2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 extern const struct generic_mapping file_generic_mapping;
25 extern bool global_client_failed_oplock_break;
27 struct deferred_open_record {
28 bool delayed_for_oplocks;
32 /****************************************************************************
33 SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
34 ****************************************************************************/
36 NTSTATUS smb1_file_se_access_check(const struct security_descriptor *sd,
37 const NT_USER_TOKEN *token,
38 uint32_t access_desired,
39 uint32_t *access_granted)
41 return se_access_check(sd,
43 (access_desired & ~FILE_READ_ATTRIBUTES),
47 /****************************************************************************
48 Check if we have open rights.
49 ****************************************************************************/
51 static NTSTATUS check_open_rights(struct connection_struct *conn,
54 uint32_t *access_granted)
56 /* Check if we have rights to open. */
58 struct security_descriptor *sd;
62 if (conn->server_info->utok.uid == 0 || conn->admin_user) {
63 /* I'm sorry sir, I didn't know you were root... */
64 *access_granted = access_mask;
65 if (access_mask & SEC_FLAG_MAXIMUM_ALLOWED) {
66 *access_granted |= FILE_GENERIC_ALL;
71 status = SMB_VFS_GET_NT_ACL(conn, fname,
72 (OWNER_SECURITY_INFORMATION |
73 GROUP_SECURITY_INFORMATION |
74 DACL_SECURITY_INFORMATION),&sd);
76 if (!NT_STATUS_IS_OK(status)) {
77 DEBUG(10, ("check_open_rights: Could not get acl "
84 status = smb1_file_se_access_check(sd,
85 conn->server_info->ptok,
91 DEBUG(10,("check_open_rights: file %s requesting "
92 "0x%x returning 0x%x (%s)\n",
94 (unsigned int)access_mask,
95 (unsigned int)*access_granted,
101 /****************************************************************************
102 fd support routines - attempt to do a dos_open.
103 ****************************************************************************/
105 static NTSTATUS fd_open(struct connection_struct *conn,
111 NTSTATUS status = NT_STATUS_OK;
115 * Never follow symlinks on a POSIX client. The
116 * client should be doing this.
119 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
124 fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
125 if (fsp->fh->fd == -1) {
126 status = map_nt_error_from_unix(errno);
129 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
130 fname, flags, (int)mode, fsp->fh->fd,
131 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
136 /****************************************************************************
137 Close the file associated with a fsp.
138 ****************************************************************************/
140 NTSTATUS fd_close(files_struct *fsp)
144 if (fsp->fh->fd == -1) {
145 return NT_STATUS_OK; /* What we used to call a stat open. */
147 if (fsp->fh->ref_count > 1) {
148 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
151 ret = SMB_VFS_CLOSE(fsp);
154 return map_nt_error_from_unix(errno);
159 /****************************************************************************
160 Change the ownership of a file to that of the parent directory.
161 Do this by fd if possible.
162 ****************************************************************************/
164 static void change_file_owner_to_parent(connection_struct *conn,
165 const char *inherit_from_dir,
168 SMB_STRUCT_STAT parent_st;
171 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
173 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
174 "directory %s. Error was %s\n",
175 inherit_from_dir, strerror(errno) ));
180 ret = SMB_VFS_FCHOWN(fsp, parent_st.st_uid, (gid_t)-1);
183 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
184 "file %s to parent directory uid %u. Error "
185 "was %s\n", fsp->fsp_name,
186 (unsigned int)parent_st.st_uid,
190 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
191 "parent directory uid %u.\n", fsp->fsp_name,
192 (unsigned int)parent_st.st_uid ));
195 static NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
196 const char *inherit_from_dir,
198 SMB_STRUCT_STAT *psbuf)
200 char *saved_dir = NULL;
201 SMB_STRUCT_STAT sbuf;
202 SMB_STRUCT_STAT parent_st;
203 TALLOC_CTX *ctx = talloc_tos();
204 NTSTATUS status = NT_STATUS_OK;
207 ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
209 status = map_nt_error_from_unix(errno);
210 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
211 "directory %s. Error was %s\n",
212 inherit_from_dir, strerror(errno) ));
216 /* We've already done an lstat into psbuf, and we know it's a
217 directory. If we can cd into the directory and the dev/ino
218 are the same then we can safely chown without races as
219 we're locking the directory in place by being in it. This
220 should work on any UNIX (thanks tridge :-). JRA.
223 saved_dir = vfs_GetWd(ctx,conn);
225 status = map_nt_error_from_unix(errno);
226 DEBUG(0,("change_dir_owner_to_parent: failed to get "
227 "current working directory. Error was %s\n",
232 /* Chdir into the new path. */
233 if (vfs_ChDir(conn, fname) == -1) {
234 status = map_nt_error_from_unix(errno);
235 DEBUG(0,("change_dir_owner_to_parent: failed to change "
236 "current working directory to %s. Error "
237 "was %s\n", fname, strerror(errno) ));
241 if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
242 status = map_nt_error_from_unix(errno);
243 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
244 "directory '.' (%s) Error was %s\n",
245 fname, strerror(errno)));
249 /* Ensure we're pointing at the same place. */
250 if (sbuf.st_dev != psbuf->st_dev ||
251 sbuf.st_ino != psbuf->st_ino ||
252 sbuf.st_mode != psbuf->st_mode ) {
253 DEBUG(0,("change_dir_owner_to_parent: "
254 "device/inode/mode on directory %s changed. "
255 "Refusing to chown !\n", fname ));
256 status = NT_STATUS_ACCESS_DENIED;
261 ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
264 status = map_nt_error_from_unix(errno);
265 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
266 "directory %s to parent directory uid %u. "
267 "Error was %s\n", fname,
268 (unsigned int)parent_st.st_uid, strerror(errno) ));
272 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
273 "directory %s to parent directory uid %u.\n",
274 fname, (unsigned int)parent_st.st_uid ));
278 vfs_ChDir(conn,saved_dir);
282 /****************************************************************************
284 ****************************************************************************/
286 static NTSTATUS open_file(files_struct *fsp,
287 connection_struct *conn,
288 struct smb_request *req,
289 const char *parent_dir,
292 SMB_STRUCT_STAT *psbuf,
295 uint32 access_mask, /* client requested access mask. */
296 uint32 open_access_mask) /* what we're actually using in the open. */
298 NTSTATUS status = NT_STATUS_OK;
299 int accmode = (flags & O_ACCMODE);
300 int local_flags = flags;
301 bool file_existed = VALID_STAT(*psbuf);
306 /* Check permissions */
309 * This code was changed after seeing a client open request
310 * containing the open mode of (DENY_WRITE/read-only) with
311 * the 'create if not exist' bit set. The previous code
312 * would fail to open the file read only on a read-only share
313 * as it was checking the flags parameter directly against O_RDONLY,
314 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
318 if (!CAN_WRITE(conn)) {
319 /* It's a read-only share - fail if we wanted to write. */
320 if(accmode != O_RDONLY) {
321 DEBUG(3,("Permission denied opening %s\n", path));
322 return NT_STATUS_ACCESS_DENIED;
323 } else if(flags & O_CREAT) {
324 /* We don't want to write - but we must make sure that
325 O_CREAT doesn't create the file if we have write
326 access into the directory.
329 local_flags &= ~O_CREAT;
334 * This little piece of insanity is inspired by the
335 * fact that an NT client can open a file for O_RDONLY,
336 * but set the create disposition to FILE_EXISTS_TRUNCATE.
337 * If the client *can* write to the file, then it expects to
338 * truncate the file, even though it is opening for readonly.
339 * Quicken uses this stupid trick in backup file creation...
340 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
341 * for helping track this one down. It didn't bite us in 2.0.x
342 * as we always opened files read-write in that release. JRA.
345 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
346 DEBUG(10,("open_file: truncate requested on read-only open "
347 "for file %s\n", path));
348 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
351 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
352 (!file_existed && (local_flags & O_CREAT)) ||
353 ((local_flags & O_TRUNC) == O_TRUNC) ) {
357 * We can't actually truncate here as the file may be locked.
358 * open_file_ntcreate will take care of the truncate later. JRA.
361 local_flags &= ~O_TRUNC;
363 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
365 * We would block on opening a FIFO with no one else on the
366 * other end. Do what we used to do and add O_NONBLOCK to the
370 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
371 local_flags |= O_NONBLOCK;
375 /* Don't create files with Microsoft wildcard characters. */
378 * wildcard characters are allowed in stream names
379 * only test the basefilename
381 wild = fsp->base_fsp->fsp_name;
385 if ((local_flags & O_CREAT) && !file_existed &&
387 return NT_STATUS_OBJECT_NAME_INVALID;
390 /* Actually do the open */
391 status = fd_open(conn, path, fsp, local_flags, unx_mode);
392 if (!NT_STATUS_IS_OK(status)) {
393 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
395 path,nt_errstr(status),local_flags,flags));
399 if ((local_flags & O_CREAT) && !file_existed) {
401 /* Inherit the ACL if required */
402 if (lp_inherit_perms(SNUM(conn))) {
403 inherit_access_posix_acl(conn, parent_dir, path,
407 /* Change the owner if required. */
408 if (lp_inherit_owner(SNUM(conn))) {
409 change_file_owner_to_parent(conn, parent_dir,
413 notify_fname(conn, NOTIFY_ACTION_ADDED,
414 FILE_NOTIFY_CHANGE_FILE_NAME, path);
418 fsp->fh->fd = -1; /* What we used to call a stat open. */
420 uint32_t access_granted = 0;
422 status = check_open_rights(conn,
426 if (!NT_STATUS_IS_OK(status)) {
427 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
429 * On NT_STATUS_ACCESS_DENIED, access_granted
430 * contains the denied bits.
