2
Unix SMB/CIFS implementation.
3
file opening and share modes
4
Copyright (C) Andrew Tridgell 1992-1998
5
Copyright (C) Jeremy Allison 2001-2004
6
Copyright (C) Volker Lendecke 2005
8
This program is free software; you can redistribute it and/or modify
9
it under the terms of the GNU General Public License as published by
10
the Free Software Foundation; either version 3 of the License, or
11
(at your option) any later version.
13
This program is distributed in the hope that it will be useful,
14
but WITHOUT ANY WARRANTY; without even the implied warranty of
15
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16
GNU General Public License for more details.
18
You should have received a copy of the GNU General Public License
19
along with this program. If not, see <http://www.gnu.org/licenses/>.
23
#include "smbd/globals.h"
25
extern const struct generic_mapping file_generic_mapping;
27
struct deferred_open_record {
28
bool delayed_for_oplocks;
32
static NTSTATUS create_file_unixpath(connection_struct *conn,
33
struct smb_request *req,
36
uint32_t share_access,
37
uint32_t create_disposition,
38
uint32_t create_options,
39
uint32_t file_attributes,
40
uint32_t oplock_request,
41
uint64_t allocation_size,
42
struct security_descriptor *sd,
43
struct ea_list *ea_list,
45
files_struct **result,
47
SMB_STRUCT_STAT *psbuf);
49
/****************************************************************************
50
SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
51
****************************************************************************/
53
NTSTATUS smb1_file_se_access_check(const struct security_descriptor *sd,
54
const NT_USER_TOKEN *token,
55
uint32_t access_desired,
56
uint32_t *access_granted)
58
return se_access_check(sd,
60
(access_desired & ~FILE_READ_ATTRIBUTES),
64
/****************************************************************************
65
Check if we have open rights.
66
****************************************************************************/
68
static NTSTATUS check_open_rights(struct connection_struct *conn,
71
uint32_t *access_granted)
73
/* Check if we have rights to open. */
75
struct security_descriptor *sd;
79
if (conn->server_info->utok.uid == 0 || conn->admin_user) {
80
/* I'm sorry sir, I didn't know you were root... */
81
*access_granted = access_mask;
82
if (access_mask & SEC_FLAG_MAXIMUM_ALLOWED) {
83
*access_granted |= FILE_GENERIC_ALL;
88
status = SMB_VFS_GET_NT_ACL(conn, fname,
89
(OWNER_SECURITY_INFORMATION |
90
GROUP_SECURITY_INFORMATION |
91
DACL_SECURITY_INFORMATION),&sd);
93
if (!NT_STATUS_IS_OK(status)) {
94
DEBUG(10, ("check_open_rights: Could not get acl "
101
status = smb1_file_se_access_check(sd,
102
conn->server_info->ptok,
108
DEBUG(10,("check_open_rights: file %s requesting "
109
"0x%x returning 0x%x (%s)\n",
111
(unsigned int)access_mask,
112
(unsigned int)*access_granted,
113
nt_errstr(status) ));
118
/****************************************************************************
119
fd support routines - attempt to do a dos_open.
120
****************************************************************************/
122
static NTSTATUS fd_open(struct connection_struct *conn,
128
NTSTATUS status = NT_STATUS_OK;
132
* Never follow symlinks on a POSIX client. The
133
* client should be doing this.
136
if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
141
fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
142
if (fsp->fh->fd == -1) {
143
status = map_nt_error_from_unix(errno);
144
if (errno == EMFILE) {
145
static time_t last_warned = 0L;
147
if (time((time_t *) NULL) > last_warned) {
148
DEBUG(0,("Too many open files, unable "
149
"to open more! smbd's max "
151
lp_max_open_files()));
152
last_warned = time((time_t *) NULL);
158
DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
159
fname, flags, (int)mode, fsp->fh->fd,
160
(fsp->fh->fd == -1) ? strerror(errno) : "" ));
165
/****************************************************************************
166
Close the file associated with a fsp.
167
****************************************************************************/
169
NTSTATUS fd_close(files_struct *fsp)
173
if (fsp->fh->fd == -1) {
174
return NT_STATUS_OK; /* What we used to call a stat open. */
176
if (fsp->fh->ref_count > 1) {
177
return NT_STATUS_OK; /* Shared handle. Only close last reference. */
180
ret = SMB_VFS_CLOSE(fsp);
183
return map_nt_error_from_unix(errno);
188
/****************************************************************************
189
Change the ownership of a file to that of the parent directory.
190
Do this by fd if possible.
191
****************************************************************************/
193
void change_file_owner_to_parent(connection_struct *conn,
194
const char *inherit_from_dir,
197
SMB_STRUCT_STAT parent_st;
200
ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
202
DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
203
"directory %s. Error was %s\n",
204
inherit_from_dir, strerror(errno) ));
209
ret = SMB_VFS_FCHOWN(fsp, parent_st.st_uid, (gid_t)-1);
212
DEBUG(0,("change_file_owner_to_parent: failed to fchown "
213
"file %s to parent directory uid %u. Error "
214
"was %s\n", fsp->fsp_name,
215
(unsigned int)parent_st.st_uid,
219
DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
220
"parent directory uid %u.\n", fsp->fsp_name,
221
(unsigned int)parent_st.st_uid ));
224
NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
225
const char *inherit_from_dir,
227
SMB_STRUCT_STAT *psbuf)
229
char *saved_dir = NULL;
230
SMB_STRUCT_STAT sbuf;
231
SMB_STRUCT_STAT parent_st;
232
TALLOC_CTX *ctx = talloc_tos();
233
NTSTATUS status = NT_STATUS_OK;
236
ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
238
status = map_nt_error_from_unix(errno);
239
DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
240
"directory %s. Error was %s\n",
241
inherit_from_dir, strerror(errno) ));
245
/* We've already done an lstat into psbuf, and we know it's a
246
directory. If we can cd into the directory and the dev/ino
247
are the same then we can safely chown without races as
248
we're locking the directory in place by being in it. This
249
should work on any UNIX (thanks tridge :-). JRA.
252
saved_dir = vfs_GetWd(ctx,conn);
254
status = map_nt_error_from_unix(errno);
255
DEBUG(0,("change_dir_owner_to_parent: failed to get "
256
"current working directory. Error was %s\n",
261
/* Chdir into the new path. */
262
if (vfs_ChDir(conn, fname) == -1) {
263
status = map_nt_error_from_unix(errno);
264
DEBUG(0,("change_dir_owner_to_parent: failed to change "
265
"current working directory to %s. Error "
266
"was %s\n", fname, strerror(errno) ));
270
if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
271
status = map_nt_error_from_unix(errno);
272
DEBUG(0,("change_dir_owner_to_parent: failed to stat "
273
"directory '.' (%s) Error was %s\n",
274
fname, strerror(errno)));
278
/* Ensure we're pointing at the same place. */
279
if (sbuf.st_dev != psbuf->st_dev ||
280
sbuf.st_ino != psbuf->st_ino ||
281
sbuf.st_mode != psbuf->st_mode ) {
282
DEBUG(0,("change_dir_owner_to_parent: "
283
"device/inode/mode on directory %s changed. "
284
"Refusing to chown !\n", fname ));
285
status = NT_STATUS_ACCESS_DENIED;
290
ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
293
status = map_nt_error_from_unix(errno);
294
DEBUG(10,("change_dir_owner_to_parent: failed to chown "
295
"directory %s to parent directory uid %u. "
296
"Error was %s\n", fname,
297
(unsigned int)parent_st.st_uid, strerror(errno) ));
301
DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
302
"directory %s to parent directory uid %u.\n",
303
fname, (unsigned int)parent_st.st_uid ));
307
vfs_ChDir(conn,saved_dir);
311
/****************************************************************************
313
****************************************************************************/
315
static NTSTATUS open_file(files_struct *fsp,
316
connection_struct *conn,
317
struct smb_request *req,
318
const char *parent_dir,
321
SMB_STRUCT_STAT *psbuf,
324
uint32 access_mask, /* client requested access mask. */
325
uint32 open_access_mask) /* what we're actually using in the open. */
327
NTSTATUS status = NT_STATUS_OK;
328
int accmode = (flags & O_ACCMODE);
329
int local_flags = flags;
330
bool file_existed = VALID_STAT(*psbuf);
335
/* Check permissions */
338
* This code was changed after seeing a client open request
339
* containing the open mode of (DENY_WRITE/read-only) with
340
* the 'create if not exist' bit set. The previous code
341
* would fail to open the file read only on a read-only share
342
* as it was checking the flags parameter directly against O_RDONLY,
343
* this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
347
if (!CAN_WRITE(conn)) {
348
/* It's a read-only share - fail if we wanted to write. */
349
if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
350
DEBUG(3,("Permission denied opening %s\n", path));
351
return NT_STATUS_ACCESS_DENIED;
352
} else if(flags & O_CREAT) {
353
/* We don't want to write - but we must make sure that
354
O_CREAT doesn't create the file if we have write
355
access into the directory.
357
flags &= ~(O_CREAT|O_EXCL);
358
local_flags &= ~(O_CREAT|O_EXCL);
363
* This little piece of insanity is inspired by the
364
* fact that an NT client can open a file for O_RDONLY,
365
* but set the create disposition to FILE_EXISTS_TRUNCATE.
366
* If the client *can* write to the file, then it expects to
367
* truncate the file, even though it is opening for readonly.
368
* Quicken uses this stupid trick in backup file creation...
369
* Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
370
* for helping track this one down. It didn't bite us in 2.0.x
371
* as we always opened files read-write in that release. JRA.
374
if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
375
DEBUG(10,("open_file: truncate requested on read-only open "
376
"for file %s\n", path));
377
local_flags = (flags & ~O_ACCMODE)|O_RDWR;
380
if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
381
(!file_existed && (local_flags & O_CREAT)) ||
382
((local_flags & O_TRUNC) == O_TRUNC) ) {
386
* We can't actually truncate here as the file may be locked.
387
* open_file_ntcreate will take care of the truncate later. JRA.
