diff --git a/source4/ntvfs/ntvfs_generic.c b/source4/ntvfs/ntvfs_generic.c index 370463c41d3..9ef2481d262 100644 --- a/source4/ntvfs/ntvfs_generic.c +++ b/source4/ntvfs/ntvfs_generic.c @@ -178,7 +178,7 @@ static NTSTATUS ntvfs_map_open_finish(struct smbsrv_request *req, io->openx.out.devstate = 0; io->openx.out.action = io2->generic.out.create_action; io->openx.out.unique_fid = 0; - io->openx.out.access_mask = io2->generic.in.access_mask; + io->openx.out.access_mask = STANDARD_RIGHTS_ALL_ACCESS; io->openx.out.unknown = 0; /* we need to extend the file to the requested size if @@ -280,17 +280,17 @@ NTSTATUS ntvfs_map_open(struct smbsrv_request *req, union smb_open *io, switch (io->openx.in.open_mode & OPENX_MODE_ACCESS_MASK) { case OPENX_MODE_ACCESS_READ: - io2->generic.in.access_mask = STANDARD_RIGHTS_READ_ACCESS; + io2->generic.in.access_mask = GENERIC_RIGHTS_FILE_READ; io->openx.out.access = OPENX_MODE_ACCESS_READ; break; case OPENX_MODE_ACCESS_WRITE: - io2->generic.in.access_mask = STANDARD_RIGHTS_WRITE_ACCESS; + io2->generic.in.access_mask = GENERIC_RIGHTS_FILE_WRITE; io->openx.out.access = OPENX_MODE_ACCESS_WRITE; break; case OPENX_MODE_ACCESS_RDWR: case OPENX_MODE_ACCESS_FCB: case OPENX_MODE_ACCESS_EXEC: - io2->generic.in.access_mask = STANDARD_RIGHTS_ALL_ACCESS; + io2->generic.in.access_mask = GENERIC_RIGHTS_FILE_WRITE | GENERIC_RIGHTS_FILE_READ; io->openx.out.access = OPENX_MODE_ACCESS_RDWR; break; default: @@ -309,12 +309,16 @@ NTSTATUS ntvfs_map_open(struct smbsrv_request *req, union smb_open *io, io2->generic.in.share_access = NTCREATEX_SHARE_ACCESS_NONE; break; case OPENX_MODE_DENY_NONE: - io2->generic.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE; + io2->generic.in.share_access = + NTCREATEX_SHARE_ACCESS_READ | + NTCREATEX_SHARE_ACCESS_WRITE; break; case OPENX_MODE_DENY_DOS: /* DENY_DOS is quite strange - it depends on the filename! */ if (is_exe_file(io->openx.in.fname)) { - io2->generic.in.share_access = NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE; + io2->generic.in.share_access = + NTCREATEX_SHARE_ACCESS_READ | + NTCREATEX_SHARE_ACCESS_WRITE; } else { if ((io->openx.in.open_mode & OPENX_MODE_ACCESS_MASK) == OPENX_MODE_ACCESS_READ) { @@ -417,8 +421,9 @@ NTSTATUS ntvfs_map_open(struct smbsrv_request *req, union smb_open *io, io2->generic.in.share_access = NTCREATEX_SHARE_ACCESS_WRITE; break; case OPEN_FLAGS_DENY_NONE: - io2->generic.in.share_access = NTCREATEX_SHARE_ACCESS_WRITE | - NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_DELETE; + io2->generic.in.share_access = + NTCREATEX_SHARE_ACCESS_WRITE | + NTCREATEX_SHARE_ACCESS_READ; break; case OPEN_FLAGS_DENY_MASK: io2->generic.in.share_access = diff --git a/source4/ntvfs/posix/pvfs_open.c b/source4/ntvfs/posix/pvfs_open.c index 6f1fb1c87f1..f0c1478e665 100644 --- a/source4/ntvfs/posix/pvfs_open.c +++ b/source4/ntvfs/posix/pvfs_open.c @@ -944,7 +944,32 @@ NTSTATUS pvfs_can_delete(struct pvfs_state *pvfs, struct pvfs_filename *name) NTCREATEX_SHARE_ACCESS_READ | NTCREATEX_SHARE_ACCESS_WRITE | NTCREATEX_SHARE_ACCESS_DELETE, - 0, STD_RIGHT_DELETE_ACCESS); + NTCREATEX_OPTIONS_DELETE_ON_CLOSE, + STD_RIGHT_DELETE_ACCESS); + + return status; +} + +/* + determine if a file can be renamed, or if it is prevented by an + already open file +*/ +NTSTATUS pvfs_can_rename(struct pvfs_state *pvfs, struct pvfs_filename *name) +{ + NTSTATUS status; + DATA_BLOB key; + + status = pvfs_locking_key(name, name, &key); + if (!NT_STATUS_IS_OK(status)) { + return NT_STATUS_NO_MEMORY; + } + + status = odb_can_open(pvfs->odb_context, &key, + NTCREATEX_SHARE_ACCESS_READ | + NTCREATEX_SHARE_ACCESS_WRITE | + NTCREATEX_SHARE_ACCESS_DELETE, + 0, + STD_RIGHT_DELETE_ACCESS); return status; } diff --git a/source4/ntvfs/posix/pvfs_rename.c b/source4/ntvfs/posix/pvfs_rename.c index 