1/* 2 Unix SMB/CIFS implementation. 3 file opening and share modes 4 Copyright (C) Andrew Tridgell 1992-1998 5 Copyright (C) Jeremy Allison 2001-2004 6 7 This program is free software; you can redistribute it and/or modify 8 it under the terms of the GNU General Public License as published by 9 the Free Software Foundation; either version 2 of the License, or 10 (at your option) any later version. 11 12 This program is distributed in the hope that it will be useful, 13 but WITHOUT ANY WARRANTY; without even the implied warranty of 14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 GNU General Public License for more details. 16 17 You should have received a copy of the GNU General Public License 18 along with this program; if not, write to the Free Software 19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 20*/ 21 22#include "includes.h" 23 24extern userdom_struct current_user_info; 25extern uint16 global_oplock_port; 26extern uint16 global_smbpid; 27extern BOOL global_client_failed_oplock_break; 28 29struct dev_inode_bundle { 30 SMB_DEV_T dev; 31 SMB_INO_T inode; 32}; 33 34/**************************************************************************** 35 fd support routines - attempt to do a dos_open. 36****************************************************************************/ 37static int fd_open(struct connection_struct *conn, const char *fname, 38 int flags, mode_t mode) 39{ 40 int fd; 41 int accmode = (flags & O_ACCMODE); 42 43#ifdef O_NOFOLLOW 44 if (!lp_symlinks(SNUM(conn))) 45 flags |= O_NOFOLLOW; 46#endif 47 48 fd = SMB_VFS_OPEN(conn,fname,flags,mode); 49 50 DEBUG(10,("fd_open: name %s, flags = 0%o mode = 0%o, fd = %d. %s\n", fname, 51 flags, (int)mode, fd, (fd == -1) ? strerror(errno) : "" )); 52 53#if 1 54 /* Foxconn, added by MJ., 2010.04.09, for locking files against access of other programs. */ 55 int ret; 56 struct flock my_lock; 57 my_lock.l_type = F_RDLCK; 58 my_lock.l_whence = SEEK_SET; /* modified for failure of locking */ 59 my_lock.l_start = 0; 60 my_lock.l_len = 0; 61 62 if(accmode == O_RDONLY) 63 { 64 DEBUG(10, ("read only: %d\n", fd)); 65 /* Foxconn modified start pling 08/26/2010 */ 66 /* WNR3500L TD#159: Don't do fcntl if fd is not valid */ 67 //if(!fcntl(fd, F_GETLK, &my_lock) && fd != -1) 68 if(fd >= 0 && !fcntl(fd, F_GETLK, &my_lock)) 69 /* Foxconn modified end pling 08/26/2010 */ 70 { 71 DEBUG(10, ("my_lock: %d\n", my_lock.l_type)); 72 if(my_lock.l_type != F_UNLCK){ 73 DEBUG(10, ("This file is locked, %d\n", fd)); 74 }else{ 75 DEBUG(10, ("This file unlocked, %d\n", fd)); 76 my_lock.l_type = F_RDLCK; 77 if(fcntl(fd, F_SETLK, &my_lock)) 78 { 79 DEBUG(10, ("Set RDLCK failed.\n")); 80 } 81 else 82 DEBUG(10, ("Set RDLCK ok.\n")); 83 } 84 } 85 } 86 else 87 { 88 DEBUG(10, ("write mode: %d\n", fd)); 89 my_lock.l_type = F_WRLCK; 90 if(fd >= 0) 91 { 92 ret = fcntl(fd, F_GETLK, &my_lock); 93 if(my_lock.l_type == 2) 94 { 95 DEBUG(10, ("This file unlocked, %d\n", fd)); 96 my_lock.l_type = F_WRLCK; 97 if(fcntl(fd, F_SETLK, &my_lock)) 98 DEBUG(10, ("Set WRLCK fauled.\n")); 99 else 100 DEBUG(10, ("Set WRLCK ok.\n")); 101 102 }else{ 103 DEBUG(10, ("This file locked, %d\n", fd)); 104 close(fd); //close fd. 105 fd = -1; 106 } 107 }else{ 108 DEBUG(10, ("no file exists, %d\n", fd)); 109 } 110 } 111 /* Foxconn, ended by MJ., 2010.04.09 */ 112#endif 113 114 return fd; 115} 116 117/**************************************************************************** 118 Close the file associated with a fsp. 119****************************************************************************/ 120 121int fd_close(struct connection_struct *conn, files_struct *fsp) 122{ 123 if (fsp->fd == -1) 124 return 0; /* what we used to call a stat open. */ 125 126 DEBUG(10, ("file closed, :%d\n", fsp->fd)); 127 128 return fd_close_posix(conn, fsp); 129} 130 131 132/**************************************************************************** 133 Check a filename for the pipe string. 134****************************************************************************/ 135 136static void check_for_pipe(const char *fname) 137{ 138 /* special case of pipe opens */ 139 char s[10]; 140 StrnCpy(s,fname,sizeof(s)-1); 141 strlower_m(s); 142 if (strstr(s,"pipe/")) { 143 DEBUG(3,("Rejecting named pipe open for %s\n",fname)); 144 unix_ERR_class = ERRSRV; 145 unix_ERR_code = ERRaccess; 146 unix_ERR_ntstatus = NT_STATUS_ACCESS_DENIED; 147 } 148} 149 150/**************************************************************************** 151 Open a file. 152****************************************************************************/ 153 154static BOOL open_file(files_struct *fsp,connection_struct *conn, 155 const char *fname,SMB_STRUCT_STAT *psbuf,int flags,mode_t mode, uint32 desired_access) 156{ 157 extern struct current_user current_user; 158 int accmode = (flags & O_ACCMODE); 159 int local_flags = flags; 160 161 fsp->fd = -1; 162 fsp->oplock_type = NO_OPLOCK; 163 errno = EPERM; 164 165 /* Check permissions */ 166 167 /* 168 * This code was changed after seeing a client open request 169 * containing the open mode of (DENY_WRITE/read-only) with 170 * the 'create if not exist' bit set. The previous code 171 * would fail to open the file read only on a read-only share 172 * as it was checking the flags parameter directly against O_RDONLY, 173 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT. 174 * JRA. 175 */ 176 177 if (!CAN_WRITE(conn)) { 178 /* It's a read-only share - fail if we wanted to write. */ 179 if(accmode != O_RDONLY) { 180 DEBUG(3,("Permission denied opening %s\n",fname)); 181 check_for_pipe(fname); 182 return False; 183 } else if(flags & O_CREAT) { 184 /* We don't want to write - but we must make sure that O_CREAT 185 doesn't create the file if we have write access into the 186 directory. 187 */ 188 flags &= ~O_CREAT; 189 local_flags &= ~O_CREAT; 190 } 191 } 192 193 /* 194 * This little piece of insanity is inspired by the 195 * fact that an NT client can open a file for O_RDONLY, 196 * but set the create disposition to FILE_EXISTS_TRUNCATE. 197 * If the client *can* write to the file, then it expects to 198 * truncate the file, even though it is opening for readonly. 199 * Quicken uses this stupid trick in backup file creation... 200 * Thanks *greatly* to "David W. Chapman Jr." <dwcjr@inethouston.net> 201 * for helping track this one down. It didn't bite us in 2.0.x 202 * as we always opened files read-write in that release. JRA. 203 */ 204 205 if ((accmode == O_RDONLY) && ((flags & O_TRUNC) == O_TRUNC)) { 206 DEBUG(10,("open_file: truncate requested on read-only open for file %s\n",fname )); 207 local_flags = (flags & ~O_ACCMODE)|O_RDWR; 208 } 209 210 if ((desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) || 211 (local_flags & O_CREAT) || ((local_flags & O_TRUNC) == O_TRUNC) ) { 212 213 /* 214 * We can't actually truncate here as the file may be locked. 