r23151: Re-arrange the logic so it looks identical to the
[sfrench/samba-autobuild/.git] / source / smbd / open.c
1 /* 
2    Unix SMB/CIFS implementation.
3    file opening and share modes
4    Copyright (C) Andrew Tridgell 1992-1998
5    Copyright (C) Jeremy Allison 2001-2004
6    Copyright (C) Volker Lendecke 2005
7    
8    This program is free software; you can redistribute it and/or modify
9    it under the terms of the GNU General Public License as published by
10    the Free Software Foundation; either version 2 of the License, or
11    (at your option) any later version.
12    
13    This program is distributed in the hope that it will be useful,
14    but WITHOUT ANY WARRANTY; without even the implied warranty of
15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16    GNU General Public License for more details.
17    
18    You should have received a copy of the GNU General Public License
19    along with this program; if not, write to the Free Software
20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 */
22
23 #include "includes.h"
24
25 extern struct generic_mapping file_generic_mapping;
26 extern struct current_user current_user;
27 extern userdom_struct current_user_info;
28 extern uint16 global_smbpid;
29 extern BOOL global_client_failed_oplock_break;
30
31 struct deferred_open_record {
32         BOOL delayed_for_oplocks;
33         SMB_DEV_T dev;
34         SMB_INO_T inode;
35 };
36
37 /****************************************************************************
38  fd support routines - attempt to do a dos_open.
39 ****************************************************************************/
40
41 static NTSTATUS fd_open(struct connection_struct *conn,
42                     const char *fname, 
43                     files_struct *fsp,
44                     int flags,
45                     mode_t mode)
46 {
47         NTSTATUS status = NT_STATUS_OK;
48
49 #ifdef O_NOFOLLOW
50         /* 
51          * Never follow symlinks on a POSIX client. The
52          * client should be doing this.
53          */
54
55         if (fsp->posix_open || !lp_symlinks(SNUM(conn))) {
56                 flags |= O_NOFOLLOW;
57         }
58 #endif
59
60         fsp->fh->fd = SMB_VFS_OPEN(conn,fname,fsp,flags,mode);
61         if (fsp->fh->fd == -1) {
62                 status = map_nt_error_from_unix(errno);
63         }
64
65         DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n",
66                     fname, flags, (int)mode, fsp->fh->fd,
67                 (fsp->fh->fd == -1) ? strerror(errno) : "" ));
68
69         return status;
70 }
71
72 /****************************************************************************
73  Close the file associated with a fsp.
74 ****************************************************************************/
75
76 NTSTATUS fd_close(struct connection_struct *conn, files_struct *fsp)
77 {
78         if (fsp->fh->fd == -1) {
79                 return NT_STATUS_OK; /* What we used to call a stat open. */
80         }
81         if (fsp->fh->ref_count > 1) {
82                 return NT_STATUS_OK; /* Shared handle. Only close last reference. */
83         }
84         return fd_close_posix(conn, fsp);
85 }
86
87 /****************************************************************************
88  Change the ownership of a file to that of the parent directory.
89  Do this by fd if possible.
90 ****************************************************************************/
91
92 static void change_file_owner_to_parent(connection_struct *conn,
93                                         const char *inherit_from_dir,
94                                         files_struct *fsp)
95 {
96         SMB_STRUCT_STAT parent_st;
97         int ret;
98
99         ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
100         if (ret == -1) {
101                 DEBUG(0,("change_file_owner_to_parent: failed to stat parent "
102                          "directory %s. Error was %s\n",
103                          inherit_from_dir, strerror(errno) ));
104                 return;
105         }
106
107         become_root();
108         ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, parent_st.st_uid, (gid_t)-1);
109         unbecome_root();
110         if (ret == -1) {
111                 DEBUG(0,("change_file_owner_to_parent: failed to fchown "
112                          "file %s to parent directory uid %u. Error "
113                          "was %s\n", fsp->fsp_name,
114                          (unsigned int)parent_st.st_uid,
115                          strerror(errno) ));
116         }
117
118         DEBUG(10,("change_file_owner_to_parent: changed new file %s to "
119                   "parent directory uid %u.\n", fsp->fsp_name,
120                   (unsigned int)parent_st.st_uid ));
121 }
122
123 static void change_dir_owner_to_parent(connection_struct *conn,
124                                        const char *inherit_from_dir,
125                                        const char *fname,
126                                        SMB_STRUCT_STAT *psbuf)
127 {
128         pstring saved_dir;
129         SMB_STRUCT_STAT sbuf;
130         SMB_STRUCT_STAT parent_st;
131         int ret;
132
133         ret = SMB_VFS_STAT(conn, inherit_from_dir, &parent_st);
134         if (ret == -1) {
135                 DEBUG(0,("change_dir_owner_to_parent: failed to stat parent "
136                          "directory %s. Error was %s\n",
137                          inherit_from_dir, strerror(errno) ));
138                 return;
139         }
140
141         /* We've already done an lstat into psbuf, and we know it's a
142            directory. If we can cd into the directory and the dev/ino
143            are the same then we can safely chown without races as
144            we're locking the directory in place by being in it.  This
145            should work on any UNIX (thanks tridge :-). JRA.
146         */
147
148         if (!vfs_GetWd(conn,saved_dir)) {
149                 DEBUG(0,("change_dir_owner_to_parent: failed to get "
150                          "current working directory\n"));
151                 return;
152         }
153
154         /* Chdir into the new path. */
155         if (vfs_ChDir(conn, fname) == -1) {
156                 DEBUG(0,("change_dir_owner_to_parent: failed to change "
157                          "current working directory to %s. Error "
158                          "was %s\n", fname, strerror(errno) ));
159                 goto out;
160         }
161
162         if (SMB_VFS_STAT(conn,".",&sbuf) == -1) {
163                 DEBUG(0,("change_dir_owner_to_parent: failed to stat "
164                          "directory '.' (%s) Error was %s\n",
165                          fname, strerror(errno)));
166                 goto out;
167         }
168
169         /* Ensure we're pointing at the same place. */
170         if (sbuf.st_dev != psbuf->st_dev ||
171             sbuf.st_ino != psbuf->st_ino ||
172             sbuf.st_mode != psbuf->st_mode ) {
173                 DEBUG(0,("change_dir_owner_to_parent: "
174                          "device/inode/mode on directory %s changed. "
175                          "Refusing to chown !\n", fname ));
176                 goto out;
177         }
178
179         become_root();
180         ret = SMB_VFS_CHOWN(conn, ".", parent_st.st_uid, (gid_t)-1);
181         unbecome_root();
182         if (ret == -1) {
183                 DEBUG(10,("change_dir_owner_to_parent: failed to chown "
184                           "directory %s to parent directory uid %u. "
185                           "Error was %s\n", fname,
186                           (unsigned int)parent_st.st_uid, strerror(errno) ));
187                 goto out;
188         }
189
190         DEBUG(10,("change_dir_owner_to_parent: changed ownership of new "
191                   "directory %s to parent directory uid %u.\n",
192                   fname, (unsigned int)parent_st.st_uid ));
193
194  out:
195
196         vfs_ChDir(conn,saved_dir);
197 }
198
199 /****************************************************************************
200  Open a file.
201 ****************************************************************************/
202
203 static NTSTATUS open_file(files_struct *fsp,
204                           connection_struct *conn,
205                           const char *parent_dir,
206                           const char *name,
207                           const char *path,
208                           SMB_STRUCT_STAT *psbuf,
209                           int flags,
210                           mode_t unx_mode,
211                           uint32 access_mask, /* client requested access mask. */
212                           uint32 open_access_mask) /* what we're actually using in the open. */
213 {
214         NTSTATUS status = NT_STATUS_OK;
215         int accmode = (flags & O_ACCMODE);
216         int local_flags = flags;
217         BOOL file_existed = VALID_STAT(*psbuf);
218
219         fsp->fh->fd = -1;
220         errno = EPERM;
221
222         /* Check permissions */
223
224         /*
225          * This code was changed after seeing a client open request 
226          * containing the open mode of (DENY_WRITE/read-only) with
227          * the 'create if not exist' bit set. The previous code
228          * would fail to open the file read only on a read-only share
229          * as it was checking the flags parameter  directly against O_RDONLY,
230          * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
231          * JRA.
232          */
233
234         if (!CAN_WRITE(conn)) {
235                 /* It's a read-only share - fail if we wanted to write. */
236                 if(accmode != O_RDONLY) {
237                         DEBUG(3,("Permission denied opening %s\n", path));
238                         return NT_STATUS_ACCESS_DENIED;
239                 } else if(flags & O_CREAT) {
240                         /* We don't want to write - but we must make sure that
241                            O_CREAT doesn't create the file if we have write
242                            access into the directory.
243                         */
244                         flags &= ~O_CREAT;
245                         local_flags &= ~O_CREAT;
246                 }
247         }
248
249         /*
250          * This little piece of insanity is inspired by the
251          * fact that an NT client can open a file for O_RDONLY,
252          * but set the create disposition to FILE_EXISTS_TRUNCATE.
253          * If the client *can* write to the file, then it expects to
254          * truncate the file, even though it is opening for readonly.
255          * Quicken uses this stupid trick in backup file creation...
256          * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net>
257          * for helping track this one down. It didn't bite us in 2.0.x
258          * as we always opened files read-write in that release. JRA.
259          */
260
261         if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) {
262                 DEBUG(10,("open_file: truncate requested on read-only open "
263                           "for file %s\n", path));
264                 local_flags = (flags & ~O_ACCMODE)|O_RDWR;
265         }
266
267         if ((open_access_mask & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
268             (!file_existed && (local_flags & O_CREAT)) ||
269             ((local_flags & O_TRUNC) == O_TRUNC) ) {
270
271                 /*
272                  * We can't actually truncate here as the file may be locked.
273                  * open_file_ntcreate will take care of the truncate later. JRA.
274                  */
275
276                 local_flags &= ~O_TRUNC;
277
278 #if defined(O_NONBLOCK) && defined(S_ISFIFO)
279                 /*
280                  * We would block on opening a FIFO with no one else on the
281                  * other end. Do what we used to do and add O_NONBLOCK to the
282                  * open flags. JRA.