390
local_flags &= ~O_TRUNC;
392
#if defined(O_NONBLOCK) && defined(S_ISFIFO)
394
* We would block on opening a FIFO with no one else on the
395
* other end. Do what we used to do and add O_NONBLOCK to the
399
if (file_existed && S_ISFIFO(psbuf->st_mode)) {
400
local_flags |= O_NONBLOCK;
404
/* Don't create files with Microsoft wildcard characters. */
407
* wildcard characters are allowed in stream names
408
* only test the basefilename
410
wild = fsp->base_fsp->fsp_name;
414
if ((local_flags & O_CREAT) && !file_existed &&
416
return NT_STATUS_OBJECT_NAME_INVALID;
419
/* Actually do the open */
420
status = fd_open(conn, path, fsp, local_flags, unx_mode);
421
if (!NT_STATUS_IS_OK(status)) {
422
DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
424
path,nt_errstr(status),local_flags,flags));
428
if ((local_flags & O_CREAT) && !file_existed) {
430
/* Inherit the ACL if required */
431
if (lp_inherit_perms(SNUM(conn))) {
432
inherit_access_posix_acl(conn, parent_dir, path,
436
/* Change the owner if required. */
437
if (lp_inherit_owner(SNUM(conn))) {
438
change_file_owner_to_parent(conn, parent_dir,
442
notify_fname(conn, NOTIFY_ACTION_ADDED,
443
FILE_NOTIFY_CHANGE_FILE_NAME, path);
447
fsp->fh->fd = -1; /* What we used to call a stat open. */
449
uint32_t access_granted = 0;
451
status = check_open_rights(conn,
455
if (!NT_STATUS_IS_OK(status)) {
456
if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
458
* On NT_STATUS_ACCESS_DENIED, access_granted
459
* contains the denied bits.
462
if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
463
(access_granted & FILE_WRITE_ATTRIBUTES) &&
464
(lp_map_readonly(SNUM(conn)) ||
465
lp_map_archive(SNUM(conn)) ||
466
lp_map_hidden(SNUM(conn)) ||
467
lp_map_system(SNUM(conn)))) {
468
access_granted &= ~FILE_WRITE_ATTRIBUTES;
470
DEBUG(10,("open_file: overrode FILE_WRITE_ATTRIBUTES "
475
if ((access_mask & DELETE_ACCESS) &&
476
(access_granted & DELETE_ACCESS) &&
477
can_delete_file_in_directory(conn, path)) {
478
/* Were we trying to do a stat open
479
* for delete and didn't get DELETE
480
* access (only) ? Check if the
481
* directory allows DELETE_CHILD.
483
* http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
486
access_granted &= ~DELETE_ACCESS;
488
DEBUG(10,("open_file: overrode DELETE_ACCESS "
493
if (access_granted != 0) {
494
DEBUG(10, ("open_file: Access denied on "
499
} else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
501
S_ISLNK(psbuf->st_mode)) {
502
/* This is a POSIX stat open for delete
503
* or rename on a symlink that points
505
DEBUG(10, ("open_file: allowing POSIX open "
506
"on bad symlink %s\n",
509
DEBUG(10, ("open_file: check_open_rights "
510
"on file %s returned %s\n",
511
path, nt_errstr(status) ));
521
if (fsp->fh->fd == -1) {
522
ret = SMB_VFS_STAT(conn, path, psbuf);
524
ret = SMB_VFS_FSTAT(fsp, psbuf);
525
/* If we have an fd, this stat should succeed. */
527
DEBUG(0,("Error doing fstat on open file %s "
528
"(%s)\n", path,strerror(errno) ));
532
/* For a non-io open, this stat failing means file not found. JRA */
534
status = map_nt_error_from_unix(errno);
541
* POSIX allows read-only opens of directories. We don't
542
* want to do this (we use a different code path for this)
543
* so catch a directory open and return an EISDIR. JRA.
546
if(S_ISDIR(psbuf->st_mode)) {
549
return NT_STATUS_FILE_IS_A_DIRECTORY;
552
fsp->mode = psbuf->st_mode;
553
fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
554
fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
555
fsp->file_pid = req ? req->smbpid : 0;
556
fsp->can_lock = True;
557
fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
558
if (!CAN_WRITE(conn)) {
559
fsp->can_write = False;
561
fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
564
fsp->print_file = False;
565
fsp->modified = False;
566
fsp->sent_oplock_break = NO_BREAK_SENT;
567
fsp->is_directory = False;
568
if (conn->aio_write_behind_list &&
569
is_in_path(path, conn->aio_write_behind_list, conn->case_sensitive)) {
570
fsp->aio_write_behind = True;
573
string_set(&fsp->fsp_name, path);
574
fsp->wcp = NULL; /* Write cache pointer. */
576
DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
577
conn->server_info->unix_name,
579
BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
580
conn->num_files_open));
586
/*******************************************************************
587
Return True if the filename is one of the special executable types.
588
********************************************************************/
590
bool is_executable(const char *fname)
592
if ((fname = strrchr_m(fname,'.'))) {
593
if (strequal(fname,".com") ||
594
strequal(fname,".dll") ||
595
strequal(fname,".exe") ||
596
strequal(fname,".sym")) {
603
/****************************************************************************
604
Check if we can open a file with a share mode.
605
Returns True if conflict, False if not.
606
****************************************************************************/
608
static bool share_conflict(struct share_mode_entry *entry,
612
DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
613
"entry->share_access = 0x%x, "
614
"entry->private_options = 0x%x\n",
615
(unsigned int)entry->access_mask,
616
(unsigned int)entry->share_access,
617
(unsigned int)entry->private_options));
619
DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
620
(unsigned int)access_mask, (unsigned int)share_access));
622
if ((entry->access_mask & (FILE_WRITE_DATA|
626
DELETE_ACCESS)) == 0) {
627
DEBUG(10,("share_conflict: No conflict due to "
628
"entry->access_mask = 0x%x\n",
629
(unsigned int)entry->access_mask ));
633
if ((access_mask & (FILE_WRITE_DATA|
637
DELETE_ACCESS)) == 0) {
638
DEBUG(10,("share_conflict: No conflict due to "
639
"access_mask = 0x%x\n",
640
(unsigned int)access_mask ));
644
#if 1 /* JRA TEST - Superdebug. */
645
#define CHECK_MASK(num, am, right, sa, share) \
646
DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
647
(unsigned int)(num), (unsigned int)(am), \
648
(unsigned int)(right), (unsigned int)(am)&(right) )); \
649
DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
650
(unsigned int)(num), (unsigned int)(sa), \
651
(unsigned int)(share), (unsigned int)(sa)&(share) )); \
652
if (((am) & (right)) && !((sa) & (share))) { \
653
DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
654
sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
655
(unsigned int)(share) )); \
659
#define CHECK_MASK(num, am, right, sa, share) \
660
if (((am) & (right)) && !((sa) & (share))) { \
661
DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
662
sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
663
(unsigned int)(share) )); \
668
CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
669
share_access, FILE_SHARE_WRITE);
670
CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
671
entry->share_access, FILE_SHARE_WRITE);
673
CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
674
share_access, FILE_SHARE_READ);
675
CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
676
entry->share_access, FILE_SHARE_READ);
678
CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
679
share_access, FILE_SHARE_DELETE);
680
CHECK_MASK(6, access_mask, DELETE_ACCESS,
681
entry->share_access, FILE_SHARE_DELETE);
683
DEBUG(10,("share_conflict: No conflict.\n"));
687
#if defined(DEVELOPER)
688
static void validate_my_share_entries(int num,
689
struct share_mode_entry *share_entry)
693
if (!procid_is_me(&share_entry->pid)) {
697
if (is_deferred_open_entry(share_entry) &&
698
!open_was_deferred(share_entry->op_mid)) {
699
char *str = talloc_asprintf(talloc_tos(),
700
"Got a deferred entry without a request: "
702
share_mode_str(talloc_tos(), num, share_entry));
706
if (!is_valid_share_mode_entry(share_entry)) {
710
fsp = file_find_dif(share_entry->id,
711
share_entry->share_file_id);
713
DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
714
share_mode_str(talloc_tos(), num, share_entry) ));
715
smb_panic("validate_my_share_entries: Cannot match a "
716
"share entry with an open file\n");
719
if (is_deferred_open_entry(share_entry) ||
720
is_unused_share_mode_entry(share_entry)) {
724
if ((share_entry->op_type == NO_OPLOCK) &&
725
(fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
726
/* Someone has already written to it, but I haven't yet
731
if (((uint16)fsp->oplock_type) != share_entry->op_type) {
740
DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
741
share_mode_str(talloc_tos(), num, share_entry) ));
742
str = talloc_asprintf(talloc_tos(),
743
"validate_my_share_entries: "
744
"file %s, oplock_type = 0x%x, op_type = 0x%x\n",
745
fsp->fsp_name, (unsigned int)fsp->oplock_type,
746
(unsigned int)share_entry->op_type );
752
bool is_stat_open(uint32 access_mask)
754
return (access_mask &&
755
((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
756
FILE_WRITE_ATTRIBUTES))==0) &&
757
((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
758
FILE_WRITE_ATTRIBUTES)) != 0));
761
/****************************************************************************
762
Deal with share modes
763
Invarient: Share mode must be locked on entry and exit.
764
Returns -1 on error, or number of share modes on success (may be zero).
765
****************************************************************************/
767
static NTSTATUS open_mode_check(connection_struct *conn,
769
struct share_mode_lock *lck,
772
uint32 create_options,
777
if(lck->num_share_modes == 0) {
781
*file_existed = True;
783
/* A delete on close prohibits everything */
785
if (lck->delete_on_close) {
786
return NT_STATUS_DELETE_PENDING;
789
if (is_stat_open(access_mask)) {
790
/* Stat open that doesn't trigger oplock breaks or share mode
791
* checks... ! JRA. */
796
* Check if the share modes will give us access.
799
#if defined(DEVELOPER)
800
for(i = 0; i < lck->num_share_modes; i++) {
801
validate_my_share_entries(i, &lck->share_modes[i]);
805
if (!lp_share_modes(SNUM(conn))) {
809
/* Now we check the share modes, after any oplock breaks. */
810
for(i = 0; i < lck->num_share_modes; i++) {
812
if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
816
/* someone else has a share lock on it, check to see if we can
818
if (share_conflict(&lck->share_modes[i],
819
access_mask, share_access)) {
820
return NT_STATUS_SHARING_VIOLATION;
827
static bool is_delete_request(files_struct *fsp) {
828
return ((fsp->access_mask == DELETE_ACCESS) &&
829
(fsp->oplock_type == NO_OPLOCK));
833
* Send a break message to the oplock holder and delay the open for
837
static NTSTATUS send_break_message(files_struct *fsp,
838
struct share_mode_entry *exclusive,
843
char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
845
DEBUG(10, ("Sending break request to PID %s\n",
846
procid_str_static(&exclusive->pid)));
847
exclusive->op_mid = mid;
849
/* Create the message. */
850
share_mode_entry_to_message(msg, exclusive);
852
/* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
853
don't want this set in the share mode struct pointed to by lck. */
855
if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
856
SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
859
status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
860
MSG_SMB_BREAK_REQUEST,
862
MSG_SMB_SHARE_MODE_ENTRY_SIZE);
863
if (!NT_STATUS_IS_OK(status)) {
864
DEBUG(3, ("Could not send oplock break message: %s\n",
872
* 1) No files open at all or internal open: Grant whatever the client wants.