215 * open_file_shared will take care of the truncate later. JRA. 216 */ 217 218 local_flags &= ~O_TRUNC; 219 220#if defined(O_NONBLOCK) && defined(S_ISFIFO) 221 /* 222 * We would block on opening a FIFO with no one else on the 223 * other end. Do what we used to do and add O_NONBLOCK to the 224 * open flags. JRA. 225 */ 226 227 if (VALID_STAT(*psbuf) && S_ISFIFO(psbuf->st_mode)) 228 local_flags |= O_NONBLOCK; 229#endif 230 231 /* Don't create files with Microsoft wildcard characters. */ 232 if ((local_flags & O_CREAT) && !VALID_STAT(*psbuf) && ms_has_wild(fname)) { 233 unix_ERR_class = ERRDOS; 234 unix_ERR_code = ERRinvalidname; 235 unix_ERR_ntstatus = NT_STATUS_OBJECT_NAME_INVALID; 236 return False; 237 } 238 239 /* Foxconn, ended by MJ., 2010.03.23, for locking files accessed by other programs. */ 240#if 0 241 if(accmode == O_RDONLY) 242 { 243 //smb_debug("read only."); 244 fsp->fd = fd_open(conn, fname, local_flags, mode); 245 } 246 else 247 { 248 //smb_debug("write mode."); 249 int fd = -1; 250 struct flock my_lock; 251 my_lock.l_type = F_WRLCK; 252 my_lock.l_whence = 0; 253 my_lock.l_start = 0; 254 my_lock.l_len = 0; 255 /* Foxconn, added by MJ. 2010.03.23 */ 256 //smb_debug(fname); 257 fd = open(fname, O_RDONLY); 258 if(fd >= 0) 259 { 260 int ret; 261 char buf[256]; 262 ret = fcntl(fd, F_GETLK, &my_lock); 263 if(my_lock.l_type == 2){ 264 dbgtext("unlock\n"); 265 close(fd); //close fd. 266 fsp->fd = fd_open(conn, fname, local_flags, mode); 267 } 268 else{ 269 dbgtext("locked\n"); 270 fsp->fd = -1; 271 close(fd); //close fd. 272 } 273 } 274 else{ 275 dbgtext("no file exists\n"); 276 fsp->fd = fd_open(conn, fname, local_flags, mode); 277 } 278 } 279 /* Foxconn, ended by MJ., 2010.03.23 */ 280#else 281 fsp->fd = fd_open(conn, fname, local_flags, mode); 282#endif 283 /* Actually do the open */ 284 //fsp->fd = fd_open(conn, fname, local_flags, mode); 285 if (fsp->fd == -1) { 286 DEBUG(3,("Error opening file %s (%s) (local_flags=%d) (flags=%d)\n", 287 fname,strerror(errno),local_flags,flags)); 288 check_for_pipe(fname); 289 return False; 290 } 291 292 /* Inherit the ACL if the file was created. */ 293 if ((local_flags & O_CREAT) && !VALID_STAT(*psbuf)) 294 inherit_access_acl(conn, fname, mode); 295 296 } else 297 fsp->fd = -1; /* What we used to call a stat open. */ 298 299 if (!VALID_STAT(*psbuf)) { 300 int ret; 301 302 if (fsp->fd == -1) 303 ret = SMB_VFS_STAT(conn, fname, psbuf); 304 else { 305 ret = SMB_VFS_FSTAT(fsp,fsp->fd,psbuf); 306 /* If we have an fd, this stat should succeed. */ 307 if (ret == -1) 308 DEBUG(0,("Error doing fstat on open file %s (%s)\n", fname,strerror(errno) )); 309 } 310 311 /* For a non-io open, this stat failing means file not found. JRA */ 312 if (ret == -1) { 313 fd_close(conn, fsp); 314 return False; 315 } 316 } 317 318 /* 319 * POSIX allows read-only opens of directories. We don't 320 * want to do this (we use a different code path for this) 321 * so catch a directory open and return an EISDIR. JRA. 322 */ 323 324 if(S_ISDIR(psbuf->st_mode)) { 325 fd_close(conn, fsp); 326 errno = EISDIR; 327 return False; 328 } 329 330 fsp->mode = psbuf->st_mode; 331 fsp->inode = psbuf->st_ino; 332 fsp->dev = psbuf->st_dev; 333 fsp->vuid = current_user.vuid; 334 fsp->file_pid = global_smbpid; 335 fsp->size = psbuf->st_size; 336 fsp->can_lock = True; 337 fsp->can_read = ((flags & O_WRONLY)==0); 338 fsp->can_write = ((flags & (O_WRONLY|O_RDWR))!=0); 339 fsp->share_mode = 0; 340 fsp->desired_access = desired_access; 341 fsp->print_file = False; 342 fsp->modified = False; 343 fsp->oplock_type = NO_OPLOCK; 344 fsp->sent_oplock_break = NO_BREAK_SENT; 345 fsp->is_directory = False; 346 fsp->is_stat = False; 347 fsp->directory_delete_on_close = False; 348 string_set(&fsp->fsp_name,fname); 349 fsp->wcp = NULL; /* Write cache pointer. */ 350 351 DEBUG(2,("%s opened file %s read=%s write=%s (numopen=%d)\n", 352 *current_user_info.smb_name ? current_user_info.smb_name : conn->user,fsp->fsp_name, 353 BOOLSTR(fsp->can_read), BOOLSTR(fsp->can_write), 354 conn->num_files_open + 1)); 355 356 errno = 0; 357 return True; 358} 359 360/******************************************************************* 361 Return True if the filename is one of the special executable types. 362********************************************************************/ 363 364static BOOL is_executable(const char *fname) 365{ 366 if ((fname = strrchr_m(fname,'.'))) { 367 if (strequal(fname,".com") || 368 strequal(fname,".dll") || 369 strequal(fname,".exe") || 370 strequal(fname,".sym")) { 371 return True; 372 } 373 } 374 return False; 375} 376 377enum {AFAIL,AREAD,AWRITE,AALL}; 378 379/******************************************************************* 380 Reproduce the share mode access table. 381 This is horrendoously complex, and really can't be justified on any 382 rational grounds except that this is _exactly_ what NT does. See 383 the DENY1 and DENY2 tests in smbtorture for a comprehensive set of 384 test routines. 385********************************************************************/ 386 387static int access_table(int new_deny,int old_deny,int old_mode, 388 BOOL same_pid, BOOL isexe) 389{ 390 if (new_deny == DENY_ALL || old_deny == DENY_ALL) return(AFAIL); 391 392 if (same_pid) { 393 if (isexe && old_mode == DOS_OPEN_RDONLY && 394 old_deny == DENY_DOS && new_deny == DENY_READ) { 395 return AFAIL; 396 } 397 if (!isexe && old_mode == DOS_OPEN_RDONLY && 398 old_deny == DENY_DOS && new_deny == DENY_DOS) { 399 return AREAD; 400 } 401 if (new_deny == DENY_FCB && old_deny == DENY_DOS) { 402 if (isexe) return AFAIL; 403 if (old_mode == DOS_OPEN_RDONLY) return AFAIL; 404 return AALL; 405 } 406 if (old_mode == DOS_OPEN_RDONLY && old_deny == DENY_DOS) { 407 if (new_deny == DENY_FCB || new_deny == DENY_READ) { 408 if (isexe) return AREAD; 409 return AFAIL; 410 } 411 } 412 if (old_deny == DENY_FCB) { 413 if (new_deny == DENY_DOS || new_deny == DENY_FCB) return AALL; 414 return AFAIL; 415 } 416 } 417 418 if (old_deny == DENY_DOS || new_deny == DENY_DOS || 419 old_deny == DENY_FCB || new_deny == DENY_FCB) { 420 if (isexe) { 421 if (old_deny == DENY_FCB || new_deny == DENY_FCB) { 422 return AFAIL; 423 } 424 if (old_deny == DENY_DOS) { 425 if (new_deny == DENY_READ && 426 (old_mode == DOS_OPEN_RDONLY || 427 old_mode == DOS_OPEN_RDWR)) { 428 return AFAIL; 429 } 430 if (new_deny == DENY_WRITE && 431 (old_mode == DOS_OPEN_WRONLY || 432 old_mode == DOS_OPEN_RDWR)) { 433 return AFAIL; 434 } 435 return AALL; 436 } 437 if (old_deny == DENY_NONE) return AALL; 438 if (old_deny == DENY_READ) return AWRITE; 439 if (old_deny == DENY_WRITE) return AREAD; 440 } 441 /* it isn't a exe, dll, sym or com file */ 442 if (old_deny == new_deny && same_pid) 443 return(AALL); 444 445 if (old_deny == DENY_READ || new_deny == DENY_READ) return AFAIL; 446 if (old_mode == DOS_OPEN_RDONLY) return(AREAD); 447 448 return(AFAIL); 449 } 450 451 switch (new_deny) 452 { 453 case DENY_WRITE: 454 if (old_deny==DENY_WRITE && old_mode==DOS_OPEN_RDONLY) return(AREAD); 455 if (old_deny==DENY_READ && old_mode==DOS_OPEN_RDONLY) return(AWRITE); 456 if (old_deny==DENY_NONE && old_mode==DOS_OPEN_RDONLY) return(AALL); 457 return(AFAIL); 458 case DENY_READ: 459 if (old_deny==DENY_WRITE && old_mode==DOS_OPEN_WRONLY) return(AREAD); 460 if (old_deny==DENY_READ && old_mode==DOS_OPEN_WRONLY) return(AWRITE); 461 if (old_deny==DENY_NONE && old_mode==DOS_OPEN_WRONLY) return(AALL); 462 return(AFAIL); 463 case DENY_NONE: 464 if (old_deny==DENY_WRITE) return(AREAD); 465 if (old_deny==DENY_READ) return(AWRITE); 466 if (old_deny==DENY_NONE) return(AALL); 467 return(AFAIL); 468 } 469 return(AFAIL); 470} 471 472/**************************************************************************** 473 Check if we can open a file with a share mode. 474****************************************************************************/ 475 476static BOOL check_share_mode(connection_struct *conn, share_mode_entry *share, int share_mode, uint32 desired_access, 477 const char *fname, BOOL fcbopen, int *flags) 478{ 479 int deny_mode = GET_DENY_MODE(share_mode); 480 int old_open_mode = GET_OPEN_MODE(share->share_mode); 481 int old_deny_mode = GET_DENY_MODE(share->share_mode); 482 BOOL non_io_open_request; 483 BOOL non_io_open_existing; 484 485 /* 486 * share modes = false means don't bother to check for 487 * DENY mode conflict. This is a *really* bad idea :-). JRA. 488 */ 489 490 if(!lp_share_modes(SNUM(conn))) 491 return True; 492 493 if (desired_access & ~(SYNCHRONIZE_ACCESS|READ_CONTROL_ACCESS|FILE_READ_ATTRIBUTES|FILE_WRITE_ATTRIBUTES)) { 494 non_io_open_request = False; 495 } else { 496 non_io_open_request = True; 497 } 498 499 if (share->desired_access & ~(SYNCHRONIZE_ACCESS|READ_CONTROL_ACCESS|FILE_READ_ATTRIBUTES|FILE_WRITE_ATTRIBUTES)) { 500 non_io_open_existing = False; 501 } else { 502 non_io_open_existing = True; 503 } 504 505 /* 506 * Don't allow any opens once the delete on close flag has been 507 * set. 508 */ 509 510 if (GET_DELETE_ON_CLOSE_FLAG(share->share_mode)) { 511 DEBUG(5,("check_share_mode: Failing open on file %s as delete on close flag is set.