2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 #include "smbd/globals.h"
25 extern const struct generic_mapping file_generic_mapping
;
27 struct deferred_open_record
{
28 bool delayed_for_oplocks
;
32 static NTSTATUS
create_file_unixpath(connection_struct
*conn
,
33 struct smb_request
*req
,
36 uint32_t share_access
,
37 uint32_t create_disposition
,
38 uint32_t create_options
,
39 uint32_t file_attributes
,
40 uint32_t oplock_request
,
41 uint64_t allocation_size
,
42 struct security_descriptor
*sd
,
43 struct ea_list
*ea_list
,
45 files_struct
**result
,
47 SMB_STRUCT_STAT
*psbuf
);
49 /****************************************************************************
50 SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
51 ****************************************************************************/
53 NTSTATUS
smb1_file_se_access_check(const struct security_descriptor
*sd
,
54 const NT_USER_TOKEN
*token
,
55 uint32_t access_desired
,
56 uint32_t *access_granted
)
58 return se_access_check(sd
,
60 (access_desired
& ~FILE_READ_ATTRIBUTES
),
64 /****************************************************************************
65 Check if we have open rights.
66 ****************************************************************************/
68 static NTSTATUS
check_open_rights(struct connection_struct
*conn
,
71 uint32_t *access_granted
)
73 /* Check if we have rights to open. */
75 struct security_descriptor
*sd
;
79 if (conn
->server_info
->utok
.uid
== 0 || conn
->admin_user
) {
80 /* I'm sorry sir, I didn't know you were root... */
81 *access_granted
= access_mask
;
82 if (access_mask
& SEC_FLAG_MAXIMUM_ALLOWED
) {
83 *access_granted
|= FILE_GENERIC_ALL
;
88 status
= SMB_VFS_GET_NT_ACL(conn
, fname
,
89 (OWNER_SECURITY_INFORMATION
|
90 GROUP_SECURITY_INFORMATION
|
91 DACL_SECURITY_INFORMATION
),&sd
);
93 if (!NT_STATUS_IS_OK(status
)) {
94 DEBUG(10, ("check_open_rights: Could not get acl "
101 status
= smb1_file_se_access_check(sd
,
102 conn
->server_info
->ptok
,
108 DEBUG(10,("check_open_rights: file %s requesting "
109 "0x%x returning 0x%x (%s)\n",
111 (unsigned int)access_mask
,
112 (unsigned int)*access_granted
,
113 nt_errstr(status
) ));
118 /****************************************************************************
119 fd support routines - attempt to do a dos_open.
120 ****************************************************************************/
122 static NTSTATUS
fd_open(struct connection_struct
*conn
,
128 NTSTATUS status
= NT_STATUS_OK
;
132 * Never follow symlinks on a POSIX client. The
133 * client should be doing this.
136 if (fsp
->posix_open
|| !lp_symlinks(SNUM(conn
))) {
141 fsp
->fh
->fd
= SMB_VFS_OPEN(conn
,fname
,fsp
,flags
,mode
);
142 if (fsp
->fh
->fd
== -1) {
143 status
= map_nt_error_from_unix(errno
);
144 if (errno
== EMFILE
) {
145 static time_t last_warned
= 0L;
147 if (time((time_t *) NULL
) > last_warned
) {
148 DEBUG(0,("Too many open files, unable "
149 "to open more! smbd's max "
151 lp_max_open_files()));
152 last_warned
= time((time_t *) NULL
);
158 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
159 fname
, flags
, (int)mode
, fsp
->fh
->fd
,
160 (fsp
->fh
->fd
== -1) ? strerror(errno
) : "" ));
165 /****************************************************************************
166 Close the file associated with a fsp.
167 ****************************************************************************/
169 NTSTATUS
fd_close(files_struct
*fsp
)
173 if (fsp
->fh
->fd
== -1) {
174 return NT_STATUS_OK
; /* What we used to call a stat open. */
176 if (fsp
->fh
->ref_count
> 1) {
177 return NT_STATUS_OK
; /* Shared handle. Only close last reference. */
180 ret
= SMB_VFS_CLOSE(fsp
);
183 return map_nt_error_from_unix(errno
);
188 /****************************************************************************
189 Change the ownership of a file to that of the parent directory.
190 Do this by fd if possible.
191 ****************************************************************************/
193 void change_file_owner_to_parent(connection_struct
*conn
,
194 const char *inherit_from_dir
,
197 SMB_STRUCT_STAT parent_st
;
200 ret
= SMB_VFS_STAT(conn
, inherit_from_dir
, &parent_st
);
202 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
203 "directory %s. Error was %s\n",
204 inherit_from_dir
, strerror(errno
) ));
209 ret
= SMB_VFS_FCHOWN(fsp
, parent_st
.st_ex_uid
, (gid_t
)-1);
212 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
213 "file %s to parent directory uid %u. Error "
214 "was %s\n", fsp
->fsp_name
,
215 (unsigned int)parent_st
.st_ex_uid
,
219 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
220 "parent directory uid %u.\n", fsp
->fsp_name
,
221 (unsigned int)parent_st
.st_ex_uid
));
224 NTSTATUS
change_dir_owner_to_parent(connection_struct
*conn
,
225 const char *inherit_from_dir
,
227 SMB_STRUCT_STAT
*psbuf
)
229 char *saved_dir
= NULL
;
230 SMB_STRUCT_STAT sbuf
;
231 SMB_STRUCT_STAT parent_st
;
232 TALLOC_CTX
*ctx
= talloc_tos();
233 NTSTATUS status
= NT_STATUS_OK
;
236 ret
= SMB_VFS_STAT(conn
, inherit_from_dir
, &parent_st
);
238 status
= map_nt_error_from_unix(errno
);
239 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
240 "directory %s. Error was %s\n",
241 inherit_from_dir
, strerror(errno
) ));
245 /* We've already done an lstat into psbuf, and we know it's a
246 directory. If we can cd into the directory and the dev/ino
247 are the same then we can safely chown without races as
248 we're locking the directory in place by being in it. This
249 should work on any UNIX (thanks tridge :-). JRA.
252 saved_dir
= vfs_GetWd(ctx
,conn
);
254 status
= map_nt_error_from_unix(errno
);
255 DEBUG(0,("change_dir_owner_to_parent: failed to get "
256 "current working directory. Error was %s\n",
261 /* Chdir into the new path. */
262 if (vfs_ChDir(conn
, fname
) == -1) {
263 status
= map_nt_error_from_unix(errno
);
264 DEBUG(0,("change_dir_owner_to_parent: failed to change "
265 "current working directory to %s. Error "
266 "was %s\n", fname
, strerror(errno
) ));
270 if (SMB_VFS_STAT(conn
,".",&sbuf
) == -1) {
271 status
= map_nt_error_from_unix(errno
);
272 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
273 "directory '.' (%s) Error was %s\n",
274 fname
, strerror(errno
)));
278 /* Ensure we're pointing at the same place. */
279 if (sbuf
.st_ex_dev
!= psbuf
->st_ex_dev
||
280 sbuf
.st_ex_ino
!= psbuf
->st_ex_ino
||
281 sbuf
.st_ex_mode
!= psbuf
->st_ex_mode
) {
282 DEBUG(0,("change_dir_owner_to_parent: "
283 "device/inode/mode on directory %s changed. "
284 "Refusing to chown !\n", fname
));
285 status
= NT_STATUS_ACCESS_DENIED
;
290 ret
= SMB_VFS_CHOWN(conn
, ".", parent_st
.st_ex_uid
, (gid_t
)-1);
293 status
= map_nt_error_from_unix(errno
);
294 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
295 "directory %s to parent directory uid %u. "
296 "Error was %s\n", fname
,
297 (unsigned int)parent_st
.st_ex_uid
, strerror(errno
) ));
301 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
302 "directory %s to parent directory uid %u.\n",
303 fname
, (unsigned int)parent_st
.st_ex_uid
));
307 vfs_ChDir(conn
,saved_dir
);
311 /****************************************************************************
313 ****************************************************************************/
315 static NTSTATUS
open_file(files_struct
*fsp
,
316 connection_struct
*conn
,
317 struct smb_request
*req
,
318 const char *parent_dir
,
321 SMB_STRUCT_STAT
*psbuf
,
324 uint32 access_mask
, /* client requested access mask. */
325 uint32 open_access_mask
) /* what we're actually using in the open. */
327 NTSTATUS status
= NT_STATUS_OK
;
328 int accmode
= (flags
& O_ACCMODE
);
329 int local_flags
= flags
;
330 bool file_existed
= VALID_STAT(*psbuf
);
335 /* Check permissions */
338 * This code was changed after seeing a client open request
339 * containing the open mode of (DENY_WRITE/read-only) with
340 * the 'create if not exist' bit set. The previous code
341 * would fail to open the file read only on a read-only share
342 * as it was checking the flags parameter directly against O_RDONLY,
343 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
347 if (!CAN_WRITE(conn
)) {
348 /* It's a read-only share - fail if we wanted to write. */
349 if(accmode
!= O_RDONLY
|| (flags
& O_TRUNC
) || (flags
& O_APPEND
)) {
350 DEBUG(3,("Permission denied opening %s\n", path
));
351 return NT_STATUS_ACCESS_DENIED
;
352 } else if(flags
& O_CREAT
) {
353 /* We don't want to write - but we must make sure that
354 O_CREAT doesn't create the file if we have write
355 access into the directory.
357 flags
&= ~(O_CREAT
|O_EXCL
);
358 local_flags
&= ~(O_CREAT
|O_EXCL
);
363 * This little piece of insanity is inspired by the
364 * fact that an NT client can open a file for O_RDONLY,
365 * but set the create disposition to FILE_EXISTS_TRUNCATE.
366 * If the client *can* write to the file, then it expects to
367 * truncate the file, even though it is opening for readonly.
368 * Quicken uses this stupid trick in backup file creation...
369 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
370 * for helping track this one down. It didn't bite us in 2.0.x
371 * as we always opened files read-write in that release. JRA.
374 if ((accmode
== O_RDONLY
) && ((flags
& O_TRUNC
) == O_TRUNC
)) {
375 DEBUG(10,("open_file: truncate requested on read-only open "
376 "for file %s\n", path
));
377 local_flags
= (flags
& ~O_ACCMODE
)|O_RDWR
;
380 if ((open_access_mask
& (FILE_READ_DATA
|FILE_WRITE_DATA
|FILE_APPEND_DATA
|FILE_EXECUTE
)) ||
381 (!file_existed
&& (local_flags
& O_CREAT
)) ||
382 ((local_flags
& O_TRUNC
) == O_TRUNC
) ) {
386 * We can't actually truncate here as the file may be locked.
387 * open_file_ntcreate will take care of the truncate later. JRA.
390 local_flags
&= ~O_TRUNC
;
392 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
394 * We would block on opening a FIFO with no one else on the
395 * other end. Do what we used to do and add O_NONBLOCK to the
399 if (file_existed
&& S_ISFIFO(psbuf
->st_ex_mode
)) {
400 local_flags
|= O_NONBLOCK
;
404 /* Don't create files with Microsoft wildcard characters. */
407 * wildcard characters are allowed in stream names
408 * only test the basefilename
410 wild
= fsp
->base_fsp
->fsp_name
;
414 if ((local_flags
& O_CREAT
) && !file_existed
&&
416 return NT_STATUS_OBJECT_NAME_INVALID
;
419 /* Actually do the open */
420 status
= fd_open(conn
, path
, fsp
, local_flags
, unx_mode
);
421 if (!NT_STATUS_IS_OK(status
)) {
422 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
424 path
,nt_errstr(status
),local_flags
,flags
));
428 if ((local_flags
& O_CREAT
) && !file_existed
) {
430 /* Inherit the ACL if required */
431 if (lp_inherit_perms(SNUM(conn
))) {
432 inherit_access_posix_acl(conn
, parent_dir
, path
,
436 /* Change the owner if required. */
437 if (lp_inherit_owner(SNUM(conn
))) {
438 change_file_owner_to_parent(conn
, parent_dir
,
442 notify_fname(conn
, NOTIFY_ACTION_ADDED
,
443 FILE_NOTIFY_CHANGE_FILE_NAME
, path
);
447 fsp
->fh
->fd
= -1; /* What we used to call a stat open. */
449 uint32_t access_granted
= 0;
451 status
= check_open_rights(conn
,
455 if (!NT_STATUS_IS_OK(status
)) {
456 if (NT_STATUS_EQUAL(status
, NT_STATUS_ACCESS_DENIED
)) {
458 * On NT_STATUS_ACCESS_DENIED, access_granted
459 * contains the denied bits.
