The branch, master has been updated
via 59cca4c5d69 WHATSNEW.txt: change "mangled names" default to
"illegal"
via bf5d5fd17c0 docs/xml: change default for "mangled names" to
"illegal"
via 5806affefdb selftest: explicitly set "mangled names = yes"
via ad385bf2ed9 WHATSNEW.txt: disable SMB1 by default!
via 3264b1f317d docs-xml: change "client min protocol" to SMB2_02
via d216db5cd54 selftest: explicitly set "client min protocol = CORE"
via 840b8501b43 docs-xml: change "server min protocol" to SMB2_02
via c163ef20f88 selftest: explicitly set "server min protocol = LANMAN1"
via 32766db2104 smbd: Move fcb_or_dos_open() out of open_file_ntcreate()
via b16f7113ebf smbd: Slightly simplify open_mode_check()
via 9c81d7ec8d0 vfs_fruit: Fix a typo
via aab429c1d97 smbd: Slightly simplify fsp_lease_update()
via cb2e6226fe6 smbd: Simplify smbd_smb2_setinfo_send()
via 81011f5ea1f smbd: Make get_relative_fid_filename() static to open.c
via 9f0820f9ef2 smbd: Make find_share_mode_entry() static to locking.c
from 6b96ae8316b auth/kerberos: clang: Fix same instances of 'Value
stored is never read'
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 59cca4c5d699be80b4ed22b40d8914787415c507
Author: Ralph Boehme <[email protected]>
Date: Mon Jul 8 15:26:02 2019 +0200
WHATSNEW.txt: change "mangled names" default to "illegal"
Signed-off-by: Ralph Boehme <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
Autobuild-User(master): Ralph Böhme <[email protected]>
Autobuild-Date(master): Mon Jul 8 17:56:50 UTC 2019 on sn-devel-184
commit bf5d5fd17c0fa577ffa9750584873ffd8ccfb1b0
Author: Ralph Boehme <[email protected]>
Date: Mon Jul 8 14:14:29 2019 +0200
docs/xml: change default for "mangled names" to "illegal"
Signed-off-by: Ralph Boehme <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit 5806affefdbec1859bb6b263b95778ad87c8c59c
Author: Ralph Boehme <[email protected]>
Date: Mon Jul 8 15:26:25 2019 +0200
selftest: explicitly set "mangled names = yes"
This is the current default and what 'make test' assumes currently.
The next commit will change the default to "illegal".
Signed-off-by: Ralph Boehme <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit ad385bf2ed9a4456def224d1fc74bdd9331f513d
Author: Stefan Metzmacher <[email protected]>
Date: Wed Jun 12 19:08:14 2019 +0200
WHATSNEW.txt: disable SMB1 by default!
Signed-off-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Ralph Boehme <[email protected]>
commit 3264b1f317d6c603cc72eb2a150fe244c47aa3ac
Author: Stefan Metzmacher <[email protected]>
Date: Thu Jun 6 14:07:13 2019 +0200
docs-xml: change "client min protocol" to SMB2_02
It's time to disable SMB1 by default...
Signed-off-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Ralph Boehme <[email protected]>
commit d216db5cd5411d1a4a62ce0b7f43b685f9cd107f
Author: Stefan Metzmacher <[email protected]>
Date: Mon Jul 8 11:31:27 2019 +0200
selftest: explicitly set "client min protocol = CORE"
This is the current default and what 'make test' assumes currently.
The next commit will change the default to disable SMB1.
Signed-off-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Ralph Boehme <[email protected]>
commit 840b8501b43695802d78726409b69afb4976166a
Author: Stefan Metzmacher <[email protected]>
Date: Thu Jun 6 14:07:13 2019 +0200
docs-xml: change "server min protocol" to SMB2_02
SMB2_02 was available with Windows Vista.
It's time to turn SMB1 off by default.
