/* [<][>][^][v][top][bottom][index][help] */
DEFINITIONS
This source file includes following definitions.
- smb1_file_se_access_check
- check_open_rights
- fd_open
- fd_close
- change_file_owner_to_parent
- change_dir_owner_to_parent
- open_file
- is_executable
- share_conflict
- validate_my_share_entries
- is_stat_open
- open_mode_check
- is_delete_request
- send_break_message
- delay_for_oplocks
- request_timed_out
- defer_open
- open_match_attributes
- fcb_or_dos_open
- map_open_params_to_ntcreate
- schedule_defer_open
- calculate_access_mask
- open_file_ntcreate
- open_file_fchmod
- close_file_fchmod
- mkdir_internal
- open_directory
- create_directory
- msg_file_was_renamed
- restore_case_semantics
- set_posix_case_semantics
- open_streams_for_delete
- create_file_unixpath
- get_relative_fid_filename
- create_file_default
1 /*
2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "smbd/globals.h"
24
25 extern const struct generic_mapping file_generic_mapping;
26
27 struct deferred_open_record {
28 bool delayed_for_oplocks;
29 struct file_id id;
30 };
31
32 static NTSTATUS create_file_unixpath(connection_struct *conn,
33 struct smb_request *req,
34 const char *fname,
35 uint32_t access_mask,
36 uint32_t share_access,
37 uint32_t create_disposition,
38 uint32_t create_options,
39 uint32_t file_attributes,
40 uint32_t oplock_request,
41 uint64_t allocation_size,
42 struct security_descriptor *sd,
43 struct ea_list *ea_list,
44
45 files_struct **result,
46 int *pinfo,
47 SMB_STRUCT_STAT *psbuf);
48
49 /****************************************************************************
50 SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
51 ****************************************************************************/
52
53 NTSTATUS smb1_file_se_access_check(const struct security_descriptor *sd,
/* [<][>][^][v][top][bottom][index][help] */
54 const NT_USER_TOKEN *token,
55 uint32_t access_desired,
56 uint32_t *access_granted)
57 {
58 return se_access_check(sd,
59 token,
60 (access_desired & ~FILE_READ_ATTRIBUTES),
61 access_granted);
62 }
63
64 /****************************************************************************
65 Check if we have open rights.
66 ****************************************************************************/
67
68 static NTSTATUS check_open_rights(struct connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
69 const char *fname,
70 uint32_t access_mask,
71 uint32_t *access_granted)
72 {
73 /* Check if we have rights to open. */
74 NTSTATUS status;
75 struct security_descriptor *sd;
76
77 *access_granted = 0;
78
79 if (conn->server_info->utok.uid == 0 || conn->admin_user) {
80 /* I'm sorry sir, I didn't know you were root... */
81 *access_granted = access_mask;
82 if (access_mask & SEC_FLAG_MAXIMUM_ALLOWED) {
83 *access_granted |= FILE_GENERIC_ALL;
84 }
85 return NT_STATUS_OK;
86 }
87
88 status = SMB_VFS_GET_NT_ACL(conn, fname,
89 (OWNER_SECURITY_INFORMATION |
90 GROUP_SECURITY_INFORMATION |
91 DACL_SECURITY_INFORMATION),&sd);
92
93 if (!NT_STATUS_IS_OK(status)) {
94 DEBUG(10, ("check_open_rights: Could not get acl "
95 "on %s: %s\n",
96 fname,
97 nt_errstr(status)));
98 return status;
99 }
100
101 status = smb1_file_se_access_check(sd,
102 conn->server_info->ptok,
103 access_mask,
104 access_granted);
105
106 TALLOC_FREE(sd);
107
108 DEBUG(10,("check_open_rights: file %s requesting "
109 "0x%x returning 0x%x (%s)\n",
110 fname,
111 (unsigned int)access_mask,
112 (unsigned int)*access_granted,
113 nt_errstr(status) ));
114
115 return status;
116 }
117
118 /****************************************************************************
119 fd support routines - attempt to do a dos_open.
120 ****************************************************************************/
121
122 static NTSTATUS fd_open(struct connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
123 const char *fname,
124 files_struct *fsp,
125 int flags,
126 mode_t mode)
127 {
128 NTSTATUS status = NT_STATUS_OK;
129
130 #ifdef O_NOFOLLOW
131 /*
132 * Never follow symlinks on a POSIX client. The
133 * client should be doing this.
134 */
135
136 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
137 flags |= O_NOFOLLOW;
138 }
139 #endif
140
141 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
142 if (fsp->fh->fd == -1) {
143 status = map_nt_error_from_unix(errno);
144 if (errno == EMFILE) {
145 static time_t last_warned = 0L;
146
147 if (time((time_t *) NULL) > last_warned) {
148 DEBUG(0,("Too many open files, unable "
149 "to open more! smbd's max "
150 "open files = %d\n",
151 lp_max_open_files()));
152 last_warned = time((time_t *) NULL);
153 }
154 }
155
156 }
157
158 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
159 fname, flags, (int)mode, fsp->fh->fd,
160 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
161
162 return status;
163 }
164
165 /****************************************************************************
166 Close the file associated with a fsp.
167 ****************************************************************************/
168
169 NTSTATUS fd_close(files_struct *fsp)
/* [<][>][^][v][top][bottom][index][help] */
170 {
171 int ret;
172
173 if (fsp->fh->fd == -1) {
174 return NT_STATUS_OK; /* What we used to call a stat open. */
175 }
176 if (fsp->fh->ref_count > 1) {
177 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
178 }
179
180 ret = SMB_VFS_CLOSE(fsp);
181 fsp->fh->fd = -1;
182 if (ret == -1) {
183 return map_nt_error_from_unix(errno);
184 }
185 return NT_STATUS_OK;
186 }
187
188 /****************************************************************************
189 Change the ownership of a file to that of the parent directory.
190 Do this by fd if possible.
191 ****************************************************************************/
192
193 void change_file_owner_to_parent(connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
194 const char *inherit_from_dir,
195 files_struct *fsp)
196 {
197 SMB_STRUCT_STAT parent_st;
198 int ret;
199
200 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
201 if (ret == -1) {
202 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
203 "directory %s. Error was %s\n",
204 inherit_from_dir, strerror(errno) ));
205 return;
206 }
207
208 become_root();
209 ret = SMB_VFS_FCHOWN(fsp, parent_st.st_uid, (gid_t)-1);
210 unbecome_root();
211 if (ret == -1) {
212 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
213 "file %s to parent directory uid %u. Error "
214 "was %s\n", fsp->fsp_name,
215 (unsigned int)parent_st.st_uid,
216 strerror(errno) ));
217 }
218
219 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
220 "parent directory uid %u.\n", fsp->fsp_name,
221 (unsigned int)parent_st.st_uid ));
222 }
223
224 NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
225 const char *inherit_from_dir,
226 const char *fname,
227 SMB_STRUCT_STAT *psbuf)
228 {
229 char *saved_dir = NULL;
230 SMB_STRUCT_STAT sbuf;
231 SMB_STRUCT_STAT parent_st;
232 TALLOC_CTX *ctx = talloc_tos();
233 NTSTATUS status = NT_STATUS_OK;
234 int ret;
235
236 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
237 if (ret == -1) {
238 status = map_nt_error_from_unix(errno);
239 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
240 "directory %s. Error was %s\n",
241 inherit_from_dir, strerror(errno) ));
242 return status;
243 }
244
245 /* We've already done an lstat into psbuf, and we know it's a
246 directory. If we can cd into the directory and the dev/ino
247 are the same then we can safely chown without races as
248 we're locking the directory in place by being in it. This
249 should work on any UNIX (thanks tridge :-). JRA.
250 */
251
252 saved_dir = vfs_GetWd(ctx,conn);
253 if (!saved_dir) {
254 status = map_nt_error_from_unix(errno);
255 DEBUG(0,("change_dir_owner_to_parent: failed to get "
256 "current working directory. Error was %s\n",
257 strerror(errno)));
258 return status;
259 }
260
261 /* Chdir into the new path. */
262 if (vfs_ChDir(conn, fname) == -1) {
263 status = map_nt_error_from_unix(errno);
264 DEBUG(0,("change_dir_owner_to_parent: failed to change "
265 "current working directory to %s. Error "
266 "was %s\n", fname, strerror(errno) ));
267 goto out;
268 }
269
270 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
271 status = map_nt_error_from_unix(errno);
272 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
273 "directory '.' (%s) Error was %s\n",
274 fname, strerror(errno)));
275 goto out;
276 }
277
278 /* Ensure we're pointing at the same place. */
279 if (sbuf.st_dev != psbuf->st_dev ||
280 sbuf.st_ino != psbuf->st_ino ||
281 sbuf.st_mode != psbuf->st_mode ) {
282 DEBUG(0,("change_dir_owner_to_parent: "
283 "device/inode/mode on directory %s changed. "
284 "Refusing to chown !\n", fname ));
285 status = NT_STATUS_ACCESS_DENIED;
286 goto out;
287 }
288
289 become_root();
290 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
291 unbecome_root();
292 if (ret == -1) {
293 status = map_nt_error_from_unix(errno);
294 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
295 "directory %s to parent directory uid %u. "
296 "Error was %s\n", fname,
297 (unsigned int)parent_st.st_uid, strerror(errno) ));
298 goto out;
299 }
300
301 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
302 "directory %s to parent directory uid %u.\n",
303 fname, (unsigned int)parent_st.st_uid ));
304
305 out:
306
307 vfs_ChDir(conn,saved_dir);
308 return status;
309 }
310
311 /****************************************************************************
312 Open a file.
313 ****************************************************************************/
314
315 static NTSTATUS open_file(files_struct *fsp,
/* [<][>][^][v][top][bottom][index][help] */
316 connection_struct *conn,
317 struct smb_request *req,
318 const char *parent_dir,
319 const char *name,
320 const char *path,
321 SMB_STRUCT_STAT *psbuf,
322 int flags,
323 mode_t unx_mode,
324 uint32 access_mask, /* client requested access mask. */
325 uint32 open_access_mask) /* what we're actually using in the open. */
326 {
327 NTSTATUS status = NT_STATUS_OK;
328 int accmode = (flags & O_ACCMODE);
329 int local_flags = flags;
330 bool file_existed = VALID_STAT(*psbuf);
331
332 fsp->fh->fd = -1;
333 errno = EPERM;
334
335 /* Check permissions */
336
337 /*
338 * This code was changed after seeing a client open request
339 * containing the open mode of (DENY_WRITE/read-only) with
340 * the 'create if not exist' bit set. The previous code
341 * would fail to open the file read only on a read-only share
342 * as it was checking the flags parameter directly against O_RDONLY,
343 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
344 * JRA.
345 */
346
347 if (!CAN_WRITE(conn)) {
348 /* It's a read-only share - fail if we wanted to write. */
349 if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
350 DEBUG(3,("Permission denied opening %s\n", path));
351 return NT_STATUS_ACCESS_DENIED;
352 } else if(flags & O_CREAT) {
353 /* We don't want to write - but we must make sure that
354 O_CREAT doesn't create the file if we have write
355 access into the directory.
356 */
357 flags &= ~(O_CREAT|O_EXCL);
358 local_flags &= ~(O_CREAT|O_EXCL);
359 }
360 }
361
362 /*
363 * This little piece of insanity is inspired by the
364 * fact that an NT client can open a file for O_RDONLY,
365 * but set the create disposition to FILE_EXISTS_TRUNCATE.
366 * If the client *can* write to the file, then it expects to
367 * truncate the file, even though it is opening for readonly.
368 * Quicken uses this stupid trick in backup file creation...
369 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
370 * for helping track this one down. It didn't bite us in 2.0.x
371 * as we always opened files read-write in that release. JRA.
372 */
373
374 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
375 DEBUG(10,("open_file: truncate requested on read-only open "
376 "for file %s\n", path));
377 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
378 }
379
380 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
381 (!file_existed && (local_flags & O_CREAT)) ||
382 ((local_flags & O_TRUNC) == O_TRUNC) ) {
383 const char *wild;
384
385 /*
386 * We can't actually truncate here as the file may be locked.
387 * open_file_ntcreate will take care of the truncate later. JRA.
388 */
389
390 local_flags &= ~O_TRUNC;
391
392 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
393 /*
394 * We would block on opening a FIFO with no one else on the
395 * other end. Do what we used to do and add O_NONBLOCK to the
396 * open flags. JRA.
397 */
398
399 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
400 local_flags |= O_NONBLOCK;
401 }
402 #endif
403
404 /* Don't create files with Microsoft wildcard characters. */
405 if (fsp->base_fsp) {
406 /*
407 * wildcard characters are allowed in stream names
408 * only test the basefilename
409 */
410 wild = fsp->base_fsp->fsp_name;
411 } else {
412 wild = path;
413 }
414 if ((local_flags & O_CREAT) && !file_existed &&
415 ms_has_wild(wild)) {
416 return NT_STATUS_OBJECT_NAME_INVALID;
417 }
418
419 /* Actually do the open */
420 status = fd_open(conn, path, fsp, local_flags, unx_mode);
421 if (!NT_STATUS_IS_OK(status)) {
422 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
423 "(flags=%d)\n",
424 path,nt_errstr(status),local_flags,flags));
425 return status;
426 }
427
428 if ((local_flags & O_CREAT) && !file_existed) {
429
430 /* Inherit the ACL if required */
431 if (lp_inherit_perms(SNUM(conn))) {
432 inherit_access_posix_acl(conn, parent_dir, path,
433 unx_mode);
434 }
435
436 /* Change the owner if required. */
437 if (lp_inherit_owner(SNUM(conn))) {
438 change_file_owner_to_parent(conn, parent_dir,
439 fsp);
440 }
441
442 notify_fname(conn, NOTIFY_ACTION_ADDED,
443 FILE_NOTIFY_CHANGE_FILE_NAME, path);
444 }
445
446 } else {
447 fsp->fh->fd = -1; /* What we used to call a stat open. */
448 if (file_existed) {
449 uint32_t access_granted = 0;
450
451 status = check_open_rights(conn,
452 path,
453 access_mask,
454 &access_granted);
455 if (!NT_STATUS_IS_OK(status)) {
456 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
457 /*
458 * On NT_STATUS_ACCESS_DENIED, access_granted
459 * contains the denied bits.