462 if ((access_mask
& FILE_WRITE_ATTRIBUTES
) &&
463 (access_granted
& FILE_WRITE_ATTRIBUTES
) &&
464 (lp_map_readonly(SNUM(conn
)) ||
465 lp_map_archive(SNUM(conn
)) ||
466 lp_map_hidden(SNUM(conn
)) ||
467 lp_map_system(SNUM(conn
)))) {
468 access_granted
&= ~FILE_WRITE_ATTRIBUTES
;
470 DEBUG(10,("open_file: overrode FILE_WRITE_ATTRIBUTES "
475 if ((access_mask
& DELETE_ACCESS
) &&
476 (access_granted
& DELETE_ACCESS
) &&
477 can_delete_file_in_directory(conn
, path
)) {
478 /* Were we trying to do a stat open
479 * for delete and didn't get DELETE
480 * access (only) ? Check if the
481 * directory allows DELETE_CHILD.
483 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
486 access_granted
&= ~DELETE_ACCESS
;
488 DEBUG(10,("open_file: overrode DELETE_ACCESS "
493 if (access_granted
!= 0) {
494 DEBUG(10, ("open_file: Access denied on "
499 } else if (NT_STATUS_EQUAL(status
, NT_STATUS_OBJECT_NAME_NOT_FOUND
) &&
501 S_ISLNK(psbuf
->st_ex_mode
)) {
502 /* This is a POSIX stat open for delete
503 * or rename on a symlink that points
505 DEBUG(10, ("open_file: allowing POSIX open "
506 "on bad symlink %s\n",
509 DEBUG(10, ("open_file: check_open_rights "
510 "on file %s returned %s\n",
511 path
, nt_errstr(status
) ));
521 if (fsp
->fh
->fd
== -1) {
522 ret
= SMB_VFS_STAT(conn
, path
, psbuf
);
524 ret
= SMB_VFS_FSTAT(fsp
, psbuf
);
525 /* If we have an fd, this stat should succeed. */
527 DEBUG(0,("Error doing fstat on open file %s "
528 "(%s)\n", path
,strerror(errno
) ));
532 /* For a non-io open, this stat failing means file not found. JRA */
534 status
= map_nt_error_from_unix(errno
);
541 * POSIX allows read-only opens of directories. We don't
542 * want to do this (we use a different code path for this)
543 * so catch a directory open and return an EISDIR. JRA.
546 if(S_ISDIR(psbuf
->st_ex_mode
)) {
549 return NT_STATUS_FILE_IS_A_DIRECTORY
;
552 fsp
->mode
= psbuf
->st_ex_mode
;
553 fsp
->file_id
= vfs_file_id_from_sbuf(conn
, psbuf
);
554 fsp
->vuid
= req
? req
->vuid
: UID_FIELD_INVALID
;
555 fsp
->file_pid
= req
? req
->smbpid
: 0;
556 fsp
->can_lock
= True
;
557 fsp
->can_read
= (access_mask
& (FILE_READ_DATA
)) ? True
: False
;
558 if (!CAN_WRITE(conn
)) {
559 fsp
->can_write
= False
;
561 fsp
->can_write
= (access_mask
& (FILE_WRITE_DATA
| FILE_APPEND_DATA
)) ?
564 fsp
->print_file
= False
;
565 fsp
->modified
= False
;
566 fsp
->sent_oplock_break
= NO_BREAK_SENT
;
567 fsp
->is_directory
= False
;
568 if (conn
->aio_write_behind_list
&&
569 is_in_path(path
, conn
->aio_write_behind_list
, conn
->case_sensitive
)) {
570 fsp
->aio_write_behind
= True
;
573 string_set(&fsp
->fsp_name
, path
);
574 fsp
->wcp
= NULL
; /* Write cache pointer. */
576 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
577 conn
->server_info
->unix_name
,
579 BOOLSTR(fsp
->can_read
), BOOLSTR(fsp
->can_write
),
580 conn
->num_files_open
));
586 /*******************************************************************
587 Return True if the filename is one of the special executable types.
588 ********************************************************************/
590 bool is_executable(const char *fname
)
592 if ((fname
= strrchr_m(fname
,'.'))) {
593 if (strequal(fname
,".com") ||
594 strequal(fname
,".dll") ||
595 strequal(fname
,".exe") ||
596 strequal(fname
,".sym")) {
603 /****************************************************************************
604 Check if we can open a file with a share mode.
605 Returns True if conflict, False if not.
606 ****************************************************************************/
608 static bool share_conflict(struct share_mode_entry
*entry
,
612 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
613 "entry->share_access = 0x%x, "
614 "entry->private_options = 0x%x\n",
615 (unsigned int)entry
->access_mask
,
616 (unsigned int)entry
->share_access
,
617 (unsigned int)entry
->private_options
));
619 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
620 (unsigned int)access_mask
, (unsigned int)share_access
));
622 if ((entry
->access_mask
& (FILE_WRITE_DATA
|
626 DELETE_ACCESS
)) == 0) {
627 DEBUG(10,("share_conflict: No conflict due to "
628 "entry->access_mask = 0x%x\n",
629 (unsigned int)entry
->access_mask
));
633 if ((access_mask
& (FILE_WRITE_DATA
|
637 DELETE_ACCESS
)) == 0) {
638 DEBUG(10,("share_conflict: No conflict due to "
639 "access_mask = 0x%x\n",
640 (unsigned int)access_mask
));
644 #if 1 /* JRA TEST - Superdebug. */
645 #define CHECK_MASK(num, am, right, sa, share) \
646 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
647 (unsigned int)(num), (unsigned int)(am), \
648 (unsigned int)(right), (unsigned int)(am)&(right) )); \
649 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
650 (unsigned int)(num), (unsigned int)(sa), \
651 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
652 if (((am) & (right)) && !((sa) & (share))) { \
653 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
654 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
655 (unsigned int)(share) )); \
659 #define CHECK_MASK(num, am, right, sa, share) \
660 if (((am) & (right)) && !((sa) & (share))) { \
661 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
662 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
663 (unsigned int)(share) )); \
668 CHECK_MASK(1, entry
->access_mask
, FILE_WRITE_DATA
| FILE_APPEND_DATA
,
669 share_access
, FILE_SHARE_WRITE
);
670 CHECK_MASK(2, access_mask
, FILE_WRITE_DATA
| FILE_APPEND_DATA
,
671 entry
->share_access
, FILE_SHARE_WRITE
);
673 CHECK_MASK(3, entry
->access_mask
, FILE_READ_DATA
| FILE_EXECUTE
,
674 share_access
, FILE_SHARE_READ
);
675 CHECK_MASK(4, access_mask
, FILE_READ_DATA
| FILE_EXECUTE
,
676 entry
->share_access
, FILE_SHARE_READ
);
678 CHECK_MASK(5, entry
->access_mask
, DELETE_ACCESS
,
679 share_access
, FILE_SHARE_DELETE
);
680 CHECK_MASK(6, access_mask
, DELETE_ACCESS
,
681 entry
->share_access
, FILE_SHARE_DELETE
);
683 DEBUG(10,("share_conflict: No conflict.\n"));
687 #if defined(DEVELOPER)
688 static void validate_my_share_entries(int num
,
689 struct share_mode_entry
*share_entry
)
693 if (!procid_is_me(&share_entry
->pid
)) {
697 if (is_deferred_open_entry(share_entry
) &&
698 !open_was_deferred(share_entry
->op_mid
)) {
699 char *str
= talloc_asprintf(talloc_tos(),
700 "Got a deferred entry without a request: "
702 share_mode_str(talloc_tos(), num
, share_entry
));
706 if (!is_valid_share_mode_entry(share_entry
)) {
710 fsp
= file_find_dif(share_entry
->id
,
711 share_entry
->share_file_id
);
713 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
714 share_mode_str(talloc_tos(), num
, share_entry
) ));
715 smb_panic("validate_my_share_entries: Cannot match a "
716 "share entry with an open file\n");
719 if (is_deferred_open_entry(share_entry
) ||
720 is_unused_share_mode_entry(share_entry
)) {
724 if ((share_entry
->op_type
== NO_OPLOCK
) &&
725 (fsp
->oplock_type
== FAKE_LEVEL_II_OPLOCK
)) {
726 /* Someone has already written to it, but I haven't yet
731 if (((uint16
)fsp
->oplock_type
) != share_entry
->op_type
) {
740 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
741 share_mode_str(talloc_tos(), num
, share_entry
) ));
742 str
= talloc_asprintf(talloc_tos(),
743 "validate_my_share_entries: "
744 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
745 fsp
->fsp_name
, (unsigned int)fsp
->oplock_type
,
746 (unsigned int)share_entry
->op_type
);
752 bool is_stat_open(uint32 access_mask
)
754 return (access_mask
&&
755 ((access_mask
& ~(SYNCHRONIZE_ACCESS
| FILE_READ_ATTRIBUTES
|
756 FILE_WRITE_ATTRIBUTES
))==0) &&
757 ((access_mask
& (SYNCHRONIZE_ACCESS
|FILE_READ_ATTRIBUTES
|
758 FILE_WRITE_ATTRIBUTES
)) != 0));
761 /****************************************************************************
762 Deal with share modes
763 Invarient: Share mode must be locked on entry and exit.
764 Returns -1 on error, or number of share modes on success (may be zero).
765 ****************************************************************************/
767 static NTSTATUS
open_mode_check(connection_struct
*conn
,
769 struct share_mode_lock
*lck
,
772 uint32 create_options
,
777 if(lck
->num_share_modes
== 0) {
781 *file_existed
= True
;
783 /* A delete on close prohibits everything */
785 if (lck
->delete_on_close
) {
786 return NT_STATUS_DELETE_PENDING
;
789 if (is_stat_open(access_mask
)) {
790 /* Stat open that doesn't trigger oplock breaks or share mode
791 * checks... ! JRA. */
796 * Check if the share modes will give us access.
799 #if defined(DEVELOPER)
800 for(i
= 0; i
< lck
->num_share_modes
; i
++) {
801 validate_my_share_entries(i
, &lck
->share_modes
[i
]);
805 if (!lp_share_modes(SNUM(conn
))) {
809 /* Now we check the share modes, after any oplock breaks. */
810 for(i
= 0; i
< lck
->num_share_modes
; i
++) {
812 if (!is_valid_share_mode_entry(&lck
->share_modes
[i
])) {
816 /* someone else has a share lock on it, check to see if we can
818 if (share_conflict(&lck
->share_modes
[i
],
819 access_mask
, share_access
)) {
820 return NT_STATUS_SHARING_VIOLATION
;
827 static bool is_delete_request(files_struct
*fsp
) {
828 return ((fsp
->access_mask
== DELETE_ACCESS
) &&
829 (fsp
->oplock_type
== NO_OPLOCK
));
833 * Send a break message to the oplock holder and delay the open for
837 static NTSTATUS
send_break_message(files_struct
*fsp
,
838 struct share_mode_entry
*exclusive
,
843 char msg
[MSG_SMB_SHARE_MODE_ENTRY_SIZE
];
845 DEBUG(10, ("Sending break request to PID %s\n",
846 procid_str_static(&exclusive
->pid
)));
847 exclusive
->op_mid
= mid
;
849 /* Create the message. */
850 share_mode_entry_to_message(msg
, exclusive
);
852 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
853 don't want this set in the share mode struct pointed to by lck. */
855 if (oplock_request
& FORCE_OPLOCK_BREAK_TO_NONE
) {
856 SSVAL(msg
,6,exclusive
->op_type
| FORCE_OPLOCK_BREAK_TO_NONE
);
859 status
= messaging_send_buf(smbd_messaging_context(), exclusive
->pid
,
860 MSG_SMB_BREAK_REQUEST
,
862 MSG_SMB_SHARE_MODE_ENTRY_SIZE
);
863 if (!NT_STATUS_IS_OK(status
)) {
864 DEBUG(3, ("Could not send oplock break message: %s\n",
872 * 1) No files open at all or internal open: Grant whatever the client wants.
874 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
875 * request, break if the oplock around is a batch oplock. If it's another
876 * requested access type, break.
878 * 3) Only level2 around: Grant level2 and do nothing else.