433 if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
434 (access_granted & FILE_WRITE_ATTRIBUTES) &&
435 (lp_map_readonly(SNUM(conn)) ||
436 lp_map_archive(SNUM(conn)) ||
437 lp_map_hidden(SNUM(conn)) ||
438 lp_map_system(SNUM(conn)))) {
439 access_granted &= ~FILE_WRITE_ATTRIBUTES;
441 DEBUG(10,("open_file: overrode FILE_WRITE_ATTRIBUTES "
446 if ((access_mask & DELETE_ACCESS) &&
447 (access_granted & DELETE_ACCESS) &&
448 can_delete_file_in_directory(conn, path)) {
449 /* Were we trying to do a stat open
450 * for delete and didn't get DELETE
451 * access (only) ? Check if the
452 * directory allows DELETE_CHILD.
454 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
457 access_granted &= ~DELETE_ACCESS;
459 DEBUG(10,("open_file: overrode DELETE_ACCESS "
464 if (access_granted != 0) {
465 DEBUG(10, ("open_file: Access denied on "
470 } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
472 S_ISLNK(psbuf->st_mode)) {
473 /* This is a POSIX stat open for delete
474 * or rename on a symlink that points
476 DEBUG(10, ("open_file: allowing POSIX open "
477 "on bad symlink %s\n",
480 DEBUG(10, ("open_file: check_open_rights "
481 "on file %s returned %s\n",
482 path, nt_errstr(status) ));
492 if (fsp->fh->fd == -1) {
493 ret = SMB_VFS_STAT(conn, path, psbuf);
495 ret = SMB_VFS_FSTAT(fsp, psbuf);
496 /* If we have an fd, this stat should succeed. */
498 DEBUG(0,("Error doing fstat on open file %s "
499 "(%s)\n", path,strerror(errno) ));
503 /* For a non-io open, this stat failing means file not found. JRA */
505 status = map_nt_error_from_unix(errno);
512 * POSIX allows read-only opens of directories. We don't
513 * want to do this (we use a different code path for this)
514 * so catch a directory open and return an EISDIR. JRA.
517 if(S_ISDIR(psbuf->st_mode)) {
520 return NT_STATUS_FILE_IS_A_DIRECTORY;
523 fsp->mode = psbuf->st_mode;
524 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
525 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
526 fsp->file_pid = req ? req->smbpid : 0;
527 fsp->can_lock = True;
528 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
529 if (!CAN_WRITE(conn)) {
530 fsp->can_write = False;
532 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
535 fsp->print_file = False;
536 fsp->modified = False;
537 fsp->sent_oplock_break = NO_BREAK_SENT;
538 fsp->is_directory = False;
539 if (conn->aio_write_behind_list &&
540 is_in_path(path, conn->aio_write_behind_list, conn->case_sensitive)) {
541 fsp->aio_write_behind = True;
544 string_set(&fsp->fsp_name, path);
545 fsp->wcp = NULL; /* Write cache pointer. */
547 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
548 conn->server_info->unix_name,
550 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
551 conn->num_files_open));
557 /*******************************************************************
558 Return True if the filename is one of the special executable types.
559 ********************************************************************/
561 static bool is_executable(const char *fname)
563 if ((fname = strrchr_m(fname,'.'))) {
564 if (strequal(fname,".com") ||
565 strequal(fname,".dll") ||
566 strequal(fname,".exe") ||
567 strequal(fname,".sym")) {
574 /****************************************************************************
575 Check if we can open a file with a share mode.
576 Returns True if conflict, False if not.
577 ****************************************************************************/
579 static bool share_conflict(struct share_mode_entry *entry,
583 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
584 "entry->share_access = 0x%x, "
585 "entry->private_options = 0x%x\n",
586 (unsigned int)entry->access_mask,
587 (unsigned int)entry->share_access,
588 (unsigned int)entry->private_options));
590 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
591 (unsigned int)access_mask, (unsigned int)share_access));
593 if ((entry->access_mask & (FILE_WRITE_DATA|
597 DELETE_ACCESS)) == 0) {
598 DEBUG(10,("share_conflict: No conflict due to "
599 "entry->access_mask = 0x%x\n",
600 (unsigned int)entry->access_mask ));
604 if ((access_mask & (FILE_WRITE_DATA|
608 DELETE_ACCESS)) == 0) {
609 DEBUG(10,("share_conflict: No conflict due to "
610 "access_mask = 0x%x\n",
611 (unsigned int)access_mask ));
615 #if 1 /* JRA TEST - Superdebug. */
616 #define CHECK_MASK(num, am, right, sa, share) \
617 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
618 (unsigned int)(num), (unsigned int)(am), \
619 (unsigned int)(right), (unsigned int)(am)&(right) )); \
620 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
621 (unsigned int)(num), (unsigned int)(sa), \
622 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
623 if (((am) & (right)) && !((sa) & (share))) { \
624 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
625 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
626 (unsigned int)(share) )); \
630 #define CHECK_MASK(num, am, right, sa, share) \
631 if (((am) & (right)) && !((sa) & (share))) { \
632 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
633 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
634 (unsigned int)(share) )); \
639 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
640 share_access, FILE_SHARE_WRITE);
641 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
642 entry->share_access, FILE_SHARE_WRITE);
644 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
645 share_access, FILE_SHARE_READ);
646 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
647 entry->share_access, FILE_SHARE_READ);
649 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
650 share_access, FILE_SHARE_DELETE);
651 CHECK_MASK(6, access_mask, DELETE_ACCESS,
652 entry->share_access, FILE_SHARE_DELETE);
654 DEBUG(10,("share_conflict: No conflict.\n"));
658 #if defined(DEVELOPER)
659 static void validate_my_share_entries(int num,
660 struct share_mode_entry *share_entry)
664 if (!procid_is_me(&share_entry->pid)) {
668 if (is_deferred_open_entry(share_entry) &&
669 !open_was_deferred(share_entry->op_mid)) {
670 char *str = talloc_asprintf(talloc_tos(),
671 "Got a deferred entry without a request: "
673 share_mode_str(talloc_tos(), num, share_entry));
677 if (!is_valid_share_mode_entry(share_entry)) {
681 fsp = file_find_dif(share_entry->id,
682 share_entry->share_file_id);
684 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
685 share_mode_str(talloc_tos(), num, share_entry) ));
686 smb_panic("validate_my_share_entries: Cannot match a "
687 "share entry with an open file\n");
690 if (is_deferred_open_entry(share_entry) ||
691 is_unused_share_mode_entry(share_entry)) {
695 if ((share_entry->op_type == NO_OPLOCK) &&
696 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
697 /* Someone has already written to it, but I haven't yet
702 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
711 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
712 share_mode_str(talloc_tos(), num, share_entry) ));
713 str = talloc_asprintf(talloc_tos(),
714 "validate_my_share_entries: "
715 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
716 fsp->fsp_name, (unsigned int)fsp->oplock_type,
717 (unsigned int)share_entry->op_type );
723 static bool is_stat_open(uint32 access_mask)
725 return (access_mask &&
726 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
727 FILE_WRITE_ATTRIBUTES))==0) &&
728 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
729 FILE_WRITE_ATTRIBUTES)) != 0));
732 /****************************************************************************
733 Deal with share modes
734 Invarient: Share mode must be locked on entry and exit.
735 Returns -1 on error, or number of share modes on success (may be zero).
736 ****************************************************************************/
738 static NTSTATUS open_mode_check(connection_struct *conn,
740 struct share_mode_lock *lck,
743 uint32 create_options,
748 if(lck->num_share_modes == 0) {
752 *file_existed = True;
754 /* A delete on close prohibits everything */
756 if (lck->delete_on_close) {
757 return NT_STATUS_DELETE_PENDING;
760 if (is_stat_open(access_mask)) {
761 /* Stat open that doesn't trigger oplock breaks or share mode
762 * checks... ! JRA. */
767 * Check if the share modes will give us access.
770 #if defined(DEVELOPER)
771 for(i = 0; i < lck->num_share_modes; i++) {
772 validate_my_share_entries(i, &lck->share_modes[i]);
776 if (!lp_share_modes(SNUM(conn))) {
780 /* Now we check the share modes, after any oplock breaks. */
781 for(i = 0; i < lck->num_share_modes; i++) {
783 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
787 /* someone else has a share lock on it, check to see if we can
789 if (share_conflict(&lck->share_modes[i],
790 access_mask, share_access)) {
791 return NT_STATUS_SHARING_VIOLATION;
798 static bool is_delete_request(files_struct *fsp) {
799 return ((fsp->access_mask == DELETE_ACCESS) &&
800 (fsp->oplock_type == NO_OPLOCK));
804 * Send a break message to the oplock holder and delay the open for
808 static NTSTATUS send_break_message(files_struct *fsp,
809 struct share_mode_entry *exclusive,
814 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
816 DEBUG(10, ("Sending break request to PID %s\n",
817 procid_str_static(&exclusive->pid)));
818 exclusive->op_mid = mid;
820 /* Create the message. */
821 share_mode_entry_to_message(msg, exclusive);
823 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
824 don't want this set in the share mode struct pointed to by lck. */
826 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
827 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
830 status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
831 MSG_SMB_BREAK_REQUEST,
833 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
834 if (!NT_STATUS_IS_OK(status)) {
835 DEBUG(3, ("Could not send oplock break message: %s\n",
843 * 1) No files open at all or internal open: Grant whatever the client wants.
845 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
846 * request, break if the oplock around is a batch oplock. If it's another
847 * requested access type, break.
849 * 3) Only level2 around: Grant level2 and do nothing else.
852 static bool delay_for_oplocks(struct share_mode_lock *lck,
858 extern uint32 global_client_caps;
860 struct share_mode_entry *exclusive = NULL;
861 bool valid_entry = false;
862 bool have_level2 = false;
863 bool have_a_none_oplock = false;
864 bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
865 lp_level2_oplocks(SNUM(fsp->conn));
867 if (oplock_request & INTERNAL_OPEN_ONLY) {
868 fsp->oplock_type = NO_OPLOCK;
871 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
875 for (i=0; i<lck->num_share_modes; i++) {
877 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
881 /* At least one entry is not an invalid or deferred entry. */
884 if (pass_number == 1) {
885 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
886 SMB_ASSERT(exclusive == NULL);
887 exclusive = &lck->share_modes[i];
890 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
891 SMB_ASSERT(exclusive == NULL);
892 exclusive = &lck->share_modes[i];
896 if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
897 SMB_ASSERT(exclusive == NULL);
901 if (lck->share_modes[i].op_type == NO_OPLOCK) {
902 have_a_none_oplock = true;
906 if (exclusive != NULL) { /* Found an exclusive oplock */
907 bool delay_it = is_delete_request(fsp) ?
