smb_delete.c revision c8ec8eea9849cac239663c46be8a7f5d2ba7ca00
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "@(#)smb_delete.c 1.10 08/08/07 SMI"
#include <smbsrv/smb_incl.h>
#include <smbsrv/smb_fsops.h>
/*
* smb_com_delete
*
* The delete file message is sent to delete a data file. The appropriate
* Tid and additional pathname are passed. Read only files may not be
* deleted, the read-only attribute must be reset prior to file deletion.
*
* NT supports a hidden permission known as File Delete Child (FDC). If
* the user has FullControl access to a directory, the user is permitted
* to delete any object in the directory regardless of the permissions
* on the object.
*
* Client Request Description
* ================================== =================================
* UCHAR WordCount; Count of parameter words = 1
* USHORT SearchAttributes;
* USHORT ByteCount; Count of data bytes; min = 2
* UCHAR BufferFormat; 0x04
* STRING FileName[]; File name
*
* Multiple files may be deleted in response to a single request as
* SMB_COM_DELETE supports wildcards
*
* SearchAttributes indicates the attributes that the target file(s) must
* have. If the attribute is zero then only normal files are deleted. If
* the system file or hidden attributes are specified then the delete is
* inclusive -both the specified type(s) of files and normal files are
* deleted. Attributes are described in the "Attribute Encoding" section
* of this document.
*
* If bit0 of the Flags2 field of the SMB header is set, a pattern is
* passed in, and the file has a long name, then the passed pattern much
* match the long file name for the delete to succeed. If bit0 is clear, a
* pattern is passed in, and the file has a long name, then the passed
* pattern must match the file's short name for the deletion to succeed.
*
* Server Response Description
* ================================== =================================
* UCHAR WordCount; Count of parameter words = 0
* USHORT ByteCount; Count of data bytes = 0
*
* 4.2.10.1 Errors
*
* ERRDOS/ERRbadshare # returned by NT for files that are already open
*/
{
int rc;
}
void
{
}
/*
* smb_com_delete
*
* readonly
* If a readonly entry is matched the search aborts with status
* NT_STATUS_CANNOT_DELETE. Entries found prior to the readonly
* entry will have been deleted.
*
* directories:
* smb_com_delete does not delete directories:
* A non-wildcard delete that finds a directory should result in
* NT_STATUS_FILE_IS_A_DIRECTORY.
* A wildcard delete that finds a directory will either:
* - abort with status NT_STATUS_FILE_IS_A_DIRECTORY, if
* FILE_ATTRIBUTE_DIRECTORY is specified in the search attributes, or
* - skip that entry, if FILE_ATTRIBUTE_DIRECTORY is NOT specified
* in the search attributes
* Entries found prior to the directory entry will have been deleted.
*
* search attribute not matched
* If an entry is found but it is either hidden or system and those
* attributes are not specified in the search attributes:
* - if deleting a single file, status NT_STATUS_NO_SUCH_FILE
* - if wildcard delete, skip the entry and continue
*
* path not found
* If smb_rdir_open cannot find the specified path, the error code
* is set to NT_STATUS_OBJECT_PATH_NOT_FOUND. If there are wildcards
* in the last_component, NT_STATUS_OBJECT_NAME_NOT_FOUND should be set
* instead.
*
* smb_delete_check_path() - checks dot, bad path syntax, wildcards in path
*/
{
int rc;
int deleted = 0;
unsigned short sattr;
return (SDRC_ERROR);
/*
* specify all search attributes so that delete-specific
* search attribute handling can be performed
*/
/*
* If there are wildcards in the last_component,
* NT_STATUS_OBJECT_NAME_NOT_FOUND
* should be used in place of NT_STATUS_OBJECT_PATH_NOT_FOUND
*/
}
return (SDRC_ERROR);
}
/*
* This while loop is meant to deal with wildcards.
* It is not expected that wildcards will exist for
* streams. For the streams case, it is expected
* that the below loop will be executed only once.
*/
/* check directory */
goto delete_error;
} else {
break;
else
continue;
}
}
/* check readonly */
goto delete_error;
}
/* check search attributes */
goto delete_error;
} else {
continue;
}
}
/*
* NT does not always close a file immediately, which
* can cause the share and access checking to fail
* (the node refcnt is greater than one), and the file
* doesn't get deleted. Breaking the oplock before
* share and access checking gives the client a chance
* to close the file.
*/
goto delete_error;
}
/*
* Use node->od_name so as to skip mangle checks and
* stream processing (which have already been done in
* smb_rdir_next()).
* Use node->dir_snode to obtain the correct parent node
* (especially for streams).
*/
if (rc != 0) {
goto delete_error;
}
} else {
deleted++;
}
}
goto delete_error;
}
if (deleted == 0) {
else
goto delete_error;
}
return (SDRC_ERROR);
}
/*
* smb_delete_check_path
*
* Perform initial validation on the pathname and last_component.
*
* dot:
* A filename of '.' should result in NT_STATUS_OBJECT_NAME_INVALID
* Any wildcard filename that resolves to '.' should result in
* NT_STATUS_OBJECT_NAME_INVALID if the search attributes include
* FILE_ATTRIBUTE_DIRECTORY, otherwise handled as directory (see above).
*
* bad path syntax:
* On unix .. at the root of a file system links to the root. Thus
* an attempt to lookup "/../../.." will be the same as looking up "/"
* CIFs clients expect the above to result in
* NT_STATUS_OBJECT_PATH_SYNTAX_BAD. It is currently not possible
* (and questionable if it's desirable) to deal with all cases
* but paths beginning with \\.. are handled. See bad_paths[].
* Cases like "\\dir\\..\\.." will still result in "\\" which is
* contrary to windows behavior.
*
* wildcards in path:
* Wildcards in the path (excluding the last_component) should result
* in NT_STATUS_OBJECT_NAME_INVALID.
*
* Returns:
* B_TRUE: path is valid. Sets *wildcard to TRUE if wildcard delete
* i.e. if wildcards in last component
* B_FALSE: path is invalid. Sets error information in sr.
*/
static boolean_t
{
char *p, *last_component;
int i, wildcards;
struct {
char *name;
int len;
{"\\..\0", 4},
{"\\..\\", 4},
{"..\0", 3},
{"..\\", 3}
};
/* find last component, strip trailing '\\' */
while (*p == '\\') {
*p = '\0';
--p;
}
} else {
last_component = ++p;
/*
* Any wildcards in path (excluding last_component) should
* result in NT_STATUS_OBJECT_NAME_INVALID
*/
!= wildcards) {
return (B_FALSE);
}
}
/*
* path above the mount point => NT_STATUS_OBJECT_PATH_SYNTAX_BAD
* This test doesn't cover all cases: e.g. \dir\..\..
*/
return (B_FALSE);
}
}
/*
* Any file pattern that resolves to '.' is considered invalid.
* In the wildcard case, only an error if FILE_ATTRIBUTE_DIRECTORY
* is specified in search attributes, otherwise skipped (below)
*/
return (B_FALSE);
}
return (B_TRUE);
}
/*
* For consistency with Windows 2000, the range check should be done
* after checking for sharing violations. Attempting to delete a
* locked file will result in sharing violation, which is the same
* thing that will happen if you try to delete a non-locked open file.
*
* Note that windows 2000 rejects lock requests on open files that
* have been opened with metadata open modes. The error is
* STATUS_ACCESS_DENIED.
*/
static uint32_t
{
if (status == NT_STATUS_SHARING_VIOLATION) {
return (status);
}
if (status != NT_STATUS_SUCCESS) {
}
return (status);
}