*/
#include "includes.h"
+#include "smbd/globals.h"
extern const struct generic_mapping file_generic_mapping;
-extern bool global_client_failed_oplock_break;
struct deferred_open_record {
bool delayed_for_oplocks;
static NTSTATUS check_open_rights(struct connection_struct *conn,
const char *fname,
- uint32_t access_mask)
+ uint32_t access_mask,
+ uint32_t *access_granted)
{
/* Check if we have rights to open. */
NTSTATUS status;
- uint32_t access_granted = 0;
struct security_descriptor *sd;
+ *access_granted = 0;
+
+ if (conn->server_info->utok.uid == 0 || conn->admin_user) {
+ /* I'm sorry sir, I didn't know you were root... */
+ *access_granted = access_mask;
+ if (access_mask & SEC_FLAG_MAXIMUM_ALLOWED) {
+ *access_granted |= FILE_GENERIC_ALL;
+ }
+ return NT_STATUS_OK;
+ }
+
status = SMB_VFS_GET_NT_ACL(conn, fname,
(OWNER_SECURITY_INFORMATION |
GROUP_SECURITY_INFORMATION |
status = smb1_file_se_access_check(sd,
conn->server_info->ptok,
access_mask,
- &access_granted);
+ access_granted);
TALLOC_FREE(sd);
+
+ DEBUG(10,("check_open_rights: file %s requesting "
+ "0x%x returning 0x%x (%s)\n",
+ fname,
+ (unsigned int)access_mask,
+ (unsigned int)*access_granted,
+ nt_errstr(status) ));
+
return status;
}
fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
if (fsp->fh->fd == -1) {
status = map_nt_error_from_unix(errno);
+ if (errno == EMFILE) {
+ static time_t last_warned = 0L;
+
+ if (time((time_t *) NULL) > last_warned) {
+ DEBUG(0,("Too many open files, unable "
+ "to open more! smbd's max "
+ "open files = %d\n",
+ lp_max_open_files()));
+ last_warned = time((time_t *) NULL);
+ }
+ }
+
}
DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
} else {
fsp->fh->fd = -1; /* What we used to call a stat open. */
if (file_existed) {
+ uint32_t access_granted = 0;
+
status = check_open_rights(conn,
path,
- access_mask);
+ access_mask,
+ &access_granted);
if (!NT_STATUS_IS_OK(status)) {
- DEBUG(10, ("open_file: Access denied on "
- "file %s\n",
- path));
- return status;
+ if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ /*
+ * On NT_STATUS_ACCESS_DENIED, access_granted
+ * contains the denied bits.
+ */
+
+ if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
+ (access_granted & FILE_WRITE_ATTRIBUTES) &&
+ (lp_map_readonly(SNUM(conn)) ||
+ lp_map_archive(SNUM(conn)) ||
+ lp_map_hidden(SNUM(conn)) ||
+ lp_map_system(SNUM(conn)))) {
+ access_granted &= ~FILE_WRITE_ATTRIBUTES;
+
+ DEBUG(10,("open_file: overrode FILE_WRITE_ATTRIBUTES "
+ "on file %s\n",
+ path ));
+ }
+
+ if ((access_mask & DELETE_ACCESS) &&
+ (access_granted & DELETE_ACCESS) &&
+ can_delete_file_in_directory(conn, path)) {
+ /* Were we trying to do a stat open
+ * for delete and didn't get DELETE
+ * access (only) ? Check if the
+ * directory allows DELETE_CHILD.
+ * See here:
+ * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
+ * for details. */
+
+ access_granted &= ~DELETE_ACCESS;
+
+ DEBUG(10,("open_file: overrode DELETE_ACCESS "
+ "on file %s\n",
+ path ));
+ }
+
+ if (access_granted != 0) {
+ DEBUG(10, ("open_file: Access denied on "
+ "file %s\n",
+ path));
+ return status;
+ }
+ } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
+ fsp->posix_open &&
+ S_ISLNK(psbuf->st_mode)) {
+ /* This is a POSIX stat open for delete
+ * or rename on a symlink that points
+ * nowhere. Allow. */
+ DEBUG(10, ("open_file: allowing POSIX open "
+ "on bad symlink %s\n",
+ path ));
+ } else {
+ DEBUG(10, ("open_file: check_open_rights "
+ "on file %s returned %s\n",
+ path, nt_errstr(status) ));
+ return status;
+ }
}
}
}
(fsp->oplock_type == NO_OPLOCK));
}
+/*
+ * Send a break message to the oplock holder and delay the open for
+ * our client.
