root/source3/smbd/open.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. smb1_file_se_access_check
  2. check_open_rights
  3. fd_open
  4. fd_close
  5. change_file_owner_to_parent
  6. change_dir_owner_to_parent
  7. open_file
  8. is_executable
  9. share_conflict
  10. validate_my_share_entries
  11. is_stat_open
  12. open_mode_check
  13. is_delete_request
  14. send_break_message
  15. delay_for_oplocks
  16. request_timed_out
  17. defer_open
  18. open_match_attributes
  19. fcb_or_dos_open
  20. map_open_params_to_ntcreate
  21. schedule_defer_open
  22. calculate_access_mask
  23. open_file_ntcreate
  24. open_file_fchmod
  25. close_file_fchmod
  26. mkdir_internal
  27. open_directory
  28. create_directory
  29. msg_file_was_renamed
  30. restore_case_semantics
  31. set_posix_case_semantics
  32. open_streams_for_delete
  33. create_file_unixpath
  34. get_relative_fid_filename
  35. create_file_default

   1 /* 
   2    Unix SMB/CIFS implementation.
   3    file opening and share modes
   4    Copyright (C) Andrew Tridgell 1992-1998
   5    Copyright (C) Jeremy Allison 2001-2004
   6    Copyright (C) Volker Lendecke 2005
   7    
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 3 of the License, or
  11    (at your option) any later version.
  12    
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17    
  18    You should have received a copy of the GNU General Public License
  19    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  20 */
  21 
  22 #include "includes.h"
  23 #include "smbd/globals.h"
  24 
  25 extern const struct generic_mapping file_generic_mapping;
  26 
  27 struct deferred_open_record {
  28         bool delayed_for_oplocks;
  29         struct file_id id;
  30 };
  31 
  32 static NTSTATUS create_file_unixpath(connection_struct *conn,
  33                                      struct smb_request *req,
  34                                      const char *fname,
  35                                      uint32_t access_mask,
  36                                      uint32_t share_access,
  37                                      uint32_t create_disposition,
  38                                      uint32_t create_options,
  39                                      uint32_t file_attributes,
  40                                      uint32_t oplock_request,
  41                                      uint64_t allocation_size,
  42                                      struct security_descriptor *sd,
  43                                      struct ea_list *ea_list,
  44 
  45                                      files_struct **result,
  46                                      int *pinfo,
  47                                      SMB_STRUCT_STAT *psbuf);
  48 
  49 /****************************************************************************
  50  SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
  51 ****************************************************************************/
  52 
  53 NTSTATUS smb1_file_se_access_check(const struct security_descriptor *sd,
     /* [<][>][^][v][top][bottom][index][help] */
  54                           const NT_USER_TOKEN *token,
  55                           uint32_t access_desired,
  56                           uint32_t *access_granted)
  57 {
  58         return se_access_check(sd,
  59                                 token,
  60                                 (access_desired & ~FILE_READ_ATTRIBUTES),
  61                                 access_granted);
  62 }
  63 
  64 /****************************************************************************
  65  Check if we have open rights.
  66 ****************************************************************************/
  67 
  68 static NTSTATUS check_open_rights(struct connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
  69                                 const char *fname,
  70                                 uint32_t access_mask,
  71                                 uint32_t *access_granted)
  72 {
  73         /* Check if we have rights to open. */
  74         NTSTATUS status;
  75         struct security_descriptor *sd;
  76 
  77         *access_granted = 0;
  78 
  79         if (conn->server_info->utok.uid == 0 || conn->admin_user) {
  80                 /* I'm sorry sir, I didn't know you were root... */
  81                 *access_granted = access_mask;
  82                 if (access_mask & SEC_FLAG_MAXIMUM_ALLOWED) {
  83                         *access_granted |= FILE_GENERIC_ALL;
  84                 }
  85                 return NT_STATUS_OK;
  86         }
  87 
  88         status = SMB_VFS_GET_NT_ACL(conn, fname,
  89                         (OWNER_SECURITY_INFORMATION |
  90                         GROUP_SECURITY_INFORMATION |
  91                         DACL_SECURITY_INFORMATION),&sd);
  92 
  93         if (!NT_STATUS_IS_OK(status)) {
  94                 DEBUG(10, ("check_open_rights: Could not get acl "
  95                         "on %s: %s\n",
  96                         fname,
  97                         nt_errstr(status)));
  98                 return status;
  99         }
 100 
 101         status = smb1_file_se_access_check(sd,
 102                                 conn->server_info->ptok,
 103                                 access_mask,
 104                                 access_granted);
 105 
 106         TALLOC_FREE(sd);
 107 
 108         DEBUG(10,("check_open_rights: file %s requesting "
 109                 "0x%x returning 0x%x (%s)\n",
 110                 fname,
 111                 (unsigned int)access_mask,
 112                 (unsigned int)*access_granted,
 113                 nt_errstr(status) ));
 114 
 115         return status;
 116 }
 117 
 118 /****************************************************************************
 119  fd support routines - attempt to do a dos_open.
 120 ****************************************************************************/
 121 
 122 static NTSTATUS fd_open(struct connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
 123                     const char *fname, 
 124                     files_struct *fsp,
 125                     int flags,
 126                     mode_t mode)
 127 {
 128         NTSTATUS status = NT_STATUS_OK;
 129 
 130 #ifdef O_NOFOLLOW
 131         /* 
 132          * Never follow symlinks on a POSIX client. The
 133          * client should be doing this.
 134          */
 135 
 136         if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
 137                 flags |= O_NOFOLLOW;
 138         }
 139 #endif
 140 
 141         fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
 142         if (fsp->fh->fd == -1) {
 143                 status = map_nt_error_from_unix(errno);
 144                 if (errno == EMFILE) {
 145                         static time_t last_warned = 0L;
 146 
 147                         if (time((time_t *) NULL) > last_warned) {
 148                                 DEBUG(0,("Too many open files, unable "
 149                                         "to open more!  smbd's max "
 150                                         "open files = %d\n",
 151                                         lp_max_open_files()));
 152                                 last_warned = time((time_t *) NULL);
 153                         }
 154                 }
 155 
 156         }
 157 
 158         DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
 159                     fname, flags, (int)mode, fsp->fh->fd,
 160                 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
 161 
 162         return status;
 163 }
 164 
 165 /****************************************************************************
 166  Close the file associated with a fsp.
 167 ****************************************************************************/
 168 
 169 NTSTATUS fd_close(files_struct *fsp)
     /* [<][>][^][v][top][bottom][index][help] */
 170 {
 171         int ret;
 172 
 173         if (fsp->fh->fd == -1) {
 174                 return NT_STATUS_OK; /* What we used to call a stat open. */
 175         }
 176         if (fsp->fh->ref_count > 1) {
 177                 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
 178         }
 179 
 180         ret = SMB_VFS_CLOSE(fsp);
 181         fsp->fh->fd = -1;
 182         if (ret == -1) {
 183                 return map_nt_error_from_unix(errno);
 184         }
 185         return NT_STATUS_OK;
 186 }
 187 
 188 /****************************************************************************
 189  Change the ownership of a file to that of the parent directory.
 190  Do this by fd if possible.
 191 ****************************************************************************/
 192 
 193 void change_file_owner_to_parent(connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
 194                                         const char *inherit_from_dir,
 195                                         files_struct *fsp)
 196 {
 197         SMB_STRUCT_STAT parent_st;
 198         int ret;
 199 
 200         ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
 201         if (ret == -1) {
 202                 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
 203                          "directory %s. Error was %s\n",
 204                          inherit_from_dir, strerror(errno) ));
 205                 return;
 206         }
 207 
 208         become_root();
 209         ret = SMB_VFS_FCHOWN(fsp, parent_st.st_uid, (gid_t)-1);
 210         unbecome_root();
 211         if (ret == -1) {
 212                 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
 213                          "file %s to parent directory uid %u. Error "
 214                          "was %s\n", fsp->fsp_name,
 215                          (unsigned int)parent_st.st_uid,
 216                          strerror(errno) ));
 217         }
 218 
 219         DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
 220                   "parent directory uid %u.\n", fsp->fsp_name,
 221                   (unsigned int)parent_st.st_uid ));
 222 }
 223 
 224 NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
 225                                        const char *inherit_from_dir,
 226                                        const char *fname,
 227                                        SMB_STRUCT_STAT *psbuf)
 228 {
 229         char *saved_dir = NULL;
 230         SMB_STRUCT_STAT sbuf;
 231         SMB_STRUCT_STAT parent_st;
 232         TALLOC_CTX *ctx = talloc_tos();
 233         NTSTATUS status = NT_STATUS_OK;
 234         int ret;
 235 
 236         ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
 237         if (ret == -1) {
 238                 status = map_nt_error_from_unix(errno);
 239                 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
 240                          "directory %s. Error was %s\n",
 241                          inherit_from_dir, strerror(errno) ));
 242                 return status;
 243         }
 244 
 245         /* We've already done an lstat into psbuf, and we know it's a
 246            directory. If we can cd into the directory and the dev/ino
 247            are the same then we can safely chown without races as
 248            we're locking the directory in place by being in it.  This
 249            should work on any UNIX (thanks tridge :-). JRA.
 250         */
 251 
 252         saved_dir = vfs_GetWd(ctx,conn);
 253         if (!saved_dir) {
 254                 status = map_nt_error_from_unix(errno);
 255                 DEBUG(0,("change_dir_owner_to_parent: failed to get "
 256                          "current working directory. Error was %s\n",
 257                          strerror(errno)));
 258                 return status;
 259         }
 260 
 261         /* Chdir into the new path. */
 262         if (vfs_ChDir(conn, fname) == -1) {
 263                 status = map_nt_error_from_unix(errno);
 264                 DEBUG(0,("change_dir_owner_to_parent: failed to change "
 265                          "current working directory to %s. Error "
 266                          "was %s\n", fname, strerror(errno) ));
 267                 goto out;
 268         }
 269 
 270         if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
 271                 status = map_nt_error_from_unix(errno);
 272                 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
 273                          "directory '.' (%s) Error was %s\n",
 274                          fname, strerror(errno)));
 275                 goto out;
 276         }
 277 
 278         /* Ensure we're pointing at the same place. */
 279         if (sbuf.st_dev != psbuf->st_dev ||
 280             sbuf.st_ino != psbuf->st_ino ||
 281             sbuf.st_mode != psbuf->st_mode ) {
 282                 DEBUG(0,("change_dir_owner_to_parent: "
 283                          "device/inode/mode on directory %s changed. "
 284                          "Refusing to chown !\n", fname ));
 285                 status = NT_STATUS_ACCESS_DENIED;
 286                 goto out;
 287         }
 288 
 289         become_root();
 290         ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
 291         unbecome_root();
 292         if (ret == -1) {
 293                 status = map_nt_error_from_unix(errno);
 294                 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
 295                           "directory %s to parent directory uid %u. "
 296                           "Error was %s\n", fname,
 297                           (unsigned int)parent_st.st_uid, strerror(errno) ));
 298                 goto out;
 299         }
 300 
 301         DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
 302                   "directory %s to parent directory uid %u.\n",
 303                   fname, (unsigned int)parent_st.st_uid ));
 304 
 305  out:
 306 
 307         vfs_ChDir(conn,saved_dir);
 308         return status;
 309 }
 310 
 311 /****************************************************************************
 312  Open a file.
 313 ****************************************************************************/
 314 
 315 static NTSTATUS open_file(files_struct *fsp,
     /* [<][>][^][v][top][bottom][index][help] */
 316                           connection_struct *conn,
 317                           struct smb_request *req,
 318                           const char *parent_dir,
 319                           const char *name,
 320                           const char *path,
 321                           SMB_STRUCT_STAT *psbuf,
 322                           int flags,
 323                           mode_t unx_mode,
 324                           uint32 access_mask, /* client requested access mask. */
 325                           uint32 open_access_mask) /* what we're actually using in the open. */
 326 {
 327         NTSTATUS status = NT_STATUS_OK;
 328         int accmode = (flags & O_ACCMODE);
 329         int local_flags = flags;
 330         bool file_existed = VALID_STAT(*psbuf);
 331 
 332         fsp->fh->fd = -1;
 333         errno = EPERM;
 334 
 335         /* Check permissions */
 336 
 337         /*
 338          * This code was changed after seeing a client open request 
 339          * containing the open mode of (DENY_WRITE/read-only) with
 340          * the 'create if not exist' bit set. The previous code
 341          * would fail to open the file read only on a read-only share
 342          * as it was checking the flags parameter  directly against O_RDONLY,
 343          * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
 344          * JRA.
 345          */
 346 
 347         if (!CAN_WRITE(conn)) {
 348                 /* It's a read-only share - fail if we wanted to write. */
 349                 if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
 350                         DEBUG(3,("Permission denied opening %s\n", path));
 351                         return NT_STATUS_ACCESS_DENIED;
 352                 } else if(flags & O_CREAT) {
 353                         /* We don't want to write - but we must make sure that
 354                            O_CREAT doesn't create the file if we have write
 355                            access into the directory.
 356                         */
 357                         flags &= ~(O_CREAT|O_EXCL);
 358                         local_flags &= ~(O_CREAT|O_EXCL);
 359                 }
 360         }
 361 
 362         /*
 363          * This little piece of insanity is inspired by the
 364          * fact that an NT client can open a file for O_RDONLY,
 365          * but set the create disposition to FILE_EXISTS_TRUNCATE.
 366          * If the client *can* write to the file, then it expects to
 367          * truncate the file, even though it is opening for readonly.
 368          * Quicken uses this stupid trick in backup file creation...
 369          * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
 370          * for helping track this one down. It didn't bite us in 2.0.x
 371          * as we always opened files read-write in that release. JRA.
 372          */
 373 
 374         if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
 375                 DEBUG(10,("open_file: truncate requested on read-only open "
 376                           "for file %s\n", path));
 377                 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
 378         }
 379 
 380         if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
 381             (!file_existed && (local_flags & O_CREAT)) ||
 382             ((local_flags & O_TRUNC) == O_TRUNC) ) {
 383                 const char *wild;
 384 
 385                 /*
 386                  * We can't actually truncate here as the file may be locked.
 387                  * open_file_ntcreate will take care of the truncate later. JRA.
 388                  */
 389 
 390                 local_flags &= ~O_TRUNC;
 391 
 392 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
 393                 /*
 394                  * We would block on opening a FIFO with no one else on the
 395                  * other end. Do what we used to do and add O_NONBLOCK to the
 396                  * open flags. JRA.
