mirror of
https://github.com/samba-team/samba.git
synced 2025-01-26 10:04:02 +03:00
ad06a8bd65
- the process module subsystem should not know about smb_server.h - the smb_server module should not know about process models metze (This used to be commit bac95bb8f4ad35a31ee666f5916ff9b2f292d964)
548 lines
13 KiB
C
548 lines
13 KiB
C
/*
|
|
Unix SMB/CIFS implementation.
|
|
|
|
Copyright (C) Andrew Tridgell 2004
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 2 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
*/
|
|
|
|
/*
|
|
this is the open files database. It implements shared storage of
|
|
what files are open between server instances, and implements the rules
|
|
of shared access to files.
|
|
|
|
The caller needs to provide a file_key, which specifies what file
|
|
they are talking about. This needs to be a unique key across all
|
|
filesystems, and is usually implemented in terms of a device/inode
|
|
pair.
|
|
|
|
Before any operations can be performed the caller needs to establish
|
|
a lock on the record associated with file_key. That is done by
|
|
calling odb_lock(). The caller releases this lock by calling
|
|
talloc_free() on the returned handle.
|
|
|
|
All other operations on a record are done by passing the odb_lock()
|
|
handle back to this module. The handle contains internal
|
|
information about what file_key is being operated on.
|
|
*/
|
|
|
|
#include "includes.h"
|
|
#include "system/filesys.h"
|
|
#include "lib/tdb/include/tdb.h"
|
|
#include "messaging/messaging.h"
|
|
#include "librpc/gen_ndr/ndr_security.h"
|
|
#include "db_wrap.h"
|
|
#include "lib/messaging/irpc.h"
|
|
#include "librpc/gen_ndr/ndr_opendb.h"
|
|
#include "smb.h"
|
|
|
|
struct odb_context {
|
|
struct tdb_wrap *w;
|
|
uint32_t server;
|
|
struct messaging_context *messaging_ctx;
|
|
};
|
|
|
|
/*
|
|
an odb lock handle. You must obtain one of these using odb_lock() before doing
|
|
any other operations.
|
|
*/
|
|
struct odb_lock {
|
|
struct odb_context *odb;
|
|
TDB_DATA key;
|
|
};
|
|
|
|
/*
|
|
Open up the openfiles.tdb database. Close it down using
|
|
talloc_free(). We need the messaging_ctx to allow for pending open
|
|
notifications.
|
|
*/
|
|
struct odb_context *odb_init(TALLOC_CTX *mem_ctx, uint32_t server,
|
|
struct messaging_context *messaging_ctx)
|
|
{
|
|
char *path;
|
|
struct odb_context *odb;
|
|
|
|
odb = talloc(mem_ctx, struct odb_context);
|
|
if (odb == NULL) {
|
|
return NULL;
|
|
}
|
|
|
|
path = smbd_tmp_path(odb, "openfiles.tdb");
|
|
odb->w = tdb_wrap_open(odb, path, 0,
|
|
TDB_DEFAULT,
|
|
O_RDWR|O_CREAT, 0600);
|
|
talloc_free(path);
|
|
if (odb->w == NULL) {
|
|
talloc_free(odb);
|
|
return NULL;
|
|
}
|
|
|
|
odb->server = server;
|
|
odb->messaging_ctx = messaging_ctx;
|
|
|
|
return odb;
|
|
}
|
|
|
|
/*
|
|
destroy a lock on the database
|
|
*/
|
|
static int odb_lock_destructor(void *ptr)
|
|
{
|
|
struct odb_lock *lck = ptr;
|
|
tdb_chainunlock(lck->odb->w->tdb, lck->key);
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
get a lock on a entry in the odb. This call returns a lock handle,
|
|
which the caller should unlock using talloc_free().
