2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "smbd/globals.h"
25 #include "fake_file.h"
26 #include "librpc/gen_ndr/messaging.h"
27 #include "../libcli/security/security.h"
28 #include "../librpc/gen_ndr/ndr_security.h"
30 extern const struct generic_mapping file_generic_mapping;
32 struct deferred_open_record {
33 bool delayed_for_oplocks;
37 /****************************************************************************
38 SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
39 ****************************************************************************/
41 NTSTATUS smb1_file_se_access_check(struct connection_struct *conn,
42 const struct security_descriptor *sd,
43 const struct security_token *token,
44 uint32_t access_desired,
45 uint32_t *access_granted)
49 if (get_current_uid(conn) == (uid_t)0) {
50 /* I'm sorry sir, I didn't know you were root... */
51 *access_granted = access_desired;
52 if (access_desired & SEC_FLAG_MAXIMUM_ALLOWED) {
53 *access_granted |= FILE_GENERIC_ALL;
58 return se_access_check(sd,
60 (access_desired & ~FILE_READ_ATTRIBUTES),
64 /****************************************************************************
65 Check if we have open rights.
66 ****************************************************************************/
68 NTSTATUS smbd_check_open_rights(struct connection_struct *conn,
69 const struct smb_filename *smb_fname,
71 uint32_t *access_granted)
73 /* Check if we have rights to open. */
75 struct security_descriptor *sd = NULL;
77 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
82 if (!NT_STATUS_IS_OK(status)) {
83 DEBUG(10, ("smbd_check_open_rights: Could not get acl "
85 smb_fname_str_dbg(smb_fname),
90 status = smb1_file_se_access_check(conn,
92 get_current_nttok(conn),
96 DEBUG(10,("smbd_check_open_rights: file %s requesting "
97 "0x%x returning 0x%x (%s)\n",
98 smb_fname_str_dbg(smb_fname),
99 (unsigned int)access_mask,
100 (unsigned int)*access_granted,
101 nt_errstr(status) ));
103 if (!NT_STATUS_IS_OK(status)) {
104 if (DEBUGLEVEL >= 10) {
105 DEBUG(10,("smbd_check_open_rights: acl for %s is:\n",
106 smb_fname_str_dbg(smb_fname) ));
107 NDR_PRINT_DEBUG(security_descriptor, sd);
116 /****************************************************************************
117 fd support routines - attempt to do a dos_open.
118 ****************************************************************************/
120 static NTSTATUS fd_open(struct connection_struct *conn,
125 struct smb_filename *smb_fname = fsp->fsp_name;
126 NTSTATUS status = NT_STATUS_OK;
130 * Never follow symlinks on a POSIX client. The
131 * client should be doing this.
134 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
139 fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
140 if (fsp->fh->fd == -1) {
141 status = map_nt_error_from_unix(errno);
142 if (errno == EMFILE) {
143 static time_t last_warned = 0L;
145 if (time((time_t *) NULL) > last_warned) {
146 DEBUG(0,("Too many open files, unable "
147 "to open more! smbd's max "
149 lp_max_open_files()));
150 last_warned = time((time_t *) NULL);
156 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
157 smb_fname_str_dbg(smb_fname), flags, (int)mode, fsp->fh->fd,
158 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
163 /****************************************************************************
164 Close the file associated with a fsp.
165 ****************************************************************************/
167 NTSTATUS fd_close(files_struct *fsp)
171 if (fsp->fh->fd == -1) {
172 return NT_STATUS_OK; /* What we used to call a stat open. */
174 if (fsp->fh->ref_count > 1) {
175 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
178 ret = SMB_VFS_CLOSE(fsp);
181 return map_nt_error_from_unix(errno);
186 /****************************************************************************
187 Change the ownership of a file to that of the parent directory.
188 Do this by fd if possible.
189 ****************************************************************************/
191 void change_file_owner_to_parent(connection_struct *conn,
192 const char *inherit_from_dir,
195 struct smb_filename *smb_fname_parent = NULL;
199 status = create_synthetic_smb_fname(talloc_tos(), inherit_from_dir,
200 NULL, NULL, &smb_fname_parent);
201 if (!NT_STATUS_IS_OK(status)) {
205 ret = SMB_VFS_STAT(conn, smb_fname_parent);
207 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
208 "directory %s. Error was %s\n",
209 smb_fname_str_dbg(smb_fname_parent),
215 ret = SMB_VFS_FCHOWN(fsp, smb_fname_parent->st.st_ex_uid, (gid_t)-1);
218 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
219 "file %s to parent directory uid %u. Error "
220 "was %s\n", fsp_str_dbg(fsp),
221 (unsigned int)smb_fname_parent->st.st_ex_uid,
225 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
226 "parent directory uid %u.\n", fsp_str_dbg(fsp),
227 (unsigned int)smb_fname_parent->st.st_ex_uid));
229 TALLOC_FREE(smb_fname_parent);
232 NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
233 const char *inherit_from_dir,
235 SMB_STRUCT_STAT *psbuf)
237 struct smb_filename *smb_fname_parent = NULL;
238 struct smb_filename *smb_fname_cwd = NULL;
239 char *saved_dir = NULL;
240 TALLOC_CTX *ctx = talloc_tos();
241 NTSTATUS status = NT_STATUS_OK;
244 status = create_synthetic_smb_fname(ctx, inherit_from_dir, NULL, NULL,
246 if (!NT_STATUS_IS_OK(status)) {
250 ret = SMB_VFS_STAT(conn, smb_fname_parent);
252 status = map_nt_error_from_unix(errno);
253 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
254 "directory %s. Error was %s\n",
255 smb_fname_str_dbg(smb_fname_parent),
260 /* We've already done an lstat into psbuf, and we know it's a
261 directory. If we can cd into the directory and the dev/ino
262 are the same then we can safely chown without races as
263 we're locking the directory in place by being in it. This
264 should work on any UNIX (thanks tridge :-). JRA.
267 saved_dir = vfs_GetWd(ctx,conn);
269 status = map_nt_error_from_unix(errno);
270 DEBUG(0,("change_dir_owner_to_parent: failed to get "
271 "current working directory. Error was %s\n",
276 /* Chdir into the new path. */
277 if (vfs_ChDir(conn, fname) == -1) {
278 status = map_nt_error_from_unix(errno);
279 DEBUG(0,("change_dir_owner_to_parent: failed to change "
280 "current working directory to %s. Error "
281 "was %s\n", fname, strerror(errno) ));
285 status = create_synthetic_smb_fname(ctx, ".", NULL, NULL,
287 if (!NT_STATUS_IS_OK(status)) {
291 ret = SMB_VFS_STAT(conn, smb_fname_cwd);
293 status = map_nt_error_from_unix(errno);
294 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
295 "directory '.' (%s) Error was %s\n",
296 fname, strerror(errno)));
300 /* Ensure we're pointing at the same place. */
301 if (smb_fname_cwd->st.st_ex_dev != psbuf->st_ex_dev ||
302 smb_fname_cwd->st.st_ex_ino != psbuf->st_ex_ino ||
303 smb_fname_cwd->st.st_ex_mode != psbuf->st_ex_mode ) {
304 DEBUG(0,("change_dir_owner_to_parent: "
305 "device/inode/mode on directory %s changed. "
306 "Refusing to chown !\n", fname ));
307 status = NT_STATUS_ACCESS_DENIED;
312 ret = SMB_VFS_CHOWN(conn, ".", smb_fname_parent->st.st_ex_uid,
316 status = map_nt_error_from_unix(errno);
317 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
318 "directory %s to parent directory uid %u. "
319 "Error was %s\n", fname,
320 (unsigned int)smb_fname_parent->st.st_ex_uid,
325 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
326 "directory %s to parent directory uid %u.\n",
327 fname, (unsigned int)smb_fname_parent->st.st_ex_uid ));
330 vfs_ChDir(conn,saved_dir);
332 TALLOC_FREE(smb_fname_parent);
333 TALLOC_FREE(smb_fname_cwd);
337 /****************************************************************************
339 ****************************************************************************/
341 static NTSTATUS open_file(files_struct *fsp,
342 connection_struct *conn,
343 struct smb_request *req,
344 const char *parent_dir,
347 uint32 access_mask, /* client requested access mask. */
348 uint32 open_access_mask) /* what we're actually using in the open. */
350 struct smb_filename *smb_fname = fsp->fsp_name;
351 NTSTATUS status = NT_STATUS_OK;
352 int accmode = (flags & O_ACCMODE);
353 int local_flags = flags;
354 bool file_existed = VALID_STAT(fsp->fsp_name->st);
359 /* Check permissions */
362 * This code was changed after seeing a client open request
363 * containing the open mode of (DENY_WRITE/read-only) with
364 * the 'create if not exist' bit set. The previous code
365 * would fail to open the file read only on a read-only share
366 * as it was checking the flags parameter directly against O_RDONLY,
367 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
371 if (!CAN_WRITE(conn)) {
372 /* It's a read-only share - fail if we wanted to write. */
373 if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
374 DEBUG(3,("Permission denied opening %s\n",
375 smb_fname_str_dbg(smb_fname)));
376 return NT_STATUS_ACCESS_DENIED;
377 } else if(flags & O_CREAT) {
378 /* We don't want to write - but we must make sure that
379 O_CREAT doesn't create the file if we have write
380 access into the directory.
382 flags &= ~(O_CREAT|O_EXCL);
383 local_flags &= ~(O_CREAT|O_EXCL);
388 * This little piece of insanity is inspired by the
389 * fact that an NT client can open a file for O_RDONLY,
390 * but set the create disposition to FILE_EXISTS_TRUNCATE.
391 * If the client *can* write to the file, then it expects to
392 * truncate the file, even though it is opening for readonly.
393 * Quicken uses this stupid trick in backup file creation...
394 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
395 * for helping track this one down. It didn't bite us in 2.0.x
396 * as we always opened files read-write in that release. JRA.
399 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
400 DEBUG(10,("open_file: truncate requested on read-only open "
401 "for file %s\n", smb_fname_str_dbg(smb_fname)));
402 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
405 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
406 (!file_existed && (local_flags & O_CREAT)) ||
407 ((local_flags & O_TRUNC) == O_TRUNC) ) {
411 * We can't actually truncate here as the file may be locked.
412 * open_file_ntcreate will take care of the truncate later. JRA.