460 */
461
462 if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
463 (access_granted & FILE_WRITE_ATTRIBUTES) &&
464 (lp_map_readonly(SNUM(conn)) ||
465 lp_map_archive(SNUM(conn)) ||
466 lp_map_hidden(SNUM(conn)) ||
467 lp_map_system(SNUM(conn)))) {
468 access_granted &= ~FILE_WRITE_ATTRIBUTES;
469
470 DEBUG(10,("open_file: overrode FILE_WRITE_ATTRIBUTES "
471 "on file %s\n",
472 path ));
473 }
474
475 if ((access_mask & DELETE_ACCESS) &&
476 (access_granted & DELETE_ACCESS) &&
477 can_delete_file_in_directory(conn, path)) {
478 /* Were we trying to do a stat open
479 * for delete and didn't get DELETE
480 * access (only) ? Check if the
481 * directory allows DELETE_CHILD.
482 * See here:
483 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
484 * for details. */
485
486 access_granted &= ~DELETE_ACCESS;
487
488 DEBUG(10,("open_file: overrode DELETE_ACCESS "
489 "on file %s\n",
490 path ));
491 }
492
493 if (access_granted != 0) {
494 DEBUG(10, ("open_file: Access denied on "
495 "file %s\n",
496 path));
497 return status;
498 }
499 } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
500 fsp->posix_open &&
501 S_ISLNK(psbuf->st_mode)) {
502 /* This is a POSIX stat open for delete
503 * or rename on a symlink that points
504 * nowhere. Allow. */
505 DEBUG(10, ("open_file: allowing POSIX open "
506 "on bad symlink %s\n",
507 path ));
508 } else {
509 DEBUG(10, ("open_file: check_open_rights "
510 "on file %s returned %s\n",
511 path, nt_errstr(status) ));
512 return status;
513 }
514 }
515 }
516 }
517
518 if (!file_existed) {
519 int ret;
520
521 if (fsp->fh->fd == -1) {
522 ret = SMB_VFS_STAT(conn, path, psbuf);
523 } else {
524 ret = SMB_VFS_FSTAT(fsp, psbuf);
525 /* If we have an fd, this stat should succeed. */
526 if (ret == -1) {
527 DEBUG(0,("Error doing fstat on open file %s "
528 "(%s)\n", path,strerror(errno) ));
529 }
530 }
531
532 /* For a non-io open, this stat failing means file not found. JRA */
533 if (ret == -1) {
534 status = map_nt_error_from_unix(errno);
535 fd_close(fsp);
536 return status;
537 }
538 }
539
540 /*
541 * POSIX allows read-only opens of directories. We don't
542 * want to do this (we use a different code path for this)
543 * so catch a directory open and return an EISDIR. JRA.
544 */
545
546 if(S_ISDIR(psbuf->st_mode)) {
547 fd_close(fsp);
548 errno = EISDIR;
549 return NT_STATUS_FILE_IS_A_DIRECTORY;
550 }
551
552 fsp->mode = psbuf->st_mode;
553 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
554 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
555 fsp->file_pid = req ? req->smbpid : 0;
556 fsp->can_lock = True;
557 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
558 if (!CAN_WRITE(conn)) {
559 fsp->can_write = False;
560 } else {
561 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
562 True : False;
563 }
564 fsp->print_file = False;
565 fsp->modified = False;
566 fsp->sent_oplock_break = NO_BREAK_SENT;
567 fsp->is_directory = False;
568 if (conn->aio_write_behind_list &&
569 is_in_path(path, conn->aio_write_behind_list, conn->case_sensitive)) {
570 fsp->aio_write_behind = True;
571 }
572
573 string_set(&fsp->fsp_name, path);
574 fsp->wcp = NULL; /* Write cache pointer. */
575
576 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
577 conn->server_info->unix_name,
578 fsp->fsp_name,
579 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
580 conn->num_files_open));
581
582 errno = 0;
583 return NT_STATUS_OK;
584 }
585
586 /*******************************************************************
587 Return True if the filename is one of the special executable types.
588 ********************************************************************/
589
590 bool is_executable(const char *fname)
/* [<][>][^][v][top][bottom][index][help] */
591 {
592 if ((fname = strrchr_m(fname,'.'))) {
593 if (strequal(fname,".com") ||
594 strequal(fname,".dll") ||
595 strequal(fname,".exe") ||
596 strequal(fname,".sym")) {
597 return True;
598 }
599 }
600 return False;
601 }
602
603 /****************************************************************************
604 Check if we can open a file with a share mode.
605 Returns True if conflict, False if not.
606 ****************************************************************************/
607
608 static bool share_conflict(struct share_mode_entry *entry,
/* [<][>][^][v][top][bottom][index][help] */
609 uint32 access_mask,
610 uint32 share_access)
611 {
612 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
613 "entry->share_access = 0x%x, "
614 "entry->private_options = 0x%x\n",
615 (unsigned int)entry->access_mask,
616 (unsigned int)entry->share_access,
617 (unsigned int)entry->private_options));
618
619 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
620 (unsigned int)access_mask, (unsigned int)share_access));
621
622 if ((entry->access_mask & (FILE_WRITE_DATA|
623 FILE_APPEND_DATA|
624 FILE_READ_DATA|
625 FILE_EXECUTE|
626 DELETE_ACCESS)) == 0) {
627 DEBUG(10,("share_conflict: No conflict due to "
628 "entry->access_mask = 0x%x\n",
629 (unsigned int)entry->access_mask ));
630 return False;
631 }
632
633 if ((access_mask & (FILE_WRITE_DATA|
634 FILE_APPEND_DATA|
635 FILE_READ_DATA|
636 FILE_EXECUTE|
637 DELETE_ACCESS)) == 0) {
638 DEBUG(10,("share_conflict: No conflict due to "
639 "access_mask = 0x%x\n",
640 (unsigned int)access_mask ));
641 return False;
642 }
643
644 #if 1 /* JRA TEST - Superdebug. */
645 #define CHECK_MASK(num, am, right, sa, share) \
646 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
647 (unsigned int)(num), (unsigned int)(am), \
648 (unsigned int)(right), (unsigned int)(am)&(right) )); \
649 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
650 (unsigned int)(num), (unsigned int)(sa), \
651 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
652 if (((am) & (right)) && !((sa) & (share))) { \
653 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
654 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
655 (unsigned int)(share) )); \
656 return True; \
657 }
658 #else
659 #define CHECK_MASK(num, am, right, sa, share) \
660 if (((am) & (right)) && !((sa) & (share))) { \
661 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
662 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
663 (unsigned int)(share) )); \
664 return True; \
665 }
666 #endif
667
668 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
669 share_access, FILE_SHARE_WRITE);
670 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
671 entry->share_access, FILE_SHARE_WRITE);
672
673 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
674 share_access, FILE_SHARE_READ);
675 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
676 entry->share_access, FILE_SHARE_READ);
677
678 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
679 share_access, FILE_SHARE_DELETE);
680 CHECK_MASK(6, access_mask, DELETE_ACCESS,
681 entry->share_access, FILE_SHARE_DELETE);
682
683 DEBUG(10,("share_conflict: No conflict.\n"));
684 return False;
685 }
686
687 #if defined(DEVELOPER)
688 static void validate_my_share_entries(int num,
/* [<][>][^][v][top][bottom][index][help] */
689 struct share_mode_entry *share_entry)
690 {
691 files_struct *fsp;
692
693 if (!procid_is_me(&share_entry->pid)) {
694 return;
695 }
696
697 if (is_deferred_open_entry(share_entry) &&
698 !open_was_deferred(share_entry->op_mid)) {
699 char *str = talloc_asprintf(talloc_tos(),
700 "Got a deferred entry without a request: "
701 "PANIC: %s\n",
702 share_mode_str(talloc_tos(), num, share_entry));
703 smb_panic(str);
704 }
705
706 if (!is_valid_share_mode_entry(share_entry)) {
707 return;
708 }
709
710 fsp = file_find_dif(share_entry->id,
711 share_entry->share_file_id);
712 if (!fsp) {
713 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
714 share_mode_str(talloc_tos(), num, share_entry) ));
715 smb_panic("validate_my_share_entries: Cannot match a "
716 "share entry with an open file\n");
717 }
718
719 if (is_deferred_open_entry(share_entry) ||
720 is_unused_share_mode_entry(share_entry)) {
721 goto panic;
722 }
723
724 if ((share_entry->op_type == NO_OPLOCK) &&
725 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
726 /* Someone has already written to it, but I haven't yet
727 * noticed */
728 return;
729 }
730
731 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
732 goto panic;
733 }
734
735 return;
736
737 panic:
738 {
739 char *str;
740 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
741 share_mode_str(talloc_tos(), num, share_entry) ));
742 str = talloc_asprintf(talloc_tos(),
743 "validate_my_share_entries: "
744 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
745 fsp->fsp_name, (unsigned int)fsp->oplock_type,
746 (unsigned int)share_entry->op_type );
747 smb_panic(str);
748 }
749 }
750 #endif
751
752 bool is_stat_open(uint32 access_mask)
/* [<][>][^][v][top][bottom][index][help] */
753 {
754 return (access_mask &&
755 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
756 FILE_WRITE_ATTRIBUTES))==0) &&
757 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
758 FILE_WRITE_ATTRIBUTES)) != 0));
759 }
760
761 /****************************************************************************
762 Deal with share modes
763 Invarient: Share mode must be locked on entry and exit.
764 Returns -1 on error, or number of share modes on success (may be zero).
765 ****************************************************************************/
766
767 static NTSTATUS open_mode_check(connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
768 const char *fname,
769 struct share_mode_lock *lck,
770 uint32 access_mask,
771 uint32 share_access,
772 uint32 create_options,
773 bool *file_existed)
774 {
775 int i;
776
777 if(lck->num_share_modes == 0) {
778 return NT_STATUS_OK;
779 }
780
781 *file_existed = True;
782
783 /* A delete on close prohibits everything */
784
785 if (lck->delete_on_close) {
786 return NT_STATUS_DELETE_PENDING;
787 }
788
789 if (is_stat_open(access_mask)) {
790 /* Stat open that doesn't trigger oplock breaks or share mode
791 * checks... ! JRA. */
792 return NT_STATUS_OK;
793 }
794
795 /*
796 * Check if the share modes will give us access.
797 */
798
799 #if defined(DEVELOPER)
800 for(i = 0; i < lck->num_share_modes; i++) {
801 validate_my_share_entries(i, &lck->share_modes[i]);
802 }
803 #endif
804
805 if (!lp_share_modes(SNUM(conn))) {
806 return NT_STATUS_OK;
807 }
808
809 /* Now we check the share modes, after any oplock breaks. */
810 for(i = 0; i < lck->num_share_modes; i++) {
811
812 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
813 continue;
814 }
815
816 /* someone else has a share lock on it, check to see if we can
817 * too */
818 if (share_conflict(&lck->share_modes[i],
819 access_mask, share_access)) {
820 return NT_STATUS_SHARING_VIOLATION;
821 }
822 }
823
824 return NT_STATUS_OK;
825 }
826
827 static bool is_delete_request(files_struct *fsp) {
/* [<][>][^][v][top][bottom][index][help] */
828 return ((fsp->access_mask == DELETE_ACCESS) &&
829 (fsp->oplock_type == NO_OPLOCK));
830 }
831
832 /*
833 * Send a break message to the oplock holder and delay the open for
834 * our client.
835 */
836
837 static NTSTATUS send_break_message(files_struct *fsp,
/* [<][>][^][v][top][bottom][index][help] */
838 struct share_mode_entry *exclusive,
839 uint16 mid,
840 int oplock_request)
841 {
842 NTSTATUS status;
843 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
844
845 DEBUG(10, ("Sending break request to PID %s\n",
846 procid_str_static(&exclusive->pid)));
847 exclusive->op_mid = mid;
848
849 /* Create the message. */
850 share_mode_entry_to_message(msg, exclusive);
851
852 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
853 don't want this set in the share mode struct pointed to by lck. */
854
855 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
856 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
857 }
858
859 status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
860 MSG_SMB_BREAK_REQUEST,
861 (uint8 *)msg,
862 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
863 if (!NT_STATUS_IS_OK(status)) {
864 DEBUG(3, ("Could not send oplock break message: %s\n",
865 nt_errstr(status)));
866 }
867
868 return status;
869 }
870
871 /*
872 * 1) No files open at all or internal open: Grant whatever the client wants.
873 *
874 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
875 * request, break if the oplock around is a batch oplock. If it's another
876 * requested access type, break.
877 *
878 * 3) Only level2 around: Grant level2 and do nothing else.