|
|
*/
|
|
struct odb_lock *odb_lock(TALLOC_CTX *mem_ctx,
|
|
struct odb_context *odb, DATA_BLOB *file_key)
|
|
{
|
|
struct odb_lock *lck;
|
|
|
|
lck = talloc(mem_ctx, struct odb_lock);
|
|
if (lck == NULL) {
|
|
return NULL;
|
|
}
|
|
|
|
lck->odb = talloc_reference(lck, odb);
|
|
lck->key.dptr = talloc_memdup(lck, file_key->data, file_key->length);
|
|
lck->key.dsize = file_key->length;
|
|
if (lck->key.dptr == NULL) {
|
|
talloc_free(lck);
|
|
return NULL;
|
|
}
|
|
|
|
if (tdb_chainlock(odb->w->tdb, lck->key) != 0) {
|
|
talloc_free(lck);
|
|
return NULL;
|
|
}
|
|
|
|
talloc_set_destructor(lck, odb_lock_destructor);
|
|
|
|
return lck;
|
|
}
|
|
|
|
/*
|
|
determine if two odb_entry structures conflict
|
|
|
|
return NT_STATUS_OK on no conflict
|
|
*/
|
|
static NTSTATUS share_conflict(struct opendb_entry *e1, struct opendb_entry *e2)
|
|
{
|
|
/* if either open involves no read.write or delete access then
|
|
it can't conflict */
|
|
if (!(e1->access_mask & (SEC_FILE_WRITE_DATA |
|
|
SEC_FILE_APPEND_DATA |
|
|
SEC_FILE_READ_DATA |
|
|
SEC_FILE_EXECUTE |
|
|
SEC_STD_DELETE))) {
|
|
return NT_STATUS_OK;
|
|
}
|
|
if (!(e2->access_mask & (SEC_FILE_WRITE_DATA |
|
|
SEC_FILE_APPEND_DATA |
|
|
SEC_FILE_READ_DATA |
|
|
SEC_FILE_EXECUTE |
|
|
SEC_STD_DELETE))) {
|
|
return NT_STATUS_OK;
|
|
}
|
|
|
|
/* data IO access masks. This is skipped if the two open handles
|
|
are on different streams (as in that case the masks don't
|
|
interact) */
|
|
if (e1->stream_id != e2->stream_id) {
|
|
return NT_STATUS_OK;
|
|
}
|
|
|
|
#define CHECK_MASK(am, right, sa, share) \
|
|
if (((am) & (right)) && !((sa) & (share))) return NT_STATUS_SHARING_VIOLATION
|
|
|
|
CHECK_MASK(e1->access_mask, SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA,
|
|
e2->share_access, NTCREATEX_SHARE_ACCESS_WRITE);
|
|
CHECK_MASK(e2->access_mask, SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA,
|
|
e1->share_access, NTCREATEX_SHARE_ACCESS_WRITE);
|
|
|
|
CHECK_MASK(e1->access_mask, SEC_FILE_READ_DATA | SEC_FILE_EXECUTE,
|
|
e2->share_access, NTCREATEX_SHARE_ACCESS_READ);
|
|
CHECK_MASK(e2->access_mask, SEC_FILE_READ_DATA | SEC_FILE_EXECUTE,
|
|
e1->share_access, NTCREATEX_SHARE_ACCESS_READ);
|
|
|
|
CHECK_MASK(e1->access_mask, SEC_STD_DELETE,
|
|
e2->share_access, NTCREATEX_SHARE_ACCESS_DELETE);
|
|
CHECK_MASK(e2->access_mask, SEC_STD_DELETE,
|
|
e1->share_access, NTCREATEX_SHARE_ACCESS_DELETE);
|
|
|
|
return NT_STATUS_OK;
|
|
}
|
|
|
|
/*
|
|
pull a record, translating from the db format to the opendb_file structure defined
|
|
in opendb.idl
|
|
*/
|
|
static NTSTATUS odb_pull_record(struct odb_lock *lck, struct opendb_file *file)
|
|
{
|
|
struct odb_context *odb = lck->odb;
|
|
TDB_DATA dbuf;
|
|
DATA_BLOB blob;
|
|
NTSTATUS status;
|
|
|
|
dbuf = tdb_fetch(odb->w->tdb, lck->key);
|
|
if (dbuf.dptr == NULL) {
|
|
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
|
|
}
|
|
|
|
blob.data = dbuf.dptr;
