2 Unix SMB/CIFS implementation.
3 Directory handling routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2007
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 This module implements directory related functions for Samba.
27 extern struct current_user current_user;
29 /* "Special" directory offsets. */
30 #define END_OF_DIRECTORY_OFFSET ((long)-1)
31 #define START_OF_DIRECTORY_OFFSET ((long)0)
32 #define DOT_DOT_DIRECTORY_OFFSET ((long)0x80000000)
34 /* Make directory handle internals available. */
36 struct name_cache_entry {
42 connection_struct *conn;
46 size_t name_cache_size;
47 struct name_cache_entry *name_cache;
48 unsigned int name_cache_index;
49 unsigned int file_number;
53 struct dptr_struct *next, *prev;
56 struct connection_struct *conn;
57 struct smb_Dir *dir_hnd;
62 bool has_wild; /* Set to true if the wcard entry has MS wildcard characters in it. */
63 bool did_stat; /* Optimisation for non-wcard searches. */
66 static struct bitmap *dptr_bmap;
67 static struct dptr_struct *dirptrs;
68 static int dirhandles_open = 0;
70 #define INVALID_DPTR_KEY (-3)
72 /****************************************************************************
74 ****************************************************************************/
76 bool make_dir_struct(TALLOC_CTX *ctx,
86 char *mask2 = talloc_strdup(ctx, mask);
92 if ((mode & aDIR) != 0) {
97 if ((p = strchr_m(mask2,'.')) != NULL) {
99 push_ascii(buf+1,mask2,8, 0);
100 push_ascii(buf+9,p+1,3, 0);
103 push_ascii(buf+1,mask2,11, 0);
106 memset(buf+21,'\0',DIR_STRUCT_SIZE-21);
108 srv_put_dos_date(buf,22,date);
109 SSVAL(buf,26,size & 0xFFFF);
110 SSVAL(buf,28,(size >> 16)&0xFFFF);
111 /* We only uppercase if FLAGS2_LONG_PATH_COMPONENTS is zero in the input buf.
112 Strange, but verified on W2K3. Needed for OS/2. JRA. */
113 push_ascii(buf+30,fname,12, uc ? STR_UPPER : 0);
114 DEBUG(8,("put name [%s] from [%s] into dir struct\n",buf+30, fname));
118 /****************************************************************************
119 Initialise the dir bitmap.
120 ****************************************************************************/
122 void init_dptrs(void)
124 static bool dptrs_init=False;
129 dptr_bmap = bitmap_allocate(MAX_DIRECTORY_HANDLES);
132 exit_server("out of memory in init_dptrs");
137 /****************************************************************************
138 Idle a dptr - the directory is closed but the control info is kept.
139 ****************************************************************************/
141 static void dptr_idle(struct dptr_struct *dptr)
144 DEBUG(4,("Idling dptr dnum %d\n",dptr->dnum));
145 TALLOC_FREE(dptr->dir_hnd);
149 /****************************************************************************
150 Idle the oldest dptr.
151 ****************************************************************************/
153 static void dptr_idleoldest(void)
155 struct dptr_struct *dptr;
158 * Go to the end of the list.
160 for(dptr = dirptrs; dptr && dptr->next; dptr = dptr->next)
164 DEBUG(0,("No dptrs available to idle ?\n"));
169 * Idle the oldest pointer.
172 for(; dptr; dptr = dptr->prev) {
180 /****************************************************************************
181 Get the struct dptr_struct for a dir index.
182 ****************************************************************************/
184 static struct dptr_struct *dptr_get(int key, bool forclose)
186 struct dptr_struct *dptr;
188 for(dptr = dirptrs; dptr; dptr = dptr->next) {
189 if(dptr->dnum == key) {
190 if (!forclose && !dptr->dir_hnd) {
191 if (dirhandles_open >= MAX_OPEN_DIRECTORIES)
193 DEBUG(4,("dptr_get: Reopening dptr key %d\n",key));
194 if (!(dptr->dir_hnd = OpenDir(
195 NULL, dptr->conn, dptr->path,
196 dptr->wcard, dptr->attr))) {
197 DEBUG(4,("dptr_get: Failed to open %s (%s)\n",dptr->path,
202 DLIST_PROMOTE(dirptrs,dptr);
209 /****************************************************************************
210 Get the dir path for a dir index.
211 ****************************************************************************/
213 char *dptr_path(int key)
215 struct dptr_struct *dptr = dptr_get(key, False);
221 /****************************************************************************