879 */
880
881 static bool delay_for_oplocks(struct share_mode_lock *lck,
/* [<][>][^][v][top][bottom][index][help] */
882 files_struct *fsp,
883 uint16 mid,
884 int pass_number,
885 int oplock_request)
886 {
887 int i;
888 struct share_mode_entry *exclusive = NULL;
889 bool valid_entry = false;
890 bool have_level2 = false;
891 bool have_a_none_oplock = false;
892 bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
893 lp_level2_oplocks(SNUM(fsp->conn));
894
895 if (oplock_request & INTERNAL_OPEN_ONLY) {
896 fsp->oplock_type = NO_OPLOCK;
897 }
898
899 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
900 return false;
901 }
902
903 for (i=0; i<lck->num_share_modes; i++) {
904
905 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
906 continue;
907 }
908
909 /* At least one entry is not an invalid or deferred entry. */
910 valid_entry = true;
911
912 if (pass_number == 1) {
913 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
914 SMB_ASSERT(exclusive == NULL);
915 exclusive = &lck->share_modes[i];
916 }
917 } else {
918 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
919 SMB_ASSERT(exclusive == NULL);
920 exclusive = &lck->share_modes[i];
921 }
922 }
923
924 if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
925 SMB_ASSERT(exclusive == NULL);
926 have_level2 = true;
927 }
928
929 if (lck->share_modes[i].op_type == NO_OPLOCK) {
930 have_a_none_oplock = true;
931 }
932 }
933
934 if (exclusive != NULL) { /* Found an exclusive oplock */
935 bool delay_it = is_delete_request(fsp) ?
936 BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
937 SMB_ASSERT(!have_level2);
938 if (delay_it) {
939 send_break_message(fsp, exclusive, mid, oplock_request);
940 return true;
941 }
942 }
943
944 /*
945 * Match what was requested (fsp->oplock_type) with
946 * what was found in the existing share modes.
947 */
948
949 if (!valid_entry) {
950 /* All entries are placeholders or deferred.
951 * Directly grant whatever the client wants. */
952 if (fsp->oplock_type == NO_OPLOCK) {
953 /* Store a level2 oplock, but don't tell the client */
954 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
955 }
956 } else if (have_a_none_oplock) {
957 fsp->oplock_type = NO_OPLOCK;
958 } else if (have_level2) {
959 if (fsp->oplock_type == NO_OPLOCK ||
960 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
961 /* Store a level2 oplock, but don't tell the client */
962 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
963 } else {
964 fsp->oplock_type = LEVEL_II_OPLOCK;
965 }
966 } else {
967 /* This case can never happen. */
968 SMB_ASSERT(1);
969 }
970
971 /*
972 * Don't grant level2 to clients that don't want them
973 * or if we've turned them off.
974 */
975 if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
976 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
977 }
978
979 DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
980 fsp->oplock_type, fsp->fsp_name));
981
982 /* No delay. */
983 return false;
984 }
985
986 bool request_timed_out(struct timeval request_time,
/* [<][>][^][v][top][bottom][index][help] */
987 struct timeval timeout)
988 {
989 struct timeval now, end_time;
990 GetTimeOfDay(&now);
991 end_time = timeval_sum(&request_time, &timeout);
992 return (timeval_compare(&end_time, &now) < 0);
993 }
994
995 /****************************************************************************
996 Handle the 1 second delay in returning a SHARING_VIOLATION error.
997 ****************************************************************************/
998
999 static void defer_open(struct share_mode_lock *lck,
/* [<][>][^][v][top][bottom][index][help] */
1000 struct timeval request_time,
1001 struct timeval timeout,
1002 struct smb_request *req,
1003 struct deferred_open_record *state)
1004 {
1005 int i;
1006
1007 /* Paranoia check */
1008
1009 for (i=0; i<lck->num_share_modes; i++) {
1010 struct share_mode_entry *e = &lck->share_modes[i];
1011
1012 if (!is_deferred_open_entry(e)) {
1013 continue;
1014 }
1015
1016 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
1017 DEBUG(0, ("Trying to defer an already deferred "
1018 "request: mid=%d, exiting\n", req->mid));
1019 exit_server("attempt to defer a deferred request");
1020 }
1021 }
1022
1023 /* End paranoia check */
1024
1025 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1026 "open entry for mid %u\n",
1027 (unsigned int)request_time.tv_sec,
1028 (unsigned int)request_time.tv_usec,
1029 (unsigned int)req->mid));
1030
1031 if (!push_deferred_smb_message(req, request_time, timeout,
1032 (char *)state, sizeof(*state))) {
1033 exit_server("push_deferred_smb_message failed");
1034 }
1035 add_deferred_open(lck, req->mid, request_time, state->id);
1036
1037 /*
1038 * Push the MID of this packet on the signing queue.
1039 * We only do this once, the first time we push the packet
1040 * onto the deferred open queue, as this has a side effect
1041 * of incrementing the response sequence number.
1042 */
1043
1044 srv_defer_sign_response(req->mid);
1045 }
1046
1047
1048 /****************************************************************************
1049 On overwrite open ensure that the attributes match.
1050 ****************************************************************************/
1051
1052 bool open_match_attributes(connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
1053 const char *path,
1054 uint32 old_dos_attr,
1055 uint32 new_dos_attr,
1056 mode_t existing_unx_mode,
1057 mode_t new_unx_mode,
1058 mode_t *returned_unx_mode)
1059 {
1060 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1061
1062 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1063 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1064
1065 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1066 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1067 *returned_unx_mode = new_unx_mode;
1068 } else {
1069 *returned_unx_mode = (mode_t)0;
1070 }
1071
1072 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
1073 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1074 "returned_unx_mode = 0%o\n",
1075 path,
1076 (unsigned int)old_dos_attr,
1077 (unsigned int)existing_unx_mode,
1078 (unsigned int)new_dos_attr,
1079 (unsigned int)*returned_unx_mode ));
1080
1081 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1082 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1083 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1084 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1085 return False;
1086 }
1087 }
1088 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1089 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1090 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1091 return False;
1092 }
1093 }
1094 return True;
1095 }
1096
1097 /****************************************************************************
1098 Special FCB or DOS processing in the case of a sharing violation.
1099 Try and find a duplicated file handle.
1100 ****************************************************************************/
1101
1102 NTSTATUS fcb_or_dos_open(struct smb_request *req,
/* [<][>][^][v][top][bottom][index][help] */
1103 connection_struct *conn,
1104 files_struct *fsp_to_dup_into,
1105 const char *fname,
1106 struct file_id id,
1107 uint16 file_pid,
1108 uint16 vuid,
1109 uint32 access_mask,
1110 uint32 share_access,
1111 uint32 create_options)
1112 {
1113 files_struct *fsp;
1114
1115 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1116 "file %s.\n", fname ));
1117
1118 for(fsp = file_find_di_first(id); fsp;
1119 fsp = file_find_di_next(fsp)) {
1120
1121 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1122 "vuid = %u, file_pid = %u, private_options = 0x%x "
1123 "access_mask = 0x%x\n", fsp->fsp_name,
1124 fsp->fh->fd, (unsigned int)fsp->vuid,
1125 (unsigned int)fsp->file_pid,
1126 (unsigned int)fsp->fh->private_options,
1127 (unsigned int)fsp->access_mask ));
1128
1129 if (fsp->fh->fd != -1 &&
1130 fsp->vuid == vuid &&
1131 fsp->file_pid == file_pid &&
1132 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1133 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1134 (fsp->access_mask & FILE_WRITE_DATA) &&
1135 strequal(fsp->fsp_name, fname)) {
1136 DEBUG(10,("fcb_or_dos_open: file match\n"));
1137 break;
1138 }
1139 }
1140
1141 if (!fsp) {
1142 return NT_STATUS_NOT_FOUND;
1143 }
1144
1145 /* quite an insane set of semantics ... */
1146 if (is_executable(fname) &&
1147 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1148 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1149 return NT_STATUS_INVALID_PARAMETER;
1150 }
1151
1152 /* We need to duplicate this fsp. */
1153 dup_file_fsp(req, fsp, access_mask, share_access,
1154 create_options, fsp_to_dup_into);
1155
1156 return NT_STATUS_OK;
1157 }
1158
1159 /****************************************************************************
1160 Open a file with a share mode - old openX method - map into NTCreate.
1161 ****************************************************************************/
1162
1163 bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
/* [<][>][^][v][top][bottom][index][help] */
1164 uint32 *paccess_mask,
1165 uint32 *pshare_mode,
1166 uint32 *pcreate_disposition,
1167 uint32 *pcreate_options)
1168 {
1169 uint32 access_mask;
1170 uint32 share_mode;
1171 uint32 create_disposition;
1172 uint32 create_options = FILE_NON_DIRECTORY_FILE;
1173
1174 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1175 "open_func = 0x%x\n",
1176 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
1177
1178 /* Create the NT compatible access_mask. */
1179 switch (GET_OPENX_MODE(deny_mode)) {
1180 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1181 case DOS_OPEN_RDONLY:
1182 access_mask = FILE_GENERIC_READ;
1183 break;
1184 case DOS_OPEN_WRONLY:
1185 access_mask = FILE_GENERIC_WRITE;
1186 break;
1187 case DOS_OPEN_RDWR:
1188 case DOS_OPEN_FCB:
1189 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1190 break;
1191 default:
1192 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1193 (unsigned int)GET_OPENX_MODE(deny_mode)));
1194 return False;
1195 }
1196
1197 /* Create the NT compatible create_disposition. */
1198 switch (open_func) {
1199 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1200 create_disposition = FILE_CREATE;
1201 break;
1202
1203 case OPENX_FILE_EXISTS_OPEN:
1204 create_disposition = FILE_OPEN;
1205 break;
1206
1207 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1208 create_disposition = FILE_OPEN_IF;
1209 break;
1210
1211 case OPENX_FILE_EXISTS_TRUNCATE:
1212 create_disposition = FILE_OVERWRITE;
1213 break;
1214
1215 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1216 create_disposition = FILE_OVERWRITE_IF;
1217 break;
1218
1219 default:
1220 /* From samba4 - to be confirmed. */
1221 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1222 create_disposition = FILE_CREATE;
1223 break;
1224 }
1225 DEBUG(10,("map_open_params_to_ntcreate: bad "
1226 "open_func 0x%x\n", (unsigned int)open_func));
1227 return False;
1228 }
1229
1230 /* Create the NT compatible share modes. */
1231 switch (GET_DENY_MODE(deny_mode)) {
1232 case DENY_ALL:
1233 share_mode = FILE_SHARE_NONE;
1234 break;
1235
1236 case DENY_WRITE:
1237 share_mode = FILE_SHARE_READ;
1238 break;
1239
1240 case DENY_READ:
1241 share_mode = FILE_SHARE_WRITE;
1242 break;
1243
1244 case DENY_NONE:
1245 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1246 break;
1247
1248 case DENY_DOS:
1249 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1250 if (is_executable(fname)) {
1251 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1252 } else {
1253 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1254 share_mode = FILE_SHARE_READ;
1255 } else {
1256 share_mode = FILE_SHARE_NONE;
1257 }
1258 }
1259 break;
1260
1261 case DENY_FCB:
1262 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1263 share_mode = FILE_SHARE_NONE;
1264 break;
1265
1266 default:
1267 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1268 (unsigned int)GET_DENY_MODE(deny_mode) ));
1269 return False;
1270 }
1271
1272 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1273 "share_mode = 0x%x, create_disposition = 0x%x, "
1274 "create_options = 0x%x\n",
1275 fname,
1276 (unsigned int)access_mask,
1277 (unsigned int)share_mode,
1278 (unsigned int)create_disposition,
1279 (unsigned int)create_options ));
1280
1281 if (paccess_mask) {
1282 *paccess_mask = access_mask;
1283 }
1284 if (pshare_mode) {
1285 *pshare_mode = share_mode;
1286 }
1287 if (pcreate_disposition) {
1288 *pcreate_disposition = create_disposition;
1289 }
1290 if (pcreate_options) {
1291 *pcreate_options = create_options;
1292 }
1293
1294 return True;
1295
1296 }
1297
1298 static void schedule_defer_open(struct share_mode_lock *lck,
/* [<][>][^][v][top][bottom][index][help] */
1299 struct timeval request_time,
1300 struct smb_request *req)
1301 {
1302 struct deferred_open_record state;
1303
1304 /* This is a relative time, added to the absolute
1305 request_time value to get the absolute timeout time.
1306 Note that if this is the second or greater time we enter
1307 this codepath for this particular request mid then
1308 request_time is left as the absolute time of the *first*
1309 time this request mid was processed. This is what allows
1310 the request to eventually time out. */
1311
1312 struct timeval timeout;
1313
1314 /* Normally the smbd we asked should respond within
1315 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1316 * the client did, give twice the timeout as a safety
1317 * measure here in case the other smbd is stuck
1318 * somewhere else. */
1319
1320 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1321
1322 /* Nothing actually uses state.delayed_for_oplocks
1323 but it's handy to differentiate in debug messages
1324 between a 30 second delay due to oplock break, and
1325 a 1 second delay for share mode conflicts. */
1326
1327 state.delayed_for_oplocks = True;
1328 state.id = lck->id;
1329
1330 if (!request_timed_out(request_time, timeout)) {
1331 defer_open(lck, request_time, timeout, req, &state);
1332 }
1333 }
1334
1335 /****************************************************************************
1336 Work out what access_mask to use from what the client sent us.
1337 ****************************************************************************/
1338
1339 static NTSTATUS calculate_access_mask(connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
1340 const char *fname,
1341 bool file_existed,
1342 uint32_t access_mask,
1343 uint32_t *access_mask_out)
1344 {
1345 NTSTATUS status;
1346
1347 /*
1348 * Convert GENERIC bits to specific bits.
