2 Unix SMB/CIFS implementation.
3 file opening and share modes
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2004
6 Copyright (C) Volker Lendecke 2005
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "smbd/globals.h"
25 #include "fake_file.h"
26 #include "librpc/gen_ndr/messaging.h"
27 #include "../libcli/security/security.h"
28 #include "../librpc/gen_ndr/ndr_security.h"
30 extern const struct generic_mapping file_generic_mapping;
32 struct deferred_open_record {
33 bool delayed_for_oplocks;
37 static NTSTATUS create_file_unixpath(connection_struct *conn,
38 struct smb_request *req,
39 struct smb_filename *smb_fname,
41 uint32_t share_access,
42 uint32_t create_disposition,
43 uint32_t create_options,
44 uint32_t file_attributes,
45 uint32_t oplock_request,
46 uint64_t allocation_size,
47 uint32_t private_flags,
48 struct security_descriptor *sd,
49 struct ea_list *ea_list,
51 files_struct **result,
54 /****************************************************************************
55 SMB1 file varient of se_access_check. Never test FILE_READ_ATTRIBUTES.
56 ****************************************************************************/
58 NTSTATUS smb1_file_se_access_check(struct connection_struct *conn,
59 const struct security_descriptor *sd,
60 const struct security_token *token,
61 uint32_t access_desired,
62 uint32_t *access_granted)
66 if (get_current_uid(conn) == (uid_t)0) {
67 /* I'm sorry sir, I didn't know you were root... */
68 *access_granted = access_desired;
69 if (access_desired & SEC_FLAG_MAXIMUM_ALLOWED) {
70 *access_granted |= FILE_GENERIC_ALL;
75 return se_access_check(sd,
77 (access_desired & ~FILE_READ_ATTRIBUTES),
81 /****************************************************************************
82 Check if we have open rights.
83 ****************************************************************************/
85 NTSTATUS smbd_check_open_rights(struct connection_struct *conn,
86 const struct smb_filename *smb_fname,
88 uint32_t *access_granted)
90 /* Check if we have rights to open. */
92 struct security_descriptor *sd = NULL;
94 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
99 if (!NT_STATUS_IS_OK(status)) {
100 DEBUG(10, ("smbd_check_open_rights: Could not get acl "
102 smb_fname_str_dbg(smb_fname),
107 status = smb1_file_se_access_check(conn,
109 get_current_nttok(conn),
113 DEBUG(10,("smbd_check_open_rights: file %s requesting "
114 "0x%x returning 0x%x (%s)\n",
115 smb_fname_str_dbg(smb_fname),
116 (unsigned int)access_mask,
117 (unsigned int)*access_granted,
118 nt_errstr(status) ));
120 if (!NT_STATUS_IS_OK(status)) {
121 if (DEBUGLEVEL >= 10) {
122 DEBUG(10,("smbd_check_open_rights: acl for %s is:\n",
123 smb_fname_str_dbg(smb_fname) ));
124 NDR_PRINT_DEBUG(security_descriptor, sd);
133 /****************************************************************************
134 fd support routines - attempt to do a dos_open.
135 ****************************************************************************/
137 static NTSTATUS fd_open(struct connection_struct *conn,
142 struct smb_filename *smb_fname = fsp->fsp_name;
143 NTSTATUS status = NT_STATUS_OK;
147 * Never follow symlinks on a POSIX client. The
148 * client should be doing this.
151 if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
156 fsp->fh->fd = SMB_VFS_OPEN(conn, smb_fname, fsp, flags, mode);
157 if (fsp->fh->fd == -1) {
158 status = map_nt_error_from_unix(errno);
159 if (errno == EMFILE) {
160 static time_t last_warned = 0L;
162 if (time((time_t *) NULL) > last_warned) {
163 DEBUG(0,("Too many open files, unable "
164 "to open more! smbd's max "
166 lp_max_open_files()));
167 last_warned = time((time_t *) NULL);
173 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
174 smb_fname_str_dbg(smb_fname), flags, (int)mode, fsp->fh->fd,
175 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
180 /****************************************************************************
181 Close the file associated with a fsp.
182 ****************************************************************************/
184 NTSTATUS fd_close(files_struct *fsp)
188 if (fsp->fh->fd == -1) {
189 return NT_STATUS_OK; /* What we used to call a stat open. */
191 if (fsp->fh->ref_count > 1) {
192 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
195 ret = SMB_VFS_CLOSE(fsp);
198 return map_nt_error_from_unix(errno);
203 /****************************************************************************
204 Change the ownership of a file to that of the parent directory.
205 Do this by fd if possible.
206 ****************************************************************************/
208 void change_file_owner_to_parent(connection_struct *conn,
209 const char *inherit_from_dir,
212 struct smb_filename *smb_fname_parent = NULL;
216 status = create_synthetic_smb_fname(talloc_tos(), inherit_from_dir,
217 NULL, NULL, &smb_fname_parent);
218 if (!NT_STATUS_IS_OK(status)) {
222 ret = SMB_VFS_STAT(conn, smb_fname_parent);
224 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
225 "directory %s. Error was %s\n",
226 smb_fname_str_dbg(smb_fname_parent),
232 ret = SMB_VFS_FCHOWN(fsp, smb_fname_parent->st.st_ex_uid, (gid_t)-1);
235 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
236 "file %s to parent directory uid %u. Error "
237 "was %s\n", fsp_str_dbg(fsp),
238 (unsigned int)smb_fname_parent->st.st_ex_uid,
242 DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
243 "parent directory uid %u.\n", fsp_str_dbg(fsp),
244 (unsigned int)smb_fname_parent->st.st_ex_uid));
246 TALLOC_FREE(smb_fname_parent);
249 NTSTATUS change_dir_owner_to_parent(connection_struct *conn,
250 const char *inherit_from_dir,
252 SMB_STRUCT_STAT *psbuf)
254 struct smb_filename *smb_fname_parent = NULL;
255 struct smb_filename *smb_fname_cwd = NULL;
256 char *saved_dir = NULL;
257 TALLOC_CTX *ctx = talloc_tos();
258 NTSTATUS status = NT_STATUS_OK;
261 status = create_synthetic_smb_fname(ctx, inherit_from_dir, NULL, NULL,
263 if (!NT_STATUS_IS_OK(status)) {
267 ret = SMB_VFS_STAT(conn, smb_fname_parent);
269 status = map_nt_error_from_unix(errno);
270 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
271 "directory %s. Error was %s\n",
272 smb_fname_str_dbg(smb_fname_parent),
277 /* We've already done an lstat into psbuf, and we know it's a
278 directory. If we can cd into the directory and the dev/ino
279 are the same then we can safely chown without races as
280 we're locking the directory in place by being in it. This
281 should work on any UNIX (thanks tridge :-). JRA.
284 saved_dir = vfs_GetWd(ctx,conn);
286 status = map_nt_error_from_unix(errno);
287 DEBUG(0,("change_dir_owner_to_parent: failed to get "
288 "current working directory. Error was %s\n",
293 /* Chdir into the new path. */
294 if (vfs_ChDir(conn, fname) == -1) {
295 status = map_nt_error_from_unix(errno);
296 DEBUG(0,("change_dir_owner_to_parent: failed to change "
297 "current working directory to %s. Error "
298 "was %s\n", fname, strerror(errno) ));
302 status = create_synthetic_smb_fname(ctx, ".", NULL, NULL,
304 if (!NT_STATUS_IS_OK(status)) {
308 ret = SMB_VFS_STAT(conn, smb_fname_cwd);
310 status = map_nt_error_from_unix(errno);
311 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
312 "directory '.' (%s) Error was %s\n",
313 fname, strerror(errno)));
317 /* Ensure we're pointing at the same place. */
318 if (smb_fname_cwd->st.st_ex_dev != psbuf->st_ex_dev ||
319 smb_fname_cwd->st.st_ex_ino != psbuf->st_ex_ino ||
320 smb_fname_cwd->st.st_ex_mode != psbuf->st_ex_mode ) {
321 DEBUG(0,("change_dir_owner_to_parent: "
322 "device/inode/mode on directory %s changed. "
323 "Refusing to chown !\n", fname ));
324 status = NT_STATUS_ACCESS_DENIED;
329 ret = SMB_VFS_CHOWN(conn, ".", smb_fname_parent->st.st_ex_uid,
333 status = map_nt_error_from_unix(errno);
334 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
335 "directory %s to parent directory uid %u. "
336 "Error was %s\n", fname,
337 (unsigned int)smb_fname_parent->st.st_ex_uid,
342 DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
343 "directory %s to parent directory uid %u.\n",
344 fname, (unsigned int)smb_fname_parent->st.st_ex_uid ));
347 vfs_ChDir(conn,saved_dir);
349 TALLOC_FREE(smb_fname_parent);
350 TALLOC_FREE(smb_fname_cwd);
354 /****************************************************************************
356 ****************************************************************************/
358 static NTSTATUS open_file(files_struct *fsp,
359 connection_struct *conn,
360 struct smb_request *req,
361 const char *parent_dir,
364 uint32 access_mask, /* client requested access mask. */
365 uint32 open_access_mask) /* what we're actually using in the open. */
367 struct smb_filename *smb_fname = fsp->fsp_name;
368 NTSTATUS status = NT_STATUS_OK;
369 int accmode = (flags & O_ACCMODE);
370 int local_flags = flags;
371 bool file_existed = VALID_STAT(fsp->fsp_name->st);
376 /* Check permissions */
379 * This code was changed after seeing a client open request
380 * containing the open mode of (DENY_WRITE/read-only) with
381 * the 'create if not exist' bit set. The previous code
382 * would fail to open the file read only on a read-only share
383 * as it was checking the flags parameter directly against O_RDONLY,
384 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
388 if (!CAN_WRITE(conn)) {
389 /* It's a read-only share - fail if we wanted to write. */
390 if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
391 DEBUG(3,("Permission denied opening %s\n",
392 smb_fname_str_dbg(smb_fname)));
393 return NT_STATUS_ACCESS_DENIED;
394 } else if(flags & O_CREAT) {
395 /* We don't want to write - but we must make sure that
396 O_CREAT doesn't create the file if we have write
397 access into the directory.
399 flags &= ~(O_CREAT|O_EXCL);
400 local_flags &= ~(O_CREAT|O_EXCL);
405 * This little piece of insanity is inspired by the
406 * fact that an NT client can open a file for O_RDONLY,
407 * but set the create disposition to FILE_EXISTS_TRUNCATE.
408 * If the client *can* write to the file, then it expects to
409 * truncate the file, even though it is opening for readonly.
410 * Quicken uses this stupid trick in backup file creation...
411 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
412 * for helping track this one down. It didn't bite us in 2.0.x
413 * as we always opened files read-write in that release. JRA.
416 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
417 DEBUG(10,("open_file: truncate requested on read-only open "
418 "for file %s\n", smb_fname_str_dbg(smb_fname)));
419 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
422 if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
423 (!file_existed && (local_flags & O_CREAT)) ||
424 ((local_flags & O_TRUNC) == O_TRUNC) ) {
428 * We can't actually truncate here as the file may be locked.
429 * open_file_ntcreate will take care of the truncate later. JRA.