222 Get the dir wcard for a dir index.
223 ****************************************************************************/
225 char *dptr_wcard(int key)
227 struct dptr_struct *dptr = dptr_get(key, False);
233 /****************************************************************************
234 Get the dir attrib for a dir index.
235 ****************************************************************************/
237 uint16 dptr_attr(int key)
239 struct dptr_struct *dptr = dptr_get(key, False);
245 /****************************************************************************
246 Close a dptr (internal func).
247 ****************************************************************************/
249 static void dptr_close_internal(struct dptr_struct *dptr)
251 DEBUG(4,("closing dptr key %d\n",dptr->dnum));
253 DLIST_REMOVE(dirptrs, dptr);
256 * Free the dnum in the bitmap. Remember the dnum value is always
257 * biased by one with respect to the bitmap.
260 if(bitmap_query( dptr_bmap, dptr->dnum - 1) != True) {
261 DEBUG(0,("dptr_close_internal : Error - closing dnum = %d and bitmap not set !\n",
265 bitmap_clear(dptr_bmap, dptr->dnum - 1);
267 TALLOC_FREE(dptr->dir_hnd);
269 /* Lanman 2 specific code */
270 SAFE_FREE(dptr->wcard);
271 string_set(&dptr->path,"");
275 /****************************************************************************
276 Close a dptr given a key.
277 ****************************************************************************/
279 void dptr_close(int *key)
281 struct dptr_struct *dptr;
283 if(*key == INVALID_DPTR_KEY)
286 /* OS/2 seems to use -1 to indicate "close all directories" */
288 struct dptr_struct *next;
289 for(dptr = dirptrs; dptr; dptr = next) {
291 dptr_close_internal(dptr);
293 *key = INVALID_DPTR_KEY;
297 dptr = dptr_get(*key, True);
300 DEBUG(0,("Invalid key %d given to dptr_close\n", *key));
304 dptr_close_internal(dptr);
306 *key = INVALID_DPTR_KEY;
309 /****************************************************************************
310 Close all dptrs for a cnum.
311 ****************************************************************************/
313 void dptr_closecnum(connection_struct *conn)
315 struct dptr_struct *dptr, *next;
316 for(dptr = dirptrs; dptr; dptr = next) {
318 if (dptr->conn == conn)
319 dptr_close_internal(dptr);
323 /****************************************************************************
324 Idle all dptrs for a cnum.
325 ****************************************************************************/
327 void dptr_idlecnum(connection_struct *conn)
329 struct dptr_struct *dptr;
330 for(dptr = dirptrs; dptr; dptr = dptr->next) {
331 if (dptr->conn == conn && dptr->dir_hnd)
336 /****************************************************************************
337 Close a dptr that matches a given path, only if it matches the spid also.
338 ****************************************************************************/
340 void dptr_closepath(char *path,uint16 spid)
342 struct dptr_struct *dptr, *next;
343 for(dptr = dirptrs; dptr; dptr = next) {
345 if (spid == dptr->spid && strequal(dptr->path,path))
346 dptr_close_internal(dptr);
350 /****************************************************************************
351 Try and close the oldest handle not marked for
352 expect close in the hope that the client has
353 finished with that one.
354 ****************************************************************************/
356 static void dptr_close_oldest(bool old)
358 struct dptr_struct *dptr;
361 * Go to the end of the list.
363 for(dptr = dirptrs; dptr && dptr->next; dptr = dptr->next)
367 DEBUG(0,("No old dptrs available to close oldest ?\n"));
372 * If 'old' is true, close the oldest oldhandle dnum (ie. 1 < dnum < 256) that
373 * does not have expect_close set. If 'old' is false, close
374 * one of the new dnum handles.
377 for(; dptr; dptr = dptr->prev) {
378 if ((old && (dptr->dnum < 256) && !dptr->expect_close) ||
379 (!old && (dptr->dnum > 255))) {
380 dptr_close_internal(dptr);
386 /****************************************************************************
387 Create a new dir ptr. If the flag old_handle is true then we must allocate
388 from the bitmap range 0 - 255 as old SMBsearch directory handles are only
389 one byte long. If old_handle is false we allocate from the range
390 256 - MAX_DIRECTORY_HANDLES. We bias the number we return by 1 to ensure
391 a directory handle is never zero.
392 wcard must not be zero.
