30576f1e0824bcd3586b1fa7fa8df62bf5cdf0ab
[sfrench/samba-autobuild/.git] / source / smbd / open.c
1 /* 
2    Unix SMB/CIFS implementation.
3    file opening and share modes
4    Copyright (C) Andrew Tridgell 1992-1998
5    Copyright (C) Jeremy Allison 2001-2004
6    Copyright (C) Volker Lendecke 2005
7    
8    This program is free software; you can redistribute it and/or modify
9    it under the terms of the GNU General Public License as published by
10    the Free Software Foundation; either version 2 of the License, or
11    (at your option) any later version.
12    
13    This program is distributed in the hope that it will be useful,
14    but WITHOUT ANY WARRANTY; without even the implied warranty of
15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16    GNU General Public License for more details.
17    
18    You should have received a copy of the GNU General Public License
19    along with this program; if not, write to the Free Software
20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 */
22
23 #include "includes.h"
24
25 extern struct generic_mapping file_generic_mapping;
26 extern struct current_user current_user;
27 extern userdom_struct current_user_info;
28 extern uint16 global_smbpid;
29 extern BOOL global_client_failed_oplock_break;
30
31 struct deferred_open_record {
32         BOOL delayed_for_oplocks;
33         struct file_id id;
34 };
35
36 /****************************************************************************
37  fd support routines - attempt to do a dos_open.
38 ****************************************************************************/
39
40 static NTSTATUS fd_open(struct connection_struct *conn,
41                     const char *fname, 
42                     files_struct *fsp,
43                     int flags,
44                     mode_t mode)
45 {
46         NTSTATUS status = NT_STATUS_OK;
47
48 #ifdef O_NOFOLLOW
49         /* 
50          * Never follow symlinks on a POSIX client. The
51          * client should be doing this.
52          */
53
54         if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
55                 flags |= O_NOFOLLOW;
56         }
57 #endif
58
59         fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
60         if (fsp->fh->fd == -1) {
61                 status = map_nt_error_from_unix(errno);
62         }
63
64         DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
65                     fname, flags, (int)mode, fsp->fh->fd,
66                 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
67
68         return status;
69 }
70
71 /****************************************************************************
72  Close the file associated with a fsp.
73 ****************************************************************************/
74
75 NTSTATUS fd_close(struct connection_struct *conn, files_struct *fsp)
76 {
77         if (fsp->fh->fd == -1) {
78                 return NT_STATUS_OK; /* What we used to call a stat open. */
79         }
80         if (fsp->fh->ref_count > 1) {
81                 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
82         }
83         return fd_close_posix(conn, fsp);
84 }
85
86 /****************************************************************************
87  Change the ownership of a file to that of the parent directory.
88  Do this by fd if possible.
89 ****************************************************************************/
90
91 static void change_file_owner_to_parent(connection_struct *conn,
92                                         const char *inherit_from_dir,
93                                         files_struct *fsp)
94 {
95         SMB_STRUCT_STAT parent_st;
96         int ret;
97
98         ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
99         if (ret == -1) {
100                 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
101                          "directory %s. Error was %s\n",
102                          inherit_from_dir, strerror(errno) ));
103                 return;
104         }
105
106         become_root();
107         ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
108         unbecome_root();
109         if (ret == -1) {
110                 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
111                          "file %s to parent directory uid %u. Error "
112                          "was %s\n", fsp->fsp_name,
113                          (unsigned int)parent_st.st_uid,
114                          strerror(errno) ));
115         }
116
117         DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
118                   "parent directory uid %u.\n", fsp->fsp_name,
119                   (unsigned int)parent_st.st_uid ));
120 }
121
122 static void change_dir_owner_to_parent(connection_struct *conn,
123                                        const char *inherit_from_dir,
124                                        const char *fname,
125                                        SMB_STRUCT_STAT *psbuf)
126 {
127         pstring saved_dir;
128         SMB_STRUCT_STAT sbuf;
129         SMB_STRUCT_STAT parent_st;
130         int ret;
131
132         ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
133         if (ret == -1) {
134                 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
135                          "directory %s. Error was %s\n",
136                          inherit_from_dir, strerror(errno) ));
137                 return;
138         }
139
140         /* We've already done an lstat into psbuf, and we know it's a
141            directory. If we can cd into the directory and the dev/ino
142            are the same then we can safely chown without races as
143            we're locking the directory in place by being in it.  This
144            should work on any UNIX (thanks tridge :-). JRA.
145         */
146
147         if (!vfs_GetWd(conn,saved_dir)) {
148                 DEBUG(0,("change_dir_owner_to_parent: failed to get "
149                          "current working directory\n"));
150                 return;
151         }
152
153         /* Chdir into the new path. */
154         if (vfs_ChDir(conn, fname) == -1) {
155                 DEBUG(0,("change_dir_owner_to_parent: failed to change "
156                          "current working directory to %s. Error "
157                          "was %s\n", fname, strerror(errno) ));
158                 goto out;
159         }
160
161         if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
162                 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
163                          "directory '.' (%s) Error was %s\n",
164                          fname, strerror(errno)));
165                 goto out;
166         }
167
168         /* Ensure we're pointing at the same place. */
169         if (sbuf.st_dev != psbuf->st_dev ||
170             sbuf.st_ino != psbuf->st_ino ||
171             sbuf.st_mode != psbuf->st_mode ) {
172                 DEBUG(0,("change_dir_owner_to_parent: "
173                          "device/inode/mode on directory %s changed. "
174                          "Refusing to chown !\n", fname ));
175                 goto out;
176         }
177
178         become_root();
179         ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
180         unbecome_root();
181         if (ret == -1) {
182                 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
183                           "directory %s to parent directory uid %u. "
184                           "Error was %s\n", fname,
185                           (unsigned int)parent_st.st_uid, strerror(errno) ));
186                 goto out;
187         }
188
189         DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
190                   "directory %s to parent directory uid %u.\n",
191                   fname, (unsigned int)parent_st.st_uid ));
192
193  out:
194
195         vfs_ChDir(conn,saved_dir);
196 }
197
198 /****************************************************************************
199  Open a file.
200 ****************************************************************************/
201
202 static NTSTATUS open_file(files_struct *fsp,
203                           connection_struct *conn,
204                           const char *parent_dir,
205                           const char *name,
206                           const char *path,
207                           SMB_STRUCT_STAT *psbuf,
208                           int flags,
209                           mode_t unx_mode,
210                           uint32 access_mask, /* client requested access mask. */
211                           uint32 open_access_mask) /* what we're actually using in the open. */
212 {
213         NTSTATUS status = NT_STATUS_OK;
214         int accmode = (flags & O_ACCMODE);
215         int local_flags = flags;
216         BOOL file_existed = VALID_STAT(*psbuf);
217
218         fsp->fh->fd = -1;
219         errno = EPERM;
220
221         /* Check permissions */
222
223         /*
224          * This code was changed after seeing a client open request 
225          * containing the open mode of (DENY_WRITE/read-only) with
226          * the 'create if not exist' bit set. The previous code
227          * would fail to open the file read only on a read-only share
228          * as it was checking the flags parameter  directly against O_RDONLY,
229          * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
230          * JRA.
231          */
232
233         if (!CAN_WRITE(conn)) {
234                 /* It's a read-only share - fail if we wanted to write. */
235                 if(accmode != O_RDONLY) {
236                         DEBUG(3,("Permission denied opening %s\n", path));
237                         return NT_STATUS_ACCESS_DENIED;
238                 } else if(flags & O_CREAT) {
239                         /* We don't want to write - but we must make sure that
240                            O_CREAT doesn't create the file if we have write
241                            access into the directory.
242                         */
243                         flags &= ~O_CREAT;
244                         local_flags &= ~O_CREAT;
245                 }
246         }
247
248         /*
249          * This little piece of insanity is inspired by the
250          * fact that an NT client can open a file for O_RDONLY,
251          * but set the create disposition to FILE_EXISTS_TRUNCATE.
252          * If the client *can* write to the file, then it expects to
253          * truncate the file, even though it is opening for readonly.
254          * Quicken uses this stupid trick in backup file creation...
255          * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
256          * for helping track this one down. It didn't bite us in 2.0.x
257          * as we always opened files read-write in that release. JRA.
258          */
259
260         if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
261                 DEBUG(10,("open_file: truncate requested on read-only open "
262                           "for file %s\n", path));
263                 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
264         }
265
266         if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
267             (!file_existed && (local_flags & O_CREAT)) ||
268             ((local_flags & O_TRUNC) == O_TRUNC) ) {
269
270                 /*
271                  * We can't actually truncate here as the file may be locked.
272                  * open_file_ntcreate will take care of the truncate later. JRA.
273                  */
274
275                 local_flags &= ~O_TRUNC;
276
277 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
278                 /*
279                  * We would block on opening a FIFO with no one else on the
280                  * other end. Do what we used to do and add O_NONBLOCK to the
281                  * open flags. JRA.
