2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "smbd/globals.h"
25 #include "fake_file.h"
26 #include "librpc/gen_ndr/messaging.h"
27 #include "../libcli/security/security.h"
28 #include "../librpc/gen_ndr/ndr_security.h"
30 extern const struct generic_mapping file_generic_mapping;
32 struct deferred_open_record {
33 bool delayed_for_oplocks;
37 /****************************************************************************
38 SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
39 ****************************************************************************/
41 NTSTATUS smb1_file_se_access_check(struct connection_struct *conn,
42 const struct security_descriptor *sd,
43 const struct security_token *token,
44 uint32_t access_desired,
45 uint32_t *access_granted)
49 if (get_current_uid(conn) == (uid_t)0) {
50 /* I'm sorry sir, I didn't know you were root... */
51 *access_granted = access_desired;
52 if (access_desired & SEC_FLAG_MAXIMUM_ALLOWED) {
53 *access_granted |= FILE_GENERIC_ALL;
58 return se_access_check(sd,
60 (access_desired & ~FILE_READ_ATTRIBUTES),
64 /****************************************************************************
65 Check if we have open rights.
66 ****************************************************************************/
68 NTSTATUS smbd_check_open_rights(struct connection_struct *conn,
69 const struct smb_filename *smb_fname,
71 uint32_t *access_granted)
73 /* Check if we have rights to open. */
75 struct security_descriptor *sd = NULL;
77 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
82 if (!NT_STATUS_IS_OK(status)) {
83 DEBUG(10, ("smbd_check_open_rights: Could not get acl "
85 smb_fname_str_dbg(smb_fname),
90 status = smb1_file_se_access_check(conn,
92 get_current_nttok(conn),
96 DEBUG(10,("smbd_check_open_rights: file %s requesting "
97 "0x%x returning 0x%x (%s)\n",
98 smb_fname_str_dbg(smb_fname),
99 (unsigned int)access_mask,
100 (unsigned int)*access_granted,
101 nt_errstr(status) ));
103 if (!NT_STATUS_IS_OK(status)) {
104 if (DEBUGLEVEL >= 10) {
105 DEBUG(10,("smbd_check_open_rights: acl for %s is:\n",
106 smb_fname_str_dbg(smb_fname) ));
107 NDR_PRINT_DEBUG(security_descriptor, sd);
116 /****************************************************************************
117 fd support routines - attempt to do a dos_open.
118 ****************************************************************************/
120 static NTSTATUS fd_open(struct connection_struct *conn,
125 struct smb_filename *smb_fname = fsp->fsp_name;
126 NTSTATUS status = NT_STATUS_OK;
130 * Never follow symlinks on a POSIX client. The
131 * client should be doing this.
134 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
139 fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
140 if (fsp->fh->fd == -1) {
141 status = map_nt_error_from_unix(errno);
142 if (errno == EMFILE) {
143 static time_t last_warned = 0L;
145 if (time((time_t *) NULL) > last_warned) {
146 DEBUG(0,("Too many open files, unable "
147 "to open more! smbd's max "
149 lp_max_open_files()));
150 last_warned = time((time_t *) NULL);
156 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
157 smb_fname_str_dbg(smb_fname), flags, (int)mode, fsp->fh->fd,
158 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
163 /****************************************************************************
164 Close the file associated with a fsp.
165 ****************************************************************************/
167 NTSTATUS fd_close(files_struct *fsp)
171 if (fsp->fh->fd == -1) {
172 return NT_STATUS_OK; /* What we used to call a stat open. */
174 if (fsp->fh->ref_count > 1) {
175 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
178 ret = SMB_VFS_CLOSE(fsp);
181 return map_nt_error_from_unix(errno);
186 /****************************************************************************
187 Change the ownership of a file to that of the parent directory.
188 Do this by fd if possible.
189 ****************************************************************************/
191 void change_file_owner_to_parent(connection_struct *conn,
192 const char *inherit_from_dir,
195 struct smb_filename *smb_fname_parent = NULL;
199 status = create_synthetic_smb_fname(talloc_tos(), inherit_from_dir,
200 NULL, NULL, &smb_fname_parent);
201 if (!NT_STATUS_IS_OK(status)) {
205 ret = SMB_VFS_STAT(conn, smb_fname_parent);
207 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
208 "directory %s. Error was %s\n",
209 smb_fname_str_dbg(smb_fname_parent),
215 ret = SMB_VFS_FCHOWN(fsp, smb_fname_parent->st.st_ex_uid, (gid_t)-1);
218 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
219 "file %s to parent directory uid %u. Error "
220 "was %s\n", fsp_str_dbg(fsp),
221 (unsigned int)smb_fname_parent->st.st_ex_uid,
225 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
226 "parent directory uid %u.\n", fsp_str_dbg(fsp),
227 (unsigned int)smb_fname_parent->st.st_ex_uid));
229 TALLOC_FREE(smb_fname_parent);
232 NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
233 const char *inherit_from_dir,
235 SMB_STRUCT_STAT *psbuf)
237 struct smb_filename *smb_fname_parent = NULL;
238 struct smb_filename *smb_fname_cwd = NULL;
239 char *saved_dir = NULL;
240 TALLOC_CTX *ctx = talloc_tos();
241 NTSTATUS status = NT_STATUS_OK;
244 status = create_synthetic_smb_fname(ctx, inherit_from_dir, NULL, NULL,
246 if (!NT_STATUS_IS_OK(status)) {
250 ret = SMB_VFS_STAT(conn, smb_fname_parent);
252 status = map_nt_error_from_unix(errno);
253 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
254 "directory %s. Error was %s\n",
255 smb_fname_str_dbg(smb_fname_parent),
260 /* We've already done an lstat into psbuf, and we know it's a
261 directory. If we can cd into the directory and the dev/ino
262 are the same then we can safely chown without races as
263 we're locking the directory in place by being in it. This
264 should work on any UNIX (thanks tridge :-). JRA.
267 saved_dir = vfs_GetWd(ctx,conn);
269 status = map_nt_error_from_unix(errno);
270 DEBUG(0,("change_dir_owner_to_parent: failed to get "
271 "current working directory. Error was %s\n",
276 /* Chdir into the new path. */
277 if (vfs_ChDir(conn, fname) == -1) {
278 status = map_nt_error_from_unix(errno);
279 DEBUG(0,("change_dir_owner_to_parent: failed to change "
280 "current working directory to %s. Error "
281 "was %s\n", fname, strerror(errno) ));
285 status = create_synthetic_smb_fname(ctx, ".", NULL, NULL,
287 if (!NT_STATUS_IS_OK(status)) {
291 ret = SMB_VFS_STAT(conn, smb_fname_cwd);
293 status = map_nt_error_from_unix(errno);
294 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
295 "directory '.' (%s) Error was %s\n",
296 fname, strerror(errno)));
300 /* Ensure we're pointing at the same place. */
301 if (smb_fname_cwd->st.st_ex_dev != psbuf->st_ex_dev ||
302 smb_fname_cwd->st.st_ex_ino != psbuf->st_ex_ino ||
303 smb_fname_cwd->st.st_ex_mode != psbuf->st_ex_mode ) {
304 DEBUG(0,("change_dir_owner_to_parent: "
305 "device/inode/mode on directory %s changed. "
306 "Refusing to chown !\n", fname ));
307 status = NT_STATUS_ACCESS_DENIED;
312 ret = SMB_VFS_CHOWN(conn, ".", smb_fname_parent->st.st_ex_uid,
316 status = map_nt_error_from_unix(errno);
317 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
318 "directory %s to parent directory uid %u. "
319 "Error was %s\n", fname,
320 (unsigned int)smb_fname_parent->st.st_ex_uid,
325 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
326 "directory %s to parent directory uid %u.\n",
327 fname, (unsigned int)smb_fname_parent->st.st_ex_uid ));
330 vfs_ChDir(conn,saved_dir);
332 TALLOC_FREE(smb_fname_parent);
333 TALLOC_FREE(smb_fname_cwd);
337 /****************************************************************************
339 ****************************************************************************/
341 static NTSTATUS open_file(files_struct *fsp,
342 connection_struct *conn,
343 struct smb_request *req,
344 const char *parent_dir,
347 uint32 access_mask, /* client requested access mask. */
348 uint32 open_access_mask) /* what we're actually using in the open. */
350 struct smb_filename *smb_fname = fsp->fsp_name;
351 NTSTATUS status = NT_STATUS_OK;
352 int accmode = (flags & O_ACCMODE);
353 int local_flags = flags;
354 bool file_existed = VALID_STAT(fsp->fsp_name->st);
359 /* Check permissions */
362 * This code was changed after seeing a client open request
363 * containing the open mode of (DENY_WRITE/read-only) with
364 * the 'create if not exist' bit set. The previous code
365 * would fail to open the file read only on a read-only share
366 * as it was checking the flags parameter directly against O_RDONLY,
367 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
371 if (!CAN_WRITE(conn)) {
372 /* It's a read-only share - fail if we wanted to write. */
373 if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
374 DEBUG(3,("Permission denied opening %s\n",
375 smb_fname_str_dbg(smb_fname)));
376 return NT_STATUS_ACCESS_DENIED;
377 } else if(flags & O_CREAT) {
378 /* We don't want to write - but we must make sure that
379 O_CREAT doesn't create the file if we have write
380 access into the directory.
382 flags &= ~(O_CREAT|O_EXCL);
383 local_flags &= ~(O_CREAT|O_EXCL);
388 * This little piece of insanity is inspired by the
389 * fact that an NT client can open a file for O_RDONLY,
390 * but set the create disposition to FILE_EXISTS_TRUNCATE.
391 * If the client *can* write to the file, then it expects to
392 * truncate the file, even though it is opening for readonly.
393 * Quicken uses this stupid trick in backup file creation...
394 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
395 * for helping track this one down. It didn't bite us in 2.0.x
396 * as we always opened files read-write in that release. JRA.
399 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
400 DEBUG(10,("open_file: truncate requested on read-only open "
401 "for file %s\n", smb_fname_str_dbg(smb_fname)));
402 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
405 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
406 (!file_existed && (local_flags & O_CREAT)) ||
407 ((local_flags & O_TRUNC) == O_TRUNC) ) {
411 * We can't actually truncate here as the file may be locked.
412 * open_file_ntcreate will take care of the truncate later. JRA.
