsp associated with the dptr_num.
738 ****************************************************************************/
740 files_struct
*dptr_fetch_lanman2_fsp(struct smbd_server_connection
*sconn
,
743 struct dptr_struct
*dptr
= dptr_get(sconn
, dptr_num
);
747 DBG_NOTICE("fetching dirptr %d for path %s\n",
749 dptr
->smb_dname
->base_name
);
750 return dptr
->dir_hnd
->fsp
;
753 static bool mangle_mask_match(connection_struct
*conn
,
754 const char *filename
,
759 if (!name_to_8_3(filename
,mname
,False
,conn
->params
)) {
762 return mask_match_search(mname
,mask
,False
);
765 bool smbd_dirptr_get_entry(TALLOC_CTX
*ctx
,
766 struct dptr_struct
*dirptr
,
772 bool (*match_fn
)(TALLOC_CTX
*ctx
,
777 bool (*mode_fn
)(TALLOC_CTX
*ctx
,
779 struct smb_filename
*smb_fname
,
784 struct smb_filename
**_smb_fname
,
788 connection_struct
*conn
= dirptr
->conn
;
791 const char *dpath
= dirptr
->smb_dname
->base_name
;
792 bool dirptr_path_is_dot
= ISDOT(dpath
);
797 pathlen
= strlen(dpath
);
798 slashlen
= ( dpath
[pathlen
-1] != '/') ? 1 : 0;
803 SMB_STRUCT_STAT sbuf
= { 0 };
807 char *pathreal
= NULL
;
808 struct smb_filename smb_fname
;
812 cur_offset
= dptr_TellDir(dirptr
);
813 prev_offset
= cur_offset
;
814 dname
= dptr_ReadDirName(ctx
, dirptr
, &cur_offset
, &sbuf
);
816 DEBUG(6,("smbd_dirptr_get_entry: dirptr 0x%lx now at offset %ld\n",
817 (long)dirptr
, cur_offset
));
823 isdots
= (ISDOT(dname
) || ISDOTDOT(dname
));
824 if (dont_descend
&& !isdots
) {
830 * fname may get mangled, dname is never mangled.
831 * Whenever we're accessing the filesystem we use
832 * pathreal which is composed from dname.
835 ok
= match_fn(ctx
, private_data
, dname
, mask
, &fname
);
843 * pathreal = talloc_asprintf(ctx, "%s%s%s", dirptr->path,
844 * needslash?"/":"", dname);
845 * but this was measurably slower than doing the memcpy.
848 pathreal
= talloc_array(
850 pathlen
+ slashlen
+ talloc_get_size(dname
));
858 * We don't want to pass ./xxx to modules below us so don't
859 * add the path if it is just . by itself.
861 if (dirptr_path_is_dot
) {
862 memcpy(pathreal
, dname
, talloc_get_size(dname
));
864 memcpy(pathreal
, dpath
, pathlen
);
865 pathreal
[pathlen
] = '/';
866 memcpy(pathreal
+ slashlen
+ pathlen
, dname
,
867 talloc_get_size(dname
));
870 /* Create smb_fname with NULL stream_name. */
871 smb_fname
= (struct smb_filename
) {
872 .base_name
= pathreal
,
874 .twrp
= dirptr
->smb_dname
->twrp
,
877 ok
= mode_fn(ctx
, private_data
, &smb_fname
, get_dosmode
, &mode
);
881 TALLOC_FREE(pathreal
);
885 if (!dir_check_ftype(mode
, dirtype
)) {
886 DEBUG(5,("[%s] attribs 0x%x didn't match 0x%x\n",
887 fname
, (unsigned int)mode
, (unsigned int)dirtype
));
890 TALLOC_FREE(pathreal
);
894 if (ask_sharemode
&& !S_ISDIR(smb_fname
.st
.st_ex_mode
)) {
895 struct timespec write_time_ts
;
896 struct file_id fileid
;
898 fileid
= vfs_file_id_from_sbuf(conn
,
900 get_file_infos(fileid
, 0, NULL
, &write_time_ts
);
901 if (!is_omit_timespec(&write_time_ts
)) {
902 update_stat_ex_mtime(&smb_fname
.st
,
907 DEBUG(3,("smbd_dirptr_get_entry mask=[%s] found %s "
909 mask
, smb_fname_str_dbg(&smb_fname
),
912 if (!conn
->sconn
->using_smb2
) {
914 * The dircache is only needed for SMB1 because SMB1
915 * uses a name for the resume wheras SMB2 always
916 * continues from the next position (unless it's told to
917 * restart or close-and-reopen the listing).