415 local_flags &= ~O_TRUNC;
417 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
419 * We would block on opening a FIFO with no one else on the
420 * other end. Do what we used to do and add O_NONBLOCK to the
424 if (file_existed && S_ISFIFO(smb_fname->st.st_ex_mode)) {
425 local_flags |= O_NONBLOCK;
429 /* Don't create files with Microsoft wildcard characters. */
432 * wildcard characters are allowed in stream names
433 * only test the basefilename
435 wild = fsp->base_fsp->fsp_name->base_name;
437 wild = smb_fname->base_name;
439 if ((local_flags & O_CREAT) && !file_existed &&
441 return NT_STATUS_OBJECT_NAME_INVALID;
444 /* Actually do the open */
445 status = fd_open(conn, fsp, local_flags, unx_mode);
446 if (!NT_STATUS_IS_OK(status)) {
447 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
448 "(flags=%d)\n", smb_fname_str_dbg(smb_fname),
449 nt_errstr(status),local_flags,flags));
453 if ((local_flags & O_CREAT) && !file_existed) {
455 /* Inherit the ACL if required */
456 if (lp_inherit_perms(SNUM(conn))) {
457 inherit_access_posix_acl(conn, parent_dir,
458 smb_fname->base_name,
462 /* Change the owner if required. */
463 if (lp_inherit_owner(SNUM(conn))) {
464 change_file_owner_to_parent(conn, parent_dir,
468 notify_fname(conn, NOTIFY_ACTION_ADDED,
469 FILE_NOTIFY_CHANGE_FILE_NAME,
470 smb_fname->base_name);
474 fsp->fh->fd = -1; /* What we used to call a stat open. */
476 uint32_t access_granted = 0;
478 status = smbd_check_open_rights(conn,
482 if (!NT_STATUS_IS_OK(status)) {
483 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
485 * On NT_STATUS_ACCESS_DENIED, access_granted
486 * contains the denied bits.
489 if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
490 (access_granted & FILE_WRITE_ATTRIBUTES) &&
491 (lp_map_readonly(SNUM(conn)) ||
492 lp_map_archive(SNUM(conn)) ||
493 lp_map_hidden(SNUM(conn)) ||
494 lp_map_system(SNUM(conn)))) {
495 access_granted &= ~FILE_WRITE_ATTRIBUTES;
497 DEBUG(10,("open_file: "
506 if ((access_mask & DELETE_ACCESS) &&
507 (access_granted & DELETE_ACCESS) &&
508 can_delete_file_in_directory(conn,
510 /* Were we trying to do a stat open
511 * for delete and didn't get DELETE
512 * access (only) ? Check if the
513 * directory allows DELETE_CHILD.
515 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
518 access_granted &= ~DELETE_ACCESS;
520 DEBUG(10,("open_file: "
528 if (access_granted != 0) {
529 DEBUG(10,("open_file: Access "
536 } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
538 S_ISLNK(smb_fname->st.st_ex_mode)) {
539 /* This is a POSIX stat open for delete
540 * or rename on a symlink that points
542 DEBUG(10,("open_file: allowing POSIX "
543 "open on bad symlink %s\n",
547 DEBUG(10,("open_file: "
548 "smbd_check_open_rights on file "
550 smb_fname_str_dbg(smb_fname),
551 nt_errstr(status) ));
561 if (fsp->fh->fd == -1) {
562 ret = SMB_VFS_STAT(conn, smb_fname);
564 ret = SMB_VFS_FSTAT(fsp, &smb_fname->st);
565 /* If we have an fd, this stat should succeed. */
567 DEBUG(0,("Error doing fstat on open file %s "
569 smb_fname_str_dbg(smb_fname),
574 /* For a non-io open, this stat failing means file not found. JRA */
576 status = map_nt_error_from_unix(errno);
583 * POSIX allows read-only opens of directories. We don't
584 * want to do this (we use a different code path for this)
585 * so catch a directory open and return an EISDIR. JRA.
588 if(S_ISDIR(smb_fname->st.st_ex_mode)) {
591 return NT_STATUS_FILE_IS_A_DIRECTORY;
594 fsp->mode = smb_fname->st.st_ex_mode;
595 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
596 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
597 fsp->file_pid = req ? req->smbpid : 0;
598 fsp->can_lock = True;
599 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
600 if (!CAN_WRITE(conn)) {
601 fsp->can_write = False;
603 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
606 fsp->print_file = NULL;
607 fsp->modified = False;
608 fsp->sent_oplock_break = NO_BREAK_SENT;
609 fsp->is_directory = False;
610 if (conn->aio_write_behind_list &&
611 is_in_path(smb_fname->base_name, conn->aio_write_behind_list,
612 conn->case_sensitive)) {
613 fsp->aio_write_behind = True;
616 fsp->wcp = NULL; /* Write cache pointer. */
618 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
619 conn->server_info->unix_name,
620 smb_fname_str_dbg(smb_fname),
621 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
622 conn->num_files_open));
628 /*******************************************************************
629 Return True if the filename is one of the special executable types.
630 ********************************************************************/
632 bool is_executable(const char *fname)
634 if ((fname = strrchr_m(fname,'.'))) {
635 if (strequal(fname,".com") ||
636 strequal(fname,".dll") ||
637 strequal(fname,".exe") ||
638 strequal(fname,".sym")) {
645 /****************************************************************************
646 Check if we can open a file with a share mode.
647 Returns True if conflict, False if not.
648 ****************************************************************************/
650 static bool share_conflict(struct share_mode_entry *entry,
654 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
655 "entry->share_access = 0x%x, "
656 "entry->private_options = 0x%x\n",
657 (unsigned int)entry->access_mask,
658 (unsigned int)entry->share_access,
659 (unsigned int)entry->private_options));
661 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
662 (unsigned int)access_mask, (unsigned int)share_access));
664 if ((entry->access_mask & (FILE_WRITE_DATA|
668 DELETE_ACCESS)) == 0) {
669 DEBUG(10,("share_conflict: No conflict due to "
670 "entry->access_mask = 0x%x\n",
671 (unsigned int)entry->access_mask ));
675 if ((access_mask & (FILE_WRITE_DATA|
679 DELETE_ACCESS)) == 0) {
680 DEBUG(10,("share_conflict: No conflict due to "
681 "access_mask = 0x%x\n",
682 (unsigned int)access_mask ));
686 #if 1 /* JRA TEST - Superdebug. */
687 #define CHECK_MASK(num, am, right, sa, share) \
688 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
689 (unsigned int)(num), (unsigned int)(am), \
690 (unsigned int)(right), (unsigned int)(am)&(right) )); \
691 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
692 (unsigned int)(num), (unsigned int)(sa), \
693 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
694 if (((am) & (right)) && !((sa) & (share))) { \
695 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
696 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
697 (unsigned int)(share) )); \
701 #define CHECK_MASK(num, am, right, sa, share) \
702 if (((am) & (right)) && !((sa) & (share))) { \
703 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
704 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
705 (unsigned int)(share) )); \
710 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
711 share_access, FILE_SHARE_WRITE);
712 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
713 entry->share_access, FILE_SHARE_WRITE);
715 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
716 share_access, FILE_SHARE_READ);
717 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
718 entry->share_access, FILE_SHARE_READ);
720 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
721 share_access, FILE_SHARE_DELETE);
722 CHECK_MASK(6, access_mask, DELETE_ACCESS,
723 entry->share_access, FILE_SHARE_DELETE);
725 DEBUG(10,("share_conflict: No conflict.\n"));
729 #if defined(DEVELOPER)
730 static void validate_my_share_entries(struct smbd_server_connection *sconn,
732 struct share_mode_entry *share_entry)
736 if (!procid_is_me(&share_entry->pid)) {
740 if (is_deferred_open_entry(share_entry) &&
741 !open_was_deferred(share_entry->op_mid)) {
742 char *str = talloc_asprintf(talloc_tos(),
743 "Got a deferred entry without a request: "
745 share_mode_str(talloc_tos(), num, share_entry));
749 if (!is_valid_share_mode_entry(share_entry)) {
753 fsp = file_find_dif(sconn, share_entry->id,
754 share_entry->share_file_id);
756 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
757 share_mode_str(talloc_tos(), num, share_entry) ));
758 smb_panic("validate_my_share_entries: Cannot match a "
759 "share entry with an open file\n");
762 if (is_deferred_open_entry(share_entry) ||
763 is_unused_share_mode_entry(share_entry)) {
767 if ((share_entry->op_type == NO_OPLOCK) &&
768 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
769 /* Someone has already written to it, but I haven't yet
774 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
783 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
784 share_mode_str(talloc_tos(), num, share_entry) ));
785 str = talloc_asprintf(talloc_tos(),
786 "validate_my_share_entries: "
787 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
788 fsp->fsp_name->base_name,
789 (unsigned int)fsp->oplock_type,
790 (unsigned int)share_entry->op_type );
796 bool is_stat_open(uint32 access_mask)
798 return (access_mask &&
799 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
800 FILE_WRITE_ATTRIBUTES))==0) &&
801 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
802 FILE_WRITE_ATTRIBUTES)) != 0));
805 /****************************************************************************
806 Deal with share modes
807 Invarient: Share mode must be locked on entry and exit.
808 Returns -1 on error, or number of share modes on success (may be zero).
809 ****************************************************************************/
811 static NTSTATUS open_mode_check(connection_struct *conn,
812 struct share_mode_lock *lck,
816 uint32 create_options,
821 if(lck->num_share_modes == 0) {
825 *file_existed = True;
827 /* A delete on close prohibits everything */
829 if (is_delete_on_close_set(lck, name_hash)) {
830 return NT_STATUS_DELETE_PENDING;
833 if (is_stat_open(access_mask)) {
834 /* Stat open that doesn't trigger oplock breaks or share mode
835 * checks... ! JRA. */
840 * Check if the share modes will give us access.
843 #if defined(DEVELOPER)
844 for(i = 0; i < lck->num_share_modes; i++) {
845 validate_my_share_entries(conn->sconn, i,
846 &lck->share_modes[i]);
850 if (!lp_share_modes(SNUM(conn))) {
854 /* Now we check the share modes, after any oplock breaks. */
855 for(i = 0; i < lck->num_share_modes; i++) {
857 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
861 /* someone else has a share lock on it, check to see if we can
863 if (share_conflict(&lck->share_modes[i],
864 access_mask, share_access)) {
865 return NT_STATUS_SHARING_VIOLATION;
872 static bool is_delete_request(files_struct *fsp) {
873 return ((fsp->access_mask == DELETE_ACCESS) &&
874 (fsp->oplock_type == NO_OPLOCK));
878 * Send a break message to the oplock holder and delay the open for
882 static NTSTATUS send_break_message(files_struct *fsp,
883 struct share_mode_entry *exclusive,
888 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
890 DEBUG(10, ("Sending break request to PID %s\n",
891 procid_str_static(&exclusive->pid)));
892 exclusive->op_mid = mid;
894 /* Create the message. */
895 share_mode_entry_to_message(msg, exclusive);
897 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
898 don't want this set in the share mode struct pointed to by lck. */
900 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
901 SSVAL(msg,OP_BREAK_MSG_OP_TYPE_OFFSET,
902 exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
905 status = messaging_send_buf(fsp->conn->sconn->msg_ctx, exclusive->pid,
906 MSG_SMB_BREAK_REQUEST,
908 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
909 if (!NT_STATUS_IS_OK(status)) {
910 DEBUG(3, ("Could not send oplock break message: %s\n",
918 * 1) No files open at all or internal open: Grant whatever the client wants.