432 local_flags &= ~O_TRUNC;
434 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
436 * We would block on opening a FIFO with no one else on the
437 * other end. Do what we used to do and add O_NONBLOCK to the
441 if (file_existed && S_ISFIFO(smb_fname->st.st_ex_mode)) {
442 local_flags |= O_NONBLOCK;
446 /* Don't create files with Microsoft wildcard characters. */
449 * wildcard characters are allowed in stream names
450 * only test the basefilename
452 wild = fsp->base_fsp->fsp_name->base_name;
454 wild = smb_fname->base_name;
456 if ((local_flags & O_CREAT) && !file_existed &&
458 return NT_STATUS_OBJECT_NAME_INVALID;
461 /* Actually do the open */
462 status = fd_open(conn, fsp, local_flags, unx_mode);
463 if (!NT_STATUS_IS_OK(status)) {
464 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
465 "(flags=%d)\n", smb_fname_str_dbg(smb_fname),
466 nt_errstr(status),local_flags,flags));
470 if ((local_flags & O_CREAT) && !file_existed) {
472 /* Inherit the ACL if required */
473 if (lp_inherit_perms(SNUM(conn))) {
474 inherit_access_posix_acl(conn, parent_dir,
475 smb_fname->base_name,
479 /* Change the owner if required. */
480 if (lp_inherit_owner(SNUM(conn))) {
481 change_file_owner_to_parent(conn, parent_dir,
485 notify_fname(conn, NOTIFY_ACTION_ADDED,
486 FILE_NOTIFY_CHANGE_FILE_NAME,
487 smb_fname->base_name);
491 fsp->fh->fd = -1; /* What we used to call a stat open. */
493 uint32_t access_granted = 0;
495 status = smbd_check_open_rights(conn,
499 if (!NT_STATUS_IS_OK(status)) {
500 if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
502 * On NT_STATUS_ACCESS_DENIED, access_granted
503 * contains the denied bits.
506 if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
507 (access_granted & FILE_WRITE_ATTRIBUTES) &&
508 (lp_map_readonly(SNUM(conn)) ||
509 lp_map_archive(SNUM(conn)) ||
510 lp_map_hidden(SNUM(conn)) ||
511 lp_map_system(SNUM(conn)))) {
512 access_granted &= ~FILE_WRITE_ATTRIBUTES;
514 DEBUG(10,("open_file: "
523 if ((access_mask & DELETE_ACCESS) &&
524 (access_granted & DELETE_ACCESS) &&
525 can_delete_file_in_directory(conn,
527 /* Were we trying to do a stat open
528 * for delete and didn't get DELETE
529 * access (only) ? Check if the
530 * directory allows DELETE_CHILD.
532 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
535 access_granted &= ~DELETE_ACCESS;
537 DEBUG(10,("open_file: "
545 if (access_granted != 0) {
546 DEBUG(10,("open_file: Access "
553 } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
555 S_ISLNK(smb_fname->st.st_ex_mode)) {
556 /* This is a POSIX stat open for delete
557 * or rename on a symlink that points
559 DEBUG(10,("open_file: allowing POSIX "
560 "open on bad symlink %s\n",
564 DEBUG(10,("open_file: "
565 "smbd_check_open_rights on file "
567 smb_fname_str_dbg(smb_fname),
568 nt_errstr(status) ));
578 if (fsp->fh->fd == -1) {
579 ret = SMB_VFS_STAT(conn, smb_fname);
581 ret = SMB_VFS_FSTAT(fsp, &smb_fname->st);
582 /* If we have an fd, this stat should succeed. */
584 DEBUG(0,("Error doing fstat on open file %s "
586 smb_fname_str_dbg(smb_fname),
591 /* For a non-io open, this stat failing means file not found. JRA */
593 status = map_nt_error_from_unix(errno);
600 * POSIX allows read-only opens of directories. We don't
601 * want to do this (we use a different code path for this)
602 * so catch a directory open and return an EISDIR. JRA.
605 if(S_ISDIR(smb_fname->st.st_ex_mode)) {
608 return NT_STATUS_FILE_IS_A_DIRECTORY;
611 fsp->mode = smb_fname->st.st_ex_mode;
612 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
613 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
614 fsp->file_pid = req ? req->smbpid : 0;
615 fsp->can_lock = True;
616 fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
617 if (!CAN_WRITE(conn)) {
618 fsp->can_write = False;
620 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
623 fsp->print_file = NULL;
624 fsp->modified = False;
625 fsp->sent_oplock_break = NO_BREAK_SENT;
626 fsp->is_directory = False;
627 if (conn->aio_write_behind_list &&
628 is_in_path(smb_fname->base_name, conn->aio_write_behind_list,
629 conn->case_sensitive)) {
630 fsp->aio_write_behind = True;
633 fsp->wcp = NULL; /* Write cache pointer. */
635 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
636 conn->server_info->unix_name,
637 smb_fname_str_dbg(smb_fname),
638 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
639 conn->num_files_open));
645 /*******************************************************************
646 Return True if the filename is one of the special executable types.
647 ********************************************************************/
649 bool is_executable(const char *fname)
651 if ((fname = strrchr_m(fname,'.'))) {
652 if (strequal(fname,".com") ||
653 strequal(fname,".dll") ||
654 strequal(fname,".exe") ||
655 strequal(fname,".sym")) {
662 /****************************************************************************
663 Check if we can open a file with a share mode.
664 Returns True if conflict, False if not.
665 ****************************************************************************/
667 static bool share_conflict(struct share_mode_entry *entry,
671 DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
672 "entry->share_access = 0x%x, "
673 "entry->private_options = 0x%x\n",
674 (unsigned int)entry->access_mask,
675 (unsigned int)entry->share_access,
676 (unsigned int)entry->private_options));
678 DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
679 (unsigned int)access_mask, (unsigned int)share_access));
681 if ((entry->access_mask & (FILE_WRITE_DATA|
685 DELETE_ACCESS)) == 0) {
686 DEBUG(10,("share_conflict: No conflict due to "
687 "entry->access_mask = 0x%x\n",
688 (unsigned int)entry->access_mask ));
692 if ((access_mask & (FILE_WRITE_DATA|
696 DELETE_ACCESS)) == 0) {
697 DEBUG(10,("share_conflict: No conflict due to "
698 "access_mask = 0x%x\n",
699 (unsigned int)access_mask ));
703 #if 1 /* JRA TEST - Superdebug. */
704 #define CHECK_MASK(num, am, right, sa, share) \
705 DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
706 (unsigned int)(num), (unsigned int)(am), \
707 (unsigned int)(right), (unsigned int)(am)&(right) )); \
708 DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
709 (unsigned int)(num), (unsigned int)(sa), \
710 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
711 if (((am) & (right)) && !((sa) & (share))) { \
712 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
713 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
714 (unsigned int)(share) )); \
718 #define CHECK_MASK(num, am, right, sa, share) \
719 if (((am) & (right)) && !((sa) & (share))) { \
720 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
721 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
722 (unsigned int)(share) )); \
727 CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
728 share_access, FILE_SHARE_WRITE);
729 CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
730 entry->share_access, FILE_SHARE_WRITE);
732 CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
733 share_access, FILE_SHARE_READ);
734 CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
735 entry->share_access, FILE_SHARE_READ);
737 CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
738 share_access, FILE_SHARE_DELETE);
739 CHECK_MASK(6, access_mask, DELETE_ACCESS,
740 entry->share_access, FILE_SHARE_DELETE);
742 DEBUG(10,("share_conflict: No conflict.\n"));
746 #if defined(DEVELOPER)
747 static void validate_my_share_entries(struct smbd_server_connection *sconn,
749 struct share_mode_entry *share_entry)
753 if (!procid_is_me(&share_entry->pid)) {
757 if (is_deferred_open_entry(share_entry) &&
758 !open_was_deferred(share_entry->op_mid)) {
759 char *str = talloc_asprintf(talloc_tos(),
760 "Got a deferred entry without a request: "
762 share_mode_str(talloc_tos(), num, share_entry));
766 if (!is_valid_share_mode_entry(share_entry)) {
770 fsp = file_find_dif(sconn, share_entry->id,
771 share_entry->share_file_id);
773 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
774 share_mode_str(talloc_tos(), num, share_entry) ));
775 smb_panic("validate_my_share_entries: Cannot match a "
776 "share entry with an open file\n");
779 if (is_deferred_open_entry(share_entry) ||
780 is_unused_share_mode_entry(share_entry)) {
784 if ((share_entry->op_type == NO_OPLOCK) &&
785 (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
786 /* Someone has already written to it, but I haven't yet
791 if (((uint16)fsp->oplock_type) != share_entry->op_type) {
800 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
801 share_mode_str(talloc_tos(), num, share_entry) ));
802 str = talloc_asprintf(talloc_tos(),
803 "validate_my_share_entries: "
804 "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
805 fsp->fsp_name->base_name,
806 (unsigned int)fsp->oplock_type,
807 (unsigned int)share_entry->op_type );
813 bool is_stat_open(uint32 access_mask)
815 return (access_mask &&
816 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
817 FILE_WRITE_ATTRIBUTES))==0) &&
818 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
819 FILE_WRITE_ATTRIBUTES)) != 0));
822 /****************************************************************************
823 Deal with share modes
824 Invarient: Share mode must be locked on entry and exit.
825 Returns -1 on error, or number of share modes on success (may be zero).
826 ****************************************************************************/
828 static NTSTATUS open_mode_check(connection_struct *conn,
829 struct share_mode_lock *lck,
832 uint32 create_options,
837 if(lck->num_share_modes == 0) {
841 *file_existed = True;
843 /* A delete on close prohibits everything */
845 if (lck->delete_on_close) {
846 return NT_STATUS_DELETE_PENDING;
849 if (is_stat_open(access_mask)) {
850 /* Stat open that doesn't trigger oplock breaks or share mode
851 * checks... ! JRA. */
856 * Check if the share modes will give us access.
859 #if defined(DEVELOPER)
860 for(i = 0; i < lck->num_share_modes; i++) {
861 validate_my_share_entries(conn->sconn, i,
862 &lck->share_modes[i]);
866 if (!lp_share_modes(SNUM(conn))) {
870 /* Now we check the share modes, after any oplock breaks. */
871 for(i = 0; i < lck->num_share_modes; i++) {
873 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
877 /* someone else has a share lock on it, check to see if we can
879 if (share_conflict(&lck->share_modes[i],
880 access_mask, share_access)) {
881 return NT_STATUS_SHARING_VIOLATION;
888 static bool is_delete_request(files_struct *fsp) {
889 return ((fsp->access_mask == DELETE_ACCESS) &&
890 (fsp->oplock_type == NO_OPLOCK));
894 * Send a break message to the oplock holder and delay the open for
898 static NTSTATUS send_break_message(files_struct *fsp,
899 struct share_mode_entry *exclusive,
904 char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
906 DEBUG(10, ("Sending break request to PID %s\n",
907 procid_str_static(&exclusive->pid)));
908 exclusive->op_mid = mid;
910 /* Create the message. */
911 share_mode_entry_to_message(msg, exclusive);
913 /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
914 don't want this set in the share mode struct pointed to by lck. */
916 if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
917 SSVAL(msg,OP_BREAK_MSG_OP_TYPE_OFFSET,
918 exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
921 status = messaging_send_buf(fsp->conn->sconn->msg_ctx, exclusive->pid,
922 MSG_SMB_BREAK_REQUEST,
924 MSG_SMB_SHARE_MODE_ENTRY_SIZE);
925 if (!NT_STATUS_IS_OK(status)) {
926 DEBUG(3, ("Could not send oplock break message: %s\n",
934 * 1) No files open at all or internal open: Grant whatever the client wants.