 397                  */
 398 
 399                 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
 400                         local_flags |= O_NONBLOCK;
 401                 }
 402 #endif
 403 
 404                 /* Don't create files with Microsoft wildcard characters. */
 405                 if (fsp->base_fsp) {
 406                         /*
 407                          * wildcard characters are allowed in stream names
 408                          * only test the basefilename
 409                          */
 410                         wild = fsp->base_fsp->fsp_name;
 411                 } else {
 412                         wild = path;
 413                 }
 414                 if ((local_flags & O_CREAT) && !file_existed &&
 415                     ms_has_wild(wild))  {
 416                         return NT_STATUS_OBJECT_NAME_INVALID;
 417                 }
 418 
 419                 /* Actually do the open */
 420                 status = fd_open(conn, path, fsp, local_flags, unx_mode);
 421                 if (!NT_STATUS_IS_OK(status)) {
 422                         DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
 423                                  "(flags=%d)\n",
 424                                  path,nt_errstr(status),local_flags,flags));
 425                         return status;
 426                 }
 427 
 428                 if ((local_flags & O_CREAT) && !file_existed) {
 429 
 430                         /* Inherit the ACL if required */
 431                         if (lp_inherit_perms(SNUM(conn))) {
 432                                 inherit_access_posix_acl(conn, parent_dir, path,
 433                                                    unx_mode);
 434                         }
 435 
 436                         /* Change the owner if required. */
 437                         if (lp_inherit_owner(SNUM(conn))) {
 438                                 change_file_owner_to_parent(conn, parent_dir,
 439                                                             fsp);
 440                         }
 441 
 442                         notify_fname(conn, NOTIFY_ACTION_ADDED,
 443                                      FILE_NOTIFY_CHANGE_FILE_NAME, path);
 444                 }
 445 
 446         } else {
 447                 fsp->fh->fd = -1; /* What we used to call a stat open. */
 448                 if (file_existed) {
 449                         uint32_t access_granted = 0;
 450 
 451                         status = check_open_rights(conn,
 452                                         path,
 453                                         access_mask,
 454                                         &access_granted);
 455                         if (!NT_STATUS_IS_OK(status)) {
 456                                 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
 457                                         /*
 458                                          * On NT_STATUS_ACCESS_DENIED, access_granted
 459                                          * contains the denied bits.
 460                                          */
 461 
 462                                         if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
 463                                                         (access_granted & FILE_WRITE_ATTRIBUTES) &&
 464                                                         (lp_map_readonly(SNUM(conn)) ||
 465                                                          lp_map_archive(SNUM(conn)) ||
 466                                                          lp_map_hidden(SNUM(conn)) ||
 467                                                          lp_map_system(SNUM(conn)))) {
 468                                                 access_granted &= ~FILE_WRITE_ATTRIBUTES;
 469 
 470                                                 DEBUG(10,("open_file: overrode FILE_WRITE_ATTRIBUTES "
 471                                                         "on file %s\n",
 472                                                         path ));
 473                                         }
 474 
 475                                         if ((access_mask & DELETE_ACCESS) &&
 476                                                         (access_granted & DELETE_ACCESS) &&
 477                                                         can_delete_file_in_directory(conn, path)) {
 478                                                 /* Were we trying to do a stat open
 479                                                  * for delete and didn't get DELETE
 480                                                  * access (only) ? Check if the
 481                                                  * directory allows DELETE_CHILD.
 482                                                  * See here:
 483                                                  * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
 484                                                  * for details. */
 485 
 486                                                 access_granted &= ~DELETE_ACCESS;
 487 
 488                                                 DEBUG(10,("open_file: overrode DELETE_ACCESS "
 489                                                         "on file %s\n",
 490                                                         path ));
 491                                         }
 492 
 493                                         if (access_granted != 0) {
 494                                                 DEBUG(10, ("open_file: Access denied on "
 495                                                         "file %s\n",
 496                                                         path));
 497                                                 return status;
 498                                         }
 499                                 } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
 500                                                         fsp->posix_open &&
 501                                                         S_ISLNK(psbuf->st_mode)) {
 502                                         /* This is a POSIX stat open for delete
 503                                          * or rename on a symlink that points
 504                                          * nowhere. Allow. */
 505                                         DEBUG(10, ("open_file: allowing POSIX open "
 506                                                 "on bad symlink %s\n",
 507                                                 path ));
 508                                 } else {
 509                                         DEBUG(10, ("open_file: check_open_rights "
 510                                                 "on file %s returned %s\n",
 511                                                 path, nt_errstr(status) ));
 512                                         return status;
 513                                 }
 514                         }
 515                 }
 516         }
 517 
 518         if (!file_existed) {
 519                 int ret;
 520 
 521                 if (fsp->fh->fd == -1) {
 522                         ret = SMB_VFS_STAT(conn, path, psbuf);
 523                 } else {
 524                         ret = SMB_VFS_FSTAT(fsp, psbuf);
 525                         /* If we have an fd, this stat should succeed. */
 526                         if (ret == -1) {
 527                                 DEBUG(0,("Error doing fstat on open file %s "
 528                                          "(%s)\n", path,strerror(errno) ));
 529                         }
 530                 }
 531 
 532                 /* For a non-io open, this stat failing means file not found. JRA */
 533                 if (ret == -1) {
 534                         status = map_nt_error_from_unix(errno);
 535                         fd_close(fsp);
 536                         return status;
 537                 }
 538         }
 539 
 540         /*
 541          * POSIX allows read-only opens of directories. We don't
 542          * want to do this (we use a different code path for this)
 543          * so catch a directory open and return an EISDIR. JRA.
 544          */
 545 
 546         if(S_ISDIR(psbuf->st_mode)) {
 547                 fd_close(fsp);
 548                 errno = EISDIR;
 549                 return NT_STATUS_FILE_IS_A_DIRECTORY;
 550         }
 551 
 552         fsp->mode = psbuf->st_mode;
 553         fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
 554         fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
 555         fsp->file_pid = req ? req->smbpid : 0;
 556         fsp->can_lock = True;
 557         fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
 558         if (!CAN_WRITE(conn)) {
 559                 fsp->can_write = False;
 560         } else {
 561                 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
 562                         True : False;
 563         }
 564         fsp->print_file = False;
 565         fsp->modified = False;
 566         fsp->sent_oplock_break = NO_BREAK_SENT;
 567         fsp->is_directory = False;
 568         if (conn->aio_write_behind_list &&
 569             is_in_path(path, conn->aio_write_behind_list, conn->case_sensitive)) {
 570                 fsp->aio_write_behind = True;
 571         }
 572 
 573         string_set(&fsp->fsp_name, path);
 574         fsp->wcp = NULL; /* Write cache pointer. */
 575 
 576         DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
 577                  conn->server_info->unix_name,
 578                  fsp->fsp_name,
 579                  BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
 580                  conn->num_files_open));
 581 
 582         errno = 0;
 583         return NT_STATUS_OK;
 584 }
 585 
 586 /*******************************************************************
 587  Return True if the filename is one of the special executable types.
 588 ********************************************************************/
 589 
 590 bool is_executable(const char *fname)
     /* [<][>][^][v][top][bottom][index][help] */
 591 {
 592         if ((fname = strrchr_m(fname,'.'))) {
 593                 if (strequal(fname,".com") ||
 594                     strequal(fname,".dll") ||
 595                     strequal(fname,".exe") ||
 596                     strequal(fname,".sym")) {
 597                         return True;
 598                 }
 599         }
 600         return False;
 601 }
 602 
 603 /****************************************************************************
 604  Check if we can open a file with a share mode.
 605  Returns True if conflict, False if not.
 606 ****************************************************************************/
 607 
 608 static bool share_conflict(struct share_mode_entry *entry,
     /* [<][>][^][v][top][bottom][index][help] */
 609                            uint32 access_mask,
 610                            uint32 share_access)
 611 {
 612         DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
 613                   "entry->share_access = 0x%x, "
 614                   "entry->private_options = 0x%x\n",
 615                   (unsigned int)entry->access_mask,
 616                   (unsigned int)entry->share_access,
 617                   (unsigned int)entry->private_options));
 618 
 619         DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
 620                   (unsigned int)access_mask, (unsigned int)share_access));
 621 
 622         if ((entry->access_mask & (FILE_WRITE_DATA|
 623                                    FILE_APPEND_DATA|
 624                                    FILE_READ_DATA|
 625                                    FILE_EXECUTE|
 626                                    DELETE_ACCESS)) == 0) {
 627                 DEBUG(10,("share_conflict: No conflict due to "
 628                           "entry->access_mask = 0x%x\n",
 629                           (unsigned int)entry->access_mask ));
 630                 return False;
 631         }
 632 
 633         if ((access_mask & (FILE_WRITE_DATA|
 634                             FILE_APPEND_DATA|
 635                             FILE_READ_DATA|
 636                             FILE_EXECUTE|
 637                             DELETE_ACCESS)) == 0) {
 638                 DEBUG(10,("share_conflict: No conflict due to "
 639                           "access_mask = 0x%x\n",
 640                           (unsigned int)access_mask ));
 641                 return False;
 642         }
 643 
 644 #if 1 /* JRA TEST - Superdebug. */
 645 #define CHECK_MASK(num, am, right, sa, share) \
 646         DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
 647                 (unsigned int)(num), (unsigned int)(am), \
 648                 (unsigned int)(right), (unsigned int)(am)&(right) )); \
 649         DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
 650                 (unsigned int)(num), (unsigned int)(sa), \
 651                 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
 652         if (((am) & (right)) && !((sa) & (share))) { \
 653                 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
 654 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
 655                         (unsigned int)(share) )); \
 656                 return True; \
 657         }
 658 #else
 659 #define CHECK_MASK(num, am, right, sa, share) \
 660         if (((am) & (right)) && !((sa) & (share))) { \
 661                 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
 662 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
 663                         (unsigned int)(share) )); \
 664                 return True; \
 665         }
 666 #endif
 667 
 668         CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
 669                    share_access, FILE_SHARE_WRITE);
 670         CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
 671                    entry->share_access, FILE_SHARE_WRITE);
 672         
 673         CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
 674                    share_access, FILE_SHARE_READ);
 675         CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
 676                    entry->share_access, FILE_SHARE_READ);
 677 
 678         CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
 679                    share_access, FILE_SHARE_DELETE);
 680         CHECK_MASK(6, access_mask, DELETE_ACCESS,
 681                    entry->share_access, FILE_SHARE_DELETE);
 682 
 683         DEBUG(10,("share_conflict: No conflict.\n"));
 684         return False;
 685 }
 686 
 687 #if defined(DEVELOPER)
 688 static void validate_my_share_entries(int num,
     /* [<][>][^][v][top][bottom][index][help] */
 689                                       struct share_mode_entry *share_entry)
 690 {
 691         files_struct *fsp;
 692 
 693         if (!procid_is_me(&share_entry->pid)) {
 694                 return;
 695         }
 696 
 697         if (is_deferred_open_entry(share_entry) &&
 698             !open_was_deferred(share_entry->op_mid)) {
 699                 char *str = talloc_asprintf(talloc_tos(),
 700                         "Got a deferred entry without a request: "
 701                         "PANIC: %s\n",
 702                         share_mode_str(talloc_tos(), num, share_entry));
 703                 smb_panic(str);
 704         }
 705 
 706         if (!is_valid_share_mode_entry(share_entry)) {
 707                 return;
 708         }
 709 
 710         fsp = file_find_dif(share_entry->id,
 711                             share_entry->share_file_id);
 712         if (!fsp) {
 713                 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
 714                          share_mode_str(talloc_tos(), num, share_entry) ));
 715                 smb_panic("validate_my_share_entries: Cannot match a "
 716                           "share entry with an open file\n");
 717         }
 718 
 719         if (is_deferred_open_entry(share_entry) ||
 720             is_unused_share_mode_entry(share_entry)) {
 721                 goto panic;
 722         }
 723 
 724         if ((share_entry->op_type == NO_OPLOCK) &&
 725             (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
 726                 /* Someone has already written to it, but I haven't yet
 727                  * noticed */
 728                 return;
 729         }
 730 
 731         if (((uint16)fsp->oplock_type) != share_entry->op_type) {
 732                 goto panic;
 733         }
 734 
 735         return;
 736 
 737  panic:
 738         {
 739                 char *str;
 740                 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
 741                          share_mode_str(talloc_tos(), num, share_entry) ));
 742                 str = talloc_asprintf(talloc_tos(),
 743                         "validate_my_share_entries: "
 744                         "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
 745                          fsp->fsp_name, (unsigned int)fsp->oplock_type,
 746                          (unsigned int)share_entry->op_type );
 747                 smb_panic(str);
 748         }
 749 }
 750 #endif
 751 
 752 bool is_stat_open(uint32 access_mask)
     /* [<][>][^][v][top][bottom][index][help] */
 753 {
 754         return (access_mask &&
 755                 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
 756                                   FILE_WRITE_ATTRIBUTES))==0) &&
 757                 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
 758                                  FILE_WRITE_ATTRIBUTES)) != 0));
 759 }
 760 
 761 /****************************************************************************
 762  Deal with share modes
 763  Invarient: Share mode must be locked on entry and exit.
 764  Returns -1 on error, or number of share modes on success (may be zero).
 765 ****************************************************************************/
 766 
 767 static NTSTATUS open_mode_check(connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
 768                                 const char *fname,
 769                                 struct share_mode_lock *lck,
 770                                 uint32 access_mask,
 771                                 uint32 share_access,
 772                                 uint32 create_options,
 773                                 bool *file_existed)
 774 {
 775         int i;
 776 
 777         if(lck->num_share_modes == 0) {
 778                 return NT_STATUS_OK;
 779         }
 780 
 781         *file_existed = True;
 782 
 783         /* A delete on close prohibits everything */
 784 
 785         if (lck->delete_on_close) {
 786                 return NT_STATUS_DELETE_PENDING;
 787         }
 788 
 789         if (is_stat_open(access_mask)) {
 790                 /* Stat open that doesn't trigger oplock breaks or share mode
 791                  * checks... ! JRA. */
 792                 return NT_STATUS_OK;
 793         }
 794 
 795         /*
 796          * Check if the share modes will give us access.
 797          */
 798         
 799 #if defined(DEVELOPER)
 800         for(i = 0; i < lck->num_share_modes; i++) {
 801                 validate_my_share_entries(i, &lck->share_modes[i]);
 802         }
 803 #endif
 804 
 805         if (!lp_share_modes(SNUM(conn))) {
 806                 return NT_STATUS_OK;
 807         }
 808 
 809         /* Now we check the share modes, after any oplock breaks. */
 810         for(i = 0; i < lck->num_share_modes; i++) {
 811 
 812                 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
 813                         continue;
 814                 }
 815 
 816                 /* someone else has a share lock on it, check to see if we can
 817                  * too */
 818                 if (share_conflict(&lck->share_modes[i],
 819                                    access_mask, share_access)) {
 820                         return NT_STATUS_SHARING_VIOLATION;
 821                 }
 822         }
 823         
 824         return NT_STATUS_OK;
 825 }
 826 
 827 static bool is_delete_request(files_struct *fsp) {
     /* [<][>][^][v][top][bottom][index][help] */
 828         return ((fsp->access_mask == DELETE_ACCESS) &&
 829                 (fsp->oplock_type == NO_OPLOCK));
 830 }
 831 
 832 /*
 833  * Send a break message to the oplock holder and delay the open for
 834  * our client.