919 DirCacheAdd(dirptr
->dir_hnd
, dname
, cur_offset
);
924 *_smb_fname
= cp_smb_filename(ctx
, &smb_fname
);
925 TALLOC_FREE(pathreal
);
926 if (*_smb_fname
== NULL
) {
931 *_prev_offset
= prev_offset
;
939 /****************************************************************************
940 Get an 8.3 directory entry.
941 ****************************************************************************/
943 static bool smbd_dirptr_8_3_match_fn(TALLOC_CTX
*ctx
,
949 connection_struct
*conn
= (connection_struct
*)private_data
;
951 if ((strcmp(mask
,"*.*") == 0) ||
952 mask_match_search(dname
, mask
, false) ||
953 mangle_mask_match(conn
, dname
, mask
)) {
957 * Ensure we can push the original name as UCS2. If
958 * not, then just don't return this name.
962 size_t len
= (strlen(dname
) + 2) * 4; /* Allow enough space. */
963 uint8_t *tmp
= talloc_array(talloc_tos(),
967 status
= srvstr_push(NULL
,
968 FLAGS2_UNICODE_STRINGS
,
977 if (!NT_STATUS_IS_OK(status
)) {
981 if (!mangle_is_8_3(dname
, false, conn
->params
)) {
982 bool ok
= name_to_8_3(dname
, mname
, false,
992 *_fname
= talloc_strdup(ctx
, fname
);
993 if (*_fname
== NULL
) {
1003 static bool smbd_dirptr_8_3_mode_fn(TALLOC_CTX
*ctx
,
1005 struct smb_filename
*smb_fname
,
1009 connection_struct
*conn
= (connection_struct
*)private_data
;
1011 if (!VALID_STAT(smb_fname
->st
)) {
1012 if ((SMB_VFS_STAT(conn
, smb_fname
)) != 0) {
1013 DEBUG(5,("smbd_dirptr_8_3_mode_fn: "
1014 "Couldn't stat [%s]. Error "
1016 smb_fname_str_dbg(smb_fname
),
1022 *_mode
= dos_mode(conn
, smb_fname
);
1026 bool get_dir_entry(TALLOC_CTX
*ctx
,
1027 struct dptr_struct
*dirptr
,
1033 struct timespec
*_date
,
1037 connection_struct
*conn
= dirptr
->conn
;
1039 struct smb_filename
*smb_fname
= NULL
;
1044 ok
= smbd_dirptr_get_entry(ctx
,
1051 smbd_dirptr_8_3_match_fn
,
1052 smbd_dirptr_8_3_mode_fn
,
1062 *_fname
= talloc_move(ctx
, &fname
);
1063 *_size
= smb_fname
->st
.st_ex_size
;
1065 *_date
= smb_fname
->st
.st_ex_mtime
;
1066 TALLOC_FREE(smb_fname
);
1070 /*******************************************************************
1071 Check to see if a user can read a file. This is only approximate,
1072 it is used as part of the "hide unreadable" option. Don't
1073 use it for anything security sensitive.
1074 ********************************************************************/
1076 static bool user_can_read_file(connection_struct
*conn
,
1077 struct files_struct
*dirfsp
,
1078 struct smb_filename
*smb_fname
)
1081 uint32_t rejected_share_access
= 0;
1082 uint32_t rejected_mask
= 0;
1083 struct security_descriptor
*sd
= NULL
;
1084 uint32_t access_mask
= FILE_READ_DATA
|
1086 FILE_READ_ATTRIBUTES
|
1087 SEC_STD_READ_CONTROL
;
1089 SMB_ASSERT(dirfsp
== conn
->cwd_fsp
);
1092 * Never hide files from the root user.