908 BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
909 SMB_ASSERT(!have_level2);
911 send_break_message(fsp, exclusive, mid, oplock_request);
917 * Match what was requested (fsp->oplock_type) with
918 * what was found in the existing share modes.
922 /* All entries are placeholders or deferred.
923 * Directly grant whatever the client wants. */
924 if (fsp->oplock_type == NO_OPLOCK) {
925 /* Store a level2 oplock, but don't tell the client */
926 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
928 } else if (have_a_none_oplock) {
929 fsp->oplock_type = NO_OPLOCK;
930 } else if (have_level2) {
931 if (fsp->oplock_type == NO_OPLOCK ||
932 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
933 /* Store a level2 oplock, but don't tell the client */
934 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
936 fsp->oplock_type = LEVEL_II_OPLOCK;
939 /* This case can never happen. */
944 * Don't grant level2 to clients that don't want them
945 * or if we've turned them off.
947 if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
948 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
951 DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
952 fsp->oplock_type, fsp->fsp_name));
958 static bool request_timed_out(struct timeval request_time,
959 struct timeval timeout)
961 struct timeval now, end_time;
963 end_time = timeval_sum(&request_time, &timeout);
964 return (timeval_compare(&end_time, &now) < 0);
967 /****************************************************************************
968 Handle the 1 second delay in returning a SHARING_VIOLATION error.
969 ****************************************************************************/
971 static void defer_open(struct share_mode_lock *lck,
972 struct timeval request_time,
973 struct timeval timeout,
974 struct smb_request *req,
975 struct deferred_open_record *state)
981 for (i=0; i<lck->num_share_modes; i++) {
982 struct share_mode_entry *e = &lck->share_modes[i];
984 if (!is_deferred_open_entry(e)) {
988 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
989 DEBUG(0, ("Trying to defer an already deferred "
990 "request: mid=%d, exiting\n", req->mid));
991 exit_server("attempt to defer a deferred request");
995 /* End paranoia check */
997 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
998 "open entry for mid %u\n",
999 (unsigned int)request_time.tv_sec,
1000 (unsigned int)request_time.tv_usec,
1001 (unsigned int)req->mid));
1003 if (!push_deferred_smb_message(req, request_time, timeout,
1004 (char *)state, sizeof(*state))) {
1005 exit_server("push_deferred_smb_message failed");
1007 add_deferred_open(lck, req->mid, request_time, state->id);
1010 * Push the MID of this packet on the signing queue.
1011 * We only do this once, the first time we push the packet
1012 * onto the deferred open queue, as this has a side effect
1013 * of incrementing the response sequence number.
1016 srv_defer_sign_response(req->mid);
1020 /****************************************************************************
1021 On overwrite open ensure that the attributes match.
1022 ****************************************************************************/
1024 static bool open_match_attributes(connection_struct *conn,
1026 uint32 old_dos_attr,
1027 uint32 new_dos_attr,
1028 mode_t existing_unx_mode,
1029 mode_t new_unx_mode,
1030 mode_t *returned_unx_mode)
1032 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1034 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1035 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1037 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1038 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1039 *returned_unx_mode = new_unx_mode;
1041 *returned_unx_mode = (mode_t)0;
1044 DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
1045 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1046 "returned_unx_mode = 0%o\n",
1048 (unsigned int)old_dos_attr,
1049 (unsigned int)existing_unx_mode,
1050 (unsigned int)new_dos_attr,
1051 (unsigned int)*returned_unx_mode ));
1053 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1054 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1055 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1056 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1060 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1061 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1062 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1069 /****************************************************************************
1070 Special FCB or DOS processing in the case of a sharing violation.
1071 Try and find a duplicated file handle.
1072 ****************************************************************************/
1074 static NTSTATUS fcb_or_dos_open(connection_struct *conn,
1075 files_struct *fsp_to_dup_into,
1081 uint32 share_access,
1082 uint32 create_options)
1086 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1087 "file %s.\n", fname ));
1089 for(fsp = file_find_di_first(id); fsp;
1090 fsp = file_find_di_next(fsp)) {
1092 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1093 "vuid = %u, file_pid = %u, private_options = 0x%x "
1094 "access_mask = 0x%x\n", fsp->fsp_name,
1095 fsp->fh->fd, (unsigned int)fsp->vuid,
1096 (unsigned int)fsp->file_pid,
1097 (unsigned int)fsp->fh->private_options,
1098 (unsigned int)fsp->access_mask ));
1100 if (fsp->fh->fd != -1 &&
1101 fsp->vuid == vuid &&
1102 fsp->file_pid == file_pid &&
1103 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1104 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1105 (fsp->access_mask & FILE_WRITE_DATA) &&
1106 strequal(fsp->fsp_name, fname)) {
1107 DEBUG(10,("fcb_or_dos_open: file match\n"));
1113 return NT_STATUS_NOT_FOUND;
1116 /* quite an insane set of semantics ... */
1117 if (is_executable(fname) &&
1118 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1119 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1120 return NT_STATUS_INVALID_PARAMETER;
1123 /* We need to duplicate this fsp. */
1124 dup_file_fsp(fsp, access_mask, share_access,
1125 create_options, fsp_to_dup_into);
1127 return NT_STATUS_OK;
1130 /****************************************************************************
1131 Open a file with a share mode - old openX method - map into NTCreate.
1132 ****************************************************************************/
1134 bool map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
1135 uint32 *paccess_mask,
1136 uint32 *pshare_mode,
1137 uint32 *pcreate_disposition,
1138 uint32 *pcreate_options)
1142 uint32 create_disposition;
1143 uint32 create_options = FILE_NON_DIRECTORY_FILE;
1145 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1146 "open_func = 0x%x\n",
1147 fname, (unsigned int)deny_mode, (unsigned int)open_func ));
1149 /* Create the NT compatible access_mask. */
1150 switch (GET_OPENX_MODE(deny_mode)) {
1151 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1152 case DOS_OPEN_RDONLY:
1153 access_mask = FILE_GENERIC_READ;
1155 case DOS_OPEN_WRONLY:
1156 access_mask = FILE_GENERIC_WRITE;
1160 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1163 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1164 (unsigned int)GET_OPENX_MODE(deny_mode)));
1168 /* Create the NT compatible create_disposition. */
1169 switch (open_func) {
1170 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1171 create_disposition = FILE_CREATE;
1174 case OPENX_FILE_EXISTS_OPEN:
1175 create_disposition = FILE_OPEN;
1178 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1179 create_disposition = FILE_OPEN_IF;
1182 case OPENX_FILE_EXISTS_TRUNCATE:
1183 create_disposition = FILE_OVERWRITE;
1186 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1187 create_disposition = FILE_OVERWRITE_IF;
1191 /* From samba4 - to be confirmed. */
1192 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1193 create_disposition = FILE_CREATE;
1196 DEBUG(10,("map_open_params_to_ntcreate: bad "
1197 "open_func 0x%x\n", (unsigned int)open_func));
1201 /* Create the NT compatible share modes. */
1202 switch (GET_DENY_MODE(deny_mode)) {
1204 share_mode = FILE_SHARE_NONE;
1208 share_mode = FILE_SHARE_READ;
1212 share_mode = FILE_SHARE_WRITE;
1216 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1220 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1221 if (is_executable(fname)) {
1222 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1224 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1225 share_mode = FILE_SHARE_READ;
1227 share_mode = FILE_SHARE_NONE;
1233 create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1234 share_mode = FILE_SHARE_NONE;
1238 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1239 (unsigned int)GET_DENY_MODE(deny_mode) ));
1243 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1244 "share_mode = 0x%x, create_disposition = 0x%x, "
1245 "create_options = 0x%x\n",
1247 (unsigned int)access_mask,
1248 (unsigned int)share_mode,
1249 (unsigned int)create_disposition,
1250 (unsigned int)create_options ));
1253 *paccess_mask = access_mask;
1256 *pshare_mode = share_mode;
1258 if (pcreate_disposition) {
1259 *pcreate_disposition = create_disposition;
1261 if (pcreate_options) {
1262 *pcreate_options = create_options;
1269 static void schedule_defer_open(struct share_mode_lock *lck,
1270 struct timeval request_time,
1271 struct smb_request *req)
1273 struct deferred_open_record state;
1275 /* This is a relative time, added to the absolute
1276 request_time value to get the absolute timeout time.
1277 Note that if this is the second or greater time we enter
1278 this codepath for this particular request mid then
1279 request_time is left as the absolute time of the *first*
1280 time this request mid was processed. This is what allows
1281 the request to eventually time out. */
1283 struct timeval timeout;
1285 /* Normally the smbd we asked should respond within
1286 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1287 * the client did, give twice the timeout as a safety
1288 * measure here in case the other smbd is stuck
1289 * somewhere else. */
1291 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1293 /* Nothing actually uses state.delayed_for_oplocks
1294 but it's handy to differentiate in debug messages
1295 between a 30 second delay due to oplock break, and
1296 a 1 second delay for share mode conflicts. */
1298 state.delayed_for_oplocks = True;
1301 if (!request_timed_out(request_time, timeout)) {
1302 defer_open(lck, request_time, timeout, req, &state);
1306 /****************************************************************************
1307 Work out what access_mask to use from what the client sent us.
1308 ****************************************************************************/
1310 static NTSTATUS calculate_access_mask(connection_struct *conn,
1313 uint32_t access_mask,
1314 uint32_t *access_mask_out)
1319 * Convert GENERIC bits to specific bits.