881 static bool delay_for_oplocks(struct share_mode_lock
*lck
,
888 struct share_mode_entry
*exclusive
= NULL
;
889 bool valid_entry
= false;
890 bool have_level2
= false;
891 bool have_a_none_oplock
= false;
892 bool allow_level2
= (global_client_caps
& CAP_LEVEL_II_OPLOCKS
) &&
893 lp_level2_oplocks(SNUM(fsp
->conn
));
895 if (oplock_request
& INTERNAL_OPEN_ONLY
) {
896 fsp
->oplock_type
= NO_OPLOCK
;
899 if ((oplock_request
& INTERNAL_OPEN_ONLY
) || is_stat_open(fsp
->access_mask
)) {
903 for (i
=0; i
<lck
->num_share_modes
; i
++) {
905 if (!is_valid_share_mode_entry(&lck
->share_modes
[i
])) {
909 /* At least one entry is not an invalid or deferred entry. */
912 if (pass_number
== 1) {
913 if (BATCH_OPLOCK_TYPE(lck
->share_modes
[i
].op_type
)) {
914 SMB_ASSERT(exclusive
== NULL
);
915 exclusive
= &lck
->share_modes
[i
];
918 if (EXCLUSIVE_OPLOCK_TYPE(lck
->share_modes
[i
].op_type
)) {
919 SMB_ASSERT(exclusive
== NULL
);
920 exclusive
= &lck
->share_modes
[i
];
924 if (LEVEL_II_OPLOCK_TYPE(lck
->share_modes
[i
].op_type
)) {
925 SMB_ASSERT(exclusive
== NULL
);
929 if (lck
->share_modes
[i
].op_type
== NO_OPLOCK
) {
930 have_a_none_oplock
= true;
934 if (exclusive
!= NULL
) { /* Found an exclusive oplock */
935 bool delay_it
= is_delete_request(fsp
) ?
936 BATCH_OPLOCK_TYPE(exclusive
->op_type
) : true;
937 SMB_ASSERT(!have_level2
);
939 send_break_message(fsp
, exclusive
, mid
, oplock_request
);
945 * Match what was requested (fsp->oplock_type) with
946 * what was found in the existing share modes.
950 /* All entries are placeholders or deferred.
951 * Directly grant whatever the client wants. */
952 if (fsp
->oplock_type
== NO_OPLOCK
) {
953 /* Store a level2 oplock, but don't tell the client */
954 fsp
->oplock_type
= FAKE_LEVEL_II_OPLOCK
;
956 } else if (have_a_none_oplock
) {
957 fsp
->oplock_type
= NO_OPLOCK
;
958 } else if (have_level2
) {
959 if (fsp
->oplock_type
== NO_OPLOCK
||
960 fsp
->oplock_type
== FAKE_LEVEL_II_OPLOCK
) {
961 /* Store a level2 oplock, but don't tell the client */
962 fsp
->oplock_type
= FAKE_LEVEL_II_OPLOCK
;
964 fsp
->oplock_type
= LEVEL_II_OPLOCK
;
967 /* This case can never happen. */
972 * Don't grant level2 to clients that don't want them
973 * or if we've turned them off.
975 if (fsp
->oplock_type
== LEVEL_II_OPLOCK
&& !allow_level2
) {
976 fsp
->oplock_type
= FAKE_LEVEL_II_OPLOCK
;
979 DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
980 fsp
->oplock_type
, fsp
->fsp_name
));
986 bool request_timed_out(struct timeval request_time
,
987 struct timeval timeout
)
989 struct timeval now
, end_time
;
991 end_time
= timeval_sum(&request_time
, &timeout
);
992 return (timeval_compare(&end_time
, &now
) < 0);
995 /****************************************************************************
996 Handle the 1 second delay in returning a SHARING_VIOLATION error.
997 ****************************************************************************/
999 static void defer_open(struct share_mode_lock
*lck
,
1000 struct timeval request_time
,
1001 struct timeval timeout
,
1002 struct smb_request
*req
,
1003 struct deferred_open_record
*state
)
1007 /* Paranoia check */
1009 for (i
=0; i
<lck
->num_share_modes
; i
++) {
1010 struct share_mode_entry
*e
= &lck
->share_modes
[i
];
1012 if (!is_deferred_open_entry(e
)) {
1016 if (procid_is_me(&e
->pid
) && (e
->op_mid
== req
->mid
)) {
1017 DEBUG(0, ("Trying to defer an already deferred "
1018 "request: mid=%d, exiting\n", req
->mid
));
1019 exit_server("attempt to defer a deferred request");
1023 /* End paranoia check */
1025 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1026 "open entry for mid %u\n",
1027 (unsigned int)request_time
.tv_sec
,
1028 (unsigned int)request_time
.tv_usec
,
1029 (unsigned int)req
->mid
));
1031 if (!push_deferred_smb_message(req
, request_time
, timeout
,
1032 (char *)state
, sizeof(*state
))) {
1033 exit_server("push_deferred_smb_message failed");
1035 add_deferred_open(lck
, req
->mid
, request_time
, state
->id
);
1039 /****************************************************************************
1040 On overwrite open ensure that the attributes match.
1041 ****************************************************************************/
1043 bool open_match_attributes(connection_struct
*conn
,
1045 uint32 old_dos_attr
,
1046 uint32 new_dos_attr
,
1047 mode_t existing_unx_mode
,
1048 mode_t new_unx_mode
,
1049 mode_t
*returned_unx_mode
)
1051 uint32 noarch_old_dos_attr
, noarch_new_dos_attr
;
1053 noarch_old_dos_attr
= (old_dos_attr
& ~FILE_ATTRIBUTE_ARCHIVE
);
1054 noarch_new_dos_attr
= (new_dos_attr
& ~FILE_ATTRIBUTE_ARCHIVE
);
1056 if((noarch_old_dos_attr
== 0 && noarch_new_dos_attr
!= 0) ||
1057 (noarch_old_dos_attr
!= 0 && ((noarch_old_dos_attr
& noarch_new_dos_attr
) == noarch_old_dos_attr
))) {
1058 *returned_unx_mode
= new_unx_mode
;
1060 *returned_unx_mode
= (mode_t
)0;
1063 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
1064 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1065 "returned_unx_mode = 0%o\n",
1067 (unsigned int)old_dos_attr
,
1068 (unsigned int)existing_unx_mode
,
1069 (unsigned int)new_dos_attr
,
1070 (unsigned int)*returned_unx_mode
));
1072 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1073 if (lp_map_system(SNUM(conn
)) || lp_store_dos_attributes(SNUM(conn
))) {
1074 if ((old_dos_attr
& FILE_ATTRIBUTE_SYSTEM
) &&
1075 !(new_dos_attr
& FILE_ATTRIBUTE_SYSTEM
)) {
1079 if (lp_map_hidden(SNUM(conn
)) || lp_store_dos_attributes(SNUM(conn
))) {
1080 if ((old_dos_attr
& FILE_ATTRIBUTE_HIDDEN
) &&
1081 !(new_dos_attr
& FILE_ATTRIBUTE_HIDDEN
)) {
1088 /****************************************************************************
1089 Special FCB or DOS processing in the case of a sharing violation.
1090 Try and find a duplicated file handle.
1091 ****************************************************************************/
1093 NTSTATUS
fcb_or_dos_open(struct smb_request
*req
,
1094 connection_struct
*conn
,
1095 files_struct
*fsp_to_dup_into
,
1101 uint32 share_access
,
1102 uint32 create_options
)
1106 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1107 "file %s.\n", fname
));
1109 for(fsp
= file_find_di_first(id
); fsp
;
1110 fsp
= file_find_di_next(fsp
)) {
1112 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1113 "vuid = %u, file_pid = %u, private_options = 0x%x "
1114 "access_mask = 0x%x\n", fsp
->fsp_name
,
1115 fsp
->fh
->fd
, (unsigned int)fsp
->vuid
,
1116 (unsigned int)fsp
->file_pid
,
1117 (unsigned int)fsp
->fh
->private_options
,
1118 (unsigned int)fsp
->access_mask
));
1120 if (fsp
->fh
->fd
!= -1 &&
1121 fsp
->vuid
== vuid
&&
1122 fsp
->file_pid
== file_pid
&&
1123 (fsp
->fh
->private_options
& (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
|
1124 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB
)) &&
1125 (fsp
->access_mask
& FILE_WRITE_DATA
) &&
1126 strequal(fsp
->fsp_name
, fname
)) {
1127 DEBUG(10,("fcb_or_dos_open: file match\n"));
1133 return NT_STATUS_NOT_FOUND
;
1136 /* quite an insane set of semantics ... */
1137 if (is_executable(fname
) &&
1138 (fsp
->fh
->private_options
& NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
)) {
1139 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1140 return NT_STATUS_INVALID_PARAMETER
;
1143 /* We need to duplicate this fsp. */
1144 dup_file_fsp(req
, fsp
, access_mask
, share_access
,
1145 create_options
, fsp_to_dup_into
);
1147 return NT_STATUS_OK
;
1150 /****************************************************************************
1151 Open a file with a share mode - old openX method - map into NTCreate.
1152 ****************************************************************************/
1154 bool map_open_params_to_ntcreate(const char *fname
, int deny_mode
, int open_func
,
1155 uint32
*paccess_mask
,
1156 uint32
*pshare_mode
,
1157 uint32
*pcreate_disposition
,
1158 uint32
*pcreate_options
)
1162 uint32 create_disposition
;
1163 uint32 create_options
= FILE_NON_DIRECTORY_FILE
;
1165 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1166 "open_func = 0x%x\n",
1167 fname
, (unsigned int)deny_mode
, (unsigned int)open_func
));
1169 /* Create the NT compatible access_mask. */
1170 switch (GET_OPENX_MODE(deny_mode
)) {
1171 case DOS_OPEN_EXEC
: /* Implies read-only - used to be FILE_READ_DATA */
1172 case DOS_OPEN_RDONLY
:
1173 access_mask
= FILE_GENERIC_READ
;
1175 case DOS_OPEN_WRONLY
:
1176 access_mask
= FILE_GENERIC_WRITE
;
1180 access_mask
= FILE_GENERIC_READ
|FILE_GENERIC_WRITE
;
1183 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1184 (unsigned int)GET_OPENX_MODE(deny_mode
)));
1188 /* Create the NT compatible create_disposition. */
1189 switch (open_func
) {
1190 case OPENX_FILE_EXISTS_FAIL
|OPENX_FILE_CREATE_IF_NOT_EXIST
:
1191 create_disposition
= FILE_CREATE
;
1194 case OPENX_FILE_EXISTS_OPEN
:
1195 create_disposition
= FILE_OPEN
;
1198 case OPENX_FILE_EXISTS_OPEN
|OPENX_FILE_CREATE_IF_NOT_EXIST
:
1199 create_disposition
= FILE_OPEN_IF
;
1202 case OPENX_FILE_EXISTS_TRUNCATE
:
1203 create_disposition
= FILE_OVERWRITE
;
1206 case OPENX_FILE_EXISTS_TRUNCATE
|OPENX_FILE_CREATE_IF_NOT_EXIST
:
1207 create_disposition
= FILE_OVERWRITE_IF
;
1211 /* From samba4 - to be confirmed. */
1212 if (GET_OPENX_MODE(deny_mode
) == DOS_OPEN_EXEC
) {
1213 create_disposition
= FILE_CREATE
;
1216 DEBUG(10,("map_open_params_to_ntcreate: bad "
1217 "open_func 0x%x\n", (unsigned int)open_func
));
1221 /* Create the NT compatible share modes. */
1222 switch (GET_DENY_MODE(deny_mode
)) {
1224 share_mode
= FILE_SHARE_NONE
;
1228 share_mode
= FILE_SHARE_READ
;
1232 share_mode
= FILE_SHARE_WRITE
;
1236 share_mode
= FILE_SHARE_READ
|FILE_SHARE_WRITE
;
1240 create_options
|= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
;
1241 if (is_executable(fname
)) {
1242 share_mode
= FILE_SHARE_READ
|FILE_SHARE_WRITE
;
1244 if (GET_OPENX_MODE(deny_mode
) == DOS_OPEN_RDONLY
) {
1245 share_mode
= FILE_SHARE_READ
;
1247 share_mode
= FILE_SHARE_NONE
;
1253 create_options
|= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB
;
1254 share_mode
= FILE_SHARE_NONE
;
1258 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1259 (unsigned int)GET_DENY_MODE(deny_mode
) ));
1263 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1264 "share_mode = 0x%x, create_disposition = 0x%x, "
1265 "create_options = 0x%x\n",
1267 (unsigned int)access_mask
,
1268 (unsigned int)share_mode
,
1269 (unsigned int)create_disposition
,
1270 (unsigned int)create_options
));
1273 *paccess_mask
= access_mask
;
1276 *pshare_mode
= share_mode
;
1278 if (pcreate_disposition
) {
1279 *pcreate_disposition
= create_disposition
;
1281 if (pcreate_options
) {
1282 *pcreate_options
= create_options
;
1289 static void schedule_defer_open(struct share_mode_lock
*lck
,
1290 struct timeval request_time
,
1291 struct smb_request
*req
)
1293 struct deferred_open_record state
;
1295 /* This is a relative time, added to the absolute
1296 request_time value to get the absolute timeout time.