393 ****************************************************************************/
395 NTSTATUS dptr_create(connection_struct *conn, const char *path, bool old_handle, bool expect_close,uint16 spid,
396 const char *wcard, bool wcard_has_wild, uint32 attr, struct dptr_struct **dptr_ret)
398 struct dptr_struct *dptr = NULL;
399 struct smb_Dir *dir_hnd;
402 DEBUG(5,("dptr_create dir=%s\n", path));
405 return NT_STATUS_INVALID_PARAMETER;
408 status = check_name(conn,path);
409 if (!NT_STATUS_IS_OK(status)) {
413 dir_hnd = OpenDir(NULL, conn, path, wcard, attr);
415 return map_nt_error_from_unix(errno);
418 string_set(&conn->dirpath,path);
420 if (dirhandles_open >= MAX_OPEN_DIRECTORIES) {
424 dptr = SMB_MALLOC_P(struct dptr_struct);
426 DEBUG(0,("malloc fail in dptr_create.\n"));
427 TALLOC_FREE(dir_hnd);
428 return NT_STATUS_NO_MEMORY;
436 * This is an old-style SMBsearch request. Ensure the
437 * value we return will fit in the range 1-255.
440 dptr->dnum = bitmap_find(dptr_bmap, 0);
442 if(dptr->dnum == -1 || dptr->dnum > 254) {
445 * Try and close the oldest handle not marked for
446 * expect close in the hope that the client has
447 * finished with that one.
450 dptr_close_oldest(True);
452 /* Now try again... */
453 dptr->dnum = bitmap_find(dptr_bmap, 0);
454 if(dptr->dnum == -1 || dptr->dnum > 254) {
455 DEBUG(0,("dptr_create: returned %d: Error - all old dirptrs in use ?\n", dptr->dnum));
457 TALLOC_FREE(dir_hnd);
458 return NT_STATUS_TOO_MANY_OPENED_FILES;
464 * This is a new-style trans2 request. Allocate from
465 * a range that will return 256 - MAX_DIRECTORY_HANDLES.
468 dptr->dnum = bitmap_find(dptr_bmap, 255);
470 if(dptr->dnum == -1 || dptr->dnum < 255) {
473 * Try and close the oldest handle close in the hope that
474 * the client has finished with that one. This will only
475 * happen in the case of the Win98 client bug where it leaks
479 dptr_close_oldest(False);
481 /* Now try again... */
482 dptr->dnum = bitmap_find(dptr_bmap, 255);
484 if(dptr->dnum == -1 || dptr->dnum < 255) {
485 DEBUG(0,("dptr_create: returned %d: Error - all new dirptrs in use ?\n", dptr->dnum));
487 TALLOC_FREE(dir_hnd);
488 return NT_STATUS_TOO_MANY_OPENED_FILES;
493 bitmap_set(dptr_bmap, dptr->dnum);
495 dptr->dnum += 1; /* Always bias the dnum by one - no zero dnums allowed. */
497 string_set(&dptr->path,path);
499 dptr->dir_hnd = dir_hnd;
501 dptr->expect_close = expect_close;
502 dptr->wcard = SMB_STRDUP(wcard);
504 bitmap_clear(dptr_bmap, dptr->dnum - 1);
506 TALLOC_FREE(dir_hnd);
507 return NT_STATUS_NO_MEMORY;
509 if (lp_posix_pathnames() || (wcard[0] == '.' && wcard[1] == 0)) {
510 dptr->has_wild = True;
512 dptr->has_wild = wcard_has_wild;
517 DLIST_ADD(dirptrs, dptr);
519 DEBUG(3,("creating new dirptr %d for path %s, expect_close = %d\n",
520 dptr->dnum,path,expect_close));
528 /****************************************************************************
529 Wrapper functions to access the lower level directory handles.
530 ****************************************************************************/
532 int dptr_CloseDir(struct dptr_struct *dptr)
534 DLIST_REMOVE(dirptrs, dptr);
535 TALLOC_FREE(dptr->dir_hnd);
539 void dptr_SeekDir(struct dptr_struct *dptr, long offset)
541 SeekDir(dptr->dir_hnd, offset);
544 long dptr_TellDir(struct dptr_struct *dptr)
546 return TellDir(dptr->dir_hnd);
549 bool dptr_has_wild(struct dptr_struct *dptr)
551 return dptr->has_wild;
554 int dptr_dnum(struct dptr_struct *dptr)
559 /****************************************************************************
560 Return the next visible file name, skipping veto'd and invisible files.
561 ****************************************************************************/
563 static const char *dptr_normal_ReadDirName(struct dptr_struct *dptr, long *poffset, SMB_STRUCT_STAT *pst)
565 /* Normal search for the next file. */
567 while ((name = ReadDirName(dptr->dir_hnd, poffset)) != NULL) {
568 if (is_visible_file(dptr->conn, dptr->path, name, pst, True)) {
575 /****************************************************************************
