3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2014 Nexenta Systems, Inc. All rights reserved.
24 */
25
26 /*
27 * This command is used to create or open a file or directory.
28 */
29
30
31 #include <smbsrv/smb_kproto.h>
32 #include <smbsrv/smb_fsops.h>
33 #include <smbsrv/smb_vops.h>
34
35 /*
36 * smb_com_nt_create_andx
37 *
38 * This command is used to create or open a file or directory.
39 *
40 * Client Request Description
41 * ================================= ==================================
42 *
43 * UCHAR WordCount; Count of parameter words = 24
44 * UCHAR AndXCommand; Secondary command; 0xFF = None
45 * UCHAR AndXReserved; Reserved (must be 0)
46 * USHORT AndXOffset; Offset to next command WordCount
47 * UCHAR Reserved; Reserved (must be 0)
48 * USHORT NameLength; Length of Name[] in bytes
49 * ULONG Flags; Create bit set:
50 * 0x02 - Request an oplock
51 * 0x04 - Request a batch oplock
52 * 0x08 - Target of open must be
53 * directory
54 * ULONG RootDirectoryFid; If non-zero, open is relative to
193 if (NameLength == 0) {
194 op->fqi.fq_path.pn_path = "\\";
195 } else if (NameLength >= SMB_MAXPATHLEN) {
196 smbsr_error(sr, NT_STATUS_OBJECT_NAME_INVALID,
197 ERRDOS, ERROR_PATH_NOT_FOUND);
198 rc = -1;
199 } else {
200 rc = smbsr_decode_data(sr, "%#u", sr, NameLength,
201 &op->fqi.fq_path.pn_path);
202 }
203 }
204
205 op->op_oplock_level = SMB_OPLOCK_NONE;
206 if (op->nt_flags & NT_CREATE_FLAG_REQUEST_OPLOCK) {
207 if (op->nt_flags & NT_CREATE_FLAG_REQUEST_OPBATCH)
208 op->op_oplock_level = SMB_OPLOCK_BATCH;
209 else
210 op->op_oplock_level = SMB_OPLOCK_EXCLUSIVE;
211 }
212
213 DTRACE_SMB_2(op__NtCreateX__start, smb_request_t *, sr,
214 struct open_param *, op);
215
216 return ((rc == 0) ? SDRC_SUCCESS : SDRC_ERROR);
217 }
218
219 void
220 smb_post_nt_create_andx(smb_request_t *sr)
221 {
222 DTRACE_SMB_1(op__NtCreateX__done, smb_request_t *, sr);
223
224 if (sr->arg.open.dir != NULL) {
225 smb_ofile_release(sr->arg.open.dir);
226 sr->arg.open.dir = NULL;
227 }
228 }
229
230 smb_sdrc_t
231 smb_com_nt_create_andx(struct smb_request *sr)
232 {
233 struct open_param *op = &sr->arg.open;
234 smb_attr_t *ap = &op->fqi.fq_fattr;
235 smb_ofile_t *of;
236 int rc;
237 unsigned char DirFlag;
238 uint32_t status;
239
240 if ((op->create_options & FILE_DELETE_ON_CLOSE) &&
241 !(op->desired_access & DELETE)) {
242 smbsr_error(sr, NT_STATUS_INVALID_PARAMETER,
243 ERRDOS, ERRbadaccess);
244 return (SDRC_ERROR);
245 }
246
247 if (op->create_disposition > FILE_MAXIMUM_DISPOSITION) {
248 smbsr_error(sr, NT_STATUS_INVALID_PARAMETER,
249 ERRDOS, ERRbadaccess);
250 return (SDRC_ERROR);
251 }
252
253 if (op->dattr & FILE_FLAG_WRITE_THROUGH)
254 op->create_options |= FILE_WRITE_THROUGH;
255
256 if (op->dattr & FILE_FLAG_DELETE_ON_CLOSE)
257 op->create_options |= FILE_DELETE_ON_CLOSE;
258
259 if (op->dattr & FILE_FLAG_BACKUP_SEMANTICS)
260 op->create_options |= FILE_OPEN_FOR_BACKUP_INTENT;
261
262 if (op->create_options & FILE_OPEN_FOR_BACKUP_INTENT)
263 sr->user_cr = smb_user_getprivcred(sr->uid_user);
264
265 if (op->rootdirfid == 0) {
266 op->fqi.fq_dnode = sr->tid_tree->t_snode;
267 } else {
268 op->dir = smb_ofile_lookup_by_fid(sr, (uint16_t)op->rootdirfid);
269 if (op->dir == NULL) {
270 smbsr_error(sr, NT_STATUS_INVALID_HANDLE,
271 ERRDOS, ERRbadfid);
272 return (SDRC_ERROR);
273 }
274 op->fqi.fq_dnode = op->dir->f_node;
275 }
276
277 op->op_oplock_levelII = B_TRUE;
278
279 status = smb_common_open(sr);
280 if (status != NT_STATUS_SUCCESS) {
281 smbsr_status(sr, status, 0, 0);
282 return (SDRC_ERROR);
283 }
284
285 /*
286 * NB: after the above smb_common_open() success,
287 * we have a handle allocated (sr->fid_ofile).