Signed-off-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Ralph Boehme <[email protected]>
commit c163ef20f887d6f7a1f3b5ef79adfccbca85cf57
Author: Stefan Metzmacher <[email protected]>
Date: Mon Jul 8 11:55:13 2019 +0200
selftest: explicitly set "server min protocol = LANMAN1"
This is the current default and what 'make test' assumes currently.
The next commit will change the default to disable SMB1.
Signed-off-by: Stefan Metzmacher <[email protected]>
Reviewed-by: Ralph Boehme <[email protected]>
commit 32766db210426d92948a7d81d923f9d669ff3ed6
Author: Volker Lendecke <[email protected]>
Date: Fri Jul 5 09:52:43 2019 +0200
smbd: Move fcb_or_dos_open() out of open_file_ntcreate()
This is SMB1-only and pre-ntcreate with only 3 callers that look at
NTCREATEX_OPTIONS_PRIVATE_DENY_[DOS|FCB]. It is a bit less efficient
if it kicks in (we have to recreate the fsp), but SMB1 is less and
less popular, and this particular share mode combination from the
open&x family of calls might not be worth optimizing for.
This adds smb1_utils.[ch] as a kitchen sink for functions that can go
away once we drop SMB1.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit b16f7113ebfe324b847f136912d24a25b983aae5
Author: Volker Lendecke <[email protected]>
Date: Thu Jul 4 13:55:41 2019 +0200
smbd: Slightly simplify open_mode_check()
If there are no share modes, we'll just not enter the loop.
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit 9c81d7ec8d0c724dbb714b05ae73175276e67473
Author: Volker Lendecke <[email protected]>
Date: Thu Jul 4 13:55:28 2019 +0200
vfs_fruit: Fix a typo
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit aab429c1d974a9526f5379ba62b38e8d51a11eb6
Author: Volker Lendecke <[email protected]>
Date: Thu Jul 4 08:48:05 2019 +0200
smbd: Slightly simplify fsp_lease_update()
We have already dereferenced fsp->lease
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit cb2e6226fe666c9dc0b1e36411341db729b19d02
Author: Volker Lendecke <[email protected]>
Date: Wed Jul 3 13:44:59 2019 +0200
smbd: Simplify smbd_smb2_setinfo_send()
Avoid an "else" branch
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit 81011f5ea1f411ddfae6af527230d480dc2bbbb4
Author: Volker Lendecke <[email protected]>
Date: Wed Jul 3 15:33:02 2019 +0200
smbd: Make get_relative_fid_filename() static to open.c
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
commit 9f0820f9ef2ba1cf5ab8f72a5826689f9453bc69
Author: Volker Lendecke <[email protected]>
Date: Wed Jul 3 11:25:41 2019 +0200
smbd: Make find_share_mode_entry() static to locking.c
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Stefan Metzmacher <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 32 ++++++
docs-xml/smbdotconf/filename/manglednames.xml | 4 +-
docs-xml/smbdotconf/protocol/clientminprotocol.xml | 8 +-
docs-xml/smbdotconf/protocol/serverminprotocol.xml | 4 +-
lib/param/loadparm.c | 6 +-
selftest/selftest.pl | 1 +
selftest/target/Samba3.pm | 4 +
selftest/target/Samba4.pm | 3 +
source3/locking/locking.c | 2 +-
source3/locking/proto.h | 2 -
source3/modules/vfs_fruit.c | 2 +-
source3/param/loadparm.c | 6 +-
source3/smbd/open.c | 114 ++-------------------
source3/smbd/oplock.c | 2 +-
source3/smbd/proto.h | 6 --
source3/smbd/reply.c | 40 +++++++-
source3/smbd/smb1_utils.c | 113 ++++++++++++++++++++
.../smb/smb2_lock.h => source3/smbd/smb1_utils.h | 23 +++--
source3/smbd/smb2_setinfo.c | 6 +-
source3/smbd/trans2.c | 21 +++-
source3/wscript_build | 1 +
21 files changed, 251 insertions(+), 149 deletions(-)
create mode 100644 source3/smbd/smb1_utils.c
copy libcli/smb/smb2_lock.h => source3/smbd/smb1_utils.h (63%)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 9fc05c91f52..1b01e74df13 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -12,6 +12,35 @@ Samba 4.11 will be the next version of the Samba suite.