415 local_flags &= ~O_TRUNC;
417 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
419 * We would block on opening a FIFO with no one else on the
420 * other end. Do what we used to do and add O_NONBLOCK to the
424 if (file_existed && S_ISFIFO(smb_fname->st.st_ex_mode)) {
425 local_flags |= O_NONBLOCK;
429 /* Don't create files with Microsoft wildcard characters. */
432 * wildcard characters are allowed in stream names
433 * only test the basefilename
435 wild = fsp->base_fsp->fsp_name->base_name;
437 wild = smb_fname->base_name;
439 if ((local_flags & O_CREAT) && !file_existed &&
441 return NT_STATUS_OBJECT_NAME_INVALID;
444 /* Actually do the open */
445 status = fd_open(conn, fsp, local_flags, unx_mode);
446 if (!NT_STATUS_IS_OK(status)) {
447 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
448 "(flags=%d)\n", smb_fname_str_dbg(smb_fname),
449 nt_errstr(status),local_flags,flags));
453 if ((local_flags & O_CREAT) && !file_existed) {
455 /* Inherit the ACL if required */
456 if (lp_inherit_perms(SNUM(conn))) {
457 inherit_access_posix_acl(conn, parent_dir,
458 smb_fname->base_name,
462 /* Change the owner if required. */
463 if (lp_inherit_owner(SNUM(conn))) {
464 change_file_owner_to_parent(conn, parent_dir,
468 notify_fname(conn, NOTIFY_ACTION_ADDED,
469 FILE_NOTIFY_CHANGE_FILE_NAME,
470 smb_fname->base_name);
474 fsp->fh->fd = -1; /* What we used to call a stat open. */
476 uint32_t access_granted = 0;
478 status = smbd_check_open_rights(conn,
482 if (!NT_STATUS_IS_OK(status)) {
483 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
485 * On NT_STATUS_ACCESS_DENIED, access_granted
486 * contains the denied bits.
489 if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
490 (access_granted & FILE_WRITE_ATTRIBUTES) &&
491 (lp_map_readonly(SNUM(conn)) ||
492 lp_map_archive(SNUM(conn)) ||
493 lp_map_hidden(SNUM(conn)) ||
494 lp_map_system(SNUM(conn)))) {
495 access_granted &= ~FILE_WRITE_ATTRIBUTES;
497 DEBUG(10,("open_file: "
506 if ((access_mask & DELETE_ACCESS) &&
507 (access_granted & DELETE_ACCESS) &&
508 can_delete_file_in_directory(conn,
510 /* Were we trying to do a stat open
511 * for delete and didn't get DELETE
512 * access (only) ? Check if the
513 * directory allows DELETE_CHILD.
515 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
518 access_granted &= ~DELETE_ACCESS;
520 DEBUG(10,("open_file: "
528 if (access_granted != 0) {
529 DEBUG(10,("open_file: Access "
536 } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
538 S_ISLNK(smb_fname->st.st_ex_mode)) {
539 /* This is a POSIX stat open for delete
540 * or rename on a symlink that points
542 DEBUG(10,("open_file: allowing POSIX "
543 "open on bad symlink %s\n",
547 DEBUG(10,("open_file: "
548 "smbd_check_open_rights on file "
550 smb_fname_str_dbg(smb_fname),
551 nt_errstr(status) ));
561 if (fsp->fh->fd == -1) {
562 ret = SMB_VFS_STAT(conn, smb_fname);
564 ret = SMB_VFS_FSTAT(fsp, &smb_fname->st);
565 /* If we have an fd, this stat should succeed. */
567 DEBUG(0,("Error doing fstat on open file %s "
569 smb_fname_str_dbg(smb_fname),
574 /* For a non-io open, this stat failing means file not found. JRA */
576 status = map_nt_error_from_unix(errno);
583 * POSIX allows read-only opens of directories. We don't
584 * want to do this (we use a different code path for this)
585 * so catch a directory open and return an EISDIR. JRA.
588 if(S_ISDIR(smb_fname->st.st_ex_mode)) {
591 return NT_STATUS_FILE_IS_A_DIRECTORY;
594 fsp->mode = smb_fname->st.st_ex_mode;
595 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
596 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
597 fsp->file_pid = req ? req->smbpid : 0;
598 fsp->can_lock = True;
599 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
600 if (!CAN_WRITE(conn)) {
601 fsp->can_write = False;
603 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
606 fsp->print_file = NULL;
607 fsp->modified = False;
608 fsp->sent_oplock_break = NO_BREAK_SENT;
609 fsp->is_directory = False;
610 if (conn->aio_write_behind_list &&
611 is_in_path(smb_fname->base_name, conn->aio_write_behind_list,
612 conn->case_sensitive)) {
613 fsp->aio_write_behind = True;
616 fsp->wcp = NULL; /* Write cache pointer. */
618 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
619 conn->server_info->unix_name,
620 smb_fname_str_dbg(smb_fname),
621 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
622 conn->num_files_open));
628 /*******************************************************************
629 Return True if the filename is one of the special executable types.
630 ********************************************************************/
632 bool is_executable(const char *fname)
634 if ((fname = strrchr_m(fname,'.'))) {
635 if (strequal(fname,".com") ||
636 strequal(fname,".dll") ||
637 strequal(fname,".exe") ||
638 strequal(fname,".sym")) {
645 /****************************************************************************
646 Check if we can open a file with a share mode.
647 Returns True if conflict, False if not.
648 ****************************************************************************/
650 static bool share_conflict(struct share_mode_entry *entry,
654 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
655 "entry->share_access = 0x%x, "
656 "entry->private_options = 0x%x\n",
657 (unsigned int)entry->access_mask,
658 (unsigned int)entry->share_access,
659 (unsigned int)entry->private_options));
661 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
662 (unsigned int)access_mask, (unsigned int)share_access));
664 if ((entry->access_mask & (FILE_WRITE_DATA|
668 DELETE_ACCESS)) == 0) {
669 DEBUG(10,("share_conflict: No conflict due to "
670 "entry->access_mask = 0x%x\n",
671 (unsigned int)entry->access_mask ));
675 if ((access_mask & (FILE_WRITE_DATA|
679 DELETE_ACCESS)) == 0) {
680 DEBUG(10,("share_conflict: No conflict due to "
681 "access_mask = 0x%x\n",
682 (unsigned int)access_mask ));
686 #if 1 /* JRA TEST - Superdebug. */
687 #define CHECK_MASK(num, am, right, sa, share) \
688 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
689 (unsigned int)(num), (unsigned int)(am), \
690 (unsigned int)(right), (unsigned int)(am)&(right) )); \
691 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
692 (unsigned int)(num), (unsigned int)(sa), \
693 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
694 if (((am) & (right)) && !((sa) & (share))) { \
695 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
696 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
697 (unsigned int)(share) )); \
701 #define CHECK_MASK(num, am, right, sa, share) \
702 if (((am) & (right)) && !((sa) & (share))) { \
703 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
704 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
705 (unsigned int)(share) )); \
710 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
711 share_access, FILE_SHARE_WRITE);
712 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
713 entry->share_access, FILE_SHARE_WRITE);
715 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
716 share_access, FILE_SHARE_READ);
717 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
718 entry->share_access, FILE_SHARE_READ);
720 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
721 share_access, FILE_SHARE_DELETE);
722 CHECK_MASK(6, access_mask, DELETE_ACCESS,
723 entry->share_access, FILE_SHARE_DELETE);
725 DEBUG(10,("share_conflict: No conflict.\n"));
729 #if defined(DEVELOPER)
730 static void validate_my_share_entries(struct smbd_server_connection *sconn,
732 struct share_mode_entry *share_entry)
736 if (!procid_is_me(&share_entry->pid)) {
740 if (is_deferred_open_entry(share_entry) &&
741 !open_was_deferred(share_entry->op_mid)) {
742 char *str = talloc_asprintf(talloc_tos(),
743 "Got a deferred entry without a request: "
745 share_mode_str(talloc_tos(), num, share_entry));
749 if (!is_valid_share_mode_entry(share_entry)) {
753 fsp = file_find_dif(sconn, share_entry->id,
754 share_entry->share_file_id);
756 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
757 share_mode_str(talloc_tos(), num, share_entry) ));
758 smb_panic("validate_my_share_entries: Cannot match a "
759 "share entry with an open file\n");
762 if (is_deferred_open_entry(share_entry) ||
763 is_unused_share_mode_entry(share_entry)) {
767 if ((share_entry->op_type == NO_OPLOCK) &&
768 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
769 /* Someone has already written to it, but I haven't yet
774 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
783 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
784 share_mode_str(talloc_tos(), num, share_entry) ));
785 str = talloc_asprintf(talloc_tos(),
786 "validate_my_share_entries: "
787 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
788 fsp->fsp_name->base_name,
789 (unsigned int)fsp->oplock_type,
790 (unsigned int)share_entry->op_type );
796 bool is_stat_open(uint32 access_mask)
798 return (access_mask &&
799 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
800 FILE_WRITE_ATTRIBUTES))==0) &&
801 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
802 FILE_WRITE_ATTRIBUTES)) != 0));
805 /****************************************************************************
806 Deal with share modes
807 Invarient: Share mode must be locked on entry and exit.
808 Returns -1 on error, or number of share modes on success (may be zero).
809 ****************************************************************************/
811 static NTSTATUS open_mode_check(connection_struct *conn,
812 struct share_mode_lock *lck,
816 uint32 create_options,
821 if(lck->num_share_modes == 0) {
825 *file_existed = True;
827 /* A delete on close prohibits everything */
829 if (is_delete_on_close_set(lck, name_hash)) {
830 return NT_STATUS_DELETE_PENDING;
833 if (is_stat_open(access_mask)) {
834 /* Stat open that doesn't trigger oplock breaks or share mode
835 * checks... ! JRA. */
840 * Check if the share modes will give us access.
843 #if defined(DEVELOPER)
844 for(i = 0; i < lck->num_share_modes; i++) {
845 validate_my_share_entries(conn->sconn, i,
846 &lck->share_modes[i]);
850 if (!lp_share_modes(SNUM(conn))) {
854 /* Now we check the share modes, after any oplock breaks. */
855 for(i = 0; i < lck->num_share_modes; i++) {
857 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
861 /* someone else has a share lock on it, check to see if we can
863 if (share_conflict(&lck->share_modes[i],
864 access_mask, share_access)) {
865 return NT_STATUS_SHARING_VIOLATION;
872 static bool is_delete_request(files_struct *fsp) {
873 return ((fsp->access_mask == DELETE_ACCESS) &&
874 (fsp->oplock_type == NO_OPLOCK));
878 * Send a break message to the oplock holder and delay the open for
882 static NTSTATUS send_break_message(files_struct *fsp,
883 struct share_mode_entry *exclusive,
888 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
890 DEBUG(10, ("Sending break request to PID %s\n",
891 procid_str_static(&exclusive->pid)));
892 exclusive->op_mid = mid;
894 /* Create the message. */
895 share_mode_entry_to_message(msg, exclusive);
897 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
898 don't want this set in the share mode struct pointed to by lck. */
900 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
901 SSVAL(msg,OP_BREAK_MSG_OP_TYPE_OFFSET,
902 exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
905 status = messaging_send_buf(fsp->conn->sconn->msg_ctx, exclusive->pid,
906 MSG_SMB_BREAK_REQUEST,
908 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
909 if (!NT_STATUS_IS_OK(status)) {
910 DEBUG(3, ("Could not send oplock break message: %s\n",
918 * 1) No files open at all or internal open: Grant whatever the client wants.