 835  */
 836 
 837 static NTSTATUS send_break_message(files_struct *fsp,
     /* [<][>][^][v][top][bottom][index][help] */
 838                                         struct share_mode_entry *exclusive,
 839                                         uint16 mid,
 840                                         int oplock_request)
 841 {
 842         NTSTATUS status;
 843         char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
 844 
 845         DEBUG(10, ("Sending break request to PID %s\n",
 846                    procid_str_static(&exclusive->pid)));
 847         exclusive->op_mid = mid;
 848 
 849         /* Create the message. */
 850         share_mode_entry_to_message(msg, exclusive);
 851 
 852         /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
 853            don't want this set in the share mode struct pointed to by lck. */
 854 
 855         if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
 856                 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
 857         }
 858 
 859         status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
 860                                     MSG_SMB_BREAK_REQUEST,
 861                                     (uint8 *)msg,
 862                                     MSG_SMB_SHARE_MODE_ENTRY_SIZE);
 863         if (!NT_STATUS_IS_OK(status)) {
 864                 DEBUG(3, ("Could not send oplock break message: %s\n",
 865                           nt_errstr(status)));
 866         }
 867 
 868         return status;
 869 }
 870 
 871 /*
 872  * 1) No files open at all or internal open: Grant whatever the client wants.
 873  *
 874  * 2) Exclusive (or batch) oplock around: If the requested access is a delete
 875  *    request, break if the oplock around is a batch oplock. If it's another
 876  *    requested access type, break.
 877  *
 878  * 3) Only level2 around: Grant level2 and do nothing else.
 879  */
 880 
 881 static bool delay_for_oplocks(struct share_mode_lock *lck,
     /* [<][>][^][v][top][bottom][index][help] */
 882                               files_struct *fsp,
 883                               uint16 mid,
 884                               int pass_number,
 885                               int oplock_request)
 886 {
 887         int i;
 888         struct share_mode_entry *exclusive = NULL;
 889         bool valid_entry = false;
 890         bool have_level2 = false;
 891         bool have_a_none_oplock = false;
 892         bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
 893                             lp_level2_oplocks(SNUM(fsp->conn));
 894 
 895         if (oplock_request & INTERNAL_OPEN_ONLY) {
 896                 fsp->oplock_type = NO_OPLOCK;
 897         }
 898 
 899         if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
 900                 return false;
 901         }
 902 
 903         for (i=0; i<lck->num_share_modes; i++) {
 904 
 905                 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
 906                         continue;
 907                 }
 908 
 909                 /* At least one entry is not an invalid or deferred entry. */
 910                 valid_entry = true;
 911 
 912                 if (pass_number == 1) {
 913                         if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
 914                                 SMB_ASSERT(exclusive == NULL);
 915                                 exclusive = &lck->share_modes[i];
 916                         }
 917                 } else {
 918                         if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
 919                                 SMB_ASSERT(exclusive == NULL);
 920                                 exclusive = &lck->share_modes[i];
 921                         }
 922                 }
 923 
 924                 if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
 925                         SMB_ASSERT(exclusive == NULL);
 926                         have_level2 = true;
 927                 }
 928 
 929                 if (lck->share_modes[i].op_type == NO_OPLOCK) {
 930                         have_a_none_oplock = true;
 931                 }
 932         }
 933 
 934         if (exclusive != NULL) { /* Found an exclusive oplock */
 935                 bool delay_it = is_delete_request(fsp) ?
 936                                 BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
 937                 SMB_ASSERT(!have_level2);
 938                 if (delay_it) {
 939                         send_break_message(fsp, exclusive, mid, oplock_request);
 940                         return true;
 941                 }
 942         }
 943 
 944         /*
 945          * Match what was requested (fsp->oplock_type) with
 946          * what was found in the existing share modes.
 947          */
 948 
 949         if (!valid_entry) {
 950                 /* All entries are placeholders or deferred.
 951                  * Directly grant whatever the client wants. */
 952                 if (fsp->oplock_type == NO_OPLOCK) {
 953                         /* Store a level2 oplock, but don't tell the client */
 954                         fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
 955                 }
 956         } else if (have_a_none_oplock) {
 957                 fsp->oplock_type = NO_OPLOCK;
 958         } else if (have_level2) {
 959                 if (fsp->oplock_type == NO_OPLOCK ||
 960                                 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
 961                         /* Store a level2 oplock, but don't tell the client */
 962                         fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
 963                 } else {
 964                         fsp->oplock_type = LEVEL_II_OPLOCK;
 965                 }
 966         } else {
 967                 /* This case can never happen. */
 968                 SMB_ASSERT(1);
 969         }
 970 
 971         /*
 972          * Don't grant level2 to clients that don't want them
 973          * or if we've turned them off.
 974          */
 975         if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
 976                 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
 977         }
 978 
 979         DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
 980                 fsp->oplock_type, fsp->fsp_name));
 981 
 982         /* No delay. */
 983         return false;
 984 }
 985 
 986 bool request_timed_out(struct timeval request_time,
     /* [<][>][^][v][top][bottom][index][help] */
 987                        struct timeval timeout)
 988 {
 989         struct timeval now, end_time;
 990         GetTimeOfDay(&now);
 991         end_time = timeval_sum(&request_time, &timeout);
 992         return (timeval_compare(&end_time, &now) < 0);
 993 }
 994 
 995 /****************************************************************************
 996  Handle the 1 second delay in returning a SHARING_VIOLATION error.
 997 ****************************************************************************/
 998 
 999 static void defer_open(struct share_mode_lock *lck,
     /* [<][>][^][v][top][bottom][index][help] */
1000                        struct timeval request_time,
1001                        struct timeval timeout,
1002                        struct smb_request *req,
1003                        struct deferred_open_record *state)
1004 {
1005         int i;
1006 
1007         /* Paranoia check */
1008 
1009         for (i=0; i<lck->num_share_modes; i++) {
1010                 struct share_mode_entry *e = &lck->share_modes[i];
1011 
1012                 if (!is_deferred_open_entry(e)) {
1013                         continue;
1014                 }
1015 
1016                 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
1017                         DEBUG(0, ("Trying to defer an already deferred "
1018                                   "request: mid=%d, exiting\n", req->mid));
1019                         exit_server("attempt to defer a deferred request");
1020                 }
1021         }
1022 
1023         /* End paranoia check */
1024 
1025         DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1026                   "open entry for mid %u\n",
1027                   (unsigned int)request_time.tv_sec,
1028                   (unsigned int)request_time.tv_usec,
1029                   (unsigned int)req->mid));
1030 
1031         if (!push_deferred_smb_message(req, request_time, timeout,
1032                                        (char *)state, sizeof(*state))) {
1033                 exit_server("push_deferred_smb_message failed");
1034         }
1035         add_deferred_open(lck, req->mid, request_time, state->id);
1036 
1037         /*
1038          * Push the MID of this packet on the signing queue.
1039          * We only do this once, the first time we push the packet
1040          * onto the deferred open queue, as this has a side effect
1041          * of incrementing the response sequence number.
1042          */
1043 
1044         srv_defer_sign_response(req->mid);
1045 }
1046 
1047 
1048 /****************************************************************************
1049  On overwrite open ensure that the attributes match.
1050 ****************************************************************************/
1051 
1052 bool open_match_attributes(connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
1053                            const char *path,
1054                            uint32 old_dos_attr,
1055                            uint32 new_dos_attr,
1056                            mode_t existing_unx_mode,
1057                            mode_t new_unx_mode,
1058                            mode_t *returned_unx_mode)
1059 {
1060         uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1061 
1062         noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1063         noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1064 
1065         if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) || 
1066            (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1067                 *returned_unx_mode = new_unx_mode;
1068         } else {
1069                 *returned_unx_mode = (mode_t)0;
1070         }
1071 
1072         DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
1073                   "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1074                   "returned_unx_mode = 0%o\n",
1075                   path,
1076                   (unsigned int)old_dos_attr,
1077                   (unsigned int)existing_unx_mode,
1078                   (unsigned int)new_dos_attr,
1079                   (unsigned int)*returned_unx_mode ));
1080 
1081         /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1082         if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1083                 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1084                     !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1085                         return False;
1086                 }
1087         }
1088         if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1089                 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1090                     !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1091                         return False;
1092                 }
1093         }
1094         return True;
1095 }
1096 
1097 /****************************************************************************
1098  Special FCB or DOS processing in the case of a sharing violation.
1099  Try and find a duplicated file handle.
1100 ****************************************************************************/
1101 
1102 NTSTATUS fcb_or_dos_open(struct smb_request *req,
     /* [<][>][^][v][top][bottom][index][help] */
1103                                      connection_struct *conn,
1104                                      files_struct *fsp_to_dup_into,
1105                                      const char *fname,
1106                                      struct file_id id,
1107                                      uint16 file_pid,
1108                                      uint16 vuid,
1109                                      uint32 access_mask,
1110                                      uint32 share_access,
1111                                      uint32 create_options)
1112 {
1113         files_struct *fsp;
1114 
1115         DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1116                  "file %s.\n", fname ));
1117 
1118         for(fsp = file_find_di_first(id); fsp;
1119             fsp = file_find_di_next(fsp)) {
1120 
1121                 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1122                           "vuid = %u, file_pid = %u, private_options = 0x%x "
1123                           "access_mask = 0x%x\n", fsp->fsp_name,
1124                           fsp->fh->fd, (unsigned int)fsp->vuid,
1125                           (unsigned int)fsp->file_pid,
1126                           (unsigned int)fsp->fh->private_options,
1127                           (unsigned int)fsp->access_mask ));
1128 
1129                 if (fsp->fh->fd != -1 &&
1130                     fsp->vuid == vuid &&
1131                     fsp->file_pid == file_pid &&
1132                     (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1133                                                  NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1134                     (fsp->access_mask & FILE_WRITE_DATA) &&
1135                     strequal(fsp->fsp_name, fname)) {
1136                         DEBUG(10,("fcb_or_dos_open: file match\n"));
1137                         break;
1138                 }
1139         }
1140 
1141         if (!fsp) {
1142                 return NT_STATUS_NOT_FOUND;
1143         }
1144 
1145         /* quite an insane set of semantics ... */
1146         if (is_executable(fname) &&
1147             (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1148                 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1149                 return NT_STATUS_INVALID_PARAMETER;
1150         }
1151 
1152         /* We need to duplicate this fsp. */
1153         dup_file_fsp(req, fsp, access_mask, share_access,
1154                         create_options, fsp_to_dup_into);
1155 
1156         return NT_STATUS_OK;
1157 }
1158 
1159 /****************************************************************************
1160  Open a file with a share mode - old openX method - map into NTCreate.
1161 ****************************************************************************/
1162 
1163 bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
     /* [<][>][^][v][top][bottom][index][help] */
1164                                  uint32 *paccess_mask,
1165                                  uint32 *pshare_mode,
1166                                  uint32 *pcreate_disposition,
1167                                  uint32 *pcreate_options)
1168 {
1169         uint32 access_mask;
1170         uint32 share_mode;
1171         uint32 create_disposition;
1172         uint32 create_options = FILE_NON_DIRECTORY_FILE;
1173 
1174         DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1175                   "open_func = 0x%x\n",
1176                   fname, (unsigned int)deny_mode, (unsigned int)open_func ));
1177 
1178         /* Create the NT compatible access_mask. */
1179         switch (GET_OPENX_MODE(deny_mode)) {
1180                 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1181                 case DOS_OPEN_RDONLY:
1182                         access_mask = FILE_GENERIC_READ;
1183                         break;
1184                 case DOS_OPEN_WRONLY:
1185                         access_mask = FILE_GENERIC_WRITE;
1186                         break;
1187                 case DOS_OPEN_RDWR:
1188                 case DOS_OPEN_FCB:
1189                         access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1190                         break;
1191                 default:
1192                         DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1193                                   (unsigned int)GET_OPENX_MODE(deny_mode)));
1194                         return False;
1195         }
1196 
1197         /* Create the NT compatible create_disposition. */
1198         switch (open_func) {
1199                 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1200                         create_disposition = FILE_CREATE;
1201                         break;
1202 
1203                 case OPENX_FILE_EXISTS_OPEN:
1204                         create_disposition = FILE_OPEN;
1205                         break;
1206 
1207                 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1208                         create_disposition = FILE_OPEN_IF;
1209                         break;
1210        
1211                 case OPENX_FILE_EXISTS_TRUNCATE:
1212                         create_disposition = FILE_OVERWRITE;
1213                         break;
1214 
1215                 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1216                         create_disposition = FILE_OVERWRITE_IF;
1217                         break;
1218 
1219                 default:
1220                         /* From samba4 - to be confirmed. */
1221                         if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1222                                 create_disposition = FILE_CREATE;
1223                                 break;
1224                         }
1225                         DEBUG(10,("map_open_params_to_ntcreate: bad "
1226                                   "open_func 0x%x\n", (unsigned int)open_func));
1227                         return False;
1228         }
1229  
1230         /* Create the NT compatible share modes. */
1231         switch (GET_DENY_MODE(deny_mode)) {
1232                 case DENY_ALL:
1233                         share_mode = FILE_SHARE_NONE;
1234                         break;
1235 
1236                 case DENY_WRITE:
1237                         share_mode = FILE_SHARE_READ;
1238                         break;
1239 
1240                 case DENY_READ:
1241                         share_mode = FILE_SHARE_WRITE;
1242                         break;
1243 
1244                 case DENY_NONE:
1245                         share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1246                         break;
1247 
1248                 case DENY_DOS:
1249                         create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1250                         if (is_executable(fname)) {
1251                                 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1252                         } else {
1253                                 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1254                                         share_mode = FILE_SHARE_READ;
1255                                 } else {
1256                                         share_mode = FILE_SHARE_NONE;
1257                                 }
1258                         }
1259                         break;
1260 
1261                 case DENY_FCB:
1262                         create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1263                         share_mode = FILE_SHARE_NONE;
1264                         break;
1265 
1266                 default:
1267                         DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1268                                 (unsigned int)GET_DENY_MODE(deny_mode) ));
1269                         return False;
1270         }
1271 
1272         DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1273                   "share_mode = 0x%x, create_disposition = 0x%x, "
1274                   "create_options = 0x%x\n",
1275                   fname,
1276                   (unsigned int)access_mask,
1277                   (unsigned int)share_mode,
1278                   (unsigned int)create_disposition,
1279                   (unsigned int)create_options ));
1280 
1281         if (paccess_mask) {
1282                 *paccess_mask = access_mask;
1283         }
1284         if (pshare_mode) {
1285                 *pshare_mode = share_mode;
1286         }
1287         if (pcreate_disposition) {
1288                 *pcreate_disposition = create_disposition;
1289         }
1290         if (pcreate_options) {
1291                 *pcreate_options = create_options;
1292         }
1293 
1294         return True;
1295 
1296 }
1297 
1298 static void schedule_defer_open(struct share_mode_lock *lck,
     /* [<][>][^][v][top][bottom][index][help] */
1299                                 struct timeval request_time,
1300                                 struct smb_request *req)
1301 {
1302         struct deferred_open_record state;
1303 
1304         /* This is a relative time, added to the absolute
1305            request_time value to get the absolute timeout time.