936 * 2) Exclusive (or batch) oplock around: If the requested access is a delete
937 * request, break if the oplock around is a batch oplock. If it's another
938 * requested access type, break.
940 * 3) Only level2 around: Grant level2 and do nothing else.
943 static bool delay_for_oplocks(struct share_mode_lock *lck,
950 struct share_mode_entry *exclusive = NULL;
951 bool valid_entry = false;
952 bool have_level2 = false;
953 bool have_a_none_oplock = false;
954 bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
955 lp_level2_oplocks(SNUM(fsp->conn));
957 if (oplock_request & INTERNAL_OPEN_ONLY) {
958 fsp->oplock_type = NO_OPLOCK;
961 if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
965 for (i=0; i<lck->num_share_modes; i++) {
967 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
971 /* At least one entry is not an invalid or deferred entry. */
974 if (pass_number == 1) {
975 if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
976 SMB_ASSERT(exclusive == NULL);
977 exclusive = &lck->share_modes[i];
980 if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
981 SMB_ASSERT(exclusive == NULL);
982 exclusive = &lck->share_modes[i];
986 if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
987 SMB_ASSERT(exclusive == NULL);
991 if (lck->share_modes[i].op_type == NO_OPLOCK) {
992 have_a_none_oplock = true;
996 if (exclusive != NULL) { /* Found an exclusive oplock */
997 bool delay_it = is_delete_request(fsp) ?
998 BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
999 SMB_ASSERT(!have_level2);
1001 send_break_message(fsp, exclusive, mid, oplock_request);
1007 * Match what was requested (fsp->oplock_type) with
1008 * what was found in the existing share modes.
1012 /* All entries are placeholders or deferred.
1013 * Directly grant whatever the client wants. */
1014 if (fsp->oplock_type == NO_OPLOCK) {
1015 /* Store a level2 oplock, but don't tell the client */
1016 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1018 } else if (have_a_none_oplock) {
1019 fsp->oplock_type = NO_OPLOCK;
1020 } else if (have_level2) {
1021 if (fsp->oplock_type == NO_OPLOCK ||
1022 fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
1023 /* Store a level2 oplock, but don't tell the client */
1024 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1026 fsp->oplock_type = LEVEL_II_OPLOCK;
1029 /* This case can never happen. */
1034 * Don't grant level2 to clients that don't want them
1035 * or if we've turned them off.
1037 if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
1038 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
1041 DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
1042 fsp->oplock_type, fsp_str_dbg(fsp)));
1048 bool request_timed_out(struct timeval request_time,
1049 struct timeval timeout)
1051 struct timeval now, end_time;
1053 end_time = timeval_sum(&request_time, &timeout);
1054 return (timeval_compare(&end_time, &now) < 0);
1057 /****************************************************************************
1058 Handle the 1 second delay in returning a SHARING_VIOLATION error.
1059 ****************************************************************************/
1061 static void defer_open(struct share_mode_lock *lck,
1062 struct timeval request_time,
1063 struct timeval timeout,
1064 struct smb_request *req,
1065 struct deferred_open_record *state)
1069 /* Paranoia check */
1071 for (i=0; i<lck->num_share_modes; i++) {
1072 struct share_mode_entry *e = &lck->share_modes[i];
1074 if (!is_deferred_open_entry(e)) {
1078 if (procid_is_me(&e->pid) && (e->op_mid == req->mid)) {
1079 DEBUG(0, ("Trying to defer an already deferred "
1080 "request: mid=%llu, exiting\n",
1081 (unsigned long long)req->mid));
1082 exit_server("attempt to defer a deferred request");
1086 /* End paranoia check */
1088 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
1089 "open entry for mid %llu\n",
1090 (unsigned int)request_time.tv_sec,
1091 (unsigned int)request_time.tv_usec,
1092 (unsigned long long)req->mid));
1094 if (!push_deferred_open_message_smb(req, request_time, timeout,
1095 state->id, (char *)state, sizeof(*state))) {
1096 exit_server("push_deferred_open_message_smb failed");
1098 add_deferred_open(lck, req->mid, request_time,
1099 sconn_server_id(req->sconn), state->id);
1103 /****************************************************************************
1104 On overwrite open ensure that the attributes match.
1105 ****************************************************************************/
1107 bool open_match_attributes(connection_struct *conn,
1108 uint32 old_dos_attr,
1109 uint32 new_dos_attr,
1110 mode_t existing_unx_mode,
1111 mode_t new_unx_mode,
1112 mode_t *returned_unx_mode)
1114 uint32 noarch_old_dos_attr, noarch_new_dos_attr;
1116 noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1117 noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
1119 if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) ||
1120 (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
1121 *returned_unx_mode = new_unx_mode;
1123 *returned_unx_mode = (mode_t)0;
1126 DEBUG(10,("open_match_attributes: old_dos_attr = 0x%x, "
1127 "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
1128 "returned_unx_mode = 0%o\n",
1129 (unsigned int)old_dos_attr,
1130 (unsigned int)existing_unx_mode,
1131 (unsigned int)new_dos_attr,
1132 (unsigned int)*returned_unx_mode ));
1134 /* If we're mapping SYSTEM and HIDDEN ensure they match. */
1135 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1136 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
1137 !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
1141 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
1142 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
1143 !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
1150 /****************************************************************************
1151 Special FCB or DOS processing in the case of a sharing violation.
1152 Try and find a duplicated file handle.
1153 ****************************************************************************/
1155 NTSTATUS fcb_or_dos_open(struct smb_request *req,
1156 connection_struct *conn,
1157 files_struct *fsp_to_dup_into,
1158 const struct smb_filename *smb_fname,
1163 uint32 share_access,
1164 uint32 create_options)
1168 DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
1169 "file %s.\n", smb_fname_str_dbg(smb_fname)));
1171 for(fsp = file_find_di_first(conn->sconn, id); fsp;
1172 fsp = file_find_di_next(fsp)) {
1174 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
1175 "vuid = %u, file_pid = %u, private_options = 0x%x "
1176 "access_mask = 0x%x\n", fsp_str_dbg(fsp),
1177 fsp->fh->fd, (unsigned int)fsp->vuid,
1178 (unsigned int)fsp->file_pid,
1179 (unsigned int)fsp->fh->private_options,
1180 (unsigned int)fsp->access_mask ));
1182 if (fsp->fh->fd != -1 &&
1183 fsp->vuid == vuid &&
1184 fsp->file_pid == file_pid &&
1185 (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
1186 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
1187 (fsp->access_mask & FILE_WRITE_DATA) &&
1188 strequal(fsp->fsp_name->base_name, smb_fname->base_name) &&
1189 strequal(fsp->fsp_name->stream_name,
1190 smb_fname->stream_name)) {
1191 DEBUG(10,("fcb_or_dos_open: file match\n"));
1197 return NT_STATUS_NOT_FOUND;
1200 /* quite an insane set of semantics ... */
1201 if (is_executable(smb_fname->base_name) &&
1202 (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
1203 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
1204 return NT_STATUS_INVALID_PARAMETER;
1207 /* We need to duplicate this fsp. */
1208 return dup_file_fsp(req, fsp, access_mask, share_access,
1209 create_options, fsp_to_dup_into);
1212 /****************************************************************************
1213 Open a file with a share mode - old openX method - map into NTCreate.
1214 ****************************************************************************/
1216 bool map_open_params_to_ntcreate(const struct smb_filename *smb_fname,
1217 int deny_mode, int open_func,
1218 uint32 *paccess_mask,
1219 uint32 *pshare_mode,
1220 uint32 *pcreate_disposition,
1221 uint32 *pcreate_options,
1222 uint32_t *pprivate_flags)
1226 uint32 create_disposition;
1227 uint32 create_options = FILE_NON_DIRECTORY_FILE;
1228 uint32_t private_flags = 0;
1230 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1231 "open_func = 0x%x\n",
1232 smb_fname_str_dbg(smb_fname), (unsigned int)deny_mode,
1233 (unsigned int)open_func ));
1235 /* Create the NT compatible access_mask. */
1236 switch (GET_OPENX_MODE(deny_mode)) {
1237 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1238 case DOS_OPEN_RDONLY:
1239 access_mask = FILE_GENERIC_READ;
1241 case DOS_OPEN_WRONLY:
1242 access_mask = FILE_GENERIC_WRITE;
1246 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1249 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
1250 (unsigned int)GET_OPENX_MODE(deny_mode)));
1254 /* Create the NT compatible create_disposition. */
1255 switch (open_func) {
1256 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
1257 create_disposition = FILE_CREATE;
1260 case OPENX_FILE_EXISTS_OPEN:
1261 create_disposition = FILE_OPEN;
1264 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
1265 create_disposition = FILE_OPEN_IF;
1268 case OPENX_FILE_EXISTS_TRUNCATE:
1269 create_disposition = FILE_OVERWRITE;
1272 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
1273 create_disposition = FILE_OVERWRITE_IF;
1277 /* From samba4 - to be confirmed. */
1278 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
1279 create_disposition = FILE_CREATE;
1282 DEBUG(10,("map_open_params_to_ntcreate: bad "
1283 "open_func 0x%x\n", (unsigned int)open_func));
1287 /* Create the NT compatible share modes. */
1288 switch (GET_DENY_MODE(deny_mode)) {
1290 share_mode = FILE_SHARE_NONE;
1294 share_mode = FILE_SHARE_READ;
1298 share_mode = FILE_SHARE_WRITE;
1302 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1306 private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1307 if (is_executable(smb_fname->base_name)) {
1308 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1310 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1311 share_mode = FILE_SHARE_READ;
1313 share_mode = FILE_SHARE_NONE;
1319 private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1320 share_mode = FILE_SHARE_NONE;
1324 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1325 (unsigned int)GET_DENY_MODE(deny_mode) ));
1329 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1330 "share_mode = 0x%x, create_disposition = 0x%x, "
1331 "create_options = 0x%x private_flags = 0x%x\n",
1332 smb_fname_str_dbg(smb_fname),
1333 (unsigned int)access_mask,
1334 (unsigned int)share_mode,
1335 (unsigned int)create_disposition,
1336 (unsigned int)create_options,
1337 (unsigned int)private_flags));
1340 *paccess_mask = access_mask;
1343 *pshare_mode = share_mode;
1345 if (pcreate_disposition) {
1346 *pcreate_disposition = create_disposition;
1348 if (pcreate_options) {
1349 *pcreate_options = create_options;
1351 if (pprivate_flags) {
1352 *pprivate_flags = private_flags;
1359 static void schedule_defer_open(struct share_mode_lock *lck,
1360 struct timeval request_time,
1361 struct smb_request *req)
1363 struct deferred_open_record state;
1365 /* This is a relative time, added to the absolute
1366 request_time value to get the absolute timeout time.