UPGRADING
=========
+SMB1 is disabled by default
+---------------------------
+
+The defaults of 'client min protocol' and 'server min protocol'
+have been changed to SMB2_02.
+
+This means clients without support for SMB2 or SMB3 are no longer
+able to connect to smbd (by default).
+
+It also means client tools like smbclient and other,
+as well as applications making use of libsmbclient are no longer
+able to connect to servers without SMB2 or SMB3 support (by default).
+
+It's still possible to allow SMB1 dialects, e.g. NT1, LANMAN2
+and LANMAN1 for client and server, as well as CORE and COREPLUS on
+the client.
+
+Note that most commandline tools e.g. smbclient, smbcacls and others
+also support the --option argument to overwrite smb.conf options,
+e.g. --option='client min protocol=NT1' might be useful.
+
+As Microsoft no longer installs SMB1 support in recent releases
+or uninstalls it after 30 days without usage, the Samba Team
+tries to get remove the SMB1 usage as much as possible.
+
+SMB1 is officially deprecated and might be removed step by step
+in the following years. If you have a strong requirement for SMB1
+(except for supporting old Linux Kernels), please file a bug
+at https://bugzilla.samba.org and let us know about the details.
NEW FEATURES/CHANGES
====================
@@ -270,6 +299,9 @@ smb.conf changes
allocation roundup size Default changed/ 0
Deprecated
+ client min protocol Changed default SMB2_02
+ server min protocol Changed default SMB2_02
+ mangled names Changed default illegal
web port Removed
fruit:zero_file_id Changed default False
diff --git a/docs-xml/smbdotconf/filename/manglednames.xml
b/docs-xml/smbdotconf/filename/manglednames.xml
index 972834e561a..d6a5cf0ac15 100644
--- a/docs-xml/smbdotconf/filename/manglednames.xml
+++ b/docs-xml/smbdotconf/filename/manglednames.xml
@@ -72,6 +72,6 @@
from Windows/DOS and will retain the same basename. Mangled names
do not change between sessions.</para>
</description>
-<value type="default">yes</value>
-<value type="example">illegal</value>
+<value type="default">illegal</value>
+<value type="example">no</value>
</samba:parameter>
diff --git a/docs-xml/smbdotconf/protocol/clientminprotocol.xml
b/docs-xml/smbdotconf/protocol/clientminprotocol.xml
index fb8f87e4016..1eb07adc0c2 100644
--- a/docs-xml/smbdotconf/protocol/clientminprotocol.xml
+++ b/docs-xml/smbdotconf/protocol/clientminprotocol.xml
@@ -9,13 +9,17 @@
<para>Normally this option should not be set as the automatic
negotiation phase in the SMB protocol takes care of choosing
- the appropriate protocol.</para>
+ the appropriate protocol unless you connect to a legacy SMB1-only
server.</para>
<para>See <related>client max protocol</related> for a full list
of available protocols.</para>
<para>IPC$ connections for DCERPC e.g. in winbindd, are handled by the
<smbconfoption name="client ipc min protocol"/> option.</para>
+
+ <para>Note that most command line tools support
+ --option='client min protocol=NT1', so it may not be required to
+ enable SMB1 protocols globally in smb.conf.</para>
</description>
<related>client max protocol</related>
@@ -23,6 +27,6 @@
<related>client ipc min protocol</related>
<related>client ipc max protocol</related>
-<value type="default">CORE</value>
+<value type="default">SMB2_02</value>
<value type="example">NT1</value>
</samba:parameter>
diff --git a/docs-xml/smbdotconf/protocol/serverminprotocol.xml
b/docs-xml/smbdotconf/protocol/serverminprotocol.xml
index 4765f5b88e0..1079eb89bae 100644