920 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
921 * request, break if the oplock around is a batch oplock. If it's another
922 * requested access type, break.
924 * 3) Only level2 around: Grant level2 and do nothing else.
927 static bool delay_for_oplocks(struct share_mode_lock *lck,
934 struct share_mode_entry *exclusive = NULL;
935 bool valid_entry = false;
936 bool have_level2 = false;
937 bool have_a_none_oplock = false;
938 bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
939 lp_level2_oplocks(SNUM(fsp->conn));
941 if (oplock_request & INTERNAL_OPEN_ONLY) {
942 fsp->oplock_type = NO_OPLOCK;
945 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
949 for (i=0; i<lck->num_share_modes; i++) {
951 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
955 /* At least one entry is not an invalid or deferred entry. */
958 if (pass_number == 1) {
959 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
960 SMB_ASSERT(exclusive == NULL);
961 exclusive = &lck->share_modes[i];
964 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
965 SMB_ASSERT(exclusive == NULL);
966 exclusive = &lck->share_modes[i];
970 if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
971 SMB_ASSERT(exclusive == NULL);
975 if (lck->share_modes[i].op_type == NO_OPLOCK) {
976 have_a_none_oplock = true;
980 if (exclusive != NULL) { /* Found an exclusive oplock */
981 bool delay_it = is_delete_request(fsp) ?
982 BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
983 SMB_ASSERT(!have_level2);
985 send_break_message(fsp, exclusive, mid, oplock_request);
991 * Match what was requested (fsp->oplock_type) with
992 * what was found in the existing share modes.
996 /* All entries are placeholders or deferred.
997 * Directly grant whatever the client wants. */
998 if (fsp->oplock_type == NO_OPLOCK) {
999 /* Store a level2 oplock, but don't tell the client */
1000 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1002 } else if (have_a_none_oplock) {
1003 fsp->oplock_type = NO_OPLOCK;
1004 } else if (have_level2) {
1005 if (fsp->oplock_type == NO_OPLOCK ||
1006 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
1007 /* Store a level2 oplock, but don't tell the client */
1008 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1010 fsp->oplock_type = LEVEL_II_OPLOCK;
1013 /* This case can never happen. */
1018 * Don't grant level2 to clients that don't want them
1019 * or if we've turned them off.
1021 if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
1022 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1025 DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
1026 fsp->oplock_type, fsp_str_dbg(fsp)));
1032 bool request_timed_out(struct timeval request_time,
1033 struct timeval timeout)
1035 struct timeval now, end_time;
1037 end_time = timeval_sum(&request_time, &timeout);
1038 return (timeval_compare(&end_time, &now) < 0);
1041 /****************************************************************************
1042 Handle the 1 second delay in returning a SHARING_VIOLATION error.
1043 ****************************************************************************/
1045 static void defer_open(struct share_mode_lock *lck,
1046 struct timeval request_time,
1047 struct timeval timeout,
1048 struct smb_request *req,
1049 struct deferred_open_record *state)
1053 /* Paranoia check */
1055 for (i=0; i<lck->num_share_modes; i++) {
1056 struct share_mode_entry *e = &lck->share_modes[i];
1058 if (!is_deferred_open_entry(e)) {
1062 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
1063 DEBUG(0, ("Trying to defer an already deferred "
1064 "request: mid=%llu, exiting\n",
1065 (unsigned long long)req->mid));
1066 exit_server("attempt to defer a deferred request");
1070 /* End paranoia check */
1072 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1073 "open entry for mid %llu\n",
1074 (unsigned int)request_time.tv_sec,
1075 (unsigned int)request_time.tv_usec,
1076 (unsigned long long)req->mid));
1078 if (!push_deferred_open_message_smb(req, request_time, timeout,
1079 state->id, (char *)state, sizeof(*state))) {
1080 exit_server("push_deferred_open_message_smb failed");
1082 add_deferred_open(lck, req->mid, request_time,
1083 sconn_server_id(req->sconn), state->id);
1087 /****************************************************************************
1088 On overwrite open ensure that the attributes match.
1089 ****************************************************************************/
1091 bool open_match_attributes(connection_struct *conn,
1092 uint32 old_dos_attr,
1093 uint32 new_dos_attr,
1094 mode_t existing_unx_mode,
1095 mode_t new_unx_mode,
1096 mode_t *returned_unx_mode)
1098 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1100 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1101 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1103 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1104 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1105 *returned_unx_mode = new_unx_mode;
1107 *returned_unx_mode = (mode_t)0;
1110 DEBUG(10,("open_match_attributes: old_dos_attr = 0x%x, "
1111 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1112 "returned_unx_mode = 0%o\n",
1113 (unsigned int)old_dos_attr,
1114 (unsigned int)existing_unx_mode,
1115 (unsigned int)new_dos_attr,
1116 (unsigned int)*returned_unx_mode ));
1118 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1119 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1120 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1121 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1125 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1126 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1127 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1134 /****************************************************************************
1135 Special FCB or DOS processing in the case of a sharing violation.
1136 Try and find a duplicated file handle.
1137 ****************************************************************************/
1139 NTSTATUS fcb_or_dos_open(struct smb_request *req,
1140 connection_struct *conn,
1141 files_struct *fsp_to_dup_into,
1142 const struct smb_filename *smb_fname,
1147 uint32 share_access,
1148 uint32 create_options)
1152 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1153 "file %s.\n", smb_fname_str_dbg(smb_fname)));
1155 for(fsp = file_find_di_first(conn->sconn, id); fsp;
1156 fsp = file_find_di_next(fsp)) {
1158 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1159 "vuid = %u, file_pid = %u, private_options = 0x%x "
1160 "access_mask = 0x%x\n", fsp_str_dbg(fsp),
1161 fsp->fh->fd, (unsigned int)fsp->vuid,
1162 (unsigned int)fsp->file_pid,
1163 (unsigned int)fsp->fh->private_options,
1164 (unsigned int)fsp->access_mask ));
1166 if (fsp->fh->fd != -1 &&
1167 fsp->vuid == vuid &&
1168 fsp->file_pid == file_pid &&
1169 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1170 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1171 (fsp->access_mask & FILE_WRITE_DATA) &&
1172 strequal(fsp->fsp_name->base_name, smb_fname->base_name) &&
1173 strequal(fsp->fsp_name->stream_name,
1174 smb_fname->stream_name)) {
1175 DEBUG(10,("fcb_or_dos_open: file match\n"));
1181 return NT_STATUS_NOT_FOUND;
1184 /* quite an insane set of semantics ... */
1185 if (is_executable(smb_fname->base_name) &&
1186 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1187 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1188 return NT_STATUS_INVALID_PARAMETER;
1191 /* We need to duplicate this fsp. */
1192 return dup_file_fsp(req, fsp, access_mask, share_access,
1193 create_options, fsp_to_dup_into);
1196 /****************************************************************************
1197 Open a file with a share mode - old openX method - map into NTCreate.
1198 ****************************************************************************/
1200 bool map_open_params_to_ntcreate(const struct smb_filename *smb_fname,
1201 int deny_mode, int open_func,
1202 uint32 *paccess_mask,
1203 uint32 *pshare_mode,
1204 uint32 *pcreate_disposition,
1205 uint32 *pcreate_options,
1206 uint32_t *pprivate_flags)
1210 uint32 create_disposition;
1211 uint32 create_options = FILE_NON_DIRECTORY_FILE;
1212 uint32_t private_flags = 0;
1214 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1215 "open_func = 0x%x\n",
1216 smb_fname_str_dbg(smb_fname), (unsigned int)deny_mode,
1217 (unsigned int)open_func ));
1219 /* Create the NT compatible access_mask. */
1220 switch (GET_OPENX_MODE(deny_mode)) {
1221 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1222 case DOS_OPEN_RDONLY:
1223 access_mask = FILE_GENERIC_READ;
1225 case DOS_OPEN_WRONLY:
1226 access_mask = FILE_GENERIC_WRITE;
1230 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1233 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1234 (unsigned int)GET_OPENX_MODE(deny_mode)));
1238 /* Create the NT compatible create_disposition. */
1239 switch (open_func) {
1240 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1241 create_disposition = FILE_CREATE;
1244 case OPENX_FILE_EXISTS_OPEN:
1245 create_disposition = FILE_OPEN;
1248 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1249 create_disposition = FILE_OPEN_IF;
1252 case OPENX_FILE_EXISTS_TRUNCATE:
1253 create_disposition = FILE_OVERWRITE;
1256 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1257 create_disposition = FILE_OVERWRITE_IF;
1261 /* From samba4 - to be confirmed. */
1262 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1263 create_disposition = FILE_CREATE;
1266 DEBUG(10,("map_open_params_to_ntcreate: bad "
1267 "open_func 0x%x\n", (unsigned int)open_func));
1271 /* Create the NT compatible share modes. */
1272 switch (GET_DENY_MODE(deny_mode)) {
1274 share_mode = FILE_SHARE_NONE;
1278 share_mode = FILE_SHARE_READ;
1282 share_mode = FILE_SHARE_WRITE;
1286 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1290 private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1291 if (is_executable(smb_fname->base_name)) {
1292 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1294 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1295 share_mode = FILE_SHARE_READ;
1297 share_mode = FILE_SHARE_NONE;
1303 private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1304 share_mode = FILE_SHARE_NONE;
1308 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1309 (unsigned int)GET_DENY_MODE(deny_mode) ));
1313 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1314 "share_mode = 0x%x, create_disposition = 0x%x, "
1315 "create_options = 0x%x private_flags = 0x%x\n",
1316 smb_fname_str_dbg(smb_fname),
1317 (unsigned int)access_mask,
1318 (unsigned int)share_mode,
1319 (unsigned int)create_disposition,
1320 (unsigned int)create_options,
1321 (unsigned int)private_flags));
1324 *paccess_mask = access_mask;
1327 *pshare_mode = share_mode;
1329 if (pcreate_disposition) {
1330 *pcreate_disposition = create_disposition;
1332 if (pcreate_options) {
1333 *pcreate_options = create_options;
1335 if (pprivate_flags) {
1336 *pprivate_flags = private_flags;
1343 static void schedule_defer_open(struct share_mode_lock *lck,
1344 struct timeval request_time,
1345 struct smb_request *req)
1347 struct deferred_open_record state;
1349 /* This is a relative time, added to the absolute
1350 request_time value to get the absolute timeout time.