|
|
blob.length = dbuf.dsize;
|
|
|
|
status = ndr_pull_struct_blob(&blob, lck, file, (ndr_pull_flags_fn_t)ndr_pull_opendb_file);
|
|
|
|
free(dbuf.dptr);
|
|
|
|
return status;
|
|
}
|
|
|
|
/*
|
|
push a record, translating from the opendb_file structure defined in opendb.idl
|
|
*/
|
|
static NTSTATUS odb_push_record(struct odb_lock *lck, struct opendb_file *file)
|
|
{
|
|
struct odb_context *odb = lck->odb;
|
|
TDB_DATA dbuf;
|
|
DATA_BLOB blob;
|
|
NTSTATUS status;
|
|
int ret;
|
|
|
|
if (file->num_entries == 0) {
|
|
ret = tdb_delete(odb->w->tdb, lck->key);
|
|
if (ret != 0) {
|
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
|
}
|
|
return NT_STATUS_OK;
|
|
}
|
|
|
|
status = ndr_push_struct_blob(&blob, lck, file, (ndr_push_flags_fn_t)ndr_push_opendb_file);
|
|
NT_STATUS_NOT_OK_RETURN(status);
|
|
|
|
dbuf.dptr = blob.data;
|
|
dbuf.dsize = blob.length;
|
|
|
|
ret = tdb_store(odb->w->tdb, lck->key, dbuf, TDB_REPLACE);
|
|
data_blob_free(&blob);
|
|
if (ret != 0) {
|
|
return NT_STATUS_INTERNAL_DB_CORRUPTION;
|
|
}
|
|
|
|
return NT_STATUS_OK;
|
|
}
|
|
|
|
|
|
/*
|
|
register an open file in the open files database. This implements the share_access
|
|
rules
|
|
|
|
Note that the path is only used by the delete on close logic, not
|
|
for comparing with other filenames
|
|
*/
|
|
NTSTATUS odb_open_file(struct odb_lock *lck, void *file_handle,
|
|
uint32_t stream_id, uint32_t share_access,
|
|
uint32_t access_mask, BOOL delete_on_close,
|
|
const char *path)
|
|
{
|
|
struct odb_context *odb = lck->odb;
|
|
struct opendb_entry e;
|
|
int i;
|
|
struct opendb_file file;
|
|
NTSTATUS status;
|
|
|
|
status = odb_pull_record(lck, &file);
|
|
if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
|
|
/* initialise a blank structure */
|
|
ZERO_STRUCT(file);
|
|
file.path = path;
|
|
} else {
|
|
NT_STATUS_NOT_OK_RETURN(status);
|
|
}
|
|
|
|
|
|
if (file.delete_on_close ||
|
|
(file.num_entries != 0 && delete_on_close)) {
|
|
/* while delete on close is set, no new opens are allowed */
|
|
return NT_STATUS_DELETE_PENDING;
|
|
}
|
|
|
|
/* see if it conflicts */
|
|
e.server = odb->server;
|
|
e.file_handle = file_handle;
|
|
e.stream_id = stream_id;
|
|
e.share_access = share_access;
|
|
e.access_mask = access_mask;
|
|
e.delete_on_close = delete_on_close;
|
|
|
|
for (i=0;i<file.num_entries;i++) {
|
|
status = share_conflict(&file.entries[i], &e);
|
|
NT_STATUS_NOT_OK_RETURN(status);
|
|
}
|
|
|
|
/* it doesn't, so add it to the end */
|
|
file.entries = talloc_realloc(lck, file.entries, struct opendb_entry,
|
|
file.num_entries+1);
|
|
NT_STATUS_HAVE_NO_MEMORY(file.entries);
|
|
|
|
file.entries[file.num_entries] = e;
|
|
file.num_entries++;
|
|
|
|
return odb_push_record(lck, &file);
|
|
}
|
|
|
|
|
|
/*
|
|
register a pending open file in the open files database
|
|
*/
|
|
NTSTATUS odb_open_file_pending(struct odb_lock *lck, void *private)
|
|
{
|
|