--- a/docs-xml/smbdotconf/protocol/serverminprotocol.xml
+++ b/docs-xml/smbdotconf/protocol/serverminprotocol.xml
@@ -10,7 +10,7 @@
<para>Normally this option should not be set as the automatic
negotiation
phase in the SMB protocol takes care of choosing the appropriate
- protocol.</para>
+ protocol unless you have legacy clients which are SMB1 capable
only.</para>
<para>See <related>server max protocol</related> for a full list
of available protocols.</para>
@@ -18,6 +18,6 @@
<related>server max protocol</related>
-<value type="default">LANMAN1</value>
+<value type="default">SMB2_02</value>
<value type="example">NT1</value>
</samba:parameter>
diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c
index 26b61789b3f..883d4167bf4 100644
--- a/lib/param/loadparm.c
+++ b/lib/param/loadparm.c
@@ -2711,9 +2711,9 @@ struct loadparm_context *loadparm_init(TALLOC_CTX
*mem_ctx)
lpcfg_do_global_parameter(lp_ctx, "host msdfs", "true");
lpcfg_do_global_parameter(lp_ctx, "LargeReadwrite", "True");
- lpcfg_do_global_parameter(lp_ctx, "server min protocol", "LANMAN1");
+ lpcfg_do_global_parameter(lp_ctx, "server min protocol", "SMB2_02");
lpcfg_do_global_parameter(lp_ctx, "server max protocol", "SMB3");
- lpcfg_do_global_parameter(lp_ctx, "client min protocol", "CORE");
+ lpcfg_do_global_parameter(lp_ctx, "client min protocol", "SMB2_02");
lpcfg_do_global_parameter(lp_ctx, "client max protocol", "default");
lpcfg_do_global_parameter(lp_ctx, "client ipc min protocol", "default");
lpcfg_do_global_parameter(lp_ctx, "client ipc max protocol", "default");
@@ -2839,7 +2839,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX
*mem_ctx)
lpcfg_do_global_parameter(lp_ctx, "winbind nested groups", "True");
- lpcfg_do_global_parameter(lp_ctx, "mangled names", "True");
+ lpcfg_do_global_parameter(lp_ctx, "mangled names", "illegal");
lpcfg_do_global_parameter_var(lp_ctx, "smb2 max credits", "%u",
DEFAULT_SMB2_MAX_CREDITS);
diff --git a/selftest/selftest.pl b/selftest/selftest.pl
index 9e3d81801a6..5d4fcf25734 100755
--- a/selftest/selftest.pl
+++ b/selftest/selftest.pl
@@ -646,6 +646,7 @@ sub write_clientconf($$$)
ldb:nosync = true
system:anonymous = true
client lanman auth = Yes
+ client min protocol = CORE
log level = 1
torture:basedir = $clientdir
#We don't want to pass our self-tests if the PAC code is wrong
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 6ce61a8b4ed..5c327cab543 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -1661,6 +1661,9 @@ sub provision($$$$$$$$$)
panic action = cd $self->{srcdir} &&
$self->{srcdir}/selftest/gdb_backtrace %d %\$(MAKE_TEST_BINARY)
smbd:suicide mode = yes
+ client min protocol = CORE
+ server min protocol = LANMAN1
+
workgroup = $domain
private dir = $privatedir
@@ -1721,6 +1724,7 @@ sub provision($$$$$$$$$)
dos filemode = yes
strict rename = yes
strict sync = yes
+ mangled names = yes
vfs objects = acl_xattr fake_acls xattr_tdb streams_depot time_audit
full_audit
full_audit:syslog = no
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index a1676d6428f..02cdfc18bad 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -796,6 +796,9 @@ sub provision_raw_step1($$)
lanman auth = Yes
ntlm auth = Yes
rndc command = true
+ client min protocol = CORE
+ server min protocol = LANMAN1
+ mangled names = yes
dns update command = $ctx->{samba_dnsupdate}
spn update command = $ctx->{python}
$ENV{SRCDIR_ABS}/source4/scripting/bin/samba_spnupdate -s $ctx->{smb_conf}
gpo update command = $ctx->{python}
$ENV{SRCDIR_ABS}/source4/scripting/bin/samba-gpupdate -s $ctx->{smb_conf}