920 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
921 * request, break if the oplock around is a batch oplock. If it's another
922 * requested access type, break.
924 * 3) Only level2 around: Grant level2 and do nothing else.
927 static bool delay_for_oplocks(struct share_mode_lock *lck,
934 struct share_mode_entry *exclusive = NULL;
935 bool valid_entry = false;
936 bool have_level2 = false;
937 bool have_a_none_oplock = false;
938 bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
939 lp_level2_oplocks(SNUM(fsp->conn));
941 if (oplock_request & INTERNAL_OPEN_ONLY) {
942 fsp->oplock_type = NO_OPLOCK;
945 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
949 for (i=0; i<lck->num_share_modes; i++) {
951 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
955 /* At least one entry is not an invalid or deferred entry. */
958 if (pass_number == 1) {
959 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
960 SMB_ASSERT(exclusive == NULL);
961 exclusive = &lck->share_modes[i];
964 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
965 SMB_ASSERT(exclusive == NULL);
966 exclusive = &lck->share_modes[i];
970 if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
971 SMB_ASSERT(exclusive == NULL);
975 if (lck->share_modes[i].op_type == NO_OPLOCK) {
976 have_a_none_oplock = true;
980 if (exclusive != NULL) { /* Found an exclusive oplock */
981 bool delay_it = is_delete_request(fsp) ?
982 BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
983 SMB_ASSERT(!have_level2);
985 send_break_message(fsp, exclusive, mid, oplock_request);
991 * Match what was requested (fsp->oplock_type) with
992 * what was found in the existing share modes.
996 /* All entries are placeholders or deferred.
997 * Directly grant whatever the client wants. */
998 if (fsp->oplock_type == NO_OPLOCK) {
999 /* Store a level2 oplock, but don't tell the client */
1000 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1002 } else if (have_a_none_oplock) {
1003 fsp->oplock_type = NO_OPLOCK;
1004 } else if (have_level2) {
1005 if (fsp->oplock_type == NO_OPLOCK ||
1006 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
1007 /* Store a level2 oplock, but don't tell the client */
1008 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1010 fsp->oplock_type = LEVEL_II_OPLOCK;
1013 /* This case can never happen. */
1018 * Don't grant level2 to clients that don't want them
1019 * or if we've turned them off.
1021 if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
1022 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1025 DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
1026 fsp->oplock_type, fsp_str_dbg(fsp)));
1032 bool request_timed_out(struct timeval request_time,
1033 struct timeval timeout)
1035 struct timeval now, end_time;
1037 end_time = timeval_sum(&request_time, &timeout);
1038 return (timeval_compare(&end_time, &now) < 0);
1041 /****************************************************************************
1042 Handle the 1 second delay in returning a SHARING_VIOLATION error.
1043 ****************************************************************************/
1045 static void defer_open(struct share_mode_lock *lck,
1046 struct timeval request_time,
1047 struct timeval timeout,
1048 struct smb_request *req,
1049 struct deferred_open_record *state)
1053 /* Paranoia check */
1055 for (i=0; i<lck->num_share_modes; i++) {
1056 struct share_mode_entry *e = &lck->share_modes[i];
1058 if (!is_deferred_open_entry(e)) {
1062 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
1063 DEBUG(0, ("Trying to defer an already deferred "
1064 "request: mid=%llu, exiting\n",
1065 (unsigned long long)req->mid));
1066 exit_server("attempt to defer a deferred request");
1070 /* End paranoia check */
1072 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1073 "open entry for mid %llu\n",
1074 (unsigned int)request_time.tv_sec,
1075 (unsigned int)request_time.tv_usec,
1076 (unsigned long long)req->mid));
1078 if (!push_deferred_open_message_smb(req, request_time, timeout,
1079 state->id, (char *)state, sizeof(*state))) {
1080 exit_server("push_deferred_open_message_smb failed");
1082 add_deferred_open(lck, req->mid, request_time,
1083 sconn_server_id(req->sconn), state->id);
1087 /****************************************************************************
1088 On overwrite open ensure that the attributes match.
1089 ****************************************************************************/
1091 bool open_match_attributes(connection_struct *conn,
1092 uint32 old_dos_attr,
1093 uint32 new_dos_attr,
1094 mode_t existing_unx_mode,
1095 mode_t new_unx_mode,
1096 mode_t *returned_unx_mode)
1098 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1100 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1101 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1103 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1104 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1105 *returned_unx_mode = new_unx_mode;
1107 *returned_unx_mode = (mode_t)0;
1110 DEBUG(10,("open_match_attributes: old_dos_attr = 0x%x, "
1111 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1112 "returned_unx_mode = 0%o\n",
1113 (unsigned int)old_dos_attr,
1114 (unsigned int)existing_unx_mode,
1115 (unsigned int)new_dos_attr,
1116 (unsigned int)*returned_unx_mode ));
1118 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1119 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1120 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1121 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1125 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1126 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1127 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1134 /****************************************************************************
1135 Special FCB or DOS processing in the case of a sharing violation.
1136 Try and find a duplicated file handle.
1137 ****************************************************************************/
1139 NTSTATUS fcb_or_dos_open(struct smb_request *req,
1140 connection_struct *conn,
1141 files_struct *fsp_to_dup_into,
1142 const struct smb_filename *smb_fname,
1147 uint32 share_access,
1148 uint32 create_options)
1152 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1153 "file %s.\n", smb_fname_str_dbg(smb_fname)));
1155 for(fsp = file_find_di_first(conn->sconn, id); fsp;
1156 fsp = file_find_di_next(fsp)) {
1158 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1159 "vuid = %u, file_pid = %u, private_options = 0x%x "
1160 "access_mask = 0x%x\n", fsp_str_dbg(fsp),
1161 fsp->fh->fd, (unsigned int)fsp->vuid,
1162 (unsigned int)fsp->file_pid,
1163 (unsigned int)fsp->fh->private_options,
1164 (unsigned int)fsp->access_mask ));
1166 if (fsp->fh->fd != -1 &&
1167 fsp->vuid == vuid &&
1168 fsp->file_pid == file_pid &&
1169 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1170 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1171 (fsp->access_mask & FILE_WRITE_DATA) &&
1172 strequal(fsp->fsp_name->base_name, smb_fname->base_name) &&
1173 strequal(fsp->fsp_name->stream_name,
1174 smb_fname->stream_name)) {
1175 DEBUG(10,("fcb_or_dos_open: file match\n"));
1181 return NT_STATUS_NOT_FOUND;
1184 /* quite an insane set of semantics ... */
1185 if (is_executable(smb_fname->base_name) &&
1186 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1187 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1188 return NT_STATUS_INVALID_PARAMETER;
1191 /* We need to duplicate this fsp. */
1192 return dup_file_fsp(req, fsp, access_mask, share_access,
1193 create_options, fsp_to_dup_into);
1196 /****************************************************************************
1197 Open a file with a share mode - old openX method - map into NTCreate.
1198 ****************************************************************************/
1200 bool map_open_params_to_ntcreate(const struct smb_filename *smb_fname,
1201 int deny_mode, int open_func,
1202 uint32 *paccess_mask,
1203 uint32 *pshare_mode,
1204 uint32 *pcreate_disposition,
1205 uint32 *pcreate_options,
1206 uint32_t *pprivate_flags)
1210 uint32 create_disposition;
1211 uint32 create_options = FILE_NON_DIRECTORY_FILE;
1212 uint32_t private_flags = 0;
1214 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1215 "open_func = 0x%x\n",
1216 smb_fname_str_dbg(smb_fname), (unsigned int)deny_mode,
1217 (unsigned int)open_func ));
1219 /* Create the NT compatible access_mask. */
1220 switch (GET_OPENX_MODE(deny_mode)) {
1221 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1222 case DOS_OPEN_RDONLY:
1223 access_mask = FILE_GENERIC_READ;
1225 case DOS_OPEN_WRONLY:
1226 access_mask = FILE_GENERIC_WRITE;
1230 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1233 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1234 (unsigned int)GET_OPENX_MODE(deny_mode)));
1238 /* Create the NT compatible create_disposition. */
1239 switch (open_func) {
1240 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1241 create_disposition = FILE_CREATE;
1244 case OPENX_FILE_EXISTS_OPEN:
1245 create_disposition = FILE_OPEN;
1248 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1249 create_disposition = FILE_OPEN_IF;
1252 case OPENX_FILE_EXISTS_TRUNCATE:
1253 create_disposition = FILE_OVERWRITE;
1256 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1257 create_disposition = FILE_OVERWRITE_IF;
1261 /* From samba4 - to be confirmed. */
1262 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1263 create_disposition = FILE_CREATE;
1266 DEBUG(10,("map_open_params_to_ntcreate: bad "
1267 "open_func 0x%x\n", (unsigned int)open_func));
1271 /* Create the NT compatible share modes. */
1272 switch (GET_DENY_MODE(deny_mode)) {
1274 share_mode = FILE_SHARE_NONE;
1278 share_mode = FILE_SHARE_READ;
1282 share_mode = FILE_SHARE_WRITE;
1286 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1290 private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1291 if (is_executable(smb_fname->base_name)) {
1292 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1294 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1295 share_mode = FILE_SHARE_READ;
1297 share_mode = FILE_SHARE_NONE;
1303 private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1304 share_mode = FILE_SHARE_NONE;
1308 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1309 (unsigned int)GET_DENY_MODE(deny_mode) ));
1313 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1314 "share_mode = 0x%x, create_disposition = 0x%x, "
1315 "create_options = 0x%x private_flags = 0x%x\n",
1316 smb_fname_str_dbg(smb_fname),
1317 (unsigned int)access_mask,
1318 (unsigned int)share_mode,
1319 (unsigned int)create_disposition,
1320 (unsigned int)create_options,
1321 (unsigned int)private_flags));
1324 *paccess_mask = access_mask;
1327 *pshare_mode = share_mode;
1329 if (pcreate_disposition) {
1330 *pcreate_disposition = create_disposition;
1332 if (pcreate_options) {
1333 *pcreate_options = create_options;
1335 if (pprivate_flags) {
1336 *pprivate_flags = private_flags;
1343 static void schedule_defer_open(struct share_mode_lock *lck,
1344 struct timeval request_time,
1345 struct smb_request *req)
1347 struct deferred_open_record state;
1349 /* This is a relative time, added to the absolute
1350 request_time value to get the absolute timeout time.