1093 * We use (uid_t)0 here not sec_initial_uid()
1094 * as make test uses a single user context.
1097 if (get_current_uid(conn
) == (uid_t
)0) {
1102 * We can't directly use smbd_check_access_rights()
1103 * here, as this implicitly grants FILE_READ_ATTRIBUTES
1104 * which the Windows access-based-enumeration code
1105 * explicitly checks for on the file security descriptor.
1108 * https://bugzilla.samba.org/show_bug.cgi?id=10252
1110 * and the smb2.acl2.ACCESSBASED test for details.
1113 rejected_share_access
= access_mask
& ~(conn
->share_access
);
1114 if (rejected_share_access
) {
1115 DEBUG(10, ("rejected share access 0x%x "
1117 (unsigned int)access_mask
,
1118 smb_fname_str_dbg(smb_fname
),
1119 (unsigned int)rejected_share_access
));
1123 status
= SMB_VFS_GET_NT_ACL_AT(conn
,
1132 if (!NT_STATUS_IS_OK(status
)) {
1133 DEBUG(10, ("Could not get acl "
1135 smb_fname_str_dbg(smb_fname
),
1136 nt_errstr(status
)));
1140 status
= se_file_access_check(sd
,
1141 get_current_nttok(conn
),
1148 if (NT_STATUS_EQUAL(status
, NT_STATUS_ACCESS_DENIED
)) {
1149 DEBUG(10,("rejected bits 0x%x read access for %s\n",
1150 (unsigned int)rejected_mask
,
1151 smb_fname_str_dbg(smb_fname
) ));
1157 /*******************************************************************
1158 Check to see if a user can write a file (and only files, we do not
1159 check dirs on this one). This is only approximate,
1160 it is used as part of the "hide unwriteable" option. Don't
1161 use it for anything security sensitive.
1162 ********************************************************************/
1164 static bool user_can_write_file(connection_struct
*conn
,
1165 struct files_struct
*dirfsp
,
1166 const struct smb_filename
*smb_fname
)
1168 SMB_ASSERT(dirfsp
== conn
->cwd_fsp
);
1171 * Never hide files from the root user.
1172 * We use (uid_t)0 here not sec_initial_uid()
1173 * as make test uses a single user context.
1176 if (get_current_uid(conn
) == (uid_t
)0) {
1180 SMB_ASSERT(VALID_STAT(smb_fname
->st
));
1182 /* Pseudo-open the file */
1184 if(S_ISDIR(smb_fname
->st
.st_ex_mode
)) {
1188 return can_write_to_file(conn
, dirfsp
, smb_fname
);
1191 /*******************************************************************
1192 Is a file a "special" type ?
1193 ********************************************************************/
1195 static bool file_is_special(connection_struct
*conn
,
1196 const struct smb_filename
*smb_fname
)
1199 * Never hide files from the root user.
1200 * We use (uid_t)0 here not sec_initial_uid()
1201 * as make test uses a single user context.
1204 if (get_current_uid(conn
) == (uid_t
)0) {
1208 SMB_ASSERT(VALID_STAT(smb_fname
->st
));
1210 if (S_ISREG(smb_fname
->st
.st_ex_mode
) ||
1211 S_ISDIR(smb_fname
->st
.st_ex_mode
) ||
1212 S_ISLNK(smb_fname
->st
.st_ex_mode
))