283                  */
284
285                 if (file_existed && S_ISFIFO(psbuf->st_mode)) {
286                         local_flags |= O_NONBLOCK;
287                 }
288 #endif
289
290                 /* Don't create files with Microsoft wildcard characters. */
291                 if ((local_flags & O_CREAT) && !file_existed &&
292                     ms_has_wild(path))  {
293                         return NT_STATUS_OBJECT_NAME_INVALID;
294                 }
295
296                 /* Actually do the open */
297                 status = fd_open(conn, path, fsp, local_flags, unx_mode);
298                 if (!NT_STATUS_IS_OK(status)) {
299                         DEBUG(3,("Error opening file %s (%s) (local_flags=%d) "
300                                  "(flags=%d)\n",
301                                  path,nt_errstr(status),local_flags,flags));
302                         return status;
303                 }
304
305                 if ((local_flags & O_CREAT) && !file_existed) {
306
307                         /* Inherit the ACL if required */
308                         if (lp_inherit_perms(SNUM(conn))) {
309                                 inherit_access_acl(conn, parent_dir, path,
310                                                    unx_mode);
311                         }
312
313                         /* Change the owner if required. */
314                         if (lp_inherit_owner(SNUM(conn))) {
315                                 change_file_owner_to_parent(conn, parent_dir,
316                                                             fsp);
317                         }
318
319                         notify_fname(conn, NOTIFY_ACTION_ADDED,
320                                      FILE_NOTIFY_CHANGE_FILE_NAME, path);
321                 }
322
323         } else {
324                 fsp->fh->fd = -1; /* What we used to call a stat open. */
325         }
326
327         if (!file_existed) {
328                 int ret;
329
330                 if (fsp->fh->fd == -1) {
331                         ret = SMB_VFS_STAT(conn, path, psbuf);
332                 } else {
333                         ret = SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf);
334                         /* If we have an fd, this stat should succeed. */
335                         if (ret == -1) {
336                                 DEBUG(0,("Error doing fstat on open file %s "
337                                          "(%s)\n", path,strerror(errno) ));
338                         }
339                 }
340
341                 /* For a non-io open, this stat failing means file not found. JRA */
342                 if (ret == -1) {
343                         status = map_nt_error_from_unix(errno);
344                         fd_close(conn, fsp);
345                         return status;
346                 }
347         }
348
349         /*
350          * POSIX allows read-only opens of directories. We don't
351          * want to do this (we use a different code path for this)
352          * so catch a directory open and return an EISDIR. JRA.
353          */
354
355         if(S_ISDIR(psbuf->st_mode)) {
356                 fd_close(conn, fsp);
357                 errno = EISDIR;
358                 return NT_STATUS_FILE_IS_A_DIRECTORY;
359         }
360
361         fsp->mode = psbuf->st_mode;
362         fsp->inode = psbuf->st_ino;
363         fsp->dev = psbuf->st_dev;
364         fsp->vuid = current_user.vuid;
365         fsp->file_pid = global_smbpid;
366         fsp->can_lock = True;
367         fsp->can_read = (access_mask & (FILE_READ_DATA)) ? True : False;
368         if (!CAN_WRITE(conn)) {
369                 fsp->can_write = False;
370         } else {
371                 fsp->can_write = (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) ?
372                         True : False;
373         }
374         fsp->print_file = False;
375         fsp->modified = False;
376         fsp->sent_oplock_break = NO_BREAK_SENT;
377         fsp->is_directory = False;
378         fsp->is_stat = False;
379
380         string_set(&fsp->fsp_name, path);
381         fsp->wcp = NULL; /* Write cache pointer. */
382
383         DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n",
384                  *current_user_info.smb_name ?
385                  current_user_info.smb_name : conn->user,fsp->fsp_name,
386                  BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write),
387                  conn->num_files_open + 1));
388
389         errno = 0;
390         return NT_STATUS_OK;
391 }
392
393 /*******************************************************************
394  Return True if the filename is one of the special executable types.
395 ********************************************************************/
396
397 static BOOL is_executable(const char *fname)
398 {
399         if ((fname = strrchr_m(fname,'.'))) {
400                 if (strequal(fname,".com") ||
401                     strequal(fname,".dll") ||
402                     strequal(fname,".exe") ||
403                     strequal(fname,".sym")) {
404                         return True;
405                 }
406         }
407         return False;
408 }
409
410 /****************************************************************************
411  Check if we can open a file with a share mode.
412  Returns True if conflict, False if not.
413 ****************************************************************************/
414
415 static BOOL share_conflict(struct share_mode_entry *entry,
416                            uint32 access_mask,
417                            uint32 share_access)
418 {
419         DEBUG(10,("share_conflict: entry->access_mask = 0x%x, "
420                   "entry->share_access = 0x%x, "
421                   "entry->private_options = 0x%x\n",
422                   (unsigned int)entry->access_mask,
423                   (unsigned int)entry->share_access,
424                   (unsigned int)entry->private_options));
425
426         DEBUG(10,("share_conflict: access_mask = 0x%x, share_access = 0x%x\n",
427                   (unsigned int)access_mask, (unsigned int)share_access));
428
429         if ((entry->access_mask & (FILE_WRITE_DATA|
430                                    FILE_APPEND_DATA|
431                                    FILE_READ_DATA|
432                                    FILE_EXECUTE|
433                                    DELETE_ACCESS)) == 0) {
434                 DEBUG(10,("share_conflict: No conflict due to "
435                           "entry->access_mask = 0x%x\n",
436                           (unsigned int)entry->access_mask ));
437                 return False;
438         }
439
440         if ((access_mask & (FILE_WRITE_DATA|
441                             FILE_APPEND_DATA|
442                             FILE_READ_DATA|
443                             FILE_EXECUTE|
444                             DELETE_ACCESS)) == 0) {
445                 DEBUG(10,("share_conflict: No conflict due to "
446                           "access_mask = 0x%x\n",
447                           (unsigned int)access_mask ));
448                 return False;
449         }
450
451 #if 1 /* JRA TEST - Superdebug. */
452 #define CHECK_MASK(num, am, right, sa, share) \
453         DEBUG(10,("share_conflict: [%d] am (0x%x) & right (0x%x) = 0x%x\n", \
454                 (unsigned int)(num), (unsigned int)(am), \
455                 (unsigned int)(right), (unsigned int)(am)&(right) )); \
456         DEBUG(10,("share_conflict: [%d] sa (0x%x) & share (0x%x) = 0x%x\n", \
457                 (unsigned int)(num), (unsigned int)(sa), \
458                 (unsigned int)(share), (unsigned int)(sa)&(share) )); \
459         if (((am) & (right)) && !((sa) & (share))) { \
460                 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
461 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
462                         (unsigned int)(share) )); \
463                 return True; \
464         }
465 #else
466 #define CHECK_MASK(num, am, right, sa, share) \
467         if (((am) & (right)) && !((sa) & (share))) { \
468                 DEBUG(10,("share_conflict: check %d conflict am = 0x%x, right = 0x%x, \
469 sa = 0x%x, share = 0x%x\n", (num), (unsigned int)(am), (unsigned int)(right), (unsigned int)(sa), \
470                         (unsigned int)(share) )); \
471                 return True; \
472         }
473 #endif
474
475         CHECK_MASK(1, entry->access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
476                    share_access, FILE_SHARE_WRITE);
477         CHECK_MASK(2, access_mask, FILE_WRITE_DATA | FILE_APPEND_DATA,
478                    entry->share_access, FILE_SHARE_WRITE);
479         
480         CHECK_MASK(3, entry->access_mask, FILE_READ_DATA | FILE_EXECUTE,
481                    share_access, FILE_SHARE_READ);
482         CHECK_MASK(4, access_mask, FILE_READ_DATA | FILE_EXECUTE,
483                    entry->share_access, FILE_SHARE_READ);
484
485         CHECK_MASK(5, entry->access_mask, DELETE_ACCESS,
486                    share_access, FILE_SHARE_DELETE);
487         CHECK_MASK(6, access_mask, DELETE_ACCESS,
488                    entry->share_access, FILE_SHARE_DELETE);
489
490         DEBUG(10,("share_conflict: No conflict.\n"));
491         return False;
492 }
493
494 #if defined(DEVELOPER)
495 static void validate_my_share_entries(int num,
496                                       struct share_mode_entry *share_entry)
497 {
498         files_struct *fsp;
499
500         if (!procid_is_me(&share_entry->pid)) {
501                 return;
502         }
503
504         if (is_deferred_open_entry(share_entry) &&
505             !open_was_deferred(share_entry->op_mid)) {
506                 pstring str;
507                 pstr_sprintf(str, "Got a deferred entry without a request: "
508                              "PANIC: %s\n", share_mode_str(num, share_entry));
509                 smb_panic(str);
510         }
511
512         if (!is_valid_share_mode_entry(share_entry)) {
513                 return;
514         }
515
516         fsp = file_find_dif(share_entry->dev, share_entry->inode,
517                             share_entry->share_file_id);
518         if (!fsp) {
519                 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
520                          share_mode_str(num, share_entry) ));
521                 smb_panic("validate_my_share_entries: Cannot match a "
522                           "share entry with an open file\n");
523         }
524
525         if (is_deferred_open_entry(share_entry) ||
526             is_unused_share_mode_entry(share_entry)) {
527                 goto panic;
528         }
529
530         if ((share_entry->op_type == NO_OPLOCK) &&
531             (fsp->oplock_type == FAKE_LEVEL_II_OPLOCK)) {
532                 /* Someone has already written to it, but I haven't yet
533                  * noticed */
534                 return;
535         }
536
537         if (((uint16)fsp->oplock_type) != share_entry->op_type) {
538                 goto panic;
539         }
540
541         return;
542
543  panic:
544         {
545                 pstring str;
546                 DEBUG(0,("validate_my_share_entries: PANIC : %s\n",
547                          share_mode_str(num, share_entry) ));
548                 slprintf(str, sizeof(str)-1, "validate_my_share_entries: "
549                          "file %s, oplock_type = 0x%x, op_type = 0x%x\n",
550                          fsp->fsp_name, (unsigned int)fsp->oplock_type,
551                          (unsigned int)share_entry->op_type );
552                 smb_panic(str);
553         }
554 }
555 #endif
556
557 static BOOL is_stat_open(uint32 access_mask)
558 {
559         return (access_mask &&
560                 ((access_mask & ~(SYNCHRONIZE_ACCESS| FILE_READ_ATTRIBUTES|
561                                   FILE_WRITE_ATTRIBUTES))==0) &&
562                 ((access_mask & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|
563                                  FILE_WRITE_ATTRIBUTES)) != 0));
564 }
565
566 /****************************************************************************
567  Deal with share modes
568  Invarient: Share mode must be locked on entry and exit.
569  Returns -1 on error, or number of share modes on success (may be zero).
570 ****************************************************************************/
571
572 static NTSTATUS open_mode_check(connection_struct *conn,
573                                 const char *fname,
574                                 struct share_mode_lock *lck,
575                                 uint32 access_mask,
576                                 uint32 share_access,
577                                 uint32 create_options,
578                                 BOOL *file_existed)
579 {
580         int i;
581
582         if(lck->num_share_modes == 0) {
583                 return NT_STATUS_OK;
584         }
585
586         *file_existed = True;
587         
588         if (is_stat_open(access_mask)) {
589                 /* Stat open that doesn't trigger oplock breaks or share mode
590                  * checks... ! JRA. */
591                 return NT_STATUS_OK;
592         }
593
594         /* A delete on close prohibits everything */
595
596         if (lck->delete_on_close) {
597                 return NT_STATUS_DELETE_PENDING;
598         }
599
600         /*
601          * Check if the share modes will give us access.