--target=Computer
diff --git a/source3/locking/locking.c b/source3/locking/locking.c
index e173034165c..d87a882d14f 100644
--- a/source3/locking/locking.c
+++ b/source3/locking/locking.c
@@ -834,7 +834,7 @@ bool set_share_mode(struct share_mode_lock *lck,
return true;
}
-struct share_mode_entry *find_share_mode_entry(
+static struct share_mode_entry *find_share_mode_entry(
struct share_mode_lock *lck, files_struct *fsp)
{
struct share_mode_data *d = lck->data;
diff --git a/source3/locking/proto.h b/source3/locking/proto.h
index 08d3f2c7ab8..3a086fa0516 100644
--- a/source3/locking/proto.h
+++ b/source3/locking/proto.h
@@ -162,8 +162,6 @@ bool set_share_mode(struct share_mode_lock *lck,
uint16_t op_type,
const struct GUID *client_guid,
const struct smb2_lease_key *lease_key);
-struct share_mode_entry *find_share_mode_entry(struct share_mode_lock *lck,
- files_struct *fsp);
void remove_stale_share_mode_entries(struct share_mode_data *d);
bool del_share_mode(struct share_mode_lock *lck, files_struct *fsp);
bool mark_share_mode_disconnected(struct share_mode_lock *lck,
diff --git a/source3/modules/vfs_fruit.c b/source3/modules/vfs_fruit.c
index b5b8538457e..0be7f20e9af 100644
--- a/source3/modules/vfs_fruit.c
+++ b/source3/modules/vfs_fruit.c
@@ -49,7 +49,7 @@
* streams are deferred to vfs_streams_xattr.
*
* The OS X client maps all NTFS illegal characters to the Unicode
- * private range. This module optionally stores the charcters using
+ * private range. This module optionally stores the characters using
* their native ASCII encoding using vfs_catia. If you're not enabling
* this feature, you can skip catia from vfs modules.
*
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index c2e1f341c57..a8d5fdc5954 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -201,7 +201,7 @@ static const struct loadparm_service _sDefault =
.oplocks = true,
.kernel_oplocks = false,
.level2_oplocks = true,
- .mangled_names = MANGLED_NAMES_YES,
+ .mangled_names = MANGLED_NAMES_ILLEGAL,
.wide_links = false,
.follow_symlinks = true,
.sync_always = false,
@@ -646,9 +646,9 @@ static void init_globals(struct loadparm_context *lp_ctx,
bool reinit_globals)
Globals.max_log_size = 5000;
Globals.max_open_files = max_open_files();
Globals.server_max_protocol = PROTOCOL_SMB3_11;
- Globals.server_min_protocol = PROTOCOL_LANMAN1;
+ Globals.server_min_protocol = PROTOCOL_SMB2_02;
Globals._client_max_protocol = PROTOCOL_DEFAULT;
- Globals.client_min_protocol = PROTOCOL_CORE;
+ Globals.client_min_protocol = PROTOCOL_SMB2_02;
Globals._client_ipc_max_protocol = PROTOCOL_DEFAULT;
Globals._client_ipc_min_protocol = PROTOCOL_DEFAULT;
Globals._security = SEC_AUTO;
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index c15e8f67d90..2ee4a2c4fca 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -21,6 +21,7 @@
*/
#include "includes.h"
+#include "smb1_utils.h"
#include "system/filesys.h"
#include "lib/util/server_id.h"
#include "printing.h"
@@ -1644,10 +1645,6 @@ static NTSTATUS open_mode_check(connection_struct *conn,
{
uint32_t i;
- if(lck->data->num_share_modes == 0) {
- return NT_STATUS_OK;
- }
-
if (is_stat_open(access_mask)) {
/* Stat open that doesn't trigger oplock breaks or share mode
* checks... ! JRA. */
@@ -2612,69 +2609,6 @@ static bool open_match_attributes(connection_struct
*conn,
return True;
}
-/****************************************************************************
- Special FCB or DOS processing in the case of a sharing violation.