+ */
+
+static NTSTATUS send_break_message(files_struct *fsp,
+ struct share_mode_entry *exclusive,
+ uint16 mid,
+ int oplock_request)
+{
+ NTSTATUS status;
+ char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
+
+ DEBUG(10, ("Sending break request to PID %s\n",
+ procid_str_static(&exclusive->pid)));
+ exclusive->op_mid = mid;
+
+ /* Create the message. */
+ share_mode_entry_to_message(msg, exclusive);
+
+ /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
+ don't want this set in the share mode struct pointed to by lck. */
+
+ if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
+ SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
+ }
+
+ status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
+ MSG_SMB_BREAK_REQUEST,
+ (uint8 *)msg,
+ MSG_SMB_SHARE_MODE_ENTRY_SIZE);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(3, ("Could not send oplock break message: %s\n",
+ nt_errstr(status)));
+ }
+
+ return status;
+}
+
/*
* 1) No files open at all or internal open: Grant whatever the client wants.
*
* 2) Exclusive (or batch) oplock around: If the requested access is a delete
* request, break if the oplock around is a batch oplock. If it's another
* requested access type, break.
- *
+ *
* 3) Only level2 around: Grant level2 and do nothing else.
*/
{
int i;
struct share_mode_entry *exclusive = NULL;
- bool valid_entry = False;
- bool delay_it = False;
- bool have_level2 = False;
- NTSTATUS status;
- char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
+ bool valid_entry = false;
+ bool have_level2 = false;
+ bool have_a_none_oplock = false;
+ bool allow_level2 = (global_client_caps & CAP_LEVEL_II_OPLOCKS) &&
+ lp_level2_oplocks(SNUM(fsp->conn));
if (oplock_request & INTERNAL_OPEN_ONLY) {
fsp->oplock_type = NO_OPLOCK;
}
if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
- return False;
+ return false;
}
for (i=0; i<lck->num_share_modes; i++) {
}
/* At least one entry is not an invalid or deferred entry. */
- valid_entry = True;
+ valid_entry = true;
if (pass_number == 1) {
if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
- SMB_ASSERT(exclusive == NULL);
+ SMB_ASSERT(exclusive == NULL);
exclusive = &lck->share_modes[i];
}
} else {
if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
- SMB_ASSERT(exclusive == NULL);
+ SMB_ASSERT(exclusive == NULL);
exclusive = &lck->share_modes[i];
}
}
- if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
- SMB_ASSERT(exclusive == NULL);
- have_level2 = True;
+ if (LEVEL_II_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
+ SMB_ASSERT(exclusive == NULL);
+ have_level2 = true;
}
- }
- if (!valid_entry) {
- /* All entries are placeholders or deferred.
- * Directly grant whatever the client wants. */
- if (fsp->oplock_type == NO_OPLOCK) {
- /* Store a level2 oplock, but don't tell the client */
- fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
+ if (lck->share_modes[i].op_type == NO_OPLOCK) {
+ have_a_none_oplock = true;
}
- return False;
}
if (exclusive != NULL) { /* Found an exclusive oplock */
+ bool delay_it = is_delete_request(fsp) ?
+ BATCH_OPLOCK_TYPE(exclusive->op_type) : true;
SMB_ASSERT(!have_level2);
- delay_it = is_delete_request(fsp) ?
- BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
- }
-
- if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
- /* We can at most grant level2 as there are other
- * level2 or NO_OPLOCK entries. */
- fsp->oplock_type = LEVEL_II_OPLOCK;
+ if (delay_it) {
+ send_break_message(fsp, exclusive, mid, oplock_request);
+ return true;
+ }
}
- if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
- /* Store a level2 oplock, but don't tell the client */
- fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
- }
+ /*
+ * Match what was requested (fsp->oplock_type) with
+ * what was found in the existing share modes.