1367 Note that if this is the second or greater time we enter
1368 this codepath for this particular request mid then
1369 request_time is left as the absolute time of the *first*
1370 time this request mid was processed. This is what allows
1371 the request to eventually time out. */
1373 struct timeval timeout;
1375 /* Normally the smbd we asked should respond within
1376 * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1377 * the client did, give twice the timeout as a safety
1378 * measure here in case the other smbd is stuck
1379 * somewhere else. */
1381 timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1383 /* Nothing actually uses state.delayed_for_oplocks
1384 but it's handy to differentiate in debug messages
1385 between a 30 second delay due to oplock break, and
1386 a 1 second delay for share mode conflicts. */
1388 state.delayed_for_oplocks = True;
1391 if (!request_timed_out(request_time, timeout)) {
1392 defer_open(lck, request_time, timeout, req, &state);
1396 /****************************************************************************
1397 Work out what access_mask to use from what the client sent us.
1398 ****************************************************************************/
1400 static NTSTATUS calculate_access_mask(connection_struct *conn,
1401 const struct smb_filename *smb_fname,
1403 uint32_t access_mask,
1404 uint32_t *access_mask_out)
1409 * Convert GENERIC bits to specific bits.
1412 se_map_generic(&access_mask, &file_generic_mapping);
1414 /* Calculate MAXIMUM_ALLOWED_ACCESS if requested. */
1415 if (access_mask & MAXIMUM_ALLOWED_ACCESS) {
1418 struct security_descriptor *sd;
1419 uint32_t access_granted = 0;
1421 status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
1426 if (!NT_STATUS_IS_OK(status)) {
1427 DEBUG(10, ("calculate_access_mask: Could not get acl "
1429 smb_fname_str_dbg(smb_fname),
1430 nt_errstr(status)));
1431 return NT_STATUS_ACCESS_DENIED;
1434 status = smb1_file_se_access_check(conn,
1436 get_current_nttok(conn),
1442 if (!NT_STATUS_IS_OK(status)) {
1443 DEBUG(10, ("calculate_access_mask: Access denied on "
1444 "file %s: when calculating maximum access\n",
1445 smb_fname_str_dbg(smb_fname)));
1446 return NT_STATUS_ACCESS_DENIED;
1449 access_mask = access_granted;
1451 access_mask = FILE_GENERIC_ALL;
1455 *access_mask_out = access_mask;
1456 return NT_STATUS_OK;
1459 /****************************************************************************
1460 Remove the deferred open entry under lock.
1461 ****************************************************************************/
1463 void remove_deferred_open_entry(struct file_id id, uint64_t mid,
1464 struct server_id pid)
1466 struct share_mode_lock *lck = get_share_mode_lock(talloc_tos(), id,
1469 DEBUG(0, ("could not get share mode lock\n"));
1471 del_deferred_open_entry(lck, mid, pid);
1476 /****************************************************************************
1477 Open a file with a share mode. Passed in an already created files_struct *.
1478 ****************************************************************************/
1480 static NTSTATUS open_file_ntcreate(connection_struct *conn,
1481 struct smb_request *req,
1482 uint32 access_mask, /* access bits (FILE_READ_DATA etc.) */
1483 uint32 share_access, /* share constants (FILE_SHARE_READ etc) */
1484 uint32 create_disposition, /* FILE_OPEN_IF etc. */
1485 uint32 create_options, /* options such as delete on close. */
1486 uint32 new_dos_attributes, /* attributes used for new file. */
1487 int oplock_request, /* internal Samba oplock codes. */
1488 /* Information (FILE_EXISTS etc.) */
1489 uint32_t private_flags, /* Samba specific flags. */
1493 struct smb_filename *smb_fname = fsp->fsp_name;
1496 bool file_existed = VALID_STAT(smb_fname->st);
1497 bool def_acl = False;
1498 bool posix_open = False;
1499 bool new_file_created = False;
1500 bool clear_ads = false;
1502 NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1503 mode_t new_unx_mode = (mode_t)0;
1504 mode_t unx_mode = (mode_t)0;
1506 uint32 existing_dos_attributes = 0;
1507 struct timeval request_time = timeval_zero();
1508 struct share_mode_lock *lck = NULL;
1509 uint32 open_access_mask = access_mask;
1515 /* Windows allows a new file to be created and
1516 silently removes a FILE_ATTRIBUTE_DIRECTORY
1517 sent by the client. Do the same. */
1519 new_dos_attributes &= ~FILE_ATTRIBUTE_DIRECTORY;
1521 if (conn->printer) {
1523 * Printers are handled completely differently.
1524 * Most of the passed parameters are ignored.
1528 *pinfo = FILE_WAS_CREATED;
1531 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n",
1532 smb_fname_str_dbg(smb_fname)));
1535 DEBUG(0,("open_file_ntcreate: printer open without "
1536 "an SMB request!\n"));
1537 return NT_STATUS_INTERNAL_ERROR;
1540 return print_spool_open(fsp, smb_fname->base_name,
1544 if (!parent_dirname(talloc_tos(), smb_fname->base_name, &parent_dir,
1546 return NT_STATUS_NO_MEMORY;
1549 if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1551 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1552 new_dos_attributes = 0;
1554 /* We add aARCH to this as this mode is only used if the file is
1556 unx_mode = unix_mode(conn, new_dos_attributes | aARCH,
1557 smb_fname, parent_dir);
1560 DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1561 "access_mask=0x%x share_access=0x%x "
1562 "create_disposition = 0x%x create_options=0x%x "
1563 "unix mode=0%o oplock_request=%d private_flags = 0x%x\n",
1564 smb_fname_str_dbg(smb_fname), new_dos_attributes,
1565 access_mask, share_access, create_disposition,
1566 create_options, (unsigned int)unx_mode, oplock_request,
1567 (unsigned int)private_flags));
1569 if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
1570 DEBUG(0, ("No smb request but not an internal only open!\n"));
1571 return NT_STATUS_INTERNAL_ERROR;
1575 * Only non-internal opens can be deferred at all
1580 if (get_deferred_open_message_state(req,
1584 struct deferred_open_record *state = (struct deferred_open_record *)ptr;
1585 /* Remember the absolute time of the original
1586 request with this mid. We'll use it later to
1587 see if this has timed out. */
1589 /* Remove the deferred open entry under lock. */
1590 remove_deferred_open_entry(
1591 state->id, req->mid,
1592 sconn_server_id(req->sconn));
1594 /* Ensure we don't reprocess this message. */
1595 remove_deferred_open_message_smb(req->mid);
1599 status = check_name(conn, smb_fname->base_name);
1600 if (!NT_STATUS_IS_OK(status)) {
1605 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1607 existing_dos_attributes = dos_mode(conn, smb_fname);
1611 /* ignore any oplock requests if oplocks are disabled */
1612 if (!lp_oplocks(SNUM(conn)) ||
1613 IS_VETO_OPLOCK_PATH(conn, smb_fname->base_name)) {
1614 /* Mask off everything except the private Samba bits. */
1615 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1618 /* this is for OS/2 long file names - say we don't support them */
1619 if (!lp_posix_pathnames() && strstr(smb_fname->base_name,".+,;=[].")) {
1620 /* OS/2 Workplace shell fix may be main code stream in a later
1622 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1624 if (use_nt_status()) {
1625 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1627 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1630 switch( create_disposition ) {
1632 * Currently we're using FILE_SUPERSEDE as the same as
1633 * FILE_OVERWRITE_IF but they really are
1634 * different. FILE_SUPERSEDE deletes an existing file
1635 * (requiring delete access) then recreates it.
1637 case FILE_SUPERSEDE:
1638 /* If file exists replace/overwrite. If file doesn't
1640 flags2 |= (O_CREAT | O_TRUNC);
1644 case FILE_OVERWRITE_IF:
1645 /* If file exists replace/overwrite. If file doesn't
1647 flags2 |= (O_CREAT | O_TRUNC);
1652 /* If file exists open. If file doesn't exist error. */
1653 if (!file_existed) {
1654 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1655 "requested for file %s and file "
1657 smb_fname_str_dbg(smb_fname)));
1659 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1663 case FILE_OVERWRITE:
1664 /* If file exists overwrite. If file doesn't exist
1666 if (!file_existed) {
1667 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1668 "requested for file %s and file "
1670 smb_fname_str_dbg(smb_fname) ));
1672 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1679 /* If file exists error. If file doesn't exist
1682 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1683 "requested for file %s and file "
1684 "already exists.\n",
1685 smb_fname_str_dbg(smb_fname)));
1686 if (S_ISDIR(smb_fname->st.st_ex_mode)) {
1691 return map_nt_error_from_unix(errno);
1693 flags2 |= (O_CREAT|O_EXCL);
1697 /* If file exists open. If file doesn't exist
1703 return NT_STATUS_INVALID_PARAMETER;
1706 /* We only care about matching attributes on file exists and
1709 if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1710 (create_disposition == FILE_OVERWRITE_IF))) {
1711 if (!open_match_attributes(conn, existing_dos_attributes,
1713 smb_fname->st.st_ex_mode,
1714 unx_mode, &new_unx_mode)) {
1715 DEBUG(5,("open_file_ntcreate: attributes missmatch "
1716 "for file %s (%x %x) (0%o, 0%o)\n",
1717 smb_fname_str_dbg(smb_fname),
1718 existing_dos_attributes,
1720 (unsigned int)smb_fname->st.st_ex_mode,
1721 (unsigned int)unx_mode ));
1723 return NT_STATUS_ACCESS_DENIED;
1727 status = calculate_access_mask(conn, smb_fname, file_existed,
1730 if (!NT_STATUS_IS_OK(status)) {
1731 DEBUG(10, ("open_file_ntcreate: calculate_access_mask "
1732 "on file %s returned %s\n",
1733 smb_fname_str_dbg(smb_fname), nt_errstr(status)));
1737 open_access_mask = access_mask;
1739 if ((flags2 & O_TRUNC) || (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1740 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1743 DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1744 "access_mask=0x%x\n", smb_fname_str_dbg(smb_fname),
1748 * Note that we ignore the append flag as append does not
1749 * mean the same thing under DOS and Unix.
1752 if ((access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ||
1753 (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE)) {
1754 /* DENY_DOS opens are always underlying read-write on the
1755 file handle, no matter what the requested access mask
1757 if ((private_flags & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1758 access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1768 * Currently we only look at FILE_WRITE_THROUGH for create options.
1772 if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1777 if (posix_open && (access_mask & FILE_APPEND_DATA)) {
1781 if (!posix_open && !CAN_WRITE(conn)) {
1783 * We should really return a permission denied error if either
1784 * O_CREAT or O_TRUNC are set, but for compatibility with
1785 * older versions of Samba we just AND them out.
1787 flags2 &= ~(O_CREAT|O_TRUNC);
1791 * Ensure we can't write on a read-only share or file.