1306            Note that if this is the second or greater time we enter
1307            this codepath for this particular request mid then
1308            request_time is left as the absolute time of the *first*
1309            time this request mid was processed. This is what allows
1310            the request to eventually time out. */
1311 
1312         struct timeval timeout;
1313 
1314         /* Normally the smbd we asked should respond within
1315          * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1316          * the client did, give twice the timeout as a safety
1317          * measure here in case the other smbd is stuck
1318          * somewhere else. */
1319 
1320         timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1321 
1322         /* Nothing actually uses state.delayed_for_oplocks
1323            but it's handy to differentiate in debug messages
1324            between a 30 second delay due to oplock break, and
1325            a 1 second delay for share mode conflicts. */
1326 
1327         state.delayed_for_oplocks = True;
1328         state.id = lck->id;
1329 
1330         if (!request_timed_out(request_time, timeout)) {
1331                 defer_open(lck, request_time, timeout, req, &state);
1332         }
1333 }
1334 
1335 /****************************************************************************
1336  Work out what access_mask to use from what the client sent us.
1337 ****************************************************************************/
1338 
1339 static NTSTATUS calculate_access_mask(connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
1340                                         const char *fname,
1341                                         bool file_existed,
1342                                         uint32_t access_mask,
1343                                         uint32_t *access_mask_out)
1344 {
1345         NTSTATUS status;
1346 
1347         /*
1348          * Convert GENERIC bits to specific bits.
1349          */
1350 
1351         se_map_generic(&access_mask, &file_generic_mapping);
1352 
1353         /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1354         if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1355                 if (file_existed) {
1356 
1357                         struct security_descriptor *sd;
1358                         uint32_t access_granted = 0;
1359 
1360                         status = SMB_VFS_GET_NT_ACL(conn, fname,
1361                                         (OWNER_SECURITY_INFORMATION |
1362                                         GROUP_SECURITY_INFORMATION |
1363                                         DACL_SECURITY_INFORMATION),&sd);
1364 
1365                         if (!NT_STATUS_IS_OK(status)) {
1366                                 DEBUG(10, ("calculate_access_mask: Could not get acl "
1367                                         "on file %s: %s\n",
1368                                         fname,
1369                                         nt_errstr(status)));
1370                                 return NT_STATUS_ACCESS_DENIED;
1371                         }
1372 
1373                         status = smb1_file_se_access_check(sd,
1374                                         conn->server_info->ptok,
1375                                         access_mask,
1376                                         &access_granted);
1377 
1378                         TALLOC_FREE(sd);
1379 
1380                         if (!NT_STATUS_IS_OK(status)) {
1381                                 DEBUG(10, ("calculate_access_mask: Access denied on "
1382                                         "file %s: when calculating maximum access\n",
1383                                         fname));
1384                                 return NT_STATUS_ACCESS_DENIED;
1385                         }
1386 
1387                         access_mask = access_granted;
1388                 } else {
1389                         access_mask = FILE_GENERIC_ALL;
1390                 }
1391         }
1392 
1393         *access_mask_out = access_mask;
1394         return NT_STATUS_OK;
1395 }
1396 
1397 /****************************************************************************
1398  Open a file with a share mode. Passed in an already created files_struct *.
1399 ****************************************************************************/
1400 
1401 static NTSTATUS open_file_ntcreate(connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
1402                             struct smb_request *req,
1403                             const char *fname,
1404                             SMB_STRUCT_STAT *psbuf,
1405                             uint32 access_mask,         /* access bits (FILE_READ_DATA etc.) */
1406                             uint32 share_access,        /* share constants (FILE_SHARE_READ etc) */
1407                             uint32 create_disposition,  /* FILE_OPEN_IF etc. */
1408                             uint32 create_options,      /* options such as delete on close. */
1409                             uint32 new_dos_attributes,  /* attributes used for new file. */
1410                             int oplock_request,         /* internal Samba oplock codes. */
1411                                                         /* Information (FILE_EXISTS etc.) */
1412                             int *pinfo,
1413                             files_struct *fsp)
1414 {
1415         int flags=0;
1416         int flags2=0;
1417         bool file_existed = VALID_STAT(*psbuf);
1418         bool def_acl = False;
1419         bool posix_open = False;
1420         bool new_file_created = False;
1421         bool clear_ads = false;
1422         struct file_id id;
1423         NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1424         mode_t new_unx_mode = (mode_t)0;
1425         mode_t unx_mode = (mode_t)0;
1426         int info;
1427         uint32 existing_dos_attributes = 0;
1428         struct pending_message_list *pml = NULL;
1429         struct timeval request_time = timeval_zero();
1430         struct share_mode_lock *lck = NULL;
1431         uint32 open_access_mask = access_mask;
1432         NTSTATUS status;
1433         int ret_flock;
1434         char *parent_dir;
1435         const char *newname;
1436 
1437         ZERO_STRUCT(id);
1438 
1439         if (conn->printer) {
1440                 /*
1441                  * Printers are handled completely differently.
1442                  * Most of the passed parameters are ignored.
1443                  */
1444 
1445                 if (pinfo) {
1446                         *pinfo = FILE_WAS_CREATED;
1447                 }
1448 
1449                 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1450 
1451                 return print_fsp_open(req, conn, fname, req->vuid, fsp, psbuf);
1452         }
1453 
1454         if (!parent_dirname(talloc_tos(), fname, &parent_dir, &newname)) {
1455                 return NT_STATUS_NO_MEMORY;
1456         }
1457 
1458         if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1459                 posix_open = True;
1460                 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1461                 new_dos_attributes = 0;
1462         } else {
1463                 /* We add aARCH to this as this mode is only used if the file is
1464                  * created new. */
1465                 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1466                                      parent_dir);
1467         }
1468 
1469         DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1470                    "access_mask=0x%x share_access=0x%x "
1471                    "create_disposition = 0x%x create_options=0x%x "
1472                    "unix mode=0%o oplock_request=%d\n",
1473                    fname, new_dos_attributes, access_mask, share_access,
1474                    create_disposition, create_options, (unsigned int)unx_mode,
1475                    oplock_request));
1476 
1477         if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1478                 DEBUG(0, ("No smb request but not an internal only open!\n"));
1479                 return NT_STATUS_INTERNAL_ERROR;
1480         }
1481 
1482         /*
1483          * Only non-internal opens can be deferred at all
1484          */
1485 
1486         if ((req != NULL)
1487             && ((pml = get_open_deferred_message(req->mid)) != NULL)) {
1488                 struct deferred_open_record *state =
1489                         (struct deferred_open_record *)pml->private_data.data;
1490 
1491                 /* Remember the absolute time of the original
1492                    request with this mid. We'll use it later to
1493                    see if this has timed out. */
1494 
1495                 request_time = pml->request_time;
1496 
1497                 /* Remove the deferred open entry under lock. */
1498                 lck = get_share_mode_lock(talloc_tos(), state->id, NULL, NULL,
1499                                           NULL);
1500                 if (lck == NULL) {
1501                         DEBUG(0, ("could not get share mode lock\n"));
1502                 } else {
1503                         del_deferred_open_entry(lck, req->mid);
1504                         TALLOC_FREE(lck);
1505                 }
1506 
1507                 /* Ensure we don't reprocess this message. */
1508                 remove_deferred_open_smb_message(req->mid);
1509         }
1510 
1511         status = check_name(conn, fname);
1512         if (!NT_STATUS_IS_OK(status)) {
1513                 return status;
1514         }
1515 
1516         if (!posix_open) {
1517                 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1518                 if (file_existed) {
1519                         existing_dos_attributes = dos_mode(conn, fname, psbuf);
1520                 }
1521         }
1522 
1523         /* ignore any oplock requests if oplocks are disabled */
1524         if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1525             IS_VETO_OPLOCK_PATH(conn, fname)) {
1526                 /* Mask off everything except the private Samba bits. */
1527                 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1528         }
1529 
1530         /* this is for OS/2 long file names - say we don't support them */
1531         if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1532                 /* OS/2 Workplace shell fix may be main code stream in a later
1533                  * release. */
1534                 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1535                          "supported.\n"));
1536                 if (use_nt_status()) {
1537                         return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1538                 }
1539                 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1540         }
1541 
1542         switch( create_disposition ) {
1543                 /*
1544                  * Currently we're using FILE_SUPERSEDE as the same as
1545                  * FILE_OVERWRITE_IF but they really are
1546                  * different. FILE_SUPERSEDE deletes an existing file
1547                  * (requiring delete access) then recreates it.
1548                  */
1549                 case FILE_SUPERSEDE:
1550                         /* If file exists replace/overwrite. If file doesn't
1551                          * exist create. */
1552                         flags2 |= (O_CREAT | O_TRUNC);
1553                         clear_ads = true;
1554                         break;
1555 
1556                 case FILE_OVERWRITE_IF:
1557                         /* If file exists replace/overwrite. If file doesn't
1558                          * exist create. */
1559                         flags2 |= (O_CREAT | O_TRUNC);
1560                         clear_ads = true;
1561                         break;
1562 
1563                 case FILE_OPEN:
1564                         /* If file exists open. If file doesn't exist error. */
1565                         if (!file_existed) {
1566                                 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1567                                          "requested for file %s and file "
1568                                          "doesn't exist.\n", fname ));
1569                                 errno = ENOENT;
1570                                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1571                         }
1572                         break;
1573 
1574                 case FILE_OVERWRITE:
1575                         /* If file exists overwrite. If file doesn't exist
1576                          * error. */
1577                         if (!file_existed) {
1578                                 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1579                                          "requested for file %s and file "
1580                                          "doesn't exist.\n", fname ));
1581                                 errno = ENOENT;
1582                                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1583                         }
1584                         flags2 |= O_TRUNC;
1585                         clear_ads = true;
1586                         break;
1587 
1588                 case FILE_CREATE:
1589                         /* If file exists error. If file doesn't exist
1590                          * create. */
1591                         if (file_existed) {
1592                                 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1593                                          "requested for file %s and file "
1594                                          "already exists.\n", fname ));
1595                                 if (S_ISDIR(psbuf->st_mode)) {
1596                                         errno = EISDIR;
1597                                 } else {
1598                                         errno = EEXIST;
1599                                 }
1600                                 return map_nt_error_from_unix(errno);
1601                         }
1602                         flags2 |= (O_CREAT|O_EXCL);
1603                         break;
1604 
1605                 case FILE_OPEN_IF:
1606                         /* If file exists open. If file doesn't exist
1607                          * create. */
1608                         flags2 |= O_CREAT;
1609                         break;
1610 
1611                 default:
1612                         return NT_STATUS_INVALID_PARAMETER;
1613         }
1614 
1615         /* We only care about matching attributes on file exists and
1616          * overwrite. */
1617 
1618         if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1619                              (create_disposition == FILE_OVERWRITE_IF))) {
1620                 if (!open_match_attributes(conn, fname,
1621                                            existing_dos_attributes,
1622                                            new_dos_attributes, psbuf->st_mode,
1623                                            unx_mode, &new_unx_mode)) {
1624                         DEBUG(5,("open_file_ntcreate: attributes missmatch "
1625                                  "for file %s (%x %x) (0%o, 0%o)\n",
1626                                  fname, existing_dos_attributes,
1627                                  new_dos_attributes,
1628                                  (unsigned int)psbuf->st_mode,
1629                                  (unsigned int)unx_mode ));
1630                         errno = EACCES;
1631                         return NT_STATUS_ACCESS_DENIED;
1632                 }
1633         }
1634 
1635         status = calculate_access_mask(conn, fname, file_existed,
1636                                         access_mask,
1637                                         &access_mask); 
1638         if (!NT_STATUS_IS_OK(status)) {
1639                 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1640                         "on file %s returned %s\n",
1641                         fname,
1642                         nt_errstr(status)));
1643                 return status;
1644         }
1645 
1646         open_access_mask = access_mask;
1647 
1648         if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1649                 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1650         }
1651 
1652         DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1653                    "access_mask=0x%x\n", fname, access_mask ));
1654 
1655         /*
1656          * Note that we ignore the append flag as append does not
1657          * mean the same thing under DOS and Unix.
1658          */
1659 
1660         if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1661                         (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1662                 /* DENY_DOS opens are always underlying read-write on the
1663                    file handle, no matter what the requested access mask
1664                     says. */
1665                 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1666                         access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1667                         flags = O_RDWR;
1668                 } else {
1669                         flags = O_WRONLY;
1670                 }
1671         } else {
1672                 flags = O_RDONLY;
1673         }
1674 
1675         /*
1676          * Currently we only look at FILE_WRITE_THROUGH for create options.
1677          */
1678 
1679 #if defined(O_SYNC)
1680         if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1681                 flags2 |= O_SYNC;
1682         }
1683 #endif /* O_SYNC */
1684 
1685         if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1686                 flags2 |= O_APPEND;
1687         }
1688 
1689         if (!posix_open && !CAN_WRITE(conn)) {
1690                 /*
1691                  * We should really return a permission denied error if either
1692                  * O_CREAT or O_TRUNC are set, but for compatibility with
1693                  * older versions of Samba we just AND them out.
1694                  */
1695                 flags2 &= ~(O_CREAT|O_TRUNC);
1696         }
1697 
1698         /*
1699          * Ensure we can't write on a read-only share or file.