282                  */
283
284                 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
285                         local_flags |= O_NONBLOCK;
286                 }
287 #endif
288
289                 /* Don't create files with Microsoft wildcard characters. */
290                 if ((local_flags & O_CREAT) && !file_existed &&
291                     ms_has_wild(path))  {
292                         return NT_STATUS_OBJECT_NAME_INVALID;
293                 }
294
295                 /* Actually do the open */
296                 status = fd_open(conn, path, fsp, local_flags, unx_mode);
297                 if (!NT_STATUS_IS_OK(status)) {
298                         DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
299                                  "(flags=%d)\n",
300                                  path,nt_errstr(status),local_flags,flags));
301                         return status;
302                 }
303
304                 if ((local_flags & O_CREAT) && !file_existed) {
305
306                         /* Inherit the ACL if required */
307                         if (lp_inherit_perms(SNUM(conn))) {
308                                 inherit_access_acl(conn, parent_dir, path,
309                                                    unx_mode);
310                         }
311
312                         /* Change the owner if required. */
313                         if (lp_inherit_owner(SNUM(conn))) {
314                                 change_file_owner_to_parent(conn, parent_dir,
315                                                             fsp);
316                         }
317
318                         notify_fname(conn, NOTIFY_ACTION_ADDED,
319                                      FILE_NOTIFY_CHANGE_FILE_NAME, path);
320                 }
321
322         } else {
323                 fsp->fh->fd = -1; /* What we used to call a stat open. */
324         }
325
326         if (!file_existed) {
327                 int ret;
328
329                 if (fsp->fh->fd == -1) {
330                         ret = SMB_VFS_STAT(conn, path, psbuf);
331                 } else {
332                         ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
333                         /* If we have an fd, this stat should succeed. */
334                         if (ret == -1) {
335                                 DEBUG(0,("Error doing fstat on open file %s "
336                                          "(%s)\n", path,strerror(errno) ));
337                         }
338                 }
339
340                 /* For a non-io open, this stat failing means file not found. JRA */
341                 if (ret == -1) {
342                         status = map_nt_error_from_unix(errno);
343                         fd_close(conn, fsp);
344                         return status;
345                 }
346         }
347
348         /*
349          * POSIX allows read-only opens of directories. We don't
350          * want to do this (we use a different code path for this)
351          * so catch a directory open and return an EISDIR. JRA.
352          */
353
354         if(S_ISDIR(psbuf->st_mode)) {
355                 fd_close(conn, fsp);
356                 errno = EISDIR;
357                 return NT_STATUS_FILE_IS_A_DIRECTORY;
358         }
359
360         fsp->mode = psbuf->st_mode;
361         fsp->file_id = file_id_sbuf(psbuf);
362         fsp->vuid = current_user.vuid;
363         fsp->file_pid = global_smbpid;
364         fsp->can_lock = True;
365         fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
366         if (!CAN_WRITE(conn)) {
367                 fsp->can_write = False;
368         } else {
369                 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
370                         True : False;
371         }
372         fsp->print_file = False;
373         fsp->modified = False;
374         fsp->sent_oplock_break = NO_BREAK_SENT;
375         fsp->is_directory = False;
376         fsp->is_stat = False;
377
378         string_set(&fsp->fsp_name, path);
379         fsp->wcp = NULL; /* Write cache pointer. */
380
381         DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
382                  *current_user_info.smb_name ?
383                  current_user_info.smb_name : conn->user,fsp->fsp_name,
384                  BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
385                  conn->num_files_open + 1));
386
387         errno = 0;
388         return NT_STATUS_OK;
389 }
390
391 /*******************************************************************
392  Return True if the filename is one of the special executable types.
393 ********************************************************************/
394
395 static BOOL is_executable(const char *fname)
396 {
397         if ((fname = strrchr_m(fname,'.'))) {
398                 if (strequal(fname,".com") ||
399                     strequal(fname,".dll") ||
400                     strequal(fname,".exe") ||
401                     strequal(fname,".sym")) {
402                         return True;
403                 }
404         }
405         return False;
406 }
407
408 /****************************************************************************
409  Check if we can open a file with a share mode.
410  Returns True if conflict, False if not.
411 ****************************************************************************/
412
413 static BOOL share_conflict(struct share_mode_entry *entry,
414                            uint32 access_mask,
415                            uint32 share_access)
416 {
417         DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
418                   "entry->share_access = 0x%x, "
419                   "entry->private_options = 0x%x\n",
420                   (unsigned int)entry->access_mask,
421                   (unsigned int)entry->share_access,
422                   (unsigned int)entry->private_options));
423
424         DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
425                   (unsigned int)access_mask, (unsigned int)share_access));
426
427         if ((entry->access_mask & (FILE_WRITE_DATA|
428                                    FILE_APPEND_DATA|
429                                    FILE_READ_DATA|
430                                    FILE_EXECUTE|
431                                    DELETE_ACCESS)) == 0) {
432                 DEBUG(10,("share_conflict: No conflict due to "
433                           "entry->access_mask = 0x%x\n",
434                           (unsigned int)entry->access_mask ));
435                 return False;
436         }
437
438         if ((access_mask & (FILE_WRITE_DATA|
439                             FILE_APPEND_DATA|
440                             FILE_READ_DATA|
441                             FILE_EXECUTE|
442                             DELETE_ACCESS)) == 0) {
443                 DEBUG(10,("share_conflict: No conflict due to "
444                           "access_mask = 0x%x\n",
445                           (unsigned int)access_mask ));
446                 return False;
447         }
448
449 #if 1 /* JRA TEST - Superdebug. */
450 #define CHECK_MASK(num, am, right, sa, share) \
451         DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
452                 (unsigned int)(num), (unsigned int)(am), \
453                 (unsigned int)(right), (unsigned int)(am)&(right) )); \
454         DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
455                 (unsigned int)(num), (unsigned int)(sa), \
456                 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
457         if (((am) & (right)) && !((sa) & (share))) { \
458                 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
459 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
460                         (unsigned int)(share) )); \
461                 return True; \
462         }
463 #else
464 #define CHECK_MASK(num, am, right, sa, share) \
465         if (((am) & (right)) && !((sa) & (share))) { \
466                 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
467 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
468                         (unsigned int)(share) )); \
469                 return True; \
470         }
471 #endif
472
473         CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
474                    share_access, FILE_SHARE_WRITE);
475         CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
476                    entry->share_access, FILE_SHARE_WRITE);
477         
478         CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
479                    share_access, FILE_SHARE_READ);
480         CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
481                    entry->share_access, FILE_SHARE_READ);
482
483         CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
484                    share_access, FILE_SHARE_DELETE);
485         CHECK_MASK(6, access_mask, DELETE_ACCESS,
486                    entry->share_access, FILE_SHARE_DELETE);
487
488         DEBUG(10,("share_conflict: No conflict.\n"));
489         return False;
490 }
491
492 #if defined(DEVELOPER)
493 static void validate_my_share_entries(int num,
494                                       struct share_mode_entry *share_entry)
495 {
496         files_struct *fsp;
497
498         if (!procid_is_me(&share_entry->pid)) {
499                 return;
500         }
501
502         if (is_deferred_open_entry(share_entry) &&
503             !open_was_deferred(share_entry->op_mid)) {
504                 pstring str;
505                 pstr_sprintf(str, "Got a deferred entry without a request: "
506                              "PANIC: %s\n", share_mode_str(num, share_entry));
507                 smb_panic(str);
508         }
509
510         if (!is_valid_share_mode_entry(share_entry)) {
511                 return;
512         }
513
514         fsp = file_find_dif(share_entry->id,
515                             share_entry->share_file_id);
516         if (!fsp) {
517                 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
518                          share_mode_str(num, share_entry) ));
519                 smb_panic("validate_my_share_entries: Cannot match a "
520                           "share entry with an open file\n");
521         }
522
523         if (is_deferred_open_entry(share_entry) ||
524             is_unused_share_mode_entry(share_entry)) {
525                 goto panic;
526         }
527
528         if ((share_entry->op_type == NO_OPLOCK) &&
529             (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
530                 /* Someone has already written to it, but I haven't yet
531                  * noticed */
532                 return;
533         }
534
535         if (((uint16)fsp->oplock_type) != share_entry->op_type) {
536                 goto panic;
537         }
538
539         return;
540
541  panic:
542         {
543                 pstring str;
544                 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
545                          share_mode_str(num, share_entry) ));
546                 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
547                          "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
548                          fsp->fsp_name, (unsigned int)fsp->oplock_type,
549                          (unsigned int)share_entry->op_type );
550                 smb_panic(str);
551         }
552 }
553 #endif
554
555 static BOOL is_stat_open(uint32 access_mask)
556 {
557         return (access_mask &&
558                 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
559                                   FILE_WRITE_ATTRIBUTES))==0) &&
560                 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
561                                  FILE_WRITE_ATTRIBUTES)) != 0));
562 }
563
564 /****************************************************************************
565  Deal with share modes
566  Invarient: Share mode must be locked on entry and exit.
567  Returns -1 on error, or number of share modes on success (may be zero).
568 ****************************************************************************/
569
570 static NTSTATUS open_mode_check(connection_struct *conn,
571                                 const char *fname,
572                                 struct share_mode_lock *lck,
573                                 uint32 access_mask,
574                                 uint32 share_access,
575                                 uint32 create_options,
576                                 BOOL *file_existed)
577 {
578         int i;
579
580         if(lck->num_share_modes == 0) {
581                 return NT_STATUS_OK;
582         }
583
584         *file_existed = True;
585         
586         if (is_stat_open(access_mask)) {
587                 /* Stat open that doesn't trigger oplock breaks or share mode
588                  * checks... ! JRA. */
589                 return NT_STATUS_OK;
590         }
591
592         /* A delete on close prohibits everything */
593
594         if (lck->delete_on_close) {
595                 return NT_STATUS_DELETE_PENDING;
596         }
597
598         /*
599          * Check if the share modes will give us access.