1322 se_map_generic(&access_mask, &file_generic_mapping);
1324 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1325 if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1328 struct security_descriptor *sd;
1329 uint32_t access_granted = 0;
1331 status = SMB_VFS_GET_NT_ACL(conn, fname,
1332 (OWNER_SECURITY_INFORMATION |
1333 GROUP_SECURITY_INFORMATION |
1334 DACL_SECURITY_INFORMATION),&sd);
1336 if (!NT_STATUS_IS_OK(status)) {
1337 DEBUG(10, ("calculate_access_mask: Could not get acl "
1340 nt_errstr(status)));
1341 return NT_STATUS_ACCESS_DENIED;
1344 status = smb1_file_se_access_check(sd,
1345 conn->server_info->ptok,
1351 if (!NT_STATUS_IS_OK(status)) {
1352 DEBUG(10, ("calculate_access_mask: Access denied on "
1353 "file %s: when calculating maximum access\n",
1355 return NT_STATUS_ACCESS_DENIED;
1358 access_mask = access_granted;
1360 access_mask = FILE_GENERIC_ALL;
1364 *access_mask_out = access_mask;
1365 return NT_STATUS_OK;
1368 /****************************************************************************
1369 Open a file with a share mode. Passed in an already created files_struct *.
1370 ****************************************************************************/
1372 static NTSTATUS open_file_ntcreate_internal(connection_struct *conn,
1373 struct smb_request *req,
1375 SMB_STRUCT_STAT *psbuf,
1376 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1377 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1378 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1379 uint32 create_options, /* options such as delete on close. */
1380 uint32 new_dos_attributes, /* attributes used for new file. */
1381 int oplock_request, /* internal Samba oplock codes. */
1382 /* Information (FILE_EXISTS etc.) */
1388 bool file_existed = VALID_STAT(*psbuf);
1389 bool def_acl = False;
1390 bool posix_open = False;
1391 bool new_file_created = False;
1392 bool clear_ads = false;
1394 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1395 mode_t new_unx_mode = (mode_t)0;
1396 mode_t unx_mode = (mode_t)0;
1398 uint32 existing_dos_attributes = 0;
1399 struct pending_message_list *pml = NULL;
1400 struct timeval request_time = timeval_zero();
1401 struct share_mode_lock *lck = NULL;
1402 uint32 open_access_mask = access_mask;
1406 const char *newname;
1410 if (conn->printer) {
1412 * Printers are handled completely differently.
1413 * Most of the passed parameters are ignored.
1417 *pinfo = FILE_WAS_CREATED;
1420 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1422 return print_fsp_open(conn, fname, req->vuid, fsp, psbuf);
1425 if (!parent_dirname_talloc(talloc_tos(), fname, &parent_dir,
1427 return NT_STATUS_NO_MEMORY;
1430 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1432 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1433 new_dos_attributes = 0;
1435 /* We add aARCH to this as this mode is only used if the file is
1437 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1441 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1442 "access_mask=0x%x share_access=0x%x "
1443 "create_disposition = 0x%x create_options=0x%x "
1444 "unix mode=0%o oplock_request=%d\n",
1445 fname, new_dos_attributes, access_mask, share_access,
1446 create_disposition, create_options, (unsigned int)unx_mode,
1449 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1450 DEBUG(0, ("No smb request but not an internal only open!\n"));
1451 return NT_STATUS_INTERNAL_ERROR;
1455 * Only non-internal opens can be deferred at all
1459 && ((pml = get_open_deferred_message(req->mid)) != NULL)) {
1460 struct deferred_open_record *state =
1461 (struct deferred_open_record *)pml->private_data.data;
1463 /* Remember the absolute time of the original
1464 request with this mid. We'll use it later to
1465 see if this has timed out. */
1467 request_time = pml->request_time;
1469 /* Remove the deferred open entry under lock. */
1470 lck = get_share_mode_lock(talloc_tos(), state->id, NULL, NULL,
1473 DEBUG(0, ("could not get share mode lock\n"));
1475 del_deferred_open_entry(lck, req->mid);
1479 /* Ensure we don't reprocess this message. */
1480 remove_deferred_open_smb_message(req->mid);
1483 status = check_name(conn, fname);
1484 if (!NT_STATUS_IS_OK(status)) {
1489 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1491 existing_dos_attributes = dos_mode(conn, fname, psbuf);
1495 /* ignore any oplock requests if oplocks are disabled */
1496 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1497 IS_VETO_OPLOCK_PATH(conn, fname)) {
1498 /* Mask off everything except the private Samba bits. */
1499 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1502 /* this is for OS/2 long file names - say we don't support them */
1503 if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1504 /* OS/2 Workplace shell fix may be main code stream in a later
1506 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1508 if (use_nt_status()) {
1509 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1511 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1514 switch( create_disposition ) {
1516 * Currently we're using FILE_SUPERSEDE as the same as
1517 * FILE_OVERWRITE_IF but they really are
1518 * different. FILE_SUPERSEDE deletes an existing file
1519 * (requiring delete access) then recreates it.
1521 case FILE_SUPERSEDE:
1522 /* If file exists replace/overwrite. If file doesn't
1524 flags2 |= (O_CREAT | O_TRUNC);
1528 case FILE_OVERWRITE_IF:
1529 /* If file exists replace/overwrite. If file doesn't
1531 flags2 |= (O_CREAT | O_TRUNC);
1536 /* If file exists open. If file doesn't exist error. */
1537 if (!file_existed) {
1538 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1539 "requested for file %s and file "
1540 "doesn't exist.\n", fname ));
1542 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1546 case FILE_OVERWRITE:
1547 /* If file exists overwrite. If file doesn't exist
1549 if (!file_existed) {
1550 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1551 "requested for file %s and file "
1552 "doesn't exist.\n", fname ));
1554 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1561 /* If file exists error. If file doesn't exist
1564 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1565 "requested for file %s and file "
1566 "already exists.\n", fname ));
1567 if (S_ISDIR(psbuf->st_mode)) {
1572 return map_nt_error_from_unix(errno);
1574 flags2 |= (O_CREAT|O_EXCL);
1578 /* If file exists open. If file doesn't exist
1584 return NT_STATUS_INVALID_PARAMETER;
1587 /* We only care about matching attributes on file exists and
1590 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1591 (create_disposition == FILE_OVERWRITE_IF))) {
1592 if (!open_match_attributes(conn, fname,
1593 existing_dos_attributes,
1594 new_dos_attributes, psbuf->st_mode,
1595 unx_mode, &new_unx_mode)) {
1596 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1597 "for file %s (%x %x) (0%o, 0%o)\n",
1598 fname, existing_dos_attributes,
1600 (unsigned int)psbuf->st_mode,
1601 (unsigned int)unx_mode ));
1603 return NT_STATUS_ACCESS_DENIED;
1607 status = calculate_access_mask(conn, fname, file_existed,
1610 if (!NT_STATUS_IS_OK(status)) {
1611 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1612 "on file %s returned %s\n",
1614 nt_errstr(status)));
1618 open_access_mask = access_mask;
1620 if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1621 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1624 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1625 "access_mask=0x%x\n", fname, access_mask ));
1628 * Note that we ignore the append flag as append does not
1629 * mean the same thing under DOS and Unix.
1632 if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1633 (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1634 /* DENY_DOS opens are always underlying read-write on the
1635 file handle, no matter what the requested access mask
1637 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1638 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1648 * Currently we only look at FILE_WRITE_THROUGH for create options.
1652 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1657 if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1661 if (!posix_open && !CAN_WRITE(conn)) {
1663 * We should really return a permission denied error if either
1664 * O_CREAT or O_TRUNC are set, but for compatibility with
1665 * older versions of Samba we just AND them out.
1667 flags2 &= ~(O_CREAT|O_TRUNC);
1671 * Ensure we can't write on a read-only share or file.
1674 if (flags != O_RDONLY && file_existed &&
1675 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1676 DEBUG(5,("open_file_ntcreate: write access requested for "
1677 "file %s on read only %s\n",
1678 fname, !CAN_WRITE(conn) ? "share" : "file" ));
1680 return NT_STATUS_ACCESS_DENIED;
1683 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
1684 fsp->share_access = share_access;
1685 fsp->fh->private_options = create_options;
1686 fsp->access_mask = open_access_mask; /* We change this to the
1687 * requested access_mask after
1688 * the open is done. */
1689 fsp->posix_open = posix_open;
1691 /* Ensure no SAMBA_PRIVATE bits can be set. */
1692 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1694 if (timeval_is_zero(&request_time)) {
1695 request_time = fsp->open_time;
1699 struct timespec old_write_time = get_mtimespec(psbuf);
1700 id = vfs_file_id_from_sbuf(conn, psbuf);
1702 lck = get_share_mode_lock(talloc_tos(), id,
1704 fname, &old_write_time);
1707 DEBUG(0, ("Could not get share mode lock\n"));
1708 return NT_STATUS_SHARING_VIOLATION;
1711 /* First pass - send break only on batch oplocks. */
1713 && delay_for_oplocks(lck, fsp, req->mid, 1,
1715 schedule_defer_open(lck, request_time, req);
1717 return NT_STATUS_SHARING_VIOLATION;
1720 /* Use the client requested access mask here, not the one we
1722 status = open_mode_check(conn, fname, lck,
1723 access_mask, share_access,
1724 create_options, &file_existed);
1726 if (NT_STATUS_IS_OK(status)) {
1727 /* We might be going to allow this open. Check oplock
1729 /* Second pass - send break for both batch or
1730 * exclusive oplocks. */
1732 && delay_for_oplocks(lck, fsp, req->mid, 2,
1734 schedule_defer_open(lck, request_time, req);
1736 return NT_STATUS_SHARING_VIOLATION;
1740 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1741 /* DELETE_PENDING is not deferred for a second */
1746 if (!NT_STATUS_IS_OK(status)) {
1747 uint32 can_access_mask;
1748 bool can_access = True;
1750 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1752 /* Check if this can be done with the deny_dos and fcb
1754 if (create_options &
1755 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1756 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1758 DEBUG(0, ("DOS open without an SMB "
1761 return NT_STATUS_INTERNAL_ERROR;
1764 /* Use the client requested access mask here,
1765 * not the one we open with. */
1766 status = fcb_or_dos_open(conn,
1776 if (NT_STATUS_IS_OK(status)) {
1779 *pinfo = FILE_WAS_OPENED;
1781 return NT_STATUS_OK;
1786 * This next line is a subtlety we need for
1787 * MS-Access. If a file open will fail due to share
1788 * permissions and also for security (access) reasons,
1789 * we need to return the access failed error, not the
1790 * share error. We can't open the file due to kernel
1791 * oplock deadlock (it's possible we failed above on
1792 * the open_mode_check()) so use a userspace check.