1349 */
1350
1351 se_map_generic(&access_mask, &file_generic_mapping);
1352
1353 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1354 if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1355 if (file_existed) {
1356
1357 struct security_descriptor *sd;
1358 uint32_t access_granted = 0;
1359
1360 status = SMB_VFS_GET_NT_ACL(conn, fname,
1361 (OWNER_SECURITY_INFORMATION |
1362 GROUP_SECURITY_INFORMATION |
1363 DACL_SECURITY_INFORMATION),&sd);
1364
1365 if (!NT_STATUS_IS_OK(status)) {
1366 DEBUG(10, ("calculate_access_mask: Could not get acl "
1367 "on file %s: %s\n",
1368 fname,
1369 nt_errstr(status)));
1370 return NT_STATUS_ACCESS_DENIED;
1371 }
1372
1373 status = smb1_file_se_access_check(sd,
1374 conn->server_info->ptok,
1375 access_mask,
1376 &access_granted);
1377
1378 TALLOC_FREE(sd);
1379
1380 if (!NT_STATUS_IS_OK(status)) {
1381 DEBUG(10, ("calculate_access_mask: Access denied on "
1382 "file %s: when calculating maximum access\n",
1383 fname));
1384 return NT_STATUS_ACCESS_DENIED;
1385 }
1386
1387 access_mask = access_granted;
1388 } else {
1389 access_mask = FILE_GENERIC_ALL;
1390 }
1391 }
1392
1393 *access_mask_out = access_mask;
1394 return NT_STATUS_OK;
1395 }
1396
1397 /****************************************************************************
1398 Open a file with a share mode. Passed in an already created files_struct *.
1399 ****************************************************************************/
1400
1401 static NTSTATUS open_file_ntcreate(connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
1402 struct smb_request *req,
1403 const char *fname,
1404 SMB_STRUCT_STAT *psbuf,
1405 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1406 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1407 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1408 uint32 create_options, /* options such as delete on close. */
1409 uint32 new_dos_attributes, /* attributes used for new file. */
1410 int oplock_request, /* internal Samba oplock codes. */
1411 /* Information (FILE_EXISTS etc.) */
1412 int *pinfo,
1413 files_struct *fsp)
1414 {
1415 int flags=0;
1416 int flags2=0;
1417 bool file_existed = VALID_STAT(*psbuf);
1418 bool def_acl = False;
1419 bool posix_open = False;
1420 bool new_file_created = False;
1421 bool clear_ads = false;
1422 struct file_id id;
1423 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1424 mode_t new_unx_mode = (mode_t)0;
1425 mode_t unx_mode = (mode_t)0;
1426 int info;
1427 uint32 existing_dos_attributes = 0;
1428 struct pending_message_list *pml = NULL;
1429 struct timeval request_time = timeval_zero();
1430 struct share_mode_lock *lck = NULL;
1431 uint32 open_access_mask = access_mask;
1432 NTSTATUS status;
1433 int ret_flock;
1434 char *parent_dir;
1435 const char *newname;
1436
1437 ZERO_STRUCT(id);
1438
1439 if (conn->printer) {
1440 /*
1441 * Printers are handled completely differently.
1442 * Most of the passed parameters are ignored.
1443 */
1444
1445 if (pinfo) {
1446 *pinfo = FILE_WAS_CREATED;
1447 }
1448
1449 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1450
1451 return print_fsp_open(req, conn, fname, req->vuid, fsp, psbuf);
1452 }
1453
1454 if (!parent_dirname(talloc_tos(), fname, &parent_dir, &newname)) {
1455 return NT_STATUS_NO_MEMORY;
1456 }
1457
1458 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1459 posix_open = True;
1460 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1461 new_dos_attributes = 0;
1462 } else {
1463 /* We add aARCH to this as this mode is only used if the file is
1464 * created new. */
1465 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1466 parent_dir);
1467 }
1468
1469 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1470 "access_mask=0x%x share_access=0x%x "
1471 "create_disposition = 0x%x create_options=0x%x "
1472 "unix mode=0%o oplock_request=%d\n",
1473 fname, new_dos_attributes, access_mask, share_access,
1474 create_disposition, create_options, (unsigned int)unx_mode,
1475 oplock_request));
1476
1477 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1478 DEBUG(0, ("No smb request but not an internal only open!\n"));
1479 return NT_STATUS_INTERNAL_ERROR;
1480 }
1481
1482 /*
1483 * Only non-internal opens can be deferred at all
1484 */
1485
1486 if ((req != NULL)
1487 && ((pml = get_open_deferred_message(req->mid)) != NULL)) {
1488 struct deferred_open_record *state =
1489 (struct deferred_open_record *)pml->private_data.data;
1490
1491 /* Remember the absolute time of the original
1492 request with this mid. We'll use it later to
1493 see if this has timed out. */
1494
1495 request_time = pml->request_time;
1496
1497 /* Remove the deferred open entry under lock. */
1498 lck = get_share_mode_lock(talloc_tos(), state->id, NULL, NULL,
1499 NULL);
1500 if (lck == NULL) {
1501 DEBUG(0, ("could not get share mode lock\n"));
1502 } else {
1503 del_deferred_open_entry(lck, req->mid);
1504 TALLOC_FREE(lck);
1505 }
1506
1507 /* Ensure we don't reprocess this message. */
1508 remove_deferred_open_smb_message(req->mid);
1509 }
1510
1511 status = check_name(conn, fname);
1512 if (!NT_STATUS_IS_OK(status)) {
1513 return status;
1514 }
1515
1516 if (!posix_open) {
1517 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1518 if (file_existed) {
1519 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1520 }
1521 }
1522
1523 /* ignore any oplock requests if oplocks are disabled */
1524 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1525 IS_VETO_OPLOCK_PATH(conn, fname)) {
1526 /* Mask off everything except the private Samba bits. */
1527 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1528 }
1529
1530 /* this is for OS/2 long file names - say we don't support them */
1531 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1532 /* OS/2 Workplace shell fix may be main code stream in a later
1533 * release. */
1534 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1535 "supported.\n"));
1536 if (use_nt_status()) {
1537 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1538 }
1539 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1540 }
1541
1542 switch( create_disposition ) {
1543 /*
1544 * Currently we're using FILE_SUPERSEDE as the same as
1545 * FILE_OVERWRITE_IF but they really are
1546 * different. FILE_SUPERSEDE deletes an existing file
1547 * (requiring delete access) then recreates it.
1548 */
1549 case FILE_SUPERSEDE:
1550 /* If file exists replace/overwrite. If file doesn't
1551 * exist create. */
1552 flags2 |= (O_CREAT | O_TRUNC);
1553 clear_ads = true;
1554 break;
1555
1556 case FILE_OVERWRITE_IF:
1557 /* If file exists replace/overwrite. If file doesn't
1558 * exist create. */
1559 flags2 |= (O_CREAT | O_TRUNC);
1560 clear_ads = true;
1561 break;
1562
1563 case FILE_OPEN:
1564 /* If file exists open. If file doesn't exist error. */
1565 if (!file_existed) {
1566 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1567 "requested for file %s and file "
1568 "doesn't exist.\n", fname ));
1569 errno = ENOENT;
1570 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1571 }
1572 break;
1573
1574 case FILE_OVERWRITE:
1575 /* If file exists overwrite. If file doesn't exist
1576 * error. */
1577 if (!file_existed) {
1578 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1579 "requested for file %s and file "
1580 "doesn't exist.\n", fname ));
1581 errno = ENOENT;
1582 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1583 }
1584 flags2 |= O_TRUNC;
1585 clear_ads = true;
1586 break;
1587
1588 case FILE_CREATE:
1589 /* If file exists error. If file doesn't exist
1590 * create. */
1591 if (file_existed) {
1592 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1593 "requested for file %s and file "
1594 "already exists.\n", fname ));
1595 if (S_ISDIR(psbuf->st_mode)) {
1596 errno = EISDIR;
1597 } else {
1598 errno = EEXIST;
1599 }
1600 return map_nt_error_from_unix(errno);
1601 }
1602 flags2 |= (O_CREAT|O_EXCL);
1603 break;
1604
1605 case FILE_OPEN_IF:
1606 /* If file exists open. If file doesn't exist
1607 * create. */
1608 flags2 |= O_CREAT;
1609 break;
1610
1611 default:
1612 return NT_STATUS_INVALID_PARAMETER;
1613 }
1614
1615 /* We only care about matching attributes on file exists and
1616 * overwrite. */
1617
1618 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1619 (create_disposition == FILE_OVERWRITE_IF))) {
1620 if (!open_match_attributes(conn, fname,
1621 existing_dos_attributes,
1622 new_dos_attributes, psbuf->st_mode,
1623 unx_mode, &new_unx_mode)) {
1624 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1625 "for file %s (%x %x) (0%o, 0%o)\n",
1626 fname, existing_dos_attributes,
1627 new_dos_attributes,
1628 (unsigned int)psbuf->st_mode,
1629 (unsigned int)unx_mode ));
1630 errno = EACCES;
1631 return NT_STATUS_ACCESS_DENIED;
1632 }
1633 }
1634
1635 status = calculate_access_mask(conn, fname, file_existed,
1636 access_mask,
1637 &access_mask);
1638 if (!NT_STATUS_IS_OK(status)) {
1639 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1640 "on file %s returned %s\n",
1641 fname,
1642 nt_errstr(status)));
1643 return status;
1644 }
1645
1646 open_access_mask = access_mask;
1647
1648 if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1649 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1650 }
1651
1652 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1653 "access_mask=0x%x\n", fname, access_mask ));
1654
1655 /*
1656 * Note that we ignore the append flag as append does not
1657 * mean the same thing under DOS and Unix.
1658 */
1659
1660 if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1661 (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1662 /* DENY_DOS opens are always underlying read-write on the
1663 file handle, no matter what the requested access mask
1664 says. */
1665 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1666 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1667 flags = O_RDWR;
1668 } else {
1669 flags = O_WRONLY;
1670 }
1671 } else {
1672 flags = O_RDONLY;
1673 }
1674
1675 /*
1676 * Currently we only look at FILE_WRITE_THROUGH for create options.
1677 */
1678
1679 #if defined(O_SYNC)
1680 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1681 flags2 |= O_SYNC;
1682 }
1683 #endif /* O_SYNC */
1684
1685 if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1686 flags2 |= O_APPEND;
1687 }
1688
1689 if (!posix_open && !CAN_WRITE(conn)) {
1690 /*
1691 * We should really return a permission denied error if either
1692 * O_CREAT or O_TRUNC are set, but for compatibility with
1693 * older versions of Samba we just AND them out.
1694 */
1695 flags2 &= ~(O_CREAT|O_TRUNC);
1696 }
1697
1698 /*
1699 * Ensure we can't write on a read-only share or file.
1700 */
1701
1702 if (flags != O_RDONLY && file_existed &&
1703 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1704 DEBUG(5,("open_file_ntcreate: write access requested for "
1705 "file %s on read only %s\n",
1706 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1707 errno = EACCES;
1708 return NT_STATUS_ACCESS_DENIED;
1709 }
1710
1711 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
1712 fsp->share_access = share_access;
1713 fsp->fh->private_options = create_options;
1714 fsp->access_mask = open_access_mask; /* We change this to the
1715 * requested access_mask after
1716 * the open is done. */
1717 fsp->posix_open = posix_open;
1718
1719 /* Ensure no SAMBA_PRIVATE bits can be set. */
1720 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1721
1722 if (timeval_is_zero(&request_time)) {
1723 request_time = fsp->open_time;
1724 }
1725
1726 if (file_existed) {
1727 struct timespec old_write_time = get_mtimespec(psbuf);
1728 id = vfs_file_id_from_sbuf(conn, psbuf);
1729
1730 lck = get_share_mode_lock(talloc_tos(), id,
1731 conn->connectpath,
1732 fname, &old_write_time);
1733
1734 if (lck == NULL) {
1735 DEBUG(0, ("Could not get share mode lock\n"));
1736 return NT_STATUS_SHARING_VIOLATION;
1737 }
1738
1739 /* First pass - send break only on batch oplocks. */
1740 if ((req != NULL)
1741 && delay_for_oplocks(lck, fsp, req->mid, 1,
1742 oplock_request)) {
1743 schedule_defer_open(lck, request_time, req);
1744 TALLOC_FREE(lck);
1745 return NT_STATUS_SHARING_VIOLATION;
1746 }
1747
1748 /* Use the client requested access mask here, not the one we
1749 * open with. */
1750 status = open_mode_check(conn, fname, lck,
1751 access_mask, share_access,
1752 create_options, &file_existed);
1753
1754 if (NT_STATUS_IS_OK(status)) {
1755 /* We might be going to allow this open. Check oplock
1756 * status again. */
1757 /* Second pass - send break for both batch or
1758 * exclusive oplocks. */
1759 if ((req != NULL)
1760 && delay_for_oplocks(lck, fsp, req->mid, 2,
1761 oplock_request)) {
1762 schedule_defer_open(lck, request_time, req);
1763 TALLOC_FREE(lck);
1764 return NT_STATUS_SHARING_VIOLATION;
1765 }
1766 }
1767
1768 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1769 /* DELETE_PENDING is not deferred for a second */
1770 TALLOC_FREE(lck);
1771 return status;
1772 }
1773
1774 if (!NT_STATUS_IS_OK(status)) {
1775 uint32 can_access_mask;
1776 bool can_access = True;
1777
1778 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1779
1780 /* Check if this can be done with the deny_dos and fcb
1781 * calls. */
1782 if (create_options &
1783 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1784 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1785 if (req == NULL) {
1786 DEBUG(0, ("DOS open without an SMB "
1787 "request!\n"));
1788 TALLOC_FREE(lck);
1789 return NT_STATUS_INTERNAL_ERROR;
1790 }
1791
1792 /* Use the client requested access mask here,
1793 * not the one we open with. */
1794 status = fcb_or_dos_open(req,
1795 conn,
1796 fsp,
1797 fname,
1798 id,
1799 req->smbpid,
1800 req->vuid,
1801 access_mask,
1802 share_access,
1803 create_options);
1804
1805 if (NT_STATUS_IS_OK(status)) {
1806 TALLOC_FREE(lck);
1807 if (pinfo) {
1808 *pinfo = FILE_WAS_OPENED;
1809 }
1810 return NT_STATUS_OK;
1811 }
1812 }
1813
1814 /*
1815 * This next line is a subtlety we need for
1816 * MS-Access. If a file open will fail due to share
1817 * permissions and also for security (access) reasons,
1818 * we need to return the access failed error, not the
1819 * share error. We can't open the file due to kernel
1820 * oplock deadlock (it's possible we failed above on
1821 * the open_mode_check()) so use a userspace check.