1351 Note that if this is the second or greater time we enter
1352 this codepath for this particular request mid then
1353 request_time is left as the absolute time of the *first*
1354 time this request mid was processed. This is what allows
1355 the request to eventually time out. */
1357 struct timeval timeout;
1359 /* Normally the smbd we asked should respond within
1360 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1361 * the client did, give twice the timeout as a safety
1362 * measure here in case the other smbd is stuck
1363 * somewhere else. */
1365 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1367 /* Nothing actually uses state.delayed_for_oplocks
1368 but it's handy to differentiate in debug messages
1369 between a 30 second delay due to oplock break, and
1370 a 1 second delay for share mode conflicts. */
1372 state.delayed_for_oplocks = True;
1375 if (!request_timed_out(request_time, timeout)) {
1376 defer_open(lck, request_time, timeout, req, &state);
1380 /****************************************************************************
1381 Work out what access_mask to use from what the client sent us.
1382 ****************************************************************************/
1384 static NTSTATUS calculate_access_mask(connection_struct *conn,
1385 const struct smb_filename *smb_fname,
1387 uint32_t access_mask,
1388 uint32_t *access_mask_out)
1393 * Convert GENERIC bits to specific bits.
1396 se_map_generic(&access_mask, &file_generic_mapping);
1398 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1399 if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1402 struct security_descriptor *sd;
1403 uint32_t access_granted = 0;
1405 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
1410 if (!NT_STATUS_IS_OK(status)) {
1411 DEBUG(10, ("calculate_access_mask: Could not get acl "
1413 smb_fname_str_dbg(smb_fname),
1414 nt_errstr(status)));
1415 return NT_STATUS_ACCESS_DENIED;
1418 status = smb1_file_se_access_check(conn,
1420 get_current_nttok(conn),
1426 if (!NT_STATUS_IS_OK(status)) {
1427 DEBUG(10, ("calculate_access_mask: Access denied on "
1428 "file %s: when calculating maximum access\n",
1429 smb_fname_str_dbg(smb_fname)));
1430 return NT_STATUS_ACCESS_DENIED;
1433 access_mask = access_granted;
1435 access_mask = FILE_GENERIC_ALL;
1439 *access_mask_out = access_mask;
1440 return NT_STATUS_OK;
1443 /****************************************************************************
1444 Remove the deferred open entry under lock.
1445 ****************************************************************************/
1447 void remove_deferred_open_entry(struct file_id id, uint64_t mid,
1448 struct server_id pid)
1450 struct share_mode_lock *lck = get_share_mode_lock(talloc_tos(), id,
1453 DEBUG(0, ("could not get share mode lock\n"));
1455 del_deferred_open_entry(lck, mid, pid);
1460 /****************************************************************************
1461 Open a file with a share mode. Passed in an already created files_struct *.
1462 ****************************************************************************/
1464 static NTSTATUS open_file_ntcreate(connection_struct *conn,
1465 struct smb_request *req,
1466 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1467 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1468 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1469 uint32 create_options, /* options such as delete on close. */
1470 uint32 new_dos_attributes, /* attributes used for new file. */
1471 int oplock_request, /* internal Samba oplock codes. */
1472 /* Information (FILE_EXISTS etc.) */
1473 uint32_t private_flags, /* Samba specific flags. */
1477 struct smb_filename *smb_fname = fsp->fsp_name;
1480 bool file_existed = VALID_STAT(smb_fname->st);
1481 bool def_acl = False;
1482 bool posix_open = False;
1483 bool new_file_created = False;
1484 bool clear_ads = false;
1486 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1487 mode_t new_unx_mode = (mode_t)0;
1488 mode_t unx_mode = (mode_t)0;
1490 uint32 existing_dos_attributes = 0;
1491 struct timeval request_time = timeval_zero();
1492 struct share_mode_lock *lck = NULL;
1493 uint32 open_access_mask = access_mask;
1499 /* Windows allows a new file to be created and
1500 silently removes a FILE_ATTRIBUTE_DIRECTORY
1501 sent by the client. Do the same. */
1503 new_dos_attributes &= ~FILE_ATTRIBUTE_DIRECTORY;
1505 if (conn->printer) {
1507 * Printers are handled completely differently.
1508 * Most of the passed parameters are ignored.
1512 *pinfo = FILE_WAS_CREATED;
1515 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n",
1516 smb_fname_str_dbg(smb_fname)));
1519 DEBUG(0,("open_file_ntcreate: printer open without "
1520 "an SMB request!\n"));
1521 return NT_STATUS_INTERNAL_ERROR;
1524 return print_spool_open(fsp, smb_fname->base_name,
1528 if (!parent_dirname(talloc_tos(), smb_fname->base_name, &parent_dir,
1530 return NT_STATUS_NO_MEMORY;
1533 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1535 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1536 new_dos_attributes = 0;
1538 /* We add aARCH to this as this mode is only used if the file is
1540 unx_mode = unix_mode(conn, new_dos_attributes | aARCH,
1541 smb_fname, parent_dir);
1544 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1545 "access_mask=0x%x share_access=0x%x "
1546 "create_disposition = 0x%x create_options=0x%x "
1547 "unix mode=0%o oplock_request=%d private_flags = 0x%x\n",
1548 smb_fname_str_dbg(smb_fname), new_dos_attributes,
1549 access_mask, share_access, create_disposition,
1550 create_options, (unsigned int)unx_mode, oplock_request,
1551 (unsigned int)private_flags));
1553 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1554 DEBUG(0, ("No smb request but not an internal only open!\n"));
1555 return NT_STATUS_INTERNAL_ERROR;
1559 * Only non-internal opens can be deferred at all
1564 if (get_deferred_open_message_state(req,
1568 struct deferred_open_record *state = (struct deferred_open_record *)ptr;
1569 /* Remember the absolute time of the original
1570 request with this mid. We'll use it later to
1571 see if this has timed out. */
1573 /* Remove the deferred open entry under lock. */
1574 remove_deferred_open_entry(
1575 state->id, req->mid,
1576 sconn_server_id(req->sconn));
1578 /* Ensure we don't reprocess this message. */
1579 remove_deferred_open_message_smb(req->mid);
1583 status = check_name(conn, smb_fname->base_name);
1584 if (!NT_STATUS_IS_OK(status)) {
1589 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1591 existing_dos_attributes = dos_mode(conn, smb_fname);
1595 /* ignore any oplock requests if oplocks are disabled */
1596 if (!lp_oplocks(SNUM(conn)) ||
1597 IS_VETO_OPLOCK_PATH(conn, smb_fname->base_name)) {
1598 /* Mask off everything except the private Samba bits. */
1599 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1602 /* this is for OS/2 long file names - say we don't support them */
1603 if (!lp_posix_pathnames() && strstr(smb_fname->base_name,".+,;=[].")) {
1604 /* OS/2 Workplace shell fix may be main code stream in a later
1606 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1608 if (use_nt_status()) {
1609 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1611 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1614 switch( create_disposition ) {
1616 * Currently we're using FILE_SUPERSEDE as the same as
1617 * FILE_OVERWRITE_IF but they really are
1618 * different. FILE_SUPERSEDE deletes an existing file
1619 * (requiring delete access) then recreates it.
1621 case FILE_SUPERSEDE:
1622 /* If file exists replace/overwrite. If file doesn't
1624 flags2 |= (O_CREAT | O_TRUNC);
1628 case FILE_OVERWRITE_IF:
1629 /* If file exists replace/overwrite. If file doesn't
1631 flags2 |= (O_CREAT | O_TRUNC);
1636 /* If file exists open. If file doesn't exist error. */
1637 if (!file_existed) {
1638 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1639 "requested for file %s and file "
1641 smb_fname_str_dbg(smb_fname)));
1643 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1647 case FILE_OVERWRITE:
1648 /* If file exists overwrite. If file doesn't exist
1650 if (!file_existed) {
1651 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1652 "requested for file %s and file "
1654 smb_fname_str_dbg(smb_fname) ));
1656 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1663 /* If file exists error. If file doesn't exist
1666 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1667 "requested for file %s and file "
1668 "already exists.\n",
1669 smb_fname_str_dbg(smb_fname)));
1670 if (S_ISDIR(smb_fname->st.st_ex_mode)) {
1675 return map_nt_error_from_unix(errno);
1677 flags2 |= (O_CREAT|O_EXCL);
1681 /* If file exists open. If file doesn't exist
1687 return NT_STATUS_INVALID_PARAMETER;
1690 /* We only care about matching attributes on file exists and
1693 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1694 (create_disposition == FILE_OVERWRITE_IF))) {
1695 if (!open_match_attributes(conn, existing_dos_attributes,
1697 smb_fname->st.st_ex_mode,
1698 unx_mode, &new_unx_mode)) {
1699 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1700 "for file %s (%x %x) (0%o, 0%o)\n",
1701 smb_fname_str_dbg(smb_fname),
1702 existing_dos_attributes,
1704 (unsigned int)smb_fname->st.st_ex_mode,
1705 (unsigned int)unx_mode ));
1707 return NT_STATUS_ACCESS_DENIED;
1711 status = calculate_access_mask(conn, smb_fname, file_existed,
1714 if (!NT_STATUS_IS_OK(status)) {
1715 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1716 "on file %s returned %s\n",
1717 smb_fname_str_dbg(smb_fname), nt_errstr(status)));
1721 open_access_mask = access_mask;
1723 if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1724 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1727 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1728 "access_mask=0x%x\n", smb_fname_str_dbg(smb_fname),
1732 * Note that we ignore the append flag as append does not
1733 * mean the same thing under DOS and Unix.
1736 if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1737 (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1738 /* DENY_DOS opens are always underlying read-write on the
1739 file handle, no matter what the requested access mask
1741 if ((private_flags & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1742 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1752 * Currently we only look at FILE_WRITE_THROUGH for create options.
1756 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1761 if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1765 if (!posix_open && !CAN_WRITE(conn)) {
1767 * We should really return a permission denied error if either
1768 * O_CREAT or O_TRUNC are set, but for compatibility with
1769 * older versions of Samba we just AND them out.
1771 flags2 &= ~(O_CREAT|O_TRUNC);
1775 * Ensure we can't write on a read-only share or file.