+ */
- if (!delay_it) {
- return False;
+ if (!valid_entry) {
+ /* All entries are placeholders or deferred.
+ * Directly grant whatever the client wants. */
+ if (fsp->oplock_type == NO_OPLOCK) {
+ /* Store a level2 oplock, but don't tell the client */
+ fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
+ }
+ } else if (have_a_none_oplock) {
+ fsp->oplock_type = NO_OPLOCK;
+ } else if (have_level2) {
+ if (fsp->oplock_type == NO_OPLOCK ||
+ fsp->oplock_type == FAKE_LEVEL_II_OPLOCK) {
+ /* Store a level2 oplock, but don't tell the client */
+ fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
+ } else {
+ fsp->oplock_type = LEVEL_II_OPLOCK;
+ }
+ } else {
+ /* This case can never happen. */
+ SMB_ASSERT(1);
}
/*
- * Send a break message to the oplock holder and delay the open for
- * our client.
+ * Don't grant level2 to clients that don't want them
+ * or if we've turned them off.
*/
-
- DEBUG(10, ("Sending break request to PID %s\n",
- procid_str_static(&exclusive->pid)));
- exclusive->op_mid = mid;
-
- /* Create the message. */
- share_mode_entry_to_message(msg, exclusive);
-
- /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
- don't want this set in the share mode struct pointed to by lck. */
-
- if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
- SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
+ if (fsp->oplock_type == LEVEL_II_OPLOCK && !allow_level2) {
+ fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
}
- status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
- MSG_SMB_BREAK_REQUEST,
- (uint8 *)msg,
- MSG_SMB_SHARE_MODE_ENTRY_SIZE);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(3, ("Could not send oplock break message: %s\n",
- nt_errstr(status)));
- }
+ DEBUG(10,("delay_for_oplocks: oplock type 0x%x on file %s\n",
+ fsp->oplock_type, fsp->fsp_name));
- return True;
+ /* No delay. */
+ return false;
}
bool request_timed_out(struct timeval request_time,
exit_server("push_deferred_smb_message failed");
}
add_deferred_open(lck, req->mid, request_time, state->id);
-
- /*
- * Push the MID of this packet on the signing queue.
- * We only do this once, the first time we push the packet
- * onto the deferred open queue, as this has a side effect
- * of incrementing the response sequence number.
- */
-
- srv_defer_sign_response(req->mid);
}
uint32 access_mask;
uint32 share_mode;
uint32 create_disposition;
- uint32 create_options = 0;
+ uint32 create_options = FILE_NON_DIRECTORY_FILE;
DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
"open_func = 0x%x\n",
bool def_acl = False;
bool posix_open = False;
bool new_file_created = False;
+ bool clear_ads = false;
struct file_id id;
NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
mode_t new_unx_mode = (mode_t)0;
DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
- return print_fsp_open(req, conn, fname, req->vuid, fsp);
+ return print_fsp_open(req, conn, fname, req->vuid, fsp, psbuf);
}
- if (!parent_dirname_talloc(talloc_tos(), fname, &parent_dir,
- &newname)) {
+ if (!parent_dirname(talloc_tos(), fname, &parent_dir, &newname)) {
return NT_STATUS_NO_MEMORY;
}
"create_disposition = 0x%x create_options=0x%x "
"unix mode=0%o oplock_request=%d\n",
fname, new_dos_attributes, access_mask, share_access,
- create_disposition, create_options, unx_mode,
+ create_disposition, create_options, (unsigned int)unx_mode,
oplock_request));
if ((req == NULL) && ((oplock_request & INTERNAL_OPEN_ONLY) == 0)) {
/* If file exists replace/overwrite. If file doesn't
* exist create. */
flags2 |= (O_CREAT | O_TRUNC);
+ clear_ads = true;
break;
case FILE_OVERWRITE_IF:
/* If file exists replace/overwrite. If file doesn't
* exist create. */
flags2 |= (O_CREAT | O_TRUNC);
+ clear_ads = true;
break;
case FILE_OPEN:
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
flags2 |= O_TRUNC;
+ clear_ads = true;
break;
case FILE_CREATE:
SMB_ASSERT(lck != NULL);
+ /* Delete streams if create_disposition requires it */
+ if (file_existed && clear_ads && !is_ntfs_stream_name(fname)) {
+ status = delete_all_streams(conn, fname);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(lck);
+ fd_close(fsp);
+ return status;
+ }
+ }
+
/* note that we ignore failure for the following. It is
basically a hack for NFS, and NFS will never set one of
these only read them. Nobody but Samba can ever set a deny
* file structs.