1822 */
1823
1824 if (flags & O_RDWR) {
1825 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1826 } else if (flags & O_WRONLY) {
1827 can_access_mask = FILE_WRITE_DATA;
1828 } else {
1829 can_access_mask = FILE_READ_DATA;
1830 }
1831
1832 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1833 !can_access_file_data(conn,fname,psbuf,can_access_mask)) {
1834 can_access = False;
1835 }
1836
1837 /*
1838 * If we're returning a share violation, ensure we
1839 * cope with the braindead 1 second delay.
1840 */
1841
1842 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1843 lp_defer_sharing_violations()) {
1844 struct timeval timeout;
1845 struct deferred_open_record state;
1846 int timeout_usecs;
1847
1848 /* this is a hack to speed up torture tests
1849 in 'make test' */
1850 timeout_usecs = lp_parm_int(SNUM(conn),
1851 "smbd","sharedelay",
1852 SHARING_VIOLATION_USEC_WAIT);
1853
1854 /* This is a relative time, added to the absolute
1855 request_time value to get the absolute timeout time.
1856 Note that if this is the second or greater time we enter
1857 this codepath for this particular request mid then
1858 request_time is left as the absolute time of the *first*
1859 time this request mid was processed. This is what allows
1860 the request to eventually time out. */
1861
1862 timeout = timeval_set(0, timeout_usecs);
1863
1864 /* Nothing actually uses state.delayed_for_oplocks
1865 but it's handy to differentiate in debug messages
1866 between a 30 second delay due to oplock break, and
1867 a 1 second delay for share mode conflicts. */
1868
1869 state.delayed_for_oplocks = False;
1870 state.id = id;
1871
1872 if ((req != NULL)
1873 && !request_timed_out(request_time,
1874 timeout)) {
1875 defer_open(lck, request_time, timeout,
1876 req, &state);
1877 }
1878 }
1879
1880 TALLOC_FREE(lck);
1881 if (can_access) {
1882 /*
1883 * We have detected a sharing violation here
1884 * so return the correct error code
1885 */
1886 status = NT_STATUS_SHARING_VIOLATION;
1887 } else {
1888 status = NT_STATUS_ACCESS_DENIED;
1889 }
1890 return status;
1891 }
1892
1893 /*
1894 * We exit this block with the share entry *locked*.....
1895 */
1896 }
1897
1898 SMB_ASSERT(!file_existed || (lck != NULL));
1899
1900 /*
1901 * Ensure we pay attention to default ACLs on directories if required.
1902 */
1903
1904 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1905 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1906 unx_mode = 0777;
1907 }
1908
1909 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1910 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1911 (unsigned int)flags, (unsigned int)flags2,
1912 (unsigned int)unx_mode, (unsigned int)access_mask,
1913 (unsigned int)open_access_mask));
1914
1915 /*
1916 * open_file strips any O_TRUNC flags itself.
1917 */
1918
1919 fsp_open = open_file(fsp, conn, req, parent_dir, newname, fname, psbuf,
1920 flags|flags2, unx_mode, access_mask,
1921 open_access_mask);
1922
1923 if (!NT_STATUS_IS_OK(fsp_open)) {
1924 if (lck != NULL) {
1925 TALLOC_FREE(lck);
1926 }
1927 return fsp_open;
1928 }
1929
1930 if (!file_existed) {
1931 struct timespec old_write_time = get_mtimespec(psbuf);
1932 /*
1933 * Deal with the race condition where two smbd's detect the
1934 * file doesn't exist and do the create at the same time. One
1935 * of them will win and set a share mode, the other (ie. this
1936 * one) should check if the requested share mode for this
1937 * create is allowed.
1938 */
1939
1940 /*
1941 * Now the file exists and fsp is successfully opened,
1942 * fsp->dev and fsp->inode are valid and should replace the
1943 * dev=0,inode=0 from a non existent file. Spotted by
1944 * Nadav Danieli <nadavd@exanet.com>. JRA.
1945 */
1946
1947 id = fsp->file_id;
1948
1949 lck = get_share_mode_lock(talloc_tos(), id,
1950 conn->connectpath,
1951 fname, &old_write_time);
1952
1953 if (lck == NULL) {
1954 DEBUG(0, ("open_file_ntcreate: Could not get share "
1955 "mode lock for %s\n", fname));
1956 fd_close(fsp);
1957 return NT_STATUS_SHARING_VIOLATION;
1958 }
1959
1960 /* First pass - send break only on batch oplocks. */
1961 if ((req != NULL)
1962 && delay_for_oplocks(lck, fsp, req->mid, 1,
1963 oplock_request)) {
1964 schedule_defer_open(lck, request_time, req);
1965 TALLOC_FREE(lck);
1966 fd_close(fsp);
1967 return NT_STATUS_SHARING_VIOLATION;
1968 }
1969
1970 status = open_mode_check(conn, fname, lck,
1971 access_mask, share_access,
1972 create_options, &file_existed);
1973
1974 if (NT_STATUS_IS_OK(status)) {
1975 /* We might be going to allow this open. Check oplock
1976 * status again. */
1977 /* Second pass - send break for both batch or
1978 * exclusive oplocks. */
1979 if ((req != NULL)
1980 && delay_for_oplocks(lck, fsp, req->mid, 2,
1981 oplock_request)) {
1982 schedule_defer_open(lck, request_time, req);
1983 TALLOC_FREE(lck);
1984 fd_close(fsp);
1985 return NT_STATUS_SHARING_VIOLATION;
1986 }
1987 }
1988
1989 if (!NT_STATUS_IS_OK(status)) {
1990 struct deferred_open_record state;
1991
1992 fd_close(fsp);
1993
1994 state.delayed_for_oplocks = False;
1995 state.id = id;
1996
1997 /* Do it all over again immediately. In the second
1998 * round we will find that the file existed and handle
1999 * the DELETE_PENDING and FCB cases correctly. No need
2000 * to duplicate the code here. Essentially this is a
2001 * "goto top of this function", but don't tell
2002 * anybody... */
2003
2004 if (req != NULL) {
2005 defer_open(lck, request_time, timeval_zero(),
2006 req, &state);
2007 }
2008 TALLOC_FREE(lck);
2009 return status;
2010 }
2011
2012 /*
2013 * We exit this block with the share entry *locked*.....
2014 */
2015
2016 }
2017
2018 SMB_ASSERT(lck != NULL);
2019
2020 /* Delete streams if create_disposition requires it */
2021 if (file_existed && clear_ads && !is_ntfs_stream_name(fname)) {
2022 status = delete_all_streams(conn, fname);
2023 if (!NT_STATUS_IS_OK(status)) {
2024 TALLOC_FREE(lck);
2025 fd_close(fsp);
2026 return status;
2027 }
2028 }
2029
2030 /* note that we ignore failure for the following. It is
2031 basically a hack for NFS, and NFS will never set one of
2032 these only read them. Nobody but Samba can ever set a deny
2033 mode and we have already checked our more authoritative
2034 locking database for permission to set this deny mode. If
2035 the kernel refuses the operations then the kernel is wrong.
2036 note that GPFS supports it as well - jmcd */
2037
2038 if (fsp->fh->fd != -1) {
2039 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access);
2040 if(ret_flock == -1 ){
2041
2042 TALLOC_FREE(lck);
2043 fd_close(fsp);
2044
2045 return NT_STATUS_SHARING_VIOLATION;
2046 }
2047 }
2048
2049 /*
2050 * At this point onwards, we can guarentee that the share entry
2051 * is locked, whether we created the file or not, and that the
2052 * deny mode is compatible with all current opens.
2053 */
2054
2055 /*
2056 * If requested, truncate the file.
2057 */
2058
2059 if (flags2&O_TRUNC) {
2060 /*
2061 * We are modifing the file after open - update the stat
2062 * struct..
2063 */
2064 if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2065 (SMB_VFS_FSTAT(fsp, psbuf)==-1)) {
2066 status = map_nt_error_from_unix(errno);
2067 TALLOC_FREE(lck);
2068 fd_close(fsp);
2069 return status;
2070 }
2071 }
2072
2073 /* Record the options we were opened with. */
2074 fsp->share_access = share_access;
2075 fsp->fh->private_options = create_options;
2076 /*
2077 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2078 */
2079 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2080
2081 if (file_existed) {
2082 /* stat opens on existing files don't get oplocks. */
2083 if (is_stat_open(open_access_mask)) {
2084 fsp->oplock_type = NO_OPLOCK;
2085 }
2086
2087 if (!(flags2 & O_TRUNC)) {
2088 info = FILE_WAS_OPENED;
2089 } else {
2090 info = FILE_WAS_OVERWRITTEN;
2091 }
2092 } else {
2093 info = FILE_WAS_CREATED;
2094 }
2095
2096 if (pinfo) {
2097 *pinfo = info;
2098 }
2099
2100 /*
2101 * Setup the oplock info in both the shared memory and
2102 * file structs.
2103 */
2104
2105 if (!set_file_oplock(fsp, fsp->oplock_type)) {
2106 /* Could not get the kernel oplock */
2107 fsp->oplock_type = NO_OPLOCK;
2108 }
2109
2110 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2111 new_file_created = True;
2112 }
2113
2114 set_share_mode(lck, fsp, conn->server_info->utok.uid, 0,
2115 fsp->oplock_type);
2116
2117 /* Handle strange delete on close create semantics. */
2118 if (create_options & FILE_DELETE_ON_CLOSE) {
2119
2120 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
2121
2122 if (!NT_STATUS_IS_OK(status)) {
2123 /* Remember to delete the mode we just added. */
2124 del_share_mode(lck, fsp);
2125 TALLOC_FREE(lck);
2126 fd_close(fsp);
2127 return status;
2128 }
2129 /* Note that here we set the *inital* delete on close flag,
2130 not the regular one. The magic gets handled in close. */
2131 fsp->initial_delete_on_close = True;
2132 }
2133
2134 if (new_file_created) {
2135 /* Files should be initially set as archive */
2136 if (lp_map_archive(SNUM(conn)) ||
2137 lp_store_dos_attributes(SNUM(conn))) {
2138 if (!posix_open) {
2139 SMB_STRUCT_STAT tmp_sbuf;
2140 SET_STAT_INVALID(tmp_sbuf);
2141 if (file_set_dosmode(
2142 conn, fname,
2143 new_dos_attributes | aARCH,
2144 &tmp_sbuf, parent_dir,
2145 true) == 0) {
2146 unx_mode = tmp_sbuf.st_mode;
2147 }
2148 }
2149 }
2150 }
2151
2152 /*
2153 * Take care of inherited ACLs on created files - if default ACL not
2154 * selected.
2155 */
2156
2157 if (!posix_open && !file_existed && !def_acl) {
2158
2159 int saved_errno = errno; /* We might get ENOSYS in the next
2160 * call.. */
2161
2162 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2163 errno == ENOSYS) {
2164 errno = saved_errno; /* Ignore ENOSYS */
2165 }
2166
2167 } else if (new_unx_mode) {
2168
2169 int ret = -1;
2170
2171 /* Attributes need changing. File already existed. */
2172
2173 {
2174 int saved_errno = errno; /* We might get ENOSYS in the
2175 * next call.. */
2176 ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2177
2178 if (ret == -1 && errno == ENOSYS) {
2179 errno = saved_errno; /* Ignore ENOSYS */
2180 } else {
2181 DEBUG(5, ("open_file_ntcreate: reset "
2182 "attributes of file %s to 0%o\n",
2183 fname, (unsigned int)new_unx_mode));
2184 ret = 0; /* Don't do the fchmod below. */
2185 }
2186 }
2187
2188 if ((ret == -1) &&
2189 (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2190 DEBUG(5, ("open_file_ntcreate: failed to reset "
2191 "attributes of file %s to 0%o\n",
2192 fname, (unsigned int)new_unx_mode));
2193 }
2194
2195 /* If this is a successful open, we must remove any deferred open
2196 * records. */
2197 if (req != NULL) {
2198 del_deferred_open_entry(lck, req->mid);
2199 }
2200 TALLOC_FREE(lck);
2201
2202 return NT_STATUS_OK;
2203 }
2204
2205
2206 /****************************************************************************
2207 Open a file for for write to ensure that we can fchmod it.
2208 ****************************************************************************/
2209
2210 NTSTATUS open_file_fchmod(struct smb_request *req, connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
2211 const char *fname,
2212 SMB_STRUCT_STAT *psbuf, files_struct **result)
2213 {
2214 files_struct *fsp = NULL;
2215 NTSTATUS status;
2216
2217 if (!VALID_STAT(*psbuf)) {
2218 return NT_STATUS_INVALID_PARAMETER;
2219 }
2220
2221 status = file_new(req, conn, &fsp);
2222 if(!NT_STATUS_IS_OK(status)) {
2223 return status;
2224 }
2225
2226 status = SMB_VFS_CREATE_FILE(
2227 conn, /* conn */
2228 NULL, /* req */
2229 0, /* root_dir_fid */
2230 fname, /* fname */
2231 0, /* create_file_flags */
2232 FILE_WRITE_DATA, /* access_mask */
2233 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
2234 FILE_SHARE_DELETE),
2235 FILE_OPEN, /* create_disposition*/
2236 0, /* create_options */
2237 0, /* file_attributes */
2238 0, /* oplock_request */
2239 0, /* allocation_size */
2240 NULL, /* sd */
2241 NULL, /* ea_list */
2242 &fsp, /* result */
2243 NULL, /* pinfo */
2244 psbuf); /* psbuf */
2245
2246 /*
2247 * This is not a user visible file open.