1778 if (flags != O_RDONLY && file_existed &&
1779 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1780 DEBUG(5,("open_file_ntcreate: write access requested for "
1781 "file %s on read only %s\n",
1782 smb_fname_str_dbg(smb_fname),
1783 !CAN_WRITE(conn) ? "share" : "file" ));
1785 return NT_STATUS_ACCESS_DENIED;
1788 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1789 fsp->share_access = share_access;
1790 fsp->fh->private_options = private_flags;
1791 fsp->access_mask = open_access_mask; /* We change this to the
1792 * requested access_mask after
1793 * the open is done. */
1794 fsp->posix_open = posix_open;
1796 /* Ensure no SAMBA_PRIVATE bits can be set. */
1797 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1799 if (timeval_is_zero(&request_time)) {
1800 request_time = fsp->open_time;
1804 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
1805 id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1807 lck = get_share_mode_lock(talloc_tos(), id,
1809 smb_fname, &old_write_time);
1812 DEBUG(0, ("Could not get share mode lock\n"));
1813 return NT_STATUS_SHARING_VIOLATION;
1816 /* First pass - send break only on batch oplocks. */
1818 && delay_for_oplocks(lck, fsp, req->mid, 1,
1820 schedule_defer_open(lck, request_time, req);
1822 return NT_STATUS_SHARING_VIOLATION;
1825 /* Use the client requested access mask here, not the one we
1827 status = open_mode_check(conn, lck, fsp->name_hash,
1828 access_mask, share_access,
1829 create_options, &file_existed);
1831 if (NT_STATUS_IS_OK(status)) {
1832 /* We might be going to allow this open. Check oplock
1834 /* Second pass - send break for both batch or
1835 * exclusive oplocks. */
1837 && delay_for_oplocks(lck, fsp, req->mid, 2,
1839 schedule_defer_open(lck, request_time, req);
1841 return NT_STATUS_SHARING_VIOLATION;
1845 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1846 /* DELETE_PENDING is not deferred for a second */
1851 if (!NT_STATUS_IS_OK(status)) {
1852 uint32 can_access_mask;
1853 bool can_access = True;
1855 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1857 /* Check if this can be done with the deny_dos and fcb
1860 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1861 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1863 DEBUG(0, ("DOS open without an SMB "
1866 return NT_STATUS_INTERNAL_ERROR;
1869 /* Use the client requested access mask here,
1870 * not the one we open with. */
1871 status = fcb_or_dos_open(req,
1882 if (NT_STATUS_IS_OK(status)) {
1885 *pinfo = FILE_WAS_OPENED;
1887 return NT_STATUS_OK;
1892 * This next line is a subtlety we need for
1893 * MS-Access. If a file open will fail due to share
1894 * permissions and also for security (access) reasons,
1895 * we need to return the access failed error, not the
1896 * share error. We can't open the file due to kernel
1897 * oplock deadlock (it's possible we failed above on
1898 * the open_mode_check()) so use a userspace check.
1901 if (flags & O_RDWR) {
1902 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1903 } else if (flags & O_WRONLY) {
1904 can_access_mask = FILE_WRITE_DATA;
1906 can_access_mask = FILE_READ_DATA;
1909 if (((can_access_mask & FILE_WRITE_DATA) &&
1910 !CAN_WRITE(conn)) ||
1911 !can_access_file_data(conn, smb_fname,
1917 * If we're returning a share violation, ensure we
1918 * cope with the braindead 1 second delay.
1921 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1922 lp_defer_sharing_violations()) {
1923 struct timeval timeout;
1924 struct deferred_open_record state;
1927 /* this is a hack to speed up torture tests
1929 timeout_usecs = lp_parm_int(SNUM(conn),
1930 "smbd","sharedelay",
1931 SHARING_VIOLATION_USEC_WAIT);
1933 /* This is a relative time, added to the absolute
1934 request_time value to get the absolute timeout time.
1935 Note that if this is the second or greater time we enter
1936 this codepath for this particular request mid then
1937 request_time is left as the absolute time of the *first*
1938 time this request mid was processed. This is what allows
1939 the request to eventually time out. */
1941 timeout = timeval_set(0, timeout_usecs);
1943 /* Nothing actually uses state.delayed_for_oplocks
1944 but it's handy to differentiate in debug messages
1945 between a 30 second delay due to oplock break, and
1946 a 1 second delay for share mode conflicts. */
1948 state.delayed_for_oplocks = False;
1952 && !request_timed_out(request_time,
1954 defer_open(lck, request_time, timeout,
1962 * We have detected a sharing violation here
1963 * so return the correct error code
1965 status = NT_STATUS_SHARING_VIOLATION;
1967 status = NT_STATUS_ACCESS_DENIED;
1973 * We exit this block with the share entry *locked*.....
1977 SMB_ASSERT(!file_existed || (lck != NULL));
1980 * Ensure we pay attention to default ACLs on directories if required.
1983 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1984 (def_acl = directory_has_default_acl(conn, parent_dir))) {
1985 unx_mode = (0777 & lp_create_mask(SNUM(conn)));
1988 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1989 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1990 (unsigned int)flags, (unsigned int)flags2,
1991 (unsigned int)unx_mode, (unsigned int)access_mask,
1992 (unsigned int)open_access_mask));
1995 * open_file strips any O_TRUNC flags itself.
1998 fsp_open = open_file(fsp, conn, req, parent_dir,
1999 flags|flags2, unx_mode, access_mask,
2002 if (!NT_STATUS_IS_OK(fsp_open)) {
2009 if (!file_existed) {
2010 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
2012 * Deal with the race condition where two smbd's detect the
2013 * file doesn't exist and do the create at the same time. One
2014 * of them will win and set a share mode, the other (ie. this
2015 * one) should check if the requested share mode for this
2016 * create is allowed.
2020 * Now the file exists and fsp is successfully opened,
2021 * fsp->dev and fsp->inode are valid and should replace the
2022 * dev=0,inode=0 from a non existent file. Spotted by
2023 * Nadav Danieli <nadavd@exanet.com>. JRA.
2028 lck = get_share_mode_lock(talloc_tos(), id,
2030 smb_fname, &old_write_time);
2033 DEBUG(0, ("open_file_ntcreate: Could not get share "
2034 "mode lock for %s\n",
2035 smb_fname_str_dbg(smb_fname)));
2037 return NT_STATUS_SHARING_VIOLATION;
2040 /* First pass - send break only on batch oplocks. */
2042 && delay_for_oplocks(lck, fsp, req->mid, 1,
2044 schedule_defer_open(lck, request_time, req);
2047 return NT_STATUS_SHARING_VIOLATION;
2050 status = open_mode_check(conn, lck, fsp->name_hash,
2051 access_mask, share_access,
2052 create_options, &file_existed);
2054 if (NT_STATUS_IS_OK(status)) {
2055 /* We might be going to allow this open. Check oplock
2057 /* Second pass - send break for both batch or
2058 * exclusive oplocks. */
2060 && delay_for_oplocks(lck, fsp, req->mid, 2,
2062 schedule_defer_open(lck, request_time, req);
2065 return NT_STATUS_SHARING_VIOLATION;
2069 if (!NT_STATUS_IS_OK(status)) {
2070 struct deferred_open_record state;
2074 state.delayed_for_oplocks = False;
2077 /* Do it all over again immediately. In the second
2078 * round we will find that the file existed and handle
2079 * the DELETE_PENDING and FCB cases correctly. No need
2080 * to duplicate the code here. Essentially this is a
2081 * "goto top of this function", but don't tell
2085 defer_open(lck, request_time, timeval_zero(),
2093 * We exit this block with the share entry *locked*.....
2098 SMB_ASSERT(lck != NULL);
2100 /* Delete streams if create_disposition requires it */
2101 if (file_existed && clear_ads &&
2102 !is_ntfs_stream_smb_fname(smb_fname)) {
2103 status = delete_all_streams(conn, smb_fname->base_name);
2104 if (!NT_STATUS_IS_OK(status)) {
2111 /* note that we ignore failure for the following. It is
2112 basically a hack for NFS, and NFS will never set one of
2113 these only read them. Nobody but Samba can ever set a deny
2114 mode and we have already checked our more authoritative
2115 locking database for permission to set this deny mode. If
2116 the kernel refuses the operations then the kernel is wrong.
2117 note that GPFS supports it as well - jmcd */
2119 if (fsp->fh->fd != -1) {
2121 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access, access_mask);
2122 if(ret_flock == -1 ){
2127 return NT_STATUS_SHARING_VIOLATION;
2132 * At this point onwards, we can guarentee that the share entry
2133 * is locked, whether we created the file or not, and that the
2134 * deny mode is compatible with all current opens.
2138 * If requested, truncate the file.
2141 if (file_existed && (flags2&O_TRUNC)) {
2143 * We are modifing the file after open - update the stat
2146 if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2147 (SMB_VFS_FSTAT(fsp, &smb_fname->st)==-1)) {
2148 status = map_nt_error_from_unix(errno);
2156 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2158 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2161 /* stat opens on existing files don't get oplocks. */
2162 if (is_stat_open(open_access_mask)) {
2163 fsp->oplock_type = NO_OPLOCK;
2166 if (!(flags2 & O_TRUNC)) {
2167 info = FILE_WAS_OPENED;
2169 info = FILE_WAS_OVERWRITTEN;
2172 info = FILE_WAS_CREATED;
2180 * Setup the oplock info in both the shared memory and
2184 if (!set_file_oplock(fsp, fsp->oplock_type)) {
2186 * Could not get the kernel oplock or there are byte-range
2187 * locks on the file.
2189 fsp->oplock_type = NO_OPLOCK;
2192 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2193 new_file_created = True;
2196 set_share_mode(lck, fsp, get_current_uid(conn), 0,
2199 /* Handle strange delete on close create semantics. */
2200 if (create_options & FILE_DELETE_ON_CLOSE) {
2202 status = can_set_delete_on_close(fsp, new_dos_attributes);
2204 if (!NT_STATUS_IS_OK(status)) {
2205 /* Remember to delete the mode we just added. */
2206 del_share_mode(lck, fsp);
2211 /* Note that here we set the *inital* delete on close flag,
2212 not the regular one. The magic gets handled in close. */
2213 fsp->initial_delete_on_close = True;
2216 if (new_file_created) {
2217 /* Files should be initially set as archive */
2218 if (lp_map_archive(SNUM(conn)) ||
2219 lp_store_dos_attributes(SNUM(conn))) {
2221 if (file_set_dosmode(conn, smb_fname,
2222 new_dos_attributes | aARCH,
2223 parent_dir, true) == 0) {
2224 unx_mode = smb_fname->st.st_ex_mode;
2230 /* Determine sparse flag. */
2232 /* POSIX opens are sparse by default. */
2233 fsp->is_sparse = true;
2235 fsp->is_sparse = (file_existed &&
2236 (existing_dos_attributes & FILE_ATTRIBUTE_SPARSE));
2240 * Take care of inherited ACLs on created files - if default ACL not
2244 if (!posix_open && !file_existed && !def_acl) {
2246 int saved_errno = errno; /* We might get ENOSYS in the next
2249 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2251 errno = saved_errno; /* Ignore ENOSYS */
2254 } else if (new_unx_mode) {
2258 /* Attributes need changing. File already existed. */
2261 int saved_errno = errno; /* We might get ENOSYS in the
2263 ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2265 if (ret == -1 && errno == ENOSYS) {
2266 errno = saved_errno; /* Ignore ENOSYS */
2268 DEBUG(5, ("open_file_ntcreate: reset "
2269 "attributes of file %s to 0%o\n",
2270 smb_fname_str_dbg(smb_fname),
2271 (unsigned int)new_unx_mode));
2272 ret = 0; /* Don't do the fchmod below. */
2277 (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2278 DEBUG(5, ("open_file_ntcreate: failed to reset "
2279 "attributes of file %s to 0%o\n",
2280 smb_fname_str_dbg(smb_fname),
2281 (unsigned int)new_unx_mode));
2284 /* If this is a successful open, we must remove any deferred open
2287 del_deferred_open_entry(lck, req->mid,
2288 sconn_server_id(req->sconn));
2292 return NT_STATUS_OK;
2296 /****************************************************************************