*/
- if ((fsp->oplock_type != NO_OPLOCK) &&
- (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
- if (!set_file_oplock(fsp, fsp->oplock_type)) {
- /* Could not get the kernel oplock */
- fsp->oplock_type = NO_OPLOCK;
- }
+ if (!set_file_oplock(fsp, fsp->oplock_type)) {
+ /* Could not get the kernel oplock */
+ fsp->oplock_type = NO_OPLOCK;
}
if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
}
set_share_mode(lck, fsp, conn->server_info->utok.uid, 0,
- fsp->oplock_type, new_file_created);
+ fsp->oplock_type);
/* Handle strange delete on close create semantics. */
- if ((create_options & FILE_DELETE_ON_CLOSE)
- && (((conn->fs_capabilities & FILE_NAMED_STREAMS)
- && is_ntfs_stream_name(fname))
- || can_set_initial_delete_on_close(lck))) {
+ if (create_options & FILE_DELETE_ON_CLOSE) {
+
status = can_set_delete_on_close(fsp, True, new_dos_attributes);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- if (!parent_dirname_talloc(talloc_tos(), name, &parent_dir,
- &dirname)) {
+ if (!parent_dirname(talloc_tos(), name, &parent_dir, &dirname)) {
return NT_STATUS_NO_MEMORY;
}
return status;
}
+ /* We need to support SeSecurityPrivilege for this. */
+ if (access_mask & SEC_RIGHT_SYSTEM_SECURITY) {
+ DEBUG(10, ("open_directory: open on %s "
+ "failed - SEC_RIGHT_SYSTEM_SECURITY denied.\n",
+ fname));
+ return NT_STATUS_PRIVILEGE_NOT_HELD;
+ }
+
switch( create_disposition ) {
case FILE_OPEN:
}
if (info == FILE_WAS_OPENED) {
+ uint32_t access_granted = 0;
status = check_open_rights(conn,
fname,
- access_mask);
+ access_mask,
+ &access_granted);
+
+ /* Were we trying to do a directory open
+ * for delete and didn't get DELETE
+ * access (only) ? Check if the
+ * directory allows DELETE_CHILD.
+ * See here:
+ * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx
+ * for details. */
+
+ if ((NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED) &&
+ (access_mask & DELETE_ACCESS) &&
+ (access_granted == DELETE_ACCESS) &&
+ can_delete_file_in_directory(conn, fname))) {
+ DEBUG(10,("open_directory: overrode ACCESS_DENIED "
+ "on directory %s\n",
+ fname ));
+ status = NT_STATUS_OK;
+ }
+
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("open_directory: check_open_rights on "
"file %s failed with %s\n",
return status;
}
- set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK,
- True);
+ set_share_mode(lck, fsp, conn->server_info->utok.uid, 0, NO_OPLOCK);
/* For directories the delete on close bit at open time seems
always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
}
/* Unpack the message. */
- pull_file_id_16(frm, &id);
- sharepath = &frm[16];
+ pull_file_id_24(frm, &id);
+ sharepath = &frm[24];
newname = sharepath + strlen(sharepath) + 1;
sp_len = strlen(sharepath);
* If that works, delete them all by setting the delete on close and close.