874
* 2) Exclusive (or batch) oplock around: If the requested access is a delete
875
* request, break if the oplock around is a batch oplock. If it's another
876
* requested access type, break.
878
* 3) Only level2 around: Grant level2 and do nothing else.
881
static bool delay_for_oplocks(struct share_mode_lock *lck,
888
struct share_mode_entry *exclusive = NULL;
889
bool valid_entry = false;
890
bool have_level2 = false;
891
bool have_a_none_oplock = false;
892
bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
893
lp_level2_oplocks(SNUM(fsp->conn));
895
if (oplock_request & INTERNAL_OPEN_ONLY) {
896
fsp->oplock_type = NO_OPLOCK;
899
if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
903
for (i=0; i<lck->num_share_modes; i++) {
905
if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
909
/* At least one entry is not an invalid or deferred entry. */
912
if (pass_number == 1) {
913
if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
914
SMB_ASSERT(exclusive == NULL);
915
exclusive = &lck->share_modes[i];
918
if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
919
SMB_ASSERT(exclusive == NULL);
920
exclusive = &lck->share_modes[i];
924
if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
925
SMB_ASSERT(exclusive == NULL);
929
if (lck->share_modes[i].op_type == NO_OPLOCK) {
930
have_a_none_oplock = true;
934
if (exclusive != NULL) { /* Found an exclusive oplock */
935
bool delay_it = is_delete_request(fsp) ?
936
BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
937
SMB_ASSERT(!have_level2);
939
send_break_message(fsp, exclusive, mid, oplock_request);
945
* Match what was requested (fsp->oplock_type) with
946
* what was found in the existing share modes.
950
/* All entries are placeholders or deferred.
951
* Directly grant whatever the client wants. */
952
if (fsp->oplock_type == NO_OPLOCK) {
953
/* Store a level2 oplock, but don't tell the client */
954
fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
956
} else if (have_a_none_oplock) {
957
fsp->oplock_type = NO_OPLOCK;
958
} else if (have_level2) {
959
if (fsp->oplock_type == NO_OPLOCK ||
960
fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
961
/* Store a level2 oplock, but don't tell the client */
962
fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
964
fsp->oplock_type = LEVEL_II_OPLOCK;
967
/* This case can never happen. */
972
* Don't grant level2 to clients that don't want them
973
* or if we've turned them off.
975
if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
976
fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
979
DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
980
fsp->oplock_type, fsp->fsp_name));
986
bool request_timed_out(struct timeval request_time,
987
struct timeval timeout)
989
struct timeval now, end_time;
991
end_time = timeval_sum(&request_time, &timeout);
992
return (timeval_compare(&end_time, &now) < 0);
995
/****************************************************************************
996
Handle the 1 second delay in returning a SHARING_VIOLATION error.
997
****************************************************************************/
999
static void defer_open(struct share_mode_lock *lck,
1000
struct timeval request_time,
1001
struct timeval timeout,
1002
struct smb_request *req,
1003
struct deferred_open_record *state)
1007
/* Paranoia check */
1009
for (i=0; i<lck->num_share_modes; i++) {
1010
struct share_mode_entry *e = &lck->share_modes[i];
1012
if (!is_deferred_open_entry(e)) {
1016
if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
1017
DEBUG(0, ("Trying to defer an already deferred "
1018
"request: mid=%d, exiting\n", req->mid));
1019
exit_server("attempt to defer a deferred request");
1023
/* End paranoia check */
1025
DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1026
"open entry for mid %u\n",
1027
(unsigned int)request_time.tv_sec,
1028
(unsigned int)request_time.tv_usec,
1029
(unsigned int)req->mid));
1031
if (!push_deferred_smb_message(req, request_time, timeout,
1032
(char *)state, sizeof(*state))) {
1033
exit_server("push_deferred_smb_message failed");
1035
add_deferred_open(lck, req->mid, request_time, state->id);
1038
* Push the MID of this packet on the signing queue.
1039
* We only do this once, the first time we push the packet
1040
* onto the deferred open queue, as this has a side effect
1041
* of incrementing the response sequence number.
1044
srv_defer_sign_response(req->mid);
1048
/****************************************************************************
1049
On overwrite open ensure that the attributes match.
1050
****************************************************************************/
1052
bool open_match_attributes(connection_struct *conn,
1054
uint32 old_dos_attr,
1055
uint32 new_dos_attr,
1056
mode_t existing_unx_mode,
1057
mode_t new_unx_mode,
1058
mode_t *returned_unx_mode)
1060
uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1062
noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1063
noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1065
if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1066
(noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1067
*returned_unx_mode = new_unx_mode;
1069
*returned_unx_mode = (mode_t)0;
1072
DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
1073
"existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1074
"returned_unx_mode = 0%o\n",
1076
(unsigned int)old_dos_attr,
1077
(unsigned int)existing_unx_mode,
1078
(unsigned int)new_dos_attr,
1079
(unsigned int)*returned_unx_mode ));
1081
/* If we're mapping SYSTEM and HIDDEN ensure they match. */
1082
if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1083
if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1084
!(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1088
if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1089
if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1090
!(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1097
/****************************************************************************
1098
Special FCB or DOS processing in the case of a sharing violation.
1099
Try and find a duplicated file handle.
1100
****************************************************************************/
1102
NTSTATUS fcb_or_dos_open(struct smb_request *req,
1103
connection_struct *conn,
1104
files_struct *fsp_to_dup_into,
1110
uint32 share_access,
1111
uint32 create_options)
1115
DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1116
"file %s.\n", fname ));
1118
for(fsp = file_find_di_first(id); fsp;
1119
fsp = file_find_di_next(fsp)) {
1121
DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1122
"vuid = %u, file_pid = %u, private_options = 0x%x "
1123
"access_mask = 0x%x\n", fsp->fsp_name,
1124
fsp->fh->fd, (unsigned int)fsp->vuid,
1125
(unsigned int)fsp->file_pid,
1126
(unsigned int)fsp->fh->private_options,
1127
(unsigned int)fsp->access_mask ));
1129
if (fsp->fh->fd != -1 &&
1130
fsp->vuid == vuid &&
1131
fsp->file_pid == file_pid &&
1132
(fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1133
NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1134
(fsp->access_mask & FILE_WRITE_DATA) &&
1135
strequal(fsp->fsp_name, fname)) {
1136
DEBUG(10,("fcb_or_dos_open: file match\n"));
1142
return NT_STATUS_NOT_FOUND;
1145
/* quite an insane set of semantics ... */
1146
if (is_executable(fname) &&
1147
(fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1148
DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1149
return NT_STATUS_INVALID_PARAMETER;
1152
/* We need to duplicate this fsp. */
1153
dup_file_fsp(req, fsp, access_mask, share_access,
1154
create_options, fsp_to_dup_into);
1156
return NT_STATUS_OK;
1159
/****************************************************************************
1160
Open a file with a share mode - old openX method - map into NTCreate.
1161
****************************************************************************/
1163
bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
1164
uint32 *paccess_mask,
1165
uint32 *pshare_mode,
1166
uint32 *pcreate_disposition,
1167
uint32 *pcreate_options)
1171
uint32 create_disposition;
1172
uint32 create_options = FILE_NON_DIRECTORY_FILE;
1174
DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1175
"open_func = 0x%x\n",
1176
fname, (unsigned int)deny_mode, (unsigned int)open_func ));
1178
/* Create the NT compatible access_mask. */
1179
switch (GET_OPENX_MODE(deny_mode)) {
1180
case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1181
case DOS_OPEN_RDONLY:
1182
access_mask = FILE_GENERIC_READ;
1184
case DOS_OPEN_WRONLY:
1185
access_mask = FILE_GENERIC_WRITE;
1189
access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1192
DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1193
(unsigned int)GET_OPENX_MODE(deny_mode)));
1197
/* Create the NT compatible create_disposition. */
1198
switch (open_func) {
1199
case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1200
create_disposition = FILE_CREATE;
1203
case OPENX_FILE_EXISTS_OPEN:
1204
create_disposition = FILE_OPEN;
1207
case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1208
create_disposition = FILE_OPEN_IF;
1211
case OPENX_FILE_EXISTS_TRUNCATE:
1212
create_disposition = FILE_OVERWRITE;
1215
case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1216
create_disposition = FILE_OVERWRITE_IF;
1220
/* From samba4 - to be confirmed. */
1221
if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1222
create_disposition = FILE_CREATE;
1225
DEBUG(10,("map_open_params_to_ntcreate: bad "
1226
"open_func 0x%x\n", (unsigned int)open_func));
1230
/* Create the NT compatible share modes. */
1231
switch (GET_DENY_MODE(deny_mode)) {
1233
share_mode = FILE_SHARE_NONE;
1237
share_mode = FILE_SHARE_READ;
1241
share_mode = FILE_SHARE_WRITE;
1245
share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1249
create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1250
if (is_executable(fname)) {
1251
share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1253
if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1254
share_mode = FILE_SHARE_READ;
1256
share_mode = FILE_SHARE_NONE;
1262
create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1263
share_mode = FILE_SHARE_NONE;
1267
DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1268
(unsigned int)GET_DENY_MODE(deny_mode) ));
1272
DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1273
"share_mode = 0x%x, create_disposition = 0x%x, "
1274
"create_options = 0x%x\n",
1276
(unsigned int)access_mask,
1277
(unsigned int)share_mode,
1278
(unsigned int)create_disposition,
1279
(unsigned int)create_options ));
1282
*paccess_mask = access_mask;
1285
*pshare_mode = share_mode;
1287
if (pcreate_disposition) {
1288
*pcreate_disposition = create_disposition;
1290
if (pcreate_options) {
1291
*pcreate_options = create_options;
1298
static void schedule_defer_open(struct share_mode_lock *lck,
1299
struct timeval request_time,
1300
struct smb_request *req)
1302
struct deferred_open_record state;
1304
/* This is a relative time, added to the absolute
1305
request_time value to get the absolute timeout time.