1297 Note that if this is the second or greater time we enter
1298 this codepath for this particular request mid then
1299 request_time is left as the absolute time of the *first*
1300 time this request mid was processed. This is what allows
1301 the request to eventually time out. */
1303 struct timeval timeout
;
1305 /* Normally the smbd we asked should respond within
1306 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1307 * the client did, give twice the timeout as a safety
1308 * measure here in case the other smbd is stuck
1309 * somewhere else. */
1311 timeout
= timeval_set(OPLOCK_BREAK_TIMEOUT
*2, 0);
1313 /* Nothing actually uses state.delayed_for_oplocks
1314 but it's handy to differentiate in debug messages
1315 between a 30 second delay due to oplock break, and
1316 a 1 second delay for share mode conflicts. */
1318 state
.delayed_for_oplocks
= True
;
1321 if (!request_timed_out(request_time
, timeout
)) {
1322 defer_open(lck
, request_time
, timeout
, req
, &state
);
1326 /****************************************************************************
1327 Work out what access_mask to use from what the client sent us.
1328 ****************************************************************************/
1330 static NTSTATUS
calculate_access_mask(connection_struct
*conn
,
1333 uint32_t access_mask
,
1334 uint32_t *access_mask_out
)
1339 * Convert GENERIC bits to specific bits.
1342 se_map_generic(&access_mask
, &file_generic_mapping
);
1344 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1345 if (access_mask
& MAXIMUM_ALLOWED_ACCESS
) {
1348 struct security_descriptor
*sd
;
1349 uint32_t access_granted
= 0;
1351 status
= SMB_VFS_GET_NT_ACL(conn
, fname
,
1352 (OWNER_SECURITY_INFORMATION
|
1353 GROUP_SECURITY_INFORMATION
|
1354 DACL_SECURITY_INFORMATION
),&sd
);
1356 if (!NT_STATUS_IS_OK(status
)) {
1357 DEBUG(10, ("calculate_access_mask: Could not get acl "
1360 nt_errstr(status
)));
1361 return NT_STATUS_ACCESS_DENIED
;
1364 status
= smb1_file_se_access_check(sd
,
1365 conn
->server_info
->ptok
,
1371 if (!NT_STATUS_IS_OK(status
)) {
1372 DEBUG(10, ("calculate_access_mask: Access denied on "
1373 "file %s: when calculating maximum access\n",
1375 return NT_STATUS_ACCESS_DENIED
;
1378 access_mask
= access_granted
;
1380 access_mask
= FILE_GENERIC_ALL
;
1384 *access_mask_out
= access_mask
;
1385 return NT_STATUS_OK
;
1388 /****************************************************************************
1389 Open a file with a share mode. Passed in an already created files_struct *.
1390 ****************************************************************************/
1392 static NTSTATUS
open_file_ntcreate(connection_struct
*conn
,
1393 struct smb_request
*req
,
1395 SMB_STRUCT_STAT
*psbuf
,
1396 uint32 access_mask
, /* access bits (FILE_READ_DATA etc.) */
1397 uint32 share_access
, /* share constants (FILE_SHARE_READ etc) */
1398 uint32 create_disposition
, /* FILE_OPEN_IF etc. */
1399 uint32 create_options
, /* options such as delete on close. */
1400 uint32 new_dos_attributes
, /* attributes used for new file. */
1401 int oplock_request
, /* internal Samba oplock codes. */
1402 /* Information (FILE_EXISTS etc.) */
1408 bool file_existed
= VALID_STAT(*psbuf
);
1409 bool def_acl
= False
;
1410 bool posix_open
= False
;
1411 bool new_file_created
= False
;
1412 bool clear_ads
= false;
1414 NTSTATUS fsp_open
= NT_STATUS_ACCESS_DENIED
;
1415 mode_t new_unx_mode
= (mode_t
)0;
1416 mode_t unx_mode
= (mode_t
)0;
1418 uint32 existing_dos_attributes
= 0;
1419 struct pending_message_list
*pml
= NULL
;
1420 struct timeval request_time
= timeval_zero();
1421 struct share_mode_lock
*lck
= NULL
;
1422 uint32 open_access_mask
= access_mask
;
1426 const char *newname
;
1430 if (conn
->printer
) {
1432 * Printers are handled completely differently.
1433 * Most of the passed parameters are ignored.
1437 *pinfo
= FILE_WAS_CREATED
;
1440 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname
));
1442 return print_fsp_open(req
, conn
, fname
, req
->vuid
, fsp
, psbuf
);
1445 if (!parent_dirname(talloc_tos(), fname
, &parent_dir
, &newname
)) {
1446 return NT_STATUS_NO_MEMORY
;
1449 if (new_dos_attributes
& FILE_FLAG_POSIX_SEMANTICS
) {
1451 unx_mode
= (mode_t
)(new_dos_attributes
& ~FILE_FLAG_POSIX_SEMANTICS
);
1452 new_dos_attributes
= 0;
1454 /* We add aARCH to this as this mode is only used if the file is
1456 unx_mode
= unix_mode(conn
, new_dos_attributes
| aARCH
, fname
,
1460 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1461 "access_mask=0x%x share_access=0x%x "
1462 "create_disposition = 0x%x create_options=0x%x "
1463 "unix mode=0%o oplock_request=%d\n",
1464 fname
, new_dos_attributes
, access_mask
, share_access
,
1465 create_disposition
, create_options
, (unsigned int)unx_mode
,
1468 if ((req
== NULL
) && ((oplock_request
& INTERNAL_OPEN_ONLY
) == 0)) {
1469 DEBUG(0, ("No smb request but not an internal only open!\n"));
1470 return NT_STATUS_INTERNAL_ERROR
;
1474 * Only non-internal opens can be deferred at all
1478 && ((pml
= get_open_deferred_message(req
->mid
)) != NULL
)) {
1479 struct deferred_open_record
*state
=
1480 (struct deferred_open_record
*)pml
->private_data
.data
;
1482 /* Remember the absolute time of the original
1483 request with this mid. We'll use it later to
1484 see if this has timed out. */
1486 request_time
= pml
->request_time
;
1488 /* Remove the deferred open entry under lock. */
1489 lck
= get_share_mode_lock(talloc_tos(), state
->id
, NULL
, NULL
,
1492 DEBUG(0, ("could not get share mode lock\n"));
1494 del_deferred_open_entry(lck
, req
->mid
);
1498 /* Ensure we don't reprocess this message. */
1499 remove_deferred_open_smb_message(req
->mid
);
1502 status
= check_name(conn
, fname
);
1503 if (!NT_STATUS_IS_OK(status
)) {
1508 new_dos_attributes
&= SAMBA_ATTRIBUTES_MASK
;
1510 existing_dos_attributes
= dos_mode(conn
, fname
, psbuf
);
1514 /* ignore any oplock requests if oplocks are disabled */
1515 if (!lp_oplocks(SNUM(conn
)) || global_client_failed_oplock_break
||
1516 IS_VETO_OPLOCK_PATH(conn
, fname
)) {
1517 /* Mask off everything except the private Samba bits. */
1518 oplock_request
&= SAMBA_PRIVATE_OPLOCK_MASK
;
1521 /* this is for OS/2 long file names - say we don't support them */
1522 if (!lp_posix_pathnames() && strstr(fname
,".+,;=[].")) {
1523 /* OS/2 Workplace shell fix may be main code stream in a later
1525 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1527 if (use_nt_status()) {
1528 return NT_STATUS_OBJECT_NAME_NOT_FOUND
;
1530 return NT_STATUS_DOS(ERRDOS
, ERRcannotopen
);
1533 switch( create_disposition
) {
1535 * Currently we're using FILE_SUPERSEDE as the same as
1536 * FILE_OVERWRITE_IF but they really are
1537 * different. FILE_SUPERSEDE deletes an existing file
1538 * (requiring delete access) then recreates it.
1540 case FILE_SUPERSEDE
:
1541 /* If file exists replace/overwrite. If file doesn't
1543 flags2
|= (O_CREAT
| O_TRUNC
);
1547 case FILE_OVERWRITE_IF
:
1548 /* If file exists replace/overwrite. If file doesn't
1550 flags2
|= (O_CREAT
| O_TRUNC
);
1555 /* If file exists open. If file doesn't exist error. */
1556 if (!file_existed
) {
1557 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1558 "requested for file %s and file "
1559 "doesn't exist.\n", fname
));
1561 return NT_STATUS_OBJECT_NAME_NOT_FOUND
;
1565 case FILE_OVERWRITE
:
1566 /* If file exists overwrite. If file doesn't exist
1568 if (!file_existed
) {
1569 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1570 "requested for file %s and file "
1571 "doesn't exist.\n", fname
));
1573 return NT_STATUS_OBJECT_NAME_NOT_FOUND
;
1580 /* If file exists error. If file doesn't exist
1583 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1584 "requested for file %s and file "
1585 "already exists.\n", fname
));
1586 if (S_ISDIR(psbuf
->st_ex_mode
)) {
1591 return map_nt_error_from_unix(errno
);
1593 flags2
|= (O_CREAT
|O_EXCL
);
1597 /* If file exists open. If file doesn't exist
1603 return NT_STATUS_INVALID_PARAMETER
;
1606 /* We only care about matching attributes on file exists and
1609 if (!posix_open
&& file_existed
&& ((create_disposition
== FILE_OVERWRITE
) ||
1610 (create_disposition
== FILE_OVERWRITE_IF
))) {
1611 if (!open_match_attributes(conn
, fname
,
1612 existing_dos_attributes
,
1613 new_dos_attributes
, psbuf
->st_ex_mode
,
1614 unx_mode
, &new_unx_mode
)) {
1615 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1616 "for file %s (%x %x) (0%o, 0%o)\n",
1617 fname
, existing_dos_attributes
,
1619 (unsigned int)psbuf
->st_ex_mode
,
1620 (unsigned int)unx_mode
));
1622 return NT_STATUS_ACCESS_DENIED
;
1626 status
= calculate_access_mask(conn
, fname
, file_existed
,
1629 if (!NT_STATUS_IS_OK(status
)) {
1630 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1631 "on file %s returned %s\n",
1633 nt_errstr(status
)));
1637 open_access_mask
= access_mask
;
1639 if ((flags2
& O_TRUNC
) || (oplock_request
& FORCE_OPLOCK_BREAK_TO_NONE
)) {
1640 open_access_mask
|= FILE_WRITE_DATA
; /* This will cause oplock breaks. */
1643 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1644 "access_mask=0x%x\n", fname
, access_mask
));
1647 * Note that we ignore the append flag as append does not
1648 * mean the same thing under DOS and Unix.
1651 if ((access_mask
& (FILE_WRITE_DATA
| FILE_APPEND_DATA
)) ||
1652 (oplock_request
& FORCE_OPLOCK_BREAK_TO_NONE
)) {
1653 /* DENY_DOS opens are always underlying read-write on the
1654 file handle, no matter what the requested access mask
1656 if ((create_options
& NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
) ||
1657 access_mask
& (FILE_READ_ATTRIBUTES
|FILE_READ_DATA
|FILE_READ_EA
|FILE_EXECUTE
)) {
1667 * Currently we only look at FILE_WRITE_THROUGH for create options.
1671 if ((create_options
& FILE_WRITE_THROUGH
) && lp_strict_sync(SNUM(conn
))) {
1676 if (posix_open
&& (access_mask
& FILE_APPEND_DATA
)) {
1680 if (!posix_open
&& !CAN_WRITE(conn
)) {
1682 * We should really return a permission denied error if either
1683 * O_CREAT or O_TRUNC are set, but for compatibility with
1684 * older versions of Samba we just AND them out.
1686 flags2
&= ~(O_CREAT
|O_TRUNC
);
1690 * Ensure we can't write on a read-only share or file.