600          */
601         
602 #if defined(DEVELOPER)
603         for(i = 0; i < lck->num_share_modes; i++) {
604                 validate_my_share_entries(i, &lck->share_modes[i]);
605         }
606 #endif
607
608         if (!lp_share_modes(SNUM(conn))) {
609                 return NT_STATUS_OK;
610         }
611
612         /* Now we check the share modes, after any oplock breaks. */
613         for(i = 0; i < lck->num_share_modes; i++) {
614
615                 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
616                         continue;
617                 }
618
619                 /* someone else has a share lock on it, check to see if we can
620                  * too */
621                 if (share_conflict(&lck->share_modes[i],
622                                    access_mask, share_access)) {
623                         return NT_STATUS_SHARING_VIOLATION;
624                 }
625         }
626         
627         return NT_STATUS_OK;
628 }
629
630 static BOOL is_delete_request(files_struct *fsp) {
631         return ((fsp->access_mask == DELETE_ACCESS) &&
632                 (fsp->oplock_type == NO_OPLOCK));
633 }
634
635 /*
636  * 1) No files open at all or internal open: Grant whatever the client wants.
637  *
638  * 2) Exclusive (or batch) oplock around: If the requested access is a delete
639  *    request, break if the oplock around is a batch oplock. If it's another
640  *    requested access type, break.
641  * 
642  * 3) Only level2 around: Grant level2 and do nothing else.
643  */
644
645 static BOOL delay_for_oplocks(struct share_mode_lock *lck,
646                               files_struct *fsp,
647                               int pass_number,
648                               int oplock_request)
649 {
650         int i;
651         struct share_mode_entry *exclusive = NULL;
652         BOOL valid_entry = False;
653         BOOL delay_it = False;
654         BOOL have_level2 = False;
655         NTSTATUS status;
656         char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
657
658         if (oplock_request & INTERNAL_OPEN_ONLY) {
659                 fsp->oplock_type = NO_OPLOCK;
660         }
661
662         if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
663                 return False;
664         }
665
666         for (i=0; i<lck->num_share_modes; i++) {
667
668                 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
669                         continue;
670                 }
671
672                 /* At least one entry is not an invalid or deferred entry. */
673                 valid_entry = True;
674
675                 if (pass_number == 1) {
676                         if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
677                                 SMB_ASSERT(exclusive == NULL);                  
678                                 exclusive = &lck->share_modes[i];
679                         }
680                 } else {
681                         if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
682                                 SMB_ASSERT(exclusive == NULL);                  
683                                 exclusive = &lck->share_modes[i];
684                         }
685                 }
686
687                 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
688                         SMB_ASSERT(exclusive == NULL);                  
689                         have_level2 = True;
690                 }
691         }
692
693         if (!valid_entry) {
694                 /* All entries are placeholders or deferred.
695                  * Directly grant whatever the client wants. */
696                 if (fsp->oplock_type == NO_OPLOCK) {
697                         /* Store a level2 oplock, but don't tell the client */
698                         fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
699                 }
700                 return False;
701         }
702
703         if (exclusive != NULL) { /* Found an exclusive oplock */
704                 SMB_ASSERT(!have_level2);
705                 delay_it = is_delete_request(fsp) ?
706                         BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
707         }
708
709         if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
710                 /* We can at most grant level2 as there are other
711                  * level2 or NO_OPLOCK entries. */
712                 fsp->oplock_type = LEVEL_II_OPLOCK;
713         }
714
715         if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
716                 /* Store a level2 oplock, but don't tell the client */
717                 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
718         }
719
720         if (!delay_it) {
721                 return False;
722         }
723
724         /*
725          * Send a break message to the oplock holder and delay the open for
726          * our client.
727          */
728
729         DEBUG(10, ("Sending break request to PID %s\n",
730                    procid_str_static(&exclusive->pid)));
731         exclusive->op_mid = get_current_mid();
732
733         /* Create the message. */
734         share_mode_entry_to_message(msg, exclusive);
735
736         /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
737            don't want this set in the share mode struct pointed to by lck. */
738
739         if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
740                 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
741         }
742
743         status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
744                                     MSG_SMB_BREAK_REQUEST,
745                                     (uint8 *)msg,
746                                     MSG_SMB_SHARE_MODE_ENTRY_SIZE);
747         if (!NT_STATUS_IS_OK(status)) {
748                 DEBUG(3, ("Could not send oplock break message: %s\n",
749                           nt_errstr(status)));
750         }
751
752         return True;
753 }
754
755 static BOOL request_timed_out(struct timeval request_time,
756                               struct timeval timeout)
757 {
758         struct timeval now, end_time;
759         GetTimeOfDay(&now);
760         end_time = timeval_sum(&request_time, &timeout);
761         return (timeval_compare(&end_time, &now) < 0);
762 }
763
764 /****************************************************************************
765  Handle the 1 second delay in returning a SHARING_VIOLATION error.
766 ****************************************************************************/
767
768 static void defer_open(struct share_mode_lock *lck,
769                        struct timeval request_time,
770                        struct timeval timeout,
771                        struct deferred_open_record *state)
772 {
773         uint16 mid = get_current_mid();
774         int i;
775
776         /* Paranoia check */
777
778         for (i=0; i<lck->num_share_modes; i++) {
779                 struct share_mode_entry *e = &lck->share_modes[i];
780
781                 if (!is_deferred_open_entry(e)) {
782                         continue;
783                 }
784
785                 if (procid_is_me(&e->pid) && (e->op_mid == mid)) {
786                         DEBUG(0, ("Trying to defer an already deferred "
787                                   "request: mid=%d, exiting\n", mid));
788                         exit_server("attempt to defer a deferred request");
789                 }
790         }
791
792         /* End paranoia check */
793
794         DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
795                   "open entry for mid %u\n",
796                   (unsigned int)request_time.tv_sec,
797                   (unsigned int)request_time.tv_usec,
798                   (unsigned int)mid));
799
800         if (!push_deferred_smb_message(mid, request_time, timeout,
801                                        (char *)state, sizeof(*state))) {
802                 exit_server("push_deferred_smb_message failed");
803         }
804         add_deferred_open(lck, mid, request_time, state->id);
805
806         /*
807          * Push the MID of this packet on the signing queue.
808          * We only do this once, the first time we push the packet
809          * onto the deferred open queue, as this has a side effect
810          * of incrementing the response sequence number.
811          */
812
813         srv_defer_sign_response(mid);
814 }
815
816
817 /****************************************************************************
818  On overwrite open ensure that the attributes match.
819 ****************************************************************************/
820
821 static BOOL open_match_attributes(connection_struct *conn,
822                                   const char *path,
823                                   uint32 old_dos_attr,
824                                   uint32 new_dos_attr,
825                                   mode_t existing_unx_mode,
826                                   mode_t new_unx_mode,
827                                   mode_t *returned_unx_mode)
828 {
829         uint32 noarch_old_dos_attr, noarch_new_dos_attr;
830
831         noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
832         noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
833
834         if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) || 
835            (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
836                 *returned_unx_mode = new_unx_mode;
837         } else {
838                 *returned_unx_mode = (mode_t)0;
839         }
840
841         DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
842                   "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
843                   "returned_unx_mode = 0%o\n",
844                   path,
845                   (unsigned int)old_dos_attr,
846                   (unsigned int)existing_unx_mode,
847                   (unsigned int)new_dos_attr,
848                   (unsigned int)*returned_unx_mode ));
849
850         /* If we're mapping SYSTEM and HIDDEN ensure they match. */
851         if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
852                 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
853                     !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
854                         return False;
855                 }
856         }
857         if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
858                 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
859                     !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
860                         return False;
861                 }
862         }
863         return True;
864 }
865
866 /****************************************************************************
867  Special FCB or DOS processing in the case of a sharing violation.
868  Try and find a duplicated file handle.
869 ****************************************************************************/
870
871 static files_struct *fcb_or_dos_open(connection_struct *conn,
872                                      const char *fname, 
873                                      struct file_id id,
874                                      uint32 access_mask,
875                                      uint32 share_access,
876                                      uint32 create_options)
877 {
878         files_struct *fsp;
879         files_struct *dup_fsp;
880
881         DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
882                  "file %s.\n", fname ));
883
884         for(fsp = file_find_di_first(id); fsp;
885             fsp = file_find_di_next(fsp)) {
886
887                 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
888                           "vuid = %u, file_pid = %u, private_options = 0x%x "
889                           "access_mask = 0x%x\n", fsp->fsp_name,
890                           fsp->fh->fd, (unsigned int)fsp->vuid,
891                           (unsigned int)fsp->file_pid,
892                           (unsigned int)fsp->fh->private_options,
893                           (unsigned int)fsp->access_mask ));
894
895                 if (fsp->fh->fd != -1 &&
896                     fsp->vuid == current_user.vuid &&
897                     fsp->file_pid == global_smbpid &&
898                     (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
899                                                  NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
900                     (fsp->access_mask & FILE_WRITE_DATA) &&
901                     strequal(fsp->fsp_name, fname)) {
902                         DEBUG(10,("fcb_or_dos_open: file match\n"));
903                         break;
904                 }
905         }
906
907         if (!fsp) {
908                 return NULL;
909         }
910
911         /* quite an insane set of semantics ... */
912         if (is_executable(fname) &&
913             (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
914                 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
915                 return NULL;
916         }
917
918         /* We need to duplicate this fsp. */
919         if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
920                                           create_options, &dup_fsp))) {
921                 return NULL;
922         }
923
924         return dup_fsp;
925 }
926
927 /****************************************************************************