\n", 512 fname )); 513 /* Use errno to map to correct error. */ 514 unix_ERR_class = SMB_SUCCESS; 515 unix_ERR_code = 0; 516 unix_ERR_ntstatus = NT_STATUS_OK; 517 return False; 518 } 519 520 /* this is a nasty hack, but necessary until we rewrite our open 521 handling to use a NTCreateX call as the basic call. 522 NT may open a file with neither read nor write access, and in 523 this case it expects the open not to conflict with any 524 existing deny modes. This happens (for example) during a 525 "xcopy /o" where the second file descriptor is used for 526 ACL sets 527 (tridge) 528 */ 529 530 /* 531 * This is a bit wierd - the test for desired access not having the 532 * critical bits seems seems odd. Firstly, if both opens have no 533 * critical bits then always ignore. Then check the "allow delete" 534 * then check for either. This probably isn't quite right yet but 535 * gets us much closer. JRA. 536 */ 537 538 /* 539 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE 540 * and the existing desired_acces then share modes don't conflict. 541 */ 542 543 if (non_io_open_request && non_io_open_existing) { 544 545 /* 546 * Wrinkle discovered by smbtorture.... 547 * If both are non-io open and requester is asking for delete and current open has delete access 548 * but neither open has allowed file share delete then deny.... this is very strange and 549 * seems to be the only case in which non-io opens conflict. JRA. 550 */ 551 552 if ((desired_access & DELETE_ACCESS) && (share->desired_access & DELETE_ACCESS) && 553 (!GET_ALLOW_SHARE_DELETE(share->share_mode) || !GET_ALLOW_SHARE_DELETE(share_mode))) { 554 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requests conflict.\n", 555 fname )); 556 unix_ERR_class = ERRDOS; 557 unix_ERR_code = ERRbadshare; 558 unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; 559 560 return False; 561 } 562 563 DEBUG(5,("check_share_mode: Allowing open on file %s as both desired access (0x%x) \ 564and existing desired access (0x%x) are non-data opens\n", 565 fname, (unsigned int)desired_access, (unsigned int)share->desired_access )); 566 return True; 567 } else if (non_io_open_request || non_io_open_existing) { 568 /* 569 * If either are non-io opens then share modes don't conflict. 570 */ 571 DEBUG(5,("check_share_mode: One non-io open. Allowing open on file %s as desired access (0x%x) doesn't conflict with\ 572existing desired access (0x%x).\n", fname, (unsigned int)desired_access, (unsigned int)share->desired_access )); 573 return True; 574 } 575 576 /* 577 * If delete access was requested and the existing share mode doesn't have 578 * ALLOW_SHARE_DELETE then deny. 579 */ 580 581 if ((desired_access & DELETE_ACCESS) && !GET_ALLOW_SHARE_DELETE(share->share_mode)) { 582 DEBUG(5,("check_share_mode: Failing open on file %s as delete access requested and allow share delete not set.\n", 583 fname )); 584 unix_ERR_class = ERRDOS; 585 unix_ERR_code = ERRbadshare; 586 unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; 587 588 return False; 589 } 590 591 /* 592 * The inverse of the above. 593 * If delete access was granted and the new share mode doesn't have 594 * ALLOW_SHARE_DELETE then deny. 595 */ 596 597 if ((share->desired_access & DELETE_ACCESS) && !GET_ALLOW_SHARE_DELETE(share_mode)) { 598 DEBUG(5,("check_share_mode: Failing open on file %s as delete access granted and allow share delete not requested.\n", 599 fname )); 600 unix_ERR_class = ERRDOS; 601 unix_ERR_code = ERRbadshare; 602 unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; 603 return False; 604 } 605 606#if 0 607 /* Bluarc test may need this ... needs further investigation. */ 608 if (deny_mode == DENY_ALL || old_deny_mode == DENY_ALL) { 609 unix_ERR_class = ERRDOS; 610 unix_ERR_code = ERRbadshare; 611 unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; 612 return False; 613 } 614#endif 615 616 /* 617 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA or EXECUTE 618 * then share modes don't conflict. Likewise with existing desired access. 619 */ 620 621 if ( !(desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) || 622 !(share->desired_access & (FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) { 623 DEBUG(5,("check_share_mode: Allowing open on file %s as desired access (0x%x) doesn't conflict with \ 624existing desired access (0x%x).\n", fname, (unsigned int)desired_access, (unsigned int)share->desired_access )); 625 return True; 626 } 627 628 { 629 int access_allowed = access_table(deny_mode,old_deny_mode,old_open_mode, 630 (share->pid == sys_getpid()),is_executable(fname)); 631 632 if ((access_allowed == AFAIL) || 633 (!fcbopen && (access_allowed == AREAD && *flags == O_RDWR)) || 634 (access_allowed == AREAD && *flags != O_RDONLY) || 635 (access_allowed == AWRITE && *flags != O_WRONLY)) { 636 637 DEBUG(2,("Share violation on file (%d,%d,%d,%d,%s,fcbopen = %d, flags = %d) = %d\n", 638 deny_mode,old_deny_mode,old_open_mode, 639 (int)share->pid,fname, fcbopen, *flags, access_allowed)); 640 641 unix_ERR_class = ERRDOS; 642 unix_ERR_code = ERRbadshare; 643 unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; 644 645 return False; 646 } 647 648 if (access_allowed == AREAD) 649 *flags = O_RDONLY; 650 651 if (access_allowed == AWRITE) 652 *flags = O_WRONLY; 653 654 } 655 656 return True; 657} 658 659 660#if defined(DEVELOPER) 661static void validate_my_share_entries(int num, share_mode_entry *share_entry) 662{ 663 files_struct *fsp; 664 665 if (share_entry->pid != sys_getpid()) 666 return; 667 668 fsp = file_find_dif(share_entry->dev, share_entry->inode, share_entry->share_file_id); 669 if (!fsp) { 670 DEBUG(0,("validate_my_share_entries: PANIC : %s\n", share_mode_str(num, share_entry) )); 671 smb_panic("validate_my_share_entries: Cannot match a share entry with an open file\n"); 672 } 673 674 if (((uint16)fsp->oplock_type) != share_entry->op_type) { 675 pstring str; 676 DEBUG(0,("validate_my_share_entries: PANIC : %s\n", share_mode_str(num, share_entry) )); 677 slprintf(str, sizeof(str)-1, "validate_my_share_entries: file %s, oplock_type = 0x%x, op_type = 0x%x\n", 678 fsp->fsp_name, (unsigned int)fsp->oplock_type, (unsigned int)share_entry->op_type ); 679 smb_panic(str); 680 } 681} 682#endif 683 684struct share_mode_entry_list { 685 struct share_mode_entry_list *next, *prev; 686 share_mode_entry entry; 687}; 688 689static void free_broken_entry_list(struct share_mode_entry_list *broken_entry_list) 690{ 691 while (broken_entry_list) { 692 struct share_mode_entry_list *broken_entry = broken_entry_list; 693 DLIST_REMOVE(broken_entry_list, broken_entry); 694 SAFE_FREE(broken_entry); 695 } 696} 697 698/**************************************************************************** 699 Deal with open deny mode and oplock break processing. 