1351 Note that if this is the second or greater time we enter
1352 this codepath for this particular request mid then
1353 request_time is left as the absolute time of the *first*
1354 time this request mid was processed. This is what allows
1355 the request to eventually time out. */
1357 struct timeval timeout;
1359 /* Normally the smbd we asked should respond within
1360 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1361 * the client did, give twice the timeout as a safety
1362 * measure here in case the other smbd is stuck
1363 * somewhere else. */
1365 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1367 /* Nothing actually uses state.delayed_for_oplocks
1368 but it's handy to differentiate in debug messages
1369 between a 30 second delay due to oplock break, and
1370 a 1 second delay for share mode conflicts. */
1372 state.delayed_for_oplocks = True;
1375 if (!request_timed_out(request_time, timeout)) {
1376 defer_open(lck, request_time, timeout, req, &state);
1380 /****************************************************************************
1381 Work out what access_mask to use from what the client sent us.
1382 ****************************************************************************/
1384 static NTSTATUS calculate_access_mask(connection_struct *conn,
1385 const struct smb_filename *smb_fname,
1387 uint32_t access_mask,
1388 uint32_t *access_mask_out)
1393 * Convert GENERIC bits to specific bits.
1396 se_map_generic(&access_mask, &file_generic_mapping);
1398 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1399 if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1402 struct security_descriptor *sd;
1403 uint32_t access_granted = 0;
1405 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
1410 if (!NT_STATUS_IS_OK(status)) {
1411 DEBUG(10, ("calculate_access_mask: Could not get acl "
1413 smb_fname_str_dbg(smb_fname),
1414 nt_errstr(status)));
1415 return NT_STATUS_ACCESS_DENIED;
1418 status = smb1_file_se_access_check(conn,
1420 get_current_nttok(conn),
1426 if (!NT_STATUS_IS_OK(status)) {
1427 DEBUG(10, ("calculate_access_mask: Access denied on "
1428 "file %s: when calculating maximum access\n",
1429 smb_fname_str_dbg(smb_fname)));
1430 return NT_STATUS_ACCESS_DENIED;
1433 access_mask = access_granted;
1435 access_mask = FILE_GENERIC_ALL;
1439 *access_mask_out = access_mask;
1440 return NT_STATUS_OK;
1443 /****************************************************************************
1444 Remove the deferred open entry under lock.
1445 ****************************************************************************/
1447 void remove_deferred_open_entry(struct file_id id, uint64_t mid,
1448 struct server_id pid)
1450 struct share_mode_lock *lck = get_share_mode_lock(talloc_tos(), id,
1453 DEBUG(0, ("could not get share mode lock\n"));
1455 del_deferred_open_entry(lck, mid, pid);
1460 /****************************************************************************
1461 Open a file with a share mode. Passed in an already created files_struct *.
1462 ****************************************************************************/
1464 static NTSTATUS open_file_ntcreate(connection_struct *conn,
1465 struct smb_request *req,
1466 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1467 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1468 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1469 uint32 create_options, /* options such as delete on close. */
1470 uint32 new_dos_attributes, /* attributes used for new file. */
1471 int oplock_request, /* internal Samba oplock codes. */
1472 /* Information (FILE_EXISTS etc.) */
1473 uint32_t private_flags, /* Samba specific flags. */
1477 struct smb_filename *smb_fname = fsp->fsp_name;
1480 bool file_existed = VALID_STAT(smb_fname->st);
1481 bool def_acl = False;
1482 bool posix_open = False;
1483 bool new_file_created = False;
1484 bool clear_ads = false;
1486 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1487 mode_t new_unx_mode = (mode_t)0;
1488 mode_t unx_mode = (mode_t)0;
1490 uint32 existing_dos_attributes = 0;
1491 struct timeval request_time = timeval_zero();
1492 struct share_mode_lock *lck = NULL;
1493 uint32 open_access_mask = access_mask;
1499 /* Windows allows a new file to be created and
1500 silently removes a FILE_ATTRIBUTE_DIRECTORY
1501 sent by the client. Do the same. */
1503 new_dos_attributes &= ~FILE_ATTRIBUTE_DIRECTORY;
1505 if (conn->printer) {
1507 * Printers are handled completely differently.
1508 * Most of the passed parameters are ignored.
1512 *pinfo = FILE_WAS_CREATED;
1515 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n",
1516 smb_fname_str_dbg(smb_fname)));
1519 DEBUG(0,("open_file_ntcreate: printer open without "
1520 "an SMB request!\n"));
1521 return NT_STATUS_INTERNAL_ERROR;
1524 return print_spool_open(fsp, smb_fname->base_name,
1528 if (!parent_dirname(talloc_tos(), smb_fname->base_name, &parent_dir,
1530 return NT_STATUS_NO_MEMORY;
1533 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1535 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1536 new_dos_attributes = 0;
1538 /* We add aARCH to this as this mode is only used if the file is
1540 unx_mode = unix_mode(conn, new_dos_attributes | aARCH,
1541 smb_fname, parent_dir);
1544 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1545 "access_mask=0x%x share_access=0x%x "
1546 "create_disposition = 0x%x create_options=0x%x "
1547 "unix mode=0%o oplock_request=%d private_flags = 0x%x\n",
1548 smb_fname_str_dbg(smb_fname), new_dos_attributes,
1549 access_mask, share_access, create_disposition,
1550 create_options, (unsigned int)unx_mode, oplock_request,
1551 (unsigned int)private_flags));
1553 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1554 DEBUG(0, ("No smb request but not an internal only open!\n"));
1555 return NT_STATUS_INTERNAL_ERROR;
1559 * Only non-internal opens can be deferred at all
1564 if (get_deferred_open_message_state(req,
1568 struct deferred_open_record *state = (struct deferred_open_record *)ptr;
1569 /* Remember the absolute time of the original
1570 request with this mid. We'll use it later to
1571 see if this has timed out. */
1573 /* Remove the deferred open entry under lock. */
1574 remove_deferred_open_entry(
1575 state->id, req->mid,
1576 sconn_server_id(req->sconn));
1578 /* Ensure we don't reprocess this message. */
1579 remove_deferred_open_message_smb(req->mid);
1583 status = check_name(conn, smb_fname->base_name);
1584 if (!NT_STATUS_IS_OK(status)) {
1589 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1591 existing_dos_attributes = dos_mode(conn, smb_fname);
1595 /* ignore any oplock requests if oplocks are disabled */
1596 if (!lp_oplocks(SNUM(conn)) ||
1597 IS_VETO_OPLOCK_PATH(conn, smb_fname->base_name)) {
1598 /* Mask off everything except the private Samba bits. */
1599 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1602 /* this is for OS/2 long file names - say we don't support them */
1603 if (!lp_posix_pathnames() && strstr(smb_fname->base_name,".+,;=[].")) {
1604 /* OS/2 Workplace shell fix may be main code stream in a later
1606 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1608 if (use_nt_status()) {
1609 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1611 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1614 switch( create_disposition ) {
1616 * Currently we're using FILE_SUPERSEDE as the same as
1617 * FILE_OVERWRITE_IF but they really are
1618 * different. FILE_SUPERSEDE deletes an existing file
1619 * (requiring delete access) then recreates it.
1621 case FILE_SUPERSEDE:
1622 /* If file exists replace/overwrite. If file doesn't
1624 flags2 |= (O_CREAT | O_TRUNC);
1628 case FILE_OVERWRITE_IF:
1629 /* If file exists replace/overwrite. If file doesn't
1631 flags2 |= (O_CREAT | O_TRUNC);
1636 /* If file exists open. If file doesn't exist error. */
1637 if (!file_existed) {
1638 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1639 "requested for file %s and file "
1641 smb_fname_str_dbg(smb_fname)));
1643 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1647 case FILE_OVERWRITE:
1648 /* If file exists overwrite. If file doesn't exist
1650 if (!file_existed) {
1651 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1652 "requested for file %s and file "
1654 smb_fname_str_dbg(smb_fname) ));
1656 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1663 /* If file exists error. If file doesn't exist
1666 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1667 "requested for file %s and file "
1668 "already exists.\n",
1669 smb_fname_str_dbg(smb_fname)));
1670 if (S_ISDIR(smb_fname->st.st_ex_mode)) {
1675 return map_nt_error_from_unix(errno);
1677 flags2 |= (O_CREAT|O_EXCL);
1681 /* If file exists open. If file doesn't exist
1687 return NT_STATUS_INVALID_PARAMETER;
1690 /* We only care about matching attributes on file exists and
1693 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1694 (create_disposition == FILE_OVERWRITE_IF))) {
1695 if (!open_match_attributes(conn, existing_dos_attributes,
1697 smb_fname->st.st_ex_mode,
1698 unx_mode, &new_unx_mode)) {
1699 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1700 "for file %s (%x %x) (0%o, 0%o)\n",
1701 smb_fname_str_dbg(smb_fname),
1702 existing_dos_attributes,
1704 (unsigned int)smb_fname->st.st_ex_mode,
1705 (unsigned int)unx_mode ));
1707 return NT_STATUS_ACCESS_DENIED;
1711 status = calculate_access_mask(conn, smb_fname, file_existed,
1714 if (!NT_STATUS_IS_OK(status)) {
1715 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1716 "on file %s returned %s\n",
1717 smb_fname_str_dbg(smb_fname), nt_errstr(status)));
1721 open_access_mask = access_mask;
1723 if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1724 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1727 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1728 "access_mask=0x%x\n", smb_fname_str_dbg(smb_fname),
1732 * Note that we ignore the append flag as append does not
1733 * mean the same thing under DOS and Unix.
1736 if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1737 (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1738 /* DENY_DOS opens are always underlying read-write on the
1739 file handle, no matter what the requested access mask
1741 if ((private_flags & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1742 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1752 * Currently we only look at FILE_WRITE_THROUGH for create options.
1756 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1761 if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1765 if (!posix_open && !CAN_WRITE(conn)) {
1767 * We should really return a permission denied error if either
1768 * O_CREAT or O_TRUNC are set, but for compatibility with
1769 * older versions of Samba we just AND them out.
1771 flags2 &= ~(O_CREAT|O_TRUNC);
1775 * Ensure we can't write on a read-only share or file.