928  Open a file with a share mode - old openX method - map into NTCreate.
929 ****************************************************************************/
930
931 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
932                                  uint32 *paccess_mask,
933                                  uint32 *pshare_mode,
934                                  uint32 *pcreate_disposition,
935                                  uint32 *pcreate_options)
936 {
937         uint32 access_mask;
938         uint32 share_mode;
939         uint32 create_disposition;
940         uint32 create_options = 0;
941
942         DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
943                   "open_func = 0x%x\n",
944                   fname, (unsigned int)deny_mode, (unsigned int)open_func ));
945
946         /* Create the NT compatible access_mask. */
947         switch (GET_OPENX_MODE(deny_mode)) {
948                 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
949                 case DOS_OPEN_RDONLY:
950                         access_mask = FILE_GENERIC_READ;
951                         break;
952                 case DOS_OPEN_WRONLY:
953                         access_mask = FILE_GENERIC_WRITE;
954                         break;
955                 case DOS_OPEN_RDWR:
956                 case DOS_OPEN_FCB:
957                         access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
958                         break;
959                 default:
960                         DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
961                                   (unsigned int)GET_OPENX_MODE(deny_mode)));
962                         return False;
963         }
964
965         /* Create the NT compatible create_disposition. */
966         switch (open_func) {
967                 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
968                         create_disposition = FILE_CREATE;
969                         break;
970
971                 case OPENX_FILE_EXISTS_OPEN:
972                         create_disposition = FILE_OPEN;
973                         break;
974
975                 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
976                         create_disposition = FILE_OPEN_IF;
977                         break;
978        
979                 case OPENX_FILE_EXISTS_TRUNCATE:
980                         create_disposition = FILE_OVERWRITE;
981                         break;
982
983                 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
984                         create_disposition = FILE_OVERWRITE_IF;
985                         break;
986
987                 default:
988                         /* From samba4 - to be confirmed. */
989                         if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
990                                 create_disposition = FILE_CREATE;
991                                 break;
992                         }
993                         DEBUG(10,("map_open_params_to_ntcreate: bad "
994                                   "open_func 0x%x\n", (unsigned int)open_func));
995                         return False;
996         }
997  
998         /* Create the NT compatible share modes. */
999         switch (GET_DENY_MODE(deny_mode)) {
1000                 case DENY_ALL:
1001                         share_mode = FILE_SHARE_NONE;
1002                         break;
1003
1004                 case DENY_WRITE:
1005                         share_mode = FILE_SHARE_READ;
1006                         break;
1007
1008                 case DENY_READ:
1009                         share_mode = FILE_SHARE_WRITE;
1010                         break;
1011
1012                 case DENY_NONE:
1013                         share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1014                         break;
1015
1016                 case DENY_DOS:
1017                         create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1018                         if (is_executable(fname)) {
1019                                 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1020                         } else {
1021                                 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1022                                         share_mode = FILE_SHARE_READ;
1023                                 } else {
1024                                         share_mode = FILE_SHARE_NONE;
1025                                 }
1026                         }
1027                         break;
1028
1029                 case DENY_FCB:
1030                         create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1031                         share_mode = FILE_SHARE_NONE;
1032                         break;
1033
1034                 default:
1035                         DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1036                                 (unsigned int)GET_DENY_MODE(deny_mode) ));
1037                         return False;
1038         }
1039
1040         DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1041                   "share_mode = 0x%x, create_disposition = 0x%x, "
1042                   "create_options = 0x%x\n",
1043                   fname,
1044                   (unsigned int)access_mask,
1045                   (unsigned int)share_mode,
1046                   (unsigned int)create_disposition,
1047                   (unsigned int)create_options ));
1048
1049         if (paccess_mask) {
1050                 *paccess_mask = access_mask;
1051         }
1052         if (pshare_mode) {
1053                 *pshare_mode = share_mode;
1054         }
1055         if (pcreate_disposition) {
1056                 *pcreate_disposition = create_disposition;
1057         }
1058         if (pcreate_options) {
1059                 *pcreate_options = create_options;
1060         }
1061
1062         return True;
1063
1064 }
1065
1066 static void schedule_defer_open(struct share_mode_lock *lck, struct timeval request_time)
1067 {
1068         struct deferred_open_record state;
1069
1070         /* This is a relative time, added to the absolute
1071            request_time value to get the absolute timeout time.
1072            Note that if this is the second or greater time we enter
1073            this codepath for this particular request mid then
1074            request_time is left as the absolute time of the *first*
1075            time this request mid was processed. This is what allows
1076            the request to eventually time out. */
1077
1078         struct timeval timeout;
1079
1080         /* Normally the smbd we asked should respond within
1081          * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1082          * the client did, give twice the timeout as a safety
1083          * measure here in case the other smbd is stuck
1084          * somewhere else. */
1085
1086         timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1087
1088         /* Nothing actually uses state.delayed_for_oplocks
1089            but it's handy to differentiate in debug messages
1090            between a 30 second delay due to oplock break, and
1091            a 1 second delay for share mode conflicts. */
1092
1093         state.delayed_for_oplocks = True;
1094         state.id = lck->id;
1095
1096         if (!request_timed_out(request_time, timeout)) {
1097                 defer_open(lck, request_time, timeout, &state);
1098         }
1099 }
1100
1101 /****************************************************************************
1102  Open a file with a share mode.
1103 ****************************************************************************/
1104
1105 NTSTATUS open_file_ntcreate(connection_struct *conn,
1106                             const char *fname,
1107                             SMB_STRUCT_STAT *psbuf,
1108                             uint32 access_mask,         /* access bits (FILE_READ_DATA etc.) */
1109                             uint32 share_access,        /* share constants (FILE_SHARE_READ etc) */
1110                             uint32 create_disposition,  /* FILE_OPEN_IF etc. */
1111                             uint32 create_options,      /* options such as delete on close. */
1112                             uint32 new_dos_attributes,  /* attributes used for new file. */
1113                             int oplock_request,         /* internal Samba oplock codes. */
1114                                                         /* Information (FILE_EXISTS etc.) */
1115                             int *pinfo,
1116                             files_struct **result)
1117 {
1118         int flags=0;
1119         int flags2=0;
1120         BOOL file_existed = VALID_STAT(*psbuf);
1121         BOOL def_acl = False;
1122         BOOL posix_open = False;
1123         BOOL new_file_created = False;
1124         struct file_id id;
1125         NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1126         files_struct *fsp = NULL;
1127         mode_t new_unx_mode = (mode_t)0;
1128         mode_t unx_mode = (mode_t)0;
1129         int info;
1130         uint32 existing_dos_attributes = 0;
1131         struct pending_message_list *pml = NULL;
1132         uint16 mid = get_current_mid();
1133         struct timeval request_time = timeval_zero();
1134         struct share_mode_lock *lck = NULL;
1135         uint32 open_access_mask = access_mask;
1136         NTSTATUS status;
1137         int ret_flock;
1138         char *parent_dir;
1139         const char *newname;
1140
1141         ZERO_STRUCT(id);
1142
1143         if (conn->printer) {
1144                 /* 
1145                  * Printers are handled completely differently.
1146                  * Most of the passed parameters are ignored.
1147                  */
1148
1149                 if (pinfo) {
1150                         *pinfo = FILE_WAS_CREATED;
1151                 }
1152
1153                 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1154
1155                 return print_fsp_open(conn, fname, result);
1156         }
1157
1158         if (!parent_dirname_talloc(tmp_talloc_ctx(), fname, &parent_dir,
1159                                    &newname)) {
1160                 return NT_STATUS_NO_MEMORY;
1161         }
1162
1163         if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1164                 posix_open = True;
1165                 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1166                 new_dos_attributes = 0;
1167         } else {
1168                 /* We add aARCH to this as this mode is only used if the file is
1169                  * created new. */
1170                 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1171                                      parent_dir);
1172         }
1173
1174         DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1175                    "access_mask=0x%x share_access=0x%x "
1176                    "create_disposition = 0x%x create_options=0x%x "
1177                    "unix mode=0%o oplock_request=%d\n",
1178                    fname, new_dos_attributes, access_mask, share_access,
1179                    create_disposition, create_options, unx_mode,
1180                    oplock_request));
1181
1182         if ((pml = get_open_deferred_message(mid)) != NULL) {
1183                 struct deferred_open_record *state =
1184                         (struct deferred_open_record *)pml->private_data.data;
1185
1186                 /* Remember the absolute time of the original
1187                    request with this mid. We'll use it later to
1188                    see if this has timed out. */
1189
1190                 request_time = pml->request_time;
1191
1192                 /* Remove the deferred open entry under lock. */
1193                 lck = get_share_mode_lock(NULL, state->id, NULL, NULL);
1194                 if (lck == NULL) {
1195                         DEBUG(0, ("could not get share mode lock\n"));
1196                 } else {
1197                         del_deferred_open_entry(lck, mid);
1198                         TALLOC_FREE(lck);
1199                 }
1200
1201                 /* Ensure we don't reprocess this message. */
1202                 remove_deferred_open_smb_message(mid);
1203         }
1204
1205         status = check_name(conn, fname);
1206         if (!NT_STATUS_IS_OK(status)) {
1207                 return status;
1208         } 
1209
1210         if (!posix_open) {
1211                 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1212                 if (file_existed) {
1213                         existing_dos_attributes = dos_mode(conn, fname, psbuf);
1214                 }
1215         }
1216
1217         /* ignore any oplock requests if oplocks are disabled */
1218         if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1219             IS_VETO_OPLOCK_PATH(conn, fname)) {
1220                 /* Mask off everything except the private Samba bits. */
1221                 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1222         }
1223
1224         /* this is for OS/2 long file names - say we don't support them */
1225         if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1226                 /* OS/2 Workplace shell fix may be main code stream in a later
1227                  * release. */
1228                 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1229                          "supported.\n"));
1230                 if (use_nt_status()) {
1231                         return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1232                 }
1233                 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1234         }
1235
1236         switch( create_disposition ) {
1237                 /*
1238                  * Currently we're using FILE_SUPERSEDE as the same as
1239                  * FILE_OVERWRITE_IF but they really are
1240                  * different. FILE_SUPERSEDE deletes an existing file
1241                  * (requiring delete access) then recreates it.