struct odb_context *odb = lck->odb;
|
|
struct opendb_file file;
|
|
NTSTATUS status;
|
|
|
|
status = odb_pull_record(lck, &file);
|
|
NT_STATUS_NOT_OK_RETURN(status);
|
|
|
|
file.pending = talloc_realloc(lck, file.pending, struct opendb_pending,
|
|
file.num_pending+1);
|
|
NT_STATUS_HAVE_NO_MEMORY(file.pending);
|
|
|
|
file.pending[file.num_pending].server = odb->server;
|
|
file.pending[file.num_pending].notify_ptr = private;
|
|
|
|
file.num_pending++;
|
|
|
|
return odb_push_record(lck, &file);
|
|
}
|
|
|
|
|
|
/*
|
|
remove a opendb entry
|
|
*/
|
|
NTSTATUS odb_close_file(struct odb_lock *lck, void *file_handle)
|
|
{
|
|
struct odb_context *odb = lck->odb;
|
|
struct opendb_file file;
|
|
int i;
|
|
NTSTATUS status;
|
|
|
|
status = odb_pull_record(lck, &file);
|
|
NT_STATUS_NOT_OK_RETURN(status);
|
|
|
|
/* find the entry, and delete it */
|
|
for (i=0;i<file.num_entries;i++) {
|
|
if (file_handle == file.entries[i].file_handle &&
|
|
odb->server == file.entries[i].server) {
|
|
if (file.entries[i].delete_on_close) {
|
|
file.delete_on_close = True;
|
|
}
|
|
if (i < file.num_entries-1) {
|
|
memmove(file.entries+i, file.entries+i+1,
|
|
(file.num_entries - (i+1)) *
|
|
sizeof(struct opendb_entry));
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (i == file.num_entries) {
|
|
return NT_STATUS_UNSUCCESSFUL;
|
|
}
|
|
|
|
/* send any pending notifications, removing them once sent */
|
|
for (i=0;i<file.num_pending;i++) {
|
|
messaging_send_ptr(odb->messaging_ctx, file.pending[i].server,
|
|
MSG_PVFS_RETRY_OPEN,
|
|
file.pending[i].notify_ptr);
|
|
}
|
|
file.num_pending = 0;
|
|
|
|
file.num_entries--;
|
|
|
|
return odb_push_record(lck, &file);
|
|
}
|
|
|
|
|
|
/*
|
|
remove a pending opendb entry
|
|
*/
|
|
NTSTATUS odb_remove_pending(struct odb_lock *lck, void *private)
|
|
{
|
|
struct odb_context *odb = lck->odb;
|
|
int i;
|
|
NTSTATUS status;
|
|
struct opendb_file file;
|
|
|
|
status = odb_pull_record(lck, &file);
|
|
NT_STATUS_NOT_OK_RETURN(status);
|
|
|
|
/* find the entry, and delete it */
|
|
for (i=0;i<file.num_pending;i++) {
|
|
if (private == file.pending[i].notify_ptr &&
|
|
odb->server == file.pending[i].server) {
|
|
if (i < file.num_pending-1) {
|
|
memmove(file.pending+i, file.pending+i+1,
|
|
(file.num_pending - (i+1)) *
|
|
sizeof(struct opendb_pending));
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (i == file.num_pending) {
|
|
return NT_STATUS_UNSUCCESSFUL;
|
|
}
|
|
|
|
file.num_pending--;
|
|
|
|
return odb_push_record(lck, &file);
|
|
}
|
|
|
|
|
|
/*
|
|
rename the path in a open file
|
|
*/
|
|
NTSTATUS odb_rename(struct odb_lock *lck, const char *path)
|
|
{
|
|
struct opendb_file file;
|
|
NTSTATUS status;
|
|
|
|
status = odb_pull_record(lck, &file);
|
|
if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_NOT_FOUND, status)) {
|
|
/* not having the record at all is OK */
|
|
return NT_STATUS_OK;
|
|
}
|
|