1306
Note that if this is the second or greater time we enter
1307
this codepath for this particular request mid then
1308
request_time is left as the absolute time of the *first*
1309
time this request mid was processed. This is what allows
1310
the request to eventually time out. */
1312
struct timeval timeout;
1314
/* Normally the smbd we asked should respond within
1315
* OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1316
* the client did, give twice the timeout as a safety
1317
* measure here in case the other smbd is stuck
1318
* somewhere else. */
1320
timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1322
/* Nothing actually uses state.delayed_for_oplocks
1323
but it's handy to differentiate in debug messages
1324
between a 30 second delay due to oplock break, and
1325
a 1 second delay for share mode conflicts. */
1327
state.delayed_for_oplocks = True;
1330
if (!request_timed_out(request_time, timeout)) {
1331
defer_open(lck, request_time, timeout, req, &state);
1335
/****************************************************************************
1336
Work out what access_mask to use from what the client sent us.
1337
****************************************************************************/
1339
static NTSTATUS calculate_access_mask(connection_struct *conn,
1342
uint32_t access_mask,
1343
uint32_t *access_mask_out)
1348
* Convert GENERIC bits to specific bits.
1351
se_map_generic(&access_mask, &file_generic_mapping);
1353
/* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1354
if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1357
struct security_descriptor *sd;
1358
uint32_t access_granted = 0;
1360
status = SMB_VFS_GET_NT_ACL(conn, fname,
1361
(OWNER_SECURITY_INFORMATION |
1362
GROUP_SECURITY_INFORMATION |
1363
DACL_SECURITY_INFORMATION),&sd);
1365
if (!NT_STATUS_IS_OK(status)) {
1366
DEBUG(10, ("calculate_access_mask: Could not get acl "
1369
nt_errstr(status)));
1370
return NT_STATUS_ACCESS_DENIED;
1373
status = smb1_file_se_access_check(sd,
1374
conn->server_info->ptok,
1380
if (!NT_STATUS_IS_OK(status)) {
1381
DEBUG(10, ("calculate_access_mask: Access denied on "
1382
"file %s: when calculating maximum access\n",
1384
return NT_STATUS_ACCESS_DENIED;
1387
access_mask = access_granted;
1389
access_mask = FILE_GENERIC_ALL;
1393
*access_mask_out = access_mask;
1394
return NT_STATUS_OK;
1397
/****************************************************************************
1398
Open a file with a share mode. Passed in an already created files_struct *.
1399
****************************************************************************/
1401
static NTSTATUS open_file_ntcreate(connection_struct *conn,
1402
struct smb_request *req,
1404
SMB_STRUCT_STAT *psbuf,
1405
uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1406
uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1407
uint32 create_disposition, /* FILE_OPEN_IF etc. */
1408
uint32 create_options, /* options such as delete on close. */
1409
uint32 new_dos_attributes, /* attributes used for new file. */
1410
int oplock_request, /* internal Samba oplock codes. */
1411
/* Information (FILE_EXISTS etc.) */
1417
bool file_existed = VALID_STAT(*psbuf);
1418
bool def_acl = False;
1419
bool posix_open = False;
1420
bool new_file_created = False;
1421
bool clear_ads = false;
1423
NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1424
mode_t new_unx_mode = (mode_t)0;
1425
mode_t unx_mode = (mode_t)0;
1427
uint32 existing_dos_attributes = 0;
1428
struct pending_message_list *pml = NULL;
1429
struct timeval request_time = timeval_zero();
1430
struct share_mode_lock *lck = NULL;
1431
uint32 open_access_mask = access_mask;
1435
const char *newname;
1439
if (conn->printer) {
1441
* Printers are handled completely differently.
1442
* Most of the passed parameters are ignored.
1446
*pinfo = FILE_WAS_CREATED;
1449
DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1451
return print_fsp_open(req, conn, fname, req->vuid, fsp, psbuf);
1454
if (!parent_dirname(talloc_tos(), fname, &parent_dir, &newname)) {
1455
return NT_STATUS_NO_MEMORY;
1458
if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1460
unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1461
new_dos_attributes = 0;
1463
/* We add aARCH to this as this mode is only used if the file is
1465
unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1469
DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1470
"access_mask=0x%x share_access=0x%x "
1471
"create_disposition = 0x%x create_options=0x%x "
1472
"unix mode=0%o oplock_request=%d\n",
1473
fname, new_dos_attributes, access_mask, share_access,
1474
create_disposition, create_options, (unsigned int)unx_mode,
1477
if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1478
DEBUG(0, ("No smb request but not an internal only open!\n"));
1479
return NT_STATUS_INTERNAL_ERROR;
1483
* Only non-internal opens can be deferred at all
1487
&& ((pml = get_open_deferred_message(req->mid)) != NULL)) {
1488
struct deferred_open_record *state =
1489
(struct deferred_open_record *)pml->private_data.data;
1491
/* Remember the absolute time of the original
1492
request with this mid. We'll use it later to
1493
see if this has timed out. */
1495
request_time = pml->request_time;
1497
/* Remove the deferred open entry under lock. */
1498
lck = get_share_mode_lock(talloc_tos(), state->id, NULL, NULL,
1501
DEBUG(0, ("could not get share mode lock\n"));
1503
del_deferred_open_entry(lck, req->mid);
1507
/* Ensure we don't reprocess this message. */
1508
remove_deferred_open_smb_message(req->mid);
1511
status = check_name(conn, fname);
1512
if (!NT_STATUS_IS_OK(status)) {
1517
new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1519
existing_dos_attributes = dos_mode(conn, fname, psbuf);
1523
/* ignore any oplock requests if oplocks are disabled */
1524
if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1525
IS_VETO_OPLOCK_PATH(conn, fname)) {
1526
/* Mask off everything except the private Samba bits. */
1527
oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1530
/* this is for OS/2 long file names - say we don't support them */
1531
if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1532
/* OS/2 Workplace shell fix may be main code stream in a later
1534
DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1536
if (use_nt_status()) {
1537
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1539
return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1542
switch( create_disposition ) {
1544
* Currently we're using FILE_SUPERSEDE as the same as
1545
* FILE_OVERWRITE_IF but they really are
1546
* different. FILE_SUPERSEDE deletes an existing file
1547
* (requiring delete access) then recreates it.
1549
case FILE_SUPERSEDE:
1550
/* If file exists replace/overwrite. If file doesn't
1552
flags2 |= (O_CREAT | O_TRUNC);
1556
case FILE_OVERWRITE_IF:
1557
/* If file exists replace/overwrite. If file doesn't
1559
flags2 |= (O_CREAT | O_TRUNC);
1564
/* If file exists open. If file doesn't exist error. */
1565
if (!file_existed) {
1566
DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1567
"requested for file %s and file "
1568
"doesn't exist.\n", fname ));
1570
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1574
case FILE_OVERWRITE:
1575
/* If file exists overwrite. If file doesn't exist
1577
if (!file_existed) {
1578
DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1579
"requested for file %s and file "
1580
"doesn't exist.\n", fname ));
1582
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1589
/* If file exists error. If file doesn't exist
1592
DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1593
"requested for file %s and file "
1594
"already exists.\n", fname ));
1595
if (S_ISDIR(psbuf->st_mode)) {
1600
return map_nt_error_from_unix(errno);
1602
flags2 |= (O_CREAT|O_EXCL);
1606
/* If file exists open. If file doesn't exist
1612
return NT_STATUS_INVALID_PARAMETER;
1615
/* We only care about matching attributes on file exists and
1618
if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1619
(create_disposition == FILE_OVERWRITE_IF))) {
1620
if (!open_match_attributes(conn, fname,
1621
existing_dos_attributes,
1622
new_dos_attributes, psbuf->st_mode,
1623
unx_mode, &new_unx_mode)) {
1624
DEBUG(5,("open_file_ntcreate: attributes missmatch "
1625
"for file %s (%x %x) (0%o, 0%o)\n",
1626
fname, existing_dos_attributes,
1628
(unsigned int)psbuf->st_mode,
1629
(unsigned int)unx_mode ));
1631
return NT_STATUS_ACCESS_DENIED;
1635
status = calculate_access_mask(conn, fname, file_existed,
1638
if (!NT_STATUS_IS_OK(status)) {
1639
DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1640
"on file %s returned %s\n",
1642
nt_errstr(status)));
1646
open_access_mask = access_mask;
1648
if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1649
open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1652
DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1653
"access_mask=0x%x\n", fname, access_mask ));
1656
* Note that we ignore the append flag as append does not
1657
* mean the same thing under DOS and Unix.
1660
if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1661
(oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1662
/* DENY_DOS opens are always underlying read-write on the
1663
file handle, no matter what the requested access mask
1665
if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1666
access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1676
* Currently we only look at FILE_WRITE_THROUGH for create options.
1680
if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1685
if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1689
if (!posix_open && !CAN_WRITE(conn)) {
1691
* We should really return a permission denied error if either
1692
* O_CREAT or O_TRUNC are set, but for compatibility with
1693
* older versions of Samba we just AND them out.
1695
flags2 &= ~(O_CREAT|O_TRUNC);
1699
* Ensure we can't write on a read-only share or file.