602          */
603         
604 #if defined(DEVELOPER)
605         for(i = 0; i < lck->num_share_modes; i++) {
606                 validate_my_share_entries(i, &lck->share_modes[i]);
607         }
608 #endif
609
610         if (!lp_share_modes(SNUM(conn))) {
611                 return NT_STATUS_OK;
612         }
613
614         /* Now we check the share modes, after any oplock breaks. */
615         for(i = 0; i < lck->num_share_modes; i++) {
616
617                 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
618                         continue;
619                 }
620
621                 /* someone else has a share lock on it, check to see if we can
622                  * too */
623                 if (share_conflict(&lck->share_modes[i],
624                                    access_mask, share_access)) {
625                         return NT_STATUS_SHARING_VIOLATION;
626                 }
627         }
628         
629         return NT_STATUS_OK;
630 }
631
632 static BOOL is_delete_request(files_struct *fsp) {
633         return ((fsp->access_mask == DELETE_ACCESS) &&
634                 (fsp->oplock_type == NO_OPLOCK));
635 }
636
637 /*
638  * 1) No files open at all or internal open: Grant whatever the client wants.
639  *
640  * 2) Exclusive (or batch) oplock around: If the requested access is a delete
641  *    request, break if the oplock around is a batch oplock. If it's another
642  *    requested access type, break.
643  * 
644  * 3) Only level2 around: Grant level2 and do nothing else.
645  */
646
647 static BOOL delay_for_oplocks(struct share_mode_lock *lck,
648                               files_struct *fsp,
649                               int pass_number,
650                               int oplock_request)
651 {
652         int i;
653         struct share_mode_entry *exclusive = NULL;
654         BOOL valid_entry = False;
655         BOOL delay_it = False;
656         BOOL have_level2 = False;
657         NTSTATUS status;
658         char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
659
660         if (oplock_request & INTERNAL_OPEN_ONLY) {
661                 fsp->oplock_type = NO_OPLOCK;
662         }
663
664         if ((oplock_request & INTERNAL_OPEN_ONLY) || is_stat_open(fsp->access_mask)) {
665                 return False;
666         }
667
668         for (i=0; i<lck->num_share_modes; i++) {
669
670                 if (!is_valid_share_mode_entry(&lck->share_modes[i])) {
671                         continue;
672                 }
673
674                 /* At least one entry is not an invalid or deferred entry. */
675                 valid_entry = True;
676
677                 if (pass_number == 1) {
678                         if (BATCH_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
679                                 SMB_ASSERT(exclusive == NULL);                  
680                                 exclusive = &lck->share_modes[i];
681                         }
682                 } else {
683                         if (EXCLUSIVE_OPLOCK_TYPE(lck->share_modes[i].op_type)) {
684                                 SMB_ASSERT(exclusive == NULL);                  
685                                 exclusive = &lck->share_modes[i];
686                         }
687                 }
688
689                 if (lck->share_modes[i].op_type == LEVEL_II_OPLOCK) {
690                         SMB_ASSERT(exclusive == NULL);                  
691                         have_level2 = True;
692                 }
693         }
694
695         if (!valid_entry) {
696                 /* All entries are placeholders or deferred.
697                  * Directly grant whatever the client wants. */
698                 if (fsp->oplock_type == NO_OPLOCK) {
699                         /* Store a level2 oplock, but don't tell the client */
700                         fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
701                 }
702                 return False;
703         }
704
705         if (exclusive != NULL) { /* Found an exclusive oplock */
706                 SMB_ASSERT(!have_level2);
707                 delay_it = is_delete_request(fsp) ?
708                         BATCH_OPLOCK_TYPE(exclusive->op_type) : True;
709         }
710
711         if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
712                 /* We can at most grant level2 as there are other
713                  * level2 or NO_OPLOCK entries. */
714                 fsp->oplock_type = LEVEL_II_OPLOCK;
715         }
716
717         if ((fsp->oplock_type == NO_OPLOCK) && have_level2) {
718                 /* Store a level2 oplock, but don't tell the client */
719                 fsp->oplock_type = FAKE_LEVEL_II_OPLOCK;
720         }
721
722         if (!delay_it) {
723                 return False;
724         }
725
726         /*
727          * Send a break message to the oplock holder and delay the open for
728          * our client.
729          */
730
731         DEBUG(10, ("Sending break request to PID %s\n",
732                    procid_str_static(&exclusive->pid)));
733         exclusive->op_mid = get_current_mid();
734
735         /* Create the message. */
736         share_mode_entry_to_message(msg, exclusive);
737
738         /* Add in the FORCE_OPLOCK_BREAK_TO_NONE bit in the message if set. We
739            don't want this set in the share mode struct pointed to by lck. */
740
741         if (oplock_request & FORCE_OPLOCK_BREAK_TO_NONE) {
742                 SSVAL(msg,6,exclusive->op_type | FORCE_OPLOCK_BREAK_TO_NONE);
743         }
744
745         status = messaging_send_buf(smbd_messaging_context(), exclusive->pid,
746                                     MSG_SMB_BREAK_REQUEST,
747                                     (uint8 *)msg,
748                                     MSG_SMB_SHARE_MODE_ENTRY_SIZE);
749         if (!NT_STATUS_IS_OK(status)) {
750                 DEBUG(3, ("Could not send oplock break message: %s\n",
751                           nt_errstr(status)));
752         }
753
754         return True;
755 }
756
757 static BOOL request_timed_out(struct timeval request_time,
758                               struct timeval timeout)
759 {
760         struct timeval now, end_time;
761         GetTimeOfDay(&now);
762         end_time = timeval_sum(&request_time, &timeout);
763         return (timeval_compare(&end_time, &now) < 0);
764 }
765
766 /****************************************************************************
767  Handle the 1 second delay in returning a SHARING_VIOLATION error.
768 ****************************************************************************/
769
770 static void defer_open(struct share_mode_lock *lck,
771                        struct timeval request_time,
772                        struct timeval timeout,
773                        struct deferred_open_record *state)
774 {
775         uint16 mid = get_current_mid();
776         int i;
777
778         /* Paranoia check */
779
780         for (i=0; i<lck->num_share_modes; i++) {
781                 struct share_mode_entry *e = &lck->share_modes[i];
782
783                 if (!is_deferred_open_entry(e)) {
784                         continue;
785                 }
786
787                 if (procid_is_me(&e->pid) && (e->op_mid == mid)) {
788                         DEBUG(0, ("Trying to defer an already deferred "
789                                   "request: mid=%d, exiting\n", mid));
790                         exit_server("attempt to defer a deferred request");
791                 }
792         }
793
794         /* End paranoia check */
795
796         DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred "
797                   "open entry for mid %u\n",
798                   (unsigned int)request_time.tv_sec,
799                   (unsigned int)request_time.tv_usec,
800                   (unsigned int)mid));
801
802         if (!push_deferred_smb_message(mid, request_time, timeout,
803                                        (char *)state, sizeof(*state))) {
804                 exit_server("push_deferred_smb_message failed");
805         }
806         add_deferred_open(lck, mid, request_time, state->dev, state->inode);
807
808         /*
809          * Push the MID of this packet on the signing queue.
810          * We only do this once, the first time we push the packet
811          * onto the deferred open queue, as this has a side effect
812          * of incrementing the response sequence number.
813          */
814
815         srv_defer_sign_response(mid);
816 }
817
818
819 /****************************************************************************
820  On overwrite open ensure that the attributes match.
821 ****************************************************************************/
822
823 static BOOL open_match_attributes(connection_struct *conn,
824                                   const char *path,
825                                   uint32 old_dos_attr,
826                                   uint32 new_dos_attr,
827                                   mode_t existing_unx_mode,
828                                   mode_t new_unx_mode,
829                                   mode_t *returned_unx_mode)
830 {
831         uint32 noarch_old_dos_attr, noarch_new_dos_attr;
832
833         noarch_old_dos_attr = (old_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
834         noarch_new_dos_attr = (new_dos_attr & ~FILE_ATTRIBUTE_ARCHIVE);
835
836         if((noarch_old_dos_attr == 0 && noarch_new_dos_attr != 0) || 
837            (noarch_old_dos_attr != 0 && ((noarch_old_dos_attr & noarch_new_dos_attr) == noarch_old_dos_attr))) {
838                 *returned_unx_mode = new_unx_mode;
839         } else {
840                 *returned_unx_mode = (mode_t)0;
841         }
842
843         DEBUG(10,("open_match_attributes: file %s old_dos_attr = 0x%x, "
844                   "existing_unx_mode = 0%o, new_dos_attr = 0x%x "
845                   "returned_unx_mode = 0%o\n",
846                   path,
847                   (unsigned int)old_dos_attr,
848                   (unsigned int)existing_unx_mode,
849                   (unsigned int)new_dos_attr,
850                   (unsigned int)*returned_unx_mode ));
851
852         /* If we're mapping SYSTEM and HIDDEN ensure they match. */
853         if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
854                 if ((old_dos_attr & FILE_ATTRIBUTE_SYSTEM) &&
855                     !(new_dos_attr & FILE_ATTRIBUTE_SYSTEM)) {
856                         return False;
857                 }
858         }
859         if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) {
860                 if ((old_dos_attr & FILE_ATTRIBUTE_HIDDEN) &&
861                     !(new_dos_attr & FILE_ATTRIBUTE_HIDDEN)) {
862                         return False;
863                 }
864         }
865         return True;
866 }
867
868 /****************************************************************************