552148a891d..a621165ce43 100644 --- a/source4/ntvfs/posix/pvfs_rename.c +++ b/source4/ntvfs/posix/pvfs_rename.c @@ -62,7 +62,7 @@ NTSTATUS pvfs_rename(struct ntvfs_module_context *ntvfs, return NT_STATUS_OBJECT_NAME_COLLISION; } - status = pvfs_can_delete(pvfs, name1); + status = pvfs_can_rename(pvfs, name1); if (!NT_STATUS_IS_OK(status)) { return status; } diff --git a/source4/script/tests/test_posix.sh b/source4/script/tests/test_posix.sh index c31d4b70ea5..899878343bd 100755 --- a/source4/script/tests/test_posix.sh +++ b/source4/script/tests/test_posix.sh @@ -37,12 +37,12 @@ tests="$tests BASE-DELETE BASE-PROPERTIES BASE-MANGLE" tests="$tests BASE-CHKPATH BASE-SECLEAK BASE-TRANS2" tests="$tests BASE-NTDENY1 BASE-NTDENY2 BASE-RENAME" tests="$tests RAW-QFSINFO RAW-QFILEINFO RAW-SFILEINFO-BUG" -tests="$tests RAW-LOCK RAW-MKDIR RAW-SEEK RAW-CONTEXT RAW-MUX" +tests="$tests RAW-LOCK RAW-MKDIR RAW-SEEK RAW-CONTEXT RAW-MUX RAW-OPEN" tests="$tests RAW-UNLINK RAW-READ RAW-CLOSE RAW-IOCTL RAW-SEARCH RAW-CHKPATH" tests="$tests LOCAL-ICONV LOCAL-TALLOC LOCAL-MESSAGING LOCAL-BINDING LOCAL-IDTREE" soon="BASE-DENY1 BASE-DEFER_OPEN BASE-OPENATTR BASE-CHARSET" -soon="$soon RAW-SFILEINFO RAW-OPEN RAW-OPLOCK RAW-NOTIFY" +soon="$soon RAW-SFILEINFO RAW-OPLOCK RAW-NOTIFY" soon="$soon RAW-WRITE RAW-RENAME" for t in $tests; do diff --git a/source4/torture/basic/locking.c b/source4/torture/basic/locking.c index aea94bd5a1b..c1dd598018e 100644 --- a/source4/torture/basic/locking.c +++ b/source4/torture/basic/locking.c @@ -55,7 +55,8 @@ BOOL torture_locktest1(void) } fnum2 = smbcli_open(cli1->tree, fname, O_RDWR, DENY_NONE); if (fnum2 == -1) { - printf("open2 of %s failed (%s)\n", fname, smbcli_errstr(cli1->tree)); + printf("(%s) open2 of %s failed (%s)\n", + __location__, fname, smbcli_errstr(cli1->tree)); return False; } fnum3 = smbcli_open(cli2->tree, fname, O_RDWR, DENY_NONE); @@ -213,7 +214,8 @@ BOOL torture_locktest2(void) fnum2 = smbcli_open(cli->tree, fname, O_RDWR, DENY_NONE); if (fnum2 == -1) { - printf("open2 of %s failed (%s)\n", fname, smbcli_errstr(cli->tree)); + printf("(%s) open2 of %s failed (%s)\n", + __location__, fname, smbcli_errstr(cli->tree)); return False; } diff --git a/source4/torture/basic/unlink.c b/source4/torture/basic/unlink.c new file mode 100644 index 00000000000..dd2ff5a5c58 --- /dev/null +++ b/source4/torture/basic/unlink.c @@ -0,0 +1,107 @@ +/* + Unix SMB/CIFS implementation. + + unlink tester + + Copyright (C) Andrew Tridgell 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" +#include "libcli/raw/libcliraw.h" + +/* + This test checks that + + 1) the server does not allow an unlink on a file that is open +*/ +BOOL torture_unlinktest(void) +{ + struct smbcli_state *cli; + const char *fname = "\\unlink.tst"; + int fnum; + BOOL correct = True; + union smb_open io; + NTSTATUS status; + + if (!torture_open_connection(&cli)) { + return False; + } + + printf("starting unlink test\n"); + + smbcli_unlink(cli->tree, fname); + + cli->session->pid = 1; + + printf("Opening a file\n"); + + fnum = smbcli_open(cli->tree, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); + if (fnum == -1) { + printf("open of %s failed (%s)\n", fname, smbcli_errstr(cli->tree)); + return False; + } + + printf("Unlinking a open file\n"); + + if (NT_STATUS_IS_OK(smbcli_unlink(cli->tree, fname))) { + printf("(%s) error: server allowed unlink on an open file\n", __location__); + correct = False; + } else { + correct = check_error(__location__, cli, ERRDOS, ERRbadshare, + NT_STATUS_SHARING_VIOLATION); + } + + smbcli_close(cli->tree, fnum); + smbcli_unlink(cli->tree, fname); + + printf("testing unlink after ntcreatex with DELETE access\n"); + + io.ntcreatex.level = RAW_OPEN_NTCREATEX; + io.ntcreatex.in.root_fid = 