576 Return the next visible file name, skipping veto'd and invisible files.
577 ****************************************************************************/
579 const char *dptr_ReadDirName(TALLOC_CTX *ctx,
580 struct dptr_struct *dptr,
582 SMB_STRUCT_STAT *pst)
584 SET_STAT_INVALID(*pst);
586 if (dptr->has_wild) {
587 return dptr_normal_ReadDirName(dptr, poffset, pst);
590 /* If poffset is -1 then we know we returned this name before and we have
591 no wildcards. We're at the end of the directory. */
592 if (*poffset == END_OF_DIRECTORY_OFFSET) {
596 if (!dptr->did_stat) {
597 char *pathreal = NULL;
599 /* We know the stored wcard contains no wildcard characters. See if we can match
600 with a stat call. If we can't, then set did_stat to true to
601 ensure we only do this once and keep searching. */
603 dptr->did_stat = True;
605 /* First check if it should be visible. */
606 if (!is_visible_file(dptr->conn, dptr->path, dptr->wcard, pst, True)) {
607 /* This only returns False if the file was found, but
608 is explicitly not visible. Set us to end of directory,
609 but return NULL as we know we can't ever find it. */
610 dptr->dir_hnd->offset = *poffset = END_OF_DIRECTORY_OFFSET;
614 if (VALID_STAT(*pst)) {
615 /* We need to set the underlying dir_hnd offset to -1 also as
616 this function is usually called with the output from TellDir. */
617 dptr->dir_hnd->offset = *poffset = END_OF_DIRECTORY_OFFSET;
621 pathreal = talloc_asprintf(ctx,
629 if (SMB_VFS_STAT(dptr->conn,pathreal,pst) == 0) {
630 /* We need to set the underlying dir_hnd offset to -1 also as
631 this function is usually called with the output from TellDir. */
632 dptr->dir_hnd->offset = *poffset = END_OF_DIRECTORY_OFFSET;
633 TALLOC_FREE(pathreal);
636 /* If we get any other error than ENOENT or ENOTDIR
637 then the file exists we just can't stat it. */
638 if (errno != ENOENT && errno != ENOTDIR) {
639 /* We need to set the underlying dir_hdn offset to -1 also as
640 this function is usually called with the output from TellDir. */
641 dptr->dir_hnd->offset = *poffset = END_OF_DIRECTORY_OFFSET;
642 TALLOC_FREE(pathreal);
647 TALLOC_FREE(pathreal);
649 /* Stat failed. We know this is authoratiative if we are
650 * providing case sensitive semantics or the underlying
651 * filesystem is case sensitive.
654 if (dptr->conn->case_sensitive ||
655 !(dptr->conn->fs_capabilities & FILE_CASE_SENSITIVE_SEARCH)) {
656 /* We need to set the underlying dir_hnd offset to -1 also as
657 this function is usually called with the output from TellDir. */
658 dptr->dir_hnd->offset = *poffset = END_OF_DIRECTORY_OFFSET;
662 return dptr_normal_ReadDirName(dptr, poffset, pst);
665 /****************************************************************************
666 Search for a file by name, skipping veto'ed and not visible files.
667 ****************************************************************************/
669 bool dptr_SearchDir(struct dptr_struct *dptr, const char *name, long *poffset, SMB_STRUCT_STAT *pst)
671 SET_STAT_INVALID(*pst);
673 if (!dptr->has_wild && (dptr->dir_hnd->offset == END_OF_DIRECTORY_OFFSET)) {
674 /* This is a singleton directory and we're already at the end. */
675 *poffset = END_OF_DIRECTORY_OFFSET;
679 return SearchDir(dptr->dir_hnd, name, poffset);
682 /****************************************************************************
683 Add the name we're returning into the underlying cache.
684 ****************************************************************************/
686 void dptr_DirCacheAdd(struct dptr_struct *dptr, const char *name, long offset)
688 DirCacheAdd(dptr->dir_hnd, name, offset);
691 /****************************************************************************
692 Fill the 5 byte server reserved dptr field.
693 ****************************************************************************/
695 bool dptr_fill(char *buf1,unsigned int key)
697 unsigned char *buf = (unsigned char *)buf1;
698 struct dptr_struct *dptr = dptr_get(key, False);
701 DEBUG(1,("filling null dirptr %d\n",key));
704 offset = (uint32)TellDir(dptr->dir_hnd);
705 DEBUG(6,("fill on key %u dirptr 0x%lx now at %d\n",key,
706 (long)dptr->dir_hnd,(int)offset));
712 /****************************************************************************