869  Special FCB or DOS processing in the case of a sharing violation.
870  Try and find a duplicated file handle.
871 ****************************************************************************/
872
873 static files_struct *fcb_or_dos_open(connection_struct *conn,
874                                      const char *fname, SMB_DEV_T dev,
875                                      SMB_INO_T inode,
876                                      uint32 access_mask,
877                                      uint32 share_access,
878                                      uint32 create_options)
879 {
880         files_struct *fsp;
881         files_struct *dup_fsp;
882
883         DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
884                  "file %s.\n", fname ));
885
886         for(fsp = file_find_di_first(dev, inode); fsp;
887             fsp = file_find_di_next(fsp)) {
888
889                 DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
890                           "vuid = %u, file_pid = %u, private_options = 0x%x "
891                           "access_mask = 0x%x\n", fsp->fsp_name,
892                           fsp->fh->fd, (unsigned int)fsp->vuid,
893                           (unsigned int)fsp->file_pid,
894                           (unsigned int)fsp->fh->private_options,
895                           (unsigned int)fsp->access_mask ));
896
897                 if (fsp->fh->fd != -1 &&
898                     fsp->vuid == current_user.vuid &&
899                     fsp->file_pid == global_smbpid &&
900                     (fsp->fh->private_options & (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
901                                                  NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
902                     (fsp->access_mask & FILE_WRITE_DATA) &&
903                     strequal(fsp->fsp_name, fname)) {
904                         DEBUG(10,("fcb_or_dos_open: file match\n"));
905                         break;
906                 }
907         }
908
909         if (!fsp) {
910                 return NULL;
911         }
912
913         /* quite an insane set of semantics ... */
914         if (is_executable(fname) &&
915             (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
916                 DEBUG(10,("fcb_or_dos_open: file fail due to is_executable.\n"));
917                 return NULL;
918         }
919
920         /* We need to duplicate this fsp. */
921         if (!NT_STATUS_IS_OK(dup_file_fsp(fsp, access_mask, share_access,
922                                           create_options, &dup_fsp))) {
923                 return NULL;
924         }
925
926         return dup_fsp;
927 }
928
929 /****************************************************************************
930  Open a file with a share mode - old openX method - map into NTCreate.
931 ****************************************************************************/
932
933 BOOL map_open_params_to_ntcreate(const char *fname, int deny_mode, int open_func,
934                                  uint32 *paccess_mask,
935                                  uint32 *pshare_mode,
936                                  uint32 *pcreate_disposition,
937                                  uint32 *pcreate_options)
938 {
939         uint32 access_mask;
940         uint32 share_mode;
941         uint32 create_disposition;
942         uint32 create_options = 0;
943
944         DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
945                   "open_func = 0x%x\n",
946                   fname, (unsigned int)deny_mode, (unsigned int)open_func ));
947
948         /* Create the NT compatible access_mask. */
949         switch (GET_OPENX_MODE(deny_mode)) {
950                 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
951                 case DOS_OPEN_RDONLY:
952                         access_mask = FILE_GENERIC_READ;
953                         break;
954                 case DOS_OPEN_WRONLY:
955                         access_mask = FILE_GENERIC_WRITE;
956                         break;
957                 case DOS_OPEN_RDWR:
958                 case DOS_OPEN_FCB:
959                         access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
960                         break;
961                 default:
962                         DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
963                                   (unsigned int)GET_OPENX_MODE(deny_mode)));
964                         return False;
965         }
966
967         /* Create the NT compatible create_disposition. */
968         switch (open_func) {
969                 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
970                         create_disposition = FILE_CREATE;
971                         break;
972
973                 case OPENX_FILE_EXISTS_OPEN:
974                         create_disposition = FILE_OPEN;
975                         break;
976
977                 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
978                         create_disposition = FILE_OPEN_IF;
979                         break;
980        
981                 case OPENX_FILE_EXISTS_TRUNCATE:
982                         create_disposition = FILE_OVERWRITE;
983                         break;
984
985                 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
986                         create_disposition = FILE_OVERWRITE_IF;
987                         break;
988
989                 default:
990                         /* From samba4 - to be confirmed. */
991                         if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
992                                 create_disposition = FILE_CREATE;
993                                 break;
994                         }
995                         DEBUG(10,("map_open_params_to_ntcreate: bad "
996                                   "open_func 0x%x\n", (unsigned int)open_func));
997                         return False;
998         }
999  
1000         /* Create the NT compatible share modes. */
1001         switch (GET_DENY_MODE(deny_mode)) {
1002                 case DENY_ALL:
1003                         share_mode = FILE_SHARE_NONE;
1004                         break;
1005
1006                 case DENY_WRITE:
1007                         share_mode = FILE_SHARE_READ;
1008                         break;
1009
1010                 case DENY_READ:
1011                         share_mode = FILE_SHARE_WRITE;
1012                         break;
1013
1014                 case DENY_NONE:
1015                         share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1016                         break;
1017
1018                 case DENY_DOS:
1019                         create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
1020                         if (is_executable(fname)) {
1021                                 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1022                         } else {
1023                                 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
1024                                         share_mode = FILE_SHARE_READ;
1025                                 } else {
1026                                         share_mode = FILE_SHARE_NONE;
1027                                 }
1028                         }
1029                         break;
1030
1031                 case DENY_FCB:
1032                         create_options |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
1033                         share_mode = FILE_SHARE_NONE;
1034                         break;
1035
1036                 default:
1037                         DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
1038                                 (unsigned int)GET_DENY_MODE(deny_mode) ));
1039                         return False;
1040         }
1041
1042         DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
1043                   "share_mode = 0x%x, create_disposition = 0x%x, "
1044                   "create_options = 0x%x\n",
1045                   fname,
1046                   (unsigned int)access_mask,
1047                   (unsigned int)share_mode,
1048                   (unsigned int)create_disposition,
1049                   (unsigned int)create_options ));
1050
1051         if (paccess_mask) {
1052                 *paccess_mask = access_mask;
1053         }
1054         if (pshare_mode) {
1055                 *pshare_mode = share_mode;
1056         }
1057         if (pcreate_disposition) {
1058                 *pcreate_disposition = create_disposition;
1059         }
1060         if (pcreate_options) {
1061                 *pcreate_options = create_options;
1062         }
1063
1064         return True;
1065
1066 }
1067
1068 static void schedule_defer_open(struct share_mode_lock *lck, struct timeval request_time)
1069 {
1070         struct deferred_open_record state;
1071
1072         /* This is a relative time, added to the absolute
1073            request_time value to get the absolute timeout time.
1074            Note that if this is the second or greater time we enter
1075            this codepath for this particular request mid then
1076            request_time is left as the absolute time of the *first*
1077            time this request mid was processed. This is what allows
1078            the request to eventually time out. */
1079
1080         struct timeval timeout;
1081
1082         /* Normally the smbd we asked should respond within
1083          * OPLOCK_BREAK_TIMEOUT seconds regardless of whether
1084          * the client did, give twice the timeout as a safety
1085          * measure here in case the other smbd is stuck
1086          * somewhere else. */
1087
1088         timeout = timeval_set(OPLOCK_BREAK_TIMEOUT*2, 0);
1089
1090         /* Nothing actually uses state.delayed_for_oplocks
1091            but it's handy to differentiate in debug messages
1092            between a 30 second delay due to oplock break, and
1093            a 1 second delay for share mode conflicts. */
1094
1095         state.delayed_for_oplocks = True;
1096         state.dev = lck->dev;
1097         state.inode = lck->ino;
1098
1099         if (!request_timed_out(request_time, timeout)) {
1100                 defer_open(lck, request_time, timeout, &state);
1101         }
1102 }
1103
1104 /****************************************************************************
1105  Open a file with a share mode.
1106 ****************************************************************************/
1107
1108 NTSTATUS open_file_ntcreate(connection_struct *conn,
1109                             const char *fname,
1110                             SMB_STRUCT_STAT *psbuf,
1111                             uint32 access_mask,         /* access bits (FILE_READ_DATA etc.) */
1112                             uint32 share_access,        /* share constants (FILE_SHARE_READ etc) */
1113                             uint32 create_disposition,  /* FILE_OPEN_IF etc. */
1114                             uint32 create_options,      /* options such as delete on close. */
1115                             uint32 new_dos_attributes,  /* attributes used for new file. */
1116                             int oplock_request,         /* internal Samba oplock codes. */
1117                                                         /* Information (FILE_EXISTS etc.) */
1118                             int *pinfo,
1119                             files_struct **result)
1120 {
1121         int flags=0;
1122         int flags2=0;
1123         BOOL file_existed = VALID_STAT(*psbuf);
1124         BOOL def_acl = False;
1125         BOOL posix_open = False;
1126         BOOL new_file_created = False;
1127         SMB_DEV_T dev = 0;
1128         SMB_INO_T inode = 0;
1129         NTSTATUS fsp_open = NT_STATUS_ACCESS_DENIED;
1130         files_struct *fsp = NULL;
1131         mode_t new_unx_mode = (mode_t)0;
1132         mode_t unx_mode = (mode_t)0;
1133         int info;
1134         uint32 existing_dos_attributes = 0;
1135         struct pending_message_list *pml = NULL;
1136         uint16 mid = get_current_mid();
1137         struct timeval request_time = timeval_zero();
1138         struct share_mode_lock *lck = NULL;
1139         uint32 open_access_mask = access_mask;
1140         NTSTATUS status;
1141         int ret_flock;
1142         char *parent_dir;
1143         const char *newname;
1144
1145         if (conn->printer) {
1146                 /* 
1147                  * Printers are handled completely differently.
1148                  * Most of the passed parameters are ignored.