- Try and find a duplicated file handle.
-****************************************************************************/
-
-static NTSTATUS fcb_or_dos_open(struct smb_request *req,
- connection_struct *conn,
- files_struct *fsp_to_dup_into,
- const struct smb_filename *smb_fname,
- struct file_id id,
- uint16_t file_pid,
- uint64_t vuid,
- uint32_t access_mask,
- uint32_t share_access,
- uint32_t create_options)
-{
- files_struct *fsp;
-
- DEBUG(5,("fcb_or_dos_open: attempting old open semantics for "
- "file %s.\n", smb_fname_str_dbg(smb_fname)));
-
- for(fsp = file_find_di_first(conn->sconn, id); fsp;
- fsp = file_find_di_next(fsp)) {
-
- DEBUG(10,("fcb_or_dos_open: checking file %s, fd = %d, "
- "vuid = %llu, file_pid = %u, private_options = 0x%x "
- "access_mask = 0x%x\n", fsp_str_dbg(fsp),
- fsp->fh->fd, (unsigned long long)fsp->vuid,
- (unsigned int)fsp->file_pid,
- (unsigned int)fsp->fh->private_options,
- (unsigned int)fsp->access_mask ));
-
- if (fsp != fsp_to_dup_into &&
- fsp->fh->fd != -1 &&
- fsp->vuid == vuid &&
- fsp->file_pid == file_pid &&
- (fsp->fh->private_options &
(NTCREATEX_OPTIONS_PRIVATE_DENY_DOS |
-
NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) &&
- (fsp->access_mask & FILE_WRITE_DATA) &&
- strequal(fsp->fsp_name->base_name, smb_fname->base_name) &&
- strequal(fsp->fsp_name->stream_name,
- smb_fname->stream_name)) {
- DEBUG(10,("fcb_or_dos_open: file match\n"));
- break;
- }
- }
-
- if (!fsp) {
- return NT_STATUS_NOT_FOUND;
- }
-
- /* quite an insane set of semantics ... */
- if (is_executable(smb_fname->base_name) &&
- (fsp->fh->private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS)) {
- DEBUG(10,("fcb_or_dos_open: file fail due to
is_executable.\n"));
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- /* We need to duplicate this fsp. */
- return dup_file_fsp(req, fsp, access_mask, share_access,
- create_options, fsp_to_dup_into);
-}
-
static void schedule_defer_open(struct share_mode_lock *lck,
struct file_id id,
struct timeval request_time,
@@ -3551,41 +3485,6 @@ static NTSTATUS open_file_ntcreate(connection_struct
*conn,
SMB_ASSERT(NT_STATUS_EQUAL(status,
NT_STATUS_SHARING_VIOLATION));
- /* Check if this can be done with the deny_dos and fcb
- * calls. */
- if (private_flags &
- (NTCREATEX_OPTIONS_PRIVATE_DENY_DOS|
- NTCREATEX_OPTIONS_PRIVATE_DENY_FCB)) {
- if (req == NULL) {
- DEBUG(0, ("DOS open without an SMB "
- "request!\n"));
- TALLOC_FREE(lck);
- fd_close(fsp);
- return NT_STATUS_INTERNAL_ERROR;
- }
-
- /* Use the client requested access mask here,
- * not the one we open with. */
- status = fcb_or_dos_open(req,
- conn,
- fsp,
- smb_fname,
- id,
- req->smbpid,
- req->vuid,
- access_mask,
- share_access,
- create_options);
-
- if (NT_STATUS_IS_OK(status)) {
- TALLOC_FREE(lck);
- if (pinfo) {
- *pinfo = FILE_WAS_OPENED;
- }
- return NT_STATUS_OK;
- }
- }
-
/*
* This next line is a subtlety we need for
* MS-Access. If a file open will fail due to share
@@ -5532,11 +5431,12 @@ static NTSTATUS create_file_unixpath(connection_struct
*conn,
/*
* Calculate the full path name given a relative fid.