1700          */
1701 
1702         if (flags != O_RDONLY && file_existed &&
1703             (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1704                 DEBUG(5,("open_file_ntcreate: write access requested for "
1705                          "file %s on read only %s\n",
1706                          fname, !CAN_WRITE(conn) ? "share" : "file" ));
1707                 errno = EACCES;
1708                 return NT_STATUS_ACCESS_DENIED;
1709         }
1710 
1711         fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
1712         fsp->share_access = share_access;
1713         fsp->fh->private_options = create_options;
1714         fsp->access_mask = open_access_mask; /* We change this to the
1715                                               * requested access_mask after
1716                                               * the open is done. */
1717         fsp->posix_open = posix_open;
1718 
1719         /* Ensure no SAMBA_PRIVATE bits can be set. */
1720         fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1721 
1722         if (timeval_is_zero(&request_time)) {
1723                 request_time = fsp->open_time;
1724         }
1725 
1726         if (file_existed) {
1727                 struct timespec old_write_time = get_mtimespec(psbuf);
1728                 id = vfs_file_id_from_sbuf(conn, psbuf);
1729 
1730                 lck = get_share_mode_lock(talloc_tos(), id,
1731                                           conn->connectpath,
1732                                           fname, &old_write_time);
1733 
1734                 if (lck == NULL) {
1735                         DEBUG(0, ("Could not get share mode lock\n"));
1736                         return NT_STATUS_SHARING_VIOLATION;
1737                 }
1738 
1739                 /* First pass - send break only on batch oplocks. */
1740                 if ((req != NULL)
1741                     && delay_for_oplocks(lck, fsp, req->mid, 1,
1742                                          oplock_request)) {
1743                         schedule_defer_open(lck, request_time, req);
1744                         TALLOC_FREE(lck);
1745                         return NT_STATUS_SHARING_VIOLATION;
1746                 }
1747 
1748                 /* Use the client requested access mask here, not the one we
1749                  * open with. */
1750                 status = open_mode_check(conn, fname, lck,
1751                                          access_mask, share_access,
1752                                          create_options, &file_existed);
1753 
1754                 if (NT_STATUS_IS_OK(status)) {
1755                         /* We might be going to allow this open. Check oplock
1756                          * status again. */
1757                         /* Second pass - send break for both batch or
1758                          * exclusive oplocks. */
1759                         if ((req != NULL)
1760                              && delay_for_oplocks(lck, fsp, req->mid, 2,
1761                                                   oplock_request)) {
1762                                 schedule_defer_open(lck, request_time, req);
1763                                 TALLOC_FREE(lck);
1764                                 return NT_STATUS_SHARING_VIOLATION;
1765                         }
1766                 }
1767 
1768                 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1769                         /* DELETE_PENDING is not deferred for a second */
1770                         TALLOC_FREE(lck);
1771                         return status;
1772                 }
1773 
1774                 if (!NT_STATUS_IS_OK(status)) {
1775                         uint32 can_access_mask;
1776                         bool can_access = True;
1777 
1778                         SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1779 
1780                         /* Check if this can be done with the deny_dos and fcb
1781                          * calls. */
1782                         if (create_options &
1783                             (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1784                              NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1785                                 if (req == NULL) {
1786                                         DEBUG(0, ("DOS open without an SMB "
1787                                                   "request!\n"));
1788                                         TALLOC_FREE(lck);
1789                                         return NT_STATUS_INTERNAL_ERROR;
1790                                 }
1791 
1792                                 /* Use the client requested access mask here,
1793                                  * not the one we open with. */
1794                                 status = fcb_or_dos_open(req,
1795                                                         conn,
1796                                                         fsp,
1797                                                         fname,
1798                                                         id,
1799                                                         req->smbpid,
1800                                                         req->vuid,
1801                                                         access_mask,
1802                                                         share_access,
1803                                                         create_options);
1804 
1805                                 if (NT_STATUS_IS_OK(status)) {
1806                                         TALLOC_FREE(lck);
1807                                         if (pinfo) {
1808                                                 *pinfo = FILE_WAS_OPENED;
1809                                         }
1810                                         return NT_STATUS_OK;
1811                                 }
1812                         }
1813 
1814                         /*
1815                          * This next line is a subtlety we need for
1816                          * MS-Access. If a file open will fail due to share
1817                          * permissions and also for security (access) reasons,
1818                          * we need to return the access failed error, not the
1819                          * share error. We can't open the file due to kernel
1820                          * oplock deadlock (it's possible we failed above on
1821                          * the open_mode_check()) so use a userspace check.
1822                          */
1823 
1824                         if (flags & O_RDWR) {
1825                                 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1826                         } else if (flags & O_WRONLY) {
1827                                 can_access_mask = FILE_WRITE_DATA;
1828                         } else {
1829                                 can_access_mask = FILE_READ_DATA;
1830                         }
1831 
1832                         if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1833                             !can_access_file_data(conn,fname,psbuf,can_access_mask)) {
1834                                 can_access = False;
1835                         }
1836 
1837                         /*
1838                          * If we're returning a share violation, ensure we
1839                          * cope with the braindead 1 second delay.
1840                          */
1841 
1842                         if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1843                             lp_defer_sharing_violations()) {
1844                                 struct timeval timeout;
1845                                 struct deferred_open_record state;
1846                                 int timeout_usecs;
1847 
1848                                 /* this is a hack to speed up torture tests
1849                                    in 'make test' */
1850                                 timeout_usecs = lp_parm_int(SNUM(conn),
1851                                                             "smbd","sharedelay",
1852                                                             SHARING_VIOLATION_USEC_WAIT);
1853 
1854                                 /* This is a relative time, added to the absolute
1855                                    request_time value to get the absolute timeout time.
1856                                    Note that if this is the second or greater time we enter
1857                                    this codepath for this particular request mid then
1858                                    request_time is left as the absolute time of the *first*
1859                                    time this request mid was processed. This is what allows
1860                                    the request to eventually time out. */
1861 
1862                                 timeout = timeval_set(0, timeout_usecs);
1863 
1864                                 /* Nothing actually uses state.delayed_for_oplocks
1865                                    but it's handy to differentiate in debug messages
1866                                    between a 30 second delay due to oplock break, and
1867                                    a 1 second delay for share mode conflicts. */
1868 
1869                                 state.delayed_for_oplocks = False;
1870                                 state.id = id;
1871 
1872                                 if ((req != NULL)
1873                                     && !request_timed_out(request_time,
1874                                                           timeout)) {
1875                                         defer_open(lck, request_time, timeout,
1876                                                    req, &state);
1877                                 }
1878                         }
1879 
1880                         TALLOC_FREE(lck);
1881                         if (can_access) {
1882                                 /*
1883                                  * We have detected a sharing violation here
1884                                  * so return the correct error code
1885                                  */
1886                                 status = NT_STATUS_SHARING_VIOLATION;
1887                         } else {
1888                                 status = NT_STATUS_ACCESS_DENIED;
1889                         }
1890                         return status;
1891                 }
1892 
1893                 /*
1894                  * We exit this block with the share entry *locked*.....
1895                  */
1896         }
1897 
1898         SMB_ASSERT(!file_existed || (lck != NULL));
1899 
1900         /*
1901          * Ensure we pay attention to default ACLs on directories if required.
1902          */
1903 
1904         if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1905             (def_acl = directory_has_default_acl(conn, parent_dir))) {
1906                 unx_mode = 0777;
1907         }
1908 
1909         DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1910                 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1911                  (unsigned int)flags, (unsigned int)flags2,
1912                  (unsigned int)unx_mode, (unsigned int)access_mask,
1913                  (unsigned int)open_access_mask));
1914 
1915         /*
1916          * open_file strips any O_TRUNC flags itself.
1917          */
1918 
1919         fsp_open = open_file(fsp, conn, req, parent_dir, newname, fname, psbuf,
1920                              flags|flags2, unx_mode, access_mask,
1921                              open_access_mask);
1922 
1923         if (!NT_STATUS_IS_OK(fsp_open)) {
1924                 if (lck != NULL) {
1925                         TALLOC_FREE(lck);
1926                 }
1927                 return fsp_open;
1928         }
1929 
1930         if (!file_existed) {
1931                 struct timespec old_write_time = get_mtimespec(psbuf);
1932                 /*
1933                  * Deal with the race condition where two smbd's detect the
1934                  * file doesn't exist and do the create at the same time. One
1935                  * of them will win and set a share mode, the other (ie. this
1936                  * one) should check if the requested share mode for this
1937                  * create is allowed.
1938                  */
1939 
1940                 /*
1941                  * Now the file exists and fsp is successfully opened,
1942                  * fsp->dev and fsp->inode are valid and should replace the
1943                  * dev=0,inode=0 from a non existent file. Spotted by
1944                  * Nadav Danieli <nadavd@exanet.com>. JRA.
1945                  */
1946 
1947                 id = fsp->file_id;
1948 
1949                 lck = get_share_mode_lock(talloc_tos(), id,
1950                                           conn->connectpath,
1951                                           fname, &old_write_time);
1952 
1953                 if (lck == NULL) {
1954                         DEBUG(0, ("open_file_ntcreate: Could not get share "
1955                                   "mode lock for %s\n", fname));
1956                         fd_close(fsp);
1957                         return NT_STATUS_SHARING_VIOLATION;
1958                 }
1959 
1960                 /* First pass - send break only on batch oplocks. */
1961                 if ((req != NULL)
1962                     && delay_for_oplocks(lck, fsp, req->mid, 1,
1963                                          oplock_request)) {
1964                         schedule_defer_open(lck, request_time, req);
1965                         TALLOC_FREE(lck);
1966                         fd_close(fsp);
1967                         return NT_STATUS_SHARING_VIOLATION;
1968                 }
1969 
1970                 status = open_mode_check(conn, fname, lck,
1971                                          access_mask, share_access,
1972                                          create_options, &file_existed);
1973 
1974                 if (NT_STATUS_IS_OK(status)) {
1975                         /* We might be going to allow this open. Check oplock
1976                          * status again. */
1977                         /* Second pass - send break for both batch or
1978                          * exclusive oplocks. */
1979                         if ((req != NULL)
1980                             && delay_for_oplocks(lck, fsp, req->mid, 2,
1981                                                  oplock_request)) {
1982                                 schedule_defer_open(lck, request_time, req);
1983                                 TALLOC_FREE(lck);
1984                                 fd_close(fsp);
1985                                 return NT_STATUS_SHARING_VIOLATION;
1986                         }
1987                 }
1988 
1989                 if (!NT_STATUS_IS_OK(status)) {
1990                         struct deferred_open_record state;
1991 
1992                         fd_close(fsp);
1993 
1994                         state.delayed_for_oplocks = False;
1995                         state.id = id;
1996 
1997                         /* Do it all over again immediately. In the second
1998                          * round we will find that the file existed and handle
1999                          * the DELETE_PENDING and FCB cases correctly. No need
2000                          * to duplicate the code here. Essentially this is a
2001                          * "goto top of this function", but don't tell
2002                          * anybody... */
2003 
2004                         if (req != NULL) {
2005                                 defer_open(lck, request_time, timeval_zero(),
2006                                            req, &state);
2007                         }
2008                         TALLOC_FREE(lck);
2009                         return status;
2010                 }
2011 
2012                 /*
2013                  * We exit this block with the share entry *locked*.....
2014                  */
2015 
2016         }
2017 
2018         SMB_ASSERT(lck != NULL);
2019 
2020         /* Delete streams if create_disposition requires it */
2021         if (file_existed && clear_ads && !is_ntfs_stream_name(fname)) {
2022                 status = delete_all_streams(conn, fname);
2023                 if (!NT_STATUS_IS_OK(status)) {
2024                         TALLOC_FREE(lck);
2025                         fd_close(fsp);
2026                         return status;
2027                 }
2028         }
2029 
2030         /* note that we ignore failure for the following. It is
2031            basically a hack for NFS, and NFS will never set one of
2032            these only read them. Nobody but Samba can ever set a deny
2033            mode and we have already checked our more authoritative
2034            locking database for permission to set this deny mode. If
2035            the kernel refuses the operations then the kernel is wrong.
2036            note that GPFS supports it as well - jmcd */
2037 
2038         if (fsp->fh->fd != -1) {
2039                 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access);
2040                 if(ret_flock == -1 ){
2041 
2042                         TALLOC_FREE(lck);
2043                         fd_close(fsp);
2044 
2045                         return NT_STATUS_SHARING_VIOLATION;
2046                 }
2047         }
2048 
2049         /*
2050          * At this point onwards, we can guarentee that the share entry
2051          * is locked, whether we created the file or not, and that the
2052          * deny mode is compatible with all current opens.
2053          */
2054 
2055         /*
2056          * If requested, truncate the file.
2057          */
2058 
2059         if (flags2&O_TRUNC) {
2060                 /*
2061                  * We are modifing the file after open - update the stat
2062                  * struct..
2063                  */
2064                 if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2065                     (SMB_VFS_FSTAT(fsp, psbuf)==-1)) {
2066                         status = map_nt_error_from_unix(errno);
2067                         TALLOC_FREE(lck);
2068                         fd_close(fsp);
2069                         return status;
2070                 }
2071         }
2072 
2073         /* Record the options we were opened with. */
2074         fsp->share_access = share_access;
2075         fsp->fh->private_options = create_options;
2076         /*
2077          * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2078          */
2079         fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2080 
2081         if (file_existed) {
2082                 /* stat opens on existing files don't get oplocks. */
2083                 if (is_stat_open(open_access_mask)) {
2084                         fsp->oplock_type = NO_OPLOCK;
2085                 }
2086 
2087                 if (!(flags2 & O_TRUNC)) {
2088                         info = FILE_WAS_OPENED;
2089                 } else {
2090                         info = FILE_WAS_OVERWRITTEN;
2091                 }
2092         } else {
2093                 info = FILE_WAS_CREATED;
2094         }
2095 
2096         if (pinfo) {
2097                 *pinfo = info;
2098         }
2099 
2100         /*
2101          * Setup the oplock info in both the shared memory and
2102          * file structs.
2103          */
2104 
2105         if (!set_file_oplock(fsp, fsp->oplock_type)) {
2106                 /* Could not get the kernel oplock */
2107                 fsp->oplock_type = NO_OPLOCK;
2108         }
2109 
2110         if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2111                 new_file_created = True;
2112         }
2113 
2114         set_share_mode(lck, fsp, conn->server_info->utok.uid, 0,
2115                        fsp->oplock_type);
2116 
2117         /* Handle strange delete on close create semantics. */
2118         if (create_options & FILE_DELETE_ON_CLOSE) {
2119 
2120                 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
2121 
2122                 if (!NT_STATUS_IS_OK(status)) {
2123                         /* Remember to delete the mode we just added. */
2124                         del_share_mode(lck, fsp);
2125                         TALLOC_FREE(lck);
2126                         fd_close(fsp);
2127                         return status;
2128                 }
2129                 /* Note that here we set the *inital* delete on close flag,
2130                    not the regular one. The magic gets handled in close. */
2131                 fsp->initial_delete_on_close = True;
2132         }
2133 
2134         if (new_file_created) {
2135                 /* Files should be initially set as archive */
2136                 if (lp_map_archive(SNUM(conn)) ||
2137                     lp_store_dos_attributes(SNUM(conn))) {
2138                         if (!posix_open) {
2139                                 SMB_STRUCT_STAT tmp_sbuf;
2140                                 SET_STAT_INVALID(tmp_sbuf);
2141                                 if (file_set_dosmode(
2142                                             conn, fname,
2143                                             new_dos_attributes | aARCH,
2144                                             &tmp_sbuf, parent_dir,
2145                                             true) == 0) {
2146                                         unx_mode = tmp_sbuf.st_mode;
2147                                 }
2148                         }
2149                 }
2150         }
2151 
2152         /*
2153          * Take care of inherited ACLs on created files - if default ACL not
2154          * selected.