1149                  */
1150
1151                 if (pinfo) {
1152                         *pinfo = FILE_WAS_CREATED;
1153                 }
1154
1155                 DEBUG(10, ("open_file_ntcreate: printer open fname=%s\n", fname));
1156
1157                 return print_fsp_open(conn, fname, result);
1158         }
1159
1160         if (!parent_dirname_talloc(tmp_talloc_ctx(), fname, &parent_dir,
1161                                    &newname)) {
1162                 return NT_STATUS_NO_MEMORY;
1163         }
1164
1165         if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1166                 posix_open = True;
1167                 unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1168                 new_dos_attributes = 0;
1169         } else {
1170                 /* We add aARCH to this as this mode is only used if the file is
1171                  * created new. */
1172                 unx_mode = unix_mode(conn, new_dos_attributes | aARCH, fname,
1173                                      parent_dir);
1174         }
1175
1176         DEBUG(10, ("open_file_ntcreate: fname=%s, dos_attrs=0x%x "
1177                    "access_mask=0x%x share_access=0x%x "
1178                    "create_disposition = 0x%x create_options=0x%x "
1179                    "unix mode=0%o oplock_request=%d\n",
1180                    fname, new_dos_attributes, access_mask, share_access,
1181                    create_disposition, create_options, unx_mode,
1182                    oplock_request));
1183
1184         if ((pml = get_open_deferred_message(mid)) != NULL) {
1185                 struct deferred_open_record *state =
1186                         (struct deferred_open_record *)pml->private_data.data;
1187
1188                 /* Remember the absolute time of the original
1189                    request with this mid. We'll use it later to
1190                    see if this has timed out. */
1191
1192                 request_time = pml->request_time;
1193
1194                 /* Remove the deferred open entry under lock. */
1195                 lck = get_share_mode_lock(NULL, state->dev, state->inode, NULL, NULL);
1196                 if (lck == NULL) {
1197                         DEBUG(0, ("could not get share mode lock\n"));
1198                 } else {
1199                         del_deferred_open_entry(lck, mid);
1200                         TALLOC_FREE(lck);
1201                 }
1202
1203                 /* Ensure we don't reprocess this message. */
1204                 remove_deferred_open_smb_message(mid);
1205         }
1206
1207         status = check_name(conn, fname);
1208         if (!NT_STATUS_IS_OK(status)) {
1209                 return status;
1210         } 
1211
1212         if (!posix_open) {
1213                 new_dos_attributes &= SAMBA_ATTRIBUTES_MASK;
1214                 if (file_existed) {
1215                         existing_dos_attributes = dos_mode(conn, fname, psbuf);
1216                 }
1217         }
1218
1219         /* ignore any oplock requests if oplocks are disabled */
1220         if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break ||
1221             IS_VETO_OPLOCK_PATH(conn, fname)) {
1222                 /* Mask off everything except the private Samba bits. */
1223                 oplock_request &= SAMBA_PRIVATE_OPLOCK_MASK;
1224         }
1225
1226         /* this is for OS/2 long file names - say we don't support them */
1227         if (!lp_posix_pathnames() && strstr(fname,".+,;=[].")) {
1228                 /* OS/2 Workplace shell fix may be main code stream in a later
1229                  * release. */
1230                 DEBUG(5,("open_file_ntcreate: OS/2 long filenames are not "
1231                          "supported.\n"));
1232                 if (use_nt_status()) {
1233                         return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1234                 }
1235                 return NT_STATUS_DOS(ERRDOS, ERRcannotopen);
1236         }
1237
1238         switch( create_disposition ) {
1239                 /*
1240                  * Currently we're using FILE_SUPERSEDE as the same as
1241                  * FILE_OVERWRITE_IF but they really are
1242                  * different. FILE_SUPERSEDE deletes an existing file
1243                  * (requiring delete access) then recreates it.
1244                  */
1245                 case FILE_SUPERSEDE:
1246                         /* If file exists replace/overwrite. If file doesn't
1247                          * exist create. */
1248                         flags2 |= (O_CREAT | O_TRUNC);
1249                         break;
1250
1251                 case FILE_OVERWRITE_IF:
1252                         /* If file exists replace/overwrite. If file doesn't
1253                          * exist create. */
1254                         flags2 |= (O_CREAT | O_TRUNC);
1255                         break;
1256
1257                 case FILE_OPEN:
1258                         /* If file exists open. If file doesn't exist error. */
1259                         if (!file_existed) {
1260                                 DEBUG(5,("open_file_ntcreate: FILE_OPEN "
1261                                          "requested for file %s and file "
1262                                          "doesn't exist.\n", fname ));
1263                                 errno = ENOENT;
1264                                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1265                         }
1266                         break;
1267
1268                 case FILE_OVERWRITE:
1269                         /* If file exists overwrite. If file doesn't exist
1270                          * error. */
1271                         if (!file_existed) {
1272                                 DEBUG(5,("open_file_ntcreate: FILE_OVERWRITE "
1273                                          "requested for file %s and file "
1274                                          "doesn't exist.\n", fname ));
1275                                 errno = ENOENT;
1276                                 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1277                         }
1278                         flags2 |= O_TRUNC;
1279                         break;
1280
1281                 case FILE_CREATE:
1282                         /* If file exists error. If file doesn't exist
1283                          * create. */
1284                         if (file_existed) {
1285                                 DEBUG(5,("open_file_ntcreate: FILE_CREATE "
1286                                          "requested for file %s and file "
1287                                          "already exists.\n", fname ));
1288                                 if (S_ISDIR(psbuf->st_mode)) {
1289                                         errno = EISDIR;
1290                                 } else {
1291                                         errno = EEXIST;
1292                                 }
1293                                 return map_nt_error_from_unix(errno);
1294                         }
1295                         flags2 |= (O_CREAT|O_EXCL);
1296                         break;
1297
1298                 case FILE_OPEN_IF:
1299                         /* If file exists open. If file doesn't exist
1300                          * create. */
1301                         flags2 |= O_CREAT;
1302                         break;
1303
1304                 default:
1305                         return NT_STATUS_INVALID_PARAMETER;
1306         }
1307
1308         /* We only care about matching attributes on file exists and
1309          * overwrite. */
1310
1311         if (!posix_open && file_existed && ((create_disposition == FILE_OVERWRITE) ||
1312                              (create_disposition == FILE_OVERWRITE_IF))) {
1313                 if (!open_match_attributes(conn, fname,
1314                                            existing_dos_attributes,
1315                                            new_dos_attributes, psbuf->st_mode,
1316                                            unx_mode, &new_unx_mode)) {
1317                         DEBUG(5,("open_file_ntcreate: attributes missmatch "
1318                                  "for file %s (%x %x) (0%o, 0%o)\n",
1319                                  fname, existing_dos_attributes,
1320                                  new_dos_attributes,
1321                                  (unsigned int)psbuf->st_mode,
1322                                  (unsigned int)unx_mode ));
1323                         errno = EACCES;
1324                         return NT_STATUS_ACCESS_DENIED;
1325                 }
1326         }
1327
1328         /* This is a nasty hack - must fix... JRA. */
1329         if (access_mask == MAXIMUM_ALLOWED_ACCESS) {
1330                 open_access_mask = access_mask = FILE_GENERIC_ALL;
1331         }
1332
1333         /*
1334          * Convert GENERIC bits to specific bits.
1335          */
1336
1337         se_map_generic(&access_mask, &file_generic_mapping);
1338         open_access_mask = access_mask;
1339
1340         if (flags2 & O_TRUNC) {
1341                 open_access_mask |= FILE_WRITE_DATA; /* This will cause oplock breaks. */
1342         }
1343
1344         DEBUG(10, ("open_file_ntcreate: fname=%s, after mapping "
1345                    "access_mask=0x%x\n", fname, access_mask ));
1346
1347         /*
1348          * Note that we ignore the append flag as append does not
1349          * mean the same thing under DOS and Unix.
1350          */
1351
1352         if (access_mask & (FILE_WRITE_DATA | FILE_APPEND_DATA)) {
1353                 /* DENY_DOS opens are always underlying read-write on the
1354                    file handle, no matter what the requested access mask
1355                     says. */
1356                 if ((create_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) ||
1357                         access_mask & (FILE_READ_ATTRIBUTES|FILE_READ_DATA|FILE_READ_EA|FILE_EXECUTE)) {
1358                         flags = O_RDWR;
1359                 } else {
1360                         flags = O_WRONLY;
1361                 }
1362         } else {
1363                 flags = O_RDONLY;
1364         }
1365
1366         /*
1367          * Currently we only look at FILE_WRITE_THROUGH for create options.
1368          */
1369
1370 #if defined(O_SYNC)
1371         if ((create_options & FILE_WRITE_THROUGH) && lp_strict_sync(SNUM(conn))) {
1372                 flags2 |= O_SYNC;
1373         }
1374 #endif /* O_SYNC */
1375   
1376         if (posix_open & (access_mask & FILE_APPEND_DATA)) {
1377                 flags2 |= O_APPEND;
1378         }
1379
1380         if (!posix_open && !CAN_WRITE(conn)) {
1381                 /*
1382                  * We should really return a permission denied error if either
1383                  * O_CREAT or O_TRUNC are set, but for compatibility with
1384                  * older versions of Samba we just AND them out.
1385                  */
1386                 flags2 &= ~(O_CREAT|O_TRUNC);
1387         }
1388
1389         /*
1390          * Ensure we can't write on a read-only share or file.
1391          */
1392
1393         if (flags != O_RDONLY && file_existed &&
1394             (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
1395                 DEBUG(5,("open_file_ntcreate: write access requested for "
1396                          "file %s on read only %s\n",
1397                          fname, !CAN_WRITE(conn) ? "share" : "file" ));
1398                 errno = EACCES;
1399                 return NT_STATUS_ACCESS_DENIED;
1400         }
1401
1402         status = file_new(conn, &fsp);
1403         if(!NT_STATUS_IS_OK(status)) {
1404                 return status;
1405         }
1406
1407         fsp->dev = psbuf->st_dev;
1408         fsp->inode = psbuf->st_ino;
1409         fsp->share_access = share_access;
1410         fsp->fh->private_options = create_options;
1411         fsp->access_mask = open_access_mask; /* We change this to the
1412                                               * requested access_mask after
1413                                               * the open is done. */
1414         fsp->posix_open = posix_open;
1415
1416         /* Ensure no SAMBA_PRIVATE bits can be set. */
1417         fsp->oplock_type = (oplock_request & ~SAMBA_PRIVATE_OPLOCK_MASK);
1418
1419         if (timeval_is_zero(&request_time)) {
1420                 request_time = fsp->open_time;
1421         }
1422
1423         if (file_existed) {
1424                 dev = psbuf->st_dev;
1425                 inode = psbuf->st_ino;
1426
1427                 lck = get_share_mode_lock(NULL, dev, inode,
1428                                           conn->connectpath,
1429                                           fname);
1430
1431                 if (lck == NULL) {
1432                         file_free(fsp);
1433                         DEBUG(0, ("Could not get share mode lock\n"));
1434                         return NT_STATUS_SHARING_VIOLATION;
1435                 }
1436
1437                 /* First pass - send break only on batch oplocks. */
1438                 if (delay_for_oplocks(lck, fsp, 1, oplock_request)) {
1439                         schedule_defer_open(lck, request_time);
1440                         TALLOC_FREE(lck);
1441                         file_free(fsp);
1442                         return NT_STATUS_SHARING_VIOLATION;
1443                 }
1444
1445                 /* Use the client requested access mask here, not the one we
1446                  * open with. */
1447                 status = open_mode_check(conn, fname, lck,
1448                                          access_mask, share_access,
1449                                          create_options, &file_existed);
1450
1451                 if (NT_STATUS_IS_OK(status)) {
1452                         /* We might be going to allow this open. Check oplock
1453                          * status again. */
1454                         /* Second pass - send break for both batch or
1455                          * exclusive oplocks. */
1456                         if (delay_for_oplocks(lck, fsp, 2, oplock_request)) {
1457                                 schedule_defer_open(lck, request_time);
1458                                 TALLOC_FREE(lck);
1459                                 file_free(fsp);
1460                                 return NT_STATUS_SHARING_VIOLATION;
1461                         }
1462                 }
1463
1464                 if (NT_STATUS_EQUAL(status, NT_STATUS_DELETE_PENDING)) {
1465                         /* DELETE_PENDING is not deferred for a second */
1466                         TALLOC_FREE(lck);
1467                         file_free(fsp);
1468                         return status;
1469                 }
1470
1471                 if (!NT_STATUS_IS_OK(status)) {
1472                         uint32 can_access_mask;
1473                         BOOL can_access = True;
1474
1475                         SMB_ASSERT(NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION));
1476
1477                         /* Check if this can be done with the deny_dos and fcb
1478                          * calls. */
1479                         if (create_options &
1480                             (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
1481                              NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
1482                                 files_struct *fsp_dup;
1483
1484                                 /* Use the client requested access mask here,
1485                                  * not the one we open with. */
1486                                 fsp_dup = fcb_or_dos_open(conn, fname, dev,
1487                                                           inode, access_mask,
1488                                                           share_access,
1489                                                           create_options);
1490
1491                                 if (fsp_dup) {
1492                                         TALLOC_FREE(lck);
1493                                         file_free(fsp);
1494                                         if (pinfo) {
1495                                                 *pinfo = FILE_WAS_OPENED;
1496                                         }
1497                                         conn->num_files_open++;
1498                                         *result = fsp_dup;
1499                                         return NT_STATUS_OK;
1500                                 }
1501                         }
1502
1503                         /*
1504                          * This next line is a subtlety we need for
1505                          * MS-Access. If a file open will fail due to share
1506                          * permissions and also for security (access) reasons,
1507                          * we need to return the access failed error, not the
1508                          * share error. We can't open the file due to kernel
1509                          * oplock deadlock (it's possible we failed above on
1510                          * the open_mode_check()) so use a userspace check.