1702
if (flags != O_RDONLY && file_existed &&
1703
(!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1704
DEBUG(5,("open_file_ntcreate: write access requested for "
1705
"file %s on read only %s\n",
1706
fname, !CAN_WRITE(conn) ? "share" : "file" ));
1708
return NT_STATUS_ACCESS_DENIED;
1711
fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
1712
fsp->share_access = share_access;
1713
fsp->fh->private_options = create_options;
1714
fsp->access_mask = open_access_mask; /* We change this to the
1715
* requested access_mask after
1716
* the open is done. */
1717
fsp->posix_open = posix_open;
1719
/* Ensure no SAMBA_PRIVATE bits can be set. */
1720
fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1722
if (timeval_is_zero(&request_time)) {
1723
request_time = fsp->open_time;
1727
struct timespec old_write_time = get_mtimespec(psbuf);
1728
id = vfs_file_id_from_sbuf(conn, psbuf);
1730
lck = get_share_mode_lock(talloc_tos(), id,
1732
fname, &old_write_time);
1735
DEBUG(0, ("Could not get share mode lock\n"));
1736
return NT_STATUS_SHARING_VIOLATION;
1739
/* First pass - send break only on batch oplocks. */
1741
&& delay_for_oplocks(lck, fsp, req->mid, 1,
1743
schedule_defer_open(lck, request_time, req);
1745
return NT_STATUS_SHARING_VIOLATION;
1748
/* Use the client requested access mask here, not the one we
1750
status = open_mode_check(conn, fname, lck,
1751
access_mask, share_access,
1752
create_options, &file_existed);
1754
if (NT_STATUS_IS_OK(status)) {
1755
/* We might be going to allow this open. Check oplock
1757
/* Second pass - send break for both batch or
1758
* exclusive oplocks. */
1760
&& delay_for_oplocks(lck, fsp, req->mid, 2,
1762
schedule_defer_open(lck, request_time, req);
1764
return NT_STATUS_SHARING_VIOLATION;
1768
if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1769
/* DELETE_PENDING is not deferred for a second */
1774
if (!NT_STATUS_IS_OK(status)) {
1775
uint32 can_access_mask;
1776
bool can_access = True;
1778
SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1780
/* Check if this can be done with the deny_dos and fcb
1782
if (create_options &
1783
(NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1784
NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1786
DEBUG(0, ("DOS open without an SMB "
1789
return NT_STATUS_INTERNAL_ERROR;
1792
/* Use the client requested access mask here,
1793
* not the one we open with. */
1794
status = fcb_or_dos_open(req,
1805
if (NT_STATUS_IS_OK(status)) {
1808
*pinfo = FILE_WAS_OPENED;
1810
return NT_STATUS_OK;
1815
* This next line is a subtlety we need for
1816
* MS-Access. If a file open will fail due to share
1817
* permissions and also for security (access) reasons,
1818
* we need to return the access failed error, not the
1819
* share error. We can't open the file due to kernel
1820
* oplock deadlock (it's possible we failed above on
1821
* the open_mode_check()) so use a userspace check.
1824
if (flags & O_RDWR) {
1825
can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1826
} else if (flags & O_WRONLY) {
1827
can_access_mask = FILE_WRITE_DATA;
1829
can_access_mask = FILE_READ_DATA;
1832
if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1833
!can_access_file_data(conn,fname,psbuf,can_access_mask)) {
1838
* If we're returning a share violation, ensure we
1839
* cope with the braindead 1 second delay.
1842
if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1843
lp_defer_sharing_violations()) {
1844
struct timeval timeout;
1845
struct deferred_open_record state;
1848
/* this is a hack to speed up torture tests
1850
timeout_usecs = lp_parm_int(SNUM(conn),
1851
"smbd","sharedelay",
1852
SHARING_VIOLATION_USEC_WAIT);
1854
/* This is a relative time, added to the absolute
1855
request_time value to get the absolute timeout time.
1856
Note that if this is the second or greater time we enter
1857
this codepath for this particular request mid then
1858
request_time is left as the absolute time of the *first*
1859
time this request mid was processed. This is what allows
1860
the request to eventually time out. */
1862
timeout = timeval_set(0, timeout_usecs);
1864
/* Nothing actually uses state.delayed_for_oplocks
1865
but it's handy to differentiate in debug messages
1866
between a 30 second delay due to oplock break, and
1867
a 1 second delay for share mode conflicts. */
1869
state.delayed_for_oplocks = False;
1873
&& !request_timed_out(request_time,
1875
defer_open(lck, request_time, timeout,
1883
* We have detected a sharing violation here
1884
* so return the correct error code
1886
status = NT_STATUS_SHARING_VIOLATION;
1888
status = NT_STATUS_ACCESS_DENIED;
1894
* We exit this block with the share entry *locked*.....
1898
SMB_ASSERT(!file_existed || (lck != NULL));
1901
* Ensure we pay attention to default ACLs on directories if required.
1904
if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1905
(def_acl = directory_has_default_acl(conn, parent_dir))) {
1909
DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1910
"access_mask = 0x%x, open_access_mask = 0x%x\n",
1911
(unsigned int)flags, (unsigned int)flags2,
1912
(unsigned int)unx_mode, (unsigned int)access_mask,
1913
(unsigned int)open_access_mask));
1916
* open_file strips any O_TRUNC flags itself.
1919
fsp_open = open_file(fsp, conn, req, parent_dir, newname, fname, psbuf,
1920
flags|flags2, unx_mode, access_mask,
1923
if (!NT_STATUS_IS_OK(fsp_open)) {
1930
if (!file_existed) {
1931
struct timespec old_write_time = get_mtimespec(psbuf);
1933
* Deal with the race condition where two smbd's detect the
1934
* file doesn't exist and do the create at the same time. One
1935
* of them will win and set a share mode, the other (ie. this
1936
* one) should check if the requested share mode for this
1937
* create is allowed.
1941
* Now the file exists and fsp is successfully opened,
1942
* fsp->dev and fsp->inode are valid and should replace the
1943
* dev=0,inode=0 from a non existent file. Spotted by
1944
* Nadav Danieli <nadavd@exanet.com>. JRA.
1949
lck = get_share_mode_lock(talloc_tos(), id,
1951
fname, &old_write_time);
1954
DEBUG(0, ("open_file_ntcreate: Could not get share "
1955
"mode lock for %s\n", fname));
1957
return NT_STATUS_SHARING_VIOLATION;
1960
/* First pass - send break only on batch oplocks. */
1962
&& delay_for_oplocks(lck, fsp, req->mid, 1,
1964
schedule_defer_open(lck, request_time, req);
1967
return NT_STATUS_SHARING_VIOLATION;
1970
status = open_mode_check(conn, fname, lck,
1971
access_mask, share_access,
1972
create_options, &file_existed);
1974
if (NT_STATUS_IS_OK(status)) {
1975
/* We might be going to allow this open. Check oplock
1977
/* Second pass - send break for both batch or
1978
* exclusive oplocks. */
1980
&& delay_for_oplocks(lck, fsp, req->mid, 2,
1982
schedule_defer_open(lck, request_time, req);
1985
return NT_STATUS_SHARING_VIOLATION;
1989
if (!NT_STATUS_IS_OK(status)) {
1990
struct deferred_open_record state;
1994
state.delayed_for_oplocks = False;
1997
/* Do it all over again immediately. In the second
1998
* round we will find that the file existed and handle
1999
* the DELETE_PENDING and FCB cases correctly. No need
2000
* to duplicate the code here. Essentially this is a
2001
* "goto top of this function", but don't tell
2005
defer_open(lck, request_time, timeval_zero(),
2013
* We exit this block with the share entry *locked*.....
2018
SMB_ASSERT(lck != NULL);
2020
/* Delete streams if create_disposition requires it */
2021
if (file_existed && clear_ads && !is_ntfs_stream_name(fname)) {
2022
status = delete_all_streams(conn, fname);
2023
if (!NT_STATUS_IS_OK(status)) {
2030
/* note that we ignore failure for the following. It is
2031
basically a hack for NFS, and NFS will never set one of
2032
these only read them. Nobody but Samba can ever set a deny
2033
mode and we have already checked our more authoritative
2034
locking database for permission to set this deny mode. If
2035
the kernel refuses the operations then the kernel is wrong.
2036
note that GPFS supports it as well - jmcd */
2038
if (fsp->fh->fd != -1) {
2039
ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access);
2040
if(ret_flock == -1 ){
2045
return NT_STATUS_SHARING_VIOLATION;
2050
* At this point onwards, we can guarentee that the share entry
2051
* is locked, whether we created the file or not, and that the
2052
* deny mode is compatible with all current opens.
2056
* If requested, truncate the file.
2059
if (flags2&O_TRUNC) {
2061
* We are modifing the file after open - update the stat
2064
if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2065
(SMB_VFS_FSTAT(fsp, psbuf)==-1)) {
2066
status = map_nt_error_from_unix(errno);
2073
/* Record the options we were opened with. */
2074
fsp->share_access = share_access;
2075
fsp->fh->private_options = create_options;
2077
* According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2079
fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2082
/* stat opens on existing files don't get oplocks. */
2083
if (is_stat_open(open_access_mask)) {
2084
fsp->oplock_type = NO_OPLOCK;
2087
if (!(flags2 & O_TRUNC)) {
2088
info = FILE_WAS_OPENED;
2090
info = FILE_WAS_OVERWRITTEN;
2093
info = FILE_WAS_CREATED;
2101
* Setup the oplock info in both the shared memory and
2105
if (!set_file_oplock(fsp, fsp->oplock_type)) {
2106
/* Could not get the kernel oplock */
2107
fsp->oplock_type = NO_OPLOCK;
2110
if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2111
new_file_created = True;
2114
set_share_mode(lck, fsp, conn->server_info->utok.uid, 0,
2117
/* Handle strange delete on close create semantics. */
2118
if (create_options & FILE_DELETE_ON_CLOSE) {
2120
status = can_set_delete_on_close(fsp, True, new_dos_attributes);
2122
if (!NT_STATUS_IS_OK(status)) {
2123
/* Remember to delete the mode we just added. */
2124
del_share_mode(lck, fsp);
2129
/* Note that here we set the *inital* delete on close flag,
2130
not the regular one. The magic gets handled in close. */
2131
fsp->initial_delete_on_close = True;
2134
if (new_file_created) {
2135
/* Files should be initially set as archive */
2136
if (lp_map_archive(SNUM(conn)) ||
2137
lp_store_dos_attributes(SNUM(conn))) {
2139
SMB_STRUCT_STAT tmp_sbuf;
2140
SET_STAT_INVALID(tmp_sbuf);
2141
if (file_set_dosmode(
2143
new_dos_attributes | aARCH,
2144
&tmp_sbuf, parent_dir,
2146
unx_mode = tmp_sbuf.st_mode;
2153
* Take care of inherited ACLs on created files - if default ACL not
2157
if (!posix_open && !file_existed && !def_acl) {
2159
int saved_errno = errno; /* We might get ENOSYS in the next
2162
if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2164
errno = saved_errno; /* Ignore ENOSYS */
2167
} else if (new_unx_mode) {
2171
/* Attributes need changing. File already existed. */
2174
int saved_errno = errno; /* We might get ENOSYS in the
2176
ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2178
if (ret == -1 && errno == ENOSYS) {
2179
errno = saved_errno; /* Ignore ENOSYS */
2181
DEBUG(5, ("open_file_ntcreate: reset "
2182
"attributes of file %s to 0%o\n",
2183
fname, (unsigned int)new_unx_mode));
2184
ret = 0; /* Don't do the fchmod below. */
2189
(SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2190
DEBUG(5, ("open_file_ntcreate: failed to reset "
2191
"attributes of file %s to 0%o\n",
2192
fname, (unsigned int)new_unx_mode));
2195
/* If this is a successful open, we must remove any deferred open
2198
del_deferred_open_entry(lck, req->mid);
2202
return NT_STATUS_OK;
2206
/****************************************************************************
2207
Open a file for for write to ensure that we can fchmod it.