1778 if (flags != O_RDONLY && file_existed &&
1779 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1780 DEBUG(5,("open_file_ntcreate: write access requested for "
1781 "file %s on read only %s\n",
1782 smb_fname_str_dbg(smb_fname),
1783 !CAN_WRITE(conn) ? "share" : "file" ));
1785 return NT_STATUS_ACCESS_DENIED;
1788 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1789 fsp->share_access = share_access;
1790 fsp->fh->private_options = private_flags;
1791 fsp->access_mask = open_access_mask; /* We change this to the
1792 * requested access_mask after
1793 * the open is done. */
1794 fsp->posix_open = posix_open;
1796 /* Ensure no SAMBA_PRIVATE bits can be set. */
1797 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1799 if (timeval_is_zero(&request_time)) {
1800 request_time = fsp->open_time;
1804 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
1805 id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1807 lck = get_share_mode_lock(talloc_tos(), id,
1809 smb_fname, &old_write_time);
1812 DEBUG(0, ("Could not get share mode lock\n"));
1813 return NT_STATUS_SHARING_VIOLATION;
1816 /* First pass - send break only on batch oplocks. */
1818 && delay_for_oplocks(lck, fsp, req->mid, 1,
1820 schedule_defer_open(lck, request_time, req);
1822 return NT_STATUS_SHARING_VIOLATION;
1825 /* Use the client requested access mask here, not the one we
1827 status = open_mode_check(conn, lck, fsp->name_hash,
1828 access_mask, share_access,
1829 create_options, &file_existed);
1831 if (NT_STATUS_IS_OK(status)) {
1832 /* We might be going to allow this open. Check oplock
1834 /* Second pass - send break for both batch or
1835 * exclusive oplocks. */
1837 && delay_for_oplocks(lck, fsp, req->mid, 2,
1839 schedule_defer_open(lck, request_time, req);
1841 return NT_STATUS_SHARING_VIOLATION;
1845 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1846 /* DELETE_PENDING is not deferred for a second */
1851 if (!NT_STATUS_IS_OK(status)) {
1852 uint32 can_access_mask;
1853 bool can_access = True;
1855 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1857 /* Check if this can be done with the deny_dos and fcb
1860 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1861 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1863 DEBUG(0, ("DOS open without an SMB "
1866 return NT_STATUS_INTERNAL_ERROR;
1869 /* Use the client requested access mask here,
1870 * not the one we open with. */
1871 status = fcb_or_dos_open(req,
1882 if (NT_STATUS_IS_OK(status)) {
1885 *pinfo = FILE_WAS_OPENED;
1887 return NT_STATUS_OK;
1892 * This next line is a subtlety we need for
1893 * MS-Access. If a file open will fail due to share
1894 * permissions and also for security (access) reasons,
1895 * we need to return the access failed error, not the
1896 * share error. We can't open the file due to kernel
1897 * oplock deadlock (it's possible we failed above on
1898 * the open_mode_check()) so use a userspace check.
1901 if (flags & O_RDWR) {
1902 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1903 } else if (flags & O_WRONLY) {
1904 can_access_mask = FILE_WRITE_DATA;
1906 can_access_mask = FILE_READ_DATA;
1909 if (((can_access_mask & FILE_WRITE_DATA) &&
1910 !CAN_WRITE(conn)) ||
1911 !can_access_file_data(conn, smb_fname,
1917 * If we're returning a share violation, ensure we
1918 * cope with the braindead 1 second delay.
1921 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1922 lp_defer_sharing_violations()) {
1923 struct timeval timeout;
1924 struct deferred_open_record state;
1927 /* this is a hack to speed up torture tests
1929 timeout_usecs = lp_parm_int(SNUM(conn),
1930 "smbd","sharedelay",
1931 SHARING_VIOLATION_USEC_WAIT);
1933 /* This is a relative time, added to the absolute
1934 request_time value to get the absolute timeout time.
1935 Note that if this is the second or greater time we enter
1936 this codepath for this particular request mid then
1937 request_time is left as the absolute time of the *first*
1938 time this request mid was processed. This is what allows
1939 the request to eventually time out. */
1941 timeout = timeval_set(0, timeout_usecs);
1943 /* Nothing actually uses state.delayed_for_oplocks
1944 but it's handy to differentiate in debug messages
1945 between a 30 second delay due to oplock break, and
1946 a 1 second delay for share mode conflicts. */
1948 state.delayed_for_oplocks = False;
1952 && !request_timed_out(request_time,
1954 defer_open(lck, request_time, timeout,
1962 * We have detected a sharing violation here
1963 * so return the correct error code
1965 status = NT_STATUS_SHARING_VIOLATION;
1967 status = NT_STATUS_ACCESS_DENIED;
1973 * We exit this block with the share entry *locked*.....
1977 SMB_ASSERT(!file_existed || (lck != NULL));
1980 * Ensure we pay attention to default ACLs on directories if required.
1983 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1984 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1985 unx_mode = (0777 & lp_create_mask(SNUM(conn)));
1988 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1989 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1990 (unsigned int)flags, (unsigned int)flags2,
1991 (unsigned int)unx_mode, (unsigned int)access_mask,
1992 (unsigned int)open_access_mask));
1995 * open_file strips any O_TRUNC flags itself.
1998 fsp_open = open_file(fsp, conn, req, parent_dir,
1999 flags|flags2, unx_mode, access_mask,
2002 if (!NT_STATUS_IS_OK(fsp_open)) {
2009 if (!file_existed) {
2010 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
2012 * Deal with the race condition where two smbd's detect the
2013 * file doesn't exist and do the create at the same time. One
2014 * of them will win and set a share mode, the other (ie. this
2015 * one) should check if the requested share mode for this
2016 * create is allowed.
2020 * Now the file exists and fsp is successfully opened,
2021 * fsp->dev and fsp->inode are valid and should replace the
2022 * dev=0,inode=0 from a non existent file. Spotted by
2023 * Nadav Danieli <nadavd@exanet.com>. JRA.
2028 lck = get_share_mode_lock(talloc_tos(), id,
2030 smb_fname, &old_write_time);
2033 DEBUG(0, ("open_file_ntcreate: Could not get share "
2034 "mode lock for %s\n",
2035 smb_fname_str_dbg(smb_fname)));
2037 return NT_STATUS_SHARING_VIOLATION;
2040 /* First pass - send break only on batch oplocks. */
2042 && delay_for_oplocks(lck, fsp, req->mid, 1,
2044 schedule_defer_open(lck, request_time, req);
2047 return NT_STATUS_SHARING_VIOLATION;
2050 status = open_mode_check(conn, lck, fsp->name_hash,
2051 access_mask, share_access,
2052 create_options, &file_existed);
2054 if (NT_STATUS_IS_OK(status)) {
2055 /* We might be going to allow this open. Check oplock
2057 /* Second pass - send break for both batch or
2058 * exclusive oplocks. */
2060 && delay_for_oplocks(lck, fsp, req->mid, 2,
2062 schedule_defer_open(lck, request_time, req);
2065 return NT_STATUS_SHARING_VIOLATION;
2069 if (!NT_STATUS_IS_OK(status)) {
2070 struct deferred_open_record state;
2074 state.delayed_for_oplocks = False;
2077 /* Do it all over again immediately. In the second
2078 * round we will find that the file existed and handle
2079 * the DELETE_PENDING and FCB cases correctly. No need
2080 * to duplicate the code here. Essentially this is a
2081 * "goto top of this function", but don't tell
2085 defer_open(lck, request_time, timeval_zero(),
2093 * We exit this block with the share entry *locked*.....
2098 SMB_ASSERT(lck != NULL);
2100 /* Delete streams if create_disposition requires it */
2101 if (file_existed && clear_ads &&
2102 !is_ntfs_stream_smb_fname(smb_fname)) {
2103 status = delete_all_streams(conn, smb_fname->base_name);
2104 if (!NT_STATUS_IS_OK(status)) {
2111 /* note that we ignore failure for the following. It is
2112 basically a hack for NFS, and NFS will never set one of
2113 these only read them. Nobody but Samba can ever set a deny
2114 mode and we have already checked our more authoritative
2115 locking database for permission to set this deny mode. If
2116 the kernel refuses the operations then the kernel is wrong.
2117 note that GPFS supports it as well - jmcd */
2119 if (fsp->fh->fd != -1) {
2121 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access, access_mask);
2122 if(ret_flock == -1 ){
2127 return NT_STATUS_SHARING_VIOLATION;
2132 * At this point onwards, we can guarentee that the share entry
2133 * is locked, whether we created the file or not, and that the
2134 * deny mode is compatible with all current opens.
2138 * If requested, truncate the file.
2141 if (file_existed && (flags2&O_TRUNC)) {
2143 * We are modifing the file after open - update the stat
2146 if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2147 (SMB_VFS_FSTAT(fsp, &smb_fname->st)==-1)) {
2148 status = map_nt_error_from_unix(errno);
2156 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2158 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2161 /* stat opens on existing files don't get oplocks. */
2162 if (is_stat_open(open_access_mask)) {
2163 fsp->oplock_type = NO_OPLOCK;
2166 if (!(flags2 & O_TRUNC)) {
2167 info = FILE_WAS_OPENED;
2169 info = FILE_WAS_OVERWRITTEN;
2172 info = FILE_WAS_CREATED;
2180 * Setup the oplock info in both the shared memory and
2184 if (!set_file_oplock(fsp, fsp->oplock_type)) {
2185 /* Could not get the kernel oplock */
2186 fsp->oplock_type = NO_OPLOCK;
2189 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2190 new_file_created = True;
2193 set_share_mode(lck, fsp, get_current_uid(conn), 0,
2196 /* Handle strange delete on close create semantics. */
2197 if (create_options & FILE_DELETE_ON_CLOSE) {
2199 status = can_set_delete_on_close(fsp, new_dos_attributes);
2201 if (!NT_STATUS_IS_OK(status)) {
2202 /* Remember to delete the mode we just added. */
2203 del_share_mode(lck, fsp);
2208 /* Note that here we set the *inital* delete on close flag,
2209 not the regular one. The magic gets handled in close. */
2210 fsp->initial_delete_on_close = True;
2213 if (new_file_created) {
2214 /* Files should be initially set as archive */
2215 if (lp_map_archive(SNUM(conn)) ||
2216 lp_store_dos_attributes(SNUM(conn))) {
2218 if (file_set_dosmode(conn, smb_fname,
2219 new_dos_attributes | aARCH,
2220 parent_dir, true) == 0) {
2221 unx_mode = smb_fname->st.st_ex_mode;
2227 /* Determine sparse flag. */
2229 /* POSIX opens are sparse by default. */
2230 fsp->is_sparse = true;
2232 fsp->is_sparse = (file_existed &&
2233 (existing_dos_attributes & FILE_ATTRIBUTE_SPARSE));
2237 * Take care of inherited ACLs on created files - if default ACL not
2241 if (!posix_open && !file_existed && !def_acl) {
2243 int saved_errno = errno; /* We might get ENOSYS in the next
2246 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2248 errno = saved_errno; /* Ignore ENOSYS */
2251 } else if (new_unx_mode) {
2255 /* Attributes need changing. File already existed. */
2258 int saved_errno = errno; /* We might get ENOSYS in the
2260 ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2262 if (ret == -1 && errno == ENOSYS) {
2263 errno = saved_errno; /* Ignore ENOSYS */
2265 DEBUG(5, ("open_file_ntcreate: reset "
2266 "attributes of file %s to 0%o\n",
2267 smb_fname_str_dbg(smb_fname),
2268 (unsigned int)new_unx_mode));
2269 ret = 0; /* Don't do the fchmod below. */
2274 (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2275 DEBUG(5, ("open_file_ntcreate: failed to reset "
2276 "attributes of file %s to 0%o\n",
2277 smb_fname_str_dbg(smb_fname),
2278 (unsigned int)new_unx_mode));
2281 /* If this is a successful open, we must remove any deferred open
2284 del_deferred_open_entry(lck, req->mid,
2285 sconn_server_id(req->sconn));
2289 return NT_STATUS_OK;
2293 /****************************************************************************