1511                          */
1512
1513                         if (flags & O_RDWR) {
1514                                 can_access_mask = FILE_READ_DATA|FILE_WRITE_DATA;
1515                         } else if (flags & O_WRONLY) {
1516                                 can_access_mask = FILE_WRITE_DATA;
1517                         } else {
1518                                 can_access_mask = FILE_READ_DATA;
1519                         }
1520
1521                         if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) ||
1522                             !can_access_file(conn,fname,psbuf,can_access_mask)) {
1523                                 can_access = False;
1524                         }
1525
1526                         /* 
1527                          * If we're returning a share violation, ensure we
1528                          * cope with the braindead 1 second delay.
1529                          */
1530
1531                         if (!(oplock_request & INTERNAL_OPEN_ONLY) &&
1532                             lp_defer_sharing_violations()) {
1533                                 struct timeval timeout;
1534                                 struct deferred_open_record state;
1535                                 int timeout_usecs;
1536
1537                                 /* this is a hack to speed up torture tests
1538                                    in 'make test' */
1539                                 timeout_usecs = lp_parm_int(SNUM(conn),
1540                                                             "smbd","sharedelay",
1541                                                             SHARING_VIOLATION_USEC_WAIT);
1542
1543                                 /* This is a relative time, added to the absolute
1544                                    request_time value to get the absolute timeout time.
1545                                    Note that if this is the second or greater time we enter
1546                                    this codepath for this particular request mid then
1547                                    request_time is left as the absolute time of the *first*
1548                                    time this request mid was processed. This is what allows
1549                                    the request to eventually time out. */
1550
1551                                 timeout = timeval_set(0, timeout_usecs);
1552
1553                                 /* Nothing actually uses state.delayed_for_oplocks
1554                                    but it's handy to differentiate in debug messages
1555                                    between a 30 second delay due to oplock break, and
1556                                    a 1 second delay for share mode conflicts. */
1557
1558                                 state.delayed_for_oplocks = False;
1559                                 state.dev = dev;
1560                                 state.inode = inode;
1561
1562                                 if (!request_timed_out(request_time,
1563                                                        timeout)) {
1564                                         defer_open(lck, request_time, timeout,
1565                                                    &state);
1566                                 }
1567                         }
1568
1569                         TALLOC_FREE(lck);
1570                         if (can_access) {
1571                                 /*
1572                                  * We have detected a sharing violation here
1573                                  * so return the correct error code
1574                                  */
1575                                 status = NT_STATUS_SHARING_VIOLATION;
1576                         } else {
1577                                 status = NT_STATUS_ACCESS_DENIED;
1578                         }
1579                         file_free(fsp);
1580                         return status;
1581                 }
1582
1583                 /*
1584                  * We exit this block with the share entry *locked*.....
1585                  */
1586         }
1587
1588         SMB_ASSERT(!file_existed || (lck != NULL));
1589
1590         /*
1591          * Ensure we pay attention to default ACLs on directories if required.
1592          */
1593
1594         if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) &&
1595             (def_acl = directory_has_default_acl(conn, parent_dir))) {
1596                 unx_mode = 0777;
1597         }
1598
1599         DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o, "
1600                 "access_mask = 0x%x, open_access_mask = 0x%x\n",
1601                  (unsigned int)flags, (unsigned int)flags2,
1602                  (unsigned int)unx_mode, (unsigned int)access_mask,
1603                  (unsigned int)open_access_mask));
1604
1605         /*
1606          * open_file strips any O_TRUNC flags itself.
1607          */
1608
1609         fsp_open = open_file(fsp, conn, parent_dir, newname, fname, psbuf,
1610                              flags|flags2, unx_mode, access_mask,
1611                              open_access_mask);
1612
1613         if (!NT_STATUS_IS_OK(fsp_open)) {
1614                 if (lck != NULL) {
1615                         TALLOC_FREE(lck);
1616                 }
1617                 file_free(fsp);
1618                 return fsp_open;
1619         }
1620
1621         if (!file_existed) {
1622
1623                 /*
1624                  * Deal with the race condition where two smbd's detect the
1625                  * file doesn't exist and do the create at the same time. One
1626                  * of them will win and set a share mode, the other (ie. this
1627                  * one) should check if the requested share mode for this
1628                  * create is allowed.
1629                  */
1630
1631                 /*
1632                  * Now the file exists and fsp is successfully opened,
1633                  * fsp->dev and fsp->inode are valid and should replace the
1634                  * dev=0,inode=0 from a non existent file. Spotted by
1635                  * Nadav Danieli <nadavd@exanet.com>. JRA.
1636                  */
1637
1638                 dev = fsp->dev;
1639                 inode = fsp->inode;
1640
1641                 lck = get_share_mode_lock(NULL, dev, inode,
1642                                           conn->connectpath,
1643                                           fname);
1644
1645                 if (lck == NULL) {
1646                         DEBUG(0, ("open_file_ntcreate: Could not get share "
1647                                   "mode lock for %s\n", fname));
1648                         fd_close(conn, fsp);
1649                         file_free(fsp);
1650                         return NT_STATUS_SHARING_VIOLATION;
1651                 }
1652
1653                 /* First pass - send break only on batch oplocks. */
1654                 if (delay_for_oplocks(lck, fsp, 1, oplock_request)) {
1655                         schedule_defer_open(lck, request_time);
1656                         TALLOC_FREE(lck);
1657                         fd_close(conn, fsp);
1658                         file_free(fsp);
1659                         return NT_STATUS_SHARING_VIOLATION;
1660                 }
1661
1662                 status = open_mode_check(conn, fname, lck,
1663                                          access_mask, share_access,
1664                                          create_options, &file_existed);
1665
1666                 if (NT_STATUS_IS_OK(status)) {
1667                         /* We might be going to allow this open. Check oplock
1668                          * status again. */
1669                         /* Second pass - send break for both batch or
1670                          * exclusive oplocks. */
1671                         if (delay_for_oplocks(lck, fsp, 2, oplock_request)) {
1672                                 schedule_defer_open(lck, request_time);
1673                                 TALLOC_FREE(lck);
1674                                 fd_close(conn, fsp);
1675                                 file_free(fsp);
1676                                 return NT_STATUS_SHARING_VIOLATION;
1677                         }
1678                 }
1679
1680                 if (!NT_STATUS_IS_OK(status)) {
1681                         struct deferred_open_record state;
1682
1683                         fd_close(conn, fsp);
1684                         file_free(fsp);
1685
1686                         state.delayed_for_oplocks = False;
1687                         state.dev = dev;
1688                         state.inode = inode;
1689
1690                         /* Do it all over again immediately. In the second
1691                          * round we will find that the file existed and handle
1692                          * the DELETE_PENDING and FCB cases correctly. No need
1693                          * to duplicate the code here. Essentially this is a
1694                          * "goto top of this function", but don't tell
1695                          * anybody... */
1696
1697                         defer_open(lck, request_time, timeval_zero(),
1698                                    &state);
1699                         TALLOC_FREE(lck);
1700                         return status;
1701                 }
1702
1703                 /*
1704                  * We exit this block with the share entry *locked*.....
1705                  */
1706
1707         }
1708
1709         SMB_ASSERT(lck != NULL);
1710
1711         /* note that we ignore failure for the following. It is
1712            basically a hack for NFS, and NFS will never set one of
1713            these only read them. Nobody but Samba can ever set a deny
1714            mode and we have already checked our more authoritative
1715            locking database for permission to set this deny mode. If
1716            the kernel refuses the operations then the kernel is wrong.
1717            note that GPFS supports it as well - jmcd */
1718
1719         ret_flock = SMB_VFS_KERNEL_FLOCK(fsp, fsp->fh->fd, share_access);
1720         if(ret_flock == -1 ){
1721
1722                 TALLOC_FREE(lck);
1723                 fd_close(conn, fsp);
1724                 file_free(fsp);
1725                 
1726                 return NT_STATUS_SHARING_VIOLATION;
1727         }
1728
1729         /*
1730          * At this point onwards, we can guarentee that the share entry
1731          * is locked, whether we created the file or not, and that the
1732          * deny mode is compatible with all current opens.
1733          */
1734
1735         /*
1736          * If requested, truncate the file.
1737          */
1738
1739         if (flags2&O_TRUNC) {
1740                 /*
1741                  * We are modifing the file after open - update the stat
1742                  * struct..