2208
****************************************************************************/
2210
NTSTATUS open_file_fchmod(struct smb_request *req, connection_struct *conn,
2212
SMB_STRUCT_STAT *psbuf, files_struct **result)
2214
files_struct *fsp = NULL;
2217
if (!VALID_STAT(*psbuf)) {
2218
return NT_STATUS_INVALID_PARAMETER;
2221
status = file_new(req, conn, &fsp);
2222
if(!NT_STATUS_IS_OK(status)) {
2226
status = SMB_VFS_CREATE_FILE(
2229
0, /* root_dir_fid */
2231
0, /* create_file_flags */
2232
FILE_WRITE_DATA, /* access_mask */
2233
(FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
2235
FILE_OPEN, /* create_disposition*/
2236
0, /* create_options */
2237
0, /* file_attributes */
2238
0, /* oplock_request */
2239
0, /* allocation_size */
2247
* This is not a user visible file open.
2248
* Don't set a share mode.
2251
if (!NT_STATUS_IS_OK(status)) {
2252
file_free(req, fsp);
2257
return NT_STATUS_OK;
2260
/****************************************************************************
2261
Close the fchmod file fd - ensure no locks are lost.
2262
****************************************************************************/
2264
NTSTATUS close_file_fchmod(struct smb_request *req, files_struct *fsp)
2266
NTSTATUS status = fd_close(fsp);
2267
file_free(req, fsp);
2271
static NTSTATUS mkdir_internal(connection_struct *conn,
2273
uint32 file_attributes,
2274
SMB_STRUCT_STAT *psbuf)
2278
const char *dirname;
2280
bool posix_open = false;
2282
if(!CAN_WRITE(conn)) {
2283
DEBUG(5,("mkdir_internal: failing create on read-only share "
2284
"%s\n", lp_servicename(SNUM(conn))));
2285
return NT_STATUS_ACCESS_DENIED;
2288
status = check_name(conn, name);
2289
if (!NT_STATUS_IS_OK(status)) {
2293
if (!parent_dirname(talloc_tos(), name, &parent_dir, &dirname)) {
2294
return NT_STATUS_NO_MEMORY;
2297
if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2299
mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2301
mode = unix_mode(conn, aDIR, name, parent_dir);
2304
if (SMB_VFS_MKDIR(conn, name, mode) != 0) {
2305
return map_nt_error_from_unix(errno);
2308
/* Ensure we're checking for a symlink here.... */
2309
/* We don't want to get caught by a symlink racer. */
2311
if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
2312
DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2313
name, strerror(errno)));
2314
return map_nt_error_from_unix(errno);
2317
if (!S_ISDIR(psbuf->st_mode)) {
2318
DEBUG(0, ("Directory just '%s' created is not a directory\n",
2320
return NT_STATUS_ACCESS_DENIED;
2323
if (lp_store_dos_attributes(SNUM(conn))) {
2325
file_set_dosmode(conn, name,
2326
file_attributes | aDIR, NULL,
2332
if (lp_inherit_perms(SNUM(conn))) {
2333
inherit_access_posix_acl(conn, parent_dir, name, mode);
2336
if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
2338
* Check if high bits should have been set,
2339
* then (if bits are missing): add them.
2340
* Consider bits automagically set by UNIX, i.e. SGID bit from parent
2343
if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
2344
SMB_VFS_CHMOD(conn, name,
2345
psbuf->st_mode | (mode & ~psbuf->st_mode));
2349
/* Change the owner if required. */
2350
if (lp_inherit_owner(SNUM(conn))) {
2351
change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
2354
notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2357
return NT_STATUS_OK;
2360
/****************************************************************************
2361
Open a directory from an NT SMB call.
2362
****************************************************************************/
2364
static NTSTATUS open_directory(connection_struct *conn,
2365
struct smb_request *req,
2367
SMB_STRUCT_STAT *psbuf,
2369
uint32 share_access,
2370
uint32 create_disposition,
2371
uint32 create_options,
2372
uint32 file_attributes,
2374
files_struct **result)
2376
files_struct *fsp = NULL;
2377
bool dir_existed = VALID_STAT(*psbuf) ? True : False;
2378
struct share_mode_lock *lck = NULL;
2380
struct timespec mtimespec;
2383
DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2384
"share_access = 0x%x create_options = 0x%x, "
2385
"create_disposition = 0x%x, file_attributes = 0x%x\n",
2387
(unsigned int)access_mask,
2388
(unsigned int)share_access,
2389
(unsigned int)create_options,
2390
(unsigned int)create_disposition,
2391
(unsigned int)file_attributes));
2393
if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2394
(conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2395
is_ntfs_stream_name(fname)) {
2396
DEBUG(2, ("open_directory: %s is a stream name!\n", fname));
2397
return NT_STATUS_NOT_A_DIRECTORY;
2400
status = calculate_access_mask(conn, fname, dir_existed,
2403
if (!NT_STATUS_IS_OK(status)) {
2404
DEBUG(10, ("open_directory: calculate_access_mask "
2405
"on file %s returned %s\n",
2407
nt_errstr(status)));
2411
/* We need to support SeSecurityPrivilege for this. */
2412
if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
2413
DEBUG(10, ("open_directory: open on %s "
2414
"failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2416
return NT_STATUS_PRIVILEGE_NOT_HELD;
2419
switch( create_disposition ) {
2422
info = FILE_WAS_OPENED;
2425
* We want to follow symlinks here.
2428
if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
2429
return map_nt_error_from_unix(errno);
2436
/* If directory exists error. If directory doesn't
2439
status = mkdir_internal(conn,
2444
if (!NT_STATUS_IS_OK(status)) {
2445
DEBUG(2, ("open_directory: unable to create "
2446
"%s. Error was %s\n", fname,
2447
nt_errstr(status)));
2451
info = FILE_WAS_CREATED;
2456
* If directory exists open. If directory doesn't
2460
status = mkdir_internal(conn,
2465
if (NT_STATUS_IS_OK(status)) {
2466
info = FILE_WAS_CREATED;
2469
if (NT_STATUS_EQUAL(status,
2470
NT_STATUS_OBJECT_NAME_COLLISION)) {
2471
info = FILE_WAS_OPENED;
2472
status = NT_STATUS_OK;
2477
case FILE_SUPERSEDE:
2478
case FILE_OVERWRITE:
2479
case FILE_OVERWRITE_IF:
2481
DEBUG(5,("open_directory: invalid create_disposition "
2482
"0x%x for directory %s\n",
2483
(unsigned int)create_disposition, fname));
2484
return NT_STATUS_INVALID_PARAMETER;
2487
if(!S_ISDIR(psbuf->st_mode)) {
2488
DEBUG(5,("open_directory: %s is not a directory !\n",
2490
return NT_STATUS_NOT_A_DIRECTORY;
2493
if (info == FILE_WAS_OPENED) {
2494
uint32_t access_granted = 0;
2495
status = check_open_rights(conn,
2500
/* Were we trying to do a directory open
2501
* for delete and didn't get DELETE
2502
* access (only) ? Check if the
2503
* directory allows DELETE_CHILD.
2505
* http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2508
if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2509
(access_mask & DELETE_ACCESS) &&
2510
(access_granted == DELETE_ACCESS) &&
2511
can_delete_file_in_directory(conn, fname))) {
2512
DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2513
"on directory %s\n",
2515
status = NT_STATUS_OK;
2518
if (!NT_STATUS_IS_OK(status)) {
2519
DEBUG(10, ("open_directory: check_open_rights on "
2520
"file %s failed with %s\n",
2522
nt_errstr(status)));
2527
status = file_new(req, conn, &fsp);
2528
if(!NT_STATUS_IS_OK(status)) {
2533
* Setup the files_struct for it.
2536
fsp->mode = psbuf->st_mode;
2537
fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
2538
fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2539
fsp->file_pid = req ? req->smbpid : 0;
2540
fsp->can_lock = False;
2541
fsp->can_read = False;
2542
fsp->can_write = False;
2544
fsp->share_access = share_access;
2545
fsp->fh->private_options = create_options;
2547
* According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2549
fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2550
fsp->print_file = False;
2551
fsp->modified = False;
2552
fsp->oplock_type = NO_OPLOCK;
2553
fsp->sent_oplock_break = NO_BREAK_SENT;
2554
fsp->is_directory = True;
2555
fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2557
string_set(&fsp->fsp_name,fname);
2559
mtimespec = get_mtimespec(psbuf);
2561
lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2566
DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2567
file_free(req, fsp);
2568
return NT_STATUS_SHARING_VIOLATION;
2571
status = open_mode_check(conn, fname, lck,
2572
access_mask, share_access,
2573
create_options, &dir_existed);
2575
if (!NT_STATUS_IS_OK(status)) {
2577
file_free(req, fsp);
2581
set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK);
2583
/* For directories the delete on close bit at open time seems
2584
always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2585
if (create_options & FILE_DELETE_ON_CLOSE) {
2586
status = can_set_delete_on_close(fsp, True, 0);
2587
if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2589
file_free(req, fsp);
2593
if (NT_STATUS_IS_OK(status)) {
2594
/* Note that here we set the *inital* delete on close flag,
2595
not the regular one. The magic gets handled in close. */
2596
fsp->initial_delete_on_close = True;
2607
return NT_STATUS_OK;
2610
NTSTATUS create_directory(connection_struct *conn, struct smb_request *req, const char *directory)
2613
SMB_STRUCT_STAT sbuf;
2616
SET_STAT_INVALID(sbuf);
2618
status = SMB_VFS_CREATE_FILE(
2621
0, /* root_dir_fid */
2622
directory, /* fname */
2623
0, /* create_file_flags */
2624
FILE_READ_ATTRIBUTES, /* access_mask */
2625
FILE_SHARE_NONE, /* share_access */
2626
FILE_CREATE, /* create_disposition*/
2627
FILE_DIRECTORY_FILE, /* create_options */
2628
FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
2629
0, /* oplock_request */
2630
0, /* allocation_size */
2637
if (NT_STATUS_IS_OK(status)) {
2638
close_file(req, fsp, NORMAL_CLOSE);
2644
/****************************************************************************
2645
Receive notification that one of our open files has been renamed by another
2647
****************************************************************************/
2649
void msg_file_was_renamed(struct messaging_context *msg,
2652
struct server_id server_id,
2656
char *frm = (char *)data->data;
2658
const char *sharepath;
2659
const char *newname;
2662
if (data->data == NULL
2663
|| data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2664
DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2665
(int)data->length));
2669
/* Unpack the message. */
2670
pull_file_id_24(frm, &id);
2671
sharepath = &frm[24];
2672
newname = sharepath + strlen(sharepath) + 1;
2673
sp_len = strlen(sharepath);
2675
DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2677
sharepath, newname, file_id_string_tos(&id)));
2679
for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) {
2680
if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2681
DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2682
fsp->fnum, fsp->fsp_name, newname ));
2683
string_set(&fsp->fsp_name, newname);
2686
/* Now we have the complete path we can work out if this is
2687
actually within this share and adjust newname accordingly. */
2688
DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2689
"not sharepath %s) "
2690
"fnum %d from %s -> %s\n",
2691
fsp->conn->connectpath,
2700
struct case_semantics_state {
2701
connection_struct *conn;
2702
bool case_sensitive;
2704
bool short_case_preserve;
2707
/****************************************************************************
2708
Restore case semantics.