288 * If we don't return success, we must close it.
289 */
290 of = sr->fid_ofile;
291
292 switch (sr->tid_tree->t_res_type & STYPE_MASK) {
293 case STYPE_DISKTREE:
294 case STYPE_PRINTQ:
295 if (op->create_options & FILE_DELETE_ON_CLOSE)
296 smb_ofile_set_delete_on_close(of);
297
298 DirFlag = smb_node_is_dir(of->f_node) ? 1 : 0;
299 rc = smbsr_encode_result(sr, 34, 0, "bb.wbwlTTTTlqqwwbw",
300 34,
301 sr->andx_com,
302 0x67,
303 op->op_oplock_level,
304 sr->smb_fid,
305 op->action_taken,
306 &ap->sa_crtime,
307 &ap->sa_vattr.va_atime,
308 &ap->sa_vattr.va_mtime,
309 &ap->sa_vattr.va_ctime,
310 op->dattr & FILE_ATTRIBUTE_MASK,
311 ap->sa_allocsz,
312 ap->sa_vattr.va_size,
313 op->ftype,
314 op->devstate,
315 DirFlag,
316 0);
317 break;
318
319 case STYPE_IPC:
320 rc = smbsr_encode_result(sr, 34, 0, "bb.wbwlqqqqlqqwwbw",
321 34,
322 sr->andx_com,
323 0x67,
324 0,
325 sr->smb_fid,
326 op->action_taken,
327 0LL,
328 0LL,
329 0LL,
330 0LL,
331 FILE_ATTRIBUTE_NORMAL,
332 0x1000LL,
333 0LL,
334 op->ftype,
335 op->devstate,
336 0,
337 0);
338 break;
339
340 default:
341 smbsr_error(sr, NT_STATUS_INVALID_DEVICE_REQUEST,
342 ERRDOS, ERROR_INVALID_FUNCTION);
343 goto errout;
344 }
345 if (rc == 0)
346 return (SDRC_SUCCESS);
347
348 errout:
349 smb_ofile_close(of, 0);
350 return (SDRC_ERROR);
351 }
|
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2017 Nexenta Systems, Inc. All rights reserved.
24 */
25
26 /*
27 * This command is used to create or open a file or directory.
28 */
29
30
31 #include <smbsrv/smb_kproto.h>
32 #include <smbsrv/smb_fsops.h>
33 #include <smbsrv/smb_vops.h>
34
35 int smb_nt_create_enable_extended_response = 1;
36
37 /*
38 * smb_com_nt_create_andx
39 *
40 * This command is used to create or open a file or directory.