1242                  */
1243                 case FILE_SUPERSEDE:
1244                         /* If file exists replace/overwrite. If file doesn't
1245                          * exist create. */
1246                         flags2 |= (O_CREAT | O_TRUNC);
1247                         break;
1248
1249                 case FILE_OVERWRITE_IF:
1250                         /* If file exists replace/overwrite. If file doesn't
1251                          * exist create. */
1252                         flags2 |= (O_CREAT | O_TRUNC);
1253                         break;
1254
1255                 case FILE_OPEN:
1256                         /* If file exists open. If file doesn't exist error. */
1257                         if (!file_existed) {
1258                                 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1259                                          "requested for file %s and file "
1260                                          "doesn't exist.\n", fname ));
1261                                 errno = ENOENT;
1262                                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1263                         }
1264                         break;
1265
1266                 case FILE_OVERWRITE:
1267                         /* If file exists overwrite. If file doesn't exist
1268                          * error. */
1269                         if (!file_existed) {
1270                                 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1271                                          "requested for file %s and file "
1272                                          "doesn't exist.\n", fname ));
1273                                 errno = ENOENT;
1274                                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1275                         }
1276                         flags2 |= O_TRUNC;
1277                         break;
1278
1279                 case FILE_CREATE:
1280                         /* If file exists error. If file doesn't exist
1281                          * create. */
1282                         if (file_existed) {
1283                                 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1284                                          "requested for file %s and file "
1285                                          "already exists.\n", fname ));
1286                                 if (S_ISDIR(psbuf->st_mode)) {
1287                                         errno = EISDIR;
1288                                 } else {
1289                                         errno = EEXIST;
1290                                 }
1291                                 return map_nt_error_from_unix(errno);
1292                         }
1293                         flags2 |= (O_CREAT|O_EXCL);
1294                         break;
1295
1296                 case FILE_OPEN_IF:
1297                         /* If file exists open. If file doesn't exist
1298                          * create. */
1299                         flags2 |= O_CREAT;
1300                         break;
1301
1302                 default:
1303                         return NT_STATUS_INVALID_PARAMETER;
1304         }
1305
1306         /* We only care about matching attributes on file exists and
1307          * overwrite. */
1308
1309         if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1310                              (create_disposition == FILE_OVERWRITE_IF))) {
1311                 if (!open_match_attributes(conn, fname,
1312                                            existing_dos_attributes,
1313                                            new_dos_attributes, psbuf->st_mode,
1314                                            unx_mode, &new_unx_mode)) {
1315                         DEBUG(5,("open_file_ntcreate: attributes missmatch "
1316                                  "for file %s (%x %x) (0%o, 0%o)\n",
1317                                  fname, existing_dos_attributes,
1318                                  new_dos_attributes,
1319                                  (unsigned int)psbuf->st_mode,
1320                                  (unsigned int)unx_mode ));
1321                         errno = EACCES;
1322                         return NT_STATUS_ACCESS_DENIED;
1323                 }
1324         }
1325
1326         /* This is a nasty hack - must fix... JRA. */
1327         if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1328                 open_access_mask = access_mask = FILE_GENERIC_ALL;
1329         }
1330
1331         /*
1332          * Convert GENERIC bits to specific bits.
1333          */
1334
1335         se_map_generic(&access_mask, &file_generic_mapping);
1336         open_access_mask = access_mask;
1337
1338         if (flags2 & O_TRUNC) {
1339                 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1340         }
1341
1342         DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1343                    "access_mask=0x%x\n", fname, access_mask ));
1344
1345         /*
1346          * Note that we ignore the append flag as append does not
1347          * mean the same thing under DOS and Unix.
1348          */
1349
1350         if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1351                 /* DENY_DOS opens are always underlying read-write on the
1352                    file handle, no matter what the requested access mask
1353                     says. */
1354                 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1355                         access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1356                         flags = O_RDWR;
1357                 } else {
1358                         flags = O_WRONLY;
1359                 }
1360         } else {
1361                 flags = O_RDONLY;
1362         }
1363
1364         /*
1365          * Currently we only look at FILE_WRITE_THROUGH for create options.
1366          */
1367
1368 #if defined(O_SYNC)
1369         if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1370                 flags2 |= O_SYNC;
1371         }
1372 #endif /* O_SYNC */
1373   
1374         if (posix_open & (access_mask & FILE_APPEND_DATA)) {
1375                 flags2 |= O_APPEND;
1376         }
1377
1378         if (!posix_open && !CAN_WRITE(conn)) {
1379                 /*
1380                  * We should really return a permission denied error if either
1381                  * O_CREAT or O_TRUNC are set, but for compatibility with
1382                  * older versions of Samba we just AND them out.
1383                  */
1384                 flags2 &= ~(O_CREAT|O_TRUNC);
1385         }
1386
1387         /*
1388          * Ensure we can't write on a read-only share or file.
1389          */
1390
1391         if (flags != O_RDONLY && file_existed &&
1392             (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1393                 DEBUG(5,("open_file_ntcreate: write access requested for "
1394                          "file %s on read only %s\n",
1395                          fname, !CAN_WRITE(conn) ? "share" : "file" ));
1396                 errno = EACCES;
1397                 return NT_STATUS_ACCESS_DENIED;
1398         }
1399
1400         status = file_new(conn, &fsp);
1401         if(!NT_STATUS_IS_OK(status)) {
1402                 return status;
1403         }
1404
1405         fsp->file_id = file_id_sbuf(psbuf);
1406         fsp->share_access = share_access;
1407         fsp->fh->private_options = create_options;
1408         fsp->access_mask = open_access_mask; /* We change this to the
1409                                               * requested access_mask after
1410                                               * the open is done. */
1411         fsp->posix_open = posix_open;
1412
1413         /* Ensure no SAMBA_PRIVATE bits can be set. */
1414         fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1415
1416         if (timeval_is_zero(&request_time)) {
1417                 request_time = fsp->open_time;
1418         }
1419
1420         if (file_existed) {
1421                 id = file_id_sbuf(psbuf);
1422
1423                 lck = get_share_mode_lock(NULL, id,
1424                                           conn->connectpath,
1425                                           fname);
1426
1427                 if (lck == NULL) {
1428                         file_free(fsp);
1429                         DEBUG(0, ("Could not get share mode lock\n"));
1430                         return NT_STATUS_SHARING_VIOLATION;
1431                 }
1432
1433                 /* First pass - send break only on batch oplocks. */
1434                 if (delay_for_oplocks(lck, fsp, 1, oplock_request)) {
1435                         schedule_defer_open(lck, request_time);
1436                         TALLOC_FREE(lck);
1437                         file_free(fsp);
1438                         return NT_STATUS_SHARING_VIOLATION;
1439                 }
1440
1441                 /* Use the client requested access mask here, not the one we
1442                  * open with. */
1443                 status = open_mode_check(conn, fname, lck,
1444                                          access_mask, share_access,
1445                                          create_options, &file_existed);
1446
1447                 if (NT_STATUS_IS_OK(status)) {
1448                         /* We might be going to allow this open. Check oplock
1449                          * status again. */
1450                         /* Second pass - send break for both batch or
1451                          * exclusive oplocks. */
1452                         if (delay_for_oplocks(lck, fsp, 2, oplock_request)) {
1453                                 schedule_defer_open(lck, request_time);
1454                                 TALLOC_FREE(lck);
1455                                 file_free(fsp);
1456                                 return NT_STATUS_SHARING_VIOLATION;
1457                         }
1458                 }
1459
1460                 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1461                         /* DELETE_PENDING is not deferred for a second */
1462                         TALLOC_FREE(lck);
1463                         file_free(fsp);
1464                         return status;
1465                 }
1466
1467                 if (!NT_STATUS_IS_OK(status)) {
1468                         uint32 can_access_mask;
1469                         BOOL can_access = True;
1470
1471                         SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1472
1473                         /* Check if this can be done with the deny_dos and fcb
1474                          * calls. */
1475                         if (create_options &
1476                             (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1477                              NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1478                                 files_struct *fsp_dup;
1479
1480                                 /* Use the client requested access mask here,
1481                                  * not the one we open with. */
1482                                 fsp_dup = fcb_or_dos_open(conn, fname, id,
1483                                                           access_mask,
1484                                                           share_access,
1485                                                           create_options);
1486
1487                                 if (fsp_dup) {
1488                                         TALLOC_FREE(lck);
1489                                         file_free(fsp);
1490                                         if (pinfo) {
1491                                                 *pinfo = FILE_WAS_OPENED;
1492                                         }
1493                                         conn->num_files_open++;
1494                                         *result = fsp_dup;
1495                                         return NT_STATUS_OK;
1496                                 }
1497                         }
1498
1499                         /*
1500                          * This next line is a subtlety we need for
1501                          * MS-Access. If a file open will fail due to share
1502                          * permissions and also for security (access) reasons,
1503                          * we need to return the access failed error, not the
1504                          * share error. We can't open the file due to kernel
1505                          * oplock deadlock (it's possible we failed above on
1506                          * the open_mode_check()) so use a userspace check.