1218 /*******************************************************************
1219 Should the file be seen by the client?
1220 NOTE: A successful return is no guarantee of the file's existence.
1221 ********************************************************************/
1223 bool is_visible_file(connection_struct
*conn
,
1224 struct smb_Dir
*dir_hnd
,
1226 SMB_STRUCT_STAT
*pst
,
1229 bool hide_unreadable
= lp_hide_unreadable(SNUM(conn
));
1230 bool hide_unwriteable
= lp_hide_unwriteable_files(SNUM(conn
));
1231 bool hide_special
= lp_hide_special_files(SNUM(conn
));
1232 int hide_new_files_timeout
= lp_hide_new_files_timeout(SNUM(conn
));
1234 struct smb_filename
*dir_path
= dir_hnd
->fsp
->fsp_name
;
1235 struct smb_filename
*smb_fname_base
= NULL
;
1238 if ((strcmp(".",name
) == 0) || (strcmp("..",name
) == 0)) {
1239 return True
; /* . and .. are always visible. */
1242 /* If it's a vetoed file, pretend it doesn't even exist */
1243 if (use_veto
&& IS_VETO_PATH(conn
, name
)) {
1244 DEBUG(10,("is_visible_file: file %s is vetoed.\n", name
));
1248 if (hide_unreadable
||
1251 (hide_new_files_timeout
!= 0))
1253 entry
= talloc_asprintf(talloc_tos(),
1255 dir_path
->base_name
,
1262 /* Create an smb_filename with stream_name == NULL. */
1263 smb_fname_base
= synthetic_smb_fname(talloc_tos(),
1269 if (smb_fname_base
== NULL
) {
1274 /* If the file name does not exist, there's no point checking
1275 * the configuration options. We succeed, on the basis that the
1276 * checks *might* have passed if the file was present.
1278 if (!VALID_STAT(*pst
)) {
1279 if (SMB_VFS_STAT(conn
, smb_fname_base
) != 0) {
1283 *pst
= smb_fname_base
->st
;
1286 /* Honour _hide unreadable_ option */
1287 if (hide_unreadable
&&
1288 !user_can_read_file(conn
,
1292 DEBUG(10,("is_visible_file: file %s is unreadable.\n",
1297 /* Honour _hide unwriteable_ option */
1298 if (hide_unwriteable
&&
1299 !user_can_write_file(conn
,
1303 DEBUG(10,("is_visible_file: file %s is unwritable.\n",
1308 /* Honour _hide_special_ option */
1309 if (hide_special
&& file_is_special(conn
, smb_fname_base
)) {
1310 DEBUG(10,("is_visible_file: file %s is special.\n",
1316 if (hide_new_files_timeout
!= 0) {
1318 double age
= timespec_elapsed(
1319 &smb_fname_base
->st
.st_ex_mtime
);
1321 if (age
< (double)hide_new_files_timeout
) {
1330 TALLOC_FREE(smb_fname_base
);
1335 static int smb_Dir_destructor(struct smb_Dir
*dir_hnd
)
1337 files_struct
*fsp
= dir_hnd
->fsp
;
1339 SMB_VFS_CLOSEDIR(dir_hnd
->conn
, dir_hnd
->dir
);
1341 if (fsp
->dptr
!= NULL
) {
1342 SMB_ASSERT(fsp
->dptr
->dir_hnd
== dir_hnd
);
1343 fsp
->dptr
->dir_hnd
= NULL
;
1345 dir_hnd
->fsp
= NULL
;
1349 /*******************************************************************
1351 ********************************************************************/
1353 static int smb_Dir_OpenDir_destructor(struct smb_Dir
*dir_hnd
)
1355 files_struct
*fsp
= dir_hnd
->fsp
;
1357 smb_Dir_destructor(dir_hnd
);
1358 file_free(NULL
, fsp
);
1362 struct smb_Dir
*OpenDir(TALLOC_CTX
*mem_ctx
,
1363 connection_struct
*conn
,
1364 const struct smb_filename
*smb_dname
,
1368 struct files_struct
*fsp
= NULL
;
1369 struct smb_Dir
*dir_hnd
= NULL
;
1372 status
= open_internal_dirfsp(conn
,
1376 if (!NT_STATUS_IS_OK(status
)) {
1380 dir_hnd
= OpenDir_fsp(mem_ctx
, conn
, fsp
, mask
, attr
);
1381 if (dir_hnd
== NULL
) {
1386 * This overwrites the destructor set by smb_Dir_OpenDir_destructor(),
1387 * but smb_Dir_OpenDir_destructor() calls the OpenDir_fsp() destructor.