41 *
42 * Client Request Description
43 * ================================= ==================================
44 *
45 * UCHAR WordCount; Count of parameter words = 24
46 * UCHAR AndXCommand; Secondary command; 0xFF = None
47 * UCHAR AndXReserved; Reserved (must be 0)
48 * USHORT AndXOffset; Offset to next command WordCount
49 * UCHAR Reserved; Reserved (must be 0)
50 * USHORT NameLength; Length of Name[] in bytes
51 * ULONG Flags; Create bit set:
52 * 0x02 - Request an oplock
53 * 0x04 - Request a batch oplock
54 * 0x08 - Target of open must be
55 * directory
56 * ULONG RootDirectoryFid; If non-zero, open is relative to
195 if (NameLength == 0) {
196 op->fqi.fq_path.pn_path = "\\";
197 } else if (NameLength >= SMB_MAXPATHLEN) {
198 smbsr_error(sr, NT_STATUS_OBJECT_NAME_INVALID,
199 ERRDOS, ERROR_PATH_NOT_FOUND);
200 rc = -1;
201 } else {
202 rc = smbsr_decode_data(sr, "%#u", sr, NameLength,
203 &op->fqi.fq_path.pn_path);
204 }
205 }
206
207 op->op_oplock_level = SMB_OPLOCK_NONE;
208 if (op->nt_flags & NT_CREATE_FLAG_REQUEST_OPLOCK) {
209 if (op->nt_flags & NT_CREATE_FLAG_REQUEST_OPBATCH)
210 op->op_oplock_level = SMB_OPLOCK_BATCH;
211 else
212 op->op_oplock_level = SMB_OPLOCK_EXCLUSIVE;
213 }
214
215 DTRACE_SMB_START(op__NtCreateX, smb_request_t *, sr); /* arg.open */
216
217 return ((rc == 0) ? SDRC_SUCCESS : SDRC_ERROR);
218 }
219
220 void
221 smb_post_nt_create_andx(smb_request_t *sr)
222 {
223 DTRACE_SMB_DONE(op__NtCreateX, smb_request_t *, sr);
224
225 if (sr->arg.open.dir != NULL) {
226 smb_ofile_release(sr->arg.open.dir);
227 sr->arg.open.dir = NULL;
228 }
229 }
230
231 /*
232 * A lot like smb_nt_transact_create
233 */
234 smb_sdrc_t
235 smb_com_nt_create_andx(struct smb_request *sr)
236 {
237 struct open_param *op = &sr->arg.open;
238 smb_attr_t *ap = &op->fqi.fq_fattr;
239 smb_ofile_t *of;
240 int rc;
241 uint8_t DirFlag;
242 uint32_t status;
243
244 if (op->create_options & ~SMB_NTCREATE_VALID_OPTIONS) {
245 smbsr_error(sr, NT_STATUS_INVALID_PARAMETER,
246 ERRDOS, ERROR_INVALID_PARAMETER);
247 return (SDRC_ERROR);
248 }
249
250 if (op->create_options & FILE_OPEN_BY_FILE_ID) {
251 smbsr_error(sr, NT_STATUS_NOT_SUPPORTED,
252 ERRDOS, ERROR_NOT_SUPPORTED);
253 return (SDRC_ERROR);
254 }
255
256 if ((op->create_options & FILE_DELETE_ON_CLOSE) &&
257 !(op->desired_access & DELETE)) {
258 smbsr_error(sr, NT_STATUS_INVALID_PARAMETER,
259 ERRDOS, ERRbadaccess);
260 return (SDRC_ERROR);
261 }
262
263 if (op->create_disposition > FILE_MAXIMUM_DISPOSITION) {
264 smbsr_error(sr, NT_STATUS_INVALID_PARAMETER,
265 ERRDOS, ERRbadaccess);
266 return (SDRC_ERROR);
267 }
268
269 if (op->dattr & FILE_FLAG_WRITE_THROUGH)
270 op->create_options |= FILE_WRITE_THROUGH;
271
272 if (op->dattr & FILE_FLAG_DELETE_ON_CLOSE)
273 op->create_options |= FILE_DELETE_ON_CLOSE;
274
275 if (op->dattr & FILE_FLAG_BACKUP_SEMANTICS)
276 op->create_options |= FILE_OPEN_FOR_BACKUP_INTENT;
277
278 if (op->create_options & FILE_OPEN_FOR_BACKUP_INTENT)
279 sr->user_cr = smb_user_getprivcred(sr->uid_user);
280
281 if (op->rootdirfid == 0) {
282 op->fqi.fq_dnode = sr->tid_tree->t_snode;
283 } else {
284 op->dir = smb_ofile_lookup_by_fid(sr, (uint16_t)op->rootdirfid);
285 if (op->dir == NULL) {
286 smbsr_error(sr, NT_STATUS_INVALID_HANDLE,
287 ERRDOS, ERRbadfid);
288 return (SDRC_ERROR);
289 }
290 op->fqi.fq_dnode = op->dir->f_node;
291 }
292
293 status = smb_common_open(sr);
294 if (status != NT_STATUS_SUCCESS) {
295 smbsr_status(sr, status, 0, 0);
296 return (SDRC_ERROR);
297 }
298 if (op->op_oplock_level != SMB_OPLOCK_NONE) {
299 /* Oplock req. in op->op_oplock_level etc. */
300 smb1_oplock_acquire(sr, B_TRUE);
301 }
302
303 /*
304 * NB: after the above smb_common_open() success,
305 * we have a handle allocated (sr->fid_ofile).