713 Fetch the dir ptr and seek it given the 5 byte server field.
714 ****************************************************************************/
716 struct dptr_struct *dptr_fetch(char *buf,int *num)
718 unsigned int key = *(unsigned char *)buf;
719 struct dptr_struct *dptr = dptr_get(key, False);
724 DEBUG(3,("fetched null dirptr %d\n",key));
728 offset = IVAL(buf,1);
729 if (offset == (uint32)-1) {
730 seekoff = END_OF_DIRECTORY_OFFSET;
732 seekoff = (long)offset;
734 SeekDir(dptr->dir_hnd,seekoff);
735 DEBUG(3,("fetching dirptr %d for path %s at offset %d\n",
736 key,dptr_path(key),(int)seekoff));
740 /****************************************************************************
742 ****************************************************************************/
744 struct dptr_struct *dptr_fetch_lanman2(int dptr_num)
746 struct dptr_struct *dptr = dptr_get(dptr_num, False);
749 DEBUG(3,("fetched null dirptr %d\n",dptr_num));
752 DEBUG(3,("fetching dirptr %d for path %s\n",dptr_num,dptr_path(dptr_num)));
756 /****************************************************************************
757 Check that a file matches a particular file type.
758 ****************************************************************************/
760 bool dir_check_ftype(connection_struct *conn, uint32 mode, uint32 dirtype)
764 /* Check the "may have" search bits. */
765 if (((mode & ~dirtype) & (aHIDDEN | aSYSTEM | aDIR)) != 0)
768 /* Check the "must have" bits, which are the may have bits shifted eight */
769 /* If must have bit is set, the file/dir can not be returned in search unless the matching
770 file attribute is set */
771 mask = ((dirtype >> 8) & (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM)); /* & 0x37 */
773 if((mask & (mode & (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM))) == mask) /* check if matching attribute present */
782 static bool mangle_mask_match(connection_struct *conn,
783 const char *filename,
788 if (!name_to_8_3(filename,mname,False,conn->params)) {
791 return mask_match_search(mname,mask,False);
794 /****************************************************************************
795 Get an 8.3 directory entry.
796 ****************************************************************************/
798 bool get_dir_entry(TALLOC_CTX *ctx,
799 connection_struct *conn,
808 const char *dname = NULL;
810 SMB_STRUCT_STAT sbuf;
811 char *pathreal = NULL;
812 const char *filename = NULL;
815 *pp_fname_out = NULL;
817 needslash = ( conn->dirpath[strlen(conn->dirpath) -1] != '/');
824 long curoff = dptr_TellDir(conn->dirptr);
825 dname = dptr_ReadDirName(ctx, conn->dirptr, &curoff, &sbuf);
827 DEBUG(6,("readdir on dirptr 0x%lx now at offset %ld\n",
828 (long)conn->dirptr,TellDir(conn->dirptr->dir_hnd)));
836 /* notice the special *.* handling. This appears to be the only difference
837 between the wildcard handling in this routine and in the trans2 routines.
838 see masktest for a demo
840 if ((strcmp(mask,"*.*") == 0) ||
841 mask_match_search(filename,mask,False) ||
842 mangle_mask_match(conn,filename,mask)) {
844 struct timespec write_time_ts;
845 struct file_id fileid;
847 if (!mangle_is_8_3(filename, False, conn->params)) {
848 if (!name_to_8_3(filename,mname,False,
856 pathreal = talloc_asprintf(ctx,
861 pathreal = talloc_asprintf(ctx,
870 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn, pathreal, &sbuf)) != 0) {
871 DEBUG(5,("Couldn't stat 1 [%s]. Error = %s\n",
872 pathreal, strerror(errno) ));
873 TALLOC_FREE(pathreal);
877 *mode = dos_mode(conn,pathreal,&sbuf);
879 if (!dir_check_ftype(conn,*mode,dirtype)) {
880 DEBUG(5,("[%s] attribs 0x%x didn't match 0x%x\n",filename,(unsigned int)*mode,(unsigned int)dirtype));
881 TALLOC_FREE(pathreal);
885 *size = sbuf.st_size;
886 *date = sbuf.st_mtime;
888 fileid = vfs_file_id_from_sbuf(conn, &sbuf);
889 write_time_ts = get_write_time(fileid);
890 if (!null_timespec(write_time_ts)) {
891 *date = convert_timespec_to_time_t(write_time_ts);
894 DEBUG(3,("get_dir_entry mask=[%s] found %s "
903 *pp_fname_out = talloc_strdup(ctx, filename);
904 if (!*pp_fname_out) {
908 DirCacheAdd(conn->dirptr->dir_hnd, dname, curoff);
909 TALLOC_FREE(pathreal);
916 /*******************************************************************
917 Check to see if a user can read a file. This is only approximate,
918 it is used as part of the "hide unreadable" option. Don't
919 use it for anything security sensitive.