1795 if (flags & O_RDWR) {
1796 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1797 } else if (flags & O_WRONLY) {
1798 can_access_mask = FILE_WRITE_DATA;
1800 can_access_mask = FILE_READ_DATA;
1803 if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1804 !can_access_file_data(conn,fname,psbuf,can_access_mask)) {
1809 * If we're returning a share violation, ensure we
1810 * cope with the braindead 1 second delay.
1813 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1814 lp_defer_sharing_violations()) {
1815 struct timeval timeout;
1816 struct deferred_open_record state;
1819 /* this is a hack to speed up torture tests
1821 timeout_usecs = lp_parm_int(SNUM(conn),
1822 "smbd","sharedelay",
1823 SHARING_VIOLATION_USEC_WAIT);
1825 /* This is a relative time, added to the absolute
1826 request_time value to get the absolute timeout time.
1827 Note that if this is the second or greater time we enter
1828 this codepath for this particular request mid then
1829 request_time is left as the absolute time of the *first*
1830 time this request mid was processed. This is what allows
1831 the request to eventually time out. */
1833 timeout = timeval_set(0, timeout_usecs);
1835 /* Nothing actually uses state.delayed_for_oplocks
1836 but it's handy to differentiate in debug messages
1837 between a 30 second delay due to oplock break, and
1838 a 1 second delay for share mode conflicts. */
1840 state.delayed_for_oplocks = False;
1844 && !request_timed_out(request_time,
1846 defer_open(lck, request_time, timeout,
1854 * We have detected a sharing violation here
1855 * so return the correct error code
1857 status = NT_STATUS_SHARING_VIOLATION;
1859 status = NT_STATUS_ACCESS_DENIED;
1865 * We exit this block with the share entry *locked*.....
1869 SMB_ASSERT(!file_existed || (lck != NULL));
1872 * Ensure we pay attention to default ACLs on directories if required.
1875 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1876 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1880 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1881 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1882 (unsigned int)flags, (unsigned int)flags2,
1883 (unsigned int)unx_mode, (unsigned int)access_mask,
1884 (unsigned int)open_access_mask));
1887 * open_file strips any O_TRUNC flags itself.
1890 fsp_open = open_file(fsp, conn, req, parent_dir, newname, fname, psbuf,
1891 flags|flags2, unx_mode, access_mask,
1894 if (!NT_STATUS_IS_OK(fsp_open)) {
1901 if (!file_existed) {
1902 struct timespec old_write_time = get_mtimespec(psbuf);
1904 * Deal with the race condition where two smbd's detect the
1905 * file doesn't exist and do the create at the same time. One
1906 * of them will win and set a share mode, the other (ie. this
1907 * one) should check if the requested share mode for this
1908 * create is allowed.
1912 * Now the file exists and fsp is successfully opened,
1913 * fsp->dev and fsp->inode are valid and should replace the
1914 * dev=0,inode=0 from a non existent file. Spotted by
1915 * Nadav Danieli <nadavd@exanet.com>. JRA.
1920 lck = get_share_mode_lock(talloc_tos(), id,
1922 fname, &old_write_time);
1925 DEBUG(0, ("open_file_ntcreate: Could not get share "
1926 "mode lock for %s\n", fname));
1928 return NT_STATUS_SHARING_VIOLATION;
1931 /* First pass - send break only on batch oplocks. */
1933 && delay_for_oplocks(lck, fsp, req->mid, 1,
1935 schedule_defer_open(lck, request_time, req);
1938 return NT_STATUS_SHARING_VIOLATION;
1941 status = open_mode_check(conn, fname, lck,
1942 access_mask, share_access,
1943 create_options, &file_existed);
1945 if (NT_STATUS_IS_OK(status)) {
1946 /* We might be going to allow this open. Check oplock
1948 /* Second pass - send break for both batch or
1949 * exclusive oplocks. */
1951 && delay_for_oplocks(lck, fsp, req->mid, 2,
1953 schedule_defer_open(lck, request_time, req);
1956 return NT_STATUS_SHARING_VIOLATION;
1960 if (!NT_STATUS_IS_OK(status)) {
1961 struct deferred_open_record state;
1965 state.delayed_for_oplocks = False;
1968 /* Do it all over again immediately. In the second
1969 * round we will find that the file existed and handle
1970 * the DELETE_PENDING and FCB cases correctly. No need
1971 * to duplicate the code here. Essentially this is a
1972 * "goto top of this function", but don't tell
1976 defer_open(lck, request_time, timeval_zero(),
1984 * We exit this block with the share entry *locked*.....
1989 SMB_ASSERT(lck != NULL);
1991 /* Delete streams if create_disposition requires it */
1992 if (file_existed && clear_ads && !is_ntfs_stream_name(fname)) {
1993 status = delete_all_streams(conn, fname);
1994 if (!NT_STATUS_IS_OK(status)) {
2001 /* note that we ignore failure for the following. It is
2002 basically a hack for NFS, and NFS will never set one of
2003 these only read them. Nobody but Samba can ever set a deny
2004 mode and we have already checked our more authoritative
2005 locking database for permission to set this deny mode. If
2006 the kernel refuses the operations then the kernel is wrong.
2007 note that GPFS supports it as well - jmcd */
2009 if (fsp->fh->fd != -1) {
2010 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access);
2011 if(ret_flock == -1 ){
2016 return NT_STATUS_SHARING_VIOLATION;
2021 * At this point onwards, we can guarentee that the share entry
2022 * is locked, whether we created the file or not, and that the
2023 * deny mode is compatible with all current opens.
2027 * If requested, truncate the file.
2030 if (flags2&O_TRUNC) {
2032 * We are modifing the file after open - update the stat
2035 if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2036 (SMB_VFS_FSTAT(fsp, psbuf)==-1)) {
2037 status = map_nt_error_from_unix(errno);
2044 /* Record the options we were opened with. */
2045 fsp->share_access = share_access;
2046 fsp->fh->private_options = create_options;
2048 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2050 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2053 /* stat opens on existing files don't get oplocks. */
2054 if (is_stat_open(open_access_mask)) {
2055 fsp->oplock_type = NO_OPLOCK;
2058 if (!(flags2 & O_TRUNC)) {
2059 info = FILE_WAS_OPENED;
2061 info = FILE_WAS_OVERWRITTEN;
2064 info = FILE_WAS_CREATED;
2072 * Setup the oplock info in both the shared memory and
2076 if (!set_file_oplock(fsp, fsp->oplock_type)) {
2077 /* Could not get the kernel oplock */
2078 fsp->oplock_type = NO_OPLOCK;
2081 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2082 new_file_created = True;
2085 set_share_mode(lck, fsp, conn->server_info->utok.uid, 0,
2088 /* Handle strange delete on close create semantics. */
2089 if (create_options & FILE_DELETE_ON_CLOSE) {
2091 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
2093 if (!NT_STATUS_IS_OK(status)) {
2094 /* Remember to delete the mode we just added. */
2095 del_share_mode(lck, fsp);
2100 /* Note that here we set the *inital* delete on close flag,
2101 not the regular one. The magic gets handled in close. */
2102 fsp->initial_delete_on_close = True;
2105 if (new_file_created) {
2106 /* Files should be initially set as archive */
2107 if (lp_map_archive(SNUM(conn)) ||
2108 lp_store_dos_attributes(SNUM(conn))) {
2110 SMB_STRUCT_STAT tmp_sbuf;
2111 SET_STAT_INVALID(tmp_sbuf);
2112 if (file_set_dosmode(
2114 new_dos_attributes | aARCH,
2115 &tmp_sbuf, parent_dir,
2117 unx_mode = tmp_sbuf.st_mode;
2124 * Take care of inherited ACLs on created files - if default ACL not
2128 if (!posix_open && !file_existed && !def_acl) {
2130 int saved_errno = errno; /* We might get ENOSYS in the next
2133 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2135 errno = saved_errno; /* Ignore ENOSYS */
2138 } else if (new_unx_mode) {
2142 /* Attributes need changing. File already existed. */
2145 int saved_errno = errno; /* We might get ENOSYS in the
2147 ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2149 if (ret == -1 && errno == ENOSYS) {
2150 errno = saved_errno; /* Ignore ENOSYS */
2152 DEBUG(5, ("open_file_ntcreate: reset "
2153 "attributes of file %s to 0%o\n",
2154 fname, (unsigned int)new_unx_mode));
2155 ret = 0; /* Don't do the fchmod below. */
2160 (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2161 DEBUG(5, ("open_file_ntcreate: failed to reset "
2162 "attributes of file %s to 0%o\n",
2163 fname, (unsigned int)new_unx_mode));
2166 /* If this is a successful open, we must remove any deferred open
2169 del_deferred_open_entry(lck, req->mid);
2173 return NT_STATUS_OK;
2176 /****************************************************************************
2177 Open a file with a share mode.
2178 ****************************************************************************/
2180 NTSTATUS open_file_ntcreate(connection_struct *conn,
2181 struct smb_request *req,
2183 SMB_STRUCT_STAT *psbuf,
2184 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
2185 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
2186 uint32 create_disposition, /* FILE_OPEN_IF etc. */
2187 uint32 create_options, /* options such as delete on close. */
2188 uint32 new_dos_attributes, /* attributes used for new file. */
2189 int oplock_request, /* internal Samba oplock codes. */
2190 /* Information (FILE_EXISTS etc.) */
2192 files_struct **result)
2195 files_struct *fsp = NULL;
2199 status = file_new(conn, &fsp);
2200 if(!NT_STATUS_IS_OK(status)) {
2204 status = open_file_ntcreate_internal(conn,
2217 if(!NT_STATUS_IS_OK(status)) {
2226 /****************************************************************************
2227 Open a file for for write to ensure that we can fchmod it.
2228 ****************************************************************************/
2230 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
2231 SMB_STRUCT_STAT *psbuf, files_struct **result)
2233 files_struct *fsp = NULL;
2236 if (!VALID_STAT(*psbuf)) {
2237 return NT_STATUS_INVALID_PARAMETER;
2240 status = file_new(conn, &fsp);
2241 if(!NT_STATUS_IS_OK(status)) {
2245 /* note! we must use a non-zero desired access or we don't get
2246 a real file descriptor. Oh what a twisted web we weave. */
2247 status = open_file(fsp, conn, NULL, NULL, NULL, fname, psbuf, O_WRONLY,
2248 0, FILE_WRITE_DATA, FILE_WRITE_DATA);
2251 * This is not a user visible file open.