NT_STATUS_NOT_OK_RETURN(status);
|
|
|
|
file.path = path;
|
|
return odb_push_record(lck, &file);
|
|
}
|
|
|
|
/*
|
|
update delete on close flag on an open file
|
|
*/
|
|
NTSTATUS odb_set_delete_on_close(struct odb_lock *lck, BOOL del_on_close)
|
|
{
|
|
NTSTATUS status;
|
|
struct opendb_file file;
|
|
|
|
status = odb_pull_record(lck, &file);
|
|
NT_STATUS_NOT_OK_RETURN(status);
|
|
|
|
file.delete_on_close = del_on_close;
|
|
|
|
return odb_push_record(lck, &file);
|
|
}
|
|
|
|
/*
|
|
return the current value of the delete_on_close bit, and how many
|
|
people still have the file open
|
|
*/
|
|
NTSTATUS odb_get_delete_on_close(struct odb_context *odb,
|
|
DATA_BLOB *key, BOOL *del_on_close,
|
|
int *open_count, char **path)
|
|
{
|
|
NTSTATUS status;
|
|
struct opendb_file file;
|
|
struct odb_lock *lck;
|
|
|
|
lck = odb_lock(odb, odb, key);
|
|
NT_STATUS_HAVE_NO_MEMORY(lck);
|
|
|
|
status = odb_pull_record(lck, &file);
|
|
if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_NOT_FOUND, status)) {
|
|
talloc_free(lck);
|
|
(*del_on_close) = False;
|
|
return NT_STATUS_OK;
|
|
}
|
|
if (!NT_STATUS_IS_OK(status)) {
|
|
talloc_free(lck);
|
|
return status;
|
|
}
|
|
|
|
(*del_on_close) = file.delete_on_close;
|
|
if (open_count != NULL) {
|
|
(*open_count) = file.num_entries;
|
|
}
|
|
if (path != NULL) {
|
|
*path = talloc_strdup(odb, file.path);
|
|
NT_STATUS_HAVE_NO_MEMORY(*path);
|
|
if (file.num_entries == 1 && file.entries[0].delete_on_close) {
|
|
(*del_on_close) = True;
|
|
}
|
|
}
|
|
|
|
talloc_free(lck);
|
|
|
|
return NT_STATUS_OK;
|
|
}
|
|
|
|
|
|
/*
|
|
determine if a file can be opened with the given share_access,
|
|
create_options and access_mask
|
|
*/
|
|
NTSTATUS odb_can_open(struct odb_lock *lck,
|
|
uint32_t share_access, uint32_t create_options,
|
|
uint32_t access_mask)
|
|
{
|
|
struct odb_context *odb = lck->odb;
|
|
NTSTATUS status;
|
|
struct opendb_file file;
|
|
struct opendb_entry e;
|
|
int i;
|
|
|
|
status = odb_pull_record(lck, &file);
|
|
if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
|
|
return NT_STATUS_OK;
|
|
}
|
|
NT_STATUS_NOT_OK_RETURN(status);
|
|
|
|
if ((create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) &&
|
|
file.num_entries != 0) {
|
|
return NT_STATUS_SHARING_VIOLATION;
|
|
}
|
|
|
|
if (file.delete_on_close) {
|
|
return NT_STATUS_DELETE_PENDING;
|
|
}
|
|
|
|
e.server = odb->server;
|
|
e.file_handle = NULL;
|
|
e.stream_id = 0;
|
|
e.share_access = share_access;
|
|
e.access_mask = access_mask;
|
|
|
|
for (i=0;i<file.num_entries;i++) {
|
|
status = share_conflict(&file.entries[i], &e);
|
|
if (!NT_STATUS_IS_OK(status)) {
|
|
/* note that we discard the error code
|
|
here. We do this as unless we are actually
|
|
doing an open (which comes via a sdifferent
|
|
function), we need to return a sharing
|
|
violation */
|
|
return NT_STATUS_SHARING_VIOLATION;
|
|
}
|
|
}
|
|
|
|
return NT_STATUS_OK;
|
|
}
|