2294 Open a file for for write to ensure that we can fchmod it.
2295 ****************************************************************************/
2297 NTSTATUS open_file_fchmod(connection_struct *conn,
2298 struct smb_filename *smb_fname,
2299 files_struct **result)
2301 if (!VALID_STAT(smb_fname->st)) {
2302 return NT_STATUS_INVALID_PARAMETER;
2305 return SMB_VFS_CREATE_FILE(
2308 0, /* root_dir_fid */
2309 smb_fname, /* fname */
2310 FILE_WRITE_DATA, /* access_mask */
2311 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
2313 FILE_OPEN, /* create_disposition*/
2314 0, /* create_options */
2315 0, /* file_attributes */
2316 INTERNAL_OPEN_ONLY, /* oplock_request */
2317 0, /* allocation_size */
2318 0, /* private_flags */
2321 result, /* result */
2325 static NTSTATUS mkdir_internal(connection_struct *conn,
2326 struct smb_filename *smb_dname,
2327 uint32 file_attributes)
2332 bool posix_open = false;
2334 if(!CAN_WRITE(conn)) {
2335 DEBUG(5,("mkdir_internal: failing create on read-only share "
2336 "%s\n", lp_servicename(SNUM(conn))));
2337 return NT_STATUS_ACCESS_DENIED;
2340 status = check_name(conn, smb_dname->base_name);
2341 if (!NT_STATUS_IS_OK(status)) {
2345 if (!parent_dirname(talloc_tos(), smb_dname->base_name, &parent_dir,
2347 return NT_STATUS_NO_MEMORY;
2350 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2352 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2354 mode = unix_mode(conn, aDIR, smb_dname, parent_dir);
2357 if (SMB_VFS_MKDIR(conn, smb_dname->base_name, mode) != 0) {
2358 return map_nt_error_from_unix(errno);
2361 /* Ensure we're checking for a symlink here.... */
2362 /* We don't want to get caught by a symlink racer. */
2364 if (SMB_VFS_LSTAT(conn, smb_dname) == -1) {
2365 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2366 smb_fname_str_dbg(smb_dname), strerror(errno)));
2367 return map_nt_error_from_unix(errno);
2370 if (!S_ISDIR(smb_dname->st.st_ex_mode)) {
2371 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2372 smb_fname_str_dbg(smb_dname)));
2373 return NT_STATUS_ACCESS_DENIED;
2376 if (lp_store_dos_attributes(SNUM(conn))) {
2378 file_set_dosmode(conn, smb_dname,
2379 file_attributes | aDIR,
2384 if (lp_inherit_perms(SNUM(conn))) {
2385 inherit_access_posix_acl(conn, parent_dir,
2386 smb_dname->base_name, mode);
2391 * Check if high bits should have been set,
2392 * then (if bits are missing): add them.
2393 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2396 if ((mode & ~(S_IRWXU|S_IRWXG|S_IRWXO)) &&
2397 (mode & ~smb_dname->st.st_ex_mode)) {
2398 SMB_VFS_CHMOD(conn, smb_dname->base_name,
2399 (smb_dname->st.st_ex_mode |
2400 (mode & ~smb_dname->st.st_ex_mode)));
2404 /* Change the owner if required. */
2405 if (lp_inherit_owner(SNUM(conn))) {
2406 change_dir_owner_to_parent(conn, parent_dir,
2407 smb_dname->base_name,
2411 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2412 smb_dname->base_name);
2414 return NT_STATUS_OK;
2417 /****************************************************************************
2418 Open a directory from an NT SMB call.
2419 ****************************************************************************/
2421 static NTSTATUS open_directory(connection_struct *conn,
2422 struct smb_request *req,
2423 struct smb_filename *smb_dname,
2425 uint32 share_access,
2426 uint32 create_disposition,
2427 uint32 create_options,
2428 uint32 file_attributes,
2430 files_struct **result)
2432 files_struct *fsp = NULL;
2433 bool dir_existed = VALID_STAT(smb_dname->st) ? True : False;
2434 struct share_mode_lock *lck = NULL;
2436 struct timespec mtimespec;
2439 SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
2441 /* Ensure we have a directory attribute. */
2442 file_attributes |= FILE_ATTRIBUTE_DIRECTORY;
2444 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2445 "share_access = 0x%x create_options = 0x%x, "
2446 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2447 smb_fname_str_dbg(smb_dname),
2448 (unsigned int)access_mask,
2449 (unsigned int)share_access,
2450 (unsigned int)create_options,
2451 (unsigned int)create_disposition,
2452 (unsigned int)file_attributes));
2454 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2455 (conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2456 is_ntfs_stream_smb_fname(smb_dname)) {
2457 DEBUG(2, ("open_directory: %s is a stream name!\n",
2458 smb_fname_str_dbg(smb_dname)));
2459 return NT_STATUS_NOT_A_DIRECTORY;
2462 status = calculate_access_mask(conn, smb_dname, dir_existed,
2463 access_mask, &access_mask);
2464 if (!NT_STATUS_IS_OK(status)) {
2465 DEBUG(10, ("open_directory: calculate_access_mask "
2466 "on file %s returned %s\n",
2467 smb_fname_str_dbg(smb_dname),
2468 nt_errstr(status)));
2472 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
2473 !security_token_has_privilege(get_current_nttok(conn),
2474 SEC_PRIV_SECURITY)) {
2475 DEBUG(10, ("open_directory: open on %s "
2476 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2477 smb_fname_str_dbg(smb_dname)));
2478 return NT_STATUS_PRIVILEGE_NOT_HELD;
2481 switch( create_disposition ) {
2484 info = FILE_WAS_OPENED;
2487 * We want to follow symlinks here.
2490 if (SMB_VFS_STAT(conn, smb_dname) != 0) {
2491 return map_nt_error_from_unix(errno);
2498 /* If directory exists error. If directory doesn't
2501 status = mkdir_internal(conn, smb_dname,
2504 if (!NT_STATUS_IS_OK(status)) {
2505 DEBUG(2, ("open_directory: unable to create "
2506 "%s. Error was %s\n",
2507 smb_fname_str_dbg(smb_dname),
2508 nt_errstr(status)));
2512 info = FILE_WAS_CREATED;
2517 * If directory exists open. If directory doesn't
2521 status = mkdir_internal(conn, smb_dname,
2524 if (NT_STATUS_IS_OK(status)) {
2525 info = FILE_WAS_CREATED;
2528 if (NT_STATUS_EQUAL(status,
2529 NT_STATUS_OBJECT_NAME_COLLISION)) {
2530 info = FILE_WAS_OPENED;
2531 status = NT_STATUS_OK;
2536 case FILE_SUPERSEDE:
2537 case FILE_OVERWRITE:
2538 case FILE_OVERWRITE_IF:
2540 DEBUG(5,("open_directory: invalid create_disposition "
2541 "0x%x for directory %s\n",
2542 (unsigned int)create_disposition,
2543 smb_fname_str_dbg(smb_dname)));
2544 return NT_STATUS_INVALID_PARAMETER;
2547 if(!S_ISDIR(smb_dname->st.st_ex_mode)) {
2548 DEBUG(5,("open_directory: %s is not a directory !\n",
2549 smb_fname_str_dbg(smb_dname)));
2550 return NT_STATUS_NOT_A_DIRECTORY;
2553 if (info == FILE_WAS_OPENED) {
2554 uint32_t access_granted = 0;
2555 status = smbd_check_open_rights(conn, smb_dname, access_mask,
2558 /* Were we trying to do a directory open
2559 * for delete and didn't get DELETE
2560 * access (only) ? Check if the
2561 * directory allows DELETE_CHILD.
2563 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2566 if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2567 (access_mask & DELETE_ACCESS) &&
2568 (access_granted == DELETE_ACCESS) &&
2569 can_delete_file_in_directory(conn, smb_dname))) {
2570 DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2571 "on directory %s\n",
2572 smb_fname_str_dbg(smb_dname)));
2573 status = NT_STATUS_OK;
2576 if (!NT_STATUS_IS_OK(status)) {
2577 DEBUG(10, ("open_directory: smbd_check_open_rights on "
2578 "file %s failed with %s\n",
2579 smb_fname_str_dbg(smb_dname),
2580 nt_errstr(status)));
2585 status = file_new(req, conn, &fsp);
2586 if(!NT_STATUS_IS_OK(status)) {
2591 * Setup the files_struct for it.