2252 * Don't set a share mode.
2255 if (!NT_STATUS_IS_OK(status)) {
2261 return NT_STATUS_OK;
2264 /****************************************************************************
2265 Close the fchmod file fd - ensure no locks are lost.
2266 ****************************************************************************/
2268 NTSTATUS close_file_fchmod(files_struct *fsp)
2270 NTSTATUS status = fd_close(fsp);
2275 static NTSTATUS mkdir_internal(connection_struct *conn,
2277 uint32 file_attributes,
2278 SMB_STRUCT_STAT *psbuf)
2282 const char *dirname;
2284 bool posix_open = false;
2286 if(!CAN_WRITE(conn)) {
2287 DEBUG(5,("mkdir_internal: failing create on read-only share "
2288 "%s\n", lp_servicename(SNUM(conn))));
2289 return NT_STATUS_ACCESS_DENIED;
2292 status = check_name(conn, name);
2293 if (!NT_STATUS_IS_OK(status)) {
2297 if (!parent_dirname_talloc(talloc_tos(), name, &parent_dir,
2299 return NT_STATUS_NO_MEMORY;
2302 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2304 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2306 mode = unix_mode(conn, aDIR, name, parent_dir);
2309 if (SMB_VFS_MKDIR(conn, name, mode) != 0) {
2310 return map_nt_error_from_unix(errno);
2313 /* Ensure we're checking for a symlink here.... */
2314 /* We don't want to get caught by a symlink racer. */
2316 if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
2317 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2318 name, strerror(errno)));
2319 return map_nt_error_from_unix(errno);
2322 if (!S_ISDIR(psbuf->st_mode)) {
2323 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2325 return NT_STATUS_ACCESS_DENIED;
2328 if (lp_store_dos_attributes(SNUM(conn))) {
2330 file_set_dosmode(conn, name,
2331 file_attributes | aDIR, NULL,
2337 if (lp_inherit_perms(SNUM(conn))) {
2338 inherit_access_posix_acl(conn, parent_dir, name, mode);
2341 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
2343 * Check if high bits should have been set,
2344 * then (if bits are missing): add them.
2345 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2348 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
2349 SMB_VFS_CHMOD(conn, name,
2350 psbuf->st_mode | (mode & ~psbuf->st_mode));
2354 /* Change the owner if required. */
2355 if (lp_inherit_owner(SNUM(conn))) {
2356 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
2359 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2362 return NT_STATUS_OK;
2365 /****************************************************************************
2366 Open a directory from an NT SMB call.
2367 ****************************************************************************/
2369 NTSTATUS open_directory(connection_struct *conn,
2370 struct smb_request *req,
2372 SMB_STRUCT_STAT *psbuf,
2374 uint32 share_access,
2375 uint32 create_disposition,
2376 uint32 create_options,
2377 uint32 file_attributes,
2379 files_struct **result)
2381 files_struct *fsp = NULL;
2382 bool dir_existed = VALID_STAT(*psbuf) ? True : False;
2383 struct share_mode_lock *lck = NULL;
2385 struct timespec mtimespec;
2388 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2389 "share_access = 0x%x create_options = 0x%x, "
2390 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2392 (unsigned int)access_mask,
2393 (unsigned int)share_access,
2394 (unsigned int)create_options,
2395 (unsigned int)create_disposition,
2396 (unsigned int)file_attributes));
2398 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2399 (conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2400 is_ntfs_stream_name(fname)) {
2401 DEBUG(2, ("open_directory: %s is a stream name!\n", fname));
2402 return NT_STATUS_NOT_A_DIRECTORY;
2405 status = calculate_access_mask(conn, fname, dir_existed,
2408 if (!NT_STATUS_IS_OK(status)) {
2409 DEBUG(10, ("open_directory: calculate_access_mask "
2410 "on file %s returned %s\n",
2412 nt_errstr(status)));
2416 /* We need to support SeSecurityPrivilege for this. */
2417 if (access_mask & SEC_RIGHT_SYSTEM_SECURITY) {
2418 DEBUG(10, ("open_directory: open on %s "
2419 "failed - SEC_RIGHT_SYSTEM_SECURITY denied.\n",
2421 return NT_STATUS_PRIVILEGE_NOT_HELD;
2424 switch( create_disposition ) {
2427 info = FILE_WAS_OPENED;
2430 * We want to follow symlinks here.
2433 if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
2434 return map_nt_error_from_unix(errno);
2441 /* If directory exists error. If directory doesn't
2444 status = mkdir_internal(conn,
2449 if (!NT_STATUS_IS_OK(status)) {
2450 DEBUG(2, ("open_directory: unable to create "
2451 "%s. Error was %s\n", fname,
2452 nt_errstr(status)));
2456 info = FILE_WAS_CREATED;
2461 * If directory exists open. If directory doesn't
2465 status = mkdir_internal(conn,
2470 if (NT_STATUS_IS_OK(status)) {
2471 info = FILE_WAS_CREATED;
2474 if (NT_STATUS_EQUAL(status,
2475 NT_STATUS_OBJECT_NAME_COLLISION)) {
2476 info = FILE_WAS_OPENED;
2477 status = NT_STATUS_OK;
2482 case FILE_SUPERSEDE:
2483 case FILE_OVERWRITE:
2484 case FILE_OVERWRITE_IF:
2486 DEBUG(5,("open_directory: invalid create_disposition "
2487 "0x%x for directory %s\n",
2488 (unsigned int)create_disposition, fname));
2489 return NT_STATUS_INVALID_PARAMETER;
2492 if(!S_ISDIR(psbuf->st_mode)) {
2493 DEBUG(5,("open_directory: %s is not a directory !\n",
2495 return NT_STATUS_NOT_A_DIRECTORY;
2498 if (info == FILE_WAS_OPENED) {
2499 uint32_t access_granted = 0;
2500 status = check_open_rights(conn,
2505 /* Were we trying to do a directory open
2506 * for delete and didn't get DELETE
2507 * access (only) ? Check if the
2508 * directory allows DELETE_CHILD.
2510 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2513 if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2514 (access_mask & DELETE_ACCESS) &&
2515 (access_granted == DELETE_ACCESS) &&
2516 can_delete_file_in_directory(conn, fname))) {
2517 DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2518 "on directory %s\n",
2520 status = NT_STATUS_OK;
2523 if (!NT_STATUS_IS_OK(status)) {
2524 DEBUG(10, ("open_directory: check_open_rights on "
2525 "file %s failed with %s\n",
2527 nt_errstr(status)));
2532 status = file_new(conn, &fsp);
2533 if(!NT_STATUS_IS_OK(status)) {
2538 * Setup the files_struct for it.
2541 fsp->mode = psbuf->st_mode;
2542 fsp->file_id = vfs_file_id_from_sbuf(conn, psbuf);
2543 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2544 fsp->file_pid = req ? req->smbpid : 0;
2545 fsp->can_lock = False;
2546 fsp->can_read = False;
2547 fsp->can_write = False;
2549 fsp->share_access = share_access;
2550 fsp->fh->private_options = create_options;
2552 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2554 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2555 fsp->print_file = False;
2556 fsp->modified = False;
2557 fsp->oplock_type = NO_OPLOCK;
2558 fsp->sent_oplock_break = NO_BREAK_SENT;
2559 fsp->is_directory = True;
2560 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2562 string_set(&fsp->fsp_name,fname);
2564 mtimespec = get_mtimespec(psbuf);
2566 lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2571 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2573 return NT_STATUS_SHARING_VIOLATION;
2576 status = open_mode_check(conn, fname, lck,
2577 access_mask, share_access,
2578 create_options, &dir_existed);
2580 if (!NT_STATUS_IS_OK(status)) {
2586 set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK);
2588 /* For directories the delete on close bit at open time seems
2589 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2590 if (create_options & FILE_DELETE_ON_CLOSE) {
2591 status = can_set_delete_on_close(fsp, True, 0);
2592 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2598 if (NT_STATUS_IS_OK(status)) {
2599 /* Note that here we set the *inital* delete on close flag,
2600 not the regular one. The magic gets handled in close. */
2601 fsp->initial_delete_on_close = True;
2612 return NT_STATUS_OK;
2615 NTSTATUS create_directory(connection_struct *conn, struct smb_request *req, const char *directory)
2618 SMB_STRUCT_STAT sbuf;
2621 SET_STAT_INVALID(sbuf);
2623 status = open_directory(conn, req, directory, &sbuf,
2624 FILE_READ_ATTRIBUTES, /* Just a stat open */
2625 FILE_SHARE_NONE, /* Ignored for stat opens */
2628 FILE_ATTRIBUTE_DIRECTORY,
2632 if (NT_STATUS_IS_OK(status)) {
2633 close_file(fsp, NORMAL_CLOSE);
2639 /****************************************************************************
2640 Receive notification that one of our open files has been renamed by another
2642 ****************************************************************************/
2644 void msg_file_was_renamed(struct messaging_context *msg,
2647 struct server_id server_id,
2651 char *frm = (char *)data->data;
2653 const char *sharepath;
2654 const char *newname;
2657 if (data->data == NULL
2658 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2659 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2660 (int)data->length));
2664 /* Unpack the message. */
2665 pull_file_id_16(frm, &id);
2666 sharepath = &frm[16];
2667 newname = sharepath + strlen(sharepath) + 1;
2668 sp_len = strlen(sharepath);
2670 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2672 sharepath, newname, file_id_string_tos(&id)));
2674 for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) {
2675 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2676 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2677 fsp->fnum, fsp->fsp_name, newname ));
2678 string_set(&fsp->fsp_name, newname);
2681 /* Now we have the complete path we can work out if this is
2682 actually within this share and adjust newname accordingly. */
2683 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2684 "not sharepath %s) "
2685 "fnum %d from %s -> %s\n",
2686 fsp->conn->connectpath,
2695 struct case_semantics_state {
2696 connection_struct *conn;
2697 bool case_sensitive;
2699 bool short_case_preserve;
2702 /****************************************************************************