1794 if (flags != O_RDONLY && file_existed &&
1795 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1796 DEBUG(5,("open_file_ntcreate: write access requested for "
1797 "file %s on read only %s\n",
1798 smb_fname_str_dbg(smb_fname),
1799 !CAN_WRITE(conn) ? "share" : "file" ));
1801 return NT_STATUS_ACCESS_DENIED;
1804 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1805 fsp->share_access = share_access;
1806 fsp->fh->private_options = private_flags;
1807 fsp->access_mask = open_access_mask; /* We change this to the
1808 * requested access_mask after
1809 * the open is done. */
1810 fsp->posix_open = posix_open;
1812 /* Ensure no SAMBA_PRIVATE bits can be set. */
1813 fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1815 if (timeval_is_zero(&request_time)) {
1816 request_time = fsp->open_time;
1820 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
1821 id = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1823 lck = get_share_mode_lock(talloc_tos(), id,
1825 smb_fname, &old_write_time);
1828 DEBUG(0, ("Could not get share mode lock\n"));
1829 return NT_STATUS_SHARING_VIOLATION;
1832 /* First pass - send break only on batch oplocks. */
1834 && delay_for_oplocks(lck, fsp, req->mid, 1,
1836 schedule_defer_open(lck, request_time, req);
1838 return NT_STATUS_SHARING_VIOLATION;
1841 /* Use the client requested access mask here, not the one we
1843 status = open_mode_check(conn, lck, access_mask, share_access,
1844 create_options, &file_existed);
1846 if (NT_STATUS_IS_OK(status)) {
1847 /* We might be going to allow this open. Check oplock
1849 /* Second pass - send break for both batch or
1850 * exclusive oplocks. */
1852 && delay_for_oplocks(lck, fsp, req->mid, 2,
1854 schedule_defer_open(lck, request_time, req);
1856 return NT_STATUS_SHARING_VIOLATION;
1860 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1861 /* DELETE_PENDING is not deferred for a second */
1866 if (!NT_STATUS_IS_OK(status)) {
1867 uint32 can_access_mask;
1868 bool can_access = True;
1870 SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1872 /* Check if this can be done with the deny_dos and fcb
1875 (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1876 NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1878 DEBUG(0, ("DOS open without an SMB "
1881 return NT_STATUS_INTERNAL_ERROR;
1884 /* Use the client requested access mask here,
1885 * not the one we open with. */
1886 status = fcb_or_dos_open(req,
1897 if (NT_STATUS_IS_OK(status)) {
1900 *pinfo = FILE_WAS_OPENED;
1902 return NT_STATUS_OK;
1907 * This next line is a subtlety we need for
1908 * MS-Access. If a file open will fail due to share
1909 * permissions and also for security (access) reasons,
1910 * we need to return the access failed error, not the
1911 * share error. We can't open the file due to kernel
1912 * oplock deadlock (it's possible we failed above on
1913 * the open_mode_check()) so use a userspace check.
1916 if (flags & O_RDWR) {
1917 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1918 } else if (flags & O_WRONLY) {
1919 can_access_mask = FILE_WRITE_DATA;
1921 can_access_mask = FILE_READ_DATA;
1924 if (((can_access_mask & FILE_WRITE_DATA) &&
1925 !CAN_WRITE(conn)) ||
1926 !can_access_file_data(conn, smb_fname,
1932 * If we're returning a share violation, ensure we
1933 * cope with the braindead 1 second delay.
1936 if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1937 lp_defer_sharing_violations()) {
1938 struct timeval timeout;
1939 struct deferred_open_record state;
1942 /* this is a hack to speed up torture tests
1944 timeout_usecs = lp_parm_int(SNUM(conn),
1945 "smbd","sharedelay",
1946 SHARING_VIOLATION_USEC_WAIT);
1948 /* This is a relative time, added to the absolute
1949 request_time value to get the absolute timeout time.
1950 Note that if this is the second or greater time we enter
1951 this codepath for this particular request mid then
1952 request_time is left as the absolute time of the *first*
1953 time this request mid was processed. This is what allows
1954 the request to eventually time out. */
1956 timeout = timeval_set(0, timeout_usecs);
1958 /* Nothing actually uses state.delayed_for_oplocks
1959 but it's handy to differentiate in debug messages
1960 between a 30 second delay due to oplock break, and
1961 a 1 second delay for share mode conflicts. */
1963 state.delayed_for_oplocks = False;
1967 && !request_timed_out(request_time,
1969 defer_open(lck, request_time, timeout,
1977 * We have detected a sharing violation here
1978 * so return the correct error code
1980 status = NT_STATUS_SHARING_VIOLATION;
1982 status = NT_STATUS_ACCESS_DENIED;
1988 * We exit this block with the share entry *locked*.....
1992 SMB_ASSERT(!file_existed || (lck != NULL));
1995 * Ensure we pay attention to default ACLs on directories if required.
1998 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1999 (def_acl = directory_has_default_acl(conn, parent_dir))) {
2000 unx_mode = (0777 & lp_create_mask(SNUM(conn)));
2003 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
2004 "access_mask = 0x%x, open_access_mask = 0x%x\n",
2005 (unsigned int)flags, (unsigned int)flags2,
2006 (unsigned int)unx_mode, (unsigned int)access_mask,
2007 (unsigned int)open_access_mask));
2010 * open_file strips any O_TRUNC flags itself.
2013 fsp_open = open_file(fsp, conn, req, parent_dir,
2014 flags|flags2, unx_mode, access_mask,
2017 if (!NT_STATUS_IS_OK(fsp_open)) {
2024 if (!file_existed) {
2025 struct timespec old_write_time = smb_fname->st.st_ex_mtime;
2027 * Deal with the race condition where two smbd's detect the
2028 * file doesn't exist and do the create at the same time. One
2029 * of them will win and set a share mode, the other (ie. this
2030 * one) should check if the requested share mode for this
2031 * create is allowed.
2035 * Now the file exists and fsp is successfully opened,
2036 * fsp->dev and fsp->inode are valid and should replace the
2037 * dev=0,inode=0 from a non existent file. Spotted by
2038 * Nadav Danieli <nadavd@exanet.com>. JRA.
2043 lck = get_share_mode_lock(talloc_tos(), id,
2045 smb_fname, &old_write_time);
2048 DEBUG(0, ("open_file_ntcreate: Could not get share "
2049 "mode lock for %s\n",
2050 smb_fname_str_dbg(smb_fname)));
2052 return NT_STATUS_SHARING_VIOLATION;
2055 /* First pass - send break only on batch oplocks. */
2057 && delay_for_oplocks(lck, fsp, req->mid, 1,
2059 schedule_defer_open(lck, request_time, req);
2062 return NT_STATUS_SHARING_VIOLATION;
2065 status = open_mode_check(conn, lck, access_mask, share_access,
2066 create_options, &file_existed);
2068 if (NT_STATUS_IS_OK(status)) {
2069 /* We might be going to allow this open. Check oplock
2071 /* Second pass - send break for both batch or
2072 * exclusive oplocks. */
2074 && delay_for_oplocks(lck, fsp, req->mid, 2,
2076 schedule_defer_open(lck, request_time, req);
2079 return NT_STATUS_SHARING_VIOLATION;
2083 if (!NT_STATUS_IS_OK(status)) {
2084 struct deferred_open_record state;
2088 state.delayed_for_oplocks = False;
2091 /* Do it all over again immediately. In the second
2092 * round we will find that the file existed and handle
2093 * the DELETE_PENDING and FCB cases correctly. No need
2094 * to duplicate the code here. Essentially this is a
2095 * "goto top of this function", but don't tell
2099 defer_open(lck, request_time, timeval_zero(),
2107 * We exit this block with the share entry *locked*.....
2112 SMB_ASSERT(lck != NULL);
2114 /* Delete streams if create_disposition requires it */
2115 if (file_existed && clear_ads &&
2116 !is_ntfs_stream_smb_fname(smb_fname)) {
2117 status = delete_all_streams(conn, smb_fname->base_name);
2118 if (!NT_STATUS_IS_OK(status)) {
2125 /* note that we ignore failure for the following. It is
2126 basically a hack for NFS, and NFS will never set one of
2127 these only read them. Nobody but Samba can ever set a deny
2128 mode and we have already checked our more authoritative
2129 locking database for permission to set this deny mode. If
2130 the kernel refuses the operations then the kernel is wrong.
2131 note that GPFS supports it as well - jmcd */
2133 if (fsp->fh->fd != -1) {
2135 ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, share_access, access_mask);
2136 if(ret_flock == -1 ){
2141 return NT_STATUS_SHARING_VIOLATION;
2146 * At this point onwards, we can guarentee that the share entry
2147 * is locked, whether we created the file or not, and that the
2148 * deny mode is compatible with all current opens.
2152 * If requested, truncate the file.
2155 if (file_existed && (flags2&O_TRUNC)) {
2157 * We are modifing the file after open - update the stat
2160 if ((SMB_VFS_FTRUNCATE(fsp, 0) == -1) ||
2161 (SMB_VFS_FSTAT(fsp, &smb_fname->st)==-1)) {
2162 status = map_nt_error_from_unix(errno);
2170 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2172 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2175 /* stat opens on existing files don't get oplocks. */
2176 if (is_stat_open(open_access_mask)) {
2177 fsp->oplock_type = NO_OPLOCK;
2180 if (!(flags2 & O_TRUNC)) {
2181 info = FILE_WAS_OPENED;
2183 info = FILE_WAS_OVERWRITTEN;
2186 info = FILE_WAS_CREATED;
2194 * Setup the oplock info in both the shared memory and
2198 if (!set_file_oplock(fsp, fsp->oplock_type)) {
2199 /* Could not get the kernel oplock */
2200 fsp->oplock_type = NO_OPLOCK;
2203 if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
2204 new_file_created = True;
2207 set_share_mode(lck, fsp, get_current_uid(conn), 0,
2210 /* Handle strange delete on close create semantics. */
2211 if (create_options & FILE_DELETE_ON_CLOSE) {
2213 status = can_set_delete_on_close(fsp, new_dos_attributes);
2215 if (!NT_STATUS_IS_OK(status)) {
2216 /* Remember to delete the mode we just added. */
2217 del_share_mode(lck, fsp);
2222 /* Note that here we set the *inital* delete on close flag,
2223 not the regular one. The magic gets handled in close. */
2224 fsp->initial_delete_on_close = True;
2227 if (new_file_created) {
2228 /* Files should be initially set as archive */
2229 if (lp_map_archive(SNUM(conn)) ||
2230 lp_store_dos_attributes(SNUM(conn))) {
2232 if (file_set_dosmode(conn, smb_fname,
2233 new_dos_attributes | aARCH,
2234 parent_dir, true) == 0) {
2235 unx_mode = smb_fname->st.st_ex_mode;
2242 * Take care of inherited ACLs on created files - if default ACL not
2246 if (!posix_open && !file_existed && !def_acl) {
2248 int saved_errno = errno; /* We might get ENOSYS in the next
2251 if (SMB_VFS_FCHMOD_ACL(fsp, unx_mode) == -1 &&
2253 errno = saved_errno; /* Ignore ENOSYS */
2256 } else if (new_unx_mode) {
2260 /* Attributes need changing. File already existed. */
2263 int saved_errno = errno; /* We might get ENOSYS in the
2265 ret = SMB_VFS_FCHMOD_ACL(fsp, new_unx_mode);
2267 if (ret == -1 && errno == ENOSYS) {
2268 errno = saved_errno; /* Ignore ENOSYS */
2270 DEBUG(5, ("open_file_ntcreate: reset "
2271 "attributes of file %s to 0%o\n",
2272 smb_fname_str_dbg(smb_fname),
2273 (unsigned int)new_unx_mode));
2274 ret = 0; /* Don't do the fchmod below. */
2279 (SMB_VFS_FCHMOD(fsp, new_unx_mode) == -1))
2280 DEBUG(5, ("open_file_ntcreate: failed to reset "
2281 "attributes of file %s to 0%o\n",
2282 smb_fname_str_dbg(smb_fname),
2283 (unsigned int)new_unx_mode));
2286 /* If this is a successful open, we must remove any deferred open
2289 del_deferred_open_entry(lck, req->mid,
2290 sconn_server_id(req->sconn));
2294 return NT_STATUS_OK;
2298 /****************************************************************************
2299 Open a file for for write to ensure that we can fchmod it.
2300 ****************************************************************************/
2302 NTSTATUS open_file_fchmod(struct smb_request *req, connection_struct *conn,
2303 struct smb_filename *smb_fname,
2304 files_struct **result)
2306 files_struct *fsp = NULL;
2309 if (!VALID_STAT(smb_fname->st)) {
2310 return NT_STATUS_INVALID_PARAMETER;
2313 status = file_new(req, conn, &fsp);
2314 if(!NT_STATUS_IS_OK(status)) {
2318 status = SMB_VFS_CREATE_FILE(
2321 0, /* root_dir_fid */
2322 smb_fname, /* fname */
2323 FILE_WRITE_DATA, /* access_mask */
2324 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
2326 FILE_OPEN, /* create_disposition*/
2327 0, /* create_options */
2328 0, /* file_attributes */
2329 0, /* oplock_request */
2330 0, /* allocation_size */
2331 0, /* private_flags */
2338 * This is not a user visible file open.