0; + io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED; + io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_NON_DIRECTORY_FILE; + io.ntcreatex.in.file_attr = 0; + io.ntcreatex.in.alloc_size = 0; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_IMPERSONATION; + io.ntcreatex.in.security_flags = 0; + io.ntcreatex.in.fname = fname; + io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_DELETE; + io.ntcreatex.in.access_mask = GENERIC_RIGHTS_FILE_ALL_ACCESS; + + status = smb_raw_open(cli->tree, cli, &io); + if (!NT_STATUS_IS_OK(status)) { + printf("(%s) failed to open %s\n", __location__, fname); + } + if (NT_STATUS_IS_OK(smbcli_unlink(cli->tree, fname))) { + printf("(%s) error: server allowed unlink on an open file\n", __location__); + correct = False; + } else { + correct = check_error(__location__, cli, ERRDOS, ERRbadshare, + NT_STATUS_SHARING_VIOLATION); + } + + if (!torture_close_connection(cli)) { + correct = False; + } + + printf("unlink test finished\n"); + + return correct; +} + + diff --git a/source4/torture/config.mk b/source4/torture/config.mk index aa77238ec5c..8a621e2f9f6 100644 --- a/source4/torture/config.mk +++ b/source4/torture/config.mk @@ -15,6 +15,7 @@ ADD_OBJ_FILES = \ torture/basic/rename.o \ torture/basic/dir.o \ torture/basic/delete.o \ + torture/basic/unlink.o \ torture/basic/attr.o REQUIRED_SUBSYSTEMS = \ LIBSMB diff --git a/source4/torture/raw/mux.c b/source4/torture/raw/mux.c index 39eb5c1d5e0..c0c04f7d464 100644 --- a/source4/torture/raw/mux.c +++ b/source4/torture/raw/mux.c @@ -25,8 +25,8 @@ #define CHECK_STATUS(status, correct) do { \ if (!NT_STATUS_EQUAL(status, correct)) { \ - printf("(%d) Incorrect status %s - should be %s\n", \ - __LINE__, nt_errstr(status), nt_errstr(correct)); \ + printf("(%s) Incorrect status %s - should be %s\n", \ + __location__, nt_errstr(status), nt_errstr(correct)); \ ret = False; \ goto done; \ }} while (0) @@ -319,7 +319,7 @@ BOOL torture_raw_mux(void) /* cleanup */ if (smbcli_deltree(cli->tree, BASEDIR) == -1) { - printf("Failed to cleanup " BASEDIR "\n"); + printf("(%s) Failed to cleanup " BASEDIR "\n", __location__); ret = False; goto done; } diff --git a/source4/torture/torture.c b/source4/torture/torture.c index 86796c67d72..e7472ffa46e 100644 --- a/source4/torture/torture.c +++ b/source4/torture/torture.c @@ -863,59 +863,6 @@ static BOOL run_fdpasstest(void) } -/* - This test checks that - - 1) the server does not allow an unlink on a file that is open -*/ -static BOOL run_unlinktest(void) -{ - struct smbcli_state *cli; - const char *fname = "\\unlink.tst"; - int fnum; - BOOL correct = True; - - if (!torture_open_connection(&cli)) { - return False; - } - - printf("starting unlink test\n"); - - smbcli_unlink(cli->tree, fname); - - cli->session->pid = 1; - - printf("Opening a file\n"); - - fnum = smbcli_open(cli->tree, fname, O_RDWR|O_CREAT|O_EXCL, DENY_NONE); - if (fnum == -1) { - printf("open of %s failed (%s)\n", fname, smbcli_errstr(cli->tree)); - return False; - } - - printf("Unlinking a open file\n"); - - if (NT_STATUS_IS_OK(smbcli_unlink(cli->tree, fname))) { - printf("error: server allowed unlink on an open file\n"); - correct = False; - } else { - correct = check_error(__location__, cli, ERRDOS, ERRbadshare, - NT_STATUS_SHARING_VIOLATION); - } - - smbcli_close(cli->tree, fnum); - smbcli_unlink(cli->tree, fname); - - if (!torture_close_connection(cli)) { - correct = False; - } - - printf("unlink test finished\n"); - - return correct; -} - - /* test the timing of deferred open requests */ @@ -2415,7 +2362,7 @@ static struct { {"BASE-LOCK5", torture_locktest5, 0}, {"BASE-LOCK6", torture_locktest6, 0}, {"BASE-LOCK7", torture_locktest7, 0}, - {"BASE-UNLINK", run_unlinktest, 0}, + {"BASE-UNLINK", torture_unlinktest, 0}, {"BASE-ATTR", run_attrtest, 0}, {"BASE-TRANS2", run_trans2test, 0}, {"BASE-NEGNOWAIT", run_negprot_nowait, 0},