2155          */
2156 
2157         if (!posix_open && !file_existed && !def_acl) {
2158 
2159                 int saved_errno = errno; /* We might get ENOSYS in the next
2160                                           * call.. */
2161 
2162                 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2163                     errno == ENOSYS) {
2164                         errno = saved_errno; /* Ignore ENOSYS */
2165                 }
2166 
2167         } else if (new_unx_mode) {
2168 
2169                 int ret = -1;
2170 
2171                 /* Attributes need changing. File already existed. */
2172 
2173                 {
2174                         int saved_errno = errno; /* We might get ENOSYS in the
2175                                                   * next call.. */
2176                         ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2177 
2178                         if (ret == -1 && errno == ENOSYS) {
2179                                 errno = saved_errno; /* Ignore ENOSYS */
2180                         } else {
2181                                 DEBUG(5, ("open_file_ntcreate: reset "
2182                                           "attributes of file %s to 0%o\n",
2183                                           fname, (unsigned int)new_unx_mode));
2184                                 ret = 0; /* Don't do the fchmod below. */
2185                         }
2186                 }
2187 
2188                 if ((ret == -1) &&
2189                     (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2190                         DEBUG(5, ("open_file_ntcreate: failed to reset "
2191                                   "attributes of file %s to 0%o\n",
2192                                   fname, (unsigned int)new_unx_mode));
2193         }
2194 
2195         /* If this is a successful open, we must remove any deferred open
2196          * records. */
2197         if (req != NULL) {
2198                 del_deferred_open_entry(lck, req->mid);
2199         }
2200         TALLOC_FREE(lck);
2201 
2202         return NT_STATUS_OK;
2203 }
2204 
2205 
2206 /****************************************************************************
2207  Open a file for for write to ensure that we can fchmod it.
2208 ****************************************************************************/
2209 
2210 NTSTATUS open_file_fchmod(struct smb_request *req, connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
2211                           const char *fname,
2212                           SMB_STRUCT_STAT *psbuf, files_struct **result)
2213 {
2214         files_struct *fsp = NULL;
2215         NTSTATUS status;
2216 
2217         if (!VALID_STAT(*psbuf)) {
2218                 return NT_STATUS_INVALID_PARAMETER;
2219         }
2220 
2221         status = file_new(req, conn, &fsp);
2222         if(!NT_STATUS_IS_OK(status)) {
2223                 return status;
2224         }
2225 
2226         status = SMB_VFS_CREATE_FILE(
2227                 conn,                                   /* conn */
2228                 NULL,                                   /* req */
2229                 0,                                      /* root_dir_fid */
2230                 fname,                                  /* fname */
2231                 0,                                      /* create_file_flags */
2232                 FILE_WRITE_DATA,                        /* access_mask */
2233                 (FILE_SHARE_READ | FILE_SHARE_WRITE |   /* share_access */
2234                     FILE_SHARE_DELETE),
2235                 FILE_OPEN,                              /* create_disposition*/
2236                 0,                                      /* create_options */
2237                 0,                                      /* file_attributes */
2238                 0,                                      /* oplock_request */
2239                 0,                                      /* allocation_size */
2240                 NULL,                                   /* sd */
2241                 NULL,                                   /* ea_list */
2242                 &fsp,                                   /* result */
2243                 NULL,                                   /* pinfo */
2244                 psbuf);                                 /* psbuf */
2245 
2246         /*
2247          * This is not a user visible file open.
2248          * Don't set a share mode.
2249          */
2250 
2251         if (!NT_STATUS_IS_OK(status)) {
2252                 file_free(req, fsp);
2253                 return status;
2254         }
2255 
2256         *result = fsp;
2257         return NT_STATUS_OK;
2258 }
2259 
2260 /****************************************************************************
2261  Close the fchmod file fd - ensure no locks are lost.
2262 ****************************************************************************/
2263 
2264 NTSTATUS close_file_fchmod(struct smb_request *req, files_struct *fsp)
     /* [<][>][^][v][top][bottom][index][help] */
2265 {
2266         NTSTATUS status = fd_close(fsp);
2267         file_free(req, fsp);
2268         return status;
2269 }
2270 
2271 static NTSTATUS mkdir_internal(connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
2272                                 const char *name,
2273                                 uint32 file_attributes,
2274                                 SMB_STRUCT_STAT *psbuf)
2275 {
2276         mode_t mode;
2277         char *parent_dir;
2278         const char *dirname;
2279         NTSTATUS status;
2280         bool posix_open = false;
2281 
2282         if(!CAN_WRITE(conn)) {
2283                 DEBUG(5,("mkdir_internal: failing create on read-only share "
2284                          "%s\n", lp_servicename(SNUM(conn))));
2285                 return NT_STATUS_ACCESS_DENIED;
2286         }
2287 
2288         status = check_name(conn, name);
2289         if (!NT_STATUS_IS_OK(status)) {
2290                 return status;
2291         }
2292 
2293         if (!parent_dirname(talloc_tos(), name, &parent_dir, &dirname)) {
2294                 return NT_STATUS_NO_MEMORY;
2295         }
2296 
2297         if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2298                 posix_open = true;
2299                 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2300         } else {
2301                 mode = unix_mode(conn, aDIR, name, parent_dir);
2302         }
2303 
2304         if (SMB_VFS_MKDIR(conn, name, mode) != 0) {
2305                 return map_nt_error_from_unix(errno);
2306         }
2307 
2308         /* Ensure we're checking for a symlink here.... */
2309         /* We don't want to get caught by a symlink racer. */
2310 
2311         if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
2312                 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2313                           name, strerror(errno)));
2314                 return map_nt_error_from_unix(errno);
2315         }
2316 
2317         if (!S_ISDIR(psbuf->st_mode)) {
2318                 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2319                           name));
2320                 return NT_STATUS_ACCESS_DENIED;
2321         }
2322 
2323         if (lp_store_dos_attributes(SNUM(conn))) {
2324                 if (!posix_open) {
2325                         file_set_dosmode(conn, name,
2326                                  file_attributes | aDIR, NULL,
2327                                  parent_dir,
2328                                  true);
2329                 }
2330         }
2331 
2332         if (lp_inherit_perms(SNUM(conn))) {
2333                 inherit_access_posix_acl(conn, parent_dir, name, mode);
2334         }
2335 
2336         if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
2337                 /*
2338                  * Check if high bits should have been set,
2339                  * then (if bits are missing): add them.
2340                  * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2341                  * dir.
2342                  */
2343                 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
2344                         SMB_VFS_CHMOD(conn, name,
2345                                       psbuf->st_mode | (mode & ~psbuf->st_mode));
2346                 }
2347         }
2348 
2349         /* Change the owner if required. */
2350         if (lp_inherit_owner(SNUM(conn))) {
2351                 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
2352         }
2353 
2354         notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2355                      name);
2356 
2357         return NT_STATUS_OK;
2358 }
2359 
2360 /****************************************************************************
2361  Open a directory from an NT SMB call.
2362 ****************************************************************************/
2363 
2364 static NTSTATUS open_directory(connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
2365                                struct smb_request *req,
2366                                const char *fname,
2367                                SMB_STRUCT_STAT *psbuf,
2368                                uint32 access_mask,
2369                                uint32 share_access,
2370                                uint32 create_disposition,
2371                                uint32 create_options,
2372                                uint32 file_attributes,
2373                                int *pinfo,
2374                                files_struct **result)
2375 {
2376         files_struct *fsp = NULL;
2377         bool dir_existed = VALID_STAT(*psbuf) ? True : False;
2378         struct share_mode_lock *lck = NULL;
2379         NTSTATUS status;
2380         struct timespec mtimespec;
2381         int info = 0;
2382 
2383         DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2384                  "share_access = 0x%x create_options = 0x%x, "
2385                  "create_disposition = 0x%x, file_attributes = 0x%x\n",
2386                  fname,
2387                  (unsigned int)access_mask,
2388                  (unsigned int)share_access,
2389                  (unsigned int)create_options,
2390                  (unsigned int)create_disposition,
2391                  (unsigned int)file_attributes));
2392 
2393         if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2394                         (conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2395                         is_ntfs_stream_name(fname)) {
2396                 DEBUG(2, ("open_directory: %s is a stream name!\n", fname));
2397                 return NT_STATUS_NOT_A_DIRECTORY;
2398         }
2399 
2400         status = calculate_access_mask(conn, fname, dir_existed,
2401                                         access_mask,
2402                                         &access_mask); 
2403         if (!NT_STATUS_IS_OK(status)) {
2404                 DEBUG(10, ("open_directory: calculate_access_mask "
2405                         "on file %s returned %s\n",
2406                         fname,
2407                         nt_errstr(status)));
2408                 return status;
2409         }
2410 
2411         /* We need to support SeSecurityPrivilege for this. */
2412         if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
2413                 DEBUG(10, ("open_directory: open on %s "
2414                         "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2415                         fname));
2416                 return NT_STATUS_PRIVILEGE_NOT_HELD;
2417         }
2418 
2419         switch( create_disposition ) {
2420                 case FILE_OPEN:
2421 
2422                         info = FILE_WAS_OPENED;
2423 
2424                         /*
2425                          * We want to follow symlinks here.
2426                          */
2427 
2428                         if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
2429                                 return map_nt_error_from_unix(errno);
2430                         }
2431                                 
2432                         break;
2433 
2434                 case FILE_CREATE:
2435 
2436                         /* If directory exists error. If directory doesn't
2437                          * exist create. */
2438 
2439                         status = mkdir_internal(conn,
2440                                                 fname,
2441                                                 file_attributes,
2442                                                 psbuf);
2443 
2444                         if (!NT_STATUS_IS_OK(status)) {
2445                                 DEBUG(2, ("open_directory: unable to create "
2446                                           "%s. Error was %s\n", fname,
2447                                           nt_errstr(status)));
2448                                 return status;
2449                         }
2450 
2451                         info = FILE_WAS_CREATED;
2452                         break;
2453 
2454                 case FILE_OPEN_IF:
2455                         /*
2456                          * If directory exists open. If directory doesn't
2457                          * exist create.
2458                          */
2459 
2460                         status = mkdir_internal(conn,
2461                                                 fname,
2462                                                 file_attributes,
2463                                                 psbuf);
2464 
2465                         if (NT_STATUS_IS_OK(status)) {
2466                                 info = FILE_WAS_CREATED;
2467                         }
2468 
2469                         if (NT_STATUS_EQUAL(status,
2470                                             NT_STATUS_OBJECT_NAME_COLLISION)) {
2471                                 info = FILE_WAS_OPENED;
2472                                 status = NT_STATUS_OK;
2473                         }
2474                                 
2475                         break;
2476 
2477                 case FILE_SUPERSEDE:
2478                 case FILE_OVERWRITE:
2479                 case FILE_OVERWRITE_IF:
2480                 default:
2481                         DEBUG(5,("open_directory: invalid create_disposition "
2482                                  "0x%x for directory %s\n",
2483                                  (unsigned int)create_disposition, fname));
2484                         return NT_STATUS_INVALID_PARAMETER;
2485         }
2486 
2487         if(!S_ISDIR(psbuf->st_mode)) {
2488                 DEBUG(5,("open_directory: %s is not a directory !\n",
2489                          fname ));
2490                 return NT_STATUS_NOT_A_DIRECTORY;
2491         }
2492 
2493         if (info == FILE_WAS_OPENED) {
2494                 uint32_t access_granted = 0;
2495                 status = check_open_rights(conn,
2496                                         fname,
2497                                         access_mask,
2498                                         &access_granted);
2499 
2500                 /* Were we trying to do a directory open
2501                  * for delete and didn't get DELETE
2502                  * access (only) ? Check if the
2503                  * directory allows DELETE_CHILD.
2504                  * See here:
2505                  * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2506                  * for details. */
2507 
2508                 if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2509                                 (access_mask & DELETE_ACCESS) &&
2510                                 (access_granted == DELETE_ACCESS) &&
2511                                 can_delete_file_in_directory(conn, fname))) {
2512                         DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2513                                 "on directory %s\n",
2514                                 fname ));
2515                         status = NT_STATUS_OK;
2516                 }
2517 
2518                 if (!NT_STATUS_IS_OK(status)) {
2519                         DEBUG(10, ("open_directory: check_open_rights on "
2520                                 "file %s failed with %s\n",
2521                                 fname,
2522                                 nt_errstr(status)));
2523                         return status;
2524                 }
2525         }
2526 
2527         status = file_new(req, conn, &fsp);
2528         if(!NT_STATUS_IS_OK(status)) {
2529                 return status;
2530         }
2531 
2532         /*
2533          * Setup the files_struct for it.
2534          */
2535         
2536         fsp->mode = psbuf->st_mode;
2537         fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
2538         fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2539         fsp->file_pid = req ? req->smbpid : 0;
2540         fsp->can_lock = False;
2541         fsp->can_read = False;
2542         fsp->can_write = False;
2543 
2544         fsp->share_access = share_access;
2545         fsp->fh->private_options = create_options;
2546         /*
2547          * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2548          */
2549         fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2550         fsp->print_file = False;
2551         fsp->modified = False;
2552         fsp->oplock_type = NO_OPLOCK;
2553         fsp->sent_oplock_break = NO_BREAK_SENT;
2554         fsp->is_directory = True;
2555         fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2556 
2557         string_set(&fsp->fsp_name,fname);
2558 
2559         mtimespec = get_mtimespec(psbuf);
2560 
2561         lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2562                                   conn->connectpath,
2563                                   fname, &mtimespec);
2564 
2565         if (lck == NULL) {
2566                 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2567                 file_free(req, fsp);
2568                 return NT_STATUS_SHARING_VIOLATION;
2569         }
2570 
2571         status = open_mode_check(conn, fname, lck,
2572                                 access_mask, share_access,
2573                                 create_options, &dir_existed);
2574 
2575         if (!NT_STATUS_IS_OK(status)) {
2576                 TALLOC_FREE(lck);
2577                 file_free(req, fsp);
2578                 return status;
2579         }
2580 
2581         set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK);
2582 
2583         /* For directories the delete on close bit at open time seems
2584            always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2585         if (create_options & FILE_DELETE_ON_CLOSE) {
2586                 status = can_set_delete_on_close(fsp, True, 0);
2587                 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2588                         TALLOC_FREE(lck);
2589                         file_free(req, fsp);
2590                         return status;
2591                 }
2592 
2593                 if (NT_STATUS_IS_OK(status)) {
2594                         /* Note that here we set the *inital* delete on close flag,
2595                            not the regular one. The magic gets handled in close. */
2596                         fsp->initial_delete_on_close = True;
2597                 }
2598         }
2599 
2600         TALLOC_FREE(lck);
2601 
2602         if (pinfo) {
2603                 *pinfo = info;
2604         }
2605 
2606         *result = fsp;
2607         return NT_STATUS_OK;
2608 }
2609 
2610 NTSTATUS create_directory(connection_struct *conn, struct smb_request *req, const char *directory)
     /* [<][>][^][v][top][bottom][index][help] */
2611 {
2612         NTSTATUS status;
2613         SMB_STRUCT_STAT sbuf;
2614         files_struct *fsp;
2615 
2616         SET_STAT_INVALID(sbuf);
2617         
2618         status = SMB_VFS_CREATE_FILE(
2619                 conn,                                   /* conn */
2620                 req,                                    /* req */
2621                 0,                                      /* root_dir_fid */
2622                 directory,                              /* fname */
2623                 0,                                      /* create_file_flags */
2624                 FILE_READ_ATTRIBUTES,                   /* access_mask */
2625                 FILE_SHARE_NONE,                        /* share_access */
2626                 FILE_CREATE,                            /* create_disposition*/
2627                 FILE_DIRECTORY_FILE,                    /* create_options */
2628                 FILE_ATTRIBUTE_DIRECTORY,               /* file_attributes */
2629                 0,                                      /* oplock_request */
2630                 0,                                      /* allocation_size */
2631                 NULL,                                   /* sd */
2632                 NULL,                                   /* ea_list */
2633                 &fsp,                                   /* result */
2634                 NULL,                                   /* pinfo */
2635                 &sbuf);                                 /* psbuf */
2636 
2637         if (NT_STATUS_IS_OK(status)) {
2638                 close_file(req, fsp, NORMAL_CLOSE);
2639         }
2640 
2641         return status;
2642 }
2643 
2644 /****************************************************************************
2645  Receive notification that one of our open files has been renamed by another
2646  smbd process.