920 ********************************************************************/
922 static bool user_can_read_file(connection_struct *conn, char *name, SMB_STRUCT_STAT *pst)
924 SEC_DESC *psd = NULL;
927 uint32 access_granted;
930 * If user is a member of the Admin group
931 * we never hide files from them.
934 if (conn->admin_user) {
938 SMB_ASSERT(VALID_STAT(*pst));
940 /* Pseudo-open the file (note - no fd's created). */
942 if(S_ISDIR(pst->st_mode)) {
943 status = open_directory(conn, NULL, name, pst,
945 FILE_SHARE_READ|FILE_SHARE_WRITE,
947 0, /* no create options. */
948 FILE_ATTRIBUTE_DIRECTORY,
951 status = open_file_stat(conn, NULL, name, pst, &fsp);
954 if (!NT_STATUS_IS_OK(status)) {
958 /* Get NT ACL -allocated in main loop talloc context. No free needed here. */
959 status = SMB_VFS_FGET_NT_ACL(fsp,
960 (OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION), &psd);
961 close_file(fsp, NORMAL_CLOSE);
963 /* No access if SD get failed. */
964 if (!NT_STATUS_IS_OK(status)) {
968 return se_access_check(psd, current_user.nt_user_token, FILE_READ_DATA,
969 &access_granted, &status);
972 /*******************************************************************
973 Check to see if a user can write a file (and only files, we do not
974 check dirs on this one). This is only approximate,
975 it is used as part of the "hide unwriteable" option. Don't
976 use it for anything security sensitive.
977 ********************************************************************/
979 static bool user_can_write_file(connection_struct *conn, char *name, SMB_STRUCT_STAT *pst)
981 SEC_DESC *psd = NULL;
985 uint32 access_granted;
988 * If user is a member of the Admin group
989 * we never hide files from them.
992 if (conn->admin_user) {
996 SMB_ASSERT(VALID_STAT(*pst));
998 /* Pseudo-open the file */
1000 if(S_ISDIR(pst->st_mode)) {
1003 status = open_file_ntcreate(conn, NULL, name, pst,
1004 FILE_WRITE_ATTRIBUTES,
1005 FILE_SHARE_READ|FILE_SHARE_WRITE,
1008 FILE_ATTRIBUTE_NORMAL,
1013 if (!NT_STATUS_IS_OK(status)) {
1017 /* Get NT ACL -allocated in main loop talloc context. No free needed here. */
1018 status = SMB_VFS_FGET_NT_ACL(fsp,
1019 (OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION), &psd);
1020 close_file(fsp, NORMAL_CLOSE);
1022 /* No access if SD get failed. */
1023 if (!NT_STATUS_IS_OK(status)) {
1027 return se_access_check(psd, current_user.nt_user_token, FILE_WRITE_DATA,
1028 &access_granted, &status);
1031 /*******************************************************************
1032 Is a file a "special" type ?
1033 ********************************************************************/
1035 static bool file_is_special(connection_struct *conn, char *name, SMB_STRUCT_STAT *pst)
1038 * If user is a member of the Admin group
1039 * we never hide files from them.
1042 if (conn->admin_user)
1045 SMB_ASSERT(VALID_STAT(*pst));
1047 if (S_ISREG(pst->st_mode) || S_ISDIR(pst->st_mode) || S_ISLNK(pst->st_mode))
1053 /*******************************************************************
1054 Should the file be seen by the client ? NOTE: A successful return
1055 is no guarantee of the file's existence ... you also have to check
1056 whether pst is valid.