700 Invarient: Share mode must be locked on entry and exit. 701 Returns -1 on error, or number of share modes on success (may be zero). 702****************************************************************************/ 703 704static int open_mode_check(connection_struct *conn, const char *fname, SMB_DEV_T dev, 705 SMB_INO_T inode, 706 uint32 desired_access, 707 int share_mode, int *p_flags, int *p_oplock_request, 708 BOOL *p_all_current_opens_are_level_II) 709{ 710 int i; 711 int num_share_modes; 712 int oplock_contention_count = 0; 713 share_mode_entry *old_shares = NULL; 714 BOOL fcbopen = False; 715 BOOL broke_oplock; 716 717 if(GET_OPEN_MODE(share_mode) == DOS_OPEN_FCB) 718 fcbopen = True; 719 720 num_share_modes = get_share_modes(conn, dev, inode, &old_shares); 721 722 if(num_share_modes == 0) { 723 SAFE_FREE(old_shares); 724 return 0; 725 } 726 727 if (desired_access && ((desired_access & ~(SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|FILE_WRITE_ATTRIBUTES))==0) && 728 ((desired_access & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|FILE_WRITE_ATTRIBUTES)) != 0)) { 729 /* Stat open that doesn't trigger oplock breaks or share mode checks... ! JRA. */ 730 SAFE_FREE(old_shares); 731 return num_share_modes; 732 } 733 734 /* 735 * Check if the share modes will give us access. 736 */ 737 738 do { 739 struct share_mode_entry_list *broken_entry_list = NULL; 740 struct share_mode_entry_list *broken_entry = NULL; 741 742 broke_oplock = False; 743 *p_all_current_opens_are_level_II = True; 744 745 for(i = 0; i < num_share_modes; i++) { 746 BOOL cause_oplock_break = False; 747 share_mode_entry *share_entry = &old_shares[i]; 748 749#if defined(DEVELOPER) 750 validate_my_share_entries(i, share_entry); 751#endif 752 753 /* 754 * By observation of NetBench, oplocks are broken *before* share 755 * modes are checked. This allows a file to be closed by the client 756 * if the share mode would deny access and the client has an oplock. 757 * Check if someone has an oplock on this file. If so we must break 758 * it before continuing. 759 */ 760 761 /* Was this a delete this file request ? */ 762 if (!*p_oplock_request && desired_access == DELETE_ACCESS && 763 !BATCH_OPLOCK_TYPE(share_entry->op_type)) { 764 /* Don't break the oplock in this case. */ 765 cause_oplock_break = False; 766 } else if((*p_oplock_request && EXCLUSIVE_OPLOCK_TYPE(share_entry->op_type)) || 767 (!*p_oplock_request && (share_entry->op_type != NO_OPLOCK))) { 768 cause_oplock_break = True; 769 } 770 771 if(cause_oplock_break) { 772 BOOL opb_ret; 773 774 DEBUG(5,("open_mode_check: oplock_request = %d, breaking oplock (%x) on file %s, \ 775dev = %x, inode = %.0f\n", *p_oplock_request, share_entry->op_type, fname, (unsigned int)dev, (double)inode)); 776 777 /* Ensure the reply for the open uses the correct sequence number. */ 778 /* This isn't a real deferred packet as it's response will also increment 779 * the sequence. 780 */ 781 srv_defer_sign_response(get_current_mid()); 782 783 /* Oplock break - unlock to request it. */ 784 unlock_share_entry(conn, dev, inode); 785 786 opb_ret = request_oplock_break(share_entry); 787 788 /* Now relock. */ 789 lock_share_entry(conn, dev, inode); 790 791 if(opb_ret == False) { 792 DEBUG(0,("open_mode_check: FAILED when breaking oplock (%x) on file %s, \ 793dev = %x, inode = %.0f\n", old_shares[i].op_type, fname, (unsigned int)dev, (double)inode)); 794 SAFE_FREE(old_shares); 795 errno = EACCES; 796 unix_ERR_class = ERRDOS; 797 unix_ERR_code = ERRbadshare; 798 unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; 799 return -1; 800 } 801 802 broken_entry = SMB_MALLOC_P(struct share_mode_entry_list); 803 if (!broken_entry) { 804 smb_panic("open_mode_check: malloc fail.\n"); 805 } 806 broken_entry->entry = *share_entry; 807 DLIST_ADD(broken_entry_list, broken_entry); 808 broke_oplock = True; 809 810 } else if (!LEVEL_II_OPLOCK_TYPE(share_entry->op_type)) { 811 *p_all_current_opens_are_level_II = False; 812 } 813 } /* end for */ 814 815 if (broke_oplock) { 816 /* Update the current open table. */ 817 SAFE_FREE(old_shares); 818 num_share_modes = get_share_modes(conn, dev, inode, &old_shares); 819 } 820 821 /* Now we check the share modes, after any oplock breaks. */ 822 for(i = 0; i < num_share_modes; i++) { 823 share_mode_entry *share_entry = &old_shares[i]; 824 825 /* someone else has a share lock on it, check to see if we can too */ 826 if (!check_share_mode(conn, share_entry, share_mode, desired_access, 827 fname, fcbopen, p_flags)) { 828 SAFE_FREE(old_shares); 829 free_broken_entry_list(broken_entry_list); 830 errno = EACCES; 831 return -1; 832 } 833 } 834 835 for(broken_entry = broken_entry_list; broken_entry; broken_entry = broken_entry->next) { 836 oplock_contention_count++; 837 838 /* Paranoia check that this is no longer an exlusive entry. */ 839 for(i = 0; i < num_share_modes; i++) { 840 share_mode_entry *share_entry = &old_shares[i]; 841 842 if (share_modes_identical(&broken_entry->entry, share_entry) && 843 EXCLUSIVE_OPLOCK_TYPE(share_entry->op_type) ) { 844 845 /* 846 * This should not happen. The target left this oplock 847 * as exlusive.... The process *must* be dead.... 848 */ 849 850 DEBUG(0,("open_mode_check: exlusive oplock left by process %d \ 851after break ! For file %s, dev = %x, inode = %.0f. Deleting it to continue...\n", 852 (int)broken_entry->entry.pid, fname, (unsigned int)dev, (double)inode)); 853 854 if (process_exists(broken_entry->entry.pid)) { 855 DEBUG(0,("open_mode_check: Existent process %lu left active oplock.\n", 856 (unsigned long)broken_entry->entry.pid )); 857 } 858 859 if (del_share_entry(dev, inode, &broken_entry->entry, NULL) == -1) { 860 free_broken_entry_list(broken_entry_list); 861 errno = EACCES; 862 unix_ERR_class = ERRDOS; 863 unix_ERR_code = ERRbadshare; 864 unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; 865 return -1; 866 } 867 868 /* 869 * We must reload the share modes after deleting the 870 * other process's entry. 871 */ 872 873 SAFE_FREE(old_shares); 874 num_share_modes = get_share_modes(conn, dev, inode, &old_shares); 875 break; 876 } 877 } /* end for paranoia... */ 878 } /* end for broken_entry */ 879 free_broken_entry_list(broken_entry_list); 880 } while(broke_oplock); 881 882 /* 883 * Refuse to grant an oplock in case the contention limit is 884 * reached when going through the lock list multiple times. 885 */ 886 887 if(oplock_contention_count >= lp_oplock_contention_limit(SNUM(conn))) { 888 *p_oplock_request = 0; 889 DEBUG(4,("open_mode_check: oplock contention = %d. Not granting oplock.\n", 890 oplock_contention_count )); 891 } 892 893 SAFE_FREE(old_shares); 894 return num_share_modes; 895} 896 897/**************************************************************************** 898 Delete the record for a handled deferred open entry. 