2709
****************************************************************************/
2710
static int restore_case_semantics(struct case_semantics_state *state)
2712
state->conn->case_sensitive = state->case_sensitive;
2713
state->conn->case_preserve = state->case_preserve;
2714
state->conn->short_case_preserve = state->short_case_preserve;
2718
/****************************************************************************
2719
Save case semantics.
2720
****************************************************************************/
2721
struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx,
2722
connection_struct *conn)
2724
struct case_semantics_state *result;
2726
if (!(result = talloc(mem_ctx, struct case_semantics_state))) {
2727
DEBUG(0, ("talloc failed\n"));
2731
result->conn = conn;
2732
result->case_sensitive = conn->case_sensitive;
2733
result->case_preserve = conn->case_preserve;
2734
result->short_case_preserve = conn->short_case_preserve;
2737
conn->case_sensitive = True;
2738
conn->case_preserve = True;
2739
conn->short_case_preserve = True;
2741
talloc_set_destructor(result, restore_case_semantics);
2747
* If a main file is opened for delete, all streams need to be checked for
2748
* !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2749
* If that works, delete them all by setting the delete on close and close.
2752
NTSTATUS open_streams_for_delete(connection_struct *conn,
2755
struct stream_struct *stream_info;
2756
files_struct **streams;
2758
unsigned int num_streams;
2759
TALLOC_CTX *frame = talloc_stackframe();
2762
status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2763
&num_streams, &stream_info);
2765
if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2766
|| NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2767
DEBUG(10, ("no streams around\n"));
2769
return NT_STATUS_OK;
2772
if (!NT_STATUS_IS_OK(status)) {
2773
DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2774
nt_errstr(status)));
2778
DEBUG(10, ("open_streams_for_delete found %d streams\n",
2781
if (num_streams == 0) {
2783
return NT_STATUS_OK;
2786
streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2787
if (streams == NULL) {
2788
DEBUG(0, ("talloc failed\n"));
2789
status = NT_STATUS_NO_MEMORY;
2793
for (i=0; i<num_streams; i++) {
2796
if (strequal(stream_info[i].name, "::$DATA")) {
2801
streamname = talloc_asprintf(talloc_tos(), "%s%s", fname,
2802
stream_info[i].name);
2804
if (streamname == NULL) {
2805
DEBUG(0, ("talloc_aprintf failed\n"));
2806
status = NT_STATUS_NO_MEMORY;
2810
status = SMB_VFS_CREATE_FILE(
2813
0, /* root_dir_fid */
2814
streamname, /* fname */
2815
0, /* create_file_flags */
2816
DELETE_ACCESS, /* access_mask */
2817
(FILE_SHARE_READ | /* share_access */
2818
FILE_SHARE_WRITE | FILE_SHARE_DELETE),
2819
FILE_OPEN, /* create_disposition*/
2820
NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* create_options */
2821
FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2822
0, /* oplock_request */
2823
0, /* allocation_size */
2826
&streams[i], /* result */
2830
TALLOC_FREE(streamname);
2832
if (!NT_STATUS_IS_OK(status)) {
2833
DEBUG(10, ("Could not open stream %s: %s\n",
2834
streamname, nt_errstr(status)));
2840
* don't touch the variable "status" beyond this point :-)
2843
for (i -= 1 ; i >= 0; i--) {
2844
if (streams[i] == NULL) {
2848
DEBUG(10, ("Closing stream # %d, %s\n", i,
2849
streams[i]->fsp_name));
2850
close_file(NULL, streams[i], NORMAL_CLOSE);
2859
* Wrapper around open_file_ntcreate and open_directory
2862
static NTSTATUS create_file_unixpath(connection_struct *conn,
2863
struct smb_request *req,
2865
uint32_t access_mask,
2866
uint32_t share_access,
2867
uint32_t create_disposition,
2868
uint32_t create_options,
2869
uint32_t file_attributes,
2870
uint32_t oplock_request,
2871
uint64_t allocation_size,
2872
struct security_descriptor *sd,
2873
struct ea_list *ea_list,
2875
files_struct **result,
2877
SMB_STRUCT_STAT *psbuf)
2879
SMB_STRUCT_STAT sbuf;
2880
int info = FILE_WAS_OPENED;
2881
files_struct *base_fsp = NULL;
2882
files_struct *fsp = NULL;
2885
DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2886
"file_attributes = 0x%x, share_access = 0x%x, "
2887
"create_disposition = 0x%x create_options = 0x%x "
2888
"oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, "
2890
(unsigned int)access_mask,
2891
(unsigned int)file_attributes,
2892
(unsigned int)share_access,
2893
(unsigned int)create_disposition,
2894
(unsigned int)create_options,
2895
(unsigned int)oplock_request,
2896
ea_list, sd, fname));
2898
if (create_options & FILE_OPEN_BY_FILE_ID) {
2899
status = NT_STATUS_NOT_SUPPORTED;
2903
if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
2904
status = NT_STATUS_INVALID_PARAMETER;
2909
oplock_request |= INTERNAL_OPEN_ONLY;
2912
if (psbuf != NULL) {
2916
if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) {
2917
SET_STAT_INVALID(sbuf);
2921
if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2922
&& (access_mask & DELETE_ACCESS)
2923
&& !is_ntfs_stream_name(fname)) {
2925
* We can't open a file with DELETE access if any of the
2926
* streams is open without FILE_SHARE_DELETE
2928
status = open_streams_for_delete(conn, fname);
2930
if (!NT_STATUS_IS_OK(status)) {
2935
/* This is the correct thing to do (check every time) but can_delete
2936
* is expensive (it may have to read the parent directory
2937
* permissions). So for now we're not doing it unless we have a strong
2938
* hint the client is really going to delete this file. If the client
2939
* is forcing FILE_CREATE let the filesystem take care of the
2942
/* Setting FILE_SHARE_DELETE is the hint. */
2944
if (lp_acl_check_permissions(SNUM(conn))
2945
&& (create_disposition != FILE_CREATE)
2946
&& (share_access & FILE_SHARE_DELETE)
2947
&& (access_mask & DELETE_ACCESS)
2948
&& (!(can_delete_file_in_directory(conn, fname) ||
2949
can_access_file_acl(conn, fname, DELETE_ACCESS)))) {
2950
status = NT_STATUS_ACCESS_DENIED;
2951
DEBUG(10,("create_file_unixpath: open file %s "
2952
"for delete ACCESS_DENIED\n", fname ));
2957
/* We need to support SeSecurityPrivilege for this. */
2958
if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
2959
!user_has_privileges(current_user.nt_user_token,
2961
status = NT_STATUS_PRIVILEGE_NOT_HELD;
2965
/* We need to support SeSecurityPrivilege for this. */
2966
if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
2967
status = NT_STATUS_PRIVILEGE_NOT_HELD;
2970
/* Don't allow a SACL set from an NTtrans create until we
2971
* support SeSecurityPrivilege. */
2972
if (!VALID_STAT(sbuf) &&
2973
lp_nt_acl_support(SNUM(conn)) &&
2974
sd && (sd->sacl != NULL)) {
2975
status = NT_STATUS_PRIVILEGE_NOT_HELD;
2980
if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2981
&& is_ntfs_stream_name(fname)
2982
&& (!(create_options & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
2984
uint32 base_create_disposition;
2986
if (create_options & FILE_DIRECTORY_FILE) {
2987
status = NT_STATUS_NOT_A_DIRECTORY;
2991
status = split_ntfs_stream_name(talloc_tos(), fname,
2993
if (!NT_STATUS_IS_OK(status)) {
2994
DEBUG(10, ("create_file_unixpath: "
2995
"split_ntfs_stream_name failed: %s\n",
2996
nt_errstr(status)));
3000
SMB_ASSERT(!is_ntfs_stream_name(base)); /* paranoia.. */
3002
switch (create_disposition) {
3004
base_create_disposition = FILE_OPEN;
3007
base_create_disposition = FILE_OPEN_IF;
3011
status = create_file_unixpath(conn, NULL, base, 0,
3014
| FILE_SHARE_DELETE,
3015
base_create_disposition,
3016
0, 0, 0, 0, NULL, NULL,
3017
&base_fsp, NULL, NULL);
3018
if (!NT_STATUS_IS_OK(status)) {
3019
DEBUG(10, ("create_file_unixpath for base %s failed: "
3020
"%s\n", base, nt_errstr(status)));
3023
/* we don't need to low level fd */
3028
* If it's a request for a directory open, deal with it separately.
3031
if (create_options & FILE_DIRECTORY_FILE) {
3033
if (create_options & FILE_NON_DIRECTORY_FILE) {
3034
status = NT_STATUS_INVALID_PARAMETER;
3038
/* Can't open a temp directory. IFS kit test. */
3039
if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
3040
(file_attributes & FILE_ATTRIBUTE_TEMPORARY)) {
3041
status = NT_STATUS_INVALID_PARAMETER;
3046
* We will get a create directory here if the Win32
3047
* app specified a security descriptor in the
3048
* CreateDirectory() call.
3052
status = open_directory(
3053
conn, req, fname, &sbuf, access_mask, share_access,
3054
create_disposition, create_options, file_attributes,
3059
* Ordinary file case.