1057 ********************************************************************/
1059 bool is_visible_file(connection_struct *conn, const char *dir_path, const char *name, SMB_STRUCT_STAT *pst, bool use_veto)
1061 bool hide_unreadable = lp_hideunreadable(SNUM(conn));
1062 bool hide_unwriteable = lp_hideunwriteable_files(SNUM(conn));
1063 bool hide_special = lp_hide_special_files(SNUM(conn));
1065 SET_STAT_INVALID(*pst);
1067 if ((strcmp(".",name) == 0) || (strcmp("..",name) == 0)) {
1068 return True; /* . and .. are always visible. */
1071 /* If it's a vetoed file, pretend it doesn't even exist */
1072 if (use_veto && IS_VETO_PATH(conn, name)) {
1073 DEBUG(10,("is_visible_file: file %s is vetoed.\n", name ));
1077 if (hide_unreadable || hide_unwriteable || hide_special) {
1080 if (asprintf(&entry, "%s/%s", dir_path, name) == -1) {
1084 /* If it's a dfs symlink, ignore _hide xxxx_ options */
1085 if (lp_host_msdfs() &&
1086 lp_msdfs_root(SNUM(conn)) &&
1087 is_msdfs_link(conn, entry, NULL)) {
1092 /* If the file name does not exist, there's no point checking
1093 * the configuration options. We succeed, on the basis that the
1094 * checks *might* have passed if the file was present.
1096 if (SMB_VFS_STAT(conn, entry, pst) != 0) {
1101 /* Honour _hide unreadable_ option */
1102 if (hide_unreadable && !user_can_read_file(conn, entry, pst)) {
1103 DEBUG(10,("is_visible_file: file %s is unreadable.\n", entry ));
1107 /* Honour _hide unwriteable_ option */
1108 if (hide_unwriteable && !user_can_write_file(conn, entry, pst)) {
1109 DEBUG(10,("is_visible_file: file %s is unwritable.\n", entry ));
1113 /* Honour _hide_special_ option */
1114 if (hide_special && file_is_special(conn, entry, pst)) {
1115 DEBUG(10,("is_visible_file: file %s is special.\n", entry ));
1124 static int smb_Dir_destructor(struct smb_Dir *dirp)
1127 SMB_VFS_CLOSEDIR(dirp->conn,dirp->dir);
1133 /*******************************************************************
1135 ********************************************************************/
1137 struct smb_Dir *OpenDir(TALLOC_CTX *mem_ctx, connection_struct *conn,
1138 const char *name, const char *mask, uint32 attr)
1140 struct smb_Dir *dirp = TALLOC_ZERO_P(mem_ctx, struct smb_Dir);
1147 dirp->name_cache_size = lp_directory_name_cache_size(SNUM(conn));
1149 dirp->dir_path = talloc_strdup(dirp, name);
1150 if (!dirp->dir_path) {
1155 talloc_set_destructor(dirp, smb_Dir_destructor);
1157 dirp->dir = SMB_VFS_OPENDIR(conn, dirp->dir_path, mask, attr);
1159 DEBUG(5,("OpenDir: Can't open %s. %s\n", dirp->dir_path,
1171 /*******************************************************************
1172 Read from a directory. Also return current offset.
1173 Don't check for veto or invisible files.
1174 ********************************************************************/
1176 const char *ReadDirName(struct smb_Dir *dirp, long *poffset)
1179 connection_struct *conn = dirp->conn;
1181 /* Cheat to allow . and .. to be the first entries returned. */
1182 if (((*poffset == START_OF_DIRECTORY_OFFSET) || (*poffset == DOT_DOT_DIRECTORY_OFFSET)) && (dirp->file_number < 2)) {
1183 if (dirp->file_number == 0) {
1185 *poffset = dirp->offset = START_OF_DIRECTORY_OFFSET;
1187 *poffset = dirp->offset = DOT_DOT_DIRECTORY_OFFSET;
1190 dirp->file_number++;
1192 } else if (*poffset == END_OF_DIRECTORY_OFFSET) {
1193 *poffset = dirp->offset = END_OF_DIRECTORY_OFFSET;
1196 /* A real offset, seek to it. */
1197 SeekDir(dirp, *poffset);
1200 while ((n = vfs_readdirname(conn, dirp->dir))) {
1201 /* Ignore . and .. - we've already returned them. */
1203 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
1207 *poffset = dirp->offset = SMB_VFS_TELLDIR(conn, dirp->dir);
1208 dirp->file_number++;
1211 *poffset = dirp->offset = END_OF_DIRECTORY_OFFSET;