2297 Open a file for for write to ensure that we can fchmod it.
2298 ****************************************************************************/
2300 NTSTATUS open_file_fchmod(connection_struct *conn,
2301 struct smb_filename *smb_fname,
2302 files_struct **result)
2304 if (!VALID_STAT(smb_fname->st)) {
2305 return NT_STATUS_INVALID_PARAMETER;
2308 return SMB_VFS_CREATE_FILE(
2311 0, /* root_dir_fid */
2312 smb_fname, /* fname */
2313 FILE_WRITE_DATA, /* access_mask */
2314 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
2316 FILE_OPEN, /* create_disposition*/
2317 0, /* create_options */
2318 0, /* file_attributes */
2319 INTERNAL_OPEN_ONLY, /* oplock_request */
2320 0, /* allocation_size */
2321 0, /* private_flags */
2324 result, /* result */
2328 static NTSTATUS mkdir_internal(connection_struct *conn,
2329 struct smb_filename *smb_dname,
2330 uint32 file_attributes)
2335 bool posix_open = false;
2337 if(!CAN_WRITE(conn)) {
2338 DEBUG(5,("mkdir_internal: failing create on read-only share "
2339 "%s\n", lp_servicename(SNUM(conn))));
2340 return NT_STATUS_ACCESS_DENIED;
2343 status = check_name(conn, smb_dname->base_name);
2344 if (!NT_STATUS_IS_OK(status)) {
2348 if (!parent_dirname(talloc_tos(), smb_dname->base_name, &parent_dir,
2350 return NT_STATUS_NO_MEMORY;
2353 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2355 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2357 mode = unix_mode(conn, aDIR, smb_dname, parent_dir);
2360 if (SMB_VFS_MKDIR(conn, smb_dname->base_name, mode) != 0) {
2361 return map_nt_error_from_unix(errno);
2364 /* Ensure we're checking for a symlink here.... */
2365 /* We don't want to get caught by a symlink racer. */
2367 if (SMB_VFS_LSTAT(conn, smb_dname) == -1) {
2368 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2369 smb_fname_str_dbg(smb_dname), strerror(errno)));
2370 return map_nt_error_from_unix(errno);
2373 if (!S_ISDIR(smb_dname->st.st_ex_mode)) {
2374 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2375 smb_fname_str_dbg(smb_dname)));
2376 return NT_STATUS_ACCESS_DENIED;
2379 if (lp_store_dos_attributes(SNUM(conn))) {
2381 file_set_dosmode(conn, smb_dname,
2382 file_attributes | aDIR,
2387 if (lp_inherit_perms(SNUM(conn))) {
2388 inherit_access_posix_acl(conn, parent_dir,
2389 smb_dname->base_name, mode);
2394 * Check if high bits should have been set,
2395 * then (if bits are missing): add them.
2396 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2399 if ((mode & ~(S_IRWXU|S_IRWXG|S_IRWXO)) &&
2400 (mode & ~smb_dname->st.st_ex_mode)) {
2401 SMB_VFS_CHMOD(conn, smb_dname->base_name,
2402 (smb_dname->st.st_ex_mode |
2403 (mode & ~smb_dname->st.st_ex_mode)));
2407 /* Change the owner if required. */
2408 if (lp_inherit_owner(SNUM(conn))) {
2409 change_dir_owner_to_parent(conn, parent_dir,
2410 smb_dname->base_name,
2414 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2415 smb_dname->base_name);
2417 return NT_STATUS_OK;
2420 /****************************************************************************
2421 Open a directory from an NT SMB call.
2422 ****************************************************************************/
2424 static NTSTATUS open_directory(connection_struct *conn,
2425 struct smb_request *req,
2426 struct smb_filename *smb_dname,
2428 uint32 share_access,
2429 uint32 create_disposition,
2430 uint32 create_options,
2431 uint32 file_attributes,
2433 files_struct **result)
2435 files_struct *fsp = NULL;
2436 bool dir_existed = VALID_STAT(smb_dname->st) ? True : False;
2437 struct share_mode_lock *lck = NULL;
2439 struct timespec mtimespec;
2442 SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
2444 /* Ensure we have a directory attribute. */
2445 file_attributes |= FILE_ATTRIBUTE_DIRECTORY;
2447 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2448 "share_access = 0x%x create_options = 0x%x, "
2449 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2450 smb_fname_str_dbg(smb_dname),
2451 (unsigned int)access_mask,
2452 (unsigned int)share_access,
2453 (unsigned int)create_options,
2454 (unsigned int)create_disposition,
2455 (unsigned int)file_attributes));
2457 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2458 (conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2459 is_ntfs_stream_smb_fname(smb_dname)) {
2460 DEBUG(2, ("open_directory: %s is a stream name!\n",
2461 smb_fname_str_dbg(smb_dname)));
2462 return NT_STATUS_NOT_A_DIRECTORY;
2465 status = calculate_access_mask(conn, smb_dname, dir_existed,
2466 access_mask, &access_mask);
2467 if (!NT_STATUS_IS_OK(status)) {
2468 DEBUG(10, ("open_directory: calculate_access_mask "
2469 "on file %s returned %s\n",
2470 smb_fname_str_dbg(smb_dname),
2471 nt_errstr(status)));
2475 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
2476 !security_token_has_privilege(get_current_nttok(conn),
2477 SEC_PRIV_SECURITY)) {
2478 DEBUG(10, ("open_directory: open on %s "
2479 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2480 smb_fname_str_dbg(smb_dname)));
2481 return NT_STATUS_PRIVILEGE_NOT_HELD;
2484 switch( create_disposition ) {
2487 info = FILE_WAS_OPENED;
2490 * We want to follow symlinks here.
2493 if (SMB_VFS_STAT(conn, smb_dname) != 0) {
2494 return map_nt_error_from_unix(errno);
2501 /* If directory exists error. If directory doesn't
2504 status = mkdir_internal(conn, smb_dname,
2507 if (!NT_STATUS_IS_OK(status)) {
2508 DEBUG(2, ("open_directory: unable to create "
2509 "%s. Error was %s\n",
2510 smb_fname_str_dbg(smb_dname),
2511 nt_errstr(status)));
2515 info = FILE_WAS_CREATED;
2520 * If directory exists open. If directory doesn't
2524 status = mkdir_internal(conn, smb_dname,
2527 if (NT_STATUS_IS_OK(status)) {
2528 info = FILE_WAS_CREATED;
2531 if (NT_STATUS_EQUAL(status,
2532 NT_STATUS_OBJECT_NAME_COLLISION)) {
2533 info = FILE_WAS_OPENED;
2534 status = NT_STATUS_OK;
2539 case FILE_SUPERSEDE:
2540 case FILE_OVERWRITE:
2541 case FILE_OVERWRITE_IF:
2543 DEBUG(5,("open_directory: invalid create_disposition "
2544 "0x%x for directory %s\n",
2545 (unsigned int)create_disposition,
2546 smb_fname_str_dbg(smb_dname)));
2547 return NT_STATUS_INVALID_PARAMETER;
2550 if(!S_ISDIR(smb_dname->st.st_ex_mode)) {
2551 DEBUG(5,("open_directory: %s is not a directory !\n",
2552 smb_fname_str_dbg(smb_dname)));
2553 return NT_STATUS_NOT_A_DIRECTORY;
2556 if (info == FILE_WAS_OPENED) {
2557 uint32_t access_granted = 0;
2558 status = smbd_check_open_rights(conn, smb_dname, access_mask,
2561 /* Were we trying to do a directory open
2562 * for delete and didn't get DELETE
2563 * access (only) ? Check if the
2564 * directory allows DELETE_CHILD.
2566 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2569 if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2570 (access_mask & DELETE_ACCESS) &&
2571 (access_granted == DELETE_ACCESS) &&
2572 can_delete_file_in_directory(conn, smb_dname))) {
2573 DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2574 "on directory %s\n",
2575 smb_fname_str_dbg(smb_dname)));
2576 status = NT_STATUS_OK;
2579 if (!NT_STATUS_IS_OK(status)) {
2580 DEBUG(10, ("open_directory: smbd_check_open_rights on "
2581 "file %s failed with %s\n",
2582 smb_fname_str_dbg(smb_dname),
2583 nt_errstr(status)));
2588 status = file_new(req, conn, &fsp);
2589 if(!NT_STATUS_IS_OK(status)) {
2594 * Setup the files_struct for it.