2248 * Don't set a share mode.
2249 */
2250
2251 if (!NT_STATUS_IS_OK(status)) {
2252 file_free(req, fsp);
2253 return status;
2254 }
2255
2256 *result = fsp;
2257 return NT_STATUS_OK;
2258 }
2259
2260 /****************************************************************************
2261 Close the fchmod file fd - ensure no locks are lost.
2262 ****************************************************************************/
2263
2264 NTSTATUS close_file_fchmod(struct smb_request *req, files_struct *fsp)
/* [<][>][^][v][top][bottom][index][help] */
2265 {
2266 NTSTATUS status = fd_close(fsp);
2267 file_free(req, fsp);
2268 return status;
2269 }
2270
2271 static NTSTATUS mkdir_internal(connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
2272 const char *name,
2273 uint32 file_attributes,
2274 SMB_STRUCT_STAT *psbuf)
2275 {
2276 mode_t mode;
2277 char *parent_dir;
2278 const char *dirname;
2279 NTSTATUS status;
2280 bool posix_open = false;
2281
2282 if(!CAN_WRITE(conn)) {
2283 DEBUG(5,("mkdir_internal: failing create on read-only share "
2284 "%s\n", lp_servicename(SNUM(conn))));
2285 return NT_STATUS_ACCESS_DENIED;
2286 }
2287
2288 status = check_name(conn, name);
2289 if (!NT_STATUS_IS_OK(status)) {
2290 return status;
2291 }
2292
2293 if (!parent_dirname(talloc_tos(), name, &parent_dir, &dirname)) {
2294 return NT_STATUS_NO_MEMORY;
2295 }
2296
2297 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2298 posix_open = true;
2299 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2300 } else {
2301 mode = unix_mode(conn, aDIR, name, parent_dir);
2302 }
2303
2304 if (SMB_VFS_MKDIR(conn, name, mode) != 0) {
2305 return map_nt_error_from_unix(errno);
2306 }
2307
2308 /* Ensure we're checking for a symlink here.... */
2309 /* We don't want to get caught by a symlink racer. */
2310
2311 if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
2312 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2313 name, strerror(errno)));
2314 return map_nt_error_from_unix(errno);
2315 }
2316
2317 if (!S_ISDIR(psbuf->st_mode)) {
2318 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2319 name));
2320 return NT_STATUS_ACCESS_DENIED;
2321 }
2322
2323 if (lp_store_dos_attributes(SNUM(conn))) {
2324 if (!posix_open) {
2325 file_set_dosmode(conn, name,
2326 file_attributes | aDIR, NULL,
2327 parent_dir,
2328 true);
2329 }
2330 }
2331
2332 if (lp_inherit_perms(SNUM(conn))) {
2333 inherit_access_posix_acl(conn, parent_dir, name, mode);
2334 }
2335
2336 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
2337 /*
2338 * Check if high bits should have been set,
2339 * then (if bits are missing): add them.
2340 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2341 * dir.
2342 */
2343 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
2344 SMB_VFS_CHMOD(conn, name,
2345 psbuf->st_mode | (mode & ~psbuf->st_mode));
2346 }
2347 }
2348
2349 /* Change the owner if required. */
2350 if (lp_inherit_owner(SNUM(conn))) {
2351 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
2352 }
2353
2354 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2355 name);
2356
2357 return NT_STATUS_OK;
2358 }
2359
2360 /****************************************************************************
2361 Open a directory from an NT SMB call.
2362 ****************************************************************************/
2363
2364 static NTSTATUS open_directory(connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
2365 struct smb_request *req,
2366 const char *fname,
2367 SMB_STRUCT_STAT *psbuf,
2368 uint32 access_mask,
2369 uint32 share_access,
2370 uint32 create_disposition,
2371 uint32 create_options,
2372 uint32 file_attributes,
2373 int *pinfo,
2374 files_struct **result)
2375 {
2376 files_struct *fsp = NULL;
2377 bool dir_existed = VALID_STAT(*psbuf) ? True : False;
2378 struct share_mode_lock *lck = NULL;
2379 NTSTATUS status;
2380 struct timespec mtimespec;
2381 int info = 0;
2382
2383 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2384 "share_access = 0x%x create_options = 0x%x, "
2385 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2386 fname,
2387 (unsigned int)access_mask,
2388 (unsigned int)share_access,
2389 (unsigned int)create_options,
2390 (unsigned int)create_disposition,
2391 (unsigned int)file_attributes));
2392
2393 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2394 (conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2395 is_ntfs_stream_name(fname)) {
2396 DEBUG(2, ("open_directory: %s is a stream name!\n", fname));
2397 return NT_STATUS_NOT_A_DIRECTORY;
2398 }
2399
2400 status = calculate_access_mask(conn, fname, dir_existed,
2401 access_mask,
2402 &access_mask);
2403 if (!NT_STATUS_IS_OK(status)) {
2404 DEBUG(10, ("open_directory: calculate_access_mask "
2405 "on file %s returned %s\n",
2406 fname,
2407 nt_errstr(status)));
2408 return status;
2409 }
2410
2411 /* We need to support SeSecurityPrivilege for this. */
2412 if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
2413 DEBUG(10, ("open_directory: open on %s "
2414 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2415 fname));
2416 return NT_STATUS_PRIVILEGE_NOT_HELD;
2417 }
2418
2419 switch( create_disposition ) {
2420 case FILE_OPEN:
2421
2422 info = FILE_WAS_OPENED;
2423
2424 /*
2425 * We want to follow symlinks here.
2426 */
2427
2428 if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
2429 return map_nt_error_from_unix(errno);
2430 }
2431
2432 break;
2433
2434 case FILE_CREATE:
2435
2436 /* If directory exists error. If directory doesn't
2437 * exist create. */
2438
2439 status = mkdir_internal(conn,
2440 fname,
2441 file_attributes,
2442 psbuf);
2443
2444 if (!NT_STATUS_IS_OK(status)) {
2445 DEBUG(2, ("open_directory: unable to create "
2446 "%s. Error was %s\n", fname,
2447 nt_errstr(status)));
2448 return status;
2449 }
2450
2451 info = FILE_WAS_CREATED;
2452 break;
2453
2454 case FILE_OPEN_IF:
2455 /*
2456 * If directory exists open. If directory doesn't
2457 * exist create.
2458 */
2459
2460 status = mkdir_internal(conn,
2461 fname,
2462 file_attributes,
2463 psbuf);
2464
2465 if (NT_STATUS_IS_OK(status)) {
2466 info = FILE_WAS_CREATED;
2467 }
2468
2469 if (NT_STATUS_EQUAL(status,
2470 NT_STATUS_OBJECT_NAME_COLLISION)) {
2471 info = FILE_WAS_OPENED;
2472 status = NT_STATUS_OK;
2473 }
2474
2475 break;
2476
2477 case FILE_SUPERSEDE:
2478 case FILE_OVERWRITE:
2479 case FILE_OVERWRITE_IF:
2480 default:
2481 DEBUG(5,("open_directory: invalid create_disposition "
2482 "0x%x for directory %s\n",
2483 (unsigned int)create_disposition, fname));
2484 return NT_STATUS_INVALID_PARAMETER;
2485 }
2486
2487 if(!S_ISDIR(psbuf->st_mode)) {
2488 DEBUG(5,("open_directory: %s is not a directory !\n",
2489 fname ));
2490 return NT_STATUS_NOT_A_DIRECTORY;
2491 }
2492
2493 if (info == FILE_WAS_OPENED) {
2494 uint32_t access_granted = 0;
2495 status = check_open_rights(conn,
2496 fname,
2497 access_mask,
2498 &access_granted);
2499
2500 /* Were we trying to do a directory open
2501 * for delete and didn't get DELETE
2502 * access (only) ? Check if the
2503 * directory allows DELETE_CHILD.
2504 * See here:
2505 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2506 * for details. */
2507
2508 if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2509 (access_mask & DELETE_ACCESS) &&
2510 (access_granted == DELETE_ACCESS) &&
2511 can_delete_file_in_directory(conn, fname))) {
2512 DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2513 "on directory %s\n",
2514 fname ));
2515 status = NT_STATUS_OK;
2516 }
2517
2518 if (!NT_STATUS_IS_OK(status)) {
2519 DEBUG(10, ("open_directory: check_open_rights on "
2520 "file %s failed with %s\n",
2521 fname,
2522 nt_errstr(status)));
2523 return status;
2524 }
2525 }
2526
2527 status = file_new(req, conn, &fsp);
2528 if(!NT_STATUS_IS_OK(status)) {
2529 return status;
2530 }
2531
2532 /*
2533 * Setup the files_struct for it.
2534 */
2535
2536 fsp->mode = psbuf->st_mode;
2537 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
2538 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2539 fsp->file_pid = req ? req->smbpid : 0;
2540 fsp->can_lock = False;
2541 fsp->can_read = False;
2542 fsp->can_write = False;
2543
2544 fsp->share_access = share_access;
2545 fsp->fh->private_options = create_options;
2546 /*
2547 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2548 */
2549 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2550 fsp->print_file = False;
2551 fsp->modified = False;
2552 fsp->oplock_type = NO_OPLOCK;
2553 fsp->sent_oplock_break = NO_BREAK_SENT;
2554 fsp->is_directory = True;
2555 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2556
2557 string_set(&fsp->fsp_name,fname);
2558
2559 mtimespec = get_mtimespec(psbuf);
2560
2561 lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2562 conn->connectpath,
2563 fname, &mtimespec);
2564
2565 if (lck == NULL) {
2566 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2567 file_free(req, fsp);
2568 return NT_STATUS_SHARING_VIOLATION;
2569 }
2570
2571 status = open_mode_check(conn, fname, lck,
2572 access_mask, share_access,
2573 create_options, &dir_existed);
2574
2575 if (!NT_STATUS_IS_OK(status)) {
2576 TALLOC_FREE(lck);
2577 file_free(req, fsp);
2578 return status;
2579 }
2580
2581 set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK);
2582
2583 /* For directories the delete on close bit at open time seems
2584 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2585 if (create_options & FILE_DELETE_ON_CLOSE) {
2586 status = can_set_delete_on_close(fsp, True, 0);
2587 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2588 TALLOC_FREE(lck);
2589 file_free(req, fsp);
2590 return status;
2591 }
2592
2593 if (NT_STATUS_IS_OK(status)) {
2594 /* Note that here we set the *inital* delete on close flag,
2595 not the regular one. The magic gets handled in close. */
2596 fsp->initial_delete_on_close = True;
2597 }
2598 }
2599
2600 TALLOC_FREE(lck);
2601
2602 if (pinfo) {
2603 *pinfo = info;
2604 }
2605
2606 *result = fsp;
2607 return NT_STATUS_OK;
2608 }
2609
2610 NTSTATUS create_directory(connection_struct *conn, struct smb_request *req, const char *directory)
/* [<][>][^][v][top][bottom][index][help] */
2611 {
2612 NTSTATUS status;
2613 SMB_STRUCT_STAT sbuf;
2614 files_struct *fsp;
2615
2616 SET_STAT_INVALID(sbuf);
2617
2618 status = SMB_VFS_CREATE_FILE(
2619 conn, /* conn */
2620 req, /* req */
2621 0, /* root_dir_fid */
2622 directory, /* fname */
2623 0, /* create_file_flags */
2624 FILE_READ_ATTRIBUTES, /* access_mask */
2625 FILE_SHARE_NONE, /* share_access */
2626 FILE_CREATE, /* create_disposition*/
2627 FILE_DIRECTORY_FILE, /* create_options */
2628 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
2629 0, /* oplock_request */
2630 0, /* allocation_size */
2631 NULL, /* sd */
2632 NULL, /* ea_list */
2633 &fsp, /* result */
2634 NULL, /* pinfo */
2635 &sbuf); /* psbuf */
2636
2637 if (NT_STATUS_IS_OK(status)) {
2638 close_file(req, fsp, NORMAL_CLOSE);
2639 }
2640
2641 return status;
2642 }
2643
2644 /****************************************************************************
2645 Receive notification that one of our open files has been renamed by another
2646 smbd process.