*/
-static NTSTATUS open_streams_for_delete(connection_struct *conn,
+NTSTATUS open_streams_for_delete(connection_struct *conn,
const char *fname)
{
struct stream_struct *stream_info;
goto fail;
}
- status = create_file_unixpath
- (conn, /* conn */
+ status = SMB_VFS_CREATE_FILE(
+ conn, /* conn */
NULL, /* req */
+ 0, /* root_dir_fid */
streamname, /* fname */
+ 0, /* create_file_flags */
DELETE_ACCESS, /* access_mask */
- FILE_SHARE_READ | FILE_SHARE_WRITE
- | FILE_SHARE_DELETE, /* share_access */
+ (FILE_SHARE_READ | /* share_access */
+ FILE_SHARE_WRITE | FILE_SHARE_DELETE),
FILE_OPEN, /* create_disposition*/
NTCREATEX_OPTIONS_PRIVATE_STREAM_DELETE, /* create_options */
FILE_ATTRIBUTE_NORMAL, /* file_attributes */
&& (create_disposition != FILE_CREATE)
&& (share_access & FILE_SHARE_DELETE)
&& (access_mask & DELETE_ACCESS)
- && (!can_delete_file_in_directory(conn, fname))) {
+ && (!(can_delete_file_in_directory(conn, fname) ||
+ can_access_file_acl(conn, fname, DELETE_ACCESS)))) {
status = NT_STATUS_ACCESS_DENIED;
+ DEBUG(10,("create_file_unixpath: open file %s "
+ "for delete ACCESS_DENIED\n", fname ));
goto fail;
}
status = NT_STATUS_PRIVILEGE_NOT_HELD;
goto fail;
}
+#else
+ /* We need to support SeSecurityPrivilege for this. */
+ if (access_mask & SEC_RIGHT_SYSTEM_SECURITY) {
+ status = NT_STATUS_PRIVILEGE_NOT_HELD;
+ goto fail;
+ }
+ /* Don't allow a SACL set from an NTtrans create until we
+ * support SeSecurityPrivilege. */
+ if (!VALID_STAT(sbuf) &&
+ lp_nt_acl_support(SNUM(conn)) &&
+ sd && (sd->sacl != NULL)) {
+ status = NT_STATUS_PRIVILEGE_NOT_HELD;
+ goto fail;
+ }
#endif
if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
if ((sd != NULL) && (info == FILE_WAS_CREATED)
&& lp_nt_acl_support(SNUM(conn))) {
- uint32_t sec_info_sent = ALL_SECURITY_INFORMATION;
+ uint32_t sec_info_sent;
uint32_t saved_access_mask = fsp->access_mask;
- if (sd->owner_sid == NULL) {
- sec_info_sent &= ~OWNER_SECURITY_INFORMATION;
- }
- if (sd->group_sid == NULL) {
- sec_info_sent &= ~GROUP_SECURITY_INFORMATION;
- }
- if (sd->sacl == NULL) {
- sec_info_sent &= ~SACL_SECURITY_INFORMATION;
- }
- if (sd->dacl == NULL) {
- sec_info_sent &= ~DACL_SECURITY_INFORMATION;
- }
+ sec_info_sent = get_sec_info(sd);
fsp->access_mask = FILE_GENERIC_ALL;
return status;
}
+/*
+ * Calculate the full path name given a relative fid.
+ */
+NTSTATUS get_relative_fid_filename(connection_struct *conn,
+ struct smb_request *req,
+ uint16_t root_dir_fid,
+ const char *fname, char **new_fname)
+{
+ files_struct *dir_fsp;
+ char *parent_fname = NULL;
+
+ if (root_dir_fid == 0 || !fname || !new_fname) {
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+
+ dir_fsp = file_fsp(req, root_dir_fid);
+
+ if (dir_fsp == NULL) {
+ return NT_STATUS_INVALID_HANDLE;
+ }
+
+ if (!dir_fsp->is_directory) {
+
+ /*
+ * Check to see if this is a mac fork of some kind.
+ */
+
+ if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
+ is_ntfs_stream_name(fname)) {
+ return NT_STATUS_OBJECT_PATH_NOT_FOUND;
+ }
+
+ /*
+ we need to handle the case when we get a
+ relative open relative to a file and the
+ pathname is blank - this is a reopen!