1215 /*******************************************************************
1216 Rewind to the start.
1217 ********************************************************************/
1219 void RewindDir(struct smb_Dir *dirp, long *poffset)
1221 SMB_VFS_REWINDDIR(dirp->conn, dirp->dir);
1222 dirp->file_number = 0;
1223 dirp->offset = START_OF_DIRECTORY_OFFSET;
1224 *poffset = START_OF_DIRECTORY_OFFSET;
1227 /*******************************************************************
1229 ********************************************************************/
1231 void SeekDir(struct smb_Dir *dirp, long offset)
1233 if (offset != dirp->offset) {
1234 if (offset == START_OF_DIRECTORY_OFFSET) {
1235 RewindDir(dirp, &offset);
1237 * Ok we should really set the file number here
1238 * to 1 to enable ".." to be returned next. Trouble
1239 * is I'm worried about callers using SeekDir(dirp,0)
1240 * as equivalent to RewindDir(). So leave this alone
1243 } else if (offset == DOT_DOT_DIRECTORY_OFFSET) {
1244 RewindDir(dirp, &offset);
1246 * Set the file number to 2 - we want to get the first
1247 * real file entry (the one we return after "..")
1248 * on the next ReadDir.
1250 dirp->file_number = 2;
1251 } else if (offset == END_OF_DIRECTORY_OFFSET) {
1252 ; /* Don't seek in this case. */
1254 SMB_VFS_SEEKDIR(dirp->conn, dirp->dir, offset);
1256 dirp->offset = offset;
1260 /*******************************************************************
1261 Tell a dir position.
1262 ********************************************************************/
1264 long TellDir(struct smb_Dir *dirp)
1266 return(dirp->offset);
1269 /*******************************************************************
1270 Add an entry into the dcache.
1271 ********************************************************************/
1273 void DirCacheAdd(struct smb_Dir *dirp, const char *name, long offset)
1275 struct name_cache_entry *e;
1277 if (dirp->name_cache_size == 0) {
1281 if (dirp->name_cache == NULL) {
1282 dirp->name_cache = TALLOC_ZERO_ARRAY(
1283 dirp, struct name_cache_entry, dirp->name_cache_size);
1285 if (dirp->name_cache == NULL) {
1290 dirp->name_cache_index = (dirp->name_cache_index+1) %
1291 dirp->name_cache_size;
1292 e = &dirp->name_cache[dirp->name_cache_index];
1293 TALLOC_FREE(e->name);
1294 e->name = talloc_strdup(dirp, name);
1298 /*******************************************************************
1299 Find an entry by name. Leave us at the offset after it.
1300 Don't check for veto or invisible files.
1301 ********************************************************************/
1303 bool SearchDir(struct smb_Dir *dirp, const char *name, long *poffset)
1307 connection_struct *conn = dirp->conn;
1309 /* Search back in the name cache. */
1310 if (dirp->name_cache_size && dirp->name_cache) {
1311 for (i = dirp->name_cache_index; i >= 0; i--) {
1312 struct name_cache_entry *e = &dirp->name_cache[i];
1313 if (e->name && (conn->case_sensitive ? (strcmp(e->name, name) == 0) : strequal(e->name, name))) {
1314 *poffset = e->offset;
1315 SeekDir(dirp, e->offset);
1319 for (i = dirp->name_cache_size - 1; i > dirp->name_cache_index; i--) {
1320 struct name_cache_entry *e = &dirp->name_cache[i];
1321 if (e->name && (conn->case_sensitive ? (strcmp(e->name, name) == 0) : strequal(e->name, name))) {
1322 *poffset = e->offset;
1323 SeekDir(dirp, e->offset);
1329 /* Not found in the name cache. Rewind directory and start from scratch. */
1330 SMB_VFS_REWINDDIR(conn, dirp->dir);
1331 dirp->file_number = 0;
1332 *poffset = START_OF_DIRECTORY_OFFSET;
1333 while ((entry = ReadDirName(dirp, poffset))) {
1334 if (conn->case_sensitive ? (strcmp(entry, name) == 0) : strequal(entry, name)) {
1341 /*****************************************************************
1342 Is this directory empty ?
1343 *****************************************************************/
1345 NTSTATUS can_delete_directory(struct connection_struct *conn,
1346 const char *dirname)
1348 NTSTATUS status = NT_STATUS_OK;
1351 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn, dirname,
1355 return map_nt_error_from_unix(errno);
1358 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
1361 /* Quick check for "." and ".." */
1362 if (dname[0] == '.') {
1363 if (!dname[1] || (dname[1] == '.' && !dname[2])) {
1368 if (!is_visible_file(conn, dirname, dname, &st, True)) {
1372 DEBUG(10,("can_delete_directory: got name %s - can't delete\n", dname ));
1373 status = NT_STATUS_DIRECTORY_NOT_EMPTY;
1376 TALLOC_FREE(dir_hnd);