2339 * Don't set a share mode.
2342 if (!NT_STATUS_IS_OK(status)) {
2343 file_free(req, fsp);
2348 return NT_STATUS_OK;
2351 /****************************************************************************
2352 Close the fchmod file fd - ensure no locks are lost.
2353 ****************************************************************************/
2355 NTSTATUS close_file_fchmod(struct smb_request *req, files_struct *fsp)
2357 NTSTATUS status = fd_close(fsp);
2358 file_free(req, fsp);
2362 static NTSTATUS mkdir_internal(connection_struct *conn,
2363 struct smb_filename *smb_dname,
2364 uint32 file_attributes)
2369 bool posix_open = false;
2371 if(!CAN_WRITE(conn)) {
2372 DEBUG(5,("mkdir_internal: failing create on read-only share "
2373 "%s\n", lp_servicename(SNUM(conn))));
2374 return NT_STATUS_ACCESS_DENIED;
2377 status = check_name(conn, smb_dname->base_name);
2378 if (!NT_STATUS_IS_OK(status)) {
2382 if (!parent_dirname(talloc_tos(), smb_dname->base_name, &parent_dir,
2384 return NT_STATUS_NO_MEMORY;
2387 if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
2389 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
2391 mode = unix_mode(conn, aDIR, smb_dname, parent_dir);
2394 if (SMB_VFS_MKDIR(conn, smb_dname->base_name, mode) != 0) {
2395 return map_nt_error_from_unix(errno);
2398 /* Ensure we're checking for a symlink here.... */
2399 /* We don't want to get caught by a symlink racer. */
2401 if (SMB_VFS_LSTAT(conn, smb_dname) == -1) {
2402 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
2403 smb_fname_str_dbg(smb_dname), strerror(errno)));
2404 return map_nt_error_from_unix(errno);
2407 if (!S_ISDIR(smb_dname->st.st_ex_mode)) {
2408 DEBUG(0, ("Directory just '%s' created is not a directory\n",
2409 smb_fname_str_dbg(smb_dname)));
2410 return NT_STATUS_ACCESS_DENIED;
2413 if (lp_store_dos_attributes(SNUM(conn))) {
2415 file_set_dosmode(conn, smb_dname,
2416 file_attributes | aDIR,
2421 if (lp_inherit_perms(SNUM(conn))) {
2422 inherit_access_posix_acl(conn, parent_dir,
2423 smb_dname->base_name, mode);
2428 * Check if high bits should have been set,
2429 * then (if bits are missing): add them.
2430 * Consider bits automagically set by UNIX, i.e. SGID bit from parent
2433 if ((mode & ~(S_IRWXU|S_IRWXG|S_IRWXO)) &&
2434 (mode & ~smb_dname->st.st_ex_mode)) {
2435 SMB_VFS_CHMOD(conn, smb_dname->base_name,
2436 (smb_dname->st.st_ex_mode |
2437 (mode & ~smb_dname->st.st_ex_mode)));
2441 /* Change the owner if required. */
2442 if (lp_inherit_owner(SNUM(conn))) {
2443 change_dir_owner_to_parent(conn, parent_dir,
2444 smb_dname->base_name,
2448 notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2449 smb_dname->base_name);
2451 return NT_STATUS_OK;
2454 /****************************************************************************
2455 Open a directory from an NT SMB call.
2456 ****************************************************************************/
2458 static NTSTATUS open_directory(connection_struct *conn,
2459 struct smb_request *req,
2460 struct smb_filename *smb_dname,
2462 uint32 share_access,
2463 uint32 create_disposition,
2464 uint32 create_options,
2465 uint32 file_attributes,
2467 files_struct **result)
2469 files_struct *fsp = NULL;
2470 bool dir_existed = VALID_STAT(smb_dname->st) ? True : False;
2471 struct share_mode_lock *lck = NULL;
2473 struct timespec mtimespec;
2476 SMB_ASSERT(!is_ntfs_stream_smb_fname(smb_dname));
2478 /* Ensure we have a directory attribute. */
2479 file_attributes |= FILE_ATTRIBUTE_DIRECTORY;
2481 DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2482 "share_access = 0x%x create_options = 0x%x, "
2483 "create_disposition = 0x%x, file_attributes = 0x%x\n",
2484 smb_fname_str_dbg(smb_dname),
2485 (unsigned int)access_mask,
2486 (unsigned int)share_access,
2487 (unsigned int)create_options,
2488 (unsigned int)create_disposition,
2489 (unsigned int)file_attributes));
2491 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
2492 (conn->fs_capabilities & FILE_NAMED_STREAMS) &&
2493 is_ntfs_stream_smb_fname(smb_dname)) {
2494 DEBUG(2, ("open_directory: %s is a stream name!\n",
2495 smb_fname_str_dbg(smb_dname)));
2496 return NT_STATUS_NOT_A_DIRECTORY;
2499 status = calculate_access_mask(conn, smb_dname, dir_existed,
2500 access_mask, &access_mask);
2501 if (!NT_STATUS_IS_OK(status)) {
2502 DEBUG(10, ("open_directory: calculate_access_mask "
2503 "on file %s returned %s\n",
2504 smb_fname_str_dbg(smb_dname),
2505 nt_errstr(status)));
2509 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &
2510 !s3_security_token_has_privilege(get_current_nttok(conn),
2511 SEC_PRIV_SECURITY)) {
2512 DEBUG(10, ("open_directory: open on %s "
2513 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
2514 smb_fname_str_dbg(smb_dname)));
2515 return NT_STATUS_PRIVILEGE_NOT_HELD;
2518 switch( create_disposition ) {
2521 info = FILE_WAS_OPENED;
2524 * We want to follow symlinks here.
2527 if (SMB_VFS_STAT(conn, smb_dname) != 0) {
2528 return map_nt_error_from_unix(errno);
2535 /* If directory exists error. If directory doesn't
2538 status = mkdir_internal(conn, smb_dname,
2541 if (!NT_STATUS_IS_OK(status)) {
2542 DEBUG(2, ("open_directory: unable to create "
2543 "%s. Error was %s\n",
2544 smb_fname_str_dbg(smb_dname),
2545 nt_errstr(status)));
2549 info = FILE_WAS_CREATED;
2554 * If directory exists open. If directory doesn't
2558 status = mkdir_internal(conn, smb_dname,
2561 if (NT_STATUS_IS_OK(status)) {
2562 info = FILE_WAS_CREATED;
2565 if (NT_STATUS_EQUAL(status,
2566 NT_STATUS_OBJECT_NAME_COLLISION)) {
2567 info = FILE_WAS_OPENED;
2568 status = NT_STATUS_OK;
2573 case FILE_SUPERSEDE:
2574 case FILE_OVERWRITE:
2575 case FILE_OVERWRITE_IF:
2577 DEBUG(5,("open_directory: invalid create_disposition "
2578 "0x%x for directory %s\n",
2579 (unsigned int)create_disposition,
2580 smb_fname_str_dbg(smb_dname)));
2581 return NT_STATUS_INVALID_PARAMETER;
2584 if(!S_ISDIR(smb_dname->st.st_ex_mode)) {
2585 DEBUG(5,("open_directory: %s is not a directory !\n",
2586 smb_fname_str_dbg(smb_dname)));
2587 return NT_STATUS_NOT_A_DIRECTORY;
2590 if (info == FILE_WAS_OPENED) {
2591 uint32_t access_granted = 0;
2592 status = smbd_check_open_rights(conn, smb_dname, access_mask,
2595 /* Were we trying to do a directory open
2596 * for delete and didn't get DELETE
2597 * access (only) ? Check if the
2598 * directory allows DELETE_CHILD.
2600 * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
2603 if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
2604 (access_mask & DELETE_ACCESS) &&
2605 (access_granted == DELETE_ACCESS) &&
2606 can_delete_file_in_directory(conn, smb_dname))) {
2607 DEBUG(10,("open_directory: overrode ACCESS_DENIED "
2608 "on directory %s\n",
2609 smb_fname_str_dbg(smb_dname)));
2610 status = NT_STATUS_OK;
2613 if (!NT_STATUS_IS_OK(status)) {
2614 DEBUG(10, ("open_directory: smbd_check_open_rights on "
2615 "file %s failed with %s\n",
2616 smb_fname_str_dbg(smb_dname),
2617 nt_errstr(status)));
2622 status = file_new(req, conn, &fsp);
2623 if(!NT_STATUS_IS_OK(status)) {
2628 * Setup the files_struct for it.