2594 fsp->mode = smb_dname->st.st_ex_mode;
2595 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_dname->st);
2596 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2597 fsp->file_pid = req ? req->smbpid : 0;
2598 fsp->can_lock = False;
2599 fsp->can_read = False;
2600 fsp->can_write = False;
2602 fsp->share_access = share_access;
2603 fsp->fh->private_options = 0;
2605 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2607 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2608 fsp->print_file = NULL;
2609 fsp->modified = False;
2610 fsp->oplock_type = NO_OPLOCK;
2611 fsp->sent_oplock_break = NO_BREAK_SENT;
2612 fsp->is_directory = True;
2613 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2614 status = fsp_set_smb_fname(fsp, smb_dname);
2615 if (!NT_STATUS_IS_OK(status)) {
2619 mtimespec = smb_dname->st.st_ex_mtime;
2621 lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2622 conn->connectpath, smb_dname, &mtimespec);
2625 DEBUG(0, ("open_directory: Could not get share mode lock for "
2626 "%s\n", smb_fname_str_dbg(smb_dname)));
2627 file_free(req, fsp);
2628 return NT_STATUS_SHARING_VIOLATION;
2631 status = open_mode_check(conn, lck, fsp->name_hash,
2632 access_mask, share_access,
2633 create_options, &dir_existed);
2635 if (!NT_STATUS_IS_OK(status)) {
2637 file_free(req, fsp);
2641 set_share_mode(lck, fsp, get_current_uid(conn), 0, NO_OPLOCK);
2643 /* For directories the delete on close bit at open time seems
2644 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2645 if (create_options & FILE_DELETE_ON_CLOSE) {
2646 status = can_set_delete_on_close(fsp, 0);
2647 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2649 file_free(req, fsp);
2653 if (NT_STATUS_IS_OK(status)) {
2654 /* Note that here we set the *inital* delete on close flag,
2655 not the regular one. The magic gets handled in close. */
2656 fsp->initial_delete_on_close = True;
2667 return NT_STATUS_OK;
2670 NTSTATUS create_directory(connection_struct *conn, struct smb_request *req,
2671 struct smb_filename *smb_dname)
2676 status = SMB_VFS_CREATE_FILE(
2679 0, /* root_dir_fid */
2680 smb_dname, /* fname */
2681 FILE_READ_ATTRIBUTES, /* access_mask */
2682 FILE_SHARE_NONE, /* share_access */
2683 FILE_CREATE, /* create_disposition*/
2684 FILE_DIRECTORY_FILE, /* create_options */
2685 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
2686 0, /* oplock_request */
2687 0, /* allocation_size */
2688 0, /* private_flags */
2694 if (NT_STATUS_IS_OK(status)) {
2695 close_file(req, fsp, NORMAL_CLOSE);
2701 /****************************************************************************
2702 Receive notification that one of our open files has been renamed by another
2704 ****************************************************************************/
2706 void msg_file_was_renamed(struct messaging_context *msg,
2709 struct server_id server_id,
2712 struct smbd_server_connection *sconn;
2714 char *frm = (char *)data->data;
2716 const char *sharepath;
2717 const char *base_name;
2718 const char *stream_name;
2719 struct smb_filename *smb_fname = NULL;
2720 size_t sp_len, bn_len;
2723 sconn = msg_ctx_to_sconn(msg);
2724 if (sconn == NULL) {
2725 DEBUG(1, ("could not find sconn\n"));
2729 if (data->data == NULL
2730 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2731 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2732 (int)data->length));
2736 /* Unpack the message. */
2737 pull_file_id_24(frm, &id);
2738 sharepath = &frm[24];
2739 sp_len = strlen(sharepath);
2740 base_name = sharepath + sp_len + 1;
2741 bn_len = strlen(base_name);
2742 stream_name = sharepath + sp_len + 1 + bn_len + 1;
2744 /* stream_name must always be NULL if there is no stream. */
2745 if (stream_name[0] == '\0') {
2749 status = create_synthetic_smb_fname(talloc_tos(), base_name,
2750 stream_name, NULL, &smb_fname);
2751 if (!NT_STATUS_IS_OK(status)) {
2755 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2757 sharepath, smb_fname_str_dbg(smb_fname),
2758 file_id_string_tos(&id)));
2760 for(fsp = file_find_di_first(sconn, id); fsp;
2761 fsp = file_find_di_next(fsp)) {
2762 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2764 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2765 fsp->fnum, fsp_str_dbg(fsp),
2766 smb_fname_str_dbg(smb_fname)));
2767 status = fsp_set_smb_fname(fsp, smb_fname);
2768 if (!NT_STATUS_IS_OK(status)) {
2773 /* Now we have the complete path we can work out if this is
2774 actually within this share and adjust newname accordingly. */
2775 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2776 "not sharepath %s) "
2777 "fnum %d from %s -> %s\n",
2778 fsp->conn->connectpath,
2782 smb_fname_str_dbg(smb_fname)));
2786 TALLOC_FREE(smb_fname);
2791 * If a main file is opened for delete, all streams need to be checked for
2792 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2793 * If that works, delete them all by setting the delete on close and close.
2796 NTSTATUS open_streams_for_delete(connection_struct *conn,
2799 struct stream_struct *stream_info;
2800 files_struct **streams;
2802 unsigned int num_streams;
2803 TALLOC_CTX *frame = talloc_stackframe();
2806 status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2807 &num_streams, &stream_info);
2809 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2810 || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2811 DEBUG(10, ("no streams around\n"));
2813 return NT_STATUS_OK;
2816 if (!NT_STATUS_IS_OK(status)) {
2817 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2818 nt_errstr(status)));
2822 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2825 if (num_streams == 0) {
2827 return NT_STATUS_OK;
2830 streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2831 if (streams == NULL) {
2832 DEBUG(0, ("talloc failed\n"));
2833 status = NT_STATUS_NO_MEMORY;
2837 for (i=0; i<num_streams; i++) {
2838 struct smb_filename *smb_fname = NULL;
2840 if (strequal(stream_info[i].name, "::$DATA")) {
2845 status = create_synthetic_smb_fname(talloc_tos(), fname,
2846 stream_info[i].name,
2848 if (!NT_STATUS_IS_OK(status)) {
2852 if (SMB_VFS_STAT(conn, smb_fname) == -1) {
2853 DEBUG(10, ("Unable to stat stream: %s\n",
2854 smb_fname_str_dbg(smb_fname)));
2857 status = SMB_VFS_CREATE_FILE(
2860 0, /* root_dir_fid */
2861 smb_fname, /* fname */
2862 DELETE_ACCESS, /* access_mask */
2863 (FILE_SHARE_READ | /* share_access */
2864 FILE_SHARE_WRITE | FILE_SHARE_DELETE),
2865 FILE_OPEN, /* create_disposition*/
2866 0, /* create_options */
2867 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2868 0, /* oplock_request */
2869 0, /* allocation_size */
2870 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* private_flags */
2873 &streams[i], /* result */
2876 if (!NT_STATUS_IS_OK(status)) {
2877 DEBUG(10, ("Could not open stream %s: %s\n",
2878 smb_fname_str_dbg(smb_fname),
2879 nt_errstr(status)));
2881 TALLOC_FREE(smb_fname);
2884 TALLOC_FREE(smb_fname);
2888 * don't touch the variable "status" beyond this point :-)
2891 for (i -= 1 ; i >= 0; i--) {
2892 if (streams[i] == NULL) {
2896 DEBUG(10, ("Closing stream # %d, %s\n", i,
2897 fsp_str_dbg(streams[i])));
2898 close_file(NULL, streams[i], NORMAL_CLOSE);
2907 * Wrapper around open_file_ntcreate and open_directory
2910 static NTSTATUS create_file_unixpath(connection_struct *conn,
2911 struct smb_request *req,
2912 struct smb_filename *smb_fname,
2913 uint32_t access_mask,
2914 uint32_t share_access,
2915 uint32_t create_disposition,
2916 uint32_t create_options,
2917 uint32_t file_attributes,
2918 uint32_t oplock_request,
2919 uint64_t allocation_size,
2920 uint32_t private_flags,
2921 struct security_descriptor *sd,
2922 struct ea_list *ea_list,
2924 files_struct **result,
2927 int info = FILE_WAS_OPENED;
2928 files_struct *base_fsp = NULL;
2929 files_struct *fsp = NULL;
2932 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2933 "file_attributes = 0x%x, share_access = 0x%x, "
2934 "create_disposition = 0x%x create_options = 0x%x "
2935 "oplock_request = 0x%x private_flags = 0x%x "
2936 "ea_list = 0x%p, sd = 0x%p, "
2938 (unsigned int)access_mask,
2939 (unsigned int)file_attributes,
2940 (unsigned int)share_access,
2941 (unsigned int)create_disposition,
2942 (unsigned int)create_options,
2943 (unsigned int)oplock_request,
2944 (unsigned int)private_flags,
2945 ea_list, sd, smb_fname_str_dbg(smb_fname)));
2947 if (create_options & FILE_OPEN_BY_FILE_ID) {
2948 status = NT_STATUS_NOT_SUPPORTED;
2952 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
2953 status = NT_STATUS_INVALID_PARAMETER;
2958 oplock_request |= INTERNAL_OPEN_ONLY;
2961 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2962 && (access_mask & DELETE_ACCESS)
2963 && !is_ntfs_stream_smb_fname(smb_fname)) {
2965 * We can't open a file with DELETE access if any of the
2966 * streams is open without FILE_SHARE_DELETE
2968 status = open_streams_for_delete(conn, smb_fname->base_name);
2970 if (!NT_STATUS_IS_OK(status)) {
2975 /* This is the correct thing to do (check every time) but can_delete
2976 * is expensive (it may have to read the parent directory
2977 * permissions). So for now we're not doing it unless we have a strong
2978 * hint the client is really going to delete this file. If the client
2979 * is forcing FILE_CREATE let the filesystem take care of the
2982 /* Setting FILE_SHARE_DELETE is the hint. */
2984 if (lp_acl_check_permissions(SNUM(conn))
2985 && (create_disposition != FILE_CREATE)
2986 && (share_access & FILE_SHARE_DELETE)
2987 && (access_mask & DELETE_ACCESS)
2988 && (!(can_delete_file_in_directory(conn, smb_fname) ||
2989 can_access_file_acl(conn, smb_fname, DELETE_ACCESS)))) {
2990 status = NT_STATUS_ACCESS_DENIED;
2991 DEBUG(10,("create_file_unixpath: open file %s "
2992 "for delete ACCESS_DENIED\n",
2993 smb_fname_str_dbg(smb_fname)));
2997 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
2998 !security_token_has_privilege(get_current_nttok(conn),
2999 SEC_PRIV_SECURITY)) {
3000 DEBUG(10, ("create_file_unixpath: open on %s "
3001 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
3002 smb_fname_str_dbg(smb_fname)));
3003 status = NT_STATUS_PRIVILEGE_NOT_HELD;
3007 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
3008 && is_ntfs_stream_smb_fname(smb_fname)
3009 && (!(private_flags & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
3010 uint32 base_create_disposition;
3011 struct smb_filename *smb_fname_base = NULL;
3013 if (create_options & FILE_DIRECTORY_FILE) {
3014 status = NT_STATUS_NOT_A_DIRECTORY;
3018 switch (create_disposition) {
3020 base_create_disposition = FILE_OPEN;
3023 base_create_disposition = FILE_OPEN_IF;
3027 /* Create an smb_filename with stream_name == NULL. */
3028 status = create_synthetic_smb_fname(talloc_tos(),
3029 smb_fname->base_name,
3032 if (!NT_STATUS_IS_OK(status)) {
3036 if (SMB_VFS_STAT(conn, smb_fname_base) == -1) {
3037 DEBUG(10, ("Unable to stat stream: %s\n",
3038 smb_fname_str_dbg(smb_fname_base)));
3041 /* Open the base file. */
3042 status = create_file_unixpath(conn, NULL, smb_fname_base, 0,
3045 | FILE_SHARE_DELETE,
3046 base_create_disposition,
3047 0, 0, 0, 0, 0, NULL, NULL,
3049 TALLOC_FREE(smb_fname_base);
3051 if (!NT_STATUS_IS_OK(status)) {
3052 DEBUG(10, ("create_file_unixpath for base %s failed: "
3053 "%s\n", smb_fname->base_name,
3054 nt_errstr(status)));
3057 /* we don't need to low level fd */
3062 * If it's a request for a directory open, deal with it separately.