1693 if (flags
!= O_RDONLY
&& file_existed
&&
1694 (!CAN_WRITE(conn
) || IS_DOS_READONLY(existing_dos_attributes
))) {
1695 DEBUG(5,("open_file_ntcreate: write access requested for "
1696 "file %s on read only %s\n",
1697 fname
, !CAN_WRITE(conn
) ? "share" : "file" ));
1699 return NT_STATUS_ACCESS_DENIED
;
1702 fsp
->file_id
= vfs_file_id_from_sbuf(conn
, psbuf
);
1703 fsp
->share_access
= share_access
;
1704 fsp
->fh
->private_options
= create_options
;
1705 fsp
->access_mask
= open_access_mask
; /* We change this to the
1706 * requested access_mask after
1707 * the open is done. */
1708 fsp
->posix_open
= posix_open
;
1710 /* Ensure no SAMBA_PRIVATE bits can be set. */
1711 fsp
->oplock_type
= (oplock_request
& ~SAMBA_PRIVATE_OPLOCK_MASK
);
1713 if (timeval_is_zero(&request_time
)) {
1714 request_time
= fsp
->open_time
;
1718 struct timespec old_write_time
= psbuf
->st_ex_mtime
;
1719 id
= vfs_file_id_from_sbuf(conn
, psbuf
);
1721 lck
= get_share_mode_lock(talloc_tos(), id
,
1723 fname
, &old_write_time
);
1726 DEBUG(0, ("Could not get share mode lock\n"));
1727 return NT_STATUS_SHARING_VIOLATION
;
1730 /* First pass - send break only on batch oplocks. */
1732 && delay_for_oplocks(lck
, fsp
, req
->mid
, 1,
1734 schedule_defer_open(lck
, request_time
, req
);
1736 return NT_STATUS_SHARING_VIOLATION
;
1739 /* Use the client requested access mask here, not the one we
1741 status
= open_mode_check(conn
, fname
, lck
,
1742 access_mask
, share_access
,
1743 create_options
, &file_existed
);
1745 if (NT_STATUS_IS_OK(status
)) {
1746 /* We might be going to allow this open. Check oplock
1748 /* Second pass - send break for both batch or
1749 * exclusive oplocks. */
1751 && delay_for_oplocks(lck
, fsp
, req
->mid
, 2,
1753 schedule_defer_open(lck
, request_time
, req
);
1755 return NT_STATUS_SHARING_VIOLATION
;
1759 if (NT_STATUS_EQUAL(status
, NT_STATUS_DELETE_PENDING
)) {
1760 /* DELETE_PENDING is not deferred for a second */
1765 if (!NT_STATUS_IS_OK(status
)) {
1766 uint32 can_access_mask
;
1767 bool can_access
= True
;
1769 SMB_ASSERT(NT_STATUS_EQUAL(status
, NT_STATUS_SHARING_VIOLATION
));
1771 /* Check if this can be done with the deny_dos and fcb
1773 if (create_options
&
1774 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS
|
1775 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB
)) {
1777 DEBUG(0, ("DOS open without an SMB "
1780 return NT_STATUS_INTERNAL_ERROR
;
1783 /* Use the client requested access mask here,
1784 * not the one we open with. */
1785 status
= fcb_or_dos_open(req
,
1796 if (NT_STATUS_IS_OK(status
)) {
1799 *pinfo
= FILE_WAS_OPENED
;
1801 return NT_STATUS_OK
;
1806 * This next line is a subtlety we need for
1807 * MS-Access. If a file open will fail due to share
1808 * permissions and also for security (access) reasons,
1809 * we need to return the access failed error, not the
1810 * share error. We can't open the file due to kernel
1811 * oplock deadlock (it's possible we failed above on
1812 * the open_mode_check()) so use a userspace check.
1815 if (flags
& O_RDWR
) {
1816 can_access_mask
= FILE_READ_DATA
|FILE_WRITE_DATA
;
1817 } else if (flags
& O_WRONLY
) {
1818 can_access_mask
= FILE_WRITE_DATA
;
1820 can_access_mask
= FILE_READ_DATA
;
1823 if (((can_access_mask
& FILE_WRITE_DATA
) && !CAN_WRITE(conn
)) ||
1824 !can_access_file_data(conn
,fname
,psbuf
,can_access_mask
)) {
1829 * If we're returning a share violation, ensure we
1830 * cope with the braindead 1 second delay.
1833 if (!(oplock_request
& INTERNAL_OPEN_ONLY
) &&
1834 lp_defer_sharing_violations()) {
1835 struct timeval timeout
;
1836 struct deferred_open_record state
;
1839 /* this is a hack to speed up torture tests
1841 timeout_usecs
= lp_parm_int(SNUM(conn
),
1842 "smbd","sharedelay",
1843 SHARING_VIOLATION_USEC_WAIT
);
1845 /* This is a relative time, added to the absolute
1846 request_time value to get the absolute timeout time.
1847 Note that if this is the second or greater time we enter
1848 this codepath for this particular request mid then
1849 request_time is left as the absolute time of the *first*
1850 time this request mid was processed. This is what allows
1851 the request to eventually time out. */
1853 timeout
= timeval_set(0, timeout_usecs
);
1855 /* Nothing actually uses state.delayed_for_oplocks
1856 but it's handy to differentiate in debug messages
1857 between a 30 second delay due to oplock break, and
1858 a 1 second delay for share mode conflicts. */
1860 state
.delayed_for_oplocks
= False
;
1864 && !request_timed_out(request_time
,
1866 defer_open(lck
, request_time
, timeout
,
1874 * We have detected a sharing violation here
1875 * so return the correct error code
1877 status
= NT_STATUS_SHARING_VIOLATION
;
1879 status
= NT_STATUS_ACCESS_DENIED
;
1885 * We exit this block with the share entry *locked*.....
1889 SMB_ASSERT(!file_existed
|| (lck
!= NULL
));
1892 * Ensure we pay attention to default ACLs on directories if required.
1895 if ((flags2
& O_CREAT
) && lp_inherit_acls(SNUM(conn
)) &&
1896 (def_acl
= directory_has_default_acl(conn
, parent_dir
))) {
1900 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1901 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1902 (unsigned int)flags
, (unsigned int)flags2
,
1903 (unsigned int)unx_mode
, (unsigned int)access_mask
,
1904 (unsigned int)open_access_mask
));
1907 * open_file strips any O_TRUNC flags itself.
1910 fsp_open
= open_file(fsp
, conn
, req
, parent_dir
, newname
, fname
, psbuf
,
1911 flags
|flags2
, unx_mode
, access_mask
,
1914 if (!NT_STATUS_IS_OK(fsp_open
)) {
1921 if (!file_existed
) {
1922 struct timespec old_write_time
= psbuf
->st_ex_mtime
;
1924 * Deal with the race condition where two smbd's detect the
1925 * file doesn't exist and do the create at the same time. One
1926 * of them will win and set a share mode, the other (ie. this
1927 * one) should check if the requested share mode for this
1928 * create is allowed.
1932 * Now the file exists and fsp is successfully opened,
1933 * fsp->dev and fsp->inode are valid and should replace the
1934 * dev=0,inode=0 from a non existent file. Spotted by
1935 * Nadav Danieli <nadavd@exanet.com>. JRA.
1940 lck
= get_share_mode_lock(talloc_tos(), id
,
1942 fname
, &old_write_time
);
1945 DEBUG(0, ("open_file_ntcreate: Could not get share "
1946 "mode lock for %s\n", fname
));
1948 return NT_STATUS_SHARING_VIOLATION
;
1951 /* First pass - send break only on batch oplocks. */
1953 && delay_for_oplocks(lck
, fsp
, req
->mid
, 1,
1955 schedule_defer_open(lck
, request_time
, req
);
1958 return NT_STATUS_SHARING_VIOLATION
;
1961 status
= open_mode_check(conn
, fname
, lck
,
1962 access_mask
, share_access
,
1963 create_options
, &file_existed
);
1965 if (NT_STATUS_IS_OK(status
)) {
1966 /* We might be going to allow this open. Check oplock
1968 /* Second pass - send break for both batch or
1969 * exclusive oplocks. */
1971 && delay_for_oplocks(lck
, fsp
, req
->mid
, 2,
1973 schedule_defer_open(lck
, request_time
, req
);
1976 return NT_STATUS_SHARING_VIOLATION
;
1980 if (!NT_STATUS_IS_OK(status
)) {
1981 struct deferred_open_record state
;
1985 state
.delayed_for_oplocks
= False
;
1988 /* Do it all over again immediately. In the second
1989 * round we will find that the file existed and handle
1990 * the DELETE_PENDING and FCB cases correctly. No need
1991 * to duplicate the code here. Essentially this is a
1992 * "goto top of this function", but don't tell
1996 defer_open(lck
, request_time
, timeval_zero(),
2004 * We exit this block with the share entry *locked*.....
2009 SMB_ASSERT(lck
!= NULL
);
2011 /* Delete streams if create_disposition requires it */
2012 if (file_existed
&& clear_ads
&& !is_ntfs_stream_name(fname
)) {
2013 status
= delete_all_streams(conn
, fname
);
2014 if (!NT_STATUS_IS_OK(status
)) {
2021 /* note that we ignore failure for the following. It is
2022 basically a hack for NFS, and NFS will never set one of
2023 these only read them. Nobody but Samba can ever set a deny
2024 mode and we have already checked our more authoritative
2025 locking database for permission to set this deny mode. If
2026 the kernel refuses the operations then the kernel is wrong.
2027 note that GPFS supports it as well - jmcd */
2029 if (fsp
->fh
->fd
!= -1) {
2030 ret_flock
= SMB_VFS_KERNEL_FLOCK(fsp
, share_access
);
2031 if(ret_flock
== -1 ){
2036 return NT_STATUS_SHARING_VIOLATION
;
2041 * At this point onwards, we can guarentee that the share entry
2042 * is locked, whether we created the file or not, and that the
2043 * deny mode is compatible with all current opens.
2047 * If requested, truncate the file.
2050 if (flags2
&O_TRUNC
) {
2052 * We are modifing the file after open - update the stat
2055 if ((SMB_VFS_FTRUNCATE(fsp
, 0) == -1) ||
2056 (SMB_VFS_FSTAT(fsp
, psbuf
)==-1)) {
2057 status
= map_nt_error_from_unix(errno
);
2064 /* Record the options we were opened with. */
2065 fsp
->share_access
= share_access
;
2066 fsp
->fh
->private_options
= create_options
;
2068 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2070 fsp
->access_mask
= access_mask
| FILE_READ_ATTRIBUTES
;
2073 /* stat opens on existing files don't get oplocks. */
2074 if (is_stat_open(open_access_mask
)) {
2075 fsp
->oplock_type
= NO_OPLOCK
;
2078 if (!(flags2
& O_TRUNC
)) {
2079 info
= FILE_WAS_OPENED
;
2081 info
= FILE_WAS_OVERWRITTEN
;
2084 info
= FILE_WAS_CREATED
;
2092 * Setup the oplock info in both the shared memory and
2096 if (!set_file_oplock(fsp
, fsp
->oplock_type
)) {
2097 /* Could not get the kernel oplock */
2098 fsp
->oplock_type
= NO_OPLOCK
;
2101 if (info
== FILE_WAS_OVERWRITTEN
|| info
== FILE_WAS_CREATED
|| info
== FILE_WAS_SUPERSEDED
) {
2102 new_file_created
= True
;
2105 set_share_mode(lck
, fsp
, conn
->server_info
->utok
.uid
, 0,
2108 /* Handle strange delete on close create semantics. */
2109 if (create_options
& FILE_DELETE_ON_CLOSE
) {
2111 status
= can_set_delete_on_close(fsp
, True
, new_dos_attributes
);
2113 if (!NT_STATUS_IS_OK(status
)) {
2114 /* Remember to delete the mode we just added. */
2115 del_share_mode(lck
, fsp
);
2120 /* Note that here we set the *inital* delete on close flag,
2121 not the regular one. The magic gets handled in close. */
2122 fsp
->initial_delete_on_close
= True
;
2125 if (new_file_created
) {
2126 /* Files should be initially set as archive */
2127 if (lp_map_archive(SNUM(conn
)) ||
2128 lp_store_dos_attributes(SNUM(conn
))) {
2130 SMB_STRUCT_STAT tmp_sbuf
;
2131 SET_STAT_INVALID(tmp_sbuf
);
2132 if (file_set_dosmode(
2134 new_dos_attributes
| aARCH
,
2135 &tmp_sbuf
, parent_dir
,
2137 unx_mode
= tmp_sbuf
.st_ex_mode
;
2144 * Take care of inherited ACLs on created files - if default ACL not
2148 if (!posix_open
&& !file_existed
&& !def_acl
) {
2150 int saved_errno
= errno
; /* We might get ENOSYS in the next
2153 if (SMB_VFS_FCHMOD_ACL(fsp
, unx_mode
) == -1 &&
2155 errno
= saved_errno
; /* Ignore ENOSYS */
2158 } else if (new_unx_mode
) {
2162 /* Attributes need changing. File already existed. */
2165 int saved_errno
= errno
; /* We might get ENOSYS in the
2167 ret
= SMB_VFS_FCHMOD_ACL(fsp
, new_unx_mode
);
2169 if (ret
== -1 && errno
== ENOSYS
) {
2170 errno
= saved_errno
; /* Ignore ENOSYS */
2172 DEBUG(5, ("open_file_ntcreate: reset "
2173 "attributes of file %s to 0%o\n",
2174 fname
, (unsigned int)new_unx_mode
));
2175 ret
= 0; /* Don't do the fchmod below. */
2180 (SMB_VFS_FCHMOD(fsp
, new_unx_mode
) == -1))
2181 DEBUG(5, ("open_file_ntcreate: failed to reset "
2182 "attributes of file %s to 0%o\n",
2183 fname
, (unsigned int)new_unx_mode
));
2186 /* If this is a successful open, we must remove any deferred open
2189 del_deferred_open_entry(lck
, req
->mid
);
2193 return NT_STATUS_OK
;
2197 /****************************************************************************
2198 Open a file for for write to ensure that we can fchmod it.
2199 ****************************************************************************/
2201 NTSTATUS
open_file_fchmod(struct smb_request
*req
, connection_struct
*conn
,
2203 SMB_STRUCT_STAT
*psbuf
, files_struct
**result
)
2205 files_struct
*fsp
= NULL
;
2208 if (!VALID_STAT(*psbuf
)) {
2209 return NT_STATUS_INVALID_PARAMETER
;
2212 status
= file_new(req
, conn
, &fsp
);
2213 if(!NT_STATUS_IS_OK(status
)) {
2217 status
= SMB_VFS_CREATE_FILE(
2220 0, /* root_dir_fid */
2222 0, /* create_file_flags */
2223 FILE_WRITE_DATA
, /* access_mask */
2224 (FILE_SHARE_READ
| FILE_SHARE_WRITE
| /* share_access */
2226 FILE_OPEN
, /* create_disposition*/
2227 0, /* create_options */
2228 0, /* file_attributes */
2229 0, /* oplock_request */
2230 0, /* allocation_size */
2238 * This is not a user visible file open.