2631 fsp->mode = smb_dname->st.st_ex_mode;
2632 fsp->file_id = vfs_file_id_from_sbuf(conn, &smb_dname->st);
2633 fsp->vuid = req ? req->vuid : UID_FIELD_INVALID;
2634 fsp->file_pid = req ? req->smbpid : 0;
2635 fsp->can_lock = False;
2636 fsp->can_read = False;
2637 fsp->can_write = False;
2639 fsp->share_access = share_access;
2640 fsp->fh->private_options = 0;
2642 * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
2644 fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
2645 fsp->print_file = NULL;
2646 fsp->modified = False;
2647 fsp->oplock_type = NO_OPLOCK;
2648 fsp->sent_oplock_break = NO_BREAK_SENT;
2649 fsp->is_directory = True;
2650 fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2651 status = fsp_set_smb_fname(fsp, smb_dname);
2652 if (!NT_STATUS_IS_OK(status)) {
2656 mtimespec = smb_dname->st.st_ex_mtime;
2658 lck = get_share_mode_lock(talloc_tos(), fsp->file_id,
2659 conn->connectpath, smb_dname, &mtimespec);
2662 DEBUG(0, ("open_directory: Could not get share mode lock for "
2663 "%s\n", smb_fname_str_dbg(smb_dname)));
2664 file_free(req, fsp);
2665 return NT_STATUS_SHARING_VIOLATION;
2668 status = open_mode_check(conn, lck, access_mask, share_access,
2669 create_options, &dir_existed);
2671 if (!NT_STATUS_IS_OK(status)) {
2673 file_free(req, fsp);
2677 set_share_mode(lck, fsp, get_current_uid(conn), 0, NO_OPLOCK);
2679 /* For directories the delete on close bit at open time seems
2680 always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2681 if (create_options & FILE_DELETE_ON_CLOSE) {
2682 status = can_set_delete_on_close(fsp, 0);
2683 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2685 file_free(req, fsp);
2689 if (NT_STATUS_IS_OK(status)) {
2690 /* Note that here we set the *inital* delete on close flag,
2691 not the regular one. The magic gets handled in close. */
2692 fsp->initial_delete_on_close = True;
2703 return NT_STATUS_OK;
2706 NTSTATUS create_directory(connection_struct *conn, struct smb_request *req,
2707 struct smb_filename *smb_dname)
2712 status = SMB_VFS_CREATE_FILE(
2715 0, /* root_dir_fid */
2716 smb_dname, /* fname */
2717 FILE_READ_ATTRIBUTES, /* access_mask */
2718 FILE_SHARE_NONE, /* share_access */
2719 FILE_CREATE, /* create_disposition*/
2720 FILE_DIRECTORY_FILE, /* create_options */
2721 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
2722 0, /* oplock_request */
2723 0, /* allocation_size */
2724 0, /* private_flags */
2730 if (NT_STATUS_IS_OK(status)) {
2731 close_file(req, fsp, NORMAL_CLOSE);
2737 /****************************************************************************
2738 Receive notification that one of our open files has been renamed by another
2740 ****************************************************************************/
2742 void msg_file_was_renamed(struct messaging_context *msg,
2745 struct server_id server_id,
2748 struct smbd_server_connection *sconn;
2750 char *frm = (char *)data->data;
2752 const char *sharepath;
2753 const char *base_name;
2754 const char *stream_name;
2755 struct smb_filename *smb_fname = NULL;
2756 size_t sp_len, bn_len;
2759 sconn = msg_ctx_to_sconn(msg);
2760 if (sconn == NULL) {
2761 DEBUG(1, ("could not find sconn\n"));
2765 if (data->data == NULL
2766 || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2767 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2768 (int)data->length));
2772 /* Unpack the message. */
2773 pull_file_id_24(frm, &id);
2774 sharepath = &frm[24];
2775 sp_len = strlen(sharepath);
2776 base_name = sharepath + sp_len + 1;
2777 bn_len = strlen(base_name);
2778 stream_name = sharepath + sp_len + 1 + bn_len + 1;
2780 /* stream_name must always be NULL if there is no stream. */
2781 if (stream_name[0] == '\0') {
2785 status = create_synthetic_smb_fname(talloc_tos(), base_name,
2786 stream_name, NULL, &smb_fname);
2787 if (!NT_STATUS_IS_OK(status)) {
2791 DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2793 sharepath, smb_fname_str_dbg(smb_fname),
2794 file_id_string_tos(&id)));
2796 for(fsp = file_find_di_first(sconn, id); fsp;
2797 fsp = file_find_di_next(fsp)) {
2798 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2800 DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2801 fsp->fnum, fsp_str_dbg(fsp),
2802 smb_fname_str_dbg(smb_fname)));
2803 status = fsp_set_smb_fname(fsp, smb_fname);
2804 if (!NT_STATUS_IS_OK(status)) {
2809 /* Now we have the complete path we can work out if this is
2810 actually within this share and adjust newname accordingly. */
2811 DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2812 "not sharepath %s) "
2813 "fnum %d from %s -> %s\n",
2814 fsp->conn->connectpath,
2818 smb_fname_str_dbg(smb_fname)));
2822 TALLOC_FREE(smb_fname);
2827 * If a main file is opened for delete, all streams need to be checked for
2828 * !FILE_SHARE_DELETE. Do this by opening with DELETE_ACCESS.
2829 * If that works, delete them all by setting the delete on close and close.
2832 NTSTATUS open_streams_for_delete(connection_struct *conn,
2835 struct stream_struct *stream_info;
2836 files_struct **streams;
2838 unsigned int num_streams;
2839 TALLOC_CTX *frame = talloc_stackframe();
2842 status = SMB_VFS_STREAMINFO(conn, NULL, fname, talloc_tos(),
2843 &num_streams, &stream_info);
2845 if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_IMPLEMENTED)
2846 || NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
2847 DEBUG(10, ("no streams around\n"));
2849 return NT_STATUS_OK;
2852 if (!NT_STATUS_IS_OK(status)) {
2853 DEBUG(10, ("SMB_VFS_STREAMINFO failed: %s\n",
2854 nt_errstr(status)));
2858 DEBUG(10, ("open_streams_for_delete found %d streams\n",
2861 if (num_streams == 0) {
2863 return NT_STATUS_OK;
2866 streams = TALLOC_ARRAY(talloc_tos(), files_struct *, num_streams);
2867 if (streams == NULL) {
2868 DEBUG(0, ("talloc failed\n"));
2869 status = NT_STATUS_NO_MEMORY;
2873 for (i=0; i<num_streams; i++) {
2874 struct smb_filename *smb_fname = NULL;
2876 if (strequal(stream_info[i].name, "::$DATA")) {
2881 status = create_synthetic_smb_fname(talloc_tos(), fname,
2882 stream_info[i].name,
2884 if (!NT_STATUS_IS_OK(status)) {
2888 if (SMB_VFS_STAT(conn, smb_fname) == -1) {
2889 DEBUG(10, ("Unable to stat stream: %s\n",
2890 smb_fname_str_dbg(smb_fname)));
2893 status = SMB_VFS_CREATE_FILE(
2896 0, /* root_dir_fid */
2897 smb_fname, /* fname */
2898 DELETE_ACCESS, /* access_mask */
2899 (FILE_SHARE_READ | /* share_access */
2900 FILE_SHARE_WRITE | FILE_SHARE_DELETE),
2901 FILE_OPEN, /* create_disposition*/
2902 0, /* create_options */
2903 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2904 0, /* oplock_request */
2905 0, /* allocation_size */
2906 NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* private_flags */
2909 &streams[i], /* result */
2912 if (!NT_STATUS_IS_OK(status)) {
2913 DEBUG(10, ("Could not open stream %s: %s\n",
2914 smb_fname_str_dbg(smb_fname),
2915 nt_errstr(status)));
2917 TALLOC_FREE(smb_fname);
2920 TALLOC_FREE(smb_fname);
2924 * don't touch the variable "status" beyond this point :-)
2927 for (i -= 1 ; i >= 0; i--) {
2928 if (streams[i] == NULL) {
2932 DEBUG(10, ("Closing stream # %d, %s\n", i,
2933 fsp_str_dbg(streams[i])));
2934 close_file(NULL, streams[i], NORMAL_CLOSE);
2943 * Wrapper around open_file_ntcreate and open_directory
2946 static NTSTATUS create_file_unixpath(connection_struct *conn,
2947 struct smb_request *req,
2948 struct smb_filename *smb_fname,
2949 uint32_t access_mask,
2950 uint32_t share_access,
2951 uint32_t create_disposition,
2952 uint32_t create_options,
2953 uint32_t file_attributes,
2954 uint32_t oplock_request,
2955 uint64_t allocation_size,
2956 uint32_t private_flags,
2957 struct security_descriptor *sd,
2958 struct ea_list *ea_list,
2960 files_struct **result,
2963 int info = FILE_WAS_OPENED;
2964 files_struct *base_fsp = NULL;
2965 files_struct *fsp = NULL;
2968 DEBUG(10,("create_file_unixpath: access_mask = 0x%x "
2969 "file_attributes = 0x%x, share_access = 0x%x, "
2970 "create_disposition = 0x%x create_options = 0x%x "
2971 "oplock_request = 0x%x private_flags = 0x%x "
2972 "ea_list = 0x%p, sd = 0x%p, "
2974 (unsigned int)access_mask,
2975 (unsigned int)file_attributes,
2976 (unsigned int)share_access,
2977 (unsigned int)create_disposition,
2978 (unsigned int)create_options,
2979 (unsigned int)oplock_request,
2980 (unsigned int)private_flags,
2981 ea_list, sd, smb_fname_str_dbg(smb_fname)));
2983 if (create_options & FILE_OPEN_BY_FILE_ID) {
2984 status = NT_STATUS_NOT_SUPPORTED;
2988 if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) {
2989 status = NT_STATUS_INVALID_PARAMETER;
2994 oplock_request |= INTERNAL_OPEN_ONLY;
2997 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
2998 && (access_mask & DELETE_ACCESS)
2999 && !is_ntfs_stream_smb_fname(smb_fname)) {
3001 * We can't open a file with DELETE access if any of the
3002 * streams is open without FILE_SHARE_DELETE
3004 status = open_streams_for_delete(conn, smb_fname->base_name);
3006 if (!NT_STATUS_IS_OK(status)) {
3011 /* This is the correct thing to do (check every time) but can_delete
3012 * is expensive (it may have to read the parent directory
3013 * permissions). So for now we're not doing it unless we have a strong
3014 * hint the client is really going to delete this file. If the client
3015 * is forcing FILE_CREATE let the filesystem take care of the
3018 /* Setting FILE_SHARE_DELETE is the hint. */
3020 if (lp_acl_check_permissions(SNUM(conn))
3021 && (create_disposition != FILE_CREATE)
3022 && (share_access & FILE_SHARE_DELETE)
3023 && (access_mask & DELETE_ACCESS)
3024 && (!(can_delete_file_in_directory(conn, smb_fname) ||
3025 can_access_file_acl(conn, smb_fname, DELETE_ACCESS)))) {
3026 status = NT_STATUS_ACCESS_DENIED;
3027 DEBUG(10,("create_file_unixpath: open file %s "
3028 "for delete ACCESS_DENIED\n",
3029 smb_fname_str_dbg(smb_fname)));
3033 if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
3034 !s3_security_token_has_privilege(get_current_nttok(conn),
3035 SEC_PRIV_SECURITY)) {
3036 DEBUG(10, ("create_file_unixpath: open on %s "
3037 "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
3038 smb_fname_str_dbg(smb_fname)));
3039 status = NT_STATUS_PRIVILEGE_NOT_HELD;
3043 if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
3044 && is_ntfs_stream_smb_fname(smb_fname)
3045 && (!(private_flags & NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE))) {
3046 uint32 base_create_disposition;
3047 struct smb_filename *smb_fname_base = NULL;
3049 if (create_options & FILE_DIRECTORY_FILE) {
3050 status = NT_STATUS_NOT_A_DIRECTORY;
3054 switch (create_disposition) {
3056 base_create_disposition = FILE_OPEN;
3059 base_create_disposition = FILE_OPEN_IF;
3063 /* Create an smb_filename with stream_name == NULL. */
3064 status = create_synthetic_smb_fname(talloc_tos(),
3065 smb_fname->base_name,
3068 if (!NT_STATUS_IS_OK(status)) {
3072 if (SMB_VFS_STAT(conn, smb_fname_base) == -1) {
3073 DEBUG(10, ("Unable to stat stream: %s\n",
3074 smb_fname_str_dbg(smb_fname_base)));
3077 /* Open the base file. */
3078 status = create_file_unixpath(conn, NULL, smb_fname_base, 0,
3081 | FILE_SHARE_DELETE,
3082 base_create_disposition,
3083 0, 0, 0, 0, 0, NULL, NULL,
3085 TALLOC_FREE(smb_fname_base);
3087 if (!NT_STATUS_IS_OK(status)) {
3088 DEBUG(10, ("create_file_unixpath for base %s failed: "
3089 "%s\n", smb_fname->base_name,
3090 nt_errstr(status)));
3093 /* we don't need to low level fd */
3098 * If it's a request for a directory open, deal with it separately.