*/
-NTSTATUS get_relative_fid_filename(connection_struct *conn,
- struct smb_request *req,
- uint16_t root_dir_fid,
- const struct smb_filename *smb_fname,
- struct smb_filename **smb_fname_out)
+static NTSTATUS get_relative_fid_filename(
+ connection_struct *conn,
+ struct smb_request *req,
+ uint16_t root_dir_fid,
+ const struct smb_filename *smb_fname,
+ struct smb_filename **smb_fname_out)
{
files_struct *dir_fsp;
char *parent_fname = NULL;
diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c
index e1329094d0f..fe88adc9806 100644
--- a/source3/smbd/oplock.c
+++ b/source3/smbd/oplock.c
@@ -351,7 +351,7 @@ bool fsp_lease_update(struct files_struct *fsp)
NTSTATUS status;
status = leases_db_get(client_guid,
- &fsp->lease->lease.lease_key,
+ &lease->lease.lease_key,
&fsp->file_id,
¤t_state,
&breaking,
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 076702feca5..37eeb9f31ca 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -715,12 +715,6 @@ NTSTATUS create_file_default(connection_struct *conn,
const struct smb2_create_blobs *in_context_blobs,
struct smb2_create_blobs *out_context_blobs);
-NTSTATUS get_relative_fid_filename(connection_struct *conn,
- struct smb_request *req,
- uint16_t root_dir_fid,
- const struct smb_filename *smb_fname,
- struct smb_filename **smb_fname_out);
-
/* The following definitions come from smbd/oplock.c */
uint32_t get_lease_type(const struct share_mode_data *d,
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 87729b23a83..2622681a2da 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -45,6 +45,7 @@
#include "libcli/smb/smb_signing.h"
#include "lib/util/sys_rw_data.h"
#include "librpc/gen_ndr/open_files.h"
+#include "smb1_utils.h"
/****************************************************************************
Ensure we check the path in *exactly* the same way as W2K for a
findfirst/findnext
@@ -2219,8 +2220,23 @@ void reply_open(struct smb_request *req)
/* We have re-scheduled this call. */
goto out;
}
- reply_openerror(req, status);
- goto out;
+
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)) {
+ reply_openerror(req, status);
+ goto out;
+ }
+
+ fsp = fcb_or_dos_open(
+ req,
+ smb_fname,
+ access_mask,
+ share_mode,
+ create_options,
+ private_flags);
+ if (fsp == NULL) {
+ reply_openerror(req, status);
+ goto out;
+ }
}
/* Ensure we're pointing at the correct stat struct. */
@@ -2392,8 +2408,24 @@ void reply_open_and_X(struct smb_request *req)
/* We have re-scheduled this call. */
goto out;
}
- reply_openerror(req, status);
- goto out;
+
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)) {
+ reply_openerror(req, status);
+ goto out;
+ }
+
+ fsp = fcb_or_dos_open(
+ req,
+ smb_fname,
+ access_mask,
+ share_mode,
+ create_options,
+ private_flags);
+ if (fsp == NULL) {
+ reply_openerror(req, status);
+ goto out;
+ }
+ smb_action = FILE_WAS_OPENED;
}
/* Setting the "size" field in vwv9 and vwv10 causes the file to be set
to this size,
--
Samba Shared Repository