899****************************************************************************/ 900 901static void delete_defered_open_entry_record(connection_struct *conn, SMB_DEV_T dev, SMB_INO_T inode) 902{ 903 uint16 mid = get_current_mid(); 904 pid_t mypid = sys_getpid(); 905 deferred_open_entry *de_array = NULL; 906 int num_de_entries, i; 907 908 if (!lp_defer_sharing_violations()) { 909 return; 910 } 911 912 num_de_entries = get_deferred_opens(conn, dev, inode, &de_array); 913 for (i = 0; i < num_de_entries; i++) { 914 deferred_open_entry *entry = &de_array[i]; 915 if (entry->pid == mypid && entry->mid == mid && entry->dev == dev && 916 entry->inode == inode) { 917 918 /* Remove the deferred open entry from the array. */ 919 delete_deferred_open_entry(entry); 920 SAFE_FREE(de_array); 921 return; 922 } 923 } 924 SAFE_FREE(de_array); 925} 926 927/**************************************************************************** 928 Handle the 1 second delay in returning a SHARING_VIOLATION error. 929****************************************************************************/ 930 931void defer_open_sharing_error(connection_struct *conn, struct timeval *ptv, 932 char *fname, SMB_DEV_T dev, SMB_INO_T inode) 933{ 934 uint16 mid = get_current_mid(); 935 pid_t mypid = sys_getpid(); 936 deferred_open_entry *de_array = NULL; 937 int num_de_entries, i; 938 struct dev_inode_bundle dib; 939 940 if (!lp_defer_sharing_violations()) { 941 return; 942 } 943 944 dib.dev = dev; 945 dib.inode = inode; 946 947 num_de_entries = get_deferred_opens(conn, dev, inode, &de_array); 948 for (i = 0; i < num_de_entries; i++) { 949 deferred_open_entry *entry = &de_array[i]; 950 if (entry->pid == mypid && entry->mid == mid) { 951 /* 952 * Check if a 1 second timeout has expired. 953 */ 954 if (usec_time_diff(ptv, &entry->time) > SHARING_VIOLATION_USEC_WAIT) { 955 DEBUG(10,("defer_open_sharing_error: Deleting deferred open entry for mid %u, \ 956file %s\n", 957 (unsigned int)mid, fname )); 958 959 /* Expired, return a real error. */ 960 /* Remove the deferred open entry from the array. */ 961 962 delete_deferred_open_entry(entry); 963 SAFE_FREE(de_array); 964 return; 965 } 966 /* 967 * If the timeout hasn't expired yet and we still have a sharing violation, 968 * just leave the entry in the deferred open array alone. We do need to 969 * reschedule this open call though (with the original created time). 970 */ 971 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] updating \ 972deferred open entry for mid %u, file %s\n", 973 (unsigned int)entry->time.tv_sec, 974 (unsigned int)entry->time.tv_usec, 975 (unsigned int)mid, fname )); 976 977 push_sharing_violation_open_smb_message(&entry->time, (char *)&dib, sizeof(dib)); 978 SAFE_FREE(de_array); 979 return; 980 } 981 } 982 983 DEBUG(10,("defer_open_sharing_error: time [%u.%06u] adding deferred open entry for mid %u, file %s\n", 984 (unsigned int)ptv->tv_sec, (unsigned int)ptv->tv_usec, (unsigned int)mid, fname )); 985 986 if (!push_sharing_violation_open_smb_message(ptv, (char *)&dib, sizeof(dib))) { 987 SAFE_FREE(de_array); 988 return; 989 } 990 if (!add_deferred_open(mid, ptv, dev, inode, global_oplock_port, fname)) { 991 remove_sharing_violation_open_smb_message(mid); 992 } 993 994 /* 995 * Push the MID of this packet on the signing queue. 996 * We only do this once, the first time we push the packet 997 * onto the deferred open queue, as this has a side effect 998 * of incrementing the response sequence number. 999 */ 1000 1001 srv_defer_sign_response(mid); 1002 1003 SAFE_FREE(de_array); 1004} 1005 1006/**************************************************************************** 1007 Set a kernel flock on a file for NFS interoperability. 1008 This requires a patch to Linux. 1009****************************************************************************/ 1010 1011static void kernel_flock(files_struct *fsp, int deny_mode) 1012{ 1013#if HAVE_KERNEL_SHARE_MODES 1014 int kernel_mode = 0; 1015 if (deny_mode == DENY_READ) kernel_mode = LOCK_MAND|LOCK_WRITE; 1016 else if (deny_mode == DENY_WRITE) kernel_mode = LOCK_MAND|LOCK_READ; 1017 else if (deny_mode == DENY_ALL) kernel_mode = LOCK_MAND; 1018 if (kernel_mode) flock(fsp->fd, kernel_mode); 1019#endif 1020 ;; 1021} 1022 1023 1024static BOOL open_match_attributes(connection_struct *conn, const char *path, uint32 old_dos_mode, uint32 new_dos_mode, 1025 mode_t existing_mode, mode_t new_mode, mode_t *returned_mode) 1026{ 1027 uint32 noarch_old_dos_mode, noarch_new_dos_mode; 1028 1029 noarch_old_dos_mode = (old_dos_mode & ~FILE_ATTRIBUTE_ARCHIVE); 1030 noarch_new_dos_mode = (new_dos_mode & ~FILE_ATTRIBUTE_ARCHIVE); 1031 1032 if((noarch_old_dos_mode == 0 && noarch_new_dos_mode != 0) || 1033 (noarch_old_dos_mode != 0 && ((noarch_old_dos_mode & noarch_new_dos_mode) == noarch_old_dos_mode))) 1034 *returned_mode = new_mode; 1035 else 1036 *returned_mode = (mode_t)0; 1037 1038 DEBUG(10,("open_match_attributes: file %s old_dos_mode = 0x%x, existing_mode = 0%o, new_dos_mode = 0x%x returned_mode = 0%o\n", 1039 path, 1040 old_dos_mode, (unsigned int)existing_mode, new_dos_mode, (unsigned int)*returned_mode )); 1041 1042 /* If we're mapping SYSTEM and HIDDEN ensure they match. */ 1043 if (lp_map_system(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) { 1044 if ((old_dos_mode & FILE_ATTRIBUTE_SYSTEM) && !(new_dos_mode & FILE_ATTRIBUTE_SYSTEM)) 1045 return False; 1046 } 1047 if (lp_map_hidden(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) { 1048 if ((old_dos_mode & FILE_ATTRIBUTE_HIDDEN) && !(new_dos_mode & FILE_ATTRIBUTE_HIDDEN)) 1049 return False; 1050 } 1051 return True; 1052} 1053 1054/**************************************************************************** 1055 Open a file with a share mode. 1056****************************************************************************/ 1057 1058files_struct *open_file_shared(connection_struct *conn,char *fname, SMB_STRUCT_STAT *psbuf, 1059 int share_mode,int ofun, uint32 new_dos_mode, int oplock_request, 1060 int *Access,int *action) 1061{ 1062 return open_file_shared1(conn, fname, psbuf, 0, share_mode, ofun, new_dos_mode, 1063 oplock_request, Access, action); 1064} 1065 1066/**************************************************************************** 1067 Open a file with a share mode. 1068****************************************************************************/ 1069 1070files_struct *open_file_shared1(connection_struct *conn,char *fname, SMB_STRUCT_STAT *psbuf, 1071 uint32 desired_access, 1072 int share_mode,int ofun, uint32 new_dos_mode, 1073 int oplock_request, 1074 int *Access,int *paction) 1075{ 1076 int flags=0; 1077 int flags2=0; 1078 int deny_mode = GET_DENY_MODE(share_mode); 1079 BOOL allow_share_delete = GET_ALLOW_SHARE_DELETE(share_mode); 1080 BOOL delete_on_close = GET_DELETE_ON_CLOSE_FLAG(share_mode); 1081 BOOL file_existed = VALID_STAT(*psbuf); 1082 BOOL fcbopen = False; 1083 BOOL def_acl = False; 1084 BOOL add_share_mode = True; 1085 BOOL internal_only_open = False; 1086 SMB_DEV_T dev = 0; 1087 SMB_INO_T inode = 0; 1088 int num_share_modes = 0; 1089 BOOL all_current_opens_are_level_II = False; 1090 BOOL fsp_open = False; 1091 files_struct *fsp = NULL; 1092 int open_mode=0; 1093 uint16 port = 0; 1094 mode_t new_mode = (mode_t)0; 1095 int action; 1096 uint32 existing_dos_mode = 0; 1097 struct pending_message_list *pml = NULL; 1098 uint16 mid = get_current_mid(); 1099 /* We add aARCH to this as this mode is only used if the file is created new. */ 1100 mode_t mode = unix_mode(conn,new_dos_mode | aARCH,fname, True); 1101 1102 if (oplock_request == INTERNAL_OPEN_ONLY) { 1103 internal_only_open = True; 1104 oplock_request = 0; 1105 } 1106 1107 if ((pml = get_open_deferred_message(mid)) != NULL) { 1108 struct dev_inode_bundle