1743                  */
1744                 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fh->fd,0) == -1) ||
1745                     (SMB_VFS_FSTAT(fsp,fsp->fh->fd,psbuf)==-1)) {
1746                         status = map_nt_error_from_unix(errno);
1747                         TALLOC_FREE(lck);
1748                         fd_close(conn,fsp);
1749                         file_free(fsp);
1750                         return status;
1751                 }
1752         }
1753
1754         /* Record the options we were opened with. */
1755         fsp->share_access = share_access;
1756         fsp->fh->private_options = create_options;
1757         fsp->access_mask = access_mask;
1758
1759         if (file_existed) {
1760                 /* stat opens on existing files don't get oplocks. */
1761                 if (is_stat_open(open_access_mask)) {
1762                         fsp->oplock_type = NO_OPLOCK;
1763                 }
1764
1765                 if (!(flags2 & O_TRUNC)) {
1766                         info = FILE_WAS_OPENED;
1767                 } else {
1768                         info = FILE_WAS_OVERWRITTEN;
1769                 }
1770         } else {
1771                 info = FILE_WAS_CREATED;
1772         }
1773
1774         if (pinfo) {
1775                 *pinfo = info;
1776         }
1777
1778         /* 
1779          * Setup the oplock info in both the shared memory and
1780          * file structs.
1781          */
1782
1783         if ((fsp->oplock_type != NO_OPLOCK) &&
1784             (fsp->oplock_type != FAKE_LEVEL_II_OPLOCK)) {
1785                 if (!set_file_oplock(fsp, fsp->oplock_type)) {
1786                         /* Could not get the kernel oplock */
1787                         fsp->oplock_type = NO_OPLOCK;
1788                 }
1789         }
1790
1791         if (info == FILE_WAS_OVERWRITTEN || info == FILE_WAS_CREATED || info == FILE_WAS_SUPERSEDED) {
1792                 new_file_created = True;
1793         }
1794
1795         set_share_mode(lck, fsp, current_user.ut.uid, 0, fsp->oplock_type, new_file_created);
1796
1797         /* Handle strange delete on close create semantics. */
1798         if ((create_options & FILE_DELETE_ON_CLOSE) && can_set_initial_delete_on_close(lck)) {
1799                 status = can_set_delete_on_close(fsp, True, new_dos_attributes);
1800
1801                 if (!NT_STATUS_IS_OK(status)) {
1802                         /* Remember to delete the mode we just added. */
1803                         del_share_mode(lck, fsp);
1804                         TALLOC_FREE(lck);
1805                         fd_close(conn,fsp);
1806                         file_free(fsp);
1807                         return status;
1808                 }
1809                 /* Note that here we set the *inital* delete on close flag,
1810                    not the regular one. The magic gets handled in close. */
1811                 fsp->initial_delete_on_close = True;
1812         }
1813         
1814         if (new_file_created) {
1815                 /* Files should be initially set as archive */
1816                 if (lp_map_archive(SNUM(conn)) ||
1817                     lp_store_dos_attributes(SNUM(conn))) {
1818                         if (!posix_open) {
1819                                 file_set_dosmode(conn, fname,
1820                                          new_dos_attributes | aARCH, NULL,
1821                                          parent_dir);
1822                         }
1823                 }
1824         }
1825
1826         /*
1827          * Take care of inherited ACLs on created files - if default ACL not
1828          * selected.
1829          */
1830
1831         if (!posix_open && !file_existed && !def_acl) {
1832
1833                 int saved_errno = errno; /* We might get ENOSYS in the next
1834                                           * call.. */
1835
1836                 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd, unx_mode) == -1 &&
1837                     errno == ENOSYS) {
1838                         errno = saved_errno; /* Ignore ENOSYS */
1839                 }
1840
1841         } else if (new_unx_mode) {
1842
1843                 int ret = -1;
1844
1845                 /* Attributes need changing. File already existed. */
1846
1847                 {
1848                         int saved_errno = errno; /* We might get ENOSYS in the
1849                                                   * next call.. */
1850                         ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fh->fd,
1851                                                  new_unx_mode);
1852
1853                         if (ret == -1 && errno == ENOSYS) {
1854                                 errno = saved_errno; /* Ignore ENOSYS */
1855                         } else {
1856                                 DEBUG(5, ("open_file_ntcreate: reset "
1857                                           "attributes of file %s to 0%o\n",
1858                                           fname, (unsigned int)new_unx_mode));
1859                                 ret = 0; /* Don't do the fchmod below. */
1860                         }
1861                 }
1862
1863                 if ((ret == -1) &&
1864                     (SMB_VFS_FCHMOD(fsp, fsp->fh->fd, new_unx_mode) == -1))
1865                         DEBUG(5, ("open_file_ntcreate: failed to reset "
1866                                   "attributes of file %s to 0%o\n",
1867                                   fname, (unsigned int)new_unx_mode));
1868         }
1869
1870         /* If this is a successful open, we must remove any deferred open
1871          * records. */
1872         del_deferred_open_entry(lck, mid);
1873         TALLOC_FREE(lck);
1874
1875         conn->num_files_open++;
1876
1877         *result = fsp;
1878         return NT_STATUS_OK;
1879 }
1880
1881 /****************************************************************************
1882  Open a file for for write to ensure that we can fchmod it.
1883 ****************************************************************************/
1884
1885 NTSTATUS open_file_fchmod(connection_struct *conn, const char *fname,
1886                           SMB_STRUCT_STAT *psbuf, files_struct **result)
1887 {
1888         files_struct *fsp = NULL;
1889         NTSTATUS status;
1890
1891         if (!VALID_STAT(*psbuf)) {
1892                 return NT_STATUS_INVALID_PARAMETER;
1893         }
1894
1895         status = file_new(conn, &fsp);
1896         if(!NT_STATUS_IS_OK(status)) {
1897                 return status;
1898         }
1899
1900         /* note! we must use a non-zero desired access or we don't get
1901            a real file descriptor. Oh what a twisted web we weave. */
1902         status = open_file(fsp, conn, NULL, NULL, fname, psbuf, O_WRONLY, 0,
1903                            FILE_WRITE_DATA, FILE_WRITE_DATA);
1904
1905         /* 
1906          * This is not a user visible file open.
1907          * Don't set a share mode and don't increment
1908          * the conn->num_files_open.
1909          */
1910
1911         if (!NT_STATUS_IS_OK(status)) {
1912                 file_free(fsp);
1913                 return status;
1914         }
1915
1916         *result = fsp;
1917         return NT_STATUS_OK;
1918 }
1919
1920 /****************************************************************************
1921  Close the fchmod file fd - ensure no locks are lost.
1922 ****************************************************************************/
1923
1924 NTSTATUS close_file_fchmod(files_struct *fsp)
1925 {
1926         NTSTATUS status = fd_close(fsp->conn, fsp);
1927         file_free(fsp);
1928         return status;
1929 }
1930
1931 static NTSTATUS mkdir_internal(connection_struct *conn,
1932                                 const char *name,
1933                                 uint32 file_attributes,
1934                                 SMB_STRUCT_STAT *psbuf)
1935 {
1936         mode_t mode;
1937         char *parent_dir;
1938         const char *dirname;
1939         NTSTATUS status;
1940
1941         if(!CAN_WRITE(conn)) {
1942                 DEBUG(5,("mkdir_internal: failing create on read-only share "
1943                          "%s\n", lp_servicename(SNUM(conn))));
1944                 return NT_STATUS_ACCESS_DENIED;
1945         }
1946
1947         status = check_name(conn, name);
1948         if (!NT_STATUS_IS_OK(status)) {
1949                 return status;
1950         }
1951
1952         if (!parent_dirname_talloc(tmp_talloc_ctx(), name, &parent_dir,
1953                                    &dirname)) {
1954                 return NT_STATUS_NO_MEMORY;
1955         }
1956
1957         if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
1958                 mode = (mode_t)(file_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
1959         } else {
1960                 mode = unix_mode(conn, aDIR, name, parent_dir);
1961         }
1962
1963         if (SMB_VFS_MKDIR(conn, name, mode) != 0) {
1964                 return map_nt_error_from_unix(errno);
1965         }
1966
1967         /* Ensure we're checking for a symlink here.... */
1968         /* We don't want to get caught by a symlink racer. */
1969
1970         if (SMB_VFS_LSTAT(conn, name, psbuf) == -1) {
1971                 DEBUG(2, ("Could not stat directory '%s' just created: %s\n",
1972                           name, strerror(errno)));
1973                 return map_nt_error_from_unix(errno);
1974         }
1975
1976         if (!S_ISDIR(psbuf->st_mode)) {
1977                 DEBUG(0, ("Directory just '%s' created is not a directory\n",
1978                           name));
1979                 return NT_STATUS_ACCESS_DENIED;
1980         }
1981
1982         if (lp_inherit_perms(SNUM(conn))) {
1983                 inherit_access_acl(conn, parent_dir, name, mode);
1984         }
1985
1986         if (!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
1987                 /*
1988                  * Check if high bits should have been set,
1989                  * then (if bits are missing): add them.
1990                  * Consider bits automagically set by UNIX, i.e. SGID bit from parent
1991                  * dir.
1992                  */
1993                 if (mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) && (mode & ~psbuf->st_mode)) {
1994                         SMB_VFS_CHMOD(conn, name,
1995                                       psbuf->st_mode | (mode & ~psbuf->st_mode));
1996                 }
1997         }
1998
1999         /* Change the owner if required. */
2000         if (lp_inherit_owner(SNUM(conn))) {
2001                 change_dir_owner_to_parent(conn, parent_dir, name, psbuf);
2002         }
2003
2004         notify_fname(conn, NOTIFY_ACTION_ADDED, FILE_NOTIFY_CHANGE_DIR_NAME,
2005                      name);
2006
2007         return NT_STATUS_OK;
2008 }
2009
2010 /****************************************************************************
2011  Open a directory from an NT SMB call.
2012 ****************************************************************************/
2013
2014 NTSTATUS open_directory(connection_struct *conn,
2015                         const char *fname,
2016                         SMB_STRUCT_STAT *psbuf,
2017                         uint32 access_mask,
2018                         uint32 share_access,
2019                         uint32 create_disposition,
2020                         uint32 create_options,
2021                         uint32 file_attributes,
2022                         int *pinfo,
2023                         files_struct **result)
2024 {
2025         files_struct *fsp = NULL;
2026         BOOL dir_existed = VALID_STAT(*psbuf) ? True : False;
2027         struct share_mode_lock *lck = NULL;
2028         NTSTATUS status;
2029         int info = 0;
2030
2031         DEBUG(5,("open_directory: opening directory %s, access_mask = 0x%x, "
2032                  "share_access = 0x%x create_options = 0x%x, "
2033                  "create_disposition = 0x%x, file_attributes = 0x%x\n",
2034                  fname,
2035                  (unsigned int)access_mask,
2036                  (unsigned int)share_access,
2037                  (unsigned int)create_options,
2038                  (unsigned int)create_disposition,
2039                  (unsigned int)file_attributes));
2040
2041         if (is_ntfs_stream_name(fname)) {
2042                 DEBUG(0,("open_directory: %s is a stream name!\n", fname ));
2043                 return NT_STATUS_NOT_A_DIRECTORY;
2044         }
2045
2046         switch( create_disposition ) {
2047                 case FILE_OPEN:
2048
2049                         info = FILE_WAS_OPENED;
2050
2051                         /*
2052                          * We want to follow symlinks here.