2597 fsp->mode = smb_dname->st.st_ex_mode;
2598 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_dname->st);
2599 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2600 fsp->file_pid = req ? req->smbpid : 0;
2601 fsp->can_lock = False;
2602 fsp->can_read = False;
2603 fsp->can_write = False;
2605 fsp->share_access = share_access;
2606 fsp->fh->private_options = 0;
2608 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2610 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2611 fsp->print_file = NULL;
2612 fsp->modified = False;
2613 fsp->oplock_type = NO_OPLOCK;
2614 fsp->sent_oplock_break = NO_BREAK_SENT;
2615 fsp->is_directory = True;
2616 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2617 status = fsp_set_smb_fname(fsp, smb_dname);
2618 if (!NT_STATUS_IS_OK(status)) {
2622 mtimespec = smb_dname->st.st_ex_mtime;
2624 lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2625 conn->connectpath, smb_dname, &mtimespec);
2628 DEBUG(0, ("open_directory: Could not get share mode lock for "
2629 "%s\n", smb_fname_str_dbg(smb_dname)));
2630 file_free(req, fsp);
2631 return NT_STATUS_SHARING_VIOLATION;
2634 status = open_mode_check(conn, lck, fsp->name_hash,
2635 access_mask, share_access,
2636 create_options, &dir_existed);
2638 if (!NT_STATUS_IS_OK(status)) {
2640 file_free(req, fsp);
2644 set_share_mode(lck, fsp, get_current_uid(conn), 0, NO_OPLOCK);
2646 /* For directories the delete on close bit at open time seems
2647 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2648 if (create_options & FILE_DELETE_ON_CLOSE) {
2649 status = can_set_delete_on_close(fsp, 0);
2650 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2652 file_free(req, fsp);
2656 if (NT_STATUS_IS_OK(status)) {
2657 /* Note that here we set the *inital* delete on close flag,
2658 not the regular one. The magic gets handled in close. */
2659 fsp->initial_delete_on_close = True;
2670 return NT_STATUS_OK;
2673 NTSTATUS create_directory(connection_struct *conn, struct smb_request *req,
2674 struct smb_filename *smb_dname)
2679 status = SMB_VFS_CREATE_FILE(
2682 0, /* root_dir_fid */
2683 smb_dname, /* fname */
2684 FILE_READ_ATTRIBUTES, /* access_mask */
2685 FILE_SHARE_NONE, /* share_access */
2686 FILE_CREATE, /* create_disposition*/
2687 FILE_DIRECTORY_FILE, /* create_options */
2688 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
2689 0, /* oplock_request */
2690 0, /* allocation_size */
2691 0, /* private_flags */
2697 if (NT_STATUS_IS_OK(status)) {
2698 close_file(req, fsp, NORMAL_CLOSE);
2704 /****************************************************************************
2705 Receive notification that one of our open files has been renamed by another
2707 ****************************************************************************/
2709 void msg_file_was_renamed(struct messaging_context *msg,
2712 struct server_id server_id,
2715 struct smbd_server_connection *sconn;
2717 char *frm = (char *)data->data;
2719 const char *sharepath;
2720 const char *base_name;
2721 const char *stream_name;
2722 struct smb_filename *smb_fname = NULL;
2723 size_t sp_len, bn_len;
2726 sconn = msg_ctx_to_sconn(msg);
2727 if (sconn == NULL) {
2728 DEBUG(1, ("could not find sconn\n"));
2732 if (data->data == NULL
2733 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2734 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2735 (int)data->length));
2739 /* Unpack the message. */
2740 pull_file_id_24(frm, &id);
2741 sharepath = &frm[24];
2742 sp_len = strlen(sharepath);
2743 base_name = sharepath + sp_len + 1;
2744 bn_len = strlen(base_name);
2745 stream_name = sharepath + sp_len + 1 + bn_len + 1;
2747 /* stream_name must always be NULL if there is no stream. */
2748 if (stream_name[0] == '\0') {
2752 status = create_synthetic_smb_fname(talloc_tos(), base_name,
2753 stream_name, NULL, &smb_fname);
2754 if (!NT_STATUS_IS_OK(status)) {
2758 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2760 sharepath, smb_fname_str_dbg(smb_fname),
2761 file_id_string_tos(&id)));
2763 for(fsp = file_find_di_first(sconn, id); fsp;
2764 fsp = file_find_di_next(fsp)) {
2765 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2767 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2768 fsp->fnum, fsp_str_dbg(fsp),
2769 smb_fname_str_dbg(smb_fname)));
2770 status = fsp_set_smb_fname(fsp, smb_fname);
2771 if (!NT_STATUS_IS_OK(status)) {
2776 /* Now we have the complete path we can work out if this is
2777 actually within this share and adjust newname accordingly. */
2778 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2779 "not sharepath %s) "
2780 "fnum %d from %s -> %s\n",
2781 fsp->conn->connectpath,
2785 smb_fname_str_dbg(smb_fname)));
2789 TALLOC_FREE(smb_fname);
2794 * If a main file is opened for delete, all streams need to be checked for
2795 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2796 * If that works, delete them all by setting the delete on close and close.
2799 NTSTATUS open_streams_for_delete(connection_struct *conn,
2802 struct stream_struct *stream_info;
2803 files_struct **streams;
2805 unsigned int num_streams;
2806 TALLOC_CTX *frame = talloc_stackframe();
2809 status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2810 &num_streams, &stream_info);
2812 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2813 || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2814 DEBUG(10, ("no streams around\n"));
2816 return NT_STATUS_OK;
2819 if (!NT_STATUS_IS_OK(status)) {
2820 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2821 nt_errstr(status)));
2825 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2828 if (num_streams == 0) {
2830 return NT_STATUS_OK;
2833 streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2834 if (streams == NULL) {
2835 DEBUG(0, ("talloc failed\n"));
2836 status = NT_STATUS_NO_MEMORY;
2840 for (i=0; i<num_streams; i++) {
2841 struct smb_filename *smb_fname = NULL;
2843 if (strequal(stream_info[i].name, "::$DATA")) {
2848 status = create_synthetic_smb_fname(talloc_tos(), fname,
2849 stream_info[i].name,
2851 if (!NT_STATUS_IS_OK(status)) {
2855 if (SMB_VFS_STAT(conn, smb_fname) == -1) {
2856 DEBUG(10, ("Unable to stat stream: %s\n",
2857 smb_fname_str_dbg(smb_fname)));
2860 status = SMB_VFS_CREATE_FILE(
2863 0, /* root_dir_fid */
2864 smb_fname, /* fname */
2865 DELETE_ACCESS, /* access_mask */
2866 (FILE_SHARE_READ | /* share_access */
2867 FILE_SHARE_WRITE | FILE_SHARE_DELETE),
2868 FILE_OPEN, /* create_disposition*/
2869 0, /* create_options */
2870 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2871 0, /* oplock_request */
2872 0, /* allocation_size */
2873 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* private_flags */
2876 &streams[i], /* result */
2879 if (!NT_STATUS_IS_OK(status)) {
2880 DEBUG(10, ("Could not open stream %s: %s\n",
2881 smb_fname_str_dbg(smb_fname),
2882 nt_errstr(status)));
2884 TALLOC_FREE(smb_fname);
2887 TALLOC_FREE(smb_fname);
2891 * don't touch the variable "status" beyond this point :-)
2894 for (i -= 1 ; i >= 0; i--) {
2895 if (streams[i] == NULL) {
2899 DEBUG(10, ("Closing stream # %d, %s\n", i,
2900 fsp_str_dbg(streams[i])));
2901 close_file(NULL, streams[i], NORMAL_CLOSE);
2910 * Wrapper around open_file_ntcreate and open_directory
2913 static NTSTATUS create_file_unixpath(connection_struct *conn,
2914 struct smb_request *req,
2915 struct smb_filename *smb_fname,
2916 uint32_t access_mask,
2917 uint32_t share_access,
2918 uint32_t create_disposition,
2919 uint32_t create_options,
2920 uint32_t file_attributes,
2921 uint32_t oplock_request,
2922 uint64_t allocation_size,
2923 uint32_t private_flags,
2924 struct security_descriptor *sd,
2925 struct ea_list *ea_list,
2927 files_struct **result,
2930 int info = FILE_WAS_OPENED;
2931 files_struct *base_fsp = NULL;
2932 files_struct *fsp = NULL;
2935 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2936 "file_attributes = 0x%x, share_access = 0x%x, "
2937 "create_disposition = 0x%x create_options = 0x%x "
2938 "oplock_request = 0x%x private_flags = 0x%x "
2939 "ea_list = 0x%p, sd = 0x%p, "
2941 (unsigned int)access_mask,
2942 (unsigned int)file_attributes,
2943 (unsigned int)share_access,
2944 (unsigned int)create_disposition,
2945 (unsigned int)create_options,
2946 (unsigned int)oplock_request,
2947 (unsigned int)private_flags,
2948 ea_list, sd, smb_fname_str_dbg(smb_fname)));
2950 if (create_options & FILE_OPEN_BY_FILE_ID) {
2951 status = NT_STATUS_NOT_SUPPORTED;
2955 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
2956 status = NT_STATUS_INVALID_PARAMETER;
2961 oplock_request |= INTERNAL_OPEN_ONLY;
2964 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2965 && (access_mask & DELETE_ACCESS)
2966 && !is_ntfs_stream_smb_fname(smb_fname)) {
2968 * We can't open a file with DELETE access if any of the
2969 * streams is open without FILE_SHARE_DELETE
2971 status = open_streams_for_delete(conn, smb_fname->base_name);
2973 if (!NT_STATUS_IS_OK(status)) {
2978 /* This is the correct thing to do (check every time) but can_delete
2979 * is expensive (it may have to read the parent directory
2980 * permissions). So for now we're not doing it unless we have a strong
2981 * hint the client is really going to delete this file. If the client
2982 * is forcing FILE_CREATE let the filesystem take care of the
2985 /* Setting FILE_SHARE_DELETE is the hint. */
2987 if (lp_acl_check_permissions(SNUM(conn))
2988 && (create_disposition != FILE_CREATE)
2989 && (share_access & FILE_SHARE_DELETE)
2990 && (access_mask & DELETE_ACCESS)
2991 && (!(can_delete_file_in_directory(conn, smb_fname) ||
2992 can_access_file_acl(conn, smb_fname, DELETE_ACCESS)))) {
2993 status = NT_STATUS_ACCESS_DENIED;
2994 DEBUG(10,("create_file_unixpath: open file %s "
2995 "for delete ACCESS_DENIED\n",
2996 smb_fname_str_dbg(smb_fname)));
3000 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
3001 !security_token_has_privilege(get_current_nttok(conn),
3002 SEC_PRIV_SECURITY)) {
3003 DEBUG(10, ("create_file_unixpath: open on %s "
3004 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
3005 smb_fname_str_dbg(smb_fname)));
3006 status = NT_STATUS_PRIVILEGE_NOT_HELD;
3010 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
3011 && is_ntfs_stream_smb_fname(smb_fname)
3012 && (!(private_flags & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
3013 uint32 base_create_disposition;
3014 struct smb_filename *smb_fname_base = NULL;
3016 if (create_options & FILE_DIRECTORY_FILE) {
3017 status = NT_STATUS_NOT_A_DIRECTORY;
3021 switch (create_disposition) {
3023 base_create_disposition = FILE_OPEN;
3026 base_create_disposition = FILE_OPEN_IF;
3030 /* Create an smb_filename with stream_name == NULL. */
3031 status = create_synthetic_smb_fname(talloc_tos(),
3032 smb_fname->base_name,
3035 if (!NT_STATUS_IS_OK(status)) {
3039 if (SMB_VFS_STAT(conn, smb_fname_base) == -1) {
3040 DEBUG(10, ("Unable to stat stream: %s\n",
3041 smb_fname_str_dbg(smb_fname_base)));
3044 /* Open the base file. */
3045 status = create_file_unixpath(conn, NULL, smb_fname_base, 0,
3048 | FILE_SHARE_DELETE,
3049 base_create_disposition,
3050 0, 0, 0, 0, 0, NULL, NULL,
3052 TALLOC_FREE(smb_fname_base);
3054 if (!NT_STATUS_IS_OK(status)) {
3055 DEBUG(10, ("create_file_unixpath for base %s failed: "
3056 "%s\n", smb_fname->base_name,
3057 nt_errstr(status)));
3060 /* we don't need to low level fd */
3065 * If it's a request for a directory open, deal with it separately.