2647 ****************************************************************************/
2648
2649 void msg_file_was_renamed(struct messaging_context *msg,
/* [<][>][^][v][top][bottom][index][help] */
2650 void *private_data,
2651 uint32_t msg_type,
2652 struct server_id server_id,
2653 DATA_BLOB *data)
2654 {
2655 files_struct *fsp;
2656 char *frm = (char *)data->data;
2657 struct file_id id;
2658 const char *sharepath;
2659 const char *newname;
2660 size_t sp_len;
2661
2662 if (data->data == NULL
2663 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2664 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2665 (int)data->length));
2666 return;
2667 }
2668
2669 /* Unpack the message. */
2670 pull_file_id_24(frm, &id);
2671 sharepath = &frm[24];
2672 newname = sharepath + strlen(sharepath) + 1;
2673 sp_len = strlen(sharepath);
2674
2675 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2676 "file_id %s\n",
2677 sharepath, newname, file_id_string_tos(&id)));
2678
2679 for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) {
2680 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2681 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2682 fsp->fnum, fsp->fsp_name, newname ));
2683 string_set(&fsp->fsp_name, newname);
2684 } else {
2685 /* TODO. JRA. */
2686 /* Now we have the complete path we can work out if this is
2687 actually within this share and adjust newname accordingly. */
2688 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2689 "not sharepath %s) "
2690 "fnum %d from %s -> %s\n",
2691 fsp->conn->connectpath,
2692 sharepath,
2693 fsp->fnum,
2694 fsp->fsp_name,
2695 newname ));
2696 }
2697 }
2698 }
2699
2700 struct case_semantics_state {
2701 connection_struct *conn;
2702 bool case_sensitive;
2703 bool case_preserve;
2704 bool short_case_preserve;
2705 };
2706
2707 /****************************************************************************
2708 Restore case semantics.
2709 ****************************************************************************/
2710 static int restore_case_semantics(struct case_semantics_state *state)
/* [<][>][^][v][top][bottom][index][help] */
2711 {
2712 state->conn->case_sensitive = state->case_sensitive;
2713 state->conn->case_preserve = state->case_preserve;
2714 state->conn->short_case_preserve = state->short_case_preserve;
2715 return 0;
2716 }
2717
2718 /****************************************************************************
2719 Save case semantics.
2720 ****************************************************************************/
2721 struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx,
/* [<][>][^][v][top][bottom][index][help] */
2722 connection_struct *conn)
2723 {
2724 struct case_semantics_state *result;
2725
2726 if (!(result = talloc(mem_ctx, struct case_semantics_state))) {
2727 DEBUG(0, ("talloc failed\n"));
2728 return NULL;
2729 }
2730
2731 result->conn = conn;
2732 result->case_sensitive = conn->case_sensitive;
2733 result->case_preserve = conn->case_preserve;
2734 result->short_case_preserve = conn->short_case_preserve;
2735
2736 /* Set to POSIX. */
2737 conn->case_sensitive = True;
2738 conn->case_preserve = True;
2739 conn->short_case_preserve = True;
2740
2741 talloc_set_destructor(result, restore_case_semantics);
2742
2743 return result;
2744 }
2745
2746 /*
2747 * If a main file is opened for delete, all streams need to be checked for
2748 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2749 * If that works, delete them all by setting the delete on close and close.
2750 */
2751
2752 NTSTATUS open_streams_for_delete(connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
2753 const char *fname)
2754 {
2755 struct stream_struct *stream_info;
2756 files_struct **streams;
2757 int i;
2758 unsigned int num_streams;
2759 TALLOC_CTX *frame = talloc_stackframe();
2760 NTSTATUS status;
2761
2762 status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2763 &num_streams, &stream_info);
2764
2765 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2766 || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2767 DEBUG(10, ("no streams around\n"));
2768 TALLOC_FREE(frame);
2769 return NT_STATUS_OK;
2770 }
2771
2772 if (!NT_STATUS_IS_OK(status)) {
2773 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2774 nt_errstr(status)));
2775 goto fail;
2776 }
2777
2778 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2779 num_streams));
2780
2781 if (num_streams == 0) {
2782 TALLOC_FREE(frame);
2783 return NT_STATUS_OK;
2784 }
2785
2786 streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2787 if (streams == NULL) {
2788 DEBUG(0, ("talloc failed\n"));
2789 status = NT_STATUS_NO_MEMORY;
2790 goto fail;
2791 }
2792
2793 for (i=0; i<num_streams; i++) {
2794 char *streamname;
2795
2796 if (strequal(stream_info[i].name, "::$DATA")) {
2797 streams[i] = NULL;
2798 continue;
2799 }
2800
2801 streamname = talloc_asprintf(talloc_tos(), "%s%s", fname,
2802 stream_info[i].name);
2803
2804 if (streamname == NULL) {
2805 DEBUG(0, ("talloc_aprintf failed\n"));
2806 status = NT_STATUS_NO_MEMORY;
2807 goto fail;
2808 }
2809
2810 status = SMB_VFS_CREATE_FILE(
2811 conn, /* conn */
2812 NULL, /* req */
2813 0, /* root_dir_fid */
2814 streamname, /* fname */
2815 0, /* create_file_flags */
2816 DELETE_ACCESS, /* access_mask */
2817 (FILE_SHARE_READ | /* share_access */
2818 FILE_SHARE_WRITE | FILE_SHARE_DELETE),
2819 FILE_OPEN, /* create_disposition*/
2820 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* create_options */
2821 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2822 0, /* oplock_request */
2823 0, /* allocation_size */
2824 NULL, /* sd */
2825 NULL, /* ea_list */
2826 &streams[i], /* result */
2827 NULL, /* pinfo */
2828 NULL); /* psbuf */
2829
2830 TALLOC_FREE(streamname);
2831
2832 if (!NT_STATUS_IS_OK(status)) {
2833 DEBUG(10, ("Could not open stream %s: %s\n",
2834 streamname, nt_errstr(status)));
2835 break;
2836 }
2837 }
2838
2839 /*
2840 * don't touch the variable "status" beyond this point :-)
2841 */
2842
2843 for (i -= 1 ; i >= 0; i--) {
2844 if (streams[i] == NULL) {
2845 continue;
2846 }
2847
2848 DEBUG(10, ("Closing stream # %d, %s\n", i,
2849 streams[i]->fsp_name));
2850 close_file(NULL, streams[i], NORMAL_CLOSE);
2851 }
2852
2853 fail:
2854 TALLOC_FREE(frame);
2855 return status;
2856 }
2857
2858 /*
2859 * Wrapper around open_file_ntcreate and open_directory
2860 */
2861
2862 static NTSTATUS create_file_unixpath(connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
2863 struct smb_request *req,
2864 const char *fname,
2865 uint32_t access_mask,
2866 uint32_t share_access,
2867 uint32_t create_disposition,
2868 uint32_t create_options,
2869 uint32_t file_attributes,
2870 uint32_t oplock_request,
2871 uint64_t allocation_size,
2872 struct security_descriptor *sd,
2873 struct ea_list *ea_list,
2874
2875 files_struct **result,
2876 int *pinfo,
2877 SMB_STRUCT_STAT *psbuf)
2878 {
2879 SMB_STRUCT_STAT sbuf;
2880 int info = FILE_WAS_OPENED;
2881 files_struct *base_fsp = NULL;
2882 files_struct *fsp = NULL;
2883 NTSTATUS status;
2884
2885 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2886 "file_attributes = 0x%x, share_access = 0x%x, "
2887 "create_disposition = 0x%x create_options = 0x%x "
2888 "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, "
2889 "fname = %s\n",
2890 (unsigned int)access_mask,
2891 (unsigned int)file_attributes,
2892 (unsigned int)share_access,
2893 (unsigned int)create_disposition,
2894 (unsigned int)create_options,
2895 (unsigned int)oplock_request,
2896 ea_list, sd, fname));
2897
2898 if (create_options & FILE_OPEN_BY_FILE_ID) {
2899 status = NT_STATUS_NOT_SUPPORTED;
2900 goto fail;
2901 }
2902
2903 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
2904 status = NT_STATUS_INVALID_PARAMETER;
2905 goto fail;
2906 }
2907
2908 if (req == NULL) {
2909 oplock_request |= INTERNAL_OPEN_ONLY;
2910 }
2911
2912 if (psbuf != NULL) {
2913 sbuf = *psbuf;
2914 }
2915 else {
2916 if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) {
2917 SET_STAT_INVALID(sbuf);
2918 }
2919 }
2920
2921 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2922 && (access_mask & DELETE_ACCESS)
2923 && !is_ntfs_stream_name(fname)) {
2924 /*
2925 * We can't open a file with DELETE access if any of the
2926 * streams is open without FILE_SHARE_DELETE
2927 */
2928 status = open_streams_for_delete(conn, fname);
2929
2930 if (!NT_STATUS_IS_OK(status)) {
2931 goto fail;
2932 }
2933 }
2934
2935 /* This is the correct thing to do (check every time) but can_delete
2936 * is expensive (it may have to read the parent directory
2937 * permissions). So for now we're not doing it unless we have a strong
2938 * hint the client is really going to delete this file. If the client
2939 * is forcing FILE_CREATE let the filesystem take care of the
2940 * permissions. */
2941
2942 /* Setting FILE_SHARE_DELETE is the hint. */
2943
2944 if (lp_acl_check_permissions(SNUM(conn))
2945 && (create_disposition != FILE_CREATE)
2946 && (share_access & FILE_SHARE_DELETE)
2947 && (access_mask & DELETE_ACCESS)
2948 && (!(can_delete_file_in_directory(conn, fname) ||
2949 can_access_file_acl(conn, fname, DELETE_ACCESS)))) {
2950 status = NT_STATUS_ACCESS_DENIED;
2951 DEBUG(10,("create_file_unixpath: open file %s "
2952 "for delete ACCESS_DENIED\n", fname ));
2953 goto fail;
2954 }
2955
2956 #if 0
2957 /* We need to support SeSecurityPrivilege for this. */
2958 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
2959 !user_has_privileges(current_user.nt_user_token,
2960 &se_security)) {
2961 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2962 goto fail;
2963 }
2964 #else
2965 /* We need to support SeSecurityPrivilege for this. */
2966 if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
2967 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2968 goto fail;
2969 }
2970 /* Don't allow a SACL set from an NTtrans create until we
2971 * support SeSecurityPrivilege. */
2972 if (!VALID_STAT(sbuf) &&
2973 lp_nt_acl_support(SNUM(conn)) &&
2974 sd && (sd->sacl != NULL)) {
2975 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2976 goto fail;
2977 }
2978 #endif
2979
2980 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2981 && is_ntfs_stream_name(fname)
2982 && (!(create_options & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
2983 char *base;
2984 uint32 base_create_disposition;
2985
2986 if (create_options & FILE_DIRECTORY_FILE) {
2987 status = NT_STATUS_NOT_A_DIRECTORY;
2988 goto fail;
2989 }
2990
2991 status = split_ntfs_stream_name(talloc_tos(), fname,
2992 &base, NULL);
2993 if (!NT_STATUS_IS_OK(status)) {
2994 DEBUG(10, ("create_file_unixpath: "
2995 "split_ntfs_stream_name failed: %s\n",
2996 nt_errstr(status)));
2997 goto fail;
2998 }
2999
3000 SMB_ASSERT(!is_ntfs_stream_name(base)); /* paranoia.. */
3001
3002 switch (create_disposition) {
3003 case FILE_OPEN:
3004 base_create_disposition = FILE_OPEN;
3005 break;
3006 default:
3007 base_create_disposition = FILE_OPEN_IF;
3008 break;
3009 }
3010
3011 status = create_file_unixpath(conn, NULL, base, 0,
3012 FILE_SHARE_READ
3013 | FILE_SHARE_WRITE
3014 | FILE_SHARE_DELETE,
3015 base_create_disposition,
3016 0, 0, 0, 0, NULL, NULL,
3017 &base_fsp, NULL, NULL);
3018 if (!NT_STATUS_IS_OK(status)) {
3019 DEBUG(10, ("create_file_unixpath for base %s failed: "
3020 "%s\n", base, nt_errstr(status)));
3021 goto fail;
3022 }
3023 /* we don't need to low level fd */
3024 fd_close(base_fsp);
3025 }
3026
3027 /*
3028 * If it's a request for a directory open, deal with it separately.
3029 */
3030
3031 if (create_options & FILE_DIRECTORY_FILE) {
3032
3033 if (create_options & FILE_NON_DIRECTORY_FILE) {
3034 status = NT_STATUS_INVALID_PARAMETER;
3035 goto fail;
3036 }
3037
3038 /* Can't open a temp directory. IFS kit test. */
3039 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
3040 (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) {
3041 status = NT_STATUS_INVALID_PARAMETER;
3042 goto fail;
3043 }
3044
3045 /*
3046 * We will get a create directory here if the Win32
3047 * app specified a security descriptor in the
3048 * CreateDirectory() call.
3049 */
3050
3051 oplock_request = 0;
3052 status = open_directory(
3053 conn, req, fname, &sbuf, access_mask, share_access,
3054 create_disposition, create_options, file_attributes,
3055 &info, &fsp);
3056 } else {
3057
3058 /*
3059 * Ordinary file case.
3060 */
3061
3062 status = file_new(req, conn, &fsp);
3063 if(!NT_STATUS_IS_OK(status)) {
3064 goto fail;
3065 }
3066
3067 /*
3068 * We're opening the stream element of a base_fsp
3069 * we already opened. Set up the base_fsp pointer.