1389 talloc_set_destructor(dir_hnd
, smb_Dir_OpenDir_destructor
);
1393 /*******************************************************************
1394 Open a directory from an fsp.
1395 ********************************************************************/
1397 static struct smb_Dir
*OpenDir_fsp(TALLOC_CTX
*mem_ctx
, connection_struct
*conn
,
1402 struct smb_Dir
*dir_hnd
= talloc_zero(mem_ctx
, struct smb_Dir
);
1408 if (!fsp
->fsp_flags
.is_directory
) {
1413 if (fsp
->fh
->fd
== -1) {
1418 dir_hnd
->conn
= conn
;
1420 if (!conn
->sconn
->using_smb2
) {
1422 * The dircache is only needed for SMB1 because SMB1 uses a name
1423 * for the resume wheras SMB2 always continues from the next
1424 * position (unless it's told to restart or close-and-reopen the
1427 dir_hnd
->name_cache_size
=
1428 lp_directory_name_cache_size(SNUM(conn
));
1431 dir_hnd
->dir_smb_fname
= cp_smb_filename(dir_hnd
, fsp
->fsp_name
);
1432 if (!dir_hnd
->dir_smb_fname
) {
1437 dir_hnd
->dir
= SMB_VFS_FDOPENDIR(fsp
, mask
, attr
);
1438 if (dir_hnd
->dir
== NULL
) {
1443 talloc_set_destructor(dir_hnd
, smb_Dir_destructor
);
1448 TALLOC_FREE(dir_hnd
);
1453 /*******************************************************************
1454 Read from a directory.
1455 Return directory entry, current offset, and optional stat information.
1456 Don't check for veto or invisible files.
1457 ********************************************************************/
1459 const char *ReadDirName(struct smb_Dir
*dir_hnd
, long *poffset
,
1460 SMB_STRUCT_STAT
*sbuf
, char **ptalloced
)
1463 char *talloced
= NULL
;
1464 connection_struct
*conn
= dir_hnd
->conn
;
1466 /* Cheat to allow . and .. to be the first entries returned. */
1467 if (((*poffset
== START_OF_DIRECTORY_OFFSET
) ||
1468 (*poffset
== DOT_DOT_DIRECTORY_OFFSET
)) && (dir_hnd
->file_number
< 2))
1470 if (dir_hnd
->file_number
== 0) {
1472 *poffset
= dir_hnd
->offset
= START_OF_DIRECTORY_OFFSET
;
1475 *poffset
= dir_hnd
->offset
= DOT_DOT_DIRECTORY_OFFSET
;
1477 dir_hnd
->file_number
++;
1482 if (*poffset
== END_OF_DIRECTORY_OFFSET
) {
1483 *poffset
= dir_hnd
->offset
= END_OF_DIRECTORY_OFFSET
;
1487 /* A real offset, seek to it. */
1488 SeekDir(dir_hnd
, *poffset
);
1490 while ((n
= vfs_readdirname(conn
, dir_hnd
->dir
, sbuf
, &talloced
))) {
1491 /* Ignore . and .. - we've already returned them. */
1493 if ((n
[1] == '\0') || (n
[1] == '.' && n
[2] == '\0')) {
1494 TALLOC_FREE(talloced
);
1498 *poffset
= dir_hnd
->offset
= SMB_VFS_TELLDIR(conn
, dir_hnd
->dir
);
1499 *ptalloced
= talloced
;
1500 dir_hnd
->file_number
++;
1503 *poffset
= dir_hnd
->offset
= END_OF_DIRECTORY_OFFSET
;
1508 /*******************************************************************
1509 Rewind to the start.
1510 ********************************************************************/
1512 void RewindDir(struct smb_Dir
*dir_hnd
, long *poffset
)
1514 SMB_VFS_REWINDDIR(dir_hnd
->conn
, dir_hnd
->dir
);
1515 dir_hnd
->file_number
= 0;
1516 dir_hnd
->offset
= START_OF_DIRECTORY_OFFSET
;
1517 *poffset
= START_OF_DIRECTORY_OFFSET
;
1520 /*******************************************************************
1522 ********************************************************************/
1524 void SeekDir(struct smb_Dir
*dirp
, long offset
)
1526 if (offset
!= dirp
->offset
) {
1527 if (offset
== START_OF_DIRECTORY_OFFSET
) {
1528 RewindDir(dirp
, &offset
);
1530 * Ok we should really set the file number here
1531 * to 1 to enable ".." to be returned next. Trouble
1532 * is I'm worried about callers using SeekDir(dirp,0)
1533 * as equivalent to RewindDir(). So leave this alone
1536 } else if (offset
== DOT_DOT_DIRECTORY_OFFSET
) {
1537 RewindDir(dirp
, &offset
);
1539 * Set the file number to 2 - we want to get the first
1540 * real file entry (the one we return after "..")