1507                          */
1508
1509                         if (flags & O_RDWR) {
1510                                 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1511                         } else if (flags & O_WRONLY) {
1512                                 can_access_mask = FILE_WRITE_DATA;
1513                         } else {
1514                                 can_access_mask = FILE_READ_DATA;
1515                         }
1516
1517                         if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1518                             !can_access_file(conn,fname,psbuf,can_access_mask)) {
1519                                 can_access = False;
1520                         }
1521
1522                         /* 
1523                          * If we're returning a share violation, ensure we
1524                          * cope with the braindead 1 second delay.
1525                          */
1526
1527                         if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1528                             lp_defer_sharing_violations()) {
1529                                 struct timeval timeout;
1530                                 struct deferred_open_record state;
1531                                 int timeout_usecs;
1532
1533                                 /* this is a hack to speed up torture tests
1534                                    in 'make test' */
1535                                 timeout_usecs = lp_parm_int(SNUM(conn),
1536                                                             "smbd","sharedelay",
1537                                                             SHARING_VIOLATION_USEC_WAIT);
1538
1539                                 /* This is a relative time, added to the absolute
1540                                    request_time value to get the absolute timeout time.
1541                                    Note that if this is the second or greater time we enter
1542                                    this codepath for this particular request mid then
1543                                    request_time is left as the absolute time of the *first*
1544                                    time this request mid was processed. This is what allows
1545                                    the request to eventually time out. */
1546
1547                                 timeout = timeval_set(0, timeout_usecs);
1548
1549                                 /* Nothing actually uses state.delayed_for_oplocks
1550                                    but it's handy to differentiate in debug messages
1551                                    between a 30 second delay due to oplock break, and
1552                                    a 1 second delay for share mode conflicts. */
1553
1554                                 state.delayed_for_oplocks = False;
1555                                 state.id = id;
1556
1557                                 if (!request_timed_out(request_time,
1558                                                        timeout)) {
1559                                         defer_open(lck, request_time, timeout,
1560                                                    &state);
1561                                 }
1562                         }
1563
1564                         TALLOC_FREE(lck);
1565                         if (can_access) {
1566                                 /*
1567                                  * We have detected a sharing violation here
1568                                  * so return the correct error code
1569                                  */
1570                                 status = NT_STATUS_SHARING_VIOLATION;
1571                         } else {
1572                                 status = NT_STATUS_ACCESS_DENIED;
1573                         }
1574                         file_free(fsp);
1575                         return status;
1576                 }
1577
1578                 /*
1579                  * We exit this block with the share entry *locked*.....
1580                  */
1581         }
1582
1583         SMB_ASSERT(!file_existed || (lck != NULL));
1584
1585         /*
1586          * Ensure we pay attention to default ACLs on directories if required.
1587          */
1588
1589         if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1590             (def_acl = directory_has_default_acl(conn, parent_dir))) {
1591                 unx_mode = 0777;
1592         }
1593
1594         DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1595                 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1596                  (unsigned int)flags, (unsigned int)flags2,
1597                  (unsigned int)unx_mode, (unsigned int)access_mask,
1598                  (unsigned int)open_access_mask));
1599
1600         /*
1601          * open_file strips any O_TRUNC flags itself.
1602          */
1603
1604         fsp_open = open_file(fsp, conn, parent_dir, newname, fname, psbuf,
1605                              flags|flags2, unx_mode, access_mask,
1606                              open_access_mask);
1607
1608         if (!NT_STATUS_IS_OK(fsp_open)) {
1609                 if (lck != NULL) {
1610                         TALLOC_FREE(lck);
1611                 }
1612                 file_free(fsp);
1613                 return fsp_open;
1614         }
1615
1616         if (!file_existed) {
1617
1618                 /*
1619                  * Deal with the race condition where two smbd's detect the
1620                  * file doesn't exist and do the create at the same time. One
1621                  * of them will win and set a share mode, the other (ie. this
1622                  * one) should check if the requested share mode for this
1623                  * create is allowed.
1624                  */
1625
1626                 /*
1627                  * Now the file exists and fsp is successfully opened,
1628                  * fsp->dev and fsp->inode are valid and should replace the
1629                  * dev=0,inode=0 from a non existent file. Spotted by
1630                  * Nadav Danieli <nadavd@exanet.com>. JRA.
1631                  */
1632
1633                 id = fsp->file_id;
1634
1635                 lck = get_share_mode_lock(NULL, id,
1636                                           conn->connectpath,
1637                                           fname);
1638
1639                 if (lck == NULL) {
1640                         DEBUG(0, ("open_file_ntcreate: Could not get share "
1641                                   "mode lock for %s\n", fname));
1642                         fd_close(conn, fsp);
1643                         file_free(fsp);
1644                         return NT_STATUS_SHARING_VIOLATION;
1645                 }
1646
1647                 /* First pass - send break only on batch oplocks. */
1648                 if (delay_for_oplocks(lck, fsp, 1, oplock_request)) {
1649                         schedule_defer_open(lck, request_time);
1650                         TALLOC_FREE(lck);
1651                         fd_close(conn, fsp);
1652                         file_free(fsp);
1653                         return NT_STATUS_SHARING_VIOLATION;
1654                 }
1655
1656                 status = open_mode_check(conn, fname, lck,
1657                                          access_mask, share_access,
1658                                          create_options, &file_existed);
1659
1660                 if (NT_STATUS_IS_OK(status)) {
1661                         /* We might be going to allow this open. Check oplock
1662                          * status again. */
1663                         /* Second pass - send break for both batch or
1664                          * exclusive oplocks. */
1665                         if (delay_for_oplocks(lck, fsp, 2, oplock_request)) {
1666                                 schedule_defer_open(lck, request_time);
1667                                 TALLOC_FREE(lck);
1668                                 fd_close(conn, fsp);
1669                                 file_free(fsp);
1670                                 return NT_STATUS_SHARING_VIOLATION;
1671                         }
1672                 }
1673
1674                 if (!NT_STATUS_IS_OK(status)) {
1675                         struct deferred_open_record state;
1676
1677                         fd_close(conn, fsp);
1678                         file_free(fsp);
1679
1680                         state.delayed_for_oplocks = False;
1681                         state.id = id;
1682
1683                         /* Do it all over again immediately. In the second
1684                          * round we will find that the file existed and handle
1685                          * the DELETE_PENDING and FCB cases correctly. No need
1686                          * to duplicate the code here. Essentially this is a
1687                          * "goto top of this function", but don't tell
1688                          * anybody... */
1689
1690                         defer_open(lck, request_time, timeval_zero(),
1691                                    &state);
1692                         TALLOC_FREE(lck);
1693                         return status;
1694                 }
1695
1696                 /*
1697                  * We exit this block with the share entry *locked*.....
1698                  */
1699
1700         }
1701
1702         SMB_ASSERT(lck != NULL);
1703
1704         /* note that we ignore failure for the following. It is
1705            basically a hack for NFS, and NFS will never set one of
1706            these only read them. Nobody but Samba can ever set a deny
1707            mode and we have already checked our more authoritative
1708            locking database for permission to set this deny mode. If
1709            the kernel refuses the operations then the kernel is wrong.
1710            note that GPFS supports it as well - jmcd */
1711
1712         ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1713         if(ret_flock == -1 ){
1714
1715                 TALLOC_FREE(lck);
1716                 fd_close(conn, fsp);
1717                 file_free(fsp);
1718                 
1719                 return NT_STATUS_SHARING_VIOLATION;
1720         }
1721
1722         /*
1723          * At this point onwards, we can guarentee that the share entry
1724          * is locked, whether we created the file or not, and that the
1725          * deny mode is compatible with all current opens.
1726          */
1727
1728         /*
1729          * If requested, truncate the file.
1730          */
1731
1732         if (flags2&O_TRUNC) {
1733                 /*
1734                  * We are modifing the file after open - update the stat
1735                  * struct..