2647 ****************************************************************************/
2648 
2649 void msg_file_was_renamed(struct messaging_context *msg,
     /* [<][>][^][v][top][bottom][index][help] */
2650                           void *private_data,
2651                           uint32_t msg_type,
2652                           struct server_id server_id,
2653                           DATA_BLOB *data)
2654 {
2655         files_struct *fsp;
2656         char *frm = (char *)data->data;
2657         struct file_id id;
2658         const char *sharepath;
2659         const char *newname;
2660         size_t sp_len;
2661 
2662         if (data->data == NULL
2663             || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2664                 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2665                           (int)data->length));
2666                 return;
2667         }
2668 
2669         /* Unpack the message. */
2670         pull_file_id_24(frm, &id);
2671         sharepath = &frm[24];
2672         newname = sharepath + strlen(sharepath) + 1;
2673         sp_len = strlen(sharepath);
2674 
2675         DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2676                 "file_id %s\n",
2677                   sharepath, newname, file_id_string_tos(&id)));
2678 
2679         for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) {
2680                 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2681                         DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2682                                 fsp->fnum, fsp->fsp_name, newname ));
2683                         string_set(&fsp->fsp_name, newname);
2684                 } else {
2685                         /* TODO. JRA. */
2686                         /* Now we have the complete path we can work out if this is
2687                            actually within this share and adjust newname accordingly. */
2688                         DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2689                                 "not sharepath %s) "
2690                                 "fnum %d from %s -> %s\n",
2691                                 fsp->conn->connectpath,
2692                                 sharepath,
2693                                 fsp->fnum,
2694                                 fsp->fsp_name,
2695                                 newname ));
2696                 }
2697         }
2698 }
2699 
2700 struct case_semantics_state {
2701         connection_struct *conn;
2702         bool case_sensitive;
2703         bool case_preserve;
2704         bool short_case_preserve;
2705 };
2706 
2707 /****************************************************************************
2708  Restore case semantics.
2709 ****************************************************************************/
2710 static int restore_case_semantics(struct case_semantics_state *state)
     /* [<][>][^][v][top][bottom][index][help] */
2711 {
2712         state->conn->case_sensitive = state->case_sensitive;
2713         state->conn->case_preserve = state->case_preserve;
2714         state->conn->short_case_preserve = state->short_case_preserve;
2715         return 0;
2716 }
2717 
2718 /****************************************************************************
2719  Save case semantics.
2720 ****************************************************************************/
2721 struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
2722                                                       connection_struct *conn)
2723 {
2724         struct case_semantics_state *result;
2725 
2726         if (!(result = talloc(mem_ctx, struct case_semantics_state))) {
2727                 DEBUG(0, ("talloc failed\n"));
2728                 return NULL;
2729         }
2730 
2731         result->conn = conn;
2732         result->case_sensitive = conn->case_sensitive;
2733         result->case_preserve = conn->case_preserve;
2734         result->short_case_preserve = conn->short_case_preserve;
2735 
2736         /* Set to POSIX. */
2737         conn->case_sensitive = True;
2738         conn->case_preserve = True;
2739         conn->short_case_preserve = True;
2740 
2741         talloc_set_destructor(result, restore_case_semantics);
2742 
2743         return result;
2744 }
2745 
2746 /*
2747  * If a main file is opened for delete, all streams need to be checked for
2748  * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2749  * If that works, delete them all by setting the delete on close and close.
2750  */
2751 
2752 NTSTATUS open_streams_for_delete(connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
2753                                         const char *fname)
2754 {
2755         struct stream_struct *stream_info;
2756         files_struct **streams;
2757         int i;
2758         unsigned int num_streams;
2759         TALLOC_CTX *frame = talloc_stackframe();
2760         NTSTATUS status;
2761 
2762         status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2763                                     &num_streams, &stream_info);
2764 
2765         if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2766             || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2767                 DEBUG(10, ("no streams around\n"));
2768                 TALLOC_FREE(frame);
2769                 return NT_STATUS_OK;
2770         }
2771 
2772         if (!NT_STATUS_IS_OK(status)) {
2773                 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2774                            nt_errstr(status)));
2775                 goto fail;
2776         }
2777 
2778         DEBUG(10, ("open_streams_for_delete found %d streams\n",
2779                    num_streams));
2780 
2781         if (num_streams == 0) {
2782                 TALLOC_FREE(frame);
2783                 return NT_STATUS_OK;
2784         }
2785 
2786         streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2787         if (streams == NULL) {
2788                 DEBUG(0, ("talloc failed\n"));
2789                 status = NT_STATUS_NO_MEMORY;
2790                 goto fail;
2791         }
2792 
2793         for (i=0; i<num_streams; i++) {
2794                 char *streamname;
2795 
2796                 if (strequal(stream_info[i].name, "::$DATA")) {
2797                         streams[i] = NULL;
2798                         continue;
2799                 }
2800 
2801                 streamname = talloc_asprintf(talloc_tos(), "%s%s", fname,
2802                                              stream_info[i].name);
2803 
2804                 if (streamname == NULL) {
2805                         DEBUG(0, ("talloc_aprintf failed\n"));
2806                         status = NT_STATUS_NO_MEMORY;
2807                         goto fail;
2808                 }
2809 
2810                 status = SMB_VFS_CREATE_FILE(
2811                          conn,                  /* conn */
2812                          NULL,                  /* req */
2813                          0,                     /* root_dir_fid */
2814                          streamname,            /* fname */
2815                          0,                     /* create_file_flags */
2816                          DELETE_ACCESS,         /* access_mask */
2817                          (FILE_SHARE_READ |     /* share_access */
2818                              FILE_SHARE_WRITE | FILE_SHARE_DELETE),
2819                          FILE_OPEN,             /* create_disposition*/
2820                          NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* create_options */
2821                          FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2822                          0,                     /* oplock_request */
2823                          0,                     /* allocation_size */
2824                          NULL,                  /* sd */
2825                          NULL,                  /* ea_list */
2826                          &streams[i],           /* result */
2827                          NULL,                  /* pinfo */
2828                          NULL);                 /* psbuf */
2829 
2830                 TALLOC_FREE(streamname);
2831 
2832                 if (!NT_STATUS_IS_OK(status)) {
2833                         DEBUG(10, ("Could not open stream %s: %s\n",
2834                                    streamname, nt_errstr(status)));
2835                         break;
2836                 }
2837         }
2838 
2839         /*
2840          * don't touch the variable "status" beyond this point :-)
2841          */
2842 
2843         for (i -= 1 ; i >= 0; i--) {
2844                 if (streams[i] == NULL) {
2845                         continue;
2846                 }
2847 
2848                 DEBUG(10, ("Closing stream # %d, %s\n", i,
2849                            streams[i]->fsp_name));
2850                 close_file(NULL, streams[i], NORMAL_CLOSE);
2851         }
2852 
2853  fail:
2854         TALLOC_FREE(frame);
2855         return status;
2856 }
2857 
2858 /*
2859  * Wrapper around open_file_ntcreate and open_directory
2860  */
2861 
2862 static NTSTATUS create_file_unixpath(connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
2863                                      struct smb_request *req,
2864                                      const char *fname,
2865                                      uint32_t access_mask,
2866                                      uint32_t share_access,
2867                                      uint32_t create_disposition,
2868                                      uint32_t create_options,
2869                                      uint32_t file_attributes,
2870                                      uint32_t oplock_request,
2871                                      uint64_t allocation_size,
2872                                      struct security_descriptor *sd,
2873                                      struct ea_list *ea_list,
2874 
2875                                      files_struct **result,
2876                                      int *pinfo,
2877                                      SMB_STRUCT_STAT *psbuf)
2878 {
2879         SMB_STRUCT_STAT sbuf;
2880         int info = FILE_WAS_OPENED;
2881         files_struct *base_fsp = NULL;
2882         files_struct *fsp = NULL;
2883         NTSTATUS status;
2884 
2885         DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2886                   "file_attributes = 0x%x, share_access = 0x%x, "
2887                   "create_disposition = 0x%x create_options = 0x%x "
2888                   "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, "
2889                   "fname = %s\n",
2890                   (unsigned int)access_mask,
2891                   (unsigned int)file_attributes,
2892                   (unsigned int)share_access,
2893                   (unsigned int)create_disposition,
2894                   (unsigned int)create_options,
2895                   (unsigned int)oplock_request,
2896                   ea_list, sd, fname));
2897 
2898         if (create_options & FILE_OPEN_BY_FILE_ID) {
2899                 status = NT_STATUS_NOT_SUPPORTED;
2900                 goto fail;
2901         }
2902 
2903         if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
2904                 status = NT_STATUS_INVALID_PARAMETER;
2905                 goto fail;
2906         }
2907 
2908         if (req == NULL) {
2909                 oplock_request |= INTERNAL_OPEN_ONLY;
2910         }
2911 
2912         if (psbuf != NULL) {
2913                 sbuf = *psbuf;
2914         }
2915         else {
2916                 if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) {
2917                         SET_STAT_INVALID(sbuf);
2918                 }
2919         }
2920 
2921         if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2922             && (access_mask & DELETE_ACCESS)
2923             && !is_ntfs_stream_name(fname)) {
2924                 /*
2925                  * We can't open a file with DELETE access if any of the
2926                  * streams is open without FILE_SHARE_DELETE
2927                  */
2928                 status = open_streams_for_delete(conn, fname);
2929 
2930                 if (!NT_STATUS_IS_OK(status)) {
2931                         goto fail;
2932                 }
2933         }
2934 
2935         /* This is the correct thing to do (check every time) but can_delete
2936          * is expensive (it may have to read the parent directory
2937          * permissions). So for now we're not doing it unless we have a strong
2938          * hint the client is really going to delete this file. If the client
2939          * is forcing FILE_CREATE let the filesystem take care of the
2940          * permissions. */
2941 
2942         /* Setting FILE_SHARE_DELETE is the hint. */
2943 
2944         if (lp_acl_check_permissions(SNUM(conn))
2945             && (create_disposition != FILE_CREATE)
2946             && (share_access & FILE_SHARE_DELETE)
2947             && (access_mask & DELETE_ACCESS)
2948             && (!(can_delete_file_in_directory(conn, fname) ||
2949                  can_access_file_acl(conn, fname, DELETE_ACCESS)))) {
2950                 status = NT_STATUS_ACCESS_DENIED;
2951                 DEBUG(10,("create_file_unixpath: open file %s "
2952                         "for delete ACCESS_DENIED\n", fname ));
2953                 goto fail;
2954         }
2955 
2956 #if 0
2957         /* We need to support SeSecurityPrivilege for this. */
2958         if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
2959             !user_has_privileges(current_user.nt_user_token,
2960                                  &se_security)) {
2961                 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2962                 goto fail;
2963         }
2964 #else
2965         /* We need to support SeSecurityPrivilege for this. */
2966         if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
2967                 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2968                 goto fail;
2969         }
2970         /* Don't allow a SACL set from an NTtrans create until we
2971          * support SeSecurityPrivilege. */
2972         if (!VALID_STAT(sbuf) &&
2973                         lp_nt_acl_support(SNUM(conn)) &&
2974                         sd && (sd->sacl != NULL)) {
2975                 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2976                 goto fail;
2977         }
2978 #endif
2979 
2980         if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2981             && is_ntfs_stream_name(fname)
2982             && (!(create_options & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
2983                 char *base;
2984                 uint32 base_create_disposition;
2985 
2986                 if (create_options & FILE_DIRECTORY_FILE) {
2987                         status = NT_STATUS_NOT_A_DIRECTORY;
2988                         goto fail;
2989                 }
2990 
2991                 status = split_ntfs_stream_name(talloc_tos(), fname,
2992                                                 &base, NULL);
2993                 if (!NT_STATUS_IS_OK(status)) {
2994                         DEBUG(10, ("create_file_unixpath: "
2995                                 "split_ntfs_stream_name failed: %s\n",
2996                                 nt_errstr(status)));
2997                         goto fail;
2998                 }
2999 
3000                 SMB_ASSERT(!is_ntfs_stream_name(base)); /* paranoia.. */
3001 
3002                 switch (create_disposition) {
3003                 case FILE_OPEN:
3004                         base_create_disposition = FILE_OPEN;
3005                         break;
3006                 default:
3007                         base_create_disposition = FILE_OPEN_IF;
3008                         break;
3009                 }
3010 
3011                 status = create_file_unixpath(conn, NULL, base, 0,
3012                                               FILE_SHARE_READ
3013                                               | FILE_SHARE_WRITE
3014                                               | FILE_SHARE_DELETE,
3015                                               base_create_disposition,
3016                                               0, 0, 0, 0, NULL, NULL,
3017                                               &base_fsp, NULL, NULL);
3018                 if (!NT_STATUS_IS_OK(status)) {
3019                         DEBUG(10, ("create_file_unixpath for base %s failed: "
3020                                    "%s\n", base, nt_errstr(status)));
3021                         goto fail;
3022                 }
3023                 /* we don't need to low level fd */
3024                 fd_close(base_fsp);
3025         }
3026 
3027         /*
3028          * If it's a request for a directory open, deal with it separately.
3029          */
3030 
3031         if (create_options & FILE_DIRECTORY_FILE) {
3032 
3033                 if (create_options & FILE_NON_DIRECTORY_FILE) {
3034                         status = NT_STATUS_INVALID_PARAMETER;
3035                         goto fail;
3036                 }
3037 
3038                 /* Can't open a temp directory. IFS kit test. */
3039                 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
3040                      (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) {
3041                         status = NT_STATUS_INVALID_PARAMETER;
3042                         goto fail;
3043                 }
3044 
3045                 /*
3046                  * We will get a create directory here if the Win32
3047                  * app specified a security descriptor in the
3048                  * CreateDirectory() call.
3049                  */
3050 
3051                 oplock_request = 0;
3052                 status = open_directory(
3053                         conn, req, fname, &sbuf, access_mask, share_access,
3054                         create_disposition, create_options, file_attributes,
3055                         &info, &fsp);
3056         } else {
3057 
3058                 /*
3059                  * Ordinary file case.