1541 * on the next ReadDir.
1543 dirp
->file_number
= 2;
1544 } else if (offset
== END_OF_DIRECTORY_OFFSET
) {
1545 ; /* Don't seek in this case. */
1547 SMB_VFS_SEEKDIR(dirp
->conn
, dirp
->dir
, offset
);
1549 dirp
->offset
= offset
;
1553 /*******************************************************************
1554 Tell a dir position.
1555 ********************************************************************/
1557 long TellDir(struct smb_Dir
*dir_hnd
)
1559 return(dir_hnd
->offset
);
1562 /*******************************************************************
1563 Add an entry into the dcache.
1564 ********************************************************************/
1566 static void DirCacheAdd(struct smb_Dir
*dir_hnd
, const char *name
, long offset
)
1568 struct name_cache_entry
*e
;
1570 if (dir_hnd
->name_cache_size
== 0) {
1574 if (dir_hnd
->name_cache
== NULL
) {
1575 dir_hnd
->name_cache
= talloc_zero_array(dir_hnd
,
1576 struct name_cache_entry
,
1577 dir_hnd
->name_cache_size
);
1579 if (dir_hnd
->name_cache
== NULL
) {
1584 dir_hnd
->name_cache_index
= (dir_hnd
->name_cache_index
+1) %
1585 dir_hnd
->name_cache_size
;
1586 e
= &dir_hnd
->name_cache
[dir_hnd
->name_cache_index
];
1587 TALLOC_FREE(e
->name
);
1588 e
->name
= talloc_strdup(dir_hnd
, name
);
1592 /*******************************************************************
1593 Find an entry by name. Leave us at the offset after it.
1594 Don't check for veto or invisible files.
1595 ********************************************************************/
1597 bool SearchDir(struct smb_Dir
*dir_hnd
, const char *name
, long *poffset
)
1600 const char *entry
= NULL
;
1601 char *talloced
= NULL
;
1602 connection_struct
*conn
= dir_hnd
->conn
;
1604 /* Search back in the name cache. */
1605 if (dir_hnd
->name_cache_size
&& dir_hnd
->name_cache
) {
1606 for (i
= dir_hnd
->name_cache_index
; i
>= 0; i
--) {
1607 struct name_cache_entry
*e
= &dir_hnd
->name_cache
[i
];
1608 if (e
->name
&& (conn
->case_sensitive
? (strcmp(e
->name
, name
) == 0) : strequal(e
->name
, name
))) {
1609 *poffset
= e
->offset
;
1610 SeekDir(dir_hnd
, e
->offset
);
1614 for (i
= dir_hnd
->name_cache_size
- 1;
1615 i
> dir_hnd
->name_cache_index
; i
--) {
1616 struct name_cache_entry
*e
= &dir_hnd
->name_cache
[i
];
1617 if (e
->name
&& (conn
->case_sensitive
? (strcmp(e
->name
, name
) == 0) : strequal(e
->name
, name
))) {
1618 *poffset
= e
->offset
;
1619 SeekDir(dir_hnd
, e
->offset
);
1625 /* Not found in the name cache. Rewind directory and start from scratch. */
1626 SMB_VFS_REWINDDIR(conn
, dir_hnd
->dir
);
1627 dir_hnd
->file_number
= 0;
1628 *poffset
= START_OF_DIRECTORY_OFFSET
;
1629 while ((entry
= ReadDirName(dir_hnd
, poffset
, NULL
, &talloced
))) {
1630 if (conn
->case_sensitive
? (strcmp(entry
, name
) == 0) : strequal(entry
, name
)) {
1631 TALLOC_FREE(talloced
);
1634 TALLOC_FREE(talloced
);
1639 struct files_below_forall_state
{
1642 int (*fn
)(struct file_id fid
, const struct share_mode_data
*data
,
1643 void *private_data
);
1647 static int files_below_forall_fn(struct file_id fid