2239 * Don't set a share mode.
2242 if (!NT_STATUS_IS_OK(status
)) {
2243 file_free(req
, fsp
);
2248 return NT_STATUS_OK
;
2251 /****************************************************************************
2252 Close the fchmod file fd - ensure no locks are lost.
2253 ****************************************************************************/
2255 NTSTATUS
close_file_fchmod(struct smb_request
*req
, files_struct
*fsp
)
2257 NTSTATUS status
= fd_close(fsp
);
2258 file_free(req
, fsp
);
2262 static NTSTATUS
mkdir_internal(connection_struct
*conn
,
2264 uint32 file_attributes
,
2265 SMB_STRUCT_STAT
*psbuf
)
2269 const char *dirname
;
2271 bool posix_open
= false;
2273 if(!CAN_WRITE(conn
)) {
2274 DEBUG(5,("mkdir_internal: failing create on read-only share "
2275 "%s\n", lp_servicename(SNUM(conn
))));
2276 return NT_STATUS_ACCESS_DENIED
;
2279 status
= check_name(conn
, name
);
2280 if (!NT_STATUS_IS_OK(status
)) {
2284 if (!parent_dirname(talloc_tos(), name
, &parent_dir
, &dirname
)) {
2285 return NT_STATUS_NO_MEMORY
;
2288 if (file_attributes
& FILE_FLAG_POSIX_SEMANTICS
) {
2290 mode
= (mode_t
)(file_attributes
& ~FILE_FLAG_POSIX_SEMANTICS
);
2292 mode
= unix_mode(conn
, aDIR
, name
, parent_dir
);
2295 if (SMB_VFS_MKDIR(conn
, name
, mode
) != 0) {
2296 return map_nt_error_from_unix(errno
);
2299 /* Ensure we're checking for a symlink here.... */
2300 /* We don't want to get caught by a symlink racer. */
2302 if (SMB_VFS_LSTAT(conn
, name
, psbuf
) == -1) {
2303 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2304 name
, strerror(errno
)));
2305 return map_nt_error_from_unix(errno
);
2308 if (!S_ISDIR(psbuf
->st_ex_mode
)) {
2309 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2311 return NT_STATUS_ACCESS_DENIED
;
2314 if (lp_store_dos_attributes(SNUM(conn
))) {
2316 file_set_dosmode(conn
, name
,
2317 file_attributes
| aDIR
, NULL
,
2323 if (lp_inherit_perms(SNUM(conn
))) {
2324 inherit_access_posix_acl(conn
, parent_dir
, name
, mode
);
2327 if (!(file_attributes
& FILE_FLAG_POSIX_SEMANTICS
)) {
2329 * Check if high bits should have been set,
2330 * then (if bits are missing): add them.
2331 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2334 if (mode
& ~(S_IRWXU
|S_IRWXG
|S_IRWXO
) && (mode
& ~psbuf
->st_ex_mode
)) {
2335 SMB_VFS_CHMOD(conn
, name
,
2336 psbuf
->st_ex_mode
| (mode
& ~psbuf
->st_ex_mode
));
2340 /* Change the owner if required. */
2341 if (lp_inherit_owner(SNUM(conn
))) {
2342 change_dir_owner_to_parent(conn
, parent_dir
, name
, psbuf
);
2345 notify_fname(conn
, NOTIFY_ACTION_ADDED
, FILE_NOTIFY_CHANGE_DIR_NAME
,
2348 return NT_STATUS_OK
;
2351 /****************************************************************************
2352 Open a directory from an NT SMB call.
2353 ****************************************************************************/
2355 static NTSTATUS
open_directory(connection_struct
*conn
,
2356 struct smb_request
*req
,
2358 SMB_STRUCT_STAT
*psbuf
,
2360 uint32 share_access
,
2361 uint32 create_disposition
,
2362 uint32 create_options
,
2363 uint32 file_attributes
,
2365 files_struct
**result
)
2367 files_struct
*fsp
= NULL
;
2368 bool dir_existed
= VALID_STAT(*psbuf
) ? True
: False
;
2369 struct share_mode_lock
*lck
= NULL
;
2371 struct timespec mtimespec
;
2374 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2375 "share_access = 0x%x create_options = 0x%x, "
2376 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2378 (unsigned int)access_mask
,
2379 (unsigned int)share_access
,
2380 (unsigned int)create_options
,
2381 (unsigned int)create_disposition
,
2382 (unsigned int)file_attributes
));
2384 if (!(file_attributes
& FILE_FLAG_POSIX_SEMANTICS
) &&
2385 (conn
->fs_capabilities
& FILE_NAMED_STREAMS
) &&
2386 is_ntfs_stream_name(fname
)) {
2387 DEBUG(2, ("open_directory: %s is a stream name!\n", fname
));
2388 return NT_STATUS_NOT_A_DIRECTORY
;
2391 status
= calculate_access_mask(conn
, fname
, dir_existed
,
2394 if (!NT_STATUS_IS_OK(status
)) {
2395 DEBUG(10, ("open_directory: calculate_access_mask "
2396 "on file %s returned %s\n",
2398 nt_errstr(status
)));
2402 /* We need to support SeSecurityPrivilege for this. */
2403 if (access_mask
& SEC_FLAG_SYSTEM_SECURITY
) {
2404 DEBUG(10, ("open_directory: open on %s "
2405 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2407 return NT_STATUS_PRIVILEGE_NOT_HELD
;
2410 switch( create_disposition
) {
2413 info
= FILE_WAS_OPENED
;
2416 * We want to follow symlinks here.
2419 if (SMB_VFS_STAT(conn
, fname
, psbuf
) != 0) {
2420 return map_nt_error_from_unix(errno
);
2427 /* If directory exists error. If directory doesn't
2430 status
= mkdir_internal(conn
,
2435 if (!NT_STATUS_IS_OK(status
)) {
2436 DEBUG(2, ("open_directory: unable to create "
2437 "%s. Error was %s\n", fname
,
2438 nt_errstr(status
)));
2442 info
= FILE_WAS_CREATED
;
2447 * If directory exists open. If directory doesn't
2451 status
= mkdir_internal(conn
,
2456 if (NT_STATUS_IS_OK(status
)) {
2457 info
= FILE_WAS_CREATED
;
2460 if (NT_STATUS_EQUAL(status
,
2461 NT_STATUS_OBJECT_NAME_COLLISION
)) {
2462 info
= FILE_WAS_OPENED
;
2463 status
= NT_STATUS_OK
;
2468 case FILE_SUPERSEDE
:
2469 case FILE_OVERWRITE
:
2470 case FILE_OVERWRITE_IF
:
2472 DEBUG(5,("open_directory: invalid create_disposition "
2473 "0x%x for directory %s\n",
2474 (unsigned int)create_disposition
, fname
));
2475 return NT_STATUS_INVALID_PARAMETER
;
2478 if(!S_ISDIR(psbuf
->st_ex_mode
)) {
2479 DEBUG(5,("open_directory: %s is not a directory !\n",
2481 return NT_STATUS_NOT_A_DIRECTORY
;
2484 if (info
== FILE_WAS_OPENED
) {
2485 uint32_t access_granted
= 0;
2486 status
= check_open_rights(conn
,
2491 /* Were we trying to do a directory open
2492 * for delete and didn't get DELETE
2493 * access (only) ? Check if the
2494 * directory allows DELETE_CHILD.
2496 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2499 if ((NT_STATUS_EQUAL(status
, NT_STATUS_ACCESS_DENIED
) &&
2500 (access_mask
& DELETE_ACCESS
) &&
2501 (access_granted
== DELETE_ACCESS
) &&
2502 can_delete_file_in_directory(conn
, fname
))) {
2503 DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2504 "on directory %s\n",
2506 status
= NT_STATUS_OK
;
2509 if (!NT_STATUS_IS_OK(status
)) {
2510 DEBUG(10, ("open_directory: check_open_rights on "
2511 "file %s failed with %s\n",
2513 nt_errstr(status
)));
2518 status
= file_new(req
, conn
, &fsp
);
2519 if(!NT_STATUS_IS_OK(status
)) {
2524 * Setup the files_struct for it.
2527 fsp
->mode
= psbuf
->st_ex_mode
;
2528 fsp
->file_id
= vfs_file_id_from_sbuf(conn
, psbuf
);
2529 fsp
->vuid
= req
? req
->vuid
: UID_FIELD_INVALID
;
2530 fsp
->file_pid
= req
? req
->smbpid
: 0;
2531 fsp
->can_lock
= False
;
2532 fsp
->can_read
= False
;
2533 fsp
->can_write
= False
;
2535 fsp
->share_access
= share_access
;
2536 fsp
->fh
->private_options
= create_options
;
2538 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2540 fsp
->access_mask
= access_mask
| FILE_READ_ATTRIBUTES
;
2541 fsp
->print_file
= False
;
2542 fsp
->modified
= False
;
2543 fsp
->oplock_type
= NO_OPLOCK
;
2544 fsp
->sent_oplock_break
= NO_BREAK_SENT
;
2545 fsp
->is_directory
= True
;
2546 fsp
->posix_open
= (file_attributes
& FILE_FLAG_POSIX_SEMANTICS
) ? True
: False
;
2548 string_set(&fsp
->fsp_name
,fname
);
2550 mtimespec
= psbuf
->st_ex_mtime
;
2552 lck
= get_share_mode_lock(talloc_tos(), fsp
->file_id
,
2557 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname
));
2558 file_free(req
, fsp
);
2559 return NT_STATUS_SHARING_VIOLATION
;
2562 status
= open_mode_check(conn
, fname
, lck
,
2563 access_mask
, share_access
,
2564 create_options
, &dir_existed
);
2566 if (!NT_STATUS_IS_OK(status
)) {
2568 file_free(req
, fsp
);
2572 set_share_mode(lck
, fsp
, conn
->server_info
->utok
.uid
, 0, NO_OPLOCK
);
2574 /* For directories the delete on close bit at open time seems
2575 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2576 if (create_options
& FILE_DELETE_ON_CLOSE
) {
2577 status
= can_set_delete_on_close(fsp
, True
, 0);
2578 if (!NT_STATUS_IS_OK(status
) && !NT_STATUS_EQUAL(status
, NT_STATUS_DIRECTORY_NOT_EMPTY
)) {
2580 file_free(req
, fsp
);
2584 if (NT_STATUS_IS_OK(status
)) {
2585 /* Note that here we set the *inital* delete on close flag,
2586 not the regular one. The magic gets handled in close. */
2587 fsp
->initial_delete_on_close
= True
;
2598 return NT_STATUS_OK
;
2601 NTSTATUS
create_directory(connection_struct
*conn
, struct smb_request
*req
, const char *directory
)
2604 SMB_STRUCT_STAT sbuf
;
2607 SET_STAT_INVALID(sbuf
);
2609 status
= SMB_VFS_CREATE_FILE(
2612 0, /* root_dir_fid */
2613 directory
, /* fname */
2614 0, /* create_file_flags */
2615 FILE_READ_ATTRIBUTES
, /* access_mask */
2616 FILE_SHARE_NONE
, /* share_access */
2617 FILE_CREATE
, /* create_disposition*/
2618 FILE_DIRECTORY_FILE
, /* create_options */
2619 FILE_ATTRIBUTE_DIRECTORY
, /* file_attributes */
2620 0, /* oplock_request */
2621 0, /* allocation_size */
2628 if (NT_STATUS_IS_OK(status
)) {
2629 close_file(req
, fsp
, NORMAL_CLOSE
);
2635 /****************************************************************************
2636 Receive notification that one of our open files has been renamed by another
2638 ****************************************************************************/
2640 void msg_file_was_renamed(struct messaging_context
*msg
,
2643 struct server_id server_id
,
2647 char *frm
= (char *)data
->data
;
2649 const char *sharepath
;
2650 const char *newname
;
2653 if (data
->data
== NULL
2654 || data
->length
< MSG_FILE_RENAMED_MIN_SIZE
+ 2) {
2655 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2656 (int)data
->length
));
2660 /* Unpack the message. */
2661 pull_file_id_24(frm
, &id
);
2662 sharepath
= &frm
[24];
2663 newname
= sharepath
+ strlen(sharepath
) + 1;
2664 sp_len
= strlen(sharepath
);
2666 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2668 sharepath
, newname
, file_id_string_tos(&id
)));
2670 for(fsp
= file_find_di_first(id
); fsp
; fsp
= file_find_di_next(fsp
)) {
2671 if (memcmp(fsp
->conn
->connectpath
, sharepath
, sp_len
) == 0) {
2672 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2673 fsp
->fnum
, fsp
->fsp_name
, newname
));
2674 string_set(&fsp
->fsp_name
, newname
);
2677 /* Now we have the complete path we can work out if this is
2678 actually within this share and adjust newname accordingly. */
2679 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2680 "not sharepath %s) "
2681 "fnum %d from %s -> %s\n",
2682 fsp
->conn
->connectpath
,
2691 struct case_semantics_state
{
2692 connection_struct
*conn
;
2693 bool case_sensitive
;
2695 bool short_case_preserve
;
2698 /****************************************************************************