dib; 1109 1110 memcpy(&dib, pml->private_data.data, sizeof(dib)); 1111 1112 /* There could be a race condition where the dev/inode pair 1113 has changed since we deferred the message. If so, just 1114 remove the deferred open entry and return sharing violation. */ 1115 1116 /* If the timeout value is non-zero, we need to just 1117 return sharing violation. Don't retry the open 1118 as we were not notified of a close and we don't want to 1119 trigger another spurious oplock break. */ 1120 1121 if (!file_existed || dib.dev != psbuf->st_dev || dib.inode != psbuf->st_ino || 1122 pml->msg_time.tv_sec || pml->msg_time.tv_usec) { 1123 /* Ensure we don't reprocess this message. */ 1124 remove_sharing_violation_open_smb_message(mid); 1125 1126 /* Now remove the deferred open entry under lock. */ 1127 lock_share_entry(conn, dib.dev, dib.inode); 1128 delete_defered_open_entry_record(conn, dib.dev, dib.inode); 1129 unlock_share_entry(conn, dib.dev, dib.inode); 1130 1131 unix_ERR_class = ERRDOS; 1132 unix_ERR_code = ERRbadshare; 1133 unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; 1134 return NULL; 1135 } 1136 /* Ensure we don't reprocess this message. */ 1137 remove_sharing_violation_open_smb_message(mid); 1138 1139 } 1140 1141 if (conn->printer) { 1142 /* printers are handled completely differently. Most of the passed parameters are 1143 ignored */ 1144 if (Access) 1145 *Access = DOS_OPEN_WRONLY; 1146 if (paction) 1147 *paction = FILE_WAS_CREATED; 1148 return print_fsp_open(conn, fname); 1149 } 1150 1151 fsp = file_new(conn); 1152 if(!fsp) 1153 return NULL; 1154 1155 DEBUG(10,("open_file_shared: fname = %s, dos_attrs = %x, share_mode = %x, ofun = %x, mode = %o, oplock request = %d\n", 1156 fname, new_dos_mode, share_mode, ofun, (int)mode, oplock_request )); 1157 1158 if (!check_name(fname,conn)) { 1159 file_free(fsp); 1160 return NULL; 1161 } 1162 1163 new_dos_mode &= SAMBA_ATTRIBUTES_MASK; 1164 if (file_existed) { 1165 existing_dos_mode = dos_mode(conn, fname, psbuf); 1166 } 1167 1168 /* ignore any oplock requests if oplocks are disabled */ 1169 if (!lp_oplocks(SNUM(conn)) || global_client_failed_oplock_break) { 1170 oplock_request = 0; 1171 } 1172 1173 /* this is for OS/2 long file names - say we don't support them */ 1174 if (strstr(fname,".+,;=[].")) { 1175 unix_ERR_class = ERRDOS; 1176 /* OS/2 Workplace shell fix may be main code stream in a later release. */ 1177 unix_ERR_code = ERRcannotopen; 1178 unix_ERR_ntstatus = NT_STATUS_OBJECT_NAME_NOT_FOUND; 1179 DEBUG(5,("open_file_shared: OS/2 long filenames are not supported.\n")); 1180 /* need to reset errno or DEVELOPER will cause us to coredump */ 1181 errno = 0; 1182 file_free(fsp); 1183 return NULL; 1184 } 1185 1186 if ((GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_FAIL) && file_existed) { 1187 DEBUG(5,("open_file_shared: create new requested for file %s and file already exists.\n", 1188 fname )); 1189 file_free(fsp); 1190 if (S_ISDIR(psbuf->st_mode)) { 1191 errno = EISDIR; 1192 } else { 1193 errno = EEXIST; 1194 } 1195 return NULL; 1196 } 1197 1198 if (CAN_WRITE(conn) && (GET_FILE_CREATE_DISPOSITION(ofun) == FILE_CREATE_IF_NOT_EXIST)) 1199 flags2 |= O_CREAT; 1200 1201 if (CAN_WRITE(conn) && (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_TRUNCATE)) 1202 flags2 |= O_TRUNC; 1203 1204 /* We only care about matching attributes on file exists and truncate. */ 1205 if (file_existed && (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_TRUNCATE)) { 1206 if (!open_match_attributes(conn, fname, existing_dos_mode, new_dos_mode, 1207 psbuf->st_mode, mode, &new_mode)) { 1208 DEBUG(5,("open_file_shared: attributes missmatch for file %s (%x %x) (0%o, 0%o)\n", 1209 fname, existing_dos_mode, new_dos_mode, 1210 (int)psbuf->st_mode, (int)mode )); 1211 file_free(fsp); 1212 errno = EACCES; 1213 return NULL; 1214 } 1215 } 1216 1217 if (GET_FILE_OPEN_DISPOSITION(ofun) == FILE_EXISTS_FAIL) 1218 flags2 |= O_EXCL; 1219 1220 /* note that we ignore the append flag as 1221 append does not mean the same thing under dos and unix */ 1222 1223 switch (GET_OPEN_MODE(share_mode)) { 1224 case DOS_OPEN_WRONLY: 1225 flags = O_WRONLY; 1226 if (desired_access == 0) 1227 desired_access = FILE_WRITE_DATA; 1228 break; 1229 case DOS_OPEN_FCB: 1230 fcbopen = True; 1231 flags = O_RDWR; 1232 if (desired_access == 0) 1233 desired_access = FILE_READ_DATA|FILE_WRITE_DATA; 1234 break; 1235 case DOS_OPEN_RDWR: 1236 flags = O_RDWR; 1237 if (desired_access == 0) 1238 desired_access = FILE_READ_DATA|FILE_WRITE_DATA; 1239 break; 1240 default: 1241 flags = O_RDONLY; 1242 if (desired_access == 0) 1243 desired_access = FILE_READ_DATA; 1244 break; 1245 } 1246 1247#if defined(O_SYNC) 1248 if (GET_FILE_SYNC_OPENMODE(share_mode)) { 1249 flags2 |= O_SYNC; 1250 } 1251#endif /* O_SYNC */ 1252 1253 if (flags != O_RDONLY && file_existed && 1254 (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_mode))) { 1255 if (!fcbopen) { 1256 DEBUG(5,("open_file_shared: read/write access requested for file %s on read only %s\n", 1257 fname, !CAN_WRITE(conn) ? "share" : "file" )); 1258 file_free(fsp); 1259 errno = EACCES; 1260 return NULL; 1261 } 1262 flags = O_RDONLY; 1263 } 1264 1265 if (deny_mode > DENY_NONE && deny_mode!=DENY_FCB) { 1266 DEBUG(2,("Invalid deny mode %d on file %s\n",deny_mode,fname)); 1267 file_free(fsp); 1268 errno = EINVAL; 1269 return NULL; 1270 } 1271 1272 if (desired_access && ((desired_access & ~(SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|FILE_WRITE_ATTRIBUTES))==0) && 1273 ((desired_access & (SYNCHRONIZE_ACCESS|FILE_READ_ATTRIBUTES|FILE_WRITE_ATTRIBUTES)) != 0)) { 1274 /* Stat open that doesn't trigger oplock breaks or share mode checks... ! JRA. */ 1275 deny_mode = DENY_NONE; 1276 if (file_existed) { 1277 oplock_request = 0; 1278 add_share_mode = False; 1279 flags2 &= ~O_CREAT; 1280 } 1281 } 1282 1283 if (file_existed) { 1284 1285 dev = psbuf->st_dev; 1286 inode = psbuf->st_ino; 1287 1288 lock_share_entry(conn, dev, inode); 1289 1290 num_share_modes = open_mode_check(conn, fname, dev, inode, 1291 desired_access, 1292 share_mode, 1293 &flags, &oplock_request, &all_current_opens_are_level_II); 1294 if(num_share_modes == -1) { 1295 1296 /* 1297 * This next line is a subtlety we need for MS-Access. If a file open will 1298 * fail due to share permissions and also for security (access) 1299 * reasons, we need to return the access failed error, not the 1300 * share error. This means we must attempt to open the file anyway 1301 * in order to get the UNIX access error - even if we're going to 1302 * fail the open for share reasons. This is bad, as we're burning 1303 * another fd if there are existing locks but there's nothing else 1304 * we can do. We also ensure we're not going to create or tuncate 1305 * the file as we only want an access decision at this stage. JRA. 1306 */ 1307 errno = 0; 1308 fsp_open = open_file(fsp,conn,fname,psbuf, 1309 flags|(flags2&~(O_TRUNC|O_CREAT)),mode,desired_access); 1310 1311 DEBUG(4,("open_file_shared : share_mode deny - calling open_file with \ 1312flags=0x%X flags2=0x%X mode=0%o returned %d\n", 1313 flags,(flags2&~(O_TRUNC|O_CREAT)),(int)mode,(int)fsp_open )); 1314 1315 if (!fsp_open && errno) { 1316 unix_ERR_class = ERRDOS; 1317 unix_ERR_code = ERRnoaccess; 1318 unix_ERR_ntstatus = NT_STATUS_ACCESS_DENIED; 1319 } 1320 1321 /* 1322 * If we're returning a share violation, ensure we cope with 1323 * the braindead 1 second delay. 