,
1648 const struct share_mode_data
*data
,
1651 struct files_below_forall_state
*state
= private_data
;
1652 char tmpbuf
[PATH_MAX
];
1653 char *fullpath
, *to_free
;
1656 len
= full_path_tos(data
->servicepath
, data
->base_name
,
1657 tmpbuf
, sizeof(tmpbuf
),
1658 &fullpath
, &to_free
);
1662 if (state
->dirpath_len
>= len
) {
1664 * Filter files above dirpath
1668 if (fullpath
[state
->dirpath_len
] != '/') {
1670 * Filter file that don't have a path separator at the end of
1676 if (memcmp(state
->dirpath
, fullpath
, state
->dirpath_len
) != 0) {
1683 TALLOC_FREE(to_free
);
1684 return state
->fn(fid
, data
, state
->private_data
);
1687 TALLOC_FREE(to_free
);
1691 static int files_below_forall(connection_struct
*conn
,
1692 const struct smb_filename
*dir_name
,
1693 int (*fn
)(struct file_id fid
,
1694 const struct share_mode_data
*data
,
1695 void *private_data
),
1698 struct files_below_forall_state state
= {
1700 .private_data
= private_data
,
1703 char tmpbuf
[PATH_MAX
];
1706 state
.dirpath_len
= full_path_tos(conn
->connectpath
,
1707 dir_name
->base_name
,
1708 tmpbuf
, sizeof(tmpbuf
),
1709 &state
.dirpath
, &to_free
);
1710 if (state
.dirpath_len
== -1) {
1714 ret
= share_mode_forall(files_below_forall_fn
, &state
);
1715 TALLOC_FREE(to_free
);
1719 struct have_file_open_below_state
{
1723 static int have_file_open_below_fn(struct file_id fid
,
1724 const struct share_mode_data
*data
,
1727 struct have_file_open_below_state
*state
= private_data
;
1728 state
->found_one
= true;
1732 bool have_file_open_below(connection_struct
*conn
,
1733 const struct smb_filename
*name
)
1735 struct have_file_open_below_state state
= {
1740 if (!VALID_STAT(name
->st
)) {
1743 if (!S_ISDIR(name
->st
.st_ex_mode
)) {
1747 ret
= files_below_forall(conn
, name
, have_file_open_below_fn
, &state
);
1752 return state
.found_one
;
1755 /*****************************************************************
1756 Is this directory empty ?
1757 *****************************************************************/
1759 NTSTATUS
can_delete_directory_fsp(files_struct
*fsp
)
1761 NTSTATUS status
= NT_STATUS_OK
;
1763 const char *dname
= NULL
;
1764 char *talloced
= NULL
;
1766 struct connection_struct
*conn
= fsp
->conn
;
1767 struct smb_Dir
*dir_hnd
= OpenDir(talloc_tos(),
1774 return map_nt_error_from_unix(errno
);
1777 while ((dname
= ReadDirName(dir_hnd
, &dirpos
, &st
, &talloced
))) {
1778 /* Quick check for "." and ".." */
1779 if (dname
[0] == '.') {
1780 if (!dname
[1] || (dname
[1] == '.' && !dname
[2])) {
1781 TALLOC_FREE(talloced
);
1786 if (!is_visible_file(conn
,
1791 TALLOC_FREE(talloced
);
1795 DEBUG(10,("got name %s - can't delete\n",
1797 status
= NT_STATUS_DIRECTORY_NOT_EMPTY
;
1800 TALLOC_FREE(talloced
);
1801 TALLOC_FREE(dir_hnd
);
1803 if (!NT_STATUS_IS_OK(status
)) {
1807 if (!(fsp
->posix_flags
& FSP_POSIX_FLAGS_RENAME
) &&
1808 lp_strict_rename(SNUM(conn
)) &&
1809 have_file_open_below(fsp
->conn
, fsp
->fsp_name
))
1811 return NT_STATUS_ACCESS_DENIED
;
1814 return NT_STATUS_OK
;