306 * If we don't return success, we must close it.
307 */
308 of = sr->fid_ofile;
309
310 switch (sr->tid_tree->t_res_type & STYPE_MASK) {
311 case STYPE_DISKTREE:
312 case STYPE_PRINTQ:
313 if (op->create_options & FILE_DELETE_ON_CLOSE)
314 smb_ofile_set_delete_on_close(sr, of);
315 DirFlag = smb_node_is_dir(of->f_node) ? 1 : 0;
316 break;
317
318 case STYPE_IPC:
319 DirFlag = 0;
320 break;
321
322 default:
323 smbsr_error(sr, NT_STATUS_INVALID_DEVICE_REQUEST,
324 ERRDOS, ERROR_INVALID_FUNCTION);
325 goto errout;
326 }
327
328 if ((op->nt_flags & NT_CREATE_FLAG_EXTENDED_RESPONSE) != 0 &&
329 smb_nt_create_enable_extended_response != 0) {
330 uint32_t MaxAccess = 0;
331 if (of->f_node != NULL) {
332 smb_fsop_eaccess(sr, of->f_cr, of->f_node, &MaxAccess);
333 }
334 MaxAccess |= of->f_granted_access;
335
336 /*
337 * Here is a really ugly protocol wart in SMB1:
338 *
339 * [MS-SMB] Sec. 2.2.4.9.2: Windows-based SMB servers
340 * send 50 (0x32) words in the extended response although
341 * they set the WordCount field to 0x2A.
342 *
343 * In other words, THEY LIE! We really do need to encode
344 * 50 words here, but lie and say we encoded 42 words.
345 * This means we can't use smbsr_encode_result() to
346 * build this response, because the rules it breaks
347 * would cause errors in smbsr_check_result().
348 *
349 * And that's not all (it gets worse...)
350 * Because of the bogus word count, some clients will
351 * read the byte count from within what should be the
352 * fileid field below. Leave that zero, like Win7.
353 *
354 * Apparently the only really useful thing in this
355 * extended response is MaxAccess.
356 */
357 sr->smb_wct = 50; /* real word count */
358 sr->smb_bcc = 0;
359 rc = smb_mbc_encodef(&sr->reply,
360 "bb.wbwlTTTTlqqwwb16.qllw",
361 42, /* fake word count (b) */
362 sr->andx_com, /* (b.) */
363 0x87, /* andx offset (w) */
364 op->op_oplock_level, /* (b) */
365 sr->smb_fid, /* (w) */
366 op->action_taken, /* (l) */
367 &ap->sa_crtime, /* (T) */
368 &ap->sa_vattr.va_atime, /* (T) */
369 &ap->sa_vattr.va_mtime, /* (T) */
370 &ap->sa_vattr.va_ctime, /* (T) */
371 op->dattr & FILE_ATTRIBUTE_MASK, /* (l) */
372 ap->sa_allocsz, /* (q) */
373 ap->sa_vattr.va_size, /* (q) */
374 op->ftype, /* (w) */
375 op->devstate, /* (w) */
376 DirFlag, /* (b) */
377 /* volume guid (16.) */
378 0, /* file ID (see above) (q) */
379 MaxAccess, /* (l) */
380 0, /* guest access (l) */
381 0); /* byte count (w) */
382 } else {
383 rc = smbsr_encode_result(
384 sr, 34, 0, "bb.wbwlTTTTlqqwwbw",
385 34, /* word count (b) */
386 sr->andx_com, /* (b.) */
387 0x67, /* andx offset (w) */
388 op->op_oplock_level, /* (b) */
389 sr->smb_fid, /* (w) */
390 op->action_taken, /* (l) */
391 &ap->sa_crtime, /* (T) */
392 &ap->sa_vattr.va_atime, /* (T) */
393 &ap->sa_vattr.va_mtime, /* (T) */
394 &ap->sa_vattr.va_ctime, /* (T) */
395 op->dattr & FILE_ATTRIBUTE_MASK, /* (l) */
396 ap->sa_allocsz, /* (q) */
397 ap->sa_vattr.va_size, /* (q) */
398 op->ftype, /* (w) */
399 op->devstate, /* (w) */
400 DirFlag, /* (b) */
401 0); /* byte count (w) */
402 }
403
404 if (rc == 0)
405 return (SDRC_SUCCESS);
406
407 errout:
408 smb_ofile_close(of, 0);
409 return (SDRC_ERROR);
410 }
|