3065 if (create_options & FILE_DIRECTORY_FILE) {
3067 if (create_options & FILE_NON_DIRECTORY_FILE) {
3068 status = NT_STATUS_INVALID_PARAMETER;
3072 /* Can't open a temp directory. IFS kit test. */
3073 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
3074 (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) {
3075 status = NT_STATUS_INVALID_PARAMETER;
3080 * We will get a create directory here if the Win32
3081 * app specified a security descriptor in the
3082 * CreateDirectory() call.
3086 status = open_directory(
3087 conn, req, smb_fname, access_mask, share_access,
3088 create_disposition, create_options, file_attributes,
3093 * Ordinary file case.
3096 status = file_new(req, conn, &fsp);
3097 if(!NT_STATUS_IS_OK(status)) {
3101 status = fsp_set_smb_fname(fsp, smb_fname);
3102 if (!NT_STATUS_IS_OK(status)) {
3107 * We're opening the stream element of a base_fsp
3108 * we already opened. Set up the base_fsp pointer.
3111 fsp->base_fsp = base_fsp;
3114 status = open_file_ntcreate(conn,
3126 if(!NT_STATUS_IS_OK(status)) {
3127 file_free(req, fsp);
3131 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3133 /* A stream open never opens a directory */
3136 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3141 * Fail the open if it was explicitly a non-directory
3145 if (create_options & FILE_NON_DIRECTORY_FILE) {
3146 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3151 status = open_directory(
3152 conn, req, smb_fname, access_mask,
3153 share_access, create_disposition,
3154 create_options, file_attributes,
3159 if (!NT_STATUS_IS_OK(status)) {
3163 fsp->base_fsp = base_fsp;
3166 * According to the MS documentation, the only time the security
3167 * descriptor is applied to the opened file is iff we *created* the
3168 * file; an existing file stays the same.
3170 * Also, it seems (from observation) that you can open the file with
3171 * any access mask but you can still write the sd. We need to override
3172 * the granted access before we call set_sd
3173 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3176 if ((sd != NULL) && (info == FILE_WAS_CREATED)
3177 && lp_nt_acl_support(SNUM(conn))) {
3179 uint32_t sec_info_sent;
3180 uint32_t saved_access_mask = fsp->access_mask;
3182 sec_info_sent = get_sec_info(sd);
3184 fsp->access_mask = FILE_GENERIC_ALL;
3186 /* Convert all the generic bits. */
3187 security_acl_map_generic(sd->dacl, &file_generic_mapping);
3188 security_acl_map_generic(sd->sacl, &file_generic_mapping);
3190 if (sec_info_sent & (SECINFO_OWNER|
3194 status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3197 fsp->access_mask = saved_access_mask;
3199 if (!NT_STATUS_IS_OK(status)) {
3204 if ((ea_list != NULL) &&
3205 ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN))) {
3206 status = set_ea(conn, fsp, fsp->fsp_name, ea_list);
3207 if (!NT_STATUS_IS_OK(status)) {
3212 if (!fsp->is_directory && S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
3213 status = NT_STATUS_ACCESS_DENIED;
3217 /* Save the requested allocation size. */
3218 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3220 && (allocation_size > fsp->fsp_name->st.st_ex_size)) {
3221 fsp->initial_allocation_size = smb_roundup(
3222 fsp->conn, allocation_size);
3223 if (fsp->is_directory) {
3224 /* Can't set allocation size on a directory. */
3225 status = NT_STATUS_ACCESS_DENIED;
3228 if (vfs_allocate_file_space(
3229 fsp, fsp->initial_allocation_size) == -1) {
3230 status = NT_STATUS_DISK_FULL;
3234 fsp->initial_allocation_size = smb_roundup(
3235 fsp->conn, (uint64_t)fsp->fsp_name->st.st_ex_size);
3239 DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3242 if (pinfo != NULL) {
3246 smb_fname->st = fsp->fsp_name->st;
3248 return NT_STATUS_OK;
3251 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3254 if (base_fsp && fsp->base_fsp == base_fsp) {
3256 * The close_file below will close
3261 close_file(req, fsp, ERROR_CLOSE);
3264 if (base_fsp != NULL) {
3265 close_file(req, base_fsp, ERROR_CLOSE);
3272 * Calculate the full path name given a relative fid.
3274 NTSTATUS get_relative_fid_filename(connection_struct *conn,
3275 struct smb_request *req,
3276 uint16_t root_dir_fid,
3277 struct smb_filename *smb_fname)
3279 files_struct *dir_fsp;
3280 char *parent_fname = NULL;
3281 char *new_base_name = NULL;
3284 if (root_dir_fid == 0 || !smb_fname) {
3285 status = NT_STATUS_INTERNAL_ERROR;
3289 dir_fsp = file_fsp(req, root_dir_fid);
3291 if (dir_fsp == NULL) {
3292 status = NT_STATUS_INVALID_HANDLE;
3296 if (is_ntfs_stream_smb_fname(dir_fsp->fsp_name)) {
3297 status = NT_STATUS_INVALID_HANDLE;
3301 if (!dir_fsp->is_directory) {
3304 * Check to see if this is a mac fork of some kind.
3307 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3308 is_ntfs_stream_smb_fname(smb_fname)) {
3309 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3314 we need to handle the case when we get a
3315 relative open relative to a file and the
3316 pathname is blank - this is a reopen!
3317 (hint from demyn plantenberg)
3320 status = NT_STATUS_INVALID_HANDLE;
3324 if (ISDOT(dir_fsp->fsp_name->base_name)) {
3326 * We're at the toplevel dir, the final file name
3327 * must not contain ./, as this is filtered out
3328 * normally by srvstr_get_path and unix_convert
3329 * explicitly rejects paths containing ./.
3331 parent_fname = talloc_strdup(talloc_tos(), "");
3332 if (parent_fname == NULL) {
3333 status = NT_STATUS_NO_MEMORY;
3337 size_t dir_name_len = strlen(dir_fsp->fsp_name->base_name);
3340 * Copy in the base directory name.
3343 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3345 if (parent_fname == NULL) {
3346 status = NT_STATUS_NO_MEMORY;
3349 memcpy(parent_fname, dir_fsp->fsp_name->base_name,
3353 * Ensure it ends in a '/'.
3354 * We used TALLOC_SIZE +2 to add space for the '/'.
3358 && (parent_fname[dir_name_len-1] != '\\')
3359 && (parent_fname[dir_name_len-1] != '/')) {
3360 parent_fname[dir_name_len] = '/';
3361 parent_fname[dir_name_len+1] = '\0';
3365 new_base_name = talloc_asprintf(smb_fname, "%s%s", parent_fname,
3366 smb_fname->base_name);
3367 if (new_base_name == NULL) {
3368 status = NT_STATUS_NO_MEMORY;
3372 TALLOC_FREE(smb_fname->base_name);
3373 smb_fname->base_name = new_base_name;
3374 status = NT_STATUS_OK;
3377 TALLOC_FREE(parent_fname);
3381 NTSTATUS create_file_default(connection_struct *conn,
3382 struct smb_request *req,
3383 uint16_t root_dir_fid,
3384 struct smb_filename *smb_fname,
3385 uint32_t access_mask,
3386 uint32_t share_access,
3387 uint32_t create_disposition,
3388 uint32_t create_options,
3389 uint32_t file_attributes,
3390 uint32_t oplock_request,
3391 uint64_t allocation_size,
3392 uint32_t private_flags,
3393 struct security_descriptor *sd,
3394 struct ea_list *ea_list,
3395 files_struct **result,
3398 int info = FILE_WAS_OPENED;
3399 files_struct *fsp = NULL;
3401 bool stream_name = false;
3403 DEBUG(10,("create_file: access_mask = 0x%x "
3404 "file_attributes = 0x%x, share_access = 0x%x, "
3405 "create_disposition = 0x%x create_options = 0x%x "
3406 "oplock_request = 0x%x "
3407 "private_flags = 0x%x "
3408 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3410 (unsigned int)access_mask,
3411 (unsigned int)file_attributes,
3412 (unsigned int)share_access,
3413 (unsigned int)create_disposition,
3414 (unsigned int)create_options,
3415 (unsigned int)oplock_request,
3416 (unsigned int)private_flags,
3417 (unsigned int)root_dir_fid,
3418 ea_list, sd, smb_fname_str_dbg(smb_fname)));
3421 * Calculate the filename from the root_dir_if if necessary.
3424 if (root_dir_fid != 0) {
3425 status = get_relative_fid_filename(conn, req, root_dir_fid,
3427 if (!NT_STATUS_IS_OK(status)) {
3433 * Check to see if this is a mac fork of some kind.
3436 stream_name = is_ntfs_stream_smb_fname(smb_fname);
3438 enum FAKE_FILE_TYPE fake_file_type;
3440 fake_file_type = is_fake_file(smb_fname);
3442 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3445 * Here we go! support for changing the disk quotas
3448 * We need to fake up to open this MAGIC QUOTA file
3449 * and return a valid FID.
3451 * w2k close this file directly after openening xp
3452 * also tries a QUERY_FILE_INFO on the file and then
3455 status = open_fake_file(req, conn, req->vuid,
3456 fake_file_type, smb_fname,
3458 if (!NT_STATUS_IS_OK(status)) {
3462 ZERO_STRUCT(smb_fname->st);
3466 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3467 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
3472 /* All file access must go through check_name() */
3474 status = check_name(conn, smb_fname->base_name);
3475 if (!NT_STATUS_IS_OK(status)) {
3479 if (stream_name && is_ntfs_default_stream_smb_fname(smb_fname)) {
3481 smb_fname->stream_name = NULL;
3482 /* We have to handle this error here. */
3483 if (create_options & FILE_DIRECTORY_FILE) {
3484 status = NT_STATUS_NOT_A_DIRECTORY;
3487 if (lp_posix_pathnames()) {
3488 ret = SMB_VFS_LSTAT(conn, smb_fname);
3490 ret = SMB_VFS_STAT(conn, smb_fname);
3493 if (ret == 0 && VALID_STAT_OF_DIR(smb_fname->st)) {
3494 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3499 status = create_file_unixpath(
3500 conn, req, smb_fname, access_mask, share_access,
3501 create_disposition, create_options, file_attributes,
3502 oplock_request, allocation_size, private_flags,
3506 if (!NT_STATUS_IS_OK(status)) {
3511 DEBUG(10, ("create_file: info=%d\n", info));
3514 if (pinfo != NULL) {
3517 return NT_STATUS_OK;
3520 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3523 close_file(req, fsp, ERROR_CLOSE);