1324 */ 1325 1326 if (!internal_only_open && NT_STATUS_EQUAL(unix_ERR_ntstatus,NT_STATUS_SHARING_VIOLATION)) { 1327 /* The fsp->open_time here represents the current time of day. */ 1328 defer_open_sharing_error(conn, &fsp->open_time, fname, dev, inode); 1329 } 1330 1331 unlock_share_entry(conn, dev, inode); 1332 if (fsp_open) { 1333 fd_close(conn, fsp); 1334 /* 1335 * We have detected a sharing violation here 1336 * so return the correct error code 1337 */ 1338 unix_ERR_class = ERRDOS; 1339 unix_ERR_code = ERRbadshare; 1340 unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; 1341 } 1342 file_free(fsp); 1343 return NULL; 1344 } 1345 1346 /* 1347 * We exit this block with the share entry *locked*..... 1348 */ 1349 } 1350 1351 /* 1352 * Ensure we pay attention to default ACLs on directories if required. 1353 */ 1354 1355 if ((flags2 & O_CREAT) && lp_inherit_acls(SNUM(conn)) && 1356 (def_acl = directory_has_default_acl(conn, parent_dirname(fname)))) 1357 mode = 0777; 1358 1359 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o\n", 1360 flags,flags2,(int)mode)); 1361 1362 /* 1363 * open_file strips any O_TRUNC flags itself. 1364 */ 1365 1366 fsp_open = open_file(fsp,conn,fname,psbuf,flags|flags2,mode,desired_access); 1367 1368 if (!fsp_open && (flags == O_RDWR) && (errno != ENOENT) && fcbopen) { 1369 if((fsp_open = open_file(fsp,conn,fname,psbuf,O_RDONLY,mode,desired_access)) == True) 1370 flags = O_RDONLY; 1371 } 1372 1373 if (!fsp_open) { 1374 if(file_existed) 1375 unlock_share_entry(conn, dev, inode); 1376 file_free(fsp); 1377 return NULL; 1378 } 1379 1380 /* 1381 * Deal with the race condition where two smbd's detect the file doesn't 1382 * exist and do the create at the same time. One of them will win and 1383 * set a share mode, the other (ie. this one) should check if the 1384 * requested share mode for this create is allowed. 1385 */ 1386 1387 if (!file_existed) { 1388 1389 /* 1390 * Now the file exists and fsp is successfully opened, 1391 * fsp->dev and fsp->inode are valid and should replace the 1392 * dev=0,inode=0 from a non existent file. Spotted by 1393 * Nadav Danieli <nadavd@exanet.com>. JRA. 1394 */ 1395 1396 dev = fsp->dev; 1397 inode = fsp->inode; 1398 1399 lock_share_entry_fsp(fsp); 1400 1401 num_share_modes = open_mode_check(conn, fname, dev, inode, 1402 desired_access, 1403 share_mode, 1404 &flags, &oplock_request, &all_current_opens_are_level_II); 1405 1406 if(num_share_modes == -1) { 1407 /* 1408 * If we're returning a share violation, ensure we cope with 1409 * the braindead 1 second delay. 1410 */ 1411 1412 if (!internal_only_open && NT_STATUS_EQUAL(unix_ERR_ntstatus,NT_STATUS_SHARING_VIOLATION)) { 1413 /* The fsp->open_time here represents the current time of day. */ 1414 defer_open_sharing_error(conn, &fsp->open_time, fname, dev, inode); 1415 } 1416 1417 unlock_share_entry_fsp(fsp); 1418 fd_close(conn,fsp); 1419 file_free(fsp); 1420 /* 1421 * We have detected a sharing violation here, so 1422 * return the correct code. 1423 */ 1424 unix_ERR_class = ERRDOS; 1425 unix_ERR_code = ERRbadshare; 1426 unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION; 1427 return NULL; 1428 } 1429 1430 /* 1431 * If there are any share modes set then the file *did* 1432 * exist. Ensure we return the correct value for action. 1433 */ 1434 1435 if (num_share_modes > 0) 1436 file_existed = True; 1437 1438 /* 1439 * We exit this block with the share entry *locked*..... 1440 */ 1441 } 1442 1443 /* note that we ignore failure for the following. It is 1444 basically a hack for NFS, and NFS will never set one of 1445 these only read them. Nobody but Samba can ever set a deny 1446 mode and we have already checked our more authoritative 1447 locking database for permission to set this deny mode. If 1448 the kernel refuses the operations then the kernel is wrong */ 1449 kernel_flock(fsp, deny_mode); 1450 1451 /* 1452 * At this point onwards, we can guarentee that the share entry 1453 * is locked, whether we created the file or not, and that the 1454 * deny mode is compatible with all current opens. 1455 */ 1456 1457 /* 1458 * If requested, truncate the file. 1459 */ 1460 1461 if (flags2&O_TRUNC) { 1462 /* 1463 * We are modifing the file after open - update the stat struct.. 1464 */ 1465 if ((SMB_VFS_FTRUNCATE(fsp,fsp->fd,0) == -1) || (SMB_VFS_FSTAT(fsp,fsp->fd,psbuf)==-1)) { 1466 unlock_share_entry_fsp(fsp); 1467 fd_close(conn,fsp); 1468 file_free(fsp); 1469 return NULL; 1470 } 1471 } 1472 1473 switch (flags) { 1474 case O_RDONLY: 1475 open_mode = DOS_OPEN_RDONLY; 1476 break; 1477 case O_RDWR: 1478 open_mode = DOS_OPEN_RDWR; 1479 break; 1480 case O_WRONLY: 1481 open_mode = DOS_OPEN_WRONLY; 1482 break; 1483 } 1484 1485 fsp->share_mode = SET_DENY_MODE(deny_mode) | 1486 SET_OPEN_MODE(open_mode) | 1487 SET_ALLOW_SHARE_DELETE(allow_share_delete); 1488 1489 DEBUG(10,("open_file_shared : share_mode = %x\n", fsp->share_mode )); 1490 1491 if (Access) { 1492 (*Access) = open_mode; 1493 } 1494 1495 action = 0; 1496 1497 if (file_existed && !(flags2 & O_TRUNC)) 1498 action = FILE_WAS_OPENED; 1499 if (file_existed && (flags2 & O_TRUNC)) 1500 action = FILE_WAS_OVERWRITTEN; 1501 if (!file_existed) 1502 action = FILE_WAS_CREATED; 1503 1504 if (paction) { 1505 *paction = action; 1506 } 1507 1508 /* 1509 * Setup the oplock info in both the shared memory and 1510 * file structs. 1511 */ 1512 1513 if(oplock_request && (num_share_modes == 0) && 1514 !IS_VETO_OPLOCK_PATH(conn,fname) && set_file_oplock(fsp, oplock_request) ) { 1515 port = global_oplock_port; 1516 } else if (oplock_request && all_current_opens_are_level_II) { 1517 port = global_oplock_port; 1518 oplock_request = LEVEL_II_OPLOCK; 1519 set_file_oplock(fsp, oplock_request); 1520 } else { 1521 port = 0; 1522 oplock_request = 0; 1523 } 1524 1525 if (add_share_mode) { 1526 set_share_mode(fsp, port, oplock_request); 1527 } 1528 1529 if (delete_on_close) { 1530 uint32 dosmode = existing_dos_mode; 1531 NTSTATUS result; 1532 1533 if (action == FILE_WAS_OVERWRITTEN || action == FILE_WAS_CREATED) { 1534 dosmode = new_dos_mode; 1535 } 1536 result = set_delete_on_close_internal(fsp, delete_on_close, dosmode); 1537 1538 if (NT_STATUS_V(result) != NT_STATUS_V(NT_STATUS_OK)) { 1539 uint8 u_e_c; 1540 uint32 u_e_code; 1541 /* Remember to delete the mode we just added. */ 1542 if (add_share_mode) { 1543 del_share_mode(fsp, NULL); 1544 } 1545 unlock_share_entry_fsp(fsp); 1546 fd_close(conn,fsp); 1547 file_free(fsp); 1548 ntstatus_to_dos(result, &u_e_c, &u_e_code); 1549 unix_ERR_ntstatus = result; 1550 unix_ERR_class = u_e_c; 1551 unix_ERR_code = u_e_code; 1552 return NULL; 1553 } 1554 } 1555 1556 if (action == FILE_WAS_OVERWRITTEN || action == FILE_WAS_CREATED) { 1557 /* Files should be initially set as archive */ 1558 if (lp_map_archive(SNUM(conn)) || lp_store_dos_attributes(SNUM(conn))) { 1559 file_set_dosmode(conn, fname, new_dos_mode | aARCH, NULL, True); 1560 } 1561 } 1562 1563 /* 1564 * Take care of inherited ACLs on created files - if default ACL not 1565 * selected. 