3101 if (create_options & FILE_DIRECTORY_FILE) {
3103 if (create_options & FILE_NON_DIRECTORY_FILE) {
3104 status = NT_STATUS_INVALID_PARAMETER;
3108 /* Can't open a temp directory. IFS kit test. */
3109 if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS) &&
3110 (file_attributes & FILE_ATTRIBUTE_TEMPORARY)) {
3111 status = NT_STATUS_INVALID_PARAMETER;
3116 * We will get a create directory here if the Win32
3117 * app specified a security descriptor in the
3118 * CreateDirectory() call.
3122 status = open_directory(
3123 conn, req, smb_fname, access_mask, share_access,
3124 create_disposition, create_options, file_attributes,
3129 * Ordinary file case.
3132 status = file_new(req, conn, &fsp);
3133 if(!NT_STATUS_IS_OK(status)) {
3137 status = fsp_set_smb_fname(fsp, smb_fname);
3138 if (!NT_STATUS_IS_OK(status)) {
3143 * We're opening the stream element of a base_fsp
3144 * we already opened. Set up the base_fsp pointer.
3147 fsp->base_fsp = base_fsp;
3150 status = open_file_ntcreate(conn,
3162 if(!NT_STATUS_IS_OK(status)) {
3163 file_free(req, fsp);
3167 if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
3169 /* A stream open never opens a directory */
3172 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3177 * Fail the open if it was explicitly a non-directory
3181 if (create_options & FILE_NON_DIRECTORY_FILE) {
3182 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3187 status = open_directory(
3188 conn, req, smb_fname, access_mask,
3189 share_access, create_disposition,
3190 create_options, file_attributes,
3195 if (!NT_STATUS_IS_OK(status)) {
3199 fsp->base_fsp = base_fsp;
3202 * According to the MS documentation, the only time the security
3203 * descriptor is applied to the opened file is iff we *created* the
3204 * file; an existing file stays the same.
3206 * Also, it seems (from observation) that you can open the file with
3207 * any access mask but you can still write the sd. We need to override
3208 * the granted access before we call set_sd
3209 * Patch for bug #2242 from Tom Lackemann <cessnatomny@yahoo.com>.
3212 if ((sd != NULL) && (info == FILE_WAS_CREATED)
3213 && lp_nt_acl_support(SNUM(conn))) {
3215 uint32_t sec_info_sent;
3216 uint32_t saved_access_mask = fsp->access_mask;
3218 sec_info_sent = get_sec_info(sd);
3220 fsp->access_mask = FILE_GENERIC_ALL;
3222 /* Convert all the generic bits. */
3223 security_acl_map_generic(sd->dacl, &file_generic_mapping);
3224 security_acl_map_generic(sd->sacl, &file_generic_mapping);
3226 if (sec_info_sent & (SECINFO_OWNER|
3230 status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
3233 fsp->access_mask = saved_access_mask;
3235 if (!NT_STATUS_IS_OK(status)) {
3240 if ((ea_list != NULL) &&
3241 ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN))) {
3242 status = set_ea(conn, fsp, fsp->fsp_name, ea_list);
3243 if (!NT_STATUS_IS_OK(status)) {
3248 if (!fsp->is_directory && S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
3249 status = NT_STATUS_ACCESS_DENIED;
3253 /* Save the requested allocation size. */
3254 if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
3256 && (allocation_size > fsp->fsp_name->st.st_ex_size)) {
3257 fsp->initial_allocation_size = smb_roundup(
3258 fsp->conn, allocation_size);
3259 if (fsp->is_directory) {
3260 /* Can't set allocation size on a directory. */
3261 status = NT_STATUS_ACCESS_DENIED;
3264 if (vfs_allocate_file_space(
3265 fsp, fsp->initial_allocation_size) == -1) {
3266 status = NT_STATUS_DISK_FULL;
3270 fsp->initial_allocation_size = smb_roundup(
3271 fsp->conn, (uint64_t)fsp->fsp_name->st.st_ex_size);
3275 DEBUG(10, ("create_file_unixpath: info=%d\n", info));
3278 if (pinfo != NULL) {
3282 smb_fname->st = fsp->fsp_name->st;
3284 return NT_STATUS_OK;
3287 DEBUG(10, ("create_file_unixpath: %s\n", nt_errstr(status)));
3290 if (base_fsp && fsp->base_fsp == base_fsp) {
3292 * The close_file below will close
3297 close_file(req, fsp, ERROR_CLOSE);
3300 if (base_fsp != NULL) {
3301 close_file(req, base_fsp, ERROR_CLOSE);
3308 * Calculate the full path name given a relative fid.
3310 NTSTATUS get_relative_fid_filename(connection_struct *conn,
3311 struct smb_request *req,
3312 uint16_t root_dir_fid,
3313 struct smb_filename *smb_fname)
3315 files_struct *dir_fsp;
3316 char *parent_fname = NULL;
3317 char *new_base_name = NULL;
3320 if (root_dir_fid == 0 || !smb_fname) {
3321 status = NT_STATUS_INTERNAL_ERROR;
3325 dir_fsp = file_fsp(req, root_dir_fid);
3327 if (dir_fsp == NULL) {
3328 status = NT_STATUS_INVALID_HANDLE;
3332 if (is_ntfs_stream_smb_fname(dir_fsp->fsp_name)) {
3333 status = NT_STATUS_INVALID_HANDLE;
3337 if (!dir_fsp->is_directory) {
3340 * Check to see if this is a mac fork of some kind.
3343 if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
3344 is_ntfs_stream_smb_fname(smb_fname)) {
3345 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
3350 we need to handle the case when we get a
3351 relative open relative to a file and the
3352 pathname is blank - this is a reopen!
3353 (hint from demyn plantenberg)
3356 status = NT_STATUS_INVALID_HANDLE;
3360 if (ISDOT(dir_fsp->fsp_name->base_name)) {
3362 * We're at the toplevel dir, the final file name
3363 * must not contain ./, as this is filtered out
3364 * normally by srvstr_get_path and unix_convert
3365 * explicitly rejects paths containing ./.
3367 parent_fname = talloc_strdup(talloc_tos(), "");
3368 if (parent_fname == NULL) {
3369 status = NT_STATUS_NO_MEMORY;
3373 size_t dir_name_len = strlen(dir_fsp->fsp_name->base_name);
3376 * Copy in the base directory name.
3379 parent_fname = TALLOC_ARRAY(talloc_tos(), char,
3381 if (parent_fname == NULL) {
3382 status = NT_STATUS_NO_MEMORY;
3385 memcpy(parent_fname, dir_fsp->fsp_name->base_name,
3389 * Ensure it ends in a '/'.
3390 * We used TALLOC_SIZE +2 to add space for the '/'.
3394 && (parent_fname[dir_name_len-1] != '\\')
3395 && (parent_fname[dir_name_len-1] != '/')) {
3396 parent_fname[dir_name_len] = '/';
3397 parent_fname[dir_name_len+1] = '\0';
3401 new_base_name = talloc_asprintf(smb_fname, "%s%s", parent_fname,
3402 smb_fname->base_name);
3403 if (new_base_name == NULL) {
3404 status = NT_STATUS_NO_MEMORY;
3408 TALLOC_FREE(smb_fname->base_name);
3409 smb_fname->base_name = new_base_name;
3410 status = NT_STATUS_OK;
3413 TALLOC_FREE(parent_fname);
3417 NTSTATUS create_file_default(connection_struct *conn,
3418 struct smb_request *req,
3419 uint16_t root_dir_fid,
3420 struct smb_filename *smb_fname,
3421 uint32_t access_mask,
3422 uint32_t share_access,
3423 uint32_t create_disposition,
3424 uint32_t create_options,
3425 uint32_t file_attributes,
3426 uint32_t oplock_request,
3427 uint64_t allocation_size,
3428 uint32_t private_flags,
3429 struct security_descriptor *sd,
3430 struct ea_list *ea_list,
3431 files_struct **result,
3434 int info = FILE_WAS_OPENED;
3435 files_struct *fsp = NULL;
3437 bool stream_name = false;
3439 DEBUG(10,("create_file: access_mask = 0x%x "
3440 "file_attributes = 0x%x, share_access = 0x%x, "
3441 "create_disposition = 0x%x create_options = 0x%x "
3442 "oplock_request = 0x%x "
3443 "private_flags = 0x%x "
3444 "root_dir_fid = 0x%x, ea_list = 0x%p, sd = 0x%p, "
3446 (unsigned int)access_mask,
3447 (unsigned int)file_attributes,
3448 (unsigned int)share_access,
3449 (unsigned int)create_disposition,
3450 (unsigned int)create_options,
3451 (unsigned int)oplock_request,
3452 (unsigned int)private_flags,
3453 (unsigned int)root_dir_fid,
3454 ea_list, sd, smb_fname_str_dbg(smb_fname)));
3457 * Calculate the filename from the root_dir_if if necessary.
3460 if (root_dir_fid != 0) {
3461 status = get_relative_fid_filename(conn, req, root_dir_fid,
3463 if (!NT_STATUS_IS_OK(status)) {
3469 * Check to see if this is a mac fork of some kind.
3472 stream_name = is_ntfs_stream_smb_fname(smb_fname);
3474 enum FAKE_FILE_TYPE fake_file_type;
3476 fake_file_type = is_fake_file(smb_fname);
3478 if (fake_file_type != FAKE_FILE_TYPE_NONE) {
3481 * Here we go! support for changing the disk quotas
3484 * We need to fake up to open this MAGIC QUOTA file
3485 * and return a valid FID.
3487 * w2k close this file directly after openening xp
3488 * also tries a QUERY_FILE_INFO on the file and then
3491 status = open_fake_file(req, conn, req->vuid,
3492 fake_file_type, smb_fname,
3494 if (!NT_STATUS_IS_OK(status)) {
3498 ZERO_STRUCT(smb_fname->st);
3502 if (!(conn->fs_capabilities & FILE_NAMED_STREAMS)) {
3503 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
3508 /* All file access must go through check_name() */
3510 status = check_name(conn, smb_fname->base_name);
3511 if (!NT_STATUS_IS_OK(status)) {
3515 if (stream_name && is_ntfs_default_stream_smb_fname(smb_fname)) {
3517 smb_fname->stream_name = NULL;
3518 /* We have to handle this error here. */
3519 if (create_options & FILE_DIRECTORY_FILE) {
3520 status = NT_STATUS_NOT_A_DIRECTORY;
3523 if (lp_posix_pathnames()) {
3524 ret = SMB_VFS_LSTAT(conn, smb_fname);
3526 ret = SMB_VFS_STAT(conn, smb_fname);
3529 if (ret == 0 && VALID_STAT_OF_DIR(smb_fname->st)) {
3530 status = NT_STATUS_FILE_IS_A_DIRECTORY;
3535 status = create_file_unixpath(
3536 conn, req, smb_fname, access_mask, share_access,
3537 create_disposition, create_options, file_attributes,
3538 oplock_request, allocation_size, private_flags,
3542 if (!NT_STATUS_IS_OK(status)) {
3547 DEBUG(10, ("create_file: info=%d\n", info));
3550 if (pinfo != NULL) {
3553 return NT_STATUS_OK;
3556 DEBUG(10, ("create_file: %s\n", nt_errstr(status)));
3559 close_file(req, fsp, ERROR_CLOSE);