2699 Restore case semantics.
2700 ****************************************************************************/
2701 static int restore_case_semantics(struct case_semantics_state
*state
)
2703 state
->conn
->case_sensitive
= state
->case_sensitive
;
2704 state
->conn
->case_preserve
= state
->case_preserve
;
2705 state
->conn
->short_case_preserve
= state
->short_case_preserve
;
2709 /****************************************************************************
2710 Save case semantics.
2711 ****************************************************************************/
2712 struct case_semantics_state
*set_posix_case_semantics(TALLOC_CTX
*mem_ctx
,
2713 connection_struct
*conn
)
2715 struct case_semantics_state
*result
;
2717 if (!(result
= talloc(mem_ctx
, struct case_semantics_state
))) {
2718 DEBUG(0, ("talloc failed\n"));
2722 result
->conn
= conn
;
2723 result
->case_sensitive
= conn
->case_sensitive
;
2724 result
->case_preserve
= conn
->case_preserve
;
2725 result
->short_case_preserve
= conn
->short_case_preserve
;
2728 conn
->case_sensitive
= True
;
2729 conn
->case_preserve
= True
;
2730 conn
->short_case_preserve
= True
;
2732 talloc_set_destructor(result
, restore_case_semantics
);
2738 * If a main file is opened for delete, all streams need to be checked for
2739 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2740 * If that works, delete them all by setting the delete on close and close.
2743 NTSTATUS
open_streams_for_delete(connection_struct
*conn
,
2746 struct stream_struct
*stream_info
;
2747 files_struct
**streams
;
2749 unsigned int num_streams
;
2750 TALLOC_CTX
*frame
= talloc_stackframe();
2753 status
= SMB_VFS_STREAMINFO(conn
, NULL
, fname
, talloc_tos(),
2754 &num_streams
, &stream_info
);
2756 if (NT_STATUS_EQUAL(status
, NT_STATUS_NOT_IMPLEMENTED
)
2757 || NT_STATUS_EQUAL(status
, NT_STATUS_OBJECT_NAME_NOT_FOUND
)) {
2758 DEBUG(10, ("no streams around\n"));
2760 return NT_STATUS_OK
;
2763 if (!NT_STATUS_IS_OK(status
)) {
2764 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2765 nt_errstr(status
)));
2769 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2772 if (num_streams
== 0) {
2774 return NT_STATUS_OK
;
2777 streams
= TALLOC_ARRAY(talloc_tos(), files_struct
*, num_streams
);
2778 if (streams
== NULL
) {
2779 DEBUG(0, ("talloc failed\n"));
2780 status
= NT_STATUS_NO_MEMORY
;
2784 for (i
=0; i
<num_streams
; i
++) {
2787 if (strequal(stream_info
[i
].name
, "::$DATA")) {
2792 streamname
= talloc_asprintf(talloc_tos(), "%s%s", fname
,
2793 stream_info
[i
].name
);
2795 if (streamname
== NULL
) {
2796 DEBUG(0, ("talloc_aprintf failed\n"));
2797 status
= NT_STATUS_NO_MEMORY
;
2801 status
= SMB_VFS_CREATE_FILE(
2804 0, /* root_dir_fid */
2805 streamname
, /* fname */
2806 0, /* create_file_flags */
2807 DELETE_ACCESS
, /* access_mask */
2808 (FILE_SHARE_READ
| /* share_access */
2809 FILE_SHARE_WRITE
| FILE_SHARE_DELETE
),
2810 FILE_OPEN
, /* create_disposition*/
2811 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE
, /* create_options */
2812 FILE_ATTRIBUTE_NORMAL
, /* file_attributes */
2813 0, /* oplock_request */
2814 0, /* allocation_size */
2817 &streams
[i
], /* result */
2821 TALLOC_FREE(streamname
);
2823 if (!NT_STATUS_IS_OK(status
)) {
2824 DEBUG(10, ("Could not open stream %s: %s\n",
2825 streamname
, nt_errstr(status
)));
2831 * don't touch the variable "status" beyond this point :-)
2834 for (i
-= 1 ; i
>= 0; i
--) {
2835 if (streams
[i
] == NULL
) {
2839 DEBUG(10, ("Closing stream # %d, %s\n", i
,
2840 streams
[i
]->fsp_name
));
2841 close_file(NULL
, streams
[i
], NORMAL_CLOSE
);
2850 * Wrapper around open_file_ntcreate and open_directory
2853 static NTSTATUS
create_file_unixpath(connection_struct
*conn
,
2854 struct smb_request
*req
,
2856 uint32_t access_mask
,
2857 uint32_t share_access
,
2858 uint32_t create_disposition
,
2859 uint32_t create_options
,
2860 uint32_t file_attributes
,
2861 uint32_t oplock_request
,
2862 uint64_t allocation_size
,
2863 struct security_descriptor
*sd
,
2864 struct ea_list
*ea_list
,
2866 files_struct
**result
,
2868 SMB_STRUCT_STAT
*psbuf
)
2870 SMB_STRUCT_STAT sbuf
;
2871 int info
= FILE_WAS_OPENED
;
2872 files_struct
*base_fsp
= NULL
;
2873 files_struct
*fsp
= NULL
;
2876 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2877 "file_attributes = 0x%x, share_access = 0x%x, "
2878 "create_disposition = 0x%x create_options = 0x%x "
2879 "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, "
2881 (unsigned int)access_mask
,
2882 (unsigned int)file_attributes
,
2883 (unsigned int)share_access
,
2884 (unsigned int)create_disposition
,
2885 (unsigned int)create_options
,
2886 (unsigned int)oplock_request
,
2887 ea_list
, sd
, fname
));
2889 if (create_options
& FILE_OPEN_BY_FILE_ID
) {
2890 status
= NT_STATUS_NOT_SUPPORTED
;
2894 if (create_options
& NTCREATEX_OPTIONS_INVALID_PARAM_MASK
) {
2895 status
= NT_STATUS_INVALID_PARAMETER
;
2900 oplock_request
|= INTERNAL_OPEN_ONLY
;
2903 if (psbuf
!= NULL
) {
2907 if (SMB_VFS_STAT(conn
, fname
, &sbuf
) == -1) {
2908 SET_STAT_INVALID(sbuf
);
2912 if ((conn
->fs_capabilities
& FILE_NAMED_STREAMS
)
2913 && (access_mask
& DELETE_ACCESS
)
2914 && !is_ntfs_stream_name(fname
)) {
2916 * We can't open a file with DELETE access if any of the
2917 * streams is open without FILE_SHARE_DELETE
2919 status
= open_streams_for_delete(conn
, fname
);
2921 if (!NT_STATUS_IS_OK(status
)) {
2926 /* This is the correct thing to do (check every time) but can_delete
2927 * is expensive (it may have to read the parent directory
2928 * permissions). So for now we're not doing it unless we have a strong
2929 * hint the client is really going to delete this file. If the client
2930 * is forcing FILE_CREATE let the filesystem take care of the
2933 /* Setting FILE_SHARE_DELETE is the hint. */
2935 if (lp_acl_check_permissions(SNUM(conn
))
2936 && (create_disposition
!= FILE_CREATE
)
2937 && (share_access
& FILE_SHARE_DELETE
)
2938 && (access_mask
& DELETE_ACCESS
)
2939 && (!(can_delete_file_in_directory(conn
, fname
) ||
2940 can_access_file_acl(conn
, fname
, DELETE_ACCESS
)))) {
2941 status
= NT_STATUS_ACCESS_DENIED
;
2942 DEBUG(10,("create_file_unixpath: open file %s "
2943 "for delete ACCESS_DENIED\n", fname
));
2948 /* We need to support SeSecurityPrivilege for this. */
2949 if ((access_mask
& SEC_FLAG_SYSTEM_SECURITY
) &&
2950 !user_has_privileges(current_user
.nt_user_token
,
2952 status
= NT_STATUS_PRIVILEGE_NOT_HELD
;
2956 /* We need to support SeSecurityPrivilege for this. */
2957 if (access_mask
& SEC_FLAG_SYSTEM_SECURITY
) {
2958 status
= NT_STATUS_PRIVILEGE_NOT_HELD
;
2961 /* Don't allow a SACL set from an NTtrans create until we
2962 * support SeSecurityPrivilege. */
2963 if (!VALID_STAT(sbuf
) &&
2964 lp_nt_acl_support(SNUM(conn
)) &&
2965 sd
&& (sd
->sacl
!= NULL
)) {
2966 status
= NT_STATUS_PRIVILEGE_NOT_HELD
;
2971 if ((conn
->fs_capabilities
& FILE_NAMED_STREAMS
)
2972 && is_ntfs_stream_name(fname
)
2973 && (!(create_options
& NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE
))) {
2975 uint32 base_create_disposition
;
2977 if (create_options
& FILE_DIRECTORY_FILE
) {
2978 status
= NT_STATUS_NOT_A_DIRECTORY
;
2982 status
= split_ntfs_stream_name(talloc_tos(), fname
,
2984 if (!NT_STATUS_IS_OK(status
)) {
2985 DEBUG(10, ("create_file_unixpath: "
2986 "split_ntfs_stream_name failed: %s\n",
2987 nt_errstr(status
)));
2991 SMB_ASSERT(!is_ntfs_stream_name(base
)); /* paranoia.. */
2993 switch (create_disposition
) {
2995 base_create_disposition
= FILE_OPEN
;
2998 base_create_disposition
= FILE_OPEN_IF
;
3002 status
= create_file_unixpath(conn
, NULL
, base
, 0,
3005 | FILE_SHARE_DELETE
,
3006 base_create_disposition
,
3007 0, 0, 0, 0, NULL
, NULL
,
3008 &base_fsp
, NULL
, NULL
);
3009 if (!NT_STATUS_IS_OK(status
)) {
3010 DEBUG(10, ("create_file_unixpath for base %s failed: "
3011 "%s\n", base
, nt_errstr(status
)));
3014 /* we don't need to low level fd */
3019 * If it's a request for a directory open, deal with it separately.
3022 if (create_options
& FILE_DIRECTORY_FILE
) {
3024 if (create_options
& FILE_NON_DIRECTORY_FILE
) {
3025 status
= NT_STATUS_INVALID_PARAMETER
;
3029 /* Can't open a temp directory. IFS kit test. */
3030 if (!(file_attributes
& FILE_FLAG_POSIX_SEMANTICS
) &&
3031 (file_attributes
& FILE_ATTRIBUTE_TEMPORARY
)) {
3032 status
= NT_STATUS_INVALID_PARAMETER
;
3037 * We will get a create directory here if the Win32
3038 * app specified a security descriptor in the
3039 * CreateDirectory() call.
3043 status
= open_directory(
3044 conn
, req
, fname
, &sbuf
, access_mask
, share_access
,
3045 create_disposition
, create_options
, file_attributes
,
3050 * Ordinary file case.