1566 */ 1567 1568 if (!file_existed && !def_acl) { 1569 1570 int saved_errno = errno; /* We might get ENOSYS in the next call.. */ 1571 1572 if (SMB_VFS_FCHMOD_ACL(fsp, fsp->fd, mode) == -1 && errno == ENOSYS) 1573 errno = saved_errno; /* Ignore ENOSYS */ 1574 1575 } else if (new_mode) { 1576 1577 int ret = -1; 1578 1579 /* Attributes need changing. File already existed. */ 1580 1581 { 1582 int saved_errno = errno; /* We might get ENOSYS in the next call.. */ 1583 ret = SMB_VFS_FCHMOD_ACL(fsp, fsp->fd, new_mode); 1584 1585 if (ret == -1 && errno == ENOSYS) { 1586 errno = saved_errno; /* Ignore ENOSYS */ 1587 } else { 1588 DEBUG(5, ("open_file_shared: failed to reset attributes of file %s to 0%o\n", 1589 fname, (int)new_mode)); 1590 ret = 0; /* Don't do the fchmod below. */ 1591 } 1592 } 1593 1594 if ((ret == -1) && (SMB_VFS_FCHMOD(fsp, fsp->fd, new_mode) == -1)) 1595 DEBUG(5, ("open_file_shared: failed to reset attributes of file %s to 0%o\n", 1596 fname, (int)new_mode)); 1597 } 1598 1599 /* If this is a successful open, we must remove any deferred open records. */ 1600 delete_defered_open_entry_record(conn, fsp->dev, fsp->inode); 1601 unlock_share_entry_fsp(fsp); 1602 1603 conn->num_files_open++; 1604 1605 return fsp; 1606} 1607 1608/**************************************************************************** 1609 Open a file for for write to ensure that we can fchmod it. 1610****************************************************************************/ 1611 1612files_struct *open_file_fchmod(connection_struct *conn, const char *fname, SMB_STRUCT_STAT *psbuf) 1613{ 1614 files_struct *fsp = NULL; 1615 BOOL fsp_open; 1616 1617 if (!VALID_STAT(*psbuf)) 1618 return NULL; 1619 1620 fsp = file_new(conn); 1621 if(!fsp) 1622 return NULL; 1623 1624 /* note! we must use a non-zero desired access or we don't get 1625 a real file descriptor. Oh what a twisted web we weave. */ 1626 fsp_open = open_file(fsp,conn,fname,psbuf,O_WRONLY,0,FILE_WRITE_DATA); 1627 1628 /* 1629 * This is not a user visible file open. 1630 * Don't set a share mode and don't increment 1631 * the conn->num_files_open. 1632 */ 1633 1634 if (!fsp_open) { 1635 file_free(fsp); 1636 return NULL; 1637 } 1638 1639 return fsp; 1640} 1641 1642/**************************************************************************** 1643 Close the fchmod file fd - ensure no locks are lost. 1644****************************************************************************/ 1645 1646int close_file_fchmod(files_struct *fsp) 1647{ 1648 int ret = fd_close(fsp->conn, fsp); 1649 file_free(fsp); 1650 return ret; 1651} 1652 1653/**************************************************************************** 1654 Open a directory from an NT SMB call. 1655****************************************************************************/ 1656 1657files_struct *open_directory(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf, 1658 uint32 desired_access, int share_mode, int smb_ofun, int *action) 1659{ 1660 extern struct current_user current_user; 1661 BOOL got_stat = False; 1662 files_struct *fsp = file_new(conn); 1663 BOOL delete_on_close = GET_DELETE_ON_CLOSE_FLAG(share_mode); 1664 1665 if(!fsp) 1666 return NULL; 1667 1668 if (VALID_STAT(*psbuf)) 1669 got_stat = True; 1670 1671 if (got_stat && (GET_FILE_OPEN_DISPOSITION(smb_ofun) == FILE_EXISTS_FAIL)) { 1672 file_free(fsp); 1673 errno = EEXIST; /* Setup so correct error is returned to client. */ 1674 return NULL; 1675 } 1676 1677 if (GET_FILE_CREATE_DISPOSITION(smb_ofun) == FILE_CREATE_IF_NOT_EXIST) { 1678 1679 if (got_stat) { 1680 1681 if(!S_ISDIR(psbuf->st_mode)) { 1682 DEBUG(0,("open_directory: %s is not a directory !\n", fname )); 1683 file_free(fsp); 1684 errno = EACCES; 1685 return NULL; 1686 } 1687 *action = FILE_WAS_OPENED; 1688 1689 } else { 1690 1691 /* 1692 * Try and create the directory. 1693 */ 1694 1695 if(!CAN_WRITE(conn)) { 1696 DEBUG(2,("open_directory: failing create on read-only share\n")); 1697 file_free(fsp); 1698 errno = EACCES; 1699 return NULL; 1700 } 1701 1702 if (ms_has_wild(fname)) { 1703 file_free(fsp); 1704 DEBUG(5,("open_directory: failing create on filename %s with wildcards\n", fname)); 1705 unix_ERR_class = ERRDOS; 1706 unix_ERR_code = ERRinvalidname; 1707 unix_ERR_ntstatus = NT_STATUS_OBJECT_NAME_INVALID; 1708 return NULL; 1709 } 1710 1711 if( strchr_m(fname, ':')) { 1712 file_free(fsp); 1713 DEBUG(5,("open_directory: failing create on filename %s with colon in name\n", fname)); 1714 unix_ERR_class = ERRDOS; 1715 unix_ERR_code = ERRinvalidname; 1716 unix_ERR_ntstatus = NT_STATUS_NOT_A_DIRECTORY; 1717 return NULL; 1718 } 1719 1720 if(vfs_MkDir(conn,fname, unix_mode(conn,aDIR, fname, True)) < 0) { 1721 DEBUG(2,("open_directory: unable to create %s. Error was %s\n", 1722 fname, strerror(errno) )); 1723 file_free(fsp); 1724 return NULL; 1725 } 1726 1727 if(SMB_VFS_STAT(conn,fname, psbuf) != 0) { 1728 file_free(fsp); 1729 return NULL; 1730 } 1731 1732 *action = FILE_WAS_CREATED; 1733 1734 } 1735 } else { 1736 1737 /* 1738 * Don't create - just check that it *was* a directory. 1739 */ 1740 1741 if(!got_stat) { 1742 DEBUG(3,("open_directory: unable to stat name = %s. Error was %s\n", 1743 fname, strerror(errno) )); 1744 file_free(fsp); 1745 return NULL; 1746 } 1747 1748 if(!S_ISDIR(psbuf->st_mode)) { 1749 DEBUG(0,("open_directory: %s is not a directory !\n", fname )); 1750 file_free(fsp); 1751 return NULL; 1752 } 1753 1754 *action = FILE_WAS_OPENED; 1755 } 1756 1757 DEBUG(5,("open_directory: opening directory %s\n", fname)); 1758 1759 /* 1760 * Setup the files_struct for it. 1761 */ 1762 1763 fsp->mode = psbuf->st_mode; 1764 fsp->inode = psbuf->st_ino; 1765 fsp->dev = psbuf->st_dev; 1766 fsp->size = psbuf->st_size; 1767 fsp->vuid = current_user.vuid; 1768 fsp->file_pid = global_smbpid; 1769 fsp->can_lock = True; 1770 fsp->can_read = False; 1771 fsp->can_write = False; 1772 fsp->share_mode = share_mode; 1773 fsp->desired_access = desired_access; 1774 fsp->print_file = False; 1775 fsp->modified = False; 1776 fsp->oplock_type = NO_OPLOCK; 1777 fsp->sent_oplock_break = NO_BREAK_SENT; 1778 fsp->is_directory = True; 1779 fsp->is_stat = False; 1780 fsp->directory_delete_on_close = False; 1781 string_set(&fsp->fsp_name,fname); 1782 1783 if (delete_on_close) { 1784 NTSTATUS result = set_delete_on_close_internal(fsp, delete_on_close, 0); 1785 1786 if (NT_STATUS_V(result) != NT_STATUS_V(NT_STATUS_OK)) { 1787 file_free(fsp); 1788 return NULL; 1789 } 1790 } 1791 conn->num_files_open++; 1792 1793 return fsp; 1794} 1795 1796/**************************************************************************** 1797 Open a pseudo-file (no locking checks - a 'stat' open). 1798****************************************************************************/ 1799 1800files_struct *open_file_stat(connection_struct *conn, char *fname, SMB_STRUCT_STAT *psbuf) 1801{ 1802 extern struct current_user current_user; 1803 files_struct *fsp = NULL; 1804 1805 if (!VALID_STAT(*psbuf)) 1806 return NULL; 1807 1808 /* Can't 'stat' open directories. */ 1809 if(S_ISDIR(psbuf->st_mode)) 1810 return NULL; 1811 1812 fsp = file_new(conn); 1813 if(!fsp) 1814 return NULL; 1815 1816 DEBUG(5,("open_file_stat: 'opening' file %s\n", fname)); 1817 1818 /* 1819 * Setup the files_struct for it. 1820 */ 1821 1822 fsp->mode = psbuf->st_mode; 1823 fsp->inode = psbuf->st_ino; 1824 fsp->dev = psbuf->st_dev; 1825 fsp->size = psbuf->st_size; 1826 fsp->vuid = current_user.vuid; 1827 fsp->file_pid = global_smbpid; 1828 fsp->can_lock = False; 1829 fsp->can_read = False; 1830 fsp->can_write = False; 1831 fsp->share_mode = 0; 1832 fsp->desired_access = 0; 1833 fsp->print_file = False; 1834 fsp->modified = False; 1835 fsp->oplock_type = NO_OPLOCK; 1836 fsp->sent_oplock_break = NO_BREAK_SENT; 1837 fsp->is_directory = False; 1838 fsp->is_stat = True; 1839 fsp->directory_delete_on_close = False; 1840 string_set(&fsp->fsp_name,fname); 1841 1842 conn->num_files_open++; 1843 1844 return fsp; 1845} 1846