3060                  */
3061 
3062                 status = file_new(req, conn, &fsp);
3063                 if(!NT_STATUS_IS_OK(status)) {
3064                         goto fail;
3065                 }
3066 
3067                 /*
3068                  * We're opening the stream element of a base_fsp
3069                  * we already opened. Set up the base_fsp pointer.
3070                  */
3071                 if (base_fsp) {
3072                         fsp->base_fsp = base_fsp;
3073                 }
3074 
3075                 status = open_file_ntcreate(conn,
3076                                             req,
3077                                             fname,
3078                                             &sbuf,
3079                                             access_mask,
3080                                             share_access,
3081                                             create_disposition,
3082                                             create_options,
3083                                             file_attributes,
3084                                             oplock_request,
3085                                             &info,
3086                                             fsp);
3087 
3088                 if(!NT_STATUS_IS_OK(status)) {
3089                         file_free(req, fsp);
3090                         fsp = NULL;
3091                 }
3092 
3093                 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3094 
3095                         /* A stream open never opens a directory */
3096 
3097                         if (base_fsp) {
3098                                 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3099                                 goto fail;
3100                         }
3101 
3102                         /*
3103                          * Fail the open if it was explicitly a non-directory
3104                          * file.
3105                          */
3106 
3107                         if (create_options & FILE_NON_DIRECTORY_FILE) {
3108                                 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3109                                 goto fail;
3110                         }
3111 
3112                         oplock_request = 0;
3113                         status = open_directory(
3114                                 conn, req, fname, &sbuf, access_mask,
3115                                 share_access, create_disposition,
3116                                 create_options, file_attributes,
3117                                 &info, &fsp);
3118                 }
3119         }
3120 
3121         if (!NT_STATUS_IS_OK(status)) {
3122                 goto fail;
3123         }
3124 
3125         fsp->base_fsp = base_fsp;
3126 
3127         /*
3128          * According to the MS documentation, the only time the security
3129          * descriptor is applied to the opened file is iff we *created* the
3130          * file; an existing file stays the same.
3131          *
3132          * Also, it seems (from observation) that you can open the file with
3133          * any access mask but you can still write the sd. We need to override
3134          * the granted access before we call set_sd
3135          * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3136          */
3137 
3138         if ((sd != NULL) && (info == FILE_WAS_CREATED)
3139             && lp_nt_acl_support(SNUM(conn))) {
3140 
3141                 uint32_t sec_info_sent;
3142                 uint32_t saved_access_mask = fsp->access_mask;
3143 
3144                 sec_info_sent = get_sec_info(sd);
3145 
3146                 fsp->access_mask = FILE_GENERIC_ALL;
3147 
3148                 /* Convert all the generic bits. */
3149                 security_acl_map_generic(sd->dacl, &file_generic_mapping);
3150                 security_acl_map_generic(sd->sacl, &file_generic_mapping);
3151 
3152                 if (sec_info_sent & (OWNER_SECURITY_INFORMATION|
3153                                         GROUP_SECURITY_INFORMATION|
3154                                         DACL_SECURITY_INFORMATION|
3155                                         SACL_SECURITY_INFORMATION)) {
3156                         status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3157                 }
3158 
3159                 fsp->access_mask = saved_access_mask;
3160 
3161                 if (!NT_STATUS_IS_OK(status)) {
3162                         goto fail;
3163                 }
3164         }
3165 
3166         if ((ea_list != NULL) &&
3167                         ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN))) {
3168                 status = set_ea(conn, fsp, fname, ea_list);
3169                 if (!NT_STATUS_IS_OK(status)) {
3170                         goto fail;
3171                 }
3172         }
3173 
3174         if (!fsp->is_directory && S_ISDIR(sbuf.st_mode)) {
3175                 status = NT_STATUS_ACCESS_DENIED;
3176                 goto fail;
3177         }
3178 
3179         /* Save the requested allocation size. */
3180         if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3181                 if (allocation_size
3182                     && (allocation_size > sbuf.st_size)) {
3183                         fsp->initial_allocation_size = smb_roundup(
3184                                 fsp->conn, allocation_size);
3185                         if (fsp->is_directory) {
3186                                 /* Can't set allocation size on a directory. */
3187                                 status = NT_STATUS_ACCESS_DENIED;
3188                                 goto fail;
3189                         }
3190                         if (vfs_allocate_file_space(
3191                                     fsp, fsp->initial_allocation_size) == -1) {
3192                                 status = NT_STATUS_DISK_FULL;
3193                                 goto fail;
3194                         }
3195                 } else {
3196                         fsp->initial_allocation_size = smb_roundup(
3197                                 fsp->conn, (uint64_t)sbuf.st_size);
3198                 }
3199         }
3200 
3201         DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3202 
3203         *result = fsp;
3204         if (pinfo != NULL) {
3205                 *pinfo = info;
3206         }
3207         if (psbuf != NULL) {
3208                 if ((fsp->fh == NULL) || (fsp->fh->fd == -1)) {
3209                         *psbuf = sbuf;
3210                 }
3211                 else {
3212                         SMB_VFS_FSTAT(fsp, psbuf);
3213                 }
3214         }
3215         return NT_STATUS_OK;
3216 
3217  fail:
3218         DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3219 
3220         if (fsp != NULL) {
3221                 if (base_fsp && fsp->base_fsp == base_fsp) {
3222                         /*
3223                          * The close_file below will close
3224                          * fsp->base_fsp.
3225                          */
3226                         base_fsp = NULL;
3227                 }
3228                 close_file(req, fsp, ERROR_CLOSE);
3229                 fsp = NULL;
3230         }
3231         if (base_fsp != NULL) {
3232                 close_file(req, base_fsp, ERROR_CLOSE);
3233                 base_fsp = NULL;
3234         }
3235         return status;
3236 }
3237 
3238 /*
3239  * Calculate the full path name given a relative fid.
3240  */
3241 NTSTATUS get_relative_fid_filename(connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
3242                                    struct smb_request *req,
3243                                    uint16_t root_dir_fid,
3244                                    const char *fname, char **new_fname)
3245 {
3246         files_struct *dir_fsp;
3247         char *parent_fname = NULL;
3248 
3249         if (root_dir_fid == 0 || !fname || !new_fname) {
3250                 return NT_STATUS_INTERNAL_ERROR;
3251         }
3252 
3253         dir_fsp = file_fsp(req, root_dir_fid);
3254 
3255         if (dir_fsp == NULL) {
3256                 return NT_STATUS_INVALID_HANDLE;
3257         }
3258 
3259         if (!dir_fsp->is_directory) {
3260 
3261                 /*
3262                  * Check to see if this is a mac fork of some kind.
3263                  */
3264 
3265                 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3266                     is_ntfs_stream_name(fname)) {
3267                         return NT_STATUS_OBJECT_PATH_NOT_FOUND;
3268                 }
3269 
3270                 /*
3271                   we need to handle the case when we get a
3272                   relative open relative to a file and the
3273                   pathname is blank - this is a reopen!
3274                   (hint from demyn plantenberg)
3275                 */
3276 
3277                 return NT_STATUS_INVALID_HANDLE;
3278         }
3279 
3280         if (ISDOT(dir_fsp->fsp_name)) {
3281                 /*
3282                  * We're at the toplevel dir, the final file name
3283                  * must not contain ./, as this is filtered out
3284                  * normally by srvstr_get_path and unix_convert
3285                  * explicitly rejects paths containing ./.
3286                  */
3287                 parent_fname = talloc_strdup(talloc_tos(), "");
3288                 if (parent_fname == NULL) {
3289                         return NT_STATUS_NO_MEMORY;
3290                 }
3291         } else {
3292                 size_t dir_name_len = strlen(dir_fsp->fsp_name);
3293 
3294                 /*
3295                  * Copy in the base directory name.
3296                  */
3297 
3298                 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3299                     dir_name_len+2);
3300                 if (parent_fname == NULL) {
3301                         return NT_STATUS_NO_MEMORY;
3302                 }
3303                 memcpy(parent_fname, dir_fsp->fsp_name,
3304                     dir_name_len+1);
3305 
3306                 /*
3307                  * Ensure it ends in a '/'.
3308                  * We used TALLOC_SIZE +2 to add space for the '/'.
3309                  */
3310 
3311                 if(dir_name_len
3312                     && (parent_fname[dir_name_len-1] != '\\')
3313                     && (parent_fname[dir_name_len-1] != '/')) {
3314                         parent_fname[dir_name_len] = '/';
3315                         parent_fname[dir_name_len+1] = '\0';
3316                 }
3317         }
3318 
3319         *new_fname = talloc_asprintf(talloc_tos(), "%s%s", parent_fname,
3320             fname);
3321         if (*new_fname == NULL) {
3322                 return NT_STATUS_NO_MEMORY;
3323         }
3324 
3325         return NT_STATUS_OK;
3326 }
3327 
3328 NTSTATUS create_file_default(connection_struct *conn,
     /* [<][>][^][v][top][bottom][index][help] */
3329                              struct smb_request *req,
3330                              uint16_t root_dir_fid,
3331                              const char *fname,
3332                              uint32_t create_file_flags,
3333                              uint32_t access_mask,
3334                              uint32_t share_access,
3335                              uint32_t create_disposition,
3336                              uint32_t create_options,
3337                              uint32_t file_attributes,
3338                              uint32_t oplock_request,
3339                              uint64_t allocation_size,
3340                              struct security_descriptor *sd,
3341                              struct ea_list *ea_list,
3342 
3343                              files_struct **result,
3344                              int *pinfo,
3345                              SMB_STRUCT_STAT *psbuf)
3346 {
3347         struct case_semantics_state *case_state = NULL;
3348         SMB_STRUCT_STAT sbuf;
3349         int info = FILE_WAS_OPENED;
3350         files_struct *fsp = NULL;
3351         NTSTATUS status;
3352 
3353         DEBUG(10,("create_file: access_mask = 0x%x "
3354                   "file_attributes = 0x%x, share_access = 0x%x, "
3355                   "create_disposition = 0x%x create_options = 0x%x "
3356                   "oplock_request = 0x%x "
3357                   "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3358                   "create_file_flags = 0x%x, fname = %s\n",
3359                   (unsigned int)access_mask,
3360                   (unsigned int)file_attributes,
3361                   (unsigned int)share_access,
3362                   (unsigned int)create_disposition,
3363                   (unsigned int)create_options,
3364                   (unsigned int)oplock_request,
3365                   (unsigned int)root_dir_fid,
3366                   ea_list, sd, create_file_flags, fname));
3367 
3368         /* MSDFS pathname processing must be done FIRST.
3369            MSDFS pathnames containing IPv6 addresses can
3370            be confused with NTFS stream names (they contain
3371            ":" characters. JRA. */
3372 
3373         if ((req != NULL) && (req->flags2 & FLAGS2_DFS_PATHNAMES)) {
3374                 char *resolved_fname;
3375 
3376                 status = resolve_dfspath(talloc_tos(), conn, true, fname,
3377                                          &resolved_fname);
3378 
3379                 if (!NT_STATUS_IS_OK(status)) {
3380                         /*
3381                          * For PATH_NOT_COVERED we had
3382                          * reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
3383                          *                 ERRSRV, ERRbadpath);
3384                          * Need to fix in callers
3385                          */
3386                         goto fail;
3387                 }
3388                 fname = resolved_fname;
3389         }
3390 
3391         /*
3392          * Calculate the filename from the root_dir_if if necessary.
3393          */
3394 
3395         if (root_dir_fid != 0) {
3396                 char *new_fname;
3397 
3398                 status = get_relative_fid_filename(conn, req, root_dir_fid,
3399                                                    fname, &new_fname);
3400                 if (!NT_STATUS_IS_OK(status)) {
3401                         goto fail;
3402                 }
3403 
3404                 fname = new_fname;
3405         }
3406 
3407         /*
3408          * Check to see if this is a mac fork of some kind.
3409          */
3410 
3411         if (is_ntfs_stream_name(fname)) {
3412                 enum FAKE_FILE_TYPE fake_file_type;
3413 
3414                 fake_file_type = is_fake_file(fname);
3415 
3416                 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3417 
3418                         /*
3419                          * Here we go! support for changing the disk quotas
3420                          * --metze
3421                          *
3422                          * We need to fake up to open this MAGIC QUOTA file
3423                          * and return a valid FID.
3424                          *
3425                          * w2k close this file directly after openening xp
3426                          * also tries a QUERY_FILE_INFO on the file and then
3427                          * close it
3428                          */
3429                         status = open_fake_file(req, conn, req->vuid,
3430                                                 fake_file_type, fname,
3431                                                 access_mask, &fsp);
3432                         if (!NT_STATUS_IS_OK(status)) {
3433                                 goto fail;
3434                         }
3435 
3436                         ZERO_STRUCT(sbuf);
3437                         goto done;
3438                 }
3439 
3440                 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3441                         status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3442                         goto fail;
3443                 }
3444         }
3445 
3446         /*
3447          * Check if POSIX semantics are wanted.
3448          */
3449 
3450         if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
3451                 case_state = set_posix_case_semantics(talloc_tos(), conn);
3452         }
3453 
3454         if (create_file_flags & CFF_DOS_PATH) {
3455                 char *converted_fname;
3456 
3457                 SET_STAT_INVALID(sbuf);
3458 
3459                 status = unix_convert(talloc_tos(), conn, fname, False,
3460                                       &converted_fname, NULL, &sbuf);
3461                 if (!NT_STATUS_IS_OK(status)) {
3462                         goto fail;
3463                 }
3464                 fname = converted_fname;
3465         } else {
3466                 if (psbuf != NULL) {
3467                         sbuf = *psbuf;
3468                 } else {
3469                         if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) {
3470                                 SET_STAT_INVALID(sbuf);
3471                         }
3472                 }
3473 
3474         }
3475 
3476         TALLOC_FREE(case_state);
3477 
3478         /* All file access must go through check_name() */
3479 
3480         status = check_name(conn, fname);
3481         if (!NT_STATUS_IS_OK(status)) {
3482                 goto fail;
3483         }
3484 
3485         status = create_file_unixpath(
3486                 conn, req, fname, access_mask, share_access,
3487                 create_disposition, create_options, file_attributes,
3488                 oplock_request, allocation_size, sd, ea_list,
3489                 &fsp, &info, &sbuf);
3490 
3491         if (!NT_STATUS_IS_OK(status)) {
3492                 goto fail;
3493         }
3494 
3495  done:
3496         DEBUG(10, ("create_file: info=%d\n", info));
3497 
3498         *result = fsp;
3499         if (pinfo != NULL) {
3500                 *pinfo = info;
3501         }
3502         if (psbuf != NULL) {
3503                 *psbuf = sbuf;
3504         }
3505         return NT_STATUS_OK;
3506 
3507  fail:
3508         DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3509 
3510         if (fsp != NULL) {
3511                 close_file(req, fsp, ERROR_CLOSE);
3512                 fsp = NULL;
3513         }
3514         return status;
3515 }

/* [<][>][^][v][top][bottom][index][help] */