3053 status
= file_new(req
, conn
, &fsp
);
3054 if(!NT_STATUS_IS_OK(status
)) {
3059 * We're opening the stream element of a base_fsp
3060 * we already opened. Set up the base_fsp pointer.
3063 fsp
->base_fsp
= base_fsp
;
3066 status
= open_file_ntcreate(conn
,
3079 if(!NT_STATUS_IS_OK(status
)) {
3080 file_free(req
, fsp
);
3084 if (NT_STATUS_EQUAL(status
, NT_STATUS_FILE_IS_A_DIRECTORY
)) {
3086 /* A stream open never opens a directory */
3089 status
= NT_STATUS_FILE_IS_A_DIRECTORY
;
3094 * Fail the open if it was explicitly a non-directory
3098 if (create_options
& FILE_NON_DIRECTORY_FILE
) {
3099 status
= NT_STATUS_FILE_IS_A_DIRECTORY
;
3104 status
= open_directory(
3105 conn
, req
, fname
, &sbuf
, access_mask
,
3106 share_access
, create_disposition
,
3107 create_options
, file_attributes
,
3112 if (!NT_STATUS_IS_OK(status
)) {
3116 fsp
->base_fsp
= base_fsp
;
3119 * According to the MS documentation, the only time the security
3120 * descriptor is applied to the opened file is iff we *created* the
3121 * file; an existing file stays the same.
3123 * Also, it seems (from observation) that you can open the file with
3124 * any access mask but you can still write the sd. We need to override
3125 * the granted access before we call set_sd
3126 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3129 if ((sd
!= NULL
) && (info
== FILE_WAS_CREATED
)
3130 && lp_nt_acl_support(SNUM(conn
))) {
3132 uint32_t sec_info_sent
;
3133 uint32_t saved_access_mask
= fsp
->access_mask
;
3135 sec_info_sent
= get_sec_info(sd
);
3137 fsp
->access_mask
= FILE_GENERIC_ALL
;
3139 /* Convert all the generic bits. */
3140 security_acl_map_generic(sd
->dacl
, &file_generic_mapping
);
3141 security_acl_map_generic(sd
->sacl
, &file_generic_mapping
);
3143 if (sec_info_sent
& (OWNER_SECURITY_INFORMATION
|
3144 GROUP_SECURITY_INFORMATION
|
3145 DACL_SECURITY_INFORMATION
|
3146 SACL_SECURITY_INFORMATION
)) {
3147 status
= SMB_VFS_FSET_NT_ACL(fsp
, sec_info_sent
, sd
);
3150 fsp
->access_mask
= saved_access_mask
;
3152 if (!NT_STATUS_IS_OK(status
)) {
3157 if ((ea_list
!= NULL
) && (info
== FILE_WAS_CREATED
)) {
3158 status
= set_ea(conn
, fsp
, fname
, ea_list
);
3159 if (!NT_STATUS_IS_OK(status
)) {
3164 if (!fsp
->is_directory
&& S_ISDIR(sbuf
.st_ex_mode
)) {
3165 status
= NT_STATUS_ACCESS_DENIED
;
3169 /* Save the requested allocation size. */
3170 if ((info
== FILE_WAS_CREATED
) || (info
== FILE_WAS_OVERWRITTEN
)) {
3172 && (allocation_size
> sbuf
.st_ex_size
)) {
3173 fsp
->initial_allocation_size
= smb_roundup(
3174 fsp
->conn
, allocation_size
);
3175 if (fsp
->is_directory
) {
3176 /* Can't set allocation size on a directory. */
3177 status
= NT_STATUS_ACCESS_DENIED
;
3180 if (vfs_allocate_file_space(
3181 fsp
, fsp
->initial_allocation_size
) == -1) {
3182 status
= NT_STATUS_DISK_FULL
;
3186 fsp
->initial_allocation_size
= smb_roundup(
3187 fsp
->conn
, (uint64_t)sbuf
.st_ex_size
);
3191 DEBUG(10, ("create_file_unixpath: info=%d\n", info
));
3194 if (pinfo
!= NULL
) {
3197 if (psbuf
!= NULL
) {
3198 if ((fsp
->fh
== NULL
) || (fsp
->fh
->fd
== -1)) {
3202 SMB_VFS_FSTAT(fsp
, psbuf
);
3205 return NT_STATUS_OK
;
3208 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status
)));
3211 if (base_fsp
&& fsp
->base_fsp
== base_fsp
) {
3213 * The close_file below will close
3218 close_file(req
, fsp
, ERROR_CLOSE
);
3221 if (base_fsp
!= NULL
) {
3222 close_file(req
, base_fsp
, ERROR_CLOSE
);
3229 * Calculate the full path name given a relative fid.
3231 NTSTATUS
get_relative_fid_filename(connection_struct
*conn
,
3232 struct smb_request
*req
,
3233 uint16_t root_dir_fid
,
3234 const char *fname
, char **new_fname
)
3236 files_struct
*dir_fsp
;
3237 char *parent_fname
= NULL
;
3239 if (root_dir_fid
== 0 || !fname
|| !new_fname
) {
3240 return NT_STATUS_INTERNAL_ERROR
;
3243 dir_fsp
= file_fsp(req
, root_dir_fid
);
3245 if (dir_fsp
== NULL
) {
3246 return NT_STATUS_INVALID_HANDLE
;
3249 if (!dir_fsp
->is_directory
) {
3252 * Check to see if this is a mac fork of some kind.
3255 if ((conn
->fs_capabilities
& FILE_NAMED_STREAMS
) &&
3256 is_ntfs_stream_name(fname
)) {
3257 return NT_STATUS_OBJECT_PATH_NOT_FOUND
;
3261 we need to handle the case when we get a
3262 relative open relative to a file and the
3263 pathname is blank - this is a reopen!
3264 (hint from demyn plantenberg)
3267 return NT_STATUS_INVALID_HANDLE
;
3270 if (ISDOT(dir_fsp
->fsp_name
)) {
3272 * We're at the toplevel dir, the final file name
3273 * must not contain ./, as this is filtered out
3274 * normally by srvstr_get_path and unix_convert
3275 * explicitly rejects paths containing ./.
3277 parent_fname
= talloc_strdup(talloc_tos(), "");
3278 if (parent_fname
== NULL
) {
3279 return NT_STATUS_NO_MEMORY
;
3282 size_t dir_name_len
= strlen(dir_fsp
->fsp_name
);
3285 * Copy in the base directory name.
3288 parent_fname
= TALLOC_ARRAY(talloc_tos(), char,
3290 if (parent_fname
== NULL
) {
3291 return NT_STATUS_NO_MEMORY
;
3293 memcpy(parent_fname
, dir_fsp
->fsp_name
,
3297 * Ensure it ends in a '/'.
3298 * We used TALLOC_SIZE +2 to add space for the '/'.
3302 && (parent_fname
[dir_name_len
-1] != '\\')
3303 && (parent_fname
[dir_name_len
-1] != '/')) {
3304 parent_fname
[dir_name_len
] = '/';
3305 parent_fname
[dir_name_len
+1] = '\0';
3309 *new_fname
= talloc_asprintf(talloc_tos(), "%s%s", parent_fname
,
3311 if (*new_fname
== NULL
) {
3312 return NT_STATUS_NO_MEMORY
;
3315 return NT_STATUS_OK
;
3318 NTSTATUS
create_file_default(connection_struct
*conn
,
3319 struct smb_request
*req
,
3320 uint16_t root_dir_fid
,
3322 uint32_t create_file_flags
,
3323 uint32_t access_mask
,
3324 uint32_t share_access
,
3325 uint32_t create_disposition
,
3326 uint32_t create_options
,
3327 uint32_t file_attributes
,
3328 uint32_t oplock_request
,
3329 uint64_t allocation_size
,
3330 struct security_descriptor
*sd
,
3331 struct ea_list
*ea_list
,
3333 files_struct
**result
,
3335 SMB_STRUCT_STAT
*psbuf
)
3337 struct case_semantics_state
*case_state
= NULL
;
3338 SMB_STRUCT_STAT sbuf
;
3339 int info
= FILE_WAS_OPENED
;
3340 files_struct
*fsp
= NULL
;
3343 DEBUG(10,("create_file: access_mask = 0x%x "
3344 "file_attributes = 0x%x, share_access = 0x%x, "
3345 "create_disposition = 0x%x create_options = 0x%x "
3346 "oplock_request = 0x%x "
3347 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3348 "create_file_flags = 0x%x, fname = %s\n",
3349 (unsigned int)access_mask
,
3350 (unsigned int)file_attributes
,
3351 (unsigned int)share_access
,
3352 (unsigned int)create_disposition
,
3353 (unsigned int)create_options
,
3354 (unsigned int)oplock_request
,
3355 (unsigned int)root_dir_fid
,
3356 ea_list
, sd
, create_file_flags
, fname
));
3358 /* MSDFS pathname processing must be done FIRST.
3359 MSDFS pathnames containing IPv6 addresses can
3360 be confused with NTFS stream names (they contain
3361 ":" characters. JRA. */
3363 if ((req
!= NULL
) && (req
->flags2
& FLAGS2_DFS_PATHNAMES
)) {
3364 char *resolved_fname
;
3366 status
= resolve_dfspath(talloc_tos(), conn
, true, fname
,
3369 if (!NT_STATUS_IS_OK(status
)) {
3371 * For PATH_NOT_COVERED we had
3372 * reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
3373 * ERRSRV, ERRbadpath);
3374 * Need to fix in callers
3378 fname
= resolved_fname
;
3382 * Calculate the filename from the root_dir_if if necessary.
3385 if (root_dir_fid
!= 0) {
3388 status
= get_relative_fid_filename(conn
, req
, root_dir_fid
,
3390 if (!NT_STATUS_IS_OK(status
)) {
3398 * Check to see if this is a mac fork of some kind.
3401 if (is_ntfs_stream_name(fname
)) {
3402 enum FAKE_FILE_TYPE fake_file_type
;
3404 fake_file_type
= is_fake_file(fname
);
3406 if (fake_file_type
!= FAKE_FILE_TYPE_NONE
) {
3409 * Here we go! support for changing the disk quotas
3412 * We need to fake up to open this MAGIC QUOTA file
3413 * and return a valid FID.
3415 * w2k close this file directly after openening xp
3416 * also tries a QUERY_FILE_INFO on the file and then
3419 status
= open_fake_file(req
, conn
, req
->vuid
,
3420 fake_file_type
, fname
,
3422 if (!NT_STATUS_IS_OK(status
)) {
3430 if (!(conn
->fs_capabilities
& FILE_NAMED_STREAMS
)) {
3431 status
= NT_STATUS_OBJECT_PATH_NOT_FOUND
;
3437 * Check if POSIX semantics are wanted.
3440 if (file_attributes
& FILE_FLAG_POSIX_SEMANTICS
) {
3441 case_state
= set_posix_case_semantics(talloc_tos(), conn
);
3444 if (create_file_flags
& CFF_DOS_PATH
) {
3445 struct smb_filename
*smb_fname
= NULL
;
3446 char *converted_fname
;
3448 SET_STAT_INVALID(sbuf
);
3450 status
= unix_convert(talloc_tos(), conn
, fname
, &smb_fname
,
3452 if (!NT_STATUS_IS_OK(status
)) {
3456 status
= get_full_smb_filename(talloc_tos(), smb_fname
,
3458 if (!NT_STATUS_IS_OK(status
)) {
3459 TALLOC_FREE(smb_fname
);
3463 sbuf
= smb_fname
->st
;
3464 fname
= converted_fname
;
3465 TALLOC_FREE(smb_fname
);
3467 if (psbuf
!= NULL
) {
3470 if (SMB_VFS_STAT(conn
, fname
, &sbuf
) == -1) {
3471 SET_STAT_INVALID(sbuf
);
3477 TALLOC_FREE(case_state
);
3479 /* All file access must go through check_name() */
3481 status
= check_name(conn
, fname
);
3482 if (!NT_STATUS_IS_OK(status
)) {
3486 status
= create_file_unixpath(
3487 conn
, req
, fname
, access_mask
, share_access
,
3488 create_disposition
, create_options
, file_attributes
,
3489 oplock_request
, allocation_size
, sd
, ea_list
,
3490 &fsp
, &info
, &sbuf
);
3492 if (!NT_STATUS_IS_OK(status
)) {
3497 DEBUG(10, ("create_file: info=%d\n", info
));
3500 if (pinfo
!= NULL
) {
3503 if (psbuf
!= NULL
) {
3506 return NT_STATUS_OK
;
3509 DEBUG(10, ("create_file: %s\n", nt_errstr(status
)));
3512 close_file(req
, fsp
, ERROR_CLOSE
);