3070 */
3071 if (base_fsp) {
3072 fsp->base_fsp = base_fsp;
3073 }
3074
3075 status = open_file_ntcreate(conn,
3076 req,
3077 fname,
3078 &sbuf,
3079 access_mask,
3080 share_access,
3081 create_disposition,
3082 create_options,
3083 file_attributes,
3084 oplock_request,
3085 &info,
3086 fsp);
3087
3088 if(!NT_STATUS_IS_OK(status)) {
3089 file_free(req, fsp);
3090 fsp = NULL;
3091 }
3092
3093 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3094
3095 /* A stream open never opens a directory */
3096
3097 if (base_fsp) {
3098 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3099 goto fail;
3100 }
3101
3102 /*
3103 * Fail the open if it was explicitly a non-directory
3104 * file.
3105 */
3106
3107 if (create_options & FILE_NON_DIRECTORY_FILE) {
3108 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3109 goto fail;
3110 }
3111
3112 oplock_request = 0;
3113 status = open_directory(
3114 conn, req, fname, &sbuf, access_mask,
3115 share_access, create_disposition,
3116 create_options, file_attributes,
3117 &info, &fsp);
3118 }
3119 }
3120
3121 if (!NT_STATUS_IS_OK(status)) {
3122 goto fail;
3123 }
3124
3125 fsp->base_fsp = base_fsp;
3126
3127 /*
3128 * According to the MS documentation, the only time the security
3129 * descriptor is applied to the opened file is iff we *created* the
3130 * file; an existing file stays the same.
3131 *
3132 * Also, it seems (from observation) that you can open the file with
3133 * any access mask but you can still write the sd. We need to override
3134 * the granted access before we call set_sd
3135 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3136 */
3137
3138 if ((sd != NULL) && (info == FILE_WAS_CREATED)
3139 && lp_nt_acl_support(SNUM(conn))) {
3140
3141 uint32_t sec_info_sent;
3142 uint32_t saved_access_mask = fsp->access_mask;
3143
3144 sec_info_sent = get_sec_info(sd);
3145
3146 fsp->access_mask = FILE_GENERIC_ALL;
3147
3148 /* Convert all the generic bits. */
3149 security_acl_map_generic(sd->dacl, &file_generic_mapping);
3150 security_acl_map_generic(sd->sacl, &file_generic_mapping);
3151
3152 if (sec_info_sent & (OWNER_SECURITY_INFORMATION|
3153 GROUP_SECURITY_INFORMATION|
3154 DACL_SECURITY_INFORMATION|
3155 SACL_SECURITY_INFORMATION)) {
3156 status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3157 }
3158
3159 fsp->access_mask = saved_access_mask;
3160
3161 if (!NT_STATUS_IS_OK(status)) {
3162 goto fail;
3163 }
3164 }
3165
3166 if ((ea_list != NULL) &&
3167 ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN))) {
3168 status = set_ea(conn, fsp, fname, ea_list);
3169 if (!NT_STATUS_IS_OK(status)) {
3170 goto fail;
3171 }
3172 }
3173
3174 if (!fsp->is_directory && S_ISDIR(sbuf.st_mode)) {
3175 status = NT_STATUS_ACCESS_DENIED;
3176 goto fail;
3177 }
3178
3179 /* Save the requested allocation size. */
3180 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3181 if (allocation_size
3182 && (allocation_size > sbuf.st_size)) {
3183 fsp->initial_allocation_size = smb_roundup(
3184 fsp->conn, allocation_size);
3185 if (fsp->is_directory) {
3186 /* Can't set allocation size on a directory. */
3187 status = NT_STATUS_ACCESS_DENIED;
3188 goto fail;
3189 }
3190 if (vfs_allocate_file_space(
3191 fsp, fsp->initial_allocation_size) == -1) {
3192 status = NT_STATUS_DISK_FULL;
3193 goto fail;
3194 }
3195 } else {
3196 fsp->initial_allocation_size = smb_roundup(
3197 fsp->conn, (uint64_t)sbuf.st_size);
3198 }
3199 }
3200
3201 DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3202
3203 *result = fsp;
3204 if (pinfo != NULL) {
3205 *pinfo = info;
3206 }
3207 if (psbuf != NULL) {
3208 if ((fsp->fh == NULL) || (fsp->fh->fd == -1)) {
3209 *psbuf = sbuf;
3210 }
3211 else {
3212 SMB_VFS_FSTAT(fsp, psbuf);
3213 }
3214 }
3215 return NT_STATUS_OK;
3216
3217 fail:
3218 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3219
3220 if (fsp != NULL) {
3221 if (base_fsp && fsp->base_fsp == base_fsp) {
3222 /*
3223 * The close_file below will close
3224 * fsp->base_fsp.
3225 */
3226 base_fsp = NULL;
3227 }
3228 close_file(req, fsp, ERROR_CLOSE);
3229 fsp = NULL;
3230 }
3231 if (base_fsp != NULL) {
3232 close_file(req, base_fsp, ERROR_CLOSE);
3233 base_fsp = NULL;
3234 }
3235 return status;
3236 }
3237
3238 /*
3239 * Calculate the full path name given a relative fid.
3240 */
3241 NTSTATUS get_relative_fid_filename(connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
3242 struct smb_request *req,
3243 uint16_t root_dir_fid,
3244 const char *fname, char **new_fname)
3245 {
3246 files_struct *dir_fsp;
3247 char *parent_fname = NULL;
3248
3249 if (root_dir_fid == 0 || !fname || !new_fname) {
3250 return NT_STATUS_INTERNAL_ERROR;
3251 }
3252
3253 dir_fsp = file_fsp(req, root_dir_fid);
3254
3255 if (dir_fsp == NULL) {
3256 return NT_STATUS_INVALID_HANDLE;
3257 }
3258
3259 if (!dir_fsp->is_directory) {
3260
3261 /*
3262 * Check to see if this is a mac fork of some kind.
3263 */
3264
3265 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3266 is_ntfs_stream_name(fname)) {
3267 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
3268 }
3269
3270 /*
3271 we need to handle the case when we get a
3272 relative open relative to a file and the
3273 pathname is blank - this is a reopen!
3274 (hint from demyn plantenberg)
3275 */
3276
3277 return NT_STATUS_INVALID_HANDLE;
3278 }
3279
3280 if (ISDOT(dir_fsp->fsp_name)) {
3281 /*
3282 * We're at the toplevel dir, the final file name
3283 * must not contain ./, as this is filtered out
3284 * normally by srvstr_get_path and unix_convert
3285 * explicitly rejects paths containing ./.
3286 */
3287 parent_fname = talloc_strdup(talloc_tos(), "");
3288 if (parent_fname == NULL) {
3289 return NT_STATUS_NO_MEMORY;
3290 }
3291 } else {
3292 size_t dir_name_len = strlen(dir_fsp->fsp_name);
3293
3294 /*
3295 * Copy in the base directory name.
3296 */
3297
3298 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3299 dir_name_len+2);
3300 if (parent_fname == NULL) {
3301 return NT_STATUS_NO_MEMORY;
3302 }
3303 memcpy(parent_fname, dir_fsp->fsp_name,
3304 dir_name_len+1);
3305
3306 /*
3307 * Ensure it ends in a '/'.
3308 * We used TALLOC_SIZE +2 to add space for the '/'.
3309 */
3310
3311 if(dir_name_len
3312 && (parent_fname[dir_name_len-1] != '\\')
3313 && (parent_fname[dir_name_len-1] != '/')) {
3314 parent_fname[dir_name_len] = '/';
3315 parent_fname[dir_name_len+1] = '\0';
3316 }
3317 }
3318
3319 *new_fname = talloc_asprintf(talloc_tos(), "%s%s", parent_fname,
3320 fname);
3321 if (*new_fname == NULL) {
3322 return NT_STATUS_NO_MEMORY;
3323 }
3324
3325 return NT_STATUS_OK;
3326 }
3327
3328 NTSTATUS create_file_default(connection_struct *conn,
/* [<][>][^][v][top][bottom][index][help] */
3329 struct smb_request *req,
3330 uint16_t root_dir_fid,
3331 const char *fname,
3332 uint32_t create_file_flags,
3333 uint32_t access_mask,
3334 uint32_t share_access,
3335 uint32_t create_disposition,
3336 uint32_t create_options,
3337 uint32_t file_attributes,
3338 uint32_t oplock_request,
3339 uint64_t allocation_size,
3340 struct security_descriptor *sd,
3341 struct ea_list *ea_list,
3342
3343 files_struct **result,
3344 int *pinfo,
3345 SMB_STRUCT_STAT *psbuf)
3346 {
3347 struct case_semantics_state *case_state = NULL;
3348 SMB_STRUCT_STAT sbuf;
3349 int info = FILE_WAS_OPENED;
3350 files_struct *fsp = NULL;
3351 NTSTATUS status;
3352
3353 DEBUG(10,("create_file: access_mask = 0x%x "
3354 "file_attributes = 0x%x, share_access = 0x%x, "
3355 "create_disposition = 0x%x create_options = 0x%x "
3356 "oplock_request = 0x%x "
3357 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3358 "create_file_flags = 0x%x, fname = %s\n",
3359 (unsigned int)access_mask,
3360 (unsigned int)file_attributes,
3361 (unsigned int)share_access,
3362 (unsigned int)create_disposition,
3363 (unsigned int)create_options,
3364 (unsigned int)oplock_request,
3365 (unsigned int)root_dir_fid,
3366 ea_list, sd, create_file_flags, fname));
3367
3368 /* MSDFS pathname processing must be done FIRST.
3369 MSDFS pathnames containing IPv6 addresses can
3370 be confused with NTFS stream names (they contain
3371 ":" characters. JRA. */
3372
3373 if ((req != NULL) && (req->flags2 & FLAGS2_DFS_PATHNAMES)) {
3374 char *resolved_fname;
3375
3376 status = resolve_dfspath(talloc_tos(), conn, true, fname,
3377 &resolved_fname);
3378
3379 if (!NT_STATUS_IS_OK(status)) {
3380 /*
3381 * For PATH_NOT_COVERED we had
3382 * reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
3383 * ERRSRV, ERRbadpath);
3384 * Need to fix in callers
3385 */
3386 goto fail;
3387 }
3388 fname = resolved_fname;
3389 }
3390
3391 /*
3392 * Calculate the filename from the root_dir_if if necessary.
3393 */
3394
3395 if (root_dir_fid != 0) {
3396 char *new_fname;
3397
3398 status = get_relative_fid_filename(conn, req, root_dir_fid,
3399 fname, &new_fname);
3400 if (!NT_STATUS_IS_OK(status)) {
3401 goto fail;
3402 }
3403
3404 fname = new_fname;
3405 }
3406
3407 /*
3408 * Check to see if this is a mac fork of some kind.
3409 */
3410
3411 if (is_ntfs_stream_name(fname)) {
3412 enum FAKE_FILE_TYPE fake_file_type;
3413
3414 fake_file_type = is_fake_file(fname);
3415
3416 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3417
3418 /*
3419 * Here we go! support for changing the disk quotas
3420 * --metze
3421 *
3422 * We need to fake up to open this MAGIC QUOTA file
3423 * and return a valid FID.
3424 *
3425 * w2k close this file directly after openening xp
3426 * also tries a QUERY_FILE_INFO on the file and then
3427 * close it
3428 */
3429 status = open_fake_file(req, conn, req->vuid,
3430 fake_file_type, fname,
3431 access_mask, &fsp);
3432 if (!NT_STATUS_IS_OK(status)) {
3433 goto fail;
3434 }
3435
3436 ZERO_STRUCT(sbuf);
3437 goto done;
3438 }
3439
3440 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3441 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3442 goto fail;
3443 }
3444 }
3445
3446 /*
3447 * Check if POSIX semantics are wanted.
3448 */
3449
3450 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
3451 case_state = set_posix_case_semantics(talloc_tos(), conn);
3452 }
3453
3454 if (create_file_flags & CFF_DOS_PATH) {
3455 char *converted_fname;
3456
3457 SET_STAT_INVALID(sbuf);
3458
3459 status = unix_convert(talloc_tos(), conn, fname, False,
3460 &converted_fname, NULL, &sbuf);
3461 if (!NT_STATUS_IS_OK(status)) {
3462 goto fail;
3463 }
3464 fname = converted_fname;
3465 } else {
3466 if (psbuf != NULL) {
3467 sbuf = *psbuf;
3468 } else {
3469 if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) {
3470 SET_STAT_INVALID(sbuf);
3471 }
3472 }
3473
3474 }
3475
3476 TALLOC_FREE(case_state);
3477
3478 /* All file access must go through check_name() */
3479
3480 status = check_name(conn, fname);
3481 if (!NT_STATUS_IS_OK(status)) {
3482 goto fail;
3483 }
3484
3485 status = create_file_unixpath(
3486 conn, req, fname, access_mask, share_access,
3487 create_disposition, create_options, file_attributes,
3488 oplock_request, allocation_size, sd, ea_list,
3489 &fsp, &info, &sbuf);
3490
3491 if (!NT_STATUS_IS_OK(status)) {
3492 goto fail;
3493 }
3494
3495 done:
3496 DEBUG(10, ("create_file: info=%d\n", info));
3497
3498 *result = fsp;
3499 if (pinfo != NULL) {
3500 *pinfo = info;
3501 }
3502 if (psbuf != NULL) {
3503 *psbuf = sbuf;
3504 }
3505 return NT_STATUS_OK;
3506
3507 fail:
3508 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3509
3510 if (fsp != NULL) {
3511 close_file(req, fsp, ERROR_CLOSE);
3512 fsp = NULL;
3513 }
3514 return status;
3515 }