3068 if (create_options & FILE_DIRECTORY_FILE) {
3070 if (create_options & FILE_NON_DIRECTORY_FILE) {
3071 status = NT_STATUS_INVALID_PARAMETER;
3075 /* Can't open a temp directory. IFS kit test. */
3076 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
3077 (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) {
3078 status = NT_STATUS_INVALID_PARAMETER;
3083 * We will get a create directory here if the Win32
3084 * app specified a security descriptor in the
3085 * CreateDirectory() call.
3089 status = open_directory(
3090 conn, req, smb_fname, access_mask, share_access,
3091 create_disposition, create_options, file_attributes,
3096 * Ordinary file case.
3099 status = file_new(req, conn, &fsp);
3100 if(!NT_STATUS_IS_OK(status)) {
3104 status = fsp_set_smb_fname(fsp, smb_fname);
3105 if (!NT_STATUS_IS_OK(status)) {
3110 * We're opening the stream element of a base_fsp
3111 * we already opened. Set up the base_fsp pointer.
3114 fsp->base_fsp = base_fsp;
3117 status = open_file_ntcreate(conn,
3129 if(!NT_STATUS_IS_OK(status)) {
3130 file_free(req, fsp);
3134 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3136 /* A stream open never opens a directory */
3139 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3144 * Fail the open if it was explicitly a non-directory
3148 if (create_options & FILE_NON_DIRECTORY_FILE) {
3149 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3154 status = open_directory(
3155 conn, req, smb_fname, access_mask,
3156 share_access, create_disposition,
3157 create_options, file_attributes,
3162 if (!NT_STATUS_IS_OK(status)) {
3166 fsp->base_fsp = base_fsp;
3169 * According to the MS documentation, the only time the security
3170 * descriptor is applied to the opened file is iff we *created* the
3171 * file; an existing file stays the same.
3173 * Also, it seems (from observation) that you can open the file with
3174 * any access mask but you can still write the sd. We need to override
3175 * the granted access before we call set_sd
3176 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3179 if ((sd != NULL) && (info == FILE_WAS_CREATED)
3180 && lp_nt_acl_support(SNUM(conn))) {
3182 uint32_t sec_info_sent;
3183 uint32_t saved_access_mask = fsp->access_mask;
3185 sec_info_sent = get_sec_info(sd);
3187 fsp->access_mask = FILE_GENERIC_ALL;
3189 /* Convert all the generic bits. */
3190 security_acl_map_generic(sd->dacl, &file_generic_mapping);
3191 security_acl_map_generic(sd->sacl, &file_generic_mapping);
3193 if (sec_info_sent & (SECINFO_OWNER|
3197 status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3200 fsp->access_mask = saved_access_mask;
3202 if (!NT_STATUS_IS_OK(status)) {
3207 if ((ea_list != NULL) &&
3208 ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN))) {
3209 status = set_ea(conn, fsp, fsp->fsp_name, ea_list);
3210 if (!NT_STATUS_IS_OK(status)) {
3215 if (!fsp->is_directory && S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
3216 status = NT_STATUS_ACCESS_DENIED;
3220 /* Save the requested allocation size. */
3221 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3223 && (allocation_size > fsp->fsp_name->st.st_ex_size)) {
3224 fsp->initial_allocation_size = smb_roundup(
3225 fsp->conn, allocation_size);
3226 if (fsp->is_directory) {
3227 /* Can't set allocation size on a directory. */
3228 status = NT_STATUS_ACCESS_DENIED;
3231 if (vfs_allocate_file_space(
3232 fsp, fsp->initial_allocation_size) == -1) {
3233 status = NT_STATUS_DISK_FULL;
3237 fsp->initial_allocation_size = smb_roundup(
3238 fsp->conn, (uint64_t)fsp->fsp_name->st.st_ex_size);
3242 DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3245 if (pinfo != NULL) {
3249 smb_fname->st = fsp->fsp_name->st;
3251 return NT_STATUS_OK;
3254 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3257 if (base_fsp && fsp->base_fsp == base_fsp) {
3259 * The close_file below will close
3264 close_file(req, fsp, ERROR_CLOSE);
3267 if (base_fsp != NULL) {
3268 close_file(req, base_fsp, ERROR_CLOSE);
3275 * Calculate the full path name given a relative fid.
3277 NTSTATUS get_relative_fid_filename(connection_struct *conn,
3278 struct smb_request *req,
3279 uint16_t root_dir_fid,
3280 struct smb_filename *smb_fname)
3282 files_struct *dir_fsp;
3283 char *parent_fname = NULL;
3284 char *new_base_name = NULL;
3287 if (root_dir_fid == 0 || !smb_fname) {
3288 status = NT_STATUS_INTERNAL_ERROR;
3292 dir_fsp = file_fsp(req, root_dir_fid);
3294 if (dir_fsp == NULL) {
3295 status = NT_STATUS_INVALID_HANDLE;
3299 if (is_ntfs_stream_smb_fname(dir_fsp->fsp_name)) {
3300 status = NT_STATUS_INVALID_HANDLE;
3304 if (!dir_fsp->is_directory) {
3307 * Check to see if this is a mac fork of some kind.
3310 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3311 is_ntfs_stream_smb_fname(smb_fname)) {
3312 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3317 we need to handle the case when we get a
3318 relative open relative to a file and the
3319 pathname is blank - this is a reopen!
3320 (hint from demyn plantenberg)
3323 status = NT_STATUS_INVALID_HANDLE;
3327 if (ISDOT(dir_fsp->fsp_name->base_name)) {
3329 * We're at the toplevel dir, the final file name
3330 * must not contain ./, as this is filtered out
3331 * normally by srvstr_get_path and unix_convert
3332 * explicitly rejects paths containing ./.
3334 parent_fname = talloc_strdup(talloc_tos(), "");
3335 if (parent_fname == NULL) {
3336 status = NT_STATUS_NO_MEMORY;
3340 size_t dir_name_len = strlen(dir_fsp->fsp_name->base_name);
3343 * Copy in the base directory name.
3346 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3348 if (parent_fname == NULL) {
3349 status = NT_STATUS_NO_MEMORY;
3352 memcpy(parent_fname, dir_fsp->fsp_name->base_name,
3356 * Ensure it ends in a '/'.
3357 * We used TALLOC_SIZE +2 to add space for the '/'.
3361 && (parent_fname[dir_name_len-1] != '\\')
3362 && (parent_fname[dir_name_len-1] != '/')) {
3363 parent_fname[dir_name_len] = '/';
3364 parent_fname[dir_name_len+1] = '\0';
3368 new_base_name = talloc_asprintf(smb_fname, "%s%s", parent_fname,
3369 smb_fname->base_name);
3370 if (new_base_name == NULL) {
3371 status = NT_STATUS_NO_MEMORY;
3375 TALLOC_FREE(smb_fname->base_name);
3376 smb_fname->base_name = new_base_name;
3377 status = NT_STATUS_OK;
3380 TALLOC_FREE(parent_fname);
3384 NTSTATUS create_file_default(connection_struct *conn,
3385 struct smb_request *req,
3386 uint16_t root_dir_fid,
3387 struct smb_filename *smb_fname,
3388 uint32_t access_mask,
3389 uint32_t share_access,
3390 uint32_t create_disposition,
3391 uint32_t create_options,
3392 uint32_t file_attributes,
3393 uint32_t oplock_request,
3394 uint64_t allocation_size,
3395 uint32_t private_flags,
3396 struct security_descriptor *sd,
3397 struct ea_list *ea_list,
3398 files_struct **result,
3401 int info = FILE_WAS_OPENED;
3402 files_struct *fsp = NULL;
3404 bool stream_name = false;
3406 DEBUG(10,("create_file: access_mask = 0x%x "
3407 "file_attributes = 0x%x, share_access = 0x%x, "
3408 "create_disposition = 0x%x create_options = 0x%x "
3409 "oplock_request = 0x%x "
3410 "private_flags = 0x%x "
3411 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3413 (unsigned int)access_mask,
3414 (unsigned int)file_attributes,
3415 (unsigned int)share_access,
3416 (unsigned int)create_disposition,
3417 (unsigned int)create_options,
3418 (unsigned int)oplock_request,
3419 (unsigned int)private_flags,
3420 (unsigned int)root_dir_fid,
3421 ea_list, sd, smb_fname_str_dbg(smb_fname)));
3424 * Calculate the filename from the root_dir_if if necessary.
3427 if (root_dir_fid != 0) {
3428 status = get_relative_fid_filename(conn, req, root_dir_fid,
3430 if (!NT_STATUS_IS_OK(status)) {
3436 * Check to see if this is a mac fork of some kind.
3439 stream_name = is_ntfs_stream_smb_fname(smb_fname);
3441 enum FAKE_FILE_TYPE fake_file_type;
3443 fake_file_type = is_fake_file(smb_fname);
3445 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3448 * Here we go! support for changing the disk quotas
3451 * We need to fake up to open this MAGIC QUOTA file
3452 * and return a valid FID.
3454 * w2k close this file directly after openening xp
3455 * also tries a QUERY_FILE_INFO on the file and then
3458 status = open_fake_file(req, conn, req->vuid,
3459 fake_file_type, smb_fname,
3461 if (!NT_STATUS_IS_OK(status)) {
3465 ZERO_STRUCT(smb_fname->st);
3469 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3470 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
3475 /* All file access must go through check_name() */
3477 status = check_name(conn, smb_fname->base_name);
3478 if (!NT_STATUS_IS_OK(status)) {
3482 if (stream_name && is_ntfs_default_stream_smb_fname(smb_fname)) {
3484 smb_fname->stream_name = NULL;
3485 /* We have to handle this error here. */
3486 if (create_options & FILE_DIRECTORY_FILE) {
3487 status = NT_STATUS_NOT_A_DIRECTORY;
3490 if (lp_posix_pathnames()) {
3491 ret = SMB_VFS_LSTAT(conn, smb_fname);
3493 ret = SMB_VFS_STAT(conn, smb_fname);
3496 if (ret == 0 && VALID_STAT_OF_DIR(smb_fname->st)) {
3497 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3502 status = create_file_unixpath(
3503 conn, req, smb_fname, access_mask, share_access,
3504 create_disposition, create_options, file_attributes,
3505 oplock_request, allocation_size, private_flags,
3509 if (!NT_STATUS_IS_OK(status)) {
3514 DEBUG(10, ("create_file: info=%d\n", info));
3517 if (pinfo != NULL) {
3520 return NT_STATUS_OK;
3523 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3526 close_file(req, fsp, ERROR_CLOSE);