2703 Restore case semantics.
2704 ****************************************************************************/
2705 static int restore_case_semantics(struct case_semantics_state *state)
2707 state->conn->case_sensitive = state->case_sensitive;
2708 state->conn->case_preserve = state->case_preserve;
2709 state->conn->short_case_preserve = state->short_case_preserve;
2713 /****************************************************************************
2714 Save case semantics.
2715 ****************************************************************************/
2716 static struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx,
2717 connection_struct *conn)
2719 struct case_semantics_state *result;
2721 if (!(result = talloc(mem_ctx, struct case_semantics_state))) {
2722 DEBUG(0, ("talloc failed\n"));
2726 result->conn = conn;
2727 result->case_sensitive = conn->case_sensitive;
2728 result->case_preserve = conn->case_preserve;
2729 result->short_case_preserve = conn->short_case_preserve;
2732 conn->case_sensitive = True;
2733 conn->case_preserve = True;
2734 conn->short_case_preserve = True;
2736 talloc_set_destructor(result, restore_case_semantics);
2742 * If a main file is opened for delete, all streams need to be checked for
2743 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2744 * If that works, delete them all by setting the delete on close and close.
2747 static NTSTATUS open_streams_for_delete(connection_struct *conn,
2750 struct stream_struct *stream_info;
2751 files_struct **streams;
2753 unsigned int num_streams;
2754 TALLOC_CTX *frame = talloc_stackframe();
2757 status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2758 &num_streams, &stream_info);
2760 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2761 || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2762 DEBUG(10, ("no streams around\n"));
2764 return NT_STATUS_OK;
2767 if (!NT_STATUS_IS_OK(status)) {
2768 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2769 nt_errstr(status)));
2773 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2776 if (num_streams == 0) {
2778 return NT_STATUS_OK;
2781 streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2782 if (streams == NULL) {
2783 DEBUG(0, ("talloc failed\n"));
2784 status = NT_STATUS_NO_MEMORY;
2788 for (i=0; i<num_streams; i++) {
2791 if (strequal(stream_info[i].name, "::$DATA")) {
2796 streamname = talloc_asprintf(talloc_tos(), "%s%s", fname,
2797 stream_info[i].name);
2799 if (streamname == NULL) {
2800 DEBUG(0, ("talloc_aprintf failed\n"));
2801 status = NT_STATUS_NO_MEMORY;
2805 status = create_file_unixpath
2808 streamname, /* fname */
2809 DELETE_ACCESS, /* access_mask */
2810 FILE_SHARE_READ | FILE_SHARE_WRITE
2811 | FILE_SHARE_DELETE, /* share_access */
2812 FILE_OPEN, /* create_disposition*/
2813 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* create_options */
2814 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2815 0, /* oplock_request */
2816 0, /* allocation_size */
2819 &streams[i], /* result */
2823 TALLOC_FREE(streamname);
2825 if (!NT_STATUS_IS_OK(status)) {
2826 DEBUG(10, ("Could not open stream %s: %s\n",
2827 streamname, nt_errstr(status)));
2833 * don't touch the variable "status" beyond this point :-)
2836 for (i -= 1 ; i >= 0; i--) {
2837 if (streams[i] == NULL) {
2841 DEBUG(10, ("Closing stream # %d, %s\n", i,
2842 streams[i]->fsp_name));
2843 close_file(streams[i], NORMAL_CLOSE);
2852 * Wrapper around open_file_ntcreate and open_directory
2855 NTSTATUS create_file_unixpath(connection_struct *conn,
2856 struct smb_request *req,
2858 uint32_t access_mask,
2859 uint32_t share_access,
2860 uint32_t create_disposition,
2861 uint32_t create_options,
2862 uint32_t file_attributes,
2863 uint32_t oplock_request,
2864 SMB_BIG_UINT allocation_size,
2865 struct security_descriptor *sd,
2866 struct ea_list *ea_list,
2868 files_struct **result,
2870 SMB_STRUCT_STAT *psbuf)
2872 SMB_STRUCT_STAT sbuf;
2873 int info = FILE_WAS_OPENED;
2874 files_struct *base_fsp = NULL;
2875 files_struct *fsp = NULL;
2878 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2879 "file_attributes = 0x%x, share_access = 0x%x, "
2880 "create_disposition = 0x%x create_options = 0x%x "
2881 "oplock_request = 0x%x ea_list = 0x%p, sd = 0x%p, "
2883 (unsigned int)access_mask,
2884 (unsigned int)file_attributes,
2885 (unsigned int)share_access,
2886 (unsigned int)create_disposition,
2887 (unsigned int)create_options,
2888 (unsigned int)oplock_request,
2889 ea_list, sd, fname));
2891 if (create_options & FILE_OPEN_BY_FILE_ID) {
2892 status = NT_STATUS_NOT_SUPPORTED;
2896 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
2897 status = NT_STATUS_INVALID_PARAMETER;
2902 oplock_request |= INTERNAL_OPEN_ONLY;
2905 if (psbuf != NULL) {
2909 if (SMB_VFS_STAT(conn, fname, &sbuf) == -1) {
2910 SET_STAT_INVALID(sbuf);
2914 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2915 && (access_mask & DELETE_ACCESS)
2916 && !is_ntfs_stream_name(fname)) {
2918 * We can't open a file with DELETE access if any of the
2919 * streams is open without FILE_SHARE_DELETE
2921 status = open_streams_for_delete(conn, fname);
2923 if (!NT_STATUS_IS_OK(status)) {
2928 /* This is the correct thing to do (check every time) but can_delete
2929 * is expensive (it may have to read the parent directory
2930 * permissions). So for now we're not doing it unless we have a strong
2931 * hint the client is really going to delete this file. If the client
2932 * is forcing FILE_CREATE let the filesystem take care of the
2935 /* Setting FILE_SHARE_DELETE is the hint. */
2937 if (lp_acl_check_permissions(SNUM(conn))
2938 && (create_disposition != FILE_CREATE)
2939 && (share_access & FILE_SHARE_DELETE)
2940 && (access_mask & DELETE_ACCESS)
2941 && (!(can_delete_file_in_directory(conn, fname) ||
2942 can_access_file_acl(conn, fname, DELETE_ACCESS)))) {
2943 status = NT_STATUS_ACCESS_DENIED;
2944 DEBUG(10,("create_file_unixpath: open file %s "
2945 "for delete ACCESS_DENIED\n", fname ));
2950 /* We need to support SeSecurityPrivilege for this. */
2951 if ((access_mask & SEC_RIGHT_SYSTEM_SECURITY) &&
2952 !user_has_privileges(current_user.nt_user_token,
2954 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2958 /* We need to support SeSecurityPrivilege for this. */
2959 if (access_mask & SEC_RIGHT_SYSTEM_SECURITY) {
2960 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2963 /* Don't allow a SACL set from an NTtrans create until we
2964 * support SeSecurityPrivilege. */
2965 if (!VALID_STAT(sbuf) &&
2966 lp_nt_acl_support(SNUM(conn)) &&
2967 sd && (sd->sacl != NULL)) {
2968 status = NT_STATUS_PRIVILEGE_NOT_HELD;
2973 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2974 && is_ntfs_stream_name(fname)
2975 && (!(create_options & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
2977 uint32 base_create_disposition;
2979 if (create_options & FILE_DIRECTORY_FILE) {
2980 status = NT_STATUS_NOT_A_DIRECTORY;
2984 status = split_ntfs_stream_name(talloc_tos(), fname,
2986 if (!NT_STATUS_IS_OK(status)) {
2987 DEBUG(10, ("create_file_unixpath: "
2988 "split_ntfs_stream_name failed: %s\n",
2989 nt_errstr(status)));
2993 SMB_ASSERT(!is_ntfs_stream_name(base)); /* paranoia.. */
2995 switch (create_disposition) {
2997 base_create_disposition = FILE_OPEN;
3000 base_create_disposition = FILE_OPEN_IF;
3004 status = create_file_unixpath(conn, NULL, base, 0,
3007 | FILE_SHARE_DELETE,
3008 base_create_disposition,
3009 0, 0, 0, 0, NULL, NULL,
3010 &base_fsp, NULL, NULL);
3011 if (!NT_STATUS_IS_OK(status)) {
3012 DEBUG(10, ("create_file_unixpath for base %s failed: "
3013 "%s\n", base, nt_errstr(status)));
3016 /* we don't need to low level fd */
3021 * If it's a request for a directory open, deal with it separately.
3024 if (create_options & FILE_DIRECTORY_FILE) {
3026 if (create_options & FILE_NON_DIRECTORY_FILE) {
3027 status = NT_STATUS_INVALID_PARAMETER;
3031 /* Can't open a temp directory. IFS kit test. */
3032 if (file_attributes & FILE_ATTRIBUTE_TEMPORARY) {
3033 status = NT_STATUS_INVALID_PARAMETER;
3038 * We will get a create directory here if the Win32
3039 * app specified a security descriptor in the
3040 * CreateDirectory() call.
3044 status = open_directory(
3045 conn, req, fname, &sbuf, access_mask, share_access,
3046 create_disposition, create_options, file_attributes,
3051 * Ordinary file case.