1736                  */
1737                 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1738                     (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1739                         status = map_nt_error_from_unix(errno);
1740                         TALLOC_FREE(lck);
1741                         fd_close(conn,fsp);
1742                         file_free(fsp);
1743                         return status;
1744                 }
1745         }
1746
1747         /* Record the options we were opened with. */
1748         fsp->share_access = share_access;
1749         fsp->fh->private_options = create_options;
1750         fsp->access_mask = access_mask;
1751
1752         if (file_existed) {
1753                 /* stat opens on existing files don't get oplocks. */
1754                 if (is_stat_open(open_access_mask)) {
1755                         fsp->oplock_type = NO_OPLOCK;
1756                 }
1757
1758                 if (!(flags2 & O_TRUNC)) {
1759                         info = FILE_WAS_OPENED;
1760                 } else {
1761                         info = FILE_WAS_OVERWRITTEN;
1762                 }
1763         } else {
1764                 info = FILE_WAS_CREATED;
1765         }
1766
1767         if (pinfo) {
1768                 *pinfo = info;
1769         }
1770
1771         /* 
1772          * Setup the oplock info in both the shared memory and
1773          * file structs.
1774          */
1775
1776         if ((fsp->oplock_type != NO_OPLOCK) &&
1777             (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1778                 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1779                         /* Could not get the kernel oplock */
1780                         fsp->oplock_type = NO_OPLOCK;
1781                 }
1782         }
1783
1784         if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
1785                 new_file_created = True;
1786         }
1787
1788         set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type, new_file_created);
1789
1790         /* Handle strange delete on close create semantics. */
1791         if ((create_options & FILE_DELETE_ON_CLOSE) && can_set_initial_delete_on_close(lck)) {
1792                 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1793
1794                 if (!NT_STATUS_IS_OK(status)) {
1795                         /* Remember to delete the mode we just added. */
1796                         del_share_mode(lck, fsp);
1797                         TALLOC_FREE(lck);
1798                         fd_close(conn,fsp);
1799                         file_free(fsp);
1800                         return status;
1801                 }
1802                 /* Note that here we set the *inital* delete on close flag,
1803                    not the regular one. The magic gets handled in close. */
1804                 fsp->initial_delete_on_close = True;
1805         }
1806         
1807         if (new_file_created) {
1808                 /* Files should be initially set as archive */
1809                 if (lp_map_archive(SNUM(conn)) ||
1810                     lp_store_dos_attributes(SNUM(conn))) {
1811                         if (!posix_open) {
1812                                 file_set_dosmode(conn, fname,
1813                                          new_dos_attributes | aARCH, NULL,
1814                                          parent_dir);
1815                         }
1816                 }
1817         }
1818
1819         /*
1820          * Take care of inherited ACLs on created files - if default ACL not
1821          * selected.
1822          */
1823
1824         if (!posix_open && !file_existed && !def_acl) {
1825
1826                 int saved_errno = errno; /* We might get ENOSYS in the next
1827                                           * call.. */
1828
1829                 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1830                     errno == ENOSYS) {
1831                         errno = saved_errno; /* Ignore ENOSYS */
1832                 }
1833
1834         } else if (new_unx_mode) {
1835
1836                 int ret = -1;
1837
1838                 /* Attributes need changing. File already existed. */
1839
1840                 {
1841                         int saved_errno = errno; /* We might get ENOSYS in the
1842                                                   * next call.. */
1843                         ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1844                                                  new_unx_mode);
1845
1846                         if (ret == -1 && errno == ENOSYS) {
1847                                 errno = saved_errno; /* Ignore ENOSYS */
1848                         } else {
1849                                 DEBUG(5, ("open_file_ntcreate: reset "
1850                                           "attributes of file %s to 0%o\n",
1851                                           fname, (unsigned int)new_unx_mode));
1852                                 ret = 0; /* Don't do the fchmod below. */
1853                         }
1854                 }
1855
1856                 if ((ret == -1) &&
1857                     (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1858                         DEBUG(5, ("open_file_ntcreate: failed to reset "
1859                                   "attributes of file %s to 0%o\n",
1860                                   fname, (unsigned int)new_unx_mode));
1861         }
1862
1863         /* If this is a successful open, we must remove any deferred open
1864          * records. */
1865         del_deferred_open_entry(lck, mid);
1866         TALLOC_FREE(lck);
1867
1868         conn->num_files_open++;
1869
1870         *result = fsp;
1871         return NT_STATUS_OK;
1872 }
1873
1874 /****************************************************************************
1875  Open a file for for write to ensure that we can fchmod it.
1876 ****************************************************************************/
1877
1878 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1879                           SMB_STRUCT_STAT *psbuf, files_struct **result)
1880 {
1881         files_struct *fsp = NULL;
1882         NTSTATUS status;
1883
1884         if (!VALID_STAT(*psbuf)) {
1885                 return NT_STATUS_INVALID_PARAMETER;
1886         }
1887
1888         status = file_new(conn, &fsp);
1889         if(!NT_STATUS_IS_OK(status)) {
1890                 return status;
1891         }
1892
1893         /* note! we must use a non-zero desired access or we don't get
1894            a real file descriptor. Oh what a twisted web we weave. */
1895         status = open_file(fsp, conn, NULL, NULL, fname, psbuf, O_WRONLY, 0,
1896                            FILE_WRITE_DATA, FILE_WRITE_DATA);
1897
1898         /* 
1899          * This is not a user visible file open.
1900          * Don't set a share mode and don't increment
1901          * the conn->num_files_open.
1902          */
1903
1904         if (!NT_STATUS_IS_OK(status)) {
1905                 file_free(fsp);
1906                 return status;
1907         }
1908
1909         *result = fsp;
1910         return NT_STATUS_OK;
1911 }
1912
1913 /****************************************************************************
1914  Close the fchmod file fd - ensure no locks are lost.
1915 ****************************************************************************/
1916
1917 NTSTATUS close_file_fchmod(files_struct *fsp)
1918 {
1919         NTSTATUS status = fd_close(fsp->conn, fsp);
1920         file_free(fsp);
1921         return status;
1922 }
1923
1924 static NTSTATUS mkdir_internal(connection_struct *conn,
1925                                 const char *name,
1926                                 uint32 file_attributes,
1927                                 SMB_STRUCT_STAT *psbuf)
1928 {
1929         mode_t mode;
1930         char *parent_dir;
1931         const char *dirname;
1932         NTSTATUS status;
1933
1934         if(!CAN_WRITE(conn)) {
1935                 DEBUG(5,("mkdir_internal: failing create on read-only share "
1936                          "%s\n", lp_servicename(SNUM(conn))));
1937                 return NT_STATUS_ACCESS_DENIED;
1938         }
1939
1940         status = check_name(conn, name);
1941         if (!NT_STATUS_IS_OK(status)) {
1942                 return status;
1943         }
1944
1945         if (!parent_dirname_talloc(tmp_talloc_ctx(), name, &parent_dir,
1946                                    &dirname)) {
1947                 return NT_STATUS_NO_MEMORY;
1948         }
1949
1950         if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1951                 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1952         } else {
1953                 mode = unix_mode(conn, aDIR, name, parent_dir);
1954         }
1955
1956         if (SMB_VFS_MKDIR(conn, name, mode) != 0) {
1957                 return map_nt_error_from_unix(errno);
1958         }
1959
1960         /* Ensure we're checking for a symlink here.... */
1961         /* We don't want to get caught by a symlink racer. */
1962
1963         if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
1964                 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
1965                           name, strerror(errno)));
1966                 return map_nt_error_from_unix(errno);
1967         }
1968
1969         if (!S_ISDIR(psbuf->st_mode)) {
1970                 DEBUG(0, ("Directory just '%s' created is not a directory\n",
1971                           name));
1972                 return NT_STATUS_ACCESS_DENIED;
1973         }
1974
1975         if (lp_inherit_perms(SNUM(conn))) {
1976                 inherit_access_acl(conn, parent_dir, name, mode);
1977         }
1978
1979         if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
1980                 /*
1981                  * Check if high bits should have been set,
1982                  * then (if bits are missing): add them.
1983                  * Consider bits automagically set by UNIX, i.e. SGID bit from parent
1984                  * dir.
1985                  */
1986                 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
1987                         SMB_VFS_CHMOD(conn, name,
1988                                       psbuf->st_mode | (mode & ~psbuf->st_mode));
1989                 }
1990         }
1991
1992         /* Change the owner if required. */
1993         if (lp_inherit_owner(SNUM(conn))) {
1994                 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
1995         }
1996
1997         notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
1998                      name);
1999
2000         return NT_STATUS_OK;
2001 }
2002
2003 /****************************************************************************
2004  Open a directory from an NT SMB call.
2005 ****************************************************************************/
2006
2007 NTSTATUS open_directory(connection_struct *conn,
2008                         const char *fname,
2009                         SMB_STRUCT_STAT *psbuf,
2010                         uint32 access_mask,
2011                         uint32 share_access,
2012                         uint32 create_disposition,
2013                         uint32 create_options,
2014                         uint32 file_attributes,
2015                         int *pinfo,
2016                         files_struct **result)
2017 {
2018         files_struct *fsp = NULL;
2019         BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
2020         struct share_mode_lock *lck = NULL;
2021         NTSTATUS status;
2022         int info = 0;
2023
2024         DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2025                  "share_access = 0x%x create_options = 0x%x, "
2026                  "create_disposition = 0x%x, file_attributes = 0x%x\n",
2027                  fname,
2028                  (unsigned int)access_mask,
2029                  (unsigned int)share_access,
2030                  (unsigned int)create_options,
2031                  (unsigned int)create_disposition,
2032                  (unsigned int)file_attributes));
2033
2034         if (is_ntfs_stream_name(fname)) {
2035                 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
2036                 return NT_STATUS_NOT_A_DIRECTORY;
2037         }
2038
2039         switch( create_disposition ) {
2040                 case FILE_OPEN:
2041
2042                         info = FILE_WAS_OPENED;
2043
2044                         /*
2045                          * We want to follow symlinks here.