2053                          */
2054
2055                         if (SMB_VFS_STAT(conn, fname, psbuf) != 0) {
2056                                 return map_nt_error_from_unix(errno);
2057                         }
2058                                 
2059                         break;
2060
2061                 case FILE_CREATE:
2062
2063                         /* If directory exists error. If directory doesn't
2064                          * exist create. */
2065
2066                         status = mkdir_internal(conn,
2067                                                 fname,
2068                                                 file_attributes,
2069                                                 psbuf);
2070
2071                         if (!NT_STATUS_IS_OK(status)) {
2072                                 DEBUG(2, ("open_directory: unable to create "
2073                                           "%s. Error was %s\n", fname,
2074                                           nt_errstr(status)));
2075                                 return status;
2076                         }
2077
2078                         info = FILE_WAS_CREATED;
2079                         break;
2080
2081                 case FILE_OPEN_IF:
2082                         /*
2083                          * If directory exists open. If directory doesn't
2084                          * exist create.
2085                          */
2086
2087                         status = mkdir_internal(conn,
2088                                                 fname,
2089                                                 file_attributes,
2090                                                 psbuf);
2091
2092                         if (NT_STATUS_IS_OK(status)) {
2093                                 info = FILE_WAS_CREATED;
2094                         }
2095
2096                         if (NT_STATUS_EQUAL(status,
2097                                             NT_STATUS_OBJECT_NAME_COLLISION)) {
2098                                 info = FILE_WAS_OPENED;
2099                                 status = NT_STATUS_OK;
2100                         }
2101                                 
2102                         break;
2103
2104                 case FILE_SUPERSEDE:
2105                 case FILE_OVERWRITE:
2106                 case FILE_OVERWRITE_IF:
2107                 default:
2108                         DEBUG(5,("open_directory: invalid create_disposition "
2109                                  "0x%x for directory %s\n",
2110                                  (unsigned int)create_disposition, fname));
2111                         return NT_STATUS_INVALID_PARAMETER;
2112         }
2113
2114         if(!S_ISDIR(psbuf->st_mode)) {
2115                 DEBUG(5,("open_directory: %s is not a directory !\n",
2116                          fname ));
2117                 return NT_STATUS_NOT_A_DIRECTORY;
2118         }
2119
2120         status = file_new(conn, &fsp);
2121         if(!NT_STATUS_IS_OK(status)) {
2122                 return status;
2123         }
2124
2125         /*
2126          * Setup the files_struct for it.
2127          */
2128         
2129         fsp->mode = psbuf->st_mode;
2130         fsp->inode = psbuf->st_ino;
2131         fsp->dev = psbuf->st_dev;
2132         fsp->vuid = current_user.vuid;
2133         fsp->file_pid = global_smbpid;
2134         fsp->can_lock = False;
2135         fsp->can_read = False;
2136         fsp->can_write = False;
2137
2138         fsp->share_access = share_access;
2139         fsp->fh->private_options = create_options;
2140         fsp->access_mask = access_mask;
2141
2142         fsp->print_file = False;
2143         fsp->modified = False;
2144         fsp->oplock_type = NO_OPLOCK;
2145         fsp->sent_oplock_break = NO_BREAK_SENT;
2146         fsp->is_directory = True;
2147         fsp->is_stat = False;
2148         fsp->posix_open = (file_attributes & FILE_FLAG_POSIX_SEMANTICS) ? True : False;
2149
2150         string_set(&fsp->fsp_name,fname);
2151
2152         lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode,
2153                                   conn->connectpath,
2154                                   fname);
2155
2156         if (lck == NULL) {
2157                 DEBUG(0, ("open_directory: Could not get share mode lock for %s\n", fname));
2158                 file_free(fsp);
2159                 return NT_STATUS_SHARING_VIOLATION;
2160         }
2161
2162         status = open_mode_check(conn, fname, lck,
2163                                 access_mask, share_access,
2164                                 create_options, &dir_existed);
2165
2166         if (!NT_STATUS_IS_OK(status)) {
2167                 TALLOC_FREE(lck);
2168                 file_free(fsp);
2169                 return status;
2170         }
2171
2172         set_share_mode(lck, fsp, current_user.ut.uid, 0, NO_OPLOCK, True);
2173
2174         /* For directories the delete on close bit at open time seems
2175            always to be honored on close... See test 19 in Samba4 BASE-DELETE. */
2176         if (create_options & FILE_DELETE_ON_CLOSE) {
2177                 status = can_set_delete_on_close(fsp, True, 0);
2178                 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_DIRECTORY_NOT_EMPTY)) {
2179                         TALLOC_FREE(lck);
2180                         file_free(fsp);
2181                         return status;
2182                 }
2183
2184                 if (NT_STATUS_IS_OK(status)) {
2185                         /* Note that here we set the *inital* delete on close flag,
2186                            not the regular one. The magic gets handled in close. */
2187                         fsp->initial_delete_on_close = True;
2188                 }
2189         }
2190
2191         TALLOC_FREE(lck);
2192
2193         if (pinfo) {
2194                 *pinfo = info;
2195         }
2196
2197         conn->num_files_open++;
2198
2199         *result = fsp;
2200         return NT_STATUS_OK;
2201 }
2202
2203 NTSTATUS create_directory(connection_struct *conn, const char *directory)
2204 {
2205         NTSTATUS status;
2206         SMB_STRUCT_STAT sbuf;
2207         files_struct *fsp;
2208
2209         SET_STAT_INVALID(sbuf);
2210         
2211         status = open_directory(conn, directory, &sbuf,
2212                                 FILE_READ_ATTRIBUTES, /* Just a stat open */
2213                                 FILE_SHARE_NONE, /* Ignored for stat opens */
2214                                 FILE_CREATE,
2215                                 0,
2216                                 FILE_ATTRIBUTE_DIRECTORY,
2217                                 NULL,
2218                                 &fsp);
2219
2220         if (NT_STATUS_IS_OK(status)) {
2221                 close_file(fsp, NORMAL_CLOSE);
2222         }
2223
2224         return status;
2225 }
2226
2227 /****************************************************************************
2228  Open a pseudo-file (no locking checks - a 'stat' open).
2229 ****************************************************************************/
2230
2231 NTSTATUS open_file_stat(connection_struct *conn, const char *fname,
2232                         SMB_STRUCT_STAT *psbuf, files_struct **result)
2233 {
2234         files_struct *fsp = NULL;
2235         NTSTATUS status;
2236
2237         if (!VALID_STAT(*psbuf)) {
2238                 return NT_STATUS_INVALID_PARAMETER;
2239         }
2240
2241         /* Can't 'stat' open directories. */
2242         if(S_ISDIR(psbuf->st_mode)) {
2243                 return NT_STATUS_FILE_IS_A_DIRECTORY;
2244         }
2245
2246         status = file_new(conn, &fsp);
2247         if(!NT_STATUS_IS_OK(status)) {
2248                 return status;
2249         }
2250
2251         DEBUG(5,("open_file_stat: 'opening' file %s\n", fname));
2252
2253         /*
2254          * Setup the files_struct for it.
2255          */
2256         
2257         fsp->mode = psbuf->st_mode;
2258         fsp->inode = psbuf->st_ino;
2259         fsp->dev = psbuf->st_dev;
2260         fsp->vuid = current_user.vuid;
2261         fsp->file_pid = global_smbpid;
2262         fsp->can_lock = False;
2263         fsp->can_read = False;
2264         fsp->can_write = False;
2265         fsp->print_file = False;
2266         fsp->modified = False;
2267         fsp->oplock_type = NO_OPLOCK;
2268         fsp->sent_oplock_break = NO_BREAK_SENT;
2269         fsp->is_directory = False;
2270         fsp->is_stat = True;
2271         string_set(&fsp->fsp_name,fname);
2272
2273         conn->num_files_open++;
2274
2275         *result = fsp;
2276         return NT_STATUS_OK;
2277 }
2278
2279 /****************************************************************************
2280  Receive notification that one of our open files has been renamed by another
2281  smbd process.
2282 ****************************************************************************/
2283
2284 void msg_file_was_renamed(struct messaging_context *msg,
2285                           void *private_data,
2286                           uint32_t msg_type,
2287                           struct server_id server_id,
2288                           DATA_BLOB *data)
2289 {
2290         files_struct *fsp;
2291         char *frm = (char *)data->data;
2292         SMB_DEV_T dev;
2293         SMB_INO_T inode;
2294         const char *sharepath;
2295         const char *newname;
2296         size_t sp_len;
2297
2298         if (data->data == NULL
2299             || data->length < MSG_FILE_RENAMED_MIN_SIZE + 2) {
2300                 DEBUG(0, ("msg_file_was_renamed: Got invalid msg len %d\n",
2301                           data->length));
2302                 return;
2303         }
2304
2305         /* Unpack the message. */
2306         dev = DEV_T_VAL(frm,0);
2307         inode = INO_T_VAL(frm,8);
2308         sharepath = &frm[16];
2309         newname = sharepath + strlen(sharepath) + 1;
2310         sp_len = strlen(sharepath);
2311
2312         DEBUG(10,("msg_file_was_renamed: Got rename message for sharepath %s, new name %s, "
2313                 "dev %x, inode  %.0f\n",
2314                 sharepath, newname, (unsigned int)dev, (double)inode ));
2315
2316         for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
2317                 if (memcmp(fsp->conn->connectpath, sharepath, sp_len) == 0) {
2318                         DEBUG(10,("msg_file_was_renamed: renaming file fnum %d from %s -> %s\n",
2319                                 fsp->fnum, fsp->fsp_name, newname ));
2320                         string_set(&fsp->fsp_name, newname);
2321                 } else {
2322                         /* TODO. JRA. */
2323                         /* Now we have the complete path we can work out if this is
2324                            actually within this share and adjust newname accordingly. */
2325                         DEBUG(10,("msg_file_was_renamed: share mismatch (sharepath %s "
2326                                 "not sharepath %s) "
2327                                 "fnum %d from %s -> %s\n",
2328                                 fsp->conn->connectpath,
2329                                 sharepath,
2330                                 fsp->fnum,
2331                                 fsp->fsp_name,
2332                                 newname ));
2333                 }
2334         }
2335 }