3056 * We're opening the stream element of a base_fsp
3057 * we already opened. We need to initialize
3058 * the fsp first, and set up the base_fsp pointer.
3060 status = file_new(conn, &fsp);
3061 if(!NT_STATUS_IS_OK(status)) {
3065 fsp->base_fsp = base_fsp;
3067 status = open_file_ntcreate_internal(conn,
3080 if(!NT_STATUS_IS_OK(status)) {
3085 status = open_file_ntcreate(
3086 conn, req, fname, &sbuf, access_mask, share_access,
3087 create_disposition, create_options, file_attributes,
3088 oplock_request, &info, &fsp);
3091 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3093 /* A stream open never opens a directory */
3096 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3101 * Fail the open if it was explicitly a non-directory
3105 if (create_options & FILE_NON_DIRECTORY_FILE) {
3106 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3111 status = open_directory(
3112 conn, req, fname, &sbuf, access_mask,
3113 share_access, create_disposition,
3114 create_options, file_attributes,
3119 if (!NT_STATUS_IS_OK(status)) {
3123 fsp->base_fsp = base_fsp;
3126 * According to the MS documentation, the only time the security
3127 * descriptor is applied to the opened file is iff we *created* the
3128 * file; an existing file stays the same.
3130 * Also, it seems (from observation) that you can open the file with
3131 * any access mask but you can still write the sd. We need to override
3132 * the granted access before we call set_sd
3133 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3136 if ((sd != NULL) && (info == FILE_WAS_CREATED)
3137 && lp_nt_acl_support(SNUM(conn))) {
3139 uint32_t sec_info_sent = ALL_SECURITY_INFORMATION;
3140 uint32_t saved_access_mask = fsp->access_mask;
3142 if (sd->owner_sid == NULL) {
3143 sec_info_sent &= ~OWNER_SECURITY_INFORMATION;
3145 if (sd->group_sid == NULL) {
3146 sec_info_sent &= ~GROUP_SECURITY_INFORMATION;
3148 if (sd->sacl == NULL) {
3149 sec_info_sent &= ~SACL_SECURITY_INFORMATION;
3151 if (sd->dacl == NULL) {
3152 sec_info_sent &= ~DACL_SECURITY_INFORMATION;
3155 fsp->access_mask = FILE_GENERIC_ALL;
3157 /* Convert all the generic bits. */
3158 security_acl_map_generic(sd->dacl, &file_generic_mapping);
3159 security_acl_map_generic(sd->sacl, &file_generic_mapping);
3161 if (sec_info_sent & (OWNER_SECURITY_INFORMATION|
3162 GROUP_SECURITY_INFORMATION|
3163 DACL_SECURITY_INFORMATION|
3164 SACL_SECURITY_INFORMATION)) {
3165 status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3168 fsp->access_mask = saved_access_mask;
3170 if (!NT_STATUS_IS_OK(status)) {
3175 if ((ea_list != NULL) && (info == FILE_WAS_CREATED)) {
3176 status = set_ea(conn, fsp, fname, ea_list);
3177 if (!NT_STATUS_IS_OK(status)) {
3182 if (!fsp->is_directory && S_ISDIR(sbuf.st_mode)) {
3183 status = NT_STATUS_ACCESS_DENIED;
3187 /* Save the requested allocation size. */
3188 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3190 && (allocation_size > sbuf.st_size)) {
3191 fsp->initial_allocation_size = smb_roundup(
3192 fsp->conn, allocation_size);
3193 if (fsp->is_directory) {
3194 /* Can't set allocation size on a directory. */
3195 status = NT_STATUS_ACCESS_DENIED;
3198 if (vfs_allocate_file_space(
3199 fsp, fsp->initial_allocation_size) == -1) {
3200 status = NT_STATUS_DISK_FULL;
3204 fsp->initial_allocation_size = smb_roundup(
3205 fsp->conn, (SMB_BIG_UINT)sbuf.st_size);
3209 DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3212 if (pinfo != NULL) {
3215 if (psbuf != NULL) {
3216 if ((fsp->fh == NULL) || (fsp->fh->fd == -1)) {
3220 SMB_VFS_FSTAT(fsp, psbuf);
3223 return NT_STATUS_OK;
3226 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3229 if (base_fsp && fsp->base_fsp == base_fsp) {
3231 * The close_file below will close
3236 close_file(fsp, ERROR_CLOSE);
3239 if (base_fsp != NULL) {
3240 close_file(base_fsp, ERROR_CLOSE);
3246 NTSTATUS create_file(connection_struct *conn,
3247 struct smb_request *req,
3248 uint16_t root_dir_fid,
3250 uint32_t access_mask,
3251 uint32_t share_access,
3252 uint32_t create_disposition,
3253 uint32_t create_options,
3254 uint32_t file_attributes,
3255 uint32_t oplock_request,
3256 SMB_BIG_UINT allocation_size,
3257 struct security_descriptor *sd,
3258 struct ea_list *ea_list,
3260 files_struct **result,
3262 SMB_STRUCT_STAT *psbuf)
3264 struct case_semantics_state *case_state = NULL;
3265 SMB_STRUCT_STAT sbuf;
3266 int info = FILE_WAS_OPENED;
3267 files_struct *fsp = NULL;
3270 DEBUG(10,("create_file: access_mask = 0x%x "
3271 "file_attributes = 0x%x, share_access = 0x%x, "
3272 "create_disposition = 0x%x create_options = 0x%x "
3273 "oplock_request = 0x%x "
3274 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3276 (unsigned int)access_mask,
3277 (unsigned int)file_attributes,
3278 (unsigned int)share_access,
3279 (unsigned int)create_disposition,
3280 (unsigned int)create_options,
3281 (unsigned int)oplock_request,
3282 (unsigned int)root_dir_fid,
3283 ea_list, sd, fname));
3286 * Get the file name.
3289 if (root_dir_fid != 0) {
3291 * This filename is relative to a directory fid.
3293 char *parent_fname = NULL;
3294 files_struct *dir_fsp = file_fsp(root_dir_fid);
3296 if (dir_fsp == NULL) {
3297 status = NT_STATUS_INVALID_HANDLE;
3301 if (!dir_fsp->is_directory) {
3304 * Check to see if this is a mac fork of some kind.
3307 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3308 is_ntfs_stream_name(fname)) {
3309 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3314 we need to handle the case when we get a
3315 relative open relative to a file and the
3316 pathname is blank - this is a reopen!
3317 (hint from demyn plantenberg)
3320 status = NT_STATUS_INVALID_HANDLE;
3324 if (ISDOT(dir_fsp->fsp_name)) {
3326 * We're at the toplevel dir, the final file name
3327 * must not contain ./, as this is filtered out
3328 * normally by srvstr_get_path and unix_convert
3329 * explicitly rejects paths containing ./.
3331 parent_fname = talloc_strdup(talloc_tos(), "");
3332 if (parent_fname == NULL) {
3333 status = NT_STATUS_NO_MEMORY;
3337 size_t dir_name_len = strlen(dir_fsp->fsp_name);
3340 * Copy in the base directory name.
3343 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3345 if (parent_fname == NULL) {
3346 status = NT_STATUS_NO_MEMORY;
3349 memcpy(parent_fname, dir_fsp->fsp_name,
3353 * Ensure it ends in a '/'.
3354 * We used TALLOC_SIZE +2 to add space for the '/'.
3358 && (parent_fname[dir_name_len-1] != '\\')
3359 && (parent_fname[dir_name_len-1] != '/')) {
3360 parent_fname[dir_name_len] = '/';
3361 parent_fname[dir_name_len+1] = '\0';
3365 fname = talloc_asprintf(talloc_tos(), "%s%s", parent_fname,
3367 if (fname == NULL) {
3368 status = NT_STATUS_NO_MEMORY;
3374 * Check to see if this is a mac fork of some kind.
3377 if (is_ntfs_stream_name(fname)) {
3378 enum FAKE_FILE_TYPE fake_file_type;
3380 fake_file_type = is_fake_file(fname);
3382 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3385 * Here we go! support for changing the disk quotas
3388 * We need to fake up to open this MAGIC QUOTA file
3389 * and return a valid FID.
3391 * w2k close this file directly after openening xp
3392 * also tries a QUERY_FILE_INFO on the file and then
3395 status = open_fake_file(conn, req->vuid,
3396 fake_file_type, fname,
3398 if (!NT_STATUS_IS_OK(status)) {
3406 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3407 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3412 if ((req != NULL) && (req->flags2 & FLAGS2_DFS_PATHNAMES)) {
3413 char *resolved_fname;
3415 status = resolve_dfspath(talloc_tos(), conn, true, fname,
3418 if (!NT_STATUS_IS_OK(status)) {
3420 * For PATH_NOT_COVERED we had
3421 * reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
3422 * ERRSRV, ERRbadpath);
3423 * Need to fix in callers
3427 fname = resolved_fname;
3431 * Check if POSIX semantics are wanted.
3434 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
3435 case_state = set_posix_case_semantics(talloc_tos(), conn);
3436 file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS;
3440 char *converted_fname;
3442 SET_STAT_INVALID(sbuf);
3444 status = unix_convert(talloc_tos(), conn, fname, False,
3445 &converted_fname, NULL, &sbuf);
3446 if (!NT_STATUS_IS_OK(status)) {
3449 fname = converted_fname;
3452 TALLOC_FREE(case_state);
3454 /* All file access must go through check_name() */
3456 status = check_name(conn, fname);
3457 if (!NT_STATUS_IS_OK(status)) {
3461 status = create_file_unixpath(
3462 conn, req, fname, access_mask, share_access,
3463 create_disposition, create_options, file_attributes,
3464 oplock_request, allocation_size, sd, ea_list,
3465 &fsp, &info, &sbuf);
3467 if (!NT_STATUS_IS_OK(status)) {
3472 DEBUG(10, ("create_file: info=%d\n", info));
3475 if (pinfo != NULL) {
3478 if (psbuf != NULL) {
3481 return NT_STATUS_OK;
3484 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3487 close_file(fsp, ERROR_CLOSE);
git.samba.org / samba.git / blob