2046                          */
2047
2048                         if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
2049                                 return map_nt_error_from_unix(errno);
2050                         }
2051                                 
2052                         break;
2053
2054                 case FILE_CREATE:
2055
2056                         /* If directory exists error. If directory doesn't
2057                          * exist create. */
2058
2059                         status = mkdir_internal(conn,
2060                                                 fname,
2061                                                 file_attributes,
2062                                                 psbuf);
2063
2064                         if (!NT_STATUS_IS_OK(status)) {
2065                                 DEBUG(2, ("open_directory: unable to create "
2066                                           "%s. Error was %s\n", fname,
2067                                           nt_errstr(status)));
2068                                 return status;
2069                         }
2070
2071                         info = FILE_WAS_CREATED;
2072                         break;
2073
2074                 case FILE_OPEN_IF:
2075                         /*
2076                          * If directory exists open. If directory doesn't
2077                          * exist create.
2078                          */
2079
2080                         status = mkdir_internal(conn,
2081                                                 fname,
2082                                                 file_attributes,
2083                                                 psbuf);
2084
2085                         if (NT_STATUS_IS_OK(status)) {
2086                                 info = FILE_WAS_CREATED;
2087                         }
2088
2089                         if (NT_STATUS_EQUAL(status,
2090                                             NT_STATUS_OBJECT_NAME_COLLISION)) {
2091                                 info = FILE_WAS_OPENED;
2092                                 status = NT_STATUS_OK;
2093                         }
2094                                 
2095                         break;
2096
2097                 case FILE_SUPERSEDE:
2098                 case FILE_OVERWRITE:
2099                 case FILE_OVERWRITE_IF:
2100                 default:
2101                         DEBUG(5,("open_directory: invalid create_disposition "
2102                                  "0x%x for directory %s\n",
2103                                  (unsigned int)create_disposition, fname));
2104                         return NT_STATUS_INVALID_PARAMETER;
2105         }
2106
2107         if(!S_ISDIR(psbuf->st_mode)) {
2108                 DEBUG(5,("open_directory: %s is not a directory !\n",
2109                          fname ));
2110                 return NT_STATUS_NOT_A_DIRECTORY;
2111         }
2112
2113         status = file_new(conn, &fsp);
2114         if(!NT_STATUS_IS_OK(status)) {
2115                 return status;
2116         }
2117
2118         /*
2119          * Setup the files_struct for it.
2120          */
2121         
2122         fsp->mode = psbuf->st_mode;
2123         fsp->file_id = file_id_sbuf(psbuf);
2124         fsp->vuid = current_user.vuid;
2125         fsp->file_pid = global_smbpid;
2126         fsp->can_lock = False;
2127         fsp->can_read = False;
2128         fsp->can_write = False;
2129
2130         fsp->share_access = share_access;
2131         fsp->fh->private_options = create_options;
2132         fsp->access_mask = access_mask;
2133
2134         fsp->print_file = False;
2135         fsp->modified = False;
2136         fsp->oplock_type = NO_OPLOCK;
2137         fsp->sent_oplock_break = NO_BREAK_SENT;
2138         fsp->is_directory = True;
2139         fsp->is_stat = False;
2140         fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2141
2142         string_set(&fsp->fsp_name,fname);
2143
2144         lck = get_share_mode_lock(NULL, fsp->file_id,
2145                                   conn->connectpath,
2146                                   fname);
2147
2148         if (lck == NULL) {
2149                 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2150                 file_free(fsp);
2151                 return NT_STATUS_SHARING_VIOLATION;
2152         }
2153
2154         status = open_mode_check(conn, fname, lck,
2155                                 access_mask, share_access,
2156                                 create_options, &dir_existed);
2157
2158         if (!NT_STATUS_IS_OK(status)) {
2159                 TALLOC_FREE(lck);
2160                 file_free(fsp);
2161                 return status;
2162         }
2163
2164         set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK, True);
2165
2166         /* For directories the delete on close bit at open time seems
2167            always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2168         if (create_options & FILE_DELETE_ON_CLOSE) {
2169                 status = can_set_delete_on_close(fsp, True, 0);
2170                 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2171                         TALLOC_FREE(lck);
2172                         file_free(fsp);
2173                         return status;
2174                 }
2175
2176                 if (NT_STATUS_IS_OK(status)) {
2177                         /* Note that here we set the *inital* delete on close flag,
2178                            not the regular one. The magic gets handled in close. */
2179                         fsp->initial_delete_on_close = True;
2180                 }
2181         }
2182
2183         TALLOC_FREE(lck);
2184
2185         if (pinfo) {
2186                 *pinfo = info;
2187         }
2188
2189         conn->num_files_open++;
2190
2191         *result = fsp;
2192         return NT_STATUS_OK;
2193 }
2194
2195 NTSTATUS create_directory(connection_struct *conn, const char *directory)
2196 {
2197         NTSTATUS status;
2198         SMB_STRUCT_STAT sbuf;
2199         files_struct *fsp;
2200
2201         SET_STAT_INVALID(sbuf);
2202         
2203         status = open_directory(conn, directory, &sbuf,
2204                                 FILE_READ_ATTRIBUTES, /* Just a stat open */
2205                                 FILE_SHARE_NONE, /* Ignored for stat opens */
2206                                 FILE_CREATE,
2207                                 0,
2208                                 FILE_ATTRIBUTE_DIRECTORY,
2209                                 NULL,
2210                                 &fsp);
2211
2212         if (NT_STATUS_IS_OK(status)) {
2213                 close_file(fsp, NORMAL_CLOSE);
2214         }
2215
2216         return status;
2217 }
2218
2219 /****************************************************************************
2220  Open a pseudo-file (no locking checks - a 'stat' open).
2221 ****************************************************************************/
2222
2223 NTSTATUS open_file_stat(connection_struct *conn, const char *fname,
2224                         SMB_STRUCT_STAT *psbuf, files_struct **result)
2225 {
2226         files_struct *fsp = NULL;
2227         NTSTATUS status;
2228
2229         if (!VALID_STAT(*psbuf)) {
2230                 return NT_STATUS_INVALID_PARAMETER;
2231         }
2232
2233         /* Can't 'stat' open directories. */
2234         if(S_ISDIR(psbuf->st_mode)) {
2235                 return NT_STATUS_FILE_IS_A_DIRECTORY;
2236         }
2237
2238         status = file_new(conn, &fsp);
2239         if(!NT_STATUS_IS_OK(status)) {
2240                 return status;
2241         }
2242
2243         DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2244
2245         /*
2246          * Setup the files_struct for it.
2247          */
2248         
2249         fsp->mode = psbuf->st_mode;
2250         fsp->file_id = file_id_sbuf(psbuf);
2251         fsp->vuid = current_user.vuid;
2252         fsp->file_pid = global_smbpid;
2253         fsp->can_lock = False;
2254         fsp->can_read = False;
2255         fsp->can_write = False;
2256         fsp->print_file = False;
2257         fsp->modified = False;
2258         fsp->oplock_type = NO_OPLOCK;
2259         fsp->sent_oplock_break = NO_BREAK_SENT;
2260         fsp->is_directory = False;
2261         fsp->is_stat = True;
2262         string_set(&fsp->fsp_name,fname);
2263
2264         conn->num_files_open++;
2265
2266         *result = fsp;
2267         return NT_STATUS_OK;
2268 }
2269
2270 /****************************************************************************
2271  Receive notification that one of our open files has been renamed by another
2272  smbd process.
2273 ****************************************************************************/
2274
2275 void msg_file_was_renamed(struct messaging_context *msg,
2276                           void *private_data,
2277                           uint32_t msg_type,
2278                           struct server_id server_id,
2279                           DATA_BLOB *data)
2280 {
2281         files_struct *fsp;
2282         char *frm = (char *)data->data;
2283         struct file_id id;
2284         const char *sharepath;
2285         const char *newname;
2286         size_t sp_len;
2287
2288         if (data->data == NULL
2289             || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2290                 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2291                           data->length));
2292                 return;
2293         }
2294
2295         /* Unpack the message. */
2296         pull_file_id_16(frm, &id);
2297         sharepath = &frm[16];
2298         newname = sharepath + strlen(sharepath) + 1;
2299         sp_len = strlen(sharepath);
2300
2301         DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2302                 "file_id %s\n",
2303                   sharepath, newname, file_id_static_string(&id)));
2304
2305         for(fsp = file_find_di_first(id); fsp; fsp = file_find_di_next(fsp)) {
2306                 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2307                         DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2308                                 fsp->fnum, fsp->fsp_name, newname ));
2309                         string_set(&fsp->fsp_name, newname);
2310                 } else {
2311                         /* TODO. JRA. */
2312                         /* Now we have the complete path we can work out if this is
2313                            actually within this share and adjust newname accordingly. */
2314                         DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2315                                 "not sharepath %s) "
2316                                 "fnum %d from %s -> %s\n",
2317                                 fsp->conn->connectpath,
2318                                 sharepath,
2319                                 fsp->fnum,
2320                                 fsp->fsp_name,
2321                                 newname ));
2322                 }
2323         }
2324 }