3062
status = file_new(req, conn, &fsp);
3063
if(!NT_STATUS_IS_OK(status)) {
3068
* We're opening the stream element of a base_fsp
3069
* we already opened. Set up the base_fsp pointer.
3072
fsp->base_fsp = base_fsp;
3075
status = open_file_ntcreate(conn,
3088
if(!NT_STATUS_IS_OK(status)) {
3089
file_free(req, fsp);
3093
if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3095
/* A stream open never opens a directory */
3098
status = NT_STATUS_FILE_IS_A_DIRECTORY;
3103
* Fail the open if it was explicitly a non-directory
3107
if (create_options & FILE_NON_DIRECTORY_FILE) {
3108
status = NT_STATUS_FILE_IS_A_DIRECTORY;
3113
status = open_directory(
3114
conn, req, fname, &sbuf, access_mask,
3115
share_access, create_disposition,
3116
create_options, file_attributes,
3121
if (!NT_STATUS_IS_OK(status)) {
3125
fsp->base_fsp = base_fsp;
3128
* According to the MS documentation, the only time the security
3129
* descriptor is applied to the opened file is iff we *created* the
3130
* file; an existing file stays the same.
3132
* Also, it seems (from observation) that you can open the file with
3133
* any access mask but you can still write the sd. We need to override
3134
* the granted access before we call set_sd
3135
* Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3138
if ((sd != NULL) && (info == FILE_WAS_CREATED)
3139
&& lp_nt_acl_support(SNUM(conn))) {
3141
uint32_t sec_info_sent;
3142
uint32_t saved_access_mask = fsp->access_mask;
3144
sec_info_sent = get_sec_info(sd);
3146
fsp->access_mask = FILE_GENERIC_ALL;
3148
/* Convert all the generic bits. */
3149
security_acl_map_generic(sd->dacl, &file_generic_mapping);
3150
security_acl_map_generic(sd->sacl, &file_generic_mapping);
3152
if (sec_info_sent & (OWNER_SECURITY_INFORMATION|
3153
GROUP_SECURITY_INFORMATION|
3154
DACL_SECURITY_INFORMATION|
3155
SACL_SECURITY_INFORMATION)) {
3156
status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3159
fsp->access_mask = saved_access_mask;
3161
if (!NT_STATUS_IS_OK(status)) {
3166
if ((ea_list != NULL) &&
3167
((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN))) {
3168
status = set_ea(conn, fsp, fname, ea_list);
3169
if (!NT_STATUS_IS_OK(status)) {
3174
if (!fsp->is_directory && S_ISDIR(sbuf.st_mode)) {
3175
status = NT_STATUS_ACCESS_DENIED;
3179
/* Save the requested allocation size. */
3180
if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3182
&& (allocation_size > sbuf.st_size)) {
3183
fsp->initial_allocation_size = smb_roundup(
3184
fsp->conn, allocation_size);
3185
if (fsp->is_directory) {
3186
/* Can't set allocation size on a directory. */
3187
status = NT_STATUS_ACCESS_DENIED;
3190
if (vfs_allocate_file_space(
3191
fsp, fsp->initial_allocation_size) == -1) {
3192
status = NT_STATUS_DISK_FULL;
3196
fsp->initial_allocation_size = smb_roundup(
3197
fsp->conn, (uint64_t)sbuf.st_size);
3201
DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3204
if (pinfo != NULL) {
3207
if (psbuf != NULL) {
3208
if ((fsp->fh == NULL) || (fsp->fh->fd == -1)) {
3212
SMB_VFS_FSTAT(fsp, psbuf);
3215
return NT_STATUS_OK;
3218
DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3221
if (base_fsp && fsp->base_fsp == base_fsp) {
3223
* The close_file below will close
3228
close_file(req, fsp, ERROR_CLOSE);
3231
if (base_fsp != NULL) {
3232
close_file(req, base_fsp, ERROR_CLOSE);
3239
* Calculate the full path name given a relative fid.
3241
NTSTATUS get_relative_fid_filename(connection_struct *conn,
3242
struct smb_request *req,
3243
uint16_t root_dir_fid,
3244
const char *fname, char **new_fname)
3246
files_struct *dir_fsp;
3247
char *parent_fname = NULL;
3249
if (root_dir_fid == 0 || !fname || !new_fname) {
3250
return NT_STATUS_INTERNAL_ERROR;
3253
dir_fsp = file_fsp(req, root_dir_fid);
3255
if (dir_fsp == NULL) {
3256
return NT_STATUS_INVALID_HANDLE;
3259
if (!dir_fsp->is_directory) {
3262
* Check to see if this is a mac fork of some kind.
3265
if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3266
is_ntfs_stream_name(fname)) {
3267
return NT_STATUS_OBJECT_PATH_NOT_FOUND;
3271
we need to handle the case when we get a
3272
relative open relative to a file and the
3273
pathname is blank - this is a reopen!
3274
(hint from demyn plantenberg)
3277
return NT_STATUS_INVALID_HANDLE;
3280
if (ISDOT(dir_fsp->fsp_name)) {
3282
* We're at the toplevel dir, the final file name
3283
* must not contain ./, as this is filtered out
3284
* normally by srvstr_get_path and unix_convert
3285
* explicitly rejects paths containing ./.
3287
parent_fname = talloc_strdup(talloc_tos(), "");
3288
if (parent_fname == NULL) {
3289
return NT_STATUS_NO_MEMORY;
3292
size_t dir_name_len = strlen(dir_fsp->fsp_name);
3295
* Copy in the base directory name.
3298
parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3300
if (parent_fname == NULL) {
3301
return NT_STATUS_NO_MEMORY;
3303
memcpy(parent_fname, dir_fsp->fsp_name,
3307
* Ensure it ends in a '/'.
3308
* We used TALLOC_SIZE +2 to add space for the '/'.
3312
&& (parent_fname[dir_name_len-1] != '\\')
3313
&& (parent_fname[dir_name_len-1] != '/')) {
3314
parent_fname[dir_name_len] = '/';
3315
parent_fname[dir_name_len+1] = '\0';
3319
*new_fname = talloc_asprintf(talloc_tos(), "%s%s", parent_fname,
3321
if (*new_fname == NULL) {
3322
return NT_STATUS_NO_MEMORY;
3325
return NT_STATUS_OK;
3328
NTSTATUS create_file_default(connection_struct *conn,
3329
struct smb_request *req,
3330
uint16_t root_dir_fid,
3332
uint32_t create_file_flags,
3333
uint32_t access_mask,
3334
uint32_t share_access,
3335
uint32_t create_disposition,
3336
uint32_t create_options,
3337
uint32_t file_attributes,
3338
uint32_t oplock_request,
3339
uint64_t allocation_size,
3340
struct security_descriptor *sd,
3341
struct ea_list *ea_list,
3343
files_struct **result,
3345
SMB_STRUCT_STAT *psbuf)
3347
SMB_STRUCT_STAT sbuf;
3348
int info = FILE_WAS_OPENED;
3349
files_struct *fsp = NULL;
3352
DEBUG(10,("create_file: access_mask = 0x%x "
3353
"file_attributes = 0x%x, share_access = 0x%x, "
3354
"create_disposition = 0x%x create_options = 0x%x "
3355
"oplock_request = 0x%x "
3356
"root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3357
"create_file_flags = 0x%x, fname = %s\n",
3358
(unsigned int)access_mask,
3359
(unsigned int)file_attributes,
3360
(unsigned int)share_access,
3361
(unsigned int)create_disposition,
3362
(unsigned int)create_options,
3363
(unsigned int)oplock_request,
3364
(unsigned int)root_dir_fid,
3365
ea_list, sd, create_file_flags, fname));
3367
/* MSDFS pathname processing must be done FIRST.
3368
MSDFS pathnames containing IPv6 addresses can
3369
be confused with NTFS stream names (they contain
3370
":" characters. JRA. */
3372
if ((req != NULL) && (req->flags2 & FLAGS2_DFS_PATHNAMES)) {
3373
char *resolved_fname;
3375
status = resolve_dfspath(talloc_tos(), conn, true, fname,
3378
if (!NT_STATUS_IS_OK(status)) {
3380
* For PATH_NOT_COVERED we had
3381
* reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
3382
* ERRSRV, ERRbadpath);
3383
* Need to fix in callers
3387
fname = resolved_fname;
3391
* Calculate the filename from the root_dir_if if necessary.
3394
if (root_dir_fid != 0) {
3397
status = get_relative_fid_filename(conn, req, root_dir_fid,
3399
if (!NT_STATUS_IS_OK(status)) {
3407
* Check to see if this is a mac fork of some kind.
3410
if (is_ntfs_stream_name(fname)) {
3411
enum FAKE_FILE_TYPE fake_file_type;
3413
fake_file_type = is_fake_file(fname);
3415
if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3418
* Here we go! support for changing the disk quotas
3421
* We need to fake up to open this MAGIC QUOTA file
3422
* and return a valid FID.
3424
* w2k close this file directly after openening xp
3425
* also tries a QUERY_FILE_INFO on the file and then
3428
status = open_fake_file(req, conn, req->vuid,
3429
fake_file_type, fname,
3431
if (!NT_STATUS_IS_OK(status)) {
3439
if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3440
status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3445
if (create_file_flags & CFF_DOS_PATH) {
3446
char *converted_fname;
3448
SET_STAT_INVALID(sbuf);
3450
status = unix_convert(talloc_tos(), conn, fname, False,
3451
&converted_fname, NULL, &sbuf);
3452
if (!NT_STATUS_IS_OK(status)) {
3455
fname = converted_fname;
3457
if (psbuf != NULL) {
3460
if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) {
3461
SET_STAT_INVALID(sbuf);
3467
/* All file access must go through check_name() */
3469
status = check_name(conn, fname);
3470
if (!NT_STATUS_IS_OK(status)) {
3474
status = create_file_unixpath(
3475
conn, req, fname, access_mask, share_access,
3476
create_disposition, create_options, file_attributes,
3477
oplock_request, allocation_size, sd, ea_list,
3478
&fsp, &info, &sbuf);
3480
if (!NT_STATUS_IS_OK(status)) {
3485
DEBUG(10, ("create_file: info=%d\n", info));
3488
if (pinfo != NULL) {
3491
if (psbuf != NULL) {
3494
return NT_STATUS_OK;
3497
DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3500
close_file(req, fsp, ERROR_CLOSE);
added
removed
source3/smbd/open.c