+ (hint from demyn plantenberg)
+ */
+
+ return NT_STATUS_INVALID_HANDLE;
+ }
+
+ if (ISDOT(dir_fsp->fsp_name)) {
+ /*
+ * We're at the toplevel dir, the final file name
+ * must not contain ./, as this is filtered out
+ * normally by srvstr_get_path and unix_convert
+ * explicitly rejects paths containing ./.
+ */
+ parent_fname = talloc_strdup(talloc_tos(), "");
+ if (parent_fname == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ } else {
+ size_t dir_name_len = strlen(dir_fsp->fsp_name);
+
+ /*
+ * Copy in the base directory name.
+ */
+
+ parent_fname = TALLOC_ARRAY(talloc_tos(), char,
+ dir_name_len+2);
+ if (parent_fname == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ memcpy(parent_fname, dir_fsp->fsp_name,
+ dir_name_len+1);
+
+ /*
+ * Ensure it ends in a '/'.
+ * We used TALLOC_SIZE +2 to add space for the '/'.
+ */
+
+ if(dir_name_len
+ && (parent_fname[dir_name_len-1] != '\\')
+ && (parent_fname[dir_name_len-1] != '/')) {
+ parent_fname[dir_name_len] = '/';
+ parent_fname[dir_name_len+1] = '\0';
+ }
+ }
+
+ *new_fname = talloc_asprintf(talloc_tos(), "%s%s", parent_fname,
+ fname);
+ if (*new_fname == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ return NT_STATUS_OK;
+}
+
NTSTATUS create_file_default(connection_struct *conn,
struct smb_request *req,
uint16_t root_dir_fid,
ea_list, sd, create_file_flags, fname));
/*
- * Get the file name.
+ * Calculate the filename from the root_dir_if if necessary.
*/
if (root_dir_fid != 0) {
- /*
- * This filename is relative to a directory fid.
- */
- char *parent_fname = NULL;
- files_struct *dir_fsp = file_fsp(req, root_dir_fid);
-
- if (dir_fsp == NULL) {
- status = NT_STATUS_INVALID_HANDLE;
- goto fail;
- }
-
- if (!dir_fsp->is_directory) {
-
- /*
- * Check to see if this is a mac fork of some kind.
- */
+ char *new_fname;
- if ((conn->fs_capabilities & FILE_NAMED_STREAMS) &&
- is_ntfs_stream_name(fname)) {
- status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
- goto fail;
- }
-
- /*
- we need to handle the case when we get a
- relative open relative to a file and the
- pathname is blank - this is a reopen!
- (hint from demyn plantenberg)
- */
-
- status = NT_STATUS_INVALID_HANDLE;
+ status = get_relative_fid_filename(conn, req, root_dir_fid,
+ fname, &new_fname);
+ if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
- if (ISDOT(dir_fsp->fsp_name)) {
- /*
- * We're at the toplevel dir, the final file name
- * must not contain ./, as this is filtered out
- * normally by srvstr_get_path and unix_convert
- * explicitly rejects paths containing ./.
- */
- parent_fname = talloc_strdup(talloc_tos(), "");
- if (parent_fname == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
- } else {
- size_t dir_name_len = strlen(dir_fsp->fsp_name);
-
- /*
- * Copy in the base directory name.
- */
-
- parent_fname = TALLOC_ARRAY(talloc_tos(), char,
- dir_name_len+2);
- if (parent_fname == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
- memcpy(parent_fname, dir_fsp->fsp_name,
- dir_name_len+1);
-
- /*
- * Ensure it ends in a '/'.
- * We used TALLOC_SIZE +2 to add space for the '/'.
- */
-
- if(dir_name_len
- && (parent_fname[dir_name_len-1] != '\\')
- && (parent_fname[dir_name_len-1] != '/')) {
- parent_fname[dir_name_len] = '/';
- parent_fname[dir_name_len+1] = '\0';
- }
- }
-
- fname = talloc_asprintf(talloc_tos(), "%s%s", parent_fname,
- fname);
- if (fname == NULL) {
- status = NT_STATUS_NO_MEMORY;
- goto fail;
- }
+ fname = new_fname;
}
/*
